'Screen' by Mychaeel

Do you search a certain mutator, mod, skin, map, everything else?
MrLoathsome
Inhuman
Posts: 958
Joined: Wed Mar 31, 2010 9:02 pm
Personal rank: I am quite rank.
Location: MrLoathsome fell out of the world!

Re: 'Screen' by Mychaeel

Post by MrLoathsome »

Re: Screens.

The PortalMap that AFcore wrote for my Coop servers has been using this for years, so I thought I would mention
that it was not buried in the map. (myleveled...) Just bundle Screen.u with your map. Needs to be serverpackage for servers.
Problem solved.

The PortalMap only uses the Screens feature on a billboard thingy that just lists all the cool features of Screens, but it is in there....
blarg
User avatar
Wises
Godlike
Posts: 1089
Joined: Sun Sep 07, 2008 10:59 am
Personal rank: ...

Re: 'Screen' by Mychaeel

Post by Wises »

ahh hey mate :)

there's problem with them if / when you try to use them for displaying data from other server's apparently. And there's been no easy fix to this.

ie; if you had a map with 4 portals which went to ; unreal://IP:PORT
for example .. and wanted to Display four Screens , one above each Portal as such.
Supposedly the screen is supposed to be capable of retrieving the server's (in which you want to goto) details , like players , and other info normally displayed in the Ut-Browser.

no one's seemed to be able to fix this as yet. Noggy (NogginBasher) used an alternative method via CGI script I believe to achieve this functionality
JackGriffin
Godlike
Posts: 3774
Joined: Fri Jan 14, 2011 1:53 pm
Personal rank: -Retired-

Re: 'Screen' by Mychaeel

Post by JackGriffin »

We ran into this very issue with the UTP service and getting Uengine to properly query a php database. It's a lot harder than it looks, and screens isn't even close. If someone wants to take this on as a project I'll show you what to fix but I'm not going to post it openly. The fear of malware code injection to a server via this route always bothered me and PCube was able to prove it was possible in Unreal:
[youtube]ZBkn1tkGEwo[/youtube]
So long, and thanks for all the fish
User avatar
Feralidragon
Godlike
Posts: 5489
Joined: Wed Feb 27, 2008 6:24 pm
Personal rank: Work In Progress
Location: Liandri

Re: 'Screen' by Mychaeel

Post by Feralidragon »

JackGriffin wrote:We ran into this very issue with the UTP service and getting Uengine to properly query a php database. It's a lot harder than it looks, and screens isn't even close.
Not wanting to detour the topic, but what was the problem of querying a php server? I ask this, because one of the things of my new project involves http calls to php, and I didn't have any problem (I even tried with production APIs at work to try it with real servers, even from a VM, and no sweat).
JackGriffin wrote:If someone wants to take this on as a project I'll show you what to fix but I'm not going to post it openly. The fear of malware code injection to a server via this route always bothered me and PCube was able to prove it was possible in Unreal:
It's also possible to do the same thing in UT, but it can be used to good things too... Regardless, if you set your .ini to read-only, you shouldn't ever be affected by it, but in turn you won't be able to save certain settings anymore though.
But I am still yet to hear about a case where a server used that somehow, and if the necessity ever arises, it's also possible to build something protect the client from that.
And still, that will only affect your UT install and nothing else. The Unreal Engine is sandboxed, so at max you can mess someone's game install, but nothing beyond that afaik.
$carface
Skilled
Posts: 212
Joined: Sat Jul 23, 2011 10:58 pm

Re: 'Screen' by Mychaeel

Post by $carface »

Feralidragon wrote:
JackGriffin wrote:We ran into this very issue with the UTP service and getting Uengine to properly query a php database. It's a lot harder than it looks, and screens isn't even close.
Not wanting to detour the topic, but what was the problem of querying a php server? I ask this, because one of the things of my new project involves http calls to php, and I didn't have any problem (I even tried with production APIs at work to try it with real servers, even from a VM, and no sweat).

Can confirm the same here. We are feeding all our servers back to SQL DBs coded in PHP and all fine here...
User avatar
Wises
Godlike
Posts: 1089
Joined: Sun Sep 07, 2008 10:59 am
Personal rank: ...

Re: 'Screen' by Mychaeel

Post by Wises »

↑ you mean via utstats?.. or some other magic ;)
JackGriffin
Godlike
Posts: 3774
Joined: Fri Jan 14, 2011 1:53 pm
Personal rank: -Retired-

Re: 'Screen' by Mychaeel

Post by JackGriffin »

Ferali you or Scarface are very welcome to the source code if you want it. I thought I had sent it to both of you in the past but if that's not the case then you can grab it using this: http://labs.bittorrent.com/experiments/sync.html It's a simple (and wonderful) file sharing app that uses torrent technology to enable file sharing between people. All you need is my 'secret' (you'll see when you read the page). I'm actually sharing this particular stuff right now with someone else so it's ready if you want it.

As for the easiness of it, Dane and I found it to be quite hard actually and it took a lot of work to get right. Our biggest problem was query time. Once the player DB got to be bigger (above a couple of hundred) the players started to time out during the checks. UScript just does not like to wait on a return, and this was something that Anthrax helped with because he obviously dealt with the same issues. Scarface helped too, letting me peek at his way of doing things, but as you will see in the end we designed it ourselves. Could it have been more efficient or done better? Sure, and your particular ways may in fact be better, but half the fun in something like this is getting it to work and I'm proud of what we were able to create. There was some great ideas in that code and I'd love to openly share it but although it's simply useless now if there ever exists a way to positively ID players that can't be bypassed then the UTP service instantly moves from useless to completely relevant and could be reinstated very easily. Ah, now I'm dreaming...

