Secure web connection + timeouts

Discussion in 'Plugin Development' started by Jozeth, Oct 2, 2013.

Thread Status:
Not open for further replies.
  1. Offline


    I am currently trying to do a global ban system for people using my plugin, but how do I securely send information from the plugin to a php script?

    Also how do I do timeouts, if the connection isn't available?
  2. Offline


    So why do you want to send it to a PHP script?
    Why not just have a database that you connect to and put the players name in?
    And obviously if you do want to send it to any web server you encrypt it(But im not sure its necessary in this case).
  3. Offline


    If I put the database password, etc. into the plugin then people can decompile it plus my database only allows allowed IPs to connect to it.
  4. Offline


    Jozeth Well giving them a secret webpage that they can send data to will also be readable when decompiled. This is the reality for Java and passwords. You could hide the password using a simple encryption method, but if someone was really desperate they could get in. Another way would be to give every user a login account or server ID, and then you can keep track of what servers are banning, and you can see which server/person is banning, possibly abusing the plugin.

    On top of that, this doesn't matter too much, because either that, or someone will just spam banning people in-game. They will get your plugin, ban everyone they can think of, which add's those to the database, and then delete the plugin, so they aren't banned on their own server.
  5. Offline


  6. Offline


    Obfuscation won't hide strings.
    If you have determination you can find out anything hidden in a program.
  7. Offline


    Pass the data to the PHP script like Minestats did it..

    Call a URL with the php code. Then when doing the args of the php script insert java code (sorry Im on a phone and too lazy to be a great help)

    The UrL would look something like this...
    "Import.php?bannedPlayer=" + bannedPlayer + "&bannedBy=" + banner + "&time=" + time + "&reason=" + reason + "&fromServer=" + server;
Thread Status:
Not open for further replies.

Share This Page