Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 1 year ago.
Improve this question
For all those who are not familiar with ren'py: It's basically python with some modifications. Since the project is coded in python, which can easily be edited by anyone it is not a good idea to include a license validation in the python files.
An executable starts the game, so I thought about wrapping it with a license validation in an .exe (but I honestly don't know how I can take an executable, put some code around and have one executable including the actual one). Maybe there is another way, which is safer than the one I named, suggestions?
You don't. Ren'Py only features basic encryption to prevent players from accidentally deleting/modifying files.
As security, game encryption isn't a fight worth picking. You have to decrypt the files to run them and that will always be a weak point to exploit. Anything you put on top is just delaying whoever wants in. You can write your game in binary and it will do exactly squat to someone who really wants to take it apart.
Ren'Py is designed to be mod friendly. Nothing you do will stop someone from dropping a rpyc file into the game directory and hooking into the game. Even if you modify the engine to only read specific files, you won't stop someone who can just insert the functionality back in. All you're really doing is making it more difficult to preserve the game after you're dead.
Nintendo can't stop people from extracting assets from their games. You don't stand a chance. You should hope to be so lucky as to have people interested enough in your game to want to mess around with the assets and code.
If you're talking about a license players need or some sort of login mechanism, you need to implement an online server to validate the credentials they input. There is no secure front-end way to validate credentials.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 years ago.
Improve this question
In my context the systems have a stage. A system can be a production system, a system for quality assurance or a development system.
I know that conditions based on the stage should be avoided and in tests mocking should be used to change things. For example third party systems are not available during unittesting and mocking should be used to fake the existence of third party systems.
But sometimes I have conditions like this:
if settings.STAGE == constants.STAGE_DEV:
....
Up to now constants is from our legacy library.
I would like to use as much open source solutions as possible and avoid coding fundamental things ourselves.
Is there a better way than using above homegrown solution?
Martijn Pieters said:
That's because there is no one-size-fits-all configuration solution either. And there never will be.
This makes me feel sad. I still have the hope that there will be a "lowest common denominator" in the future.
I would argue you should consider changing track a bit. While the concept of an environment (I usually call this ENV by the way) is common and useful in deployment scripts, start scripts, Dockerfiles and whatnot, having them in the application code is bound to cause trouble.
A better solution is to have your start script know about the environments and configure (or toggle) specific features.
E.g.,
if settings.smtp_configured:
send_email()
Then in your start script, toggle the features. Sometimes it may be useful to perform this logic in a settings.py file, but I prefer not, since I would then have to modify it every time an environment changes. It all depends on how your application gets deployed.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 years ago.
Improve this question
I am a python beginner and I am a little experienced in OO-programming in Java and PHP and also fucntional programming in R . Thus, my question is considering the general usage of python scripts in everyday use-cases.
I want to "learn" how to think/approach a problem that I do experience when facing a situation with my software where a "script" could help me out or improve something.
For instance, I've heard friends talking about their self-made python scripts to evenly mute the audio of movies to avoid loud outliers in explosive scenes, etc. Another example, in my case righ tnow, is to filter out certain pictures with no GPS-time meta information for the timezone in order to sort these fotos in accordance with the others.
I really want to get the essence and recipe based on the aforementioned examples to better integrate Python in my everyday life and get an intuitive feeling for it. (i.e. how would a simple script look like that takes a picture, filters out its meta data, and does something -> where do I have to run the script so I can call the function with these .JPG files as its arguments?).
I would also be glad if some of you could recommend some practical tutorials or literature.
Thank you in advance :)
P.S. I know it is not a concrete question but rather it is intended to get a glimpse on a wide field of usage and thinking - but I want to get this essential take away that motivates me and shows me the direction.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 years ago.
Improve this question
I am interested in creating a multiplayer browser-based game for academic research, but am mainly competent in Python (with experience in PyGame).
I am aware of PyJS (http://pyjs.org/), but am not sure if that can handle asynchronous, multiplayer collaboration.
Is this doable in Python?
Pygame will be of no use to you here. You could probably do it (sockets won't be very useful to you either) I don't suggest it though.
If you learned JavaScript you would find your task much easier. Creating a game would require a canvas and that is JavaScript's specialty, even the web-frameworks such as Flask and Django don't inplament them, so eventually you will probably find yourself writing a lot of JavaScript anyway, games are very complex sooner or later your will find some hitch that will not be inplamented and will be forced into writing JS anyway.
Then you would probably need logins or a way to save scores. This is where Python can be useful, you could send all the information to be processed server-side in Python. This has been done before and is reasonably easy.
If you are talking about a 3d game don't, you will need some form of 3d engine such as three.js, those will be coded in JS (you will find all online engines are inplamented in either JS or Jquery) and those will cause endless headaches if you try to use one of those in Python.
