Need opinion on how to handle this.
by Nathan Huffman · in Technical Issues · 04/30/2006 (7:02 pm) · 3 replies
So far we've figured out a basic login system (for an mmo enviroment). We have everything running locally for now, but I was able to SEARCH and finds tutortials to get me this far.
I have a GUI that passes the user/pass to the server, which connects to the local SQL server for auth, then returns to the client if it's good to go or not.
But what I don't understand from this point on, and I'm having a helluva time SEARCHing for such explanation, is how you would handle it from this point on.
After they login, "for now" I'd like them to be 'dropped' into a small 'test level' I made just to have them collect Torque logos (as in the tutorial for noobies) and everytime they collect one it gets added to their 'lifetime overall' count (just to learn better). However, I totally don't understand how you keep that specific connection assisned to a SQL session.
What I mean is, the login script I've found verifies a login but seems to close all SQL activity. I don't know how to 'bind' that session to a SQL session. If I'm not saying this correctly, imagine a player getting into the game OK but after logging in they edit the memory to make their client think they are logged in as a different user name. Therefore, they would technicallly be playing under someone else because their commands to the server would reflect a variable of someone else's user name than their own.
I guess I could make it query their password EVERY time, but there has to be a better way?
I'm a programmer-to-be so please excuse my lack of terminology.
I hope you see what I'm asking. If not, let me know and I'll try to re-phrase best as possible. And as always, thanks for the help in advance.
How does mmos like Ragnarok and WoW do it?
Hmm...
I have a GUI that passes the user/pass to the server, which connects to the local SQL server for auth, then returns to the client if it's good to go or not.
But what I don't understand from this point on, and I'm having a helluva time SEARCHing for such explanation, is how you would handle it from this point on.
After they login, "for now" I'd like them to be 'dropped' into a small 'test level' I made just to have them collect Torque logos (as in the tutorial for noobies) and everytime they collect one it gets added to their 'lifetime overall' count (just to learn better). However, I totally don't understand how you keep that specific connection assisned to a SQL session.
What I mean is, the login script I've found verifies a login but seems to close all SQL activity. I don't know how to 'bind' that session to a SQL session. If I'm not saying this correctly, imagine a player getting into the game OK but after logging in they edit the memory to make their client think they are logged in as a different user name. Therefore, they would technicallly be playing under someone else because their commands to the server would reflect a variable of someone else's user name than their own.
I guess I could make it query their password EVERY time, but there has to be a better way?
I'm a programmer-to-be so please excuse my lack of terminology.
I hope you see what I'm asking. If not, let me know and I'll try to re-phrase best as possible. And as always, thanks for the help in advance.
How does mmos like Ragnarok and WoW do it?
Hmm...
#2
I'll definately give it a try, but does anyone else know how current projects do it? How you can make sure that 'connection' stays with the same account/character?
05/03/2006 (10:43 pm)
Thanks, Chris. Seems like a good idea. But on-the-fly, it sounds like that users table would be gettin' hit more often that a hot blonde in a Los Vegas alleyway, if I understand you correctly. You'd have to compare session against each command to be secure, no?I'll definately give it a try, but does anyone else know how current projects do it? How you can make sure that 'connection' stays with the same account/character?
#3
You might not need every and single method to validate against the database, as the game would need to start up and display a login first, here you could obmit the check.
As for projects I think that the MMORPG tutorials might have what you are looking for.
05/03/2006 (11:32 pm)
You are right that the table would get hit a lot of times, but the DB should compensate for this by having it in memory. The field should naturally be a key field to optimize the search. You might not need every and single method to validate against the database, as the game would need to start up and display a login first, here you could obmit the check.
As for projects I think that the MMORPG tutorials might have what you are looking for.
Torque Owner ChrisG
You easily set a time-out by having another datetime field in the users table that is updated everytime the user sents info, if the last update was say over 10 minutes old then the user has 'timed-out'.
When the user logs out the session id is delete from the users record, thus flagging that login is required.
I haven't tried this in an MMO game but I don't see why it wouldn't work.