CelebrityOn.comroad to become a web celebrity

Few months ago I had a strange problem in my arcade gaming website Arcadevine. One day I was browsing my High Score Games website and accidentally found that the game play count of one game was suddenly increased by thousands in a matter of few seconds. I was very surprised because there was no traffic surge at that particular game page. I checked my server logs and found that my website received very little traffic at that time. I could not explain the problem and thought that probably the script has a bug. Arcadevine was build using PHP-Quick-Arcade script and I asked Jcink who was the creator of the script. He also has no clue of the problem. Anyway, I forgot about the incident until I saw the reoccurrence of the same problem again in a different game. I was confirmed that there must be some problem with the script. I checked all the codes over and over, but could not find a solution and lost hope to fix this strange problem.

Few days later I added a new feature to my gaming website Arcadevine – experience points and level rank system. Basically you will earn experience points by doing various things and your level will go up upon accumulation of experience points. If you play a game once you will earn 1 experience point and the more you play the more you collect experience points. So, if you play a game 5 times you will get 5 experience points, and so on. Our members appreciated the experience points system very much and it was a success. Then one fine morning while browsing Arcadevine I found a particular member with 1000+ game plays and nearly same amount of experience points. His game play counts were nearly zero the previous day, and playing games thousand times in one day seems unreal. Also, average experience points earned for 1000 game plays were between 3000-4000 for most of our members, because you can earn more experience points by doing other things like submitting scores, rating/reviewing games, etc. That particular member has almost similar number of game play counts and experience points which is about 1000. It seems that he played games 1000 times in one day without doing anything else, which was very unreal. So, I asked that member by private messaging (Arcadevine has private messaging enabled – another feature our member loves) about the problem, and he replied that his computer hanged while playing a game and he has to restart his computer again to fix the problem. When he restarted his computer found that his game play counts and experience points increased by 1000 points. It seems that the game page was refreshed by 1000 times in a matter of few seconds. I was skeptical, so I asked Jcink about it and he was also not sure. I searched the problem over the internet, but could not find anything. I was not sure if the member was actually refreshing the page by himself or it was a computer glitch. Then one day I got a private message from another member who was the friend of the previous member I talked about. He told me that the previous member actually refreshing the game pages to increase his experience points and then he made up the story about computer glitch which he told me earlier.

So, now that I found the source of the problem, I need to fix it quickly before someone else exploits it again. Anyone can easily refresh a game page by continuously clicking on the refresh button or use a program to refresh a page continuously to inflate the game play counter falsely. If you have a points or experience system like Arcadevine to rank your players/members this is a serious problem and need to be addressed soon. Even if you do not have points system you should stop others to artificially inflate the game play counter in any game. As almost all of the arcade scripts works similarly in this particular case, this problem is not limited to PHP-Quick-Arcade but virtually every arcade script has this problem. So now that I have to fix it, I worked on the script and found a simple solution.

In ‘Arcade.php’ file find the code below:

753

run_query("UPDATE phpqa_games SET `times_played`=".++$g[8]." WHERE gameid='$play'");

Replace with above code with the code below:

753
754
755

if ($_SESSION['total_play'] < (time() - 10)) {
$_SESSION['total_play'] = time();
run_query("UPDATE phpqa_games SET `times_played`=".++$g[8]." WHERE gameid='$play'"); }

It is a simple timeout fix, and according to the fix if someone refreshes a game page within 10 seconds the counter would not increase by 1. You can change the value ‘10′ to your need. The solution is a very simple one and it fixed my problem. Now it is difficult to exploit the experience system installed in my arcade website by continually refreshing a game page. It is probably a non-essential fix for those websites which does not use a points system, but still I think everybody should install this fix. You should not allow any spammer to artificially increase the game play counter by continuously clicking the refresh button, similarly what was happened in my High Score Games website even before I added the experience points system. I hope you will enjoy my solution to this problem! That’s it for today guys, have fun!