an adaption of the secret of mana series requires a realtime action combat system that requires the player to position his character and initiate an attack when an enemy is in the attack zone.
unfortunately most mmorpgs abstain from such an approach because the unreliable connection over the internet makes it difficult to implement such a system and keep it playable under circumstances like high latency and packet loss.
these are my thoughts how it could be implemented anyway.
1. the server keeps a journal of the movement of every being
2. the netcode measures the latency of every client constantly (one posibility to do so would be to give each package in both directions a time stamp in ms since connection was established). from now on i will call the measured latency time of every player "L".
3. when the client sends a "my character attacked" packet, the server looks up in the journal of every monster if it was in the damage zone L ago. then damage is calculated and damage report packages are being sent to the clients. (the damage zone should also be relative to the clients position L ago although a position change in the last L is unlikely when the player characters can't move and attack at the same time)
4. when a monster attacks, the server sends a "monster X attacked" package and waits L for every client (and maybe some more time depending on the swing speed of the monster) before the server calculates if that clients character is in the damage zone or not and if yes how much damage he got. then the server sends damage report packages about the damage of that character to all clients.
- realtime action combat in an online rpg. none of the boring click&watch combat systems mmorpgs are known for.
- because the server compensates the latency players with high latency haven't got such a big disadvantage like in other action oriented online games.
- although the collision detection of attacks would be believeable to the player he would receive a notification about successful hits some time after he hit the enemy or got hit (maybe the client software could compensate this by prediction). for that reason i would not suggest to let the movement options of the client depend on if a hit was successful or not and if he got hit or not. otherwise the game could become asynchronous.
- there is the risk of implausible situations when attacks change the position of beings. from the viewpoint of some clients monsters could be hit by other players which are out of range or his attack could miss because a monster was pushed out of the damage zone after he hit it (but before damage is shown).
- when multiple players with different latencys fight the same monster it could be unclear to the players who made the first and who the last hit.
- to reduce network traffic and server load i would suggest to use a combat style with few but strong hits (similar to secret of mana 1) and not one with frequent but weak hits (like ragnarok online for example).
- the client software could try to manipulate the measured latency to gain advantages.
when the client can trick the server into believing that his latency is much higher than it really is the player would have much more time to dodge attacks. an automatic dodge bot would also be possible. the player could also hit enemies that already left the attack range. basically the client would be able to "look into the future" from his point of view. i believe that a maximum possible latency while calculating hits (this is necessary anyway to limit the length of the movement journals) could minimize the use of such a hack.
fooling the server into believing in a lower latency would mean the opposite. the cheater would be able to hit enemies earlier than other players. that could give him a slight advantage in some situations.
in the end it would be the best for the cheater to change his latency over and over again to his advantage. an advanced hack could even keep a journal of all beings movement, too. in case of an attack (from or against the player) the hack could search for a scenario in the past that is most beneficial for the player and manipulate the latency to trick the server into picking that scenario to calculate damage. the method of measuring the latency should be responsible to make this as difficult as possible. the most convenient way would be to use the average of all latency measurements over the last few seconds for all calculations (were unusual high or low values should be ignored).
- i think i needn't point out that a constant server sided plausibility check of the packages from the clients is necessary to detect most cheats. but i would like to point it out nevertheless, because blind faith in the correct protocol implementation of the client program opens the door for many onlinegaming hacks.