Communication between AS3 server and MySQL
I am developing a game coded in Flash AS3 and need to read / write information to SQL server. I am currently using ASQL for testing purposes , which is very simple and reliable, but it needs a direct connection from the client machine to SQL Server (port 3306 is open and allows a logical name to connect from anywhere using a password), and worse than that ... The .swf format itself is not encrypted and all decompilers will allow you to extract AS3 code, which means the password stored in the code.
I have collected several options, but they lack security measures:
- AS3 code sending POST code to PHP page that connects to MySQL server
- Use amfphp but the AMF protocol is still sniffing
- Keep the current method and force users to open outgoing port 3306, which can confuse clients.
Help / advice / discussion would be much appreciated.
source to share
Depending on the number of commands required, I think you should choose option 1 (with only one or more commands) or option 2 (if you have a few more complex commands to send). Do not open the database on the public internet.
What is the problem you are trying to solve / protect? If all of your application (game) logic is with the client, you cannot stop people from faking the results. The client never needs to be trusted, and no amount of line protection (https or any other encryption of communication) will help - it will keep other people from eavesdropping.
If you are trying to ensure that high scores or game states are published, as far as I know, you can make it difficult to fake them, but you cannot make it impossible unless you transfer at least some game logic to the server.
source to share