dcsimg
A Flash Developer Resource Site

Results 1 to 19 of 19

Thread: [disc] to catch a thief...

  1. #1
    Junior Senior
    Join Date
    Nov 2000
    Location
    sydney
    Posts
    565

    [disc] to catch a thief...

    Don't know if this has been tried before, but here's an idea... instead of using _url to disable a game from playing, (ie asking for your game to be decompiled before it is uploaded to the www) why not make your _url check simply report offending websites with a getURL to a php script running on your site that takes the value of the flash _url as a parameter.

    ie, getURL("www.mysite.com/reporttheft.php?game=crazyfunshootemup&address=" + _url , "_blank", "POST");

    Your php script could then notify you via email with the domain name when a new domain starts running your game (plus the IP of the person who first tested it) or whatever you like.

    Just an idea.

  2. #2
    smile for the camera! jesserules's Avatar
    Join Date
    Dec 2004
    Location
    a dark place where people have trouble in flash
    Posts
    720
    aren't these discussions illegal now?
    My site
    The Current Project is RoboRace.
    Screens Public Beta Coming Soon!

  3. #3
    Yes we can tomsamson's Avatar
    Join Date
    Sep 2001
    Location
    Team Titan Secret Lair
    Posts
    4,666
    just to make clear: the FK staff is against discussing things in a manner in which FK might get into legal issues itself (for example: stating this and that site is a thief site;if we allow such open unproved bashing,we might be made responsible if it ´prooves to be a wrong bashing (-->=site wasn´t actually a thief site for example))

    FK is a developer board,so any discussion on games,how to improve them or their security is of course always welcome =)

    to get back to the topic: good suggestion =)

  4. #4
    Say hello to Bob Kakihara's Avatar
    Join Date
    Jul 2004
    Location
    kent, England
    Posts
    1,067
    nice idea and hardly any work as well, plus you then have evidence of who is stealing the games.

    ps. so what you are saying tom is that if we dont mention names then we can discuss this all we want, i love political correctness.
    If our body is a clock ticking away and if while we experience all that this world has to offer time has still continued to pass, are we living or just experiencing a slow death?

  5. #5
    Impressive Click swcAndrew's Avatar
    Join Date
    Oct 2004
    Location
    USA
    Posts
    468
    good idea! Only problem is for the sites that deep link your game. For example they use the html code and direct the source to the .swf location on your page.
    Andrew Webster
    Impressive Click

  6. #6
    Yes we can tomsamson's Avatar
    Join Date
    Sep 2001
    Location
    Team Titan Secret Lair
    Posts
    4,666
    Originally posted by Kakihara
    ps. so what you are saying tom is that if we dont mention names then we can discuss this all we want, i love political correctness. [/B]
    yeah,as i said the staff doesn´t want any legal issues occuring here.So as long as you don´t talk about porn,warez and accusing others of theft without prove and things like that,its relaxed
    i´m not doing the rules,i´m juts interpreting them to have everything here discussable and relaxed as much as possible

  7. #7
    Script kiddie VENGEANCE MX's Avatar
    Join Date
    Jun 2004
    Location
    England
    Posts
    2,590
    Sounds like a good idea. There are copies of a few of my games all over the 'net, and it's hard to keep track of them. I can only just read PHP, and I definitely can't write it, so could someone show me what PHP script I might need to use?
    http://www.birchlabs.co.uk/
    You know you want to.

  8. #8
    Filthy Gorgeous DancingOctopus's Avatar
    Join Date
    Sep 2003
    Location
    Sunny Australia.
    Posts
    478
    That could prove to be a huge load on your server, just to keep up with theifs.

    If you make a game that becomes very popular, you could end up with over a million hits to your page (and database, if you're storing data there) if your game "phones home" every time it is played.

  9. #9
    Flash hates me. crashlanding's Avatar
    Join Date
    Nov 2003
    Location
    UK
    Posts
    439
    Originally posted by DancingOctopus
    That could prove to be a huge load on your server, just to keep up with theifs.

    If you make a game that becomes very popular, you could end up with over a million hits to your page (and database, if you're storing data there) if your game "phones home" every time it is played.

    you could use 2 scripts, first to check the adress isnt already on the database and another one to put it on. I'm not sure if that would work, I'm not brilliant at php in flash.
    "wen i found my gerbil dead my other gerbil was eating it i just cried and screamed"
    http://www.livescripts.net

    --------------------------------------------------------------------------------
    Last edited by some moderator : Today at 9:01 PM.

  10. #10
    Filthy Gorgeous DancingOctopus's Avatar
    Join Date
    Sep 2003
    Location
    Sunny Australia.
    Posts
    478
    Originally posted by crashlanding
    you could use 2 scripts, first to check the adress isnt already on the database and another one to put it on. I'm not sure if that would work, I'm not brilliant at php in flash.
    You still have to hit the database to check if it's there.

  11. #11
    Script kiddie VENGEANCE MX's Avatar
    Join Date
    Jun 2004
    Location
    England
    Posts
    2,590
    Why not first check if the url it's coming from is the site it should be on anyway before doing any database stuff?
    http://www.birchlabs.co.uk/
    You know you want to.

  12. #12
    my x booty it is that BIG
    Join Date
    Jun 2004
    Location
    New York
    Posts
    696
    Originally posted by swcAndrew
    good idea! Only problem is for the sites that deep link your game. For example they use the html code and direct the source to the .swf location on your page.
    but in order for them to this they have to find out where the game is located on your site and before they do this they first have to come to the site and then you will have the information about the user...right?
    Project||[GAME]-on hold for now
    ------------------
    [Hero]-80%
    [Enemies]-1%
    [Weapons]-90%
    [Items]-0%
    [Levels]-10%

  13. #13
    Junior Senior
    Join Date
    Nov 2000
    Location
    sydney
    Posts
    565
    Originally posted by DancingOctopus
    That could prove to be a huge load on your server, just to keep up with theifs.

