Prevent user from changing game values in the browser console

Question

Any player can easily cheat on this game by changing the amount of cupcakes through the browser console. I wanted to know if there was a way to prevent the user from doing so. This is also posted on github.

var numberOfCupcakesDisplay = document.getElementById("numberOfCupcakes");
var cupcake = document.getElementById("cupcake");

function updateValues() {
    numberOfCupcakesDisplay.innerHTML = amountOfCupcakes.toString();
    //displays number of cupcakes to screen
    document.getElementById("amountOfToasters").innerHTML = amountOfToasters.toString();
    //displays number of toasters to screen
    document.getElementById("toasterButton").innerHTML = "&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp" + Math.round(costOfToasters).toString() + " cc";
    //changes cost of toaster every time it is bought by 110%
}

cupcake.addEventListener('webkitAnimationEnd', function(e){
    e.preventDefault();
    this.style.webkitAnimationName = '';
}, false);

function clickCupcake() {
    ++amountOfCupcakes;
    cupcake.style.animation = "shiftCupcake";
    cupcake.style.webkitAnimationName = "shiftCupcake";
}

updateValues();

Answer 1

Yeah!! As other answers mention it is IMPOSSIBLE to prevent users from changing the values from browser console. In other words, You are simply asking How to write JS code so that user can not debug it. You can always use some methods which make life hard for people who want to cheat on the game.

1.Obfuscate the code.

Look at these links for more information on obfuscation.

• SO: How to obfuscate Javascript
• Jsobfuscate.com

2.Do not store the game's control values in global variable.

Do not store control values in global variables. Instead define a class and have these variables as private to it So that user has to dig in deep in order to find out where to put the breakpoints.

3.Minify/Compress your javascripts.

Obfuscation more or less covers minification as well.

Answer 2

You cannot prevent this. The best you can do is minify the JS so it's harder for players to find the right values to change. In fact, you can't prevent this with any game or indeed application; the user's computer controls all of the information so they can do anything they want to it.

The only way to be secure against this is to do all of the processing on a server you control. Even though, players can lie about their input data (hence aimbotting or other hacks).