Hi, I want to compare two datetime values in cloudscript. One datetime should be the server timestamp and the other datetime is passed from client side as an argument. Is it possible?
Hi, I want to compare two datetime values in cloudscript. One datetime should be the server timestamp and the other datetime is passed from client side as an argument. Is it possible?
Yes you can. Basically you will store a timestamp and Date.getTime() in JavaScript will be a good idea because the value returned by the getTime() method is the number of milliseconds since 1 January 1970 00:00:00. In terms of other languages, like C#, there is always a way to generate the same timestamp, for example, please refer to this thread: https://stackoverflow.com/questions/8134170/c-sharp-version-of-javascript-date-gettime.
However, The scenario you have mentioned may have potential issue because if the timestamp is sent from the client, it can be manipulated and changed. I don’t know what is the detailed scenario but it will be safe to generate and store important timestamp only on the server side.
Can you please explain about the security risks involved from sending the timestamp from client side?
But how can they know that this game is using Playfab as their backend service? And by what you have wrote I think all my client side requests are not protected at all.
First, all the communication between client and PlayFab server is SSL enabled, which can guarantee the security of the communication contents. Hackers can capture the Http packets and know the destination IP address, besides they can unpack the client to see codes. The main idea I have mentioned is to limit the permissions of clients. Of course there won't be a simple 100% anti-cheating method, but take the timestamp scenario as an example, I will suggest let the server generate the timestamp. If the previous timestamp is generated when the player's last login and you want to know the time interval between last login and this time's. You may simply call the corresponding Cloud Script function without any argument and let it get the server time again, instead of sending the timestamp by the client because it is not trusted.
3 People are following this question.