I have an SQL database and want to make an MMORPG. The base of it would be the network. I was wondering if there were any ways of communicating with the database without having and vulnerbilities......I don't want to have any hacking here.
I have an SQL database and want to make an MMORPG. The base of it would be the network. I was wondering if there were any ways of communicating with the database without having and vulnerbilities......I don't want to have any hacking here.
Sure. Have your code and server setup security-reviewed and pay those doing the review several grand per day.
Security holes are nothing that is inherent to having a server. It's always programming or configuration errors that result in security holes. You need to avoid these: by knowing the dangers, coding in a way that reduces them, coding very carefully, testing your code and have your code looked at and tested by others.
The two main threats are typically buffer overflows and SQL injection, because they're so easily opened.
All the buzzt!
CornedBee
"There is not now, nor has there ever been, nor will there ever be, any programming language in which it is the least bit difficult to write bad code."
- Flon's Law
If you restrict all communications to the database server to your game server you are already increasing your security level a notch. After that, anything goes. Malformed queries (known as SQL Injection) will be one of your main concerns. Read about them somewhere on the web and code to protect yourself. Do not trust users will send requests to your game server through their game client even if you have the perfect system. Restricting access to the database server alone will also handle most of your time (albeit this is not so much a programming issue, but a database server issue).
EDIT: Oh and Denial of Service attacks. Every bug in your code is a potential DOS. Even if it doesn't allow access to your server system, it has the capacity of shutting the game down.
Last edited by Mario F.; 10-10-2006 at 08:01 PM.
Originally Posted by brewbuck:
Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.