Accessing the server DB via Web?

[cthulchu]

Is it even possible? I mean, it would make a lot more sense to have people create accounts on the web, joining their game, forum and wiki accounts into one.

In that way the developers would have a lot more freedom. Like it wouldn't be hard to do an email password recovery for characters. We would stop forgetting the character names cuz they all would be there in our centralized account. Moreover, we would see their levels and other interesting info. We could also nullify character position, teleporting it to Hub, let's say.

I'm actually saying it because I saw it implemented in one russian Allods2/RoM2 hat. They made it possible to not only do the registration via the site, but also all the management. Like I can transfer items from a character to a virtual web storage and then to a different character without even logging into the game. They also made an auction there, right in web.

I also tested the whole system with the Burp Suite, finding all the possible fields and then trying to abuse them with thousands of payloads and, to my surprise, it withstood the attacks, so the system was very secure. Although probably took them years of web-development.

We might start from something very simple like linking your game accounts to your profile on the site just to see all your character names in one place. Then slowly we could add features to that, including password recovery, position reset feature, etc.

I just haven't explored if the sdk has api to work with it's DB. Or how easy it is to work with that db directly, cuz as I know, it's not SQL. And if it's not SQL, it's pain to parse.

[Wipe]

And if it's not SQL, it's pain to parse.

It's not

FOnline uses single binary blob file for a worldsave (.fo), and separate files for each character (.client and .client_deleted). There's no SQL db anymore since ~2008, and there's no way to create new player character from scripts/dlls. Now, when Reloaded settled on one revision and does not plan to move, some hack could be deployed to expose that stuff, but that's just a part of the problem.

When starting, server goes thru all .client files (that's why longer session more alts = longer restarts time) and caches each character id, name, and password hash (newly created characters are appended, of course). That data, again, is not available to scripts/dlls, so that would need separate hack to allow runtime changes (for password recovery to work without need to restart server every time someone gets hit in memory).

That's minimal list of required changes, but knowing FOnline, it would need much more to reach 'alpha' status - especially client cache edits; that thing is too sensitive to go public without extensive testing. Now adding MediaWiki and SMF integration into that... and own layer which ties it all together... oh boy, that surely could be "fun" to code, but i doubt Reloaded team would jump on that. Too many points where something might fail. That said, merging SFM and MediaWiki only sounds like something what can be actually achieved, as these two platforms are widely used and there's a chance someone did such thing already.

It's waaay easier when it comes to (more or less passively) exposing server's pure data, that way or another. VTDB (Reloaded/2238), redirecting +requesthelp/log parts to IRC (2238), factions control status (AoP), and many others used internally. You just picked a wrong thing