[ Pobierz całość w formacie PDF ]
.addEventListener( init , [matter, Matter.prototype.fling]);Programming guides certainly can cross-reference the details of how each pieceof functionality works behind the object interfaces, but it should not distract fromthe demonstrated usage itself.Developers need to comprehend how to work with theavailable objects before they can generally see the worth in using them as opposed toreimplementing the same logic in their own code.9.3.3 Style GuidesSimilar to programming guides for developers, style guides help designers and client-side developers implement consistent user interfaces by providing directions and ex-amples of how to do so with the markup blocks and CSS rules available.Because CSSdoes not have the same code structures and well-established documentation generatingtools available, this practice takes a little more effort on the part of the designers anddevelopers to create, but makes it much easier to train others or recall yourself how toimplement certain interface widgets efficiently.While coding examples help here, style guides also need visuals to help show thedirect impact of one particular CSS rule or XHTML element.The following codesample, a simplified version of the tabbed registration interface from Chapter 1, Usability, gives designers and developers the core of the tabbed layout structure inthe document itself:Tab One (selected)Tab TwoTab Three(tab one contents)296 Chapter 9 DocumentingHowever, this does not have quite the same impact as the same markup shown inFigure 9.9.FIGURE 9.9 Example code embedded in its own rendering.By using demonstrations as part of the style guide, it becomes much easier to findthe implementation needed for a certain interface, and just as easy to use it.It alsomakes writing the style guide a little more interesting than pure markup and styledumps, and creates more of a component library than chapters of text.10Game DevelopmentIn This Chapter10.1 A Different Kind of Security 29910.2 Single Player 30410.3  Real-Time Multiplayer 310297jax-driven game development combines the challenges of scalability andAperformance for high-demand applications, but often allows developersto push the boundaries of current web technologies.Just as with console orcomputer games, users will put up with stricter minimum requirements to havea better experience with the more advanced technologies available, when thosetechnologies are properly used.This chapter will focus on Universe Conflict, which is an implementation ofSpace War!.Created in 1961 on the PDP-1 computer, Space War! was one of thefirst digital computer games.It has been recreated using the canvas HTML5element and Ajax (shown in Figure 10.1).This version allows the two players tobattle each other from different machines, as opposed to the same machine as inthe original and ports since then.The game has very simple rules and a simplesetup.Two ships, each controlled by a user, try to shoot each other without fall-ing into the gravitational pull of a star in the center of the screen.FIGURE 10.1 Space War! rendered in canvas.298A Different Kind of Security 29910.1 A Different Kind of SecurityBecause Ajax-driven games have their interface in clear text markup and JavaScript, theusers have the ability (through browser extensions and user scripts) to change the be-havior or data in the game itself.Any scores, any JavaScript-controlled actions, and anyin-page elements can fall directly under the users control, just as with any other webapplication.The challenge comes in knowing the priority of usability (or playability, inthis case) or security for the given application.The more control exerted over the game through server-side actions, the moreround trips the application needs to make, and the less responsive the game.The bal-ance comes in what an attacker can accomplish by taking over aspects of the interface.If a simple function call can destroy an opponent faster and easier than the users can byactually playing the game, then someone will find the function and use it.If the scriptitself holds the current score without checks, then users will find where the script storesit and give themselves a higher score for the game to log.On one end of the spectrum exists single-player games implemented for nothingother than simple fun with nothing logged and only single sessions of play offered.With these types of games, the greatest reward for cheating is seeing a high score thatwasn t earned.Without the ranking of players or the logging of high scores, the needfor security in this situation drops considerably, as attackers simply have no motiva-tion to cheat.Even if someone does find taking screenshots of large, unfairly obtainedscores, it has no impact on the rest of the users and poses no threat to the game as awhole.In this scenario, the logic, scoring, and validation all can reside in the JavaScriptitself without the application having to make round-trips to the server, unless the gamerequires more information.This information could take the form of a multi-level gameusing late loading to load additional levels or resources for faster startup; another ex-ample could also include text-based adventures that have too much data to effectivelykeep in the browser at one time.Once cheating starts affecting the other players, through the ranking of players ormultiplayer games where cheating can ensure the defeat of another player, an applica-tion needs security to protect the players who want to play the game fairly.Even a situ-ation where a player cheats in order to get the highest ranking, can kills the motivationof the real users, who then will lose interest and move on to something else.300 Chapter 10 Game Development10.1.1 ValidationThe validation necessary in Ajax-driven games doesn t differ much from the validationnecessary in other types of web applications, though the validation requirements forapplication logic can have much more complexity.Data validation is the first step inensuring the security of a server-side application (along with authentication and au-thorization, of course).Part of the validation that differs from typical web applications comes in the formof data constraints that can change rapidly depending on the circumstances.As a shipmoves around the screen, the position it can send to the server has very specific re-quirements.Because the ships have a top speed and a top acceleration, and becausethe server keeps track of the full position of the ship (x, y, angle, x speed, y speed, ac-celeration, and rotation), the application can check the current position, speed, andacceleration against the change in each.The following PHP code receives the posted position information from the Ajaxrequest and validates it against the limits of the ship s movement [ Pobierz całość w formacie PDF ]