Jump to content

jezari

New Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

    Never

Profile Information

  • Gender
    Not Telling

jezari's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. jezari
    A keygen just contains a list of known working keys, yes? The code gets the domain on which the script is running (via $_SERVER['SERVER_NAME']) and this is used to form the licence key.  So I don't think a keygen could be used since the licence key is unique for each domain?
  2. jezari
    Hi! I want to add licence keys and domain checking to my scripts.  I will be encrypting my scripts with codelock, so its fairly safe that my clients won't be able to pull out the code. To provide them with a licence key, they tell me their domain (in form of a URL).  I use the URL and the name of the script to create a unique licence key for them to use... [code]// example data provided by client (they can also use an IP address) $url = parse_url("http://www.example.com/etc"); $script_name = "my script name"; $host = $url['host']; $hash = md5($host.$script_name); // create a readable licence key with dashes separating sets of 4 characters for ($i=0; $i<strlen($hash) / 4; $i++) { $hash_pieces[] = substr($hash, $i*4, 4); } $licence_key = implode("-",$hash_pieces); // in this example $licence_key is created as: // 6a9d-17ac-d0e0-1610-c14c-ba1b-7e97-2a59 [/code] Then within the script I check that the licence key is valid for the script name and domain on which they are running it... [code]// example data provided by client (they enter their licence key to use the script) $licence_key = "6a9d-17ac-d0e0-1610-c14c-ba1b-7e97-2a59"; $script_name = "my script name"; $domain = $_SERVER['SERVER_NAME']; if (empty($domain)) $domain = $HTTP_SERVER_VARS['SERVER_NAME']; $ip = $_SERVER['SERVER_ADDR']; if (empty($ip)) $ip = $HTTP_SERVER_VARS['SERVER_ADDR']; $hash_1 = md5($domain.$script_name); $hash_2 = md5($ip.$script_name); if ($domain == "localhost" || $hash_1==str_replace("-","",$licence_key) || $hash_2==str_replace("-","",$licence_key) ) { // licence key okay - execute } else { // licence key not okay - don't execute }[/code] I'm also considering calving off the second half of the licence key, because security doesn't need to be that tight, 16 characters (plus dashes) should be more than enough. Thanks in advance for any feedback you guys can provide!!!  ;D
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.