在闭包中修改变量
[英]Modifying variables in a closure
问题描述
My focus in this question is making HTML5 games.
我在这个问题上的重点是制作 HTML5 游戏。 The aim is to help reduce/prevent cheating.目的是帮助减少/防止作弊。
If a variable in global scope held the score, for example var score = 0 , then it's really easy to cheat just by running javascript:void(score = 9999999999);如果全局 scope 中的一个变量保存了分数,例如var score = 0 ,那么只需运行javascript:void(score = 9999999999);就很容易作弊了。 . .
But if I had something more like this:但如果我有更多这样的东西:
(function() {
var score = 0;
// game logic here
})();
Is score accessible by anything outside the closure?闭包之外的任何东西都可以访问score吗? Is there any way for the player to modify it and thus falsify their points?玩家有没有办法修改它从而伪造他们的积分?
2 个解决方案
解决方案1
4 2012-04-05 12:35:51
Everything that happens on the client side is 'hackable', because you simply do not have any control over it.在客户端发生的一切都是“可破解的”,因为您根本无法控制它。 The only real way to prevent this is using serverside validation (eg AJAX calls).防止这种情况的唯一真正方法是使用服务器端验证(例如 AJAX 调用)。
Is score accessible by anything outside the closure?
No it isn't.不,不是。
Is there any way for the player to modify it and thus falsify their points?
Yup.是的。 See my first statement.看我的第一句话。
解决方案2
2 已采纳 2012-04-05 12:34:23
Outside of that closure, score does not exist (or at least, that score doesn't).在该关闭之外, score不存在(或者至少,该score不存在)。
If you want to prevent cheaters, the only real way when the whole game runs on the client side is to recreate the game environment and user input on the server and validate that.如果你想防止作弊者,当整个游戏在客户端运行时,唯一真正的方法是在服务器上重新创建游戏环境和用户输入并进行验证。
Otherwise, anyone can modify your client side code and send what they wish to your server.否则,任何人都可以修改您的客户端代码并将他们想要的内容发送到您的服务器。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.