2

I want to upload information into a MySQL in ComputerCraft in Minecraft. ComputerCraft uses Lua. I tried to look for a way in Lua. I saw LuaSQL, but that was not a possibility because I can not install external files on the server.

I figured out a way that I can use a special function of ComputerCraft.

http.get(string url) Sends a HTTP GET request to a website, synchronously. http.post(string url, string postData) Sends a HTTP POST request to a website, synchronously.

Then on the website side use $_GET to read the information to put in the MySQL database. I want to protect this so you can not simply do that without using my program, but a simple password is not really safe.

Is there another safe way to protect the link?

Ryan Stein
  • 7,930
  • 3
  • 24
  • 38
user65130
  • 51
  • 3
  • 2
    You cannot tell the difference between an HTTP request from your program and an HTTP request from an attacker; the attacker can always do whatever your program does. In general, you can never trust a client. – SLaks Jan 10 '14 at 15:40
  • 1
    I am sorry if there is any bad grammar in this post. I am not really that great in grammar – user65130 Jan 10 '14 at 15:46

1 Answers1

0

It might be possible to generate a token, and include it with the program. However, no matter what, you are facing two serious problems:

1) Anyone with access to your software can reverse engineer it, and build fake software to follow whatever clientside security you have.

2) All data is transmitted through plaintext. So, anyone who is able to read network traffic between your client and server can see the full transmission.

So, my suggestion would be to write server software that heavily restricts what queries are allowed, and only permit those queries that your client needs to be sent.

kazagistar
  • 1,537
  • 8
  • 20