Hi,
I’m working on an online RPG type thing, where user stats are stored in a MySQL database. Basically I’m not sure how to allow the players to perform actions securely after they’ve logged in. I could have done it by letting the client know that the player successfully logged in, and allowing actions to be sent to the server, but my friend (who can hack games) said it’s not very secure.
The other method I thought of is to check whether the username and password entered by the player is correct every time he/she tries to perform an action, but that seems inefficient.
EDIT: I’m using Kryonet for the networking.
Any ideas?
Thanks!