Indie-Resource.com

I never really got the idea of what Halls was referring to, which I believe was putting Javascript in an include file, or something like that. Supposedly it won't be in the source view of the browser, although I have not tried it myself. I know how to view the source in the browser.

ah now I see.. again. Thanks for the explanation.

Ahhh, so that is how you see it? I figured there had to be some way, or the browser would not have it to react to.

Obfuscation is going to be the best way to prevent others from seeing your code. For example, this obfuscator is one of the best low-cost obfuscators I have seen. Here is an example of its handy work:

nice, is it a pain to implement?

Not at all. They also have a free trial you can download to check it out.

Every discussion about security like this gets me worried about the vulnerability of my applications. If all my validation and actual application logic is being handled by PHP, do I really need Obfuscation? (all of my JS is just handling effects and AJAX)

Then of course, server side, I clean and validate all form data, perform logic that checks URI data etc. I'm pretty confident that my security server-side is decent, though I know you can never be 100% secure.

So, tell me if I understand correctly: If the javascript handles any kind of data manipulation, you may be at risk? So the most secure method then is to immediately send the data rather than perform any kind of client side checks? If so, than I think I'm okay

EDIT: Also, hopefully it may deter potential threats that most of the outputted data is minified (white-space is stripped, comments removed), then gzipped, so it ends up being fairly compacted and hard to read.

Even if your code is acting as nothing more than a dumb client, it still could not hurt to obfuscate or heavily minify it. Nothing good can come from your users studying your code, even if it is nothing more than giving a slight leg-up to your competitors.

When revealing the code, you might get 3rd party websites or software which interacts with it, providing maybe a more specialised GUI, etc.

ita Stet.

Probably worth keeping in mind those muds might not have used an actual grid. You can just have entries in the database, each one has a description of the room and the database ID for each direction you can go of the next location. The player entry records at what location/id they currently are at. Rather like old pick a path adventure books don't use a grid and instead page numbers. I'd suspect age of fable works this way (and was partly inspired by pick a path).