If you want to develop an online in-browser game you will need to know some JavaScript knowledge at some point or another, Python is excellent server-side and good client-side as well, however games are extremely complex at the best of times with graphics and all. It is not like a web-page, this is an enormous task to undertake (even armed with all the web-development languages -HTML/CSS/JS/Jquery/AJAX/SQL/AngularJS this is an enormous undertaking), and using Python just makes you task much much more difficult, you will go though a lot of hassle and in the end, if you ever do survive it, it would probably have been easier to learn JS and use that.
Server-side, yes go for Python, if it is client side you need JavaScript.
If you still decide to do this start with a simple 2d single player game like flappy bird or tetris and then progress to something harder.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 5 years ago.
Improve this question
I'm not sure how to title this. Heck, this isn't even a python issue because the code is working properly. Let me explain, this might take a while.
So, I've been working in a discord bot that runs code. Probably one the worst ideas I had, but I love the potential that it could have (and the wacky outcomes of people trying to break it), and this is what I ended up with.
I know that it's not pretty, but it's mine and I'm quite proud of it. It works and everything! And while I'd love to get people to tell me how the code could be improved and how much does my code sucks, that's not exactly the problem I have.
So, this bot lets everyone run any code they want. ANYTHING. And I don't even worry about it. I'm going to be running it in a raspberry Pi that I zeroed several times, then installed docker on it. I don't really care about what could people do to it since there won't be any sensitive data. Well, almost. Here's the problem.
So, the last line in my code is this.
bot_client.run(token)
That token is the API bot key from discord. I don't really want anyone to be able to know it, since they could get their own bots in a server using it. But anyone could write a piece of code that reads the file. I'm quite lost. I'm not sure how could I protect that API key. I've tried a few things, most of them related to unix permissions and users/groups, but none of them worked because the files that the bot create will inherit the same user, so I can't put them in different users and call it a day.
Any idea about how could I do this? Just to be clear, this is what I want to avoid.
Well this is a general application design issue. Currently you have a main script that creates new python processes to execute the code, and by default the subprocess has full access to your disk thus to your sources.
IMHO, you should manage at the OS level a way so that the Python interpreter started in the subprocess has no access to the folders of the application source. But that will only come at a cost, because you will have to setup 2 different security roles and a communication channel between them.
The first idea that come to mind would be an auxilliary daemon process running under a different user having no access at all on the source folder of the application. That daemon would have to start the child Python scripts. You could use a (unix domain) socket or any other IPC channel to pass the text in one side and the input/error in other side.
I'm sorry that it is just a hint, but I now realize that you question leads to a rather broad problem.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
I'm writing some system which uses a lot of rules. It's time for me to organize them and make them efficient. Main requirements are - business friendly, easy to understand, easy to find, easy to maintain, testable.
This question is not about how to create rule engine. I'm not writing one. My goal is to find way to maintain lot of rules in one place. and make it easy. I need some expertise advice how to do so, what approach to take. Below are examples what I did already to show that I'm working on this task and not simply ask somebody to do my job.
So far I have 3 approaches:
1) Array typed:
item=context.GetNextItem()
if ['banana','apple','orange'].Contains(item): EatRaw(item)
if ['banana','apple','potato'].Contains(item): BakeAndEat(item)
if ['meat','egg','potato','fish'].Contains(item): FryAndEat(item)
if ['pasta','egg','potato'].Contains(item): BoilAndEat(item)
2) Separated file for each item:
item=context.GetNextItem()
execfile(str(item)+'.py')
#banana.py:
EatRaw(item)
BakeAndEat(item)
#potato.py:
BakeAndEat(item)
FryAndEat(item)
BoilAndEat(item)
3) Database stored:
item=context.GetNextItem()
SQL = "SELECT rule FROM rules where item='"+str(item)+"';"
for row in cursor.execute(SQL):
eval( row.rule+"(str("+item+"))" )
Table RULES
banana,EatRaw
banana,BakeAndEat
potato,BakeAndEat
potato,FryAndEat
potato,BoilAndEat
3.a) Data in file
File RULES.txt
banana,EatRaw
banana,BakeAndEat
potato,BakeAndEat
potato,FryAndEat
potato,BoilAndEat
This file could be considered as a UI.
Each approach has it's own cons and pros but, to be honest, I'm not satisfied with any. Files grow, became bulky, hard to search, maintain and understand. Any other approach or suggestion is welcome.
Lets zoom in on this statement:
Main requirements are - business friendly, easy to understand
However, your approaches so far are easy for programmers to understand, but not particularly easy for business users to understand.
You are approaching this problem from the wrong direction, you are starting with the "which datastructure is good for ergonomics", rather than "How business will users view or modify the 'rules'"
Start with a good few rounds of UI design. Once you've got those, put it in front of potential users (if you have any), then the implementation will follow naturally, whichever closely models or supports the way the resulting UI works and is used.
edit:
a "ui" need not be a fancy single page javascript application, it can be a text file on a particular network share that gets read every day by a cron job, that's still a "user interface". Design that in a way that is compatible with both the business users needs and the available budget.