Stop Manipulation JS timer Client side - javascript

I am developing an quiz application which requires to calculate the exact time taken by user to give an answer for an question.
I can not implement timer for that on server side because of latency issues which may arise because for different users and their different network/service provider.
If I implement timer at client side , there are highly chances that user can edit and manipulate the time.
is there a way to create a secure timer at client side that user can not manipulate.

you can manage this storing a timestamp at the backend side when the user starts the quiz, then, with this timestamp, you can implement a client side timer, once the user finishes the quiz, the client sends an event to the backend and a "finish" timestamp is generated, so you can know how much time does the user took to answer the questionnaire by subtracting both timestamps.

Related

Architecture: Javascript event tracking in browser

I want to make a custom tracking system for web events. I have looked into multiple per-excsiting systems, but I want something terribly simple - yet very accurate.
I want to be able to track the following:
Page view even
Time on that page
or:
Video started playing event
Time of video watched
My first initial thought was to do a simple javascript reporting back to the server, but what happens if the user closes the window? How do I know they stopped viewing? And how can I get accurate measurements down to 1/10th of a second? So I thought of a websocket solution, as it know when a user has discounted. I ended up with Socket.io, but I want to make sure there is no better or smarter way to achieve this?
How would you approach his challenge? What is the smartest way to engineer this?
A Websocket connection which reports back to the server frequently was my first thought as well, but if you send 10 messages every second, even that might be too much for a websocket, especially when connectivity isn't top-notch.
Since the server doesn't require the information absolutely immediately, consider batching requests instead - save/update the information into Local Storage every 0.1 seconds, but don't send it to the server then - instead, every 30 or 60 seconds, or on pageload, take the current data in Local Storage and send it to the server, and clear Local Storage so that the next request a minute from now doesn't send duplicate data.

Java script date object

Does the date object get the values from the operating system locally ? what if someone changes his time value , in my project I need to implement a system for reserving food, in my case the user can't make request for food before 10 am , but what if one of the users change his current time ?
I think that the best choice is to get time value form backed side.
any suggestions ?
Everything you do in javascript is client side, it's executed in the browser of the user, so your date object will be created depending on the client's browser.
Moreover, all the validation about the time has to be server side to prevent any kind of alteration. You have to perform ajax requests and make sure on your server that the client is allowed to buy food.

JavaScript countdown sync with servertime

I need to develop a countdown, which synchronizes with the time on the server.
The job is pretty easy, I have a Form divided in 3 steps, the first step need to be filled and posted in 2 minutes, the last step in two hours.
I have to show the user the countdown but I also need to do this job on the server because we can't rely on the user's local time, we need to secure this countdown with the server time to prevent user's tricks. (we are on iis with asp.net webforms)
I also can't use a database to store time's information, I need to do this with session/cache variables (PM Orders)
any suggestions?
You can send your server time to client and get a difference in client time and server time and save this time difference, and also save the starting time stamp of timer.
You can verify this timer accuracy latter by hitting the server for server time and calculate new difference between client and server time, if it find any discrepancy, correct the timer.

Auction site Timed out event

I am creating an auction site in which the auction has a particular end date/time.
I have a javascript timer displaying the remaining time to the user and when this countsdown it fires and event to update the back end mongodb database to say the auction has completed and it informs the winning user and fires a CLOSE function.
How would you recommend doing this for auctions that aren't physically open in a browser at the time so the Timer event never creates this CLOSE event.
I wouldn't recommend this approach at all. Once I was working on a website and I needed to implement auctions. The project was in php so I wrote a php script which checks all auction rows in the database and looks for those with the timeEnd >= current time and sets their status to closed(The auctions table had int column for the status).
Then I set that php script to run as a cron job once every hour. So now the server automatically runs this server side script every hours and checks for out-dated auctions. The interval depends on the business logic of the app. For this project the auctions could only end or start to the beginning of every hour. This approach is far better than using javascript code that triggers the server script. One reason is that you can't trust client side code. Hackers could potentially get access to that javascript file and easily modify it. You should never let your server code depend on your client side code.
However, note that my approach is not the most ideal because depending on how much auctions your db have, the server script will still need time to process it and might take from a few seconds to couple of minutes to execute it.
For example if you have some auction that ends at 10:00:00 and the server script start executing at 10:00:00 and it takes 40 seconds to execute, the users could potentially find a way to place bid on those auctions in the interval of that 40 seconds. Your client side code should only take care for resetting the interface right at 10:00:00 so that users are not able to place bids. However, you should also make sure that the server-side code that handles your POST requests for placing bids, should also check if the auction end time is in the past before proceeding. If it only checks the status of the auction (opened or closed) it might get auctions that are ended with their status set to opened. The reason is that the cron job might still be processing the auctions and changing their status.
Another similar approach is to create service that runs on operative system level (probably c or c++ app) that would run constantly in the background and do the checks.
The good thing with the first approach is that most of the hosting companies already offer setting up cron jobs. One example is Bluehost.
For setting up windows based "cron jobs" read additional info on this post
I hope this makes it more clear to you how to handle the auctions.

Using node.js and socket.io to broadcast every second

I am currently working on an auction script using node.js and socket.io.
The site will have 500-1000 logged in users viewing a single page during the auction. Only one item will be on sale at any one time, similar to a real auction held in an auction house.
I will be broadcasting a countdown timer to all of the signed in users from the server to the client. On the server side I will be using setInterval() of 1 second to countdown to the auction end time. Apart from this the only other message being sent across will be the current bid being passed from a single client to the server then broadcast to all.
Will this be a reliable way to do this? And will it be able to handle the usage on the server?
If not is there a way which would be better?
Thanks Shane
For timer value, keep updating your local timer per second on server side itself. Whenever any user comes in, give him this value and also total value of timer. Then client will start their own timers locally as per comment by dandavis, but keep some interval like 15 or 10 seconds on server side on which server will broadcast the current timer value so that client will sync accordingly.
In short, server will broadcast every after 10(n:you decide) seconds but it will be updating timer variable per second locally. Whenever client comes in, it will get total timer value and current timer value.
Rest functionality of broadcasting the current bid can be done in normal way.

Categories