Lee Harr <missive <at> hotmail.com> writes: > Now my question is how do you keep people from just loading > the high score file with whatever scores they want?
I'd say this is impossible particularly with Python, because cheaters could always look in the source and find out whatever you're doing to the scores and if they can't get around it, they can certainly feed that routine bogus scores and get valid (but cheated) score files. Cheating happens even with closed-source games. The only reliable way of scoring is to have an application which both runs and keeps scores on computers you control (i.e. an online in-browser game), without relying on cookies or any other form of client-side data. If you just want to keep casual tinkerers from playing with a plain text scores file, simple safeguards would suffice, like: - writing a MD5 hash of the scores list along with the scores themselves. If the scores are modified and the MD5 isn't, the two won't match. - implementing some trivial obsfucation (as opposed to real encryption) algorithm which you could apply to the data before writing it. You could for example use the zlib module for this (compress the result of pickle.dumps and decompress the string read from file before feeding it to pickle.loads). The result will look tremendously ugly and scary, plus it will save a few bytes in storage space if you're lucky :). - storing the scores in a bsddb (it can be modified by hand, but it looks quite scary and mistakes might lead to breakage) It's quite obvious though that no method is good enough if you attach any kind of value to high scores, by e.g. posting the highest scores on your webpage. Yours, Andrei _______________________________________________ Tutor maillist - [email protected] http://mail.python.org/mailman/listinfo/tutor
