On Wed, Dec 4, 2013 at 5:46 AM, Ralph Versteegen <[email protected]> wrote:
> On 4 December 2013 19:20, Keith Gable <[email protected]> wrote: > > You should use the Play APIs for anything related to in app purchases. > Best > > practice is usually to check they're authorized every time they're > connected > > when they start the app. > > Why? In case they purchase it from another device? Or to prevent > config file editing? > I am of the opinion that making it work across devices is the most important reason. Especially in the case where you upgrade your phone, or replace a broken device. > > You can store anything on the storage card and it will persist. Only the > app > > folder (/data/data/com.you.game usually) gets deleted on uninstall. > > So here by storage card you mean just completely unorganised storage? > > I wanted some form of private storage, since that seemed sensible for > storing purchase data. But if we're not worried about someone plugging > their phone into their computer and simply opening and editing the > relevant file with RELOADSpy (or possibly uploading it), then well > obvious we're not worried about anything. > Yeah, giving yourself bogus purchases by editing persist.reld would be relatively easy, but fortunately I could not possibly care less :) I am making the purchase cache nodes as simple as possible, and don't plan to attempt any kind of obfuscation. --- James
_______________________________________________ Ohrrpgce mailing list [email protected] http://lists.motherhamster.org/listinfo.cgi/ohrrpgce-motherhamster.org
