Java-Gaming.org    
Featured games (81)
games approved by the League of Dukes
Games in Showcase (487)
Games in Android Showcase (110)
games submitted by our members
Games in WIP (553)
games currently in development
News: Read the Java Gaming Resources, or peek at the official Java tutorials
 
    Home     Help   Search   Login   Register   
Pages: [1]
  ignore  |  Print  
  Java read/write to a text file on my site for highscores  (Read 3680 times)
0 Members and 1 Guest are viewing this topic.
Offline roland
« Posted 2009-10-03 07:13:45 »

I have a game and I want to write a high score to a text file and read from it. This file will be stored on my site eg w_ww.mysite.com/hs.txt

I have some code for reading and writing which works when i write to a file on my computer but when i try to do the same thing online I can read but not write. Can anyone help me?

if i run my applet through Eclipse I can read/write but if I run a applet through a html file using firefox I can only read.

Here is my HTML code:
1  
2  
3  
4  
5  
6  
7  
<HTML>
<HEAD>
</HEAD>
<BODY>
<applet code="Main.class" archive="Main.jar" width="800" height="600">
</applet>
</HTML>


here is my read and write:
1  
2  
3  
4  
5  
6  
7  
8  
9  
10  
11  
12  
13  
14  
15  
16  
17  
18  
19  
20  
21  
22  
23  
24  
25  
26  
27  
28  
29  
30  
31  
32  
33  
34  
35  
36  
37  
38  
39  
40  
41  
42  
43  
44  
45  
46  
47  
48  
49  
50  
51  
52  
53  
54  
55  
56  
57  
58  
59  
URL url = null;
          File f = null;
          String fileToRead = "hs.txt"; //high scores text file
         
          //INIT
         try
          {
             url = new URL(getCodeBase(), fileToRead);
             f = new File(fileToRead);
          }
          catch(Exception e2)
          {
             m_taHighScores.append("Init failed...");//m_taHighScores is a text area in the applet which displays the highscores.

          }
         
          //WRITE
         try
          {
              BufferedWriter out = new BufferedWriter(new FileWriter(f,true));
              out.write("HIGHSCORE: ");
              m_taHighScores.append("WRITING:" + "HIGHSCORE: " + String.valueOf(m_snake.m_iScore) + "\n");
              out.write(String.valueOf(m_snake.m_iScore)+"\n");
              out.close();
              m_taHighScores.append("WRITE SUCCEEDED \n");
             
          }
          catch(Exception e2)
          {
             m_taHighScores.append("Write failed... \n");
          }
         
         
          //READ
        try
         {
           
            StringBuffer strBuff;
            String line;
             
            InputStream in = url.openStream();
            BufferedReader bf = new BufferedReader(new InputStreamReader(in));
            strBuff = new StringBuffer();
            while((line = bf.readLine()) != null)
            {
               strBuff.append(line + "\n");
            }
            m_taHighScores.append("READING: \n");
            m_taHighScores.append(strBuff.toString());
            m_taHighScores.append("READ SUCCEEDED \n");
         }
         catch (Exception e2)
         {
            m_taHighScores.append("Read failed... \n");
         }
             
         
          //m_taHighScores.append("\n" + String.valueOf(m_snake.m_iScore));
         m_taHighScores.setVisible(true);




thanks,
roland
Offline davidc

Senior Member


Medals: 5
Projects: 2



« Reply #1 - Posted 2009-10-03 07:23:32 »

You need to display more detail from those exceptions. At the very least, also display the error message:

1  
m_taHighScores.append("Init failed: " + e2.getMessage());


What will be even better is to display the stack trace also:

1  
2  
3  
4  
5  
6  
7  
// Get the stack trace as a string
StringWriter sw = new StringWriter();
PrintWriter pw = new PrintWriter(sw);
e2.printStackTrace(pw);
String stackTrace = sw.toString();

m_taHighScores.append("Init failed: " + e2.getMessage() + "\n" + stackTrace);
Offline Nate

JGO Kernel


Medals: 145
Projects: 4
Exp: 14 years


Esoteric Software


« Reply #2 - Posted 2009-10-03 09:13:30 »

99% of the time, if some code is calling the getMessage method on Exception, it shouldn't be because it hides both the stacktrace and the messages of any "cause" exceptions.

