02-17-2010, 05:17 AM
Hi, Im looking into creating my first PHP license script or even getting one for free or buying one, Basicly what I need it to do is to make license keys for a script im developing how dose this work out, like for example the script wont work without a valid license.... im creating a gaming script
02-17-2010, 12:54 PM
More often than not these are done in individual files that the script will always have to run through (eg the bootstrap file). This simply checks the key is valid each and every time the script is run (you could have a "call home" version of it or an algorithm that checks the current domain against the key (with salting or something like that) and terminates the script if they don't match). These files are then encrypted with something like ioncube/zend encoder to make reverse engineering the script more difficult as php by default is plain text
only the bootstrap needs to be encrypted so it's a pretty straightforward method and will work for the majority (but not all) installations.
As they say, nothing is impossible, and it's possible to reverse all encryptions as far as I'm aware. Note that you will require the extensions for these encryption systems on each server that will operate it, in order for them to run the code properly. I think most come with the zend optimizer, but I'm not sure about the ioncube one so you would need to do some research into it
There are of course more basic methods of encrypting such as using base64 encoding and decoding which will work on every server, but these are childsplay to decode, even for amateur php programmers, so they wont offer much in the way of protecting your source code
02-17-2010, 02:40 PM
I do it like this:
when our application platform installs a new version of our software for a client it writes the license key into a config file.
within the application its self there's a simple web service call to a service running on our server that spits back simply the license key to our main web server.
this web server checks the key against our internal license database which stores how many user licenses are available for that key.
this then sends back a code and a number so if the key is valid it sends back 1,5 which would be valid and 5 users.
if the code is invalid it sends back a zero.
if the appilication receives an invalid license it then denies all logins apart from primary admin who can then goto license management and either insert a new license key or buy more user licenses.
If the license is valid users can login but on the user administration page the admins cannot create more users than their max user limit
if user limit is reached it spits out a warning saying they need to buy more users for their license etc.
its alot simpler than it sounds and its not "perfect" but it is quick.
02-17-2010, 02:59 PM
You can deeply embed a code in your script, and cross it through many scripts changing the variables so it's really hard to track down (for non-expert coders). Also having it a couple dozen times in your script would take a really long time to remove it all.
It would be cross checked on a different site. So like when the script runs, it checks the code with your site to see if its valid. Or for copyright protection, you can just say, hey if this string isn't there, stop everything.