So my app called WORDL gathered quite a few users.
It features a leaderboard where players can compete to see if they completed in record time. It was working well for a few days. But today I noticed unusual activity. A user had played over 50 times in the space of a couple of hours and was taking up virtually all of the Top25 record spots. That person might be super human…
Or perhaps:
1 Kylar is a robot that is honing it’s word skills. Quite successfully to be fair.
2 Kylar is a programmer that is able to peek at the source code on a web page and somehow glean the answers.
I can tap on each winning time to see the word and the guesses. They are perfectly legit… somehow they are entering guesses at very quick speeds.
Even I have achieved some lucky guesses and managed times under 60 seconds. And our very own @ThinhDinh recorded a brilliant 19 seconds. But that was a one off…
What do you think is going on?!
Simon.
1 Like
I honestly think it depends on where the answers are stored and how you’ve configured answer entry screen. Anyone can right click/inspect stuff! I do know that using Row Owners limits what people can see upon inspection.
Just tested out the game play! Such a cool concept!
1 Like
The main game exists in the User tab, which does indeed have row owners. Every player enters guesses which get added to their ‘user row’. The correct answer is also stored in this row. So if a user can right mouse click and inspect the page and then somehow discover the value in the ‘Answer column’ then that would be a pity! Do you think that is possible?
Definitely possible. In some cases there are ways to dig deeper into the tables. It’s a little more involved than a right click to inspect the page source, but it’s definitely there if you know where to look, since the database is duplicated on the user’s device.
3 Likes
Thanks Jeff… I didn’t realize that. Note to self regarding sensitive data in the future!
1 Like