Games published by our own members! Check 'em out!
Legends of Yore - The Casual Retro Roguelike
Offline pjt33
« Reply #3 - Posted 2009-10-03 10:00:31 »

If applets can write to files on your web server then pretty soon your server will be part of a botnet. You need to set up a CGI script of some kind (e.g. a servlet, if you want to stick to Java) which handles a GET or POST request, validates it, and updates the file accordingly.
Offline roland
« Reply #4 - Posted 2009-10-05 04:02:15 »

thankyou for your comments.
I worked hard today and yesterday making some php scripts to add high scores and made a POST function in my java applet which I got an example from: http://www.exampledepot.com/egs/java.net/Post.html. It works perfectly, except that: it only sends the data if i get it to read the response after sending and I have no idea why I would need to do that.

This is what I need to include to make it work. Why?
I am not using this to read, only write. I have a different function which reads from a text file so i didnt want to include this, but when i got rid of it I could not write data at all.

1  
2  
3  
4  
5  
6  
// Get the response
       BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream()));
        String line;
        while ((line = rd.readLine()) != null) {
            // Process line...
       }
Offline Bonbon-Chan

JGO Coder


Medals: 12



« Reply #5 - Posted 2009-10-05 07:02:49 »

It is the http protocol. For each request, there is a reply... even it is empty. What ever for an high score submition, the new high scores are usualy sent back.
Offline broumbroum

Junior Member





« Reply #6 - Posted 2009-10-05 15:35:38 »

You may use FTP to get a write access to the scores files, as well. That be faster and safer han php.

::::... :..... :::::: ;;;:::™ b23:production 2006 GNU/GPL @ http://b23prodtm.webhop.info
on sf.net: /projects/sf3jswing
Java (1.6u10 plz) Web Start pool
dev' VODcast[/ur
Offline Markus_Persson

JGO Wizard


Medals: 14
Projects: 19


Mojang Specifications


« Reply #7 - Posted 2009-10-05 15:41:57 »

No, that's a bad idea. It's neither safer nor faster.

With server-side logic, you can add some constraints on what data you accept, and you can control the format of the file.
With just plain FTP, anyone can upload any file.

Play Minecraft!
Offline broumbroum

Junior Member





« Reply #8 - Posted 2009-10-05 16:08:06 »

well, php will be readable from world..
FTP can be checked with anonymous or a special user that does get access to score files under certain circumstances or folders, Java offers a great amount of crypted functions too.
I'd send the result as an encrypted or serialized object file, unless I can't get an sftp access.

::::... :..... :::::: ;;;:::™ b23:production 2006 GNU/GPL @ http://b23prodtm.webhop.info
on sf.net: /projects/sf3jswing
Java (1.6u10 plz) Web Start pool
dev' VODcast[/ur
Offline Markus_Persson

JGO Wizard


Medals: 14
Projects: 19


Mojang Specifications


« Reply #9 - Posted 2009-10-05 16:57:43 »

Making a bunch of hacks to secure ftp and verify the data is not in any way better than just writing some server-side logic (be it php or jsp or whatever).

Encryption will do you no good as the game client has to be able to encrypt it in the first place. Anyone can just look up how that encryption was done and reproduce those steps.

Play Minecraft!
Games published by our own members! Check 'em out!
Legends of Yore - The Casual Retro Roguelike
Offline Orangy Tang

JGO Kernel


Medals: 56
Projects: 11


Monkey for a head


« Reply #10 - Posted 2009-10-05 17:06:58 »

The (s)FTP route is also going to have horrible race condition issues when multiple clients try and add their high score into the high score file at the same time - if you're lucky you'll get one person's score being overwritten, if you're unlucky you'll corrupt the whole file and lose all the scores. Plus since the login information will be publically available in your app, someone could just log in manually and delete the whole lot.

Just stick to keeping the high score logic server side with php/jsp/whatever and back it by a database.

