Jump to content

PHP Coding Help

jhbalaji

By jhbalaji
in PHP Coding Help

 Share

Recommended Posts

jhbalaji Newbie

jhbalaji

Posted
Posted

I have written a licensing system for my script and now i saved it an file called lic.php in the root folder

 

I am going to encrypt that with ioncube when giving to a client side

and i will simply include

 

include "lic.php"

 

to call the licensing system

 

But the problem is when i simply include the code

 

 

include "lic.php"

 

the user can directly remove the line to get the script worked

So can some one help me in coding a script inside the lic.php which will make the script to prevent from running if the code i.e,

 

 

include "lic.php"

 

is removed from the file

 

Note that i will include the line 

 

 

include "lic.php"

 

in all the php files in my script

 

Also do you face any issues with ioncube while running??

 

Great Thanks!

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

And how would that stop someone from either just setting the variable themselves or removing the code that is checking if the variable is set?

 

The only way you can prevent someone from bypassing your lic.php file is if the file that is including and using the information from lic.php is also encrypted.

Link to comment
Share on other sites
lostnucleus Member

lostnucleus

Posted
Posted

your lic.php needs to have some part of script funcnality also , for .eg

 

<?

function notSoImp(){}

function mostImportant(){}; ?>

 

change it to

 

<? function notSoImp(){}

  include "lic.php"; ?

 

now in lic.php

add that removed function i.e  mostImportant().

 

 

Link to comment
Share on other sites
hcdarkmage Member

hcdarkmage

Posted
Posted

And how would that stop someone from either just setting the variable themselves or removing the code that is checking if the variable is set?

 

The only way you can prevent someone from bypassing your lic.php file is if the file that is including and using the information from lic.php is also encrypted.

 

I agree with you, and I was just offering a suggestion, lol. I was thinking along the same lines and it seems that you would be stuck without a solution unless you encrypt everything. Especially if they have the ability to modify the files to remove the lic.php file.

Link to comment
Share on other sites
aeroswat Advanced Member

aeroswat

Posted
Posted

And how would that stop someone from either just setting the variable themselves or removing the code that is checking if the variable is set?

 

The only way you can prevent someone from bypassing your lic.php file is if the file that is including and using the information from lic.php is also encrypted.

 

Thankyou.

 

@Aero: Read the thread completely

As i said i will encode only the lic.php file and not other :)

 

You read what I said completely. Like I said before you must encrypt everything. Maybe you should think about what you say before you say it.

Link to comment
Share on other sites
Asheeown Regular Member

Asheeown

Posted
Posted

You need a MUCH MUCH better way of verifying your licenses.  Send it to a PHP page and have it verify against a database with string sanitization going on.  ANYTHING will be better than that.

 

Seems like you need to focus on that before you actually go locking down the code with this license page.

 

Encrypting each page against formula that's made to generate the license codes is your best bet.  This way license codes generated from the formula will be able to decrypt the code and allow it to run.

Link to comment
Share on other sites
aeroswat Advanced Member

aeroswat

Posted
Posted

You need a MUCH MUCH better way of verifying your licenses.  Send it to a PHP page and have it verify against a database with string sanitization going on.  ANYTHING will be better than that.

 

Seems like you need to focus on that before you actually go locking down the code with this license page.

 

Encrypting each page against formula that's made to generate the license codes is your best bet.  This way license codes generated from the formula will be able to decrypt the code and allow it to run.

 

Sorry but that's honestly the wrong answer. You cannot encrypt a php page in php... Don't you see the security problem with that? The people have 100% access then to the whatever function you use to decrypt/encrypt it and then its easy to go back from there when you identify a few small keywords. Not to mention whoever will be using his program will not always have access to the host and therefore will not be able to create their own decryption application to decrypt it at runtime. There are lots of hosts out there with ionCube already running on their servers. There's only one answer to this question and its already been stated several times. Accept it or find another forum to bs in.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.