Okay so I have a save game file in my game that uses an .ini and everything works out great. It's very easy to edit while troubleshooting, but it's just as easy for someone (the eventual player) to go into the file and cheat the bejeesus out of the game. You know, the ol' 9999 HP trick or whatnot. Is there any way to make it so it can't be edited by the user? I've heard about the encryption object, but just how does it work please? I don't want to screw up what I have by accident, because it was a big pain in the ass to do because of all the information the .ini has to store.
"Del Duio has received 0 trophies. Click here to see them all."
"To be a true ninja you must first pick the most stealthy of our assorted combat suits. Might I suggest the bright neon orange?"
DXF Games, coming next: Hasslevania 2- This Space for Rent!
As a basic storage, INI is great. It wasn't meant to be secure. If you want a secure way to store things, you could use the binary object and write values like that where people don't really understand it. Plus you get a smaller filesize. I'm not sure how to use the encryption object so I can't really help you there.
for the encryption object i think its just a character key so you can make an alternate alphabet. then when you read the ini you use the same character key to convert it back into what its supposed to be. i think
Maybe Having the File somewhere else in the PC is a good idea, unless the players get a look at the source code they would think all the save data is being saved in the EXE of your game..
it just needs a name that wont be suspect,
I was just working out on my game to use ini and called it system.ini but I didnt call the location, so it automatically went into the windows system dir. sooo.. When I re-read the values in the program it looked in an actual windows system file, and couldnt find the values I wanted...
the moral of the story is look for the file, stick something in the root with some kinda name like FWLog. or AVlog.
Its how I would stop access to the file, but at the end of the day if they want to play a home brew game the chances are they wont want to cheat it rather play it as its meant to be played.
Time for a Sexy Party!
No, that's a fucking stupid way of doing it. Any noobs reading this disregard the entire concept, if you try and hide files by pretending they're system I'm going to come to your home and eat your dog.
If you want to protect save games you can:
1. Encrypt the data using an encryption extension. Doesn't matter which. Pick one and learn how to use it.
2. Don't encrypt the data, but use a hashing extension to store the hashed concatenation of the data and a key at the end of the ini (the concept is a little more complex than plain encryption, but in practice it's simpler)
3. Use non-numeric data. One of my games stores the current level as one of a bunch of randomish words rather than a simple number. For example level 5 might be "elephant" or something.
4. Do nothing. People aren't going to bother with cheating until they're fed up with playing your game normally. I very rarely protect my save games for this very reason: if they've had enough of playing properly and can get a little more fun out of it by cheating, let them.
I remember Crystal Towers used a normal ini without encryption but if it was edited in notepad the game would give you a DON'T CHEAT screen of sorts. I tried it out after someone else was caught cheating and posted it here somewhere.
for my game, upon completion a number gets saved to the ini. And the game checks if the number is present before the minigame or level select can be played. That way there is no way of knowing how to cheat at the game. Well unless you can guess the group name and number.
What I did in CT was add a whole lot of unnecessary values to the INI (actually renamed a .sav) so that it wasn't clear which ones to change to do anything. This isn't secure as such, but it does mean that it takes a bit of trial and error to get it right. Trouble is it also takes a lot more effort to remember what you're doing when you're writing it.
The record of completed levels was done in the same way that Radix mentioned - by storing "passwords" of a sort instead of obvious values.
i use binary object! Set every variable up with its own offset, when writing a variable like numbers or so cloak them with different numbers example Lifes=9 then save it like Lives +7 or so, and when loading it to lives -7. Also i once uses cloaking by changing variables offsets in the save according to the progress in the game.. Binary rocks and pretty much everything is possible!
Oh one more thing using CRC is also great! So that if the crc has changed which it always will do if edited! The game simply marks the savegame bad. And u cant use it anymore... Many new retail games also use this.. For hiding the crc just append it to some image file or sumthing making it hard to find. And when found neded to be edited to the exactly new crc which the edited savegame use.. This will annoy people cheating and will probraly make them stop..
Also u can save ur values using binary in another file! like an image file. without destroying the image!
Theres an extention called BlowFish, it does a great job at encrypting files, so that only the game can decrypt it (unless someone knows the decrypt key). The only trick to the object, is telling the game when to decrypt & encrypt the file, because it cant tell the difference between & encrypted & decrypted file, meaning it has the ability to encrypt files more then once, which can be a pain.
You cant just decrypt without the key! The way the encryption is setup, depends on the key. The key is required so that the decryption program knows how to decrypt it, not so that it will let you. Without the key, the program will have no clue how to decrypt it. Blowfish is very effective. The array object will do a good job againced the n00bs who think its fun to crack the games save file with wordpad, but its easyly hacked with a hex editor, your best bet is to encrypt it somehow, and in MMF, as far as I know, blowfish is the most effective.
Right i did a test! an BlowSurgeon cracked my encrypted file in 2 minutes.. So i dont know, it defiantly aint strong.. Only the newer versions, but the MMF extension one is an old obsoleted version, which uses the same algorithm for saving the password.. Surgeon gets that password and then decrypts. Just like cracking old zips with passwords! the 2 minutes was on a 150mb file! Wonder how long it will take for a savegame file
So back to base. the best method is hiding ur values in another file! like video, sound, image or even exe files that has an end function.. Else it would mess it up! Then use slight or heavy changes in the values..
Assault Andy Administrator
I make other people create vaporware
17th December, 2005 at 22:39:04 -
That is a good method but not necessarily the best, but I'm really surprised that blowfish encryption isn't that strong. The Assarray object has a built in load\save encrypted arrays, so you don't have to worry about corrupting data by overencrypting.
Another method for ini's is to use 'codes' that you randomly make up. Eg:
You just make random items and set them to true or whatever when the player unlocks that level. The next level could be 493029432AFV for instance which nobody would ever guess. This method isn't very useful for health or something though. Like others have said, checksums are a great way to go. Personally I like arrays though