Play Now Login Create Account
illyriad
  New Posts New Posts RSS Feed - Design Discussion (offtopic from Fav Petitions)
  FAQ FAQ  Forum Search   Register Register  Login Login

Topic ClosedDesign Discussion (offtopic from Fav Petitions)
 Post Reply Post Reply Page  <123
Author
  Topic Search Topic Search  Topic Options Topic Options
HonoredMule View Drop Down
Postmaster General
Postmaster General
Avatar

Joined: 05 Mar 2010
Location: Canada
Status: Offline
Points: 1650 		Direct Link To This Post Posted: 24 Mar 2010 at 15:50
Originally posted by GM Stormcrow GM Stormcrow wrote:

Originally posted by HonoredMule HonoredMule wrote:


I noticed this myself.  Is testing for functional errors or security holes the same as cheating?  I would want to know if someone could read my email, and given the rough edges still in the game, I take nothing for granted.

My next question was how long a database could support a single-column index for everyone's messages when the server is sending dozens of spam system messages to 100,000 players a day.  The answer for a bigint index and average 50 messages per player per day, yes--for about 5 billion years (and change).  And for a standard int, 117.5 thousand years.  I discontinued this line of inquisition.

Of course the real reason (G)UIDs are often used instead of ints isn't directly for the larger address space, but for easier generation of non-consecutive ids.  After all, with consecutive ids, you inevitably get some enterprising individual who realizes he can guess real ids finding messages like:
"error '80020009' /view_msg.asp, line 26"
I just hope there's no consecutive pattern in session ids AND that sessions are restricted to the IP that created them (since cookies on a non-secure connection can be compromized, after all).

To be honest, it's here more for the smile it produced on many people's faces. 

If we had truly considered this "cheating" we would have suspended the players' account - which we didn't. And yes, we like/love the reporting of non-standard error messages, however they have been generated.

So please take this post, and indeed this thread, in the spirit in which it is intended - a giggle rather than a serious comment on anything.

As to your other items, we're happy to discuss (some) elements of the database design philosophy, methodology, implementation and many other things (such as why on earth why we  chose to write the current UI in classic ASP) but this thread probably isn't the place for it. I would suggest the Technology & data forum?


Nah, I was just giving you all a hard time.  I'd find the use of asp over php and the awesomeness of Smarty templating strange, but it's apparent you guys are a Microsoft shop (error '80020009' => MSSQL), and I do get the benefits of tight integration that works.  I'm building a php RAD framework around such "Microsofty" design principles myself.  "Classic" asp, I'm guessing, scales better than more robust, business-logic-centric .NET stuff.  That or asp is more flexible for loose scripting.

What I do find curious is the constant polling of json_currentresources.asp.  That seems like a lot of unnecessary overhead for a server designed to handle 100,000 users, when you could just use javascript timers to maintain projected resource levels, and at least make the server polling less frequent.
Back to Top
 Post Reply Post Reply Page  <123
  Share Topic   

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.03
Copyright ©2001-2019 Web Wiz Ltd.