    If you make a game that becomes very popular, you could end up with over a million hits to your page (and database, if you're storing data there) if your game "phones home" every time it is played.
    Yea, that is a good point. If a high traffic thief site blatantly refused to take it down, you'd be fairly screwed. Then again, you could always delete or alter the php script it's trying to contact. Something that attempts to load 100's of large swf from their site maybe.

  14. #14
    Untitled-1.fla strille's Avatar
    Join Date
    Mar 2001
    Location
    Sweden
    Posts
    1,626
    Originally posted by DancingOctopus
    That could prove to be a huge load on your server, just to keep up with theifs.

    If you make a game that becomes very popular, you could end up with over a million hits to your page (and database, if you're storing data there) if your game "phones home" every time it is played.
    You could just make the flash movie "phone home" say roughly once every 10th (or 100th) time it is started using Math.random(). That should solve the heavy traffic problem. You just want to know the url anyway.

  15. #15
    Junior Member
    Join Date
    Apr 2001
    Posts
    25
    Originally posted by swcAndrew
    good idea! Only problem is for the sites that deep link your game. For example they use the html code and direct the source to the .swf location on your page.
    The same PHP script could check that the referring page ( $HTTP_REFERER variable) and send an OK back to the flash if it is. Else the game will not run (then it could e-mail the author with the URL).

    Another method is an encrypted text file which contains the URL of the registered site. It then checks it against the current URL, if it matches ok, if not fail to run.

    You would have to create a key generator and hand keys out to people who are allowed to host your game though.

  16. #16
    Senior Member
    Join Date
    Apr 2002
    Location
    Raleigh, NC
    Posts
    419
    I was under the impression that the Object tag does not actually send a referrer, which would make it somewhat difficult to automate that Headspin; am I wrong there?
    pnFlashGames.com
    share your games with thousands
    MediaProtect.org - Helping you protect your work (In Development)

  17. #17
    Junior Senior
    Join Date
    Nov 2000
    Location
    sydney
    Posts
    565
    Yea, as far as I am aware the only defense against deeplinking if your host can't block referers with .htaccess is renaming the swf file every once in a while.

    Maybe something like this in php..
    !WARNING! this code is UNTESTED and accesses the file system on your webserver. Read and understand the code before trying to use it.
    Code:
    <?
    // swfloader.php
    // UNTESTED, use at your own risk.
    // 
    // returns swf name from private dir for embedding
    // and ocaasionally renames the swf file
    // $swfdir must be set before including this file
    // eg <PARAM NAME=movie VALUE="<? $swfdir= 'gamedir'; require('swfloader.php'); ?>">
    // additional calls to the swf filename can be made directly to prevent multiple renaming. 
    // eg <EMBED src="<?=$swffile ?>"
    //
    if ($dir = @opendir("$swfdir") ){
    	srand( (double)microtime() * 1000000 );
    	while (($file = readdir($dir)) !== false) {
    		if ( strstr($file, ".swf") 
    			$swffile = $swfdir."/".$file;
    			if(rand(1,100)==27){
    				$newname="";
    				for($i=0;i<8;i++){
    					$newname .= chr(rand(65, 90)) . chr(rand(97, 122);
    				}
    				$newname .=".swf";
    				if( rename( $file, $newname){
    					$swffile = $swfdir."/".$newname;
    				}
    			}
    		}
    	}
    }
    if($swffile){
    	echo "$swffile";
    }else{
    die("couldnt open swf file");
    }
    ?>
    I assume this is similar to what people are using. be interested to hear any comments on this code, as I havent tried it out yet.

  18. #18
    Senior Member tonypa's Avatar
    Join Date
    Jul 2001
    Location
    Estonia
    Posts
    8,227

    Re: [disc] to catch a thief...

    Originally posted by slight
    Don't know if this has been tried before, but here's an idea... instead of using _url to disable a game from playing, why not make your _url check simply report offending websites with a getURL to a php script running on your site that takes the value of the flash _url as a parameter.
    I wouldnt use getURL action for this, it will open new window every time game is played. You can achieve same thing with loadVariables action without the need for new broweser window. Its still very easy to avoid, all thief has to do, is to comment out your url checking line.

    Even once you know some site is hosting your game, there isnt much you can do with that knowledge. Unless you represent bigger company with lawyers to work for you, nobody cares about you, your game or the fact that it is hosted somewhere.

    Originally posted by headspin
    The same PHP script could check that the referring page ( $HTTP_REFERER variable) and send an OK back to the flash if it is. Else the game will not run (then it could e-mail the author with the URL).

    Another method is an encrypted text file which contains the URL of the registered site. It then checks it against the current URL, if it matches ok, if not fail to run.
    1. Flash player doesnt set $HTTP_REFERER variable, its always empty.
    2. Not sure why you need encrypted text file to check if site is ok, you can make php script to check for allowed urls.

    Still, all they have to do, is to edit the swf and remove the lines where you connect to php script and prevent game from running.

  19. #19
    Senior Member UnknownGuy's Avatar
    Join Date
    Jul 2003
    Location
    Canada
    Posts
    1,367
    I think it would be kinda funny if you made a block of it from running only when a random number out of 50 is 1, and also the always block one, but they may not find the 1 in 50.....

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  




Click Here to Expand Forum to Full Width

HTML5 Development Center