How does a text broadcast automatic combat system ensure no vulnerabilities?

Currently, I want to create a pure text web game. The combat mode adopts the text broadcast mode. I have seen that someone else wrote that the combat computing was performed locally, and finally the combat results were post to the server, this vulnerability is easy to cause. If you change the result locally without stopping the post, it will be too complicated if the combat status is synchronized, is there a convenient way to solve this problem easily? I connect php and c # With a socket to perform data exchange computing. Can I use this to do it? Currently, I want to create a pure text web game. The combat mode adopts the text broadcast mode.
I have seen someone writing about it: Local combat computing, and finally post the combat results to the server. This is easy to cause a vulnerability, directly modifying the results locally without stopping the post.
If the combat status is synchronized, it will be too complicated. Is there any convenient way to prevent vulnerabilities?
I connected php and c # With a socket to perform data exchange computing. Can I use this to do this? Reply content: if the player cannot intervene in the Battle Process, the server directly calculates the entire battle process and sends the text to the client at a time to play the text slowly. What is the complexity you mean.

To use socket, You need to implement a socket-based game protocol, which saves traffic and flexible communication, and is easy for servers to actively push information. If you want to make it simple, you can directly use http short connection for communication, but it is not easy to implement the active downlink functions of some servers. I think I should be very qualified to answer this question because I am playing a game like this.
Seeing that the main author uses php, I feel more qualified.

There are two scenarios.
1. All Battles are completed on the server at one time, and the client simply broadcasts the results.
This is the simplest method. It is also my current solution. It is also a method used by most classical browser games.
The client submits a combat request and completely computes the result on the server. It sends the result to the client using json or other methods, and then parses the result using js in the browser.
Note: This method cannot completely prevent client cheating. In the most typical example, for some consumption battles (whether there is a cool-down time or the entry requires consumption of resources ), the Player opens two windows and then clicks the battle button at the same time. A dual reward may appear. This kind of bug has appeared in my games.
In addition, the problem that the front-end user crashes when I changed the data in the background and didn't refresh the cache.
In short, this method is not very difficult, and the pressure on the server is also small (because it is centralized computing ).
The disadvantage is that you cannot respond to player input, that is, you cannot control the player in the battle. It depends on whether your game requires the player to operate in the battle.

2. The battle will be carried back to the client, and then sent to the server after responding to the input from the client.
This will be difficult. In fact, the problem here is not cheating, but server load ...... As long as the load is done, there is no problem.
There are many methods. The socket you mentioned is one, but I don't understand ...... (-_-| ).
In addition, there are node. js series of http://socket.io , Lighter. After all, it involves the large and thick stuff of. net that involves C #, and node. js is lighter than. net.
Of course, if you do not choose PHP, there are more other solutions, such as pure http://asp.net Or pure java, or even modern means such as unity. Of course this is far away ......
So if I want to do this, it is estimated that I will choose the traditional js round-robin ajax method and continue to go to the server for query. It will eat a little more server resources (after all, a complete http request is required for each player operation), so we may encounter latency problems when using VPS to store it abroad. Therefore, I will probably make the game a model with no delay impact on the gaming experience.
For example, I am playing a 10 thousand card game. When I click the card, the animation plays the card effect directly (but it is still in the http request), and then the screen shows "The computer is thinking ", then play the computer's card issuing result.
Of course, there is also a way to put some simple things on the client, but in fact the content must still be uploaded to the server for computation. When it comes back, it will overwrite the client's computation results, make sure that the client data is not used from start to end. The data calculated by the client is "just to make players feel fast ".
This is actually very common. For example, if you like a large website, you can just click "like" on the client. After refreshing, the data will become real data.
If the load is really unbearable, you can consider making a part of the game into a server-free model (for example, your game settings, playing for 2 hours can earn 100 game combat power, then you can set up a two-hour expedition task. After the task is finished, you will get 100 combat power points, or you can get 3 pieces of equipment on average for 1 day's monsters, then you can set a copy. The cool-down time is 24 hours and three pieces of equipment are required ).
In general, the benefits of players are the same.
I tend to make the game a poor one (that is, I don't need to calculate the time and keep a few clicks in front of the screen ). Therefore, the server load is not that large. The vps of the 512M1 core is 0.0x for a long time, so we ran several other spare parts to use resources ......

Try again

Interest-related: RPG pure text web games, Linodas.com Producer.
(PS: a few days ago, Alibaba and the lost forest were connected. Therefore, a full-screen jump on the home page was provided to recommend this game. Do not think that the game has entered the wrong website .. Do not perform local computation. Use server-side computation and send the computation to the client.