The UHSD Object
By Matt Galanto

Index

Disclaimer

The author of this extension makes no claims concerning the fitness of this extension for any purpose whatsoever, and makes no gurantees, written or implied, of its level of security and safety to authors or to end users in any respect. You agree to use this extension at your own risk and to hold the author harmless in any event.

The Basics

The UHSD Object is designed to make using the UHSD in Multimedia Fusion easier to do. This object will store all of the fields for you. It will also create the security code for you using Blowfish encryption! All of the data in this object is global. The idea is to create all of the fields, set the address of add.cgi, set the encryption key, and set which fields need encryption all on the first frame of your game. Then you don't need to do it again. When you get to the point where you need to submit a score, simply set all of the fields and use the "Generate Full URL" expression to get the URL you need to open. (NOTE: You can even use this URL with MOOSock to submit scores without using the gamer's browser.)

The Blowfish Secuity Check

If you wish to use Blowfish encryption, you will need to do some things. First, make sure that your server supports Crypt::Blowfish. If not, see if you can install it (unfortunately, I don't know how to do this, so I can't help you with it). If you can't install it, you're out of luck. Sorry. If you don't know if you have Crypt::Blowfish installed, go to the Debugger and use "Custom Code". Then paste the security check code into it and click "Debug". If Crypt::Blowfish is not installed, the Debugger will show you an error message. Once you know Crypt::Blowfish is supported by your server, copy the code below and paste it into the security checker for your game (this is in your game's Settings):

#be sure to set your key!!!!
my $key = "your key";

use integer;

my ($en_score,$en_random) = split(/\//,$secure);
my $random = $entry{'secure2'};

use Crypt::Blowfish;

my $cipher = new Crypt::Blowfish $key; 
my $ciphertext = $cipher->encrypt(&MakeText($scored,$random));

my ($check1,$check2) = &MakeLongs($ciphertext);

if(($check1 == $en_score) && ($check2 == $en_random))
{
   return "T";
}
return "F";

sub MakeText
{
   use integer;

   my $datal = $_[0];
   my $datar = $_[1];
   my $i;
   my $text = "";

   for($i = 0; $i < 4; $i++)
   {
      $text = chr($datar % 256).$text;
	  $datar /= 256;
   }
   for($i = 0; $i < 4; $i++)
   {
      $text = chr($datal % 256).$text;
	  $datal /= 256;
   }
   return $text;
}

sub MakeLongs
{
   use integer;

   my $datal = 0;
   my $datar = 0;
   my $i;
   my @text = split(//,$_[0]);
   my $factor = 1;

   for($i = 7; $i >= 4; $i--)
   {
	  $datar += ord($text[$i])*$factor;
	  $factor *= 256;
   }
   for($factor = 1; $i >= 0; $i--)
   {
      $datal += ord($text[$i])*$factor;
	  $factor *= 256;
   }
   return ($datal,$datar);
}

Once you have done that, go to the second line of the code and change the my $key = "your key"; line so that the stuff in quotes is the key you're using to encrypt your data. After you've done this, save your settings. (NOTE: You may want to disallow duplicate security codes so that people cannot resubmit the same information many times. This won't mess anything up because each security code is randomized, so people with the same score will both be able to submit their scores. You can disallow duplicate security codes under the game's Settings.)

Conditions

Has an Error Occured?
This condition is a true event condition. That means that events having this condition will be executed as soon as an error is encountered in an ACTION or CONDITION by the UHSD Object (and only when an error is encountered). It will return true when the Error Number is greater than 0, which will always be the case when an error is encountered.

Actions

Set Address of Add.cgi
This action sets the address of the add.cgi script of your UHSD. This address is used in the "Generate Full URL" expression. The address should be of the form "http://www.domain.com/folders/add.cgi".

Add a Field
This action adds the specified field with the specified initial data. The initial data will usually be "".

Set a Field
This action sets the data of the specified field.

Set Encryption Key
This action sets the key to be use when encrypting data. It should be a maximum of 56 characters. Try not to use keys shorter tha 10 characters.

Set Fields to be Encrypted
This action allows you to choose which fields to encrypt and into what field these encrypted data should be stored. If you're using security checker above these fields MUST BE "score", "secure2", and "secure" IN THAT ORDER. I would recommend setting "secure2" to Str$( Random( 2147483640 ) ). This will make your security codes very random, reducing the chances of duplicate security codes.

Expressions

Get Data from a Field
FieldData$(ObjectName, Field)
This expression returns the data stored in the specified field. If the field is supposed to store encrypted data, this expression will return the encrypted data.

Generate Query String
QueryString$(ObjectName)
This expression returns the query string for the current fields. The query string is the part of the URL after the ? that looks like "field1=data1&field2=data2". All data that should be encrypted is encrypted.

Generate Full URL
URL$(ObjectName)
This expression returns the full URL for the current fields and current add.cgi address. This is the URL you use to submit the current data to the UHSD. All data that should be encrypted is encrypted.

Get Current Error Code
ErrorCode(ObjectName)
This expression returns the current error code. This is only useful when used with an "Has an Error Occured?" condition.
Error Codes:
1) "" is not a valid field name
2) Field not found
3) Field already exists