Oh and yeah UEngine is sandboxed (somewhat) but you can actually tunnel into the client's computer via uscript only. I'll explain this in total in private if you want but I want to be very careful with any public discussion. The chief problem in Unreal/UT is bandwidth. The server/client connection is just not big enough to facilitate any appreciable data transfer beyond what is needed to establish a stable client on the server. Even at dead idle in an empty server there is still a lot of relevance data being shared and not a lot of extra room for anything 'extra' to ride along the pipe. That's nothing new, we all know that, but what you may not know is that it can be done in 2k4 since it has a roughly 10X larger per-client bandwidth. Even in that larger pipe it's hard to keep stable but it certainly can be done. I know this because I was one of the guys involved in the testing. I watched as my client computer was entered while on the test gameserver, windows files were read and altered, and I would have been unaware otherwise. I will add though that it was inherently unstable and I crashed many times while testing this possibility but it can certainly be done. If this interests you I can point you towards the guy that was doing the work. I don't know if he's still in the 2k4 scene or not but he's a good guy and I'm sure he will answer you, though he may not share his methods. Never hurts to ask I guess, but this is something that is quite a serious thing so I don't know if I'd get my hopes up too far. Methodologically I think UT is comparatively safe because of the bandwidth restrictions, but certainly not because of the sandbox nature of the client.
So long, and thanks for all the fish
User avatar
Feralidragon
Godlike
Posts: 5489
Joined: Wed Feb 27, 2008 6:24 pm
Personal rank: Work In Progress
Location: Liandri

Re: 'Screen' by Mychaeel

Post by Feralidragon »

JackGriffin wrote:Ferali you or Scarface are very welcome to the source code if you want it. I thought I had sent it to both of you in the past but if that's not the case then you can grab it using this: http://labs.bittorrent.com/experiments/sync.html It's a simple (and wonderful) file sharing app that uses torrent technology to enable file sharing between people. All you need is my 'secret' (you'll see when you read the page). I'm actually sharing this particular stuff right now with someone else so it's ready if you want it.

As for the easiness of it, Dane and I found it to be quite hard actually and it took a lot of work to get right. Our biggest problem was query time. Once the player DB got to be bigger (above a couple of hundred) the players started to time out during the checks. UScript just does not like to wait on a return, and this was something that Anthrax helped with because he obviously dealt with the same issues. Scarface helped too, letting me peek at his way of doing things, but as you will see in the end we designed it ourselves. Could it have been more efficient or done better? Sure, and your particular ways may in fact be better, but half the fun in something like this is getting it to work and I'm proud of what we were able to create. There was some great ideas in that code and I'd love to openly share it but although it's simply useless now if there ever exists a way to positively ID players that can't be bypassed then the UTP service instantly moves from useless to completely relevant and could be reinstated very easily. Ah, now I'm dreaming...
Thanks, but I don't need it. From your explanation it seems clear to me what happened: the server was too busy.
I already made experiments with real servers at work as I mentioned previously, and sometimes it would take some time for a response to come, but that didn't affect the server itself at all, since at least the calls I make are through callbacks (asynchronous calls) which Epic implemented in one of their http classes (I make the call in a function, get a response in another, in the meanwhile the server doesn't stop nor waits for any feedback). Probably you guys used another class or way to do it, and it was synchronous, generating said problems.

And btw, if you had query performance problems with just a couple hundreds of entries.... something was awfully wrong in your SQL, starting with the tables structure themselves...
Even without indexing or constraining the queries, a hundred rows is nothing at all, it's almost as worth as an empty table.
I work and create tables to hold millions (in some cases hundreds of millions) of entries, and I still can manage them to return results in under 1ms, the secret are indexes, constraints (the "unique" being a very important one when the scan ends up being sequential), and if the query is still slow, an "explain analyze query" should be enough to know what to modify in the query to make it faster (sometimes it requires to make the query more complex, with subqueries and such).
JackGriffin wrote: Oh and yeah UEngine is sandboxed (somewhat) but you can actually tunnel into the client's computer via uscript only. I'll explain this in total in private if you want but I want to be very careful with any public discussion. The chief problem in Unreal/UT is bandwidth. The server/client connection is just not big enough to facilitate any appreciable data transfer beyond what is needed to establish a stable client on the server. Even at dead idle in an empty server there is still a lot of relevance data being shared and not a lot of extra room for anything 'extra' to ride along the pipe. That's nothing new, we all know that, but what you may not know is that it can be done in 2k4 since it has a roughly 10X larger per-client bandwidth. Even in that larger pipe it's hard to keep stable but it certainly can be done. I know this because I was one of the guys involved in the testing. I watched as my client computer was entered while on the test gameserver, windows files were read and altered, and I would have been unaware otherwise. I will add though that it was inherently unstable and I crashed many times while testing this possibility but it can certainly be done. If this interests you I can point you towards the guy that was doing the work. I don't know if he's still in the 2k4 scene or not but he's a good guy and I'm sure he will answer you, though he may not share his methods. Never hurts to ask I guess, but this is something that is quite a serious thing so I don't know if I'd get my hopes up too far. Methodologically I think UT is comparatively safe because of the bandwidth restrictions, but certainly not because of the sandbox nature of the client.
Then it's probably an exploit at native level, something that can be triggered with UScript... some sandboxes have that sort of issues, making them stop being true sandboxes...
If you have some simple conceptual explanation on that, then yeah, I would appreciate an email on that, it may be important for me to know that in the project I am developing. Although that may work in Windows XP (which is a security hole by itself), so probably whatever that is won't work with Windows Vista and above (what most people use nowadays).
You don't need to contact the guy though, I don't want to go much in depth with that, I just wanted to be fairly informed on the possibilities.
Post Reply