What does this mean for me? You will always be able to play your favorite games on Kongregate. However, certain site features may suddenly stop working and leave you with a severely degraded experience.
What should I do? We strongly urge all our users to upgrade to modern browsers for a better experience and improved security.
We suggest you install the latest version of one of these browsers:
Greeting to all :)
I’m developing a simple hangman game, just for learnig AS3, Kongregate API, and other technologies. But I have one big problem. My game use words and hints from MySQL which is hosted on my shared hosting. I send ID from Flash to PHP, PHP script call from MySQL DB questions with that ID, and send back to Flash. It’s all working from my local computer and on Kongregate, but only when I call game from iFrame. When I try to upload .swf file direct on Kongregate service, it’s simple don’t connect with database. Why?
This is part of a code for connecting to PHP and MySQL and for dealing with result.
public var urlLoader:URLLoader;
public var urlVariables:URLVariables = new URLVariables();
public var url:String = "www.link.do/phpSkripte.php";
public var urlRequest:URLRequest = new URLRequest(url);
public var variables:URLVariables;
public function WordList()
rnd = randomNumber(1, 5);
trace("random number: " + rnd);
urlVariables.id = rnd;
urlRequest.method = URLRequestMethod.POST;
urlRequest.data = urlVariables;
urlLoader = new URLLoader();
urlLoader.dataFormat = URLLoaderDataFormat.VARIABLES;
public function onCompleteHandler(e:Event):void
variables = new URLVariables(e.target.data);
Word = variables.question;
Hint = variables.hint;
catText = variables.category;
CurrentWord = Word;
CurrentHint = Hint;
CurrentCategory = catText;
My English is not very good, but I hope that you will understand me, and help me with this (for me HUGE) problem. I want to notice that I’m new in AS3&Flash world.
You need to look into `crossdomain.xml`, a file that flash player loads to make sure the content it is loading hasn’t been restricted by the content’s host.
For example, I have a game which submits scores to a PHP script I have located at [http://profusiongames.com/games/miniQuestTrials/scores.php](http://profusiongames.com/games/miniQuestTrials/scores.php). In order to let Flash ‘talk’ to my script, I need to upload a crossdomain.xml file (mine is located here: [http://profusiongames.com/games/miniQuestTrials/crossdomain.xml](http://profusiongames.com/games/miniQuestTrials/crossdomain.xml)) that says “Sure, flash can do stuff with your script”.
A good generic crossdomain.xml file looks like this (or just grab it from mine, they are the same)
<!DOCTYPE cross-domain-policy SYSTEM
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*"/>
This will let your game ‘talk’ with your script from any website (the \* lets any website). You should upload the `crossdomain.xml` file in the same directory as your PHP script, unless you have more content that you want it to access.
> *Originally posted by **[v0idmp3](/forums/4/topics/295423?page=1#posts-6311434):***
> So, if I understand you, I only need to upload that crossdomain.xml in folder where is my PHP script, and everything should be fine, right?
Actually, it needs to be on the domain root. Eg. `http://www.mydomain.com/crossdomain.xml` not `http://www.mydomain.com/projects/crossdomain.xml`
> *Originally posted by **[Draco18s](/forums/4/topics/295423?page=1#posts-6311486):***
> > *Originally posted by **[v0idmp3](/forums/4/topics/295423?page=1#posts-6311434):***
> > So, if I understand you, I only need to upload that crossdomain.xml in folder where is my PHP script, and everything should be fine, right?
> Actually, it needs to be on the domain root. Eg. `<a href="http://www.mydomain.com/crossdomain.xml" rel="nofollow">http://www.mydomain.com/crossdomain.xml</a>` not `<a href="http://www.mydomain.com/projects/crossdomain.xml" rel="nofollow">http://www.mydomain.com/projects/crossdomain.xml</a>`
Not entirely correct, I believe. I think `Security.loadPolicyFile()` can override that. My [root crossdomain.xml](http://profusiongames.com/crossdomain.xml) doesn’t contain anything relating to my scores.php and I use `Security.loadPolicyFile();`
> *Originally posted by **[UnknownGuardian](/forums/4/topics/295423?page=1#posts-6311512):***
> Not entirely correct, I believe. I think `Security.loadPolicyFile()` can override that. My [root crossdomain.xml](http://profusiongames.com/crossdomain.xml) doesn’t contain anything relating to my scores.php and I use `Security.loadPolicyFile();`
Ah, I found what I needed,
> Cross-domain policy files in specific directories indicate that the policy applies only to the contents of that virtual directory and below. For many environments, a single virtual directory that includes all public methods may be the most appropriate architecture. It is important to note that any cross-domain policy files that are not on the root level of the domain must be explicitly loaded by the Flash movie.
At the time the change went into place, the source for my game had become corrupt, so I was unable to do the recompile necessary to comply with the change:
> Impacted customers should arrange for a policy file to be added or updated to include the new header policy tags on the site to which the headers are being sent. Additionally, if the crossdomain.xml policy file is in a non-default location—a directory other than the server’s document root—customers may need to add an ActionScript call to loadPolicyFile and republish the affected SWFs.
And I did not have access to the domain root.