If you write an HTTPD that can read files in your MUD (as opposed to one that presents an entirely different file model, something it makes up), remember not to let people randomly get code out of your MUD directories. Be sure to only send out the files you intend people to get. Be careful to normalize filenames first (remove leading '..' paths, et cetera) so that nobody can fool you by using a different path format. This helps to keep your HTTPD from causing security problems in your MUD.
You can also allow players to play over HTTP, or some related protocol. If so, please remember not to identify your players by IP address. Issues like firewalls and NAT can greatly confuse your MUD server, causing multiple players to be treated as one, or a player to suddenly lose connection when he appears to change IP addresses. Cookies are one of several more reliable tracking methods, though there are certainly others.
Bear in mind that standard HTTP does not allow 'push' code for things like 'tell' and 'say', nor for sudden events like a creature entering a room and attacking. For that reason, Java (or Javascript?) or some more proprietary replacement like ActiveX may be necessary to allow your MUD proper two-way interactivity.
More complex setups can work quite well, of course. Christopher Allen describes the Skotos setup like this:
You might want to take a look at a couple of Skotos games, in particular, Castle Marrach and Grendel's Revenge. Both have gifs and jpegs under client control.
Our basic technique is to have a pane for flowing text that is imbedded inside an html page. This text pane can receive special commands that it will send out to the DOM of the web page it sits inside. This allows us to change the whole web page dynamically. We have three clients that use this technique, an Active-X client that is based on Pueblo, a Java client, and a Mozilla Javascript client.
The RFC for HTTP 1.0 is here. It may be useful for your implementation efforts.
To set cookies, you may find Javascript is useful. The following script was obtained by Wes Connell off a Javascript help page:
<script language="JavaScript">
<!--
⁄⁄ Use this function to retrieve a cookie.
function getCookie(name){
var cname = name + "=";
var dc = document.cookie;
if (dc.length > 0) {
begin = dc.indexOf(cname);
if (begin != -1) {
begin += cname.length;
end = dc.indexOf(";", begin);
if (end == -1) end = dc.length;
return unescape(dc.substring(begin, end));
}
}
return null;
}
⁄⁄ Use this function to save a cookie.
function setCookie(name, value) {
document.cookie = name + "=" + escape(value) + "; path=⁄";
}
⁄⁄ Use this function to delete a cookie.
function delCookie(name) {
document.cookie = name + "=; expires=Thu, 01-Jan-70 00:00:01 GMT" + "; path=⁄";
}
⁄⁄-->
<⁄script>
Using the above, the following code can be included:
send_html_output("<script language="JavaScript">);
send_html_output("setCookie(\"ACCOUNTNAME\", account_name);");
send_html_output("setCookie(\"PASSWORD\", encrypted_password);");
send_html_output("<⁄script>");
@@INCLUDE http_1@@
@@INCLUDE http_2@@
@@INCLUDE http_3@@