[ TriangularPixels.com - Play Growth Spurt, Rescue Squad and Snowman Village ] [ Rebirth - game resource library ]
Offline Eli Delventhal

JGO Kernel


Medals: 42
Projects: 11
Exp: 10 years


Game Engineer


« Reply #11 - Posted 2009-10-05 20:07:35 »

Even if you do a PHP backing, how is that you can keep people from seeing how it's sent? What I mean is, your game needs to send POST data or whatever to the PHP script, and the script has to somehow know what is real and what isn't. In a simple sense, if I just send everything to submitScore.php and it takes a POST "score" variable, anyone can then send whatever score they want as long as they know that it's being sent to submitScore.php. If you take the most obvious safeguard of adding a password POST parameter that your game sends (say it's "h00ps"), then still someone can find that password in your game code and foil you anyway. So what's the solution, here? How does the script know what's good and what's bad?

See my work:
OTC Software
Offline Orangy Tang

JGO Kernel


Medals: 56
Projects: 11


Monkey for a head


« Reply #12 - Posted 2009-10-05 21:01:56 »

Even if you do a PHP backing, how is that you can keep people from seeing how it's sent? What I mean is, your game needs to send POST data or whatever to the PHP script, and the script has to somehow know what is real and what isn't. In a simple sense, if I just send everything to submitScore.php and it takes a POST "score" variable, anyone can then send whatever score they want as long as they know that it's being sent to submitScore.php. If you take the most obvious safeguard of adding a password POST parameter that your game sends (say it's "h00ps"), then still someone can find that password in your game code and foil you anyway. So what's the solution, here? How does the script know what's good and what's bad?
The only secure method I know of is to store input data and replay it on the server to recreate the score. That's a PITA coding wise as you need a deterministic simulation (plus a headless version that can work on a server). Compromises usually involve sending a less complete replay/game state which can be verified easier on the server end at the trade off of being more easily faked. Sending meta-score info (num deaths, num kills, bonus multipliers, num powerups, etc.) and recreating the score from that is a nice compromise IMHO.

[ TriangularPixels.com - Play Growth Spurt, Rescue Squad and Snowman Village ] [ Rebirth - game resource library ]
Offline broumbroum

Junior Member





« Reply #13 - Posted 2009-10-08 12:22:10 »

I'm not very confident with the PHP variant, as of POST param are visible (they may be encoded as well, e.g. Facebook make auth with something like a PHP scripted login) and will eventually need a browser to get the best results.
Then FTP is a way to mask datas and as long as the task can take whatever time it needs. After all, the user would not have to load an external application.

For I ain't no j2ee expert, FTP seems to me the more accessible. afaik J2EE webserver (which are easy to set up but expensive to buy on the other part) would make things definitely more efficient with real-time client-server processes, like a mass multi-player game would need it.

::::... :..... :::::: ;;;:::™ b23:production 2006 GNU/GPL @ http://b23prodtm.webhop.info
on sf.net: /projects/sf3jswing
Java (1.6u10 plz) Web Start pool
dev' VODcast[/ur
Offline Markus_Persson

JGO Wizard


Medals: 14
Projects: 19


Mojang Specifications


« Reply #14 - Posted 2009-10-08 14:01:31 »

Sorry to be blunt, but you're very wrong!
FTP is every bit as visible, and is less secure as the user can upload any file he wants.

Play Minecraft!
Offline Orangy Tang

JGO Kernel


Medals: 56
Projects: 11


Monkey for a head


« Reply #15 - Posted 2009-10-08 14:43:36 »

I'm not very confident with the PHP variant, as of POST param are visible (they may be encoded as well, e.g. Facebook make auth with something like a PHP scripted login). Then FTP is a way to mask datas and as long as the task can take whatever time it needs.
As Markus said, this is very wrong.

Quote
and will eventually need a browser to get the best results. After all, the user would not have to load an external application.
And this just makes no sense. What are you talking about?

Of course if you're convinced that the hacky FTP solution is the way you want to do it then by all means do it. Just be prepared for it to come crashing down as soon as you release it to the public.

[ TriangularPixels.com - Play Growth Spurt, Rescue Squad and Snowman Village ] [ Rebirth - game resource library ]
Offline markmistry

Junior Member





« Reply #16 - Posted 2009-10-08 15:30:47 »

I dont know if this is the best way to do things but it worked for me.
i have a plain text file on my server for highscores, clients(applets and applications) can access this file(readonly).
they either do it directly using the http protocol or they can do it by passing a message to the java server application requesting the highscore data.
when it comes to updating the highscore they pass another message to the server application,the server application verifies the username and password and will update the file(i acually update a mysql database and get the server to periodically overwrite the text file).
so the clients access the file on the server by requesting the data from a java application on the server.
to display the data on the website i used php to read from the text file and display it.
I never let my clients alter files on my server directly they always have to verify themselves to a java application.
Word of warning if you try to do too many http calls too quickly your server will think its under a denial of service attack and you wont be able to read anything.
Offline broumbroum

Junior Member





« Reply #17 - Posted 2009-10-10 23:44:13 »

[...]
when it comes to updating the highscore they pass another message to the server application,the server application verifies the username and password and will update the file(i acually update a mysql database and get the server to periodically overwrite the text file).
[...]
Word of warning if you try to do too many http calls too quickly your server will think its under a denial of service attack and you wont be able to read anything.
Thank you markmistry for your help ! this is definitely it.

::::... :..... :::::: ;;;:::™ b23:production 2006 GNU/GPL @ http://b23prodtm.webhop.info
on sf.net: /projects/sf3jswing
Java (1.6u10 plz) Web Start pool
dev' VODcast[/ur
Offline Bonbon-Chan

JGO Coder


Medals: 12



« Reply #18 - Posted 2009-10-12 07:11:33 »

I never let my clients alter files on my server directly they always have to verify themselves to a java application.
Hmmm... same with Php

Word of warning if you try to do too many http calls too quickly your server will think its under a denial of service attack and you wont be able to read anything.
Whan an HTTP server give an DoS... your FTP server has explod far before (FTP session are far more longueur and are far more limited on the number of connection).
Online Riven
« League of Dukes »

JGO Overlord


Medals: 783
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #19 - Posted 2009-10-12 15:43:37 »

Whan an HTTP server give an DoS... your FTP server has explod far before (FTP session are far more longueur and are far more limited on the number of connection).

It depends... if your PHP script creates a new database connection for every hit (~17MB RAM) you'll quickly swamp your RAM and the swap file too, with >100 concurrent http connections. FTP can handle this. I've seen this happening on (low end) 1GB servers with 1GB swapfile. In that state, the server is pretty much dead, it will become hard, if not impossible, to login using SSH, and once you do, even ls impossible, forget about shutdown, unix-load >100. Physical reboot saved the day.

Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Pages: [1]
  ignore  |  Print  
 
 
You cannot reply to this message, because it is very, very old.

 

Add your game by posting it in the WIP section,
or publish it in Showcase.

The first screenshot will be displayed as a thumbnail.

CopyableCougar4 (23 views)
2014-08-22 19:31:30

atombrot (34 views)
2014-08-19 09:29:53

Tekkerue (30 views)
2014-08-16 06:45:27

Tekkerue (28 views)
2014-08-16 06:22:17

Tekkerue (18 views)
2014-08-16 06:20:21

Tekkerue (27 views)
2014-08-16 06:12:11

Rayexar (65 views)
2014-08-11 02:49:23

BurntPizza (41 views)
2014-08-09 21:09:32

BurntPizza (33 views)
2014-08-08 02:01:56

Norakomi (42 views)
2014-08-06 19:49:38
List of Learning Resources
by Longor1996
2014-08-16 10:40:00

List of Learning Resources
by SilverTiger
2014-08-05 19:33:27

Resources for WIP games
by CogWheelz
2014-08-01 16:20:17

Resources for WIP games
by CogWheelz
2014-08-01 16:19:50

List of Learning Resources
by SilverTiger
2014-07-31 16:29:50

List of Learning Resources
by SilverTiger
2014-07-31 16:26:06

List of Learning Resources
by SilverTiger
2014-07-31 11:54:12

HotSpot Options
by dleskov
2014-07-08 01:59:08
java-gaming.org is not responsible for the content posted by its members, including references to external websites, and other references that may or may not have a relation with our primarily gaming and game production oriented community. inquiries and complaints can be sent via email to the info‑account of the company managing the website of java‑gaming.org
Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines | Managed by Enhanced Four Valid XHTML 1.0! Valid CSS!