网普技术论坛 网普科技  
» 游客:   网普主页 | 注册 | 登录 | 帮助
 

作者:
标题: {zt]How To: Protect your contracted work in PHP using Code Snip & IonCube 上一主题 | 下一主题
网普科技
网普管理员

网普科技人民公仆


积分 3080
发贴 2863
注册 2004-6-26
来自 网普科技
状态 离线
#1  {zt]How To: Protect your contracted work in PHP using Code Snip & IonCube

From:webhostingtalk.com

First of all, this isn't a guide on how to use Ioncube, this is for those people who are hired at freelance sites, basically, contracted over the internet to do a PHP script. I'm not a PHP overlord, so don't expect the best coding you've ever seen in your life, but it gets the job done, and I have done this for every project ever since I thought of this.

Forgive me if it's not exactly 100% user friendly, if you're a PHP coder who does work that's expensive enough to have to protect, you should be able to follow the steps with ease.

Scenario: You are paid $2000 to write a PHP script for Joe Montana. Joe pays you, you send him the script, all is well, until Joe reverses the charges, leaves you out in the cold while you just wasted several weeks and he gets a free script. Now you have to stress yourself with tracking him down, pressing charges, which 99% of the time never happens. I just read the same story on another forum, which is all too common, and this prompted me to share this with hopes of protecting other programmers time and profit.

Step 1

Find the file that is absolutely necessary for the script to run AND won't required any modification by the client for configuration purposes, this could be the functions file (preferably), the administration home file.... etc.. basically find a file that if taken out of the picture, the entire php script (or the better part of it) would not work.

Add this snippet of code to the top of the file (it doesn't need to be the very top, it needs to be above the critical code though).



PHP:
--------------------------------------------------------------------------------

$lines = file('http://www.example.com/joemontana.txt');
foreach ($lines as $line_num => $line) {
$license = htmlspecialchars($line);
if ($license == "kill") {
exit("<font color=white><b>Your Script License Has Been Terminated<br><br>Please Contact <a href=mailto:YOUREMAIL><font color=white>YOURCOMPANY</a> Immediately</b></font>");
}
}

--------------------------------------------------------------------------------



You'll want to edit the URL example.com to your website, and point it to a text file that is unique to this project (ie: joemontana.txt). You can also edit the HTML to say whatever you want.

What this does, is it opens this text file on your server, checks it, and continues with the script. If you write the one word...

kill

Inside the text file, his script will exit every single time someone tries to run it. If your server is down, the file doesn't exist, anything other then the word "kill" is in it, etc. etc. the script will run fine.

Step 2

You now need to encode this PHP file so that they cannot remove that code snippet and be on with their day. I prefer Ioncube, but if you use something else, by all means, go ahead... as long as it's secure.

Go to http://www.ioncube.com - Go to Products -> Online Encoder. It costs 50 cents to encode a file (You have to make a minimum $5 deposit though, which is good if you plan on doing this for all your projects). Encode the file. If you open it in a text editor, it should look like a bunch of jibberish.

Step 3

If you used Ioncube, when you distribute the script to your client, ensure that you include a ioncube loader for their server (it includes instructions on how to install it for their server administrator), and make sure you instruct them to upload the encrypted file in BINARY mode.

That's it. Now if you get a chargeback, just put the word 'kill' in that file that the code snippet points to and be on with your day. At least now if they screw you, you can screw them back.

I encourage you to let your client know that this one file is encrypted, but after a provisionary period of 1-2 months (whatever, long enough so that they can't charge you back) you'll send them the real file which won't require any more ioncube extensions.

This is a pretty basic solution, because there are some ways around it I'm sure, but only if they realize how you are doing it, I'm not going to publish any possible ways (and I encourage none of you to either) in the event that someone comes searching for a way to "undo" your protections.

These instructions are provided without warranty. Any damage or loss, yadda yadda yadda *insert long disclaimer here*, is your own fault.



天理路上甚宽,稍游心,胸中便觉广大宏朗;
人欲路上甚窄,才寄迹,眼前俱是荆棘泥涂。



网普科技,优质美国主机服务!
美国Linux主机,美国虚拟主机
支持PHP+MYSQL+cPanel+EMAIL
为用户负责,拒绝反动、赌博及色情内容! QQ:126818

发送QQ消息
2005-3-18 01:15 PM
查看资料  访问主页  发短消息  QQ   编辑帖子  引用回复 顶部
茱莉娅
THE BODY SHOP美容顾问

茱莉娅美体小铺


积分 3080
发贴 2863
注册 2009-5-21
来自 茱莉娅美体小铺
状态 离线
#1  赞助商信息The body shop

茱莉娅美体小铺
茱莉娅美体小铺淘宝店
茱莉娅美体小铺


茱莉娅美体小铺淘宝店
2005-3-18 01:15 PM
查看资料  访问主页  发短消息  QQ   编辑帖子  引用回复 顶部


可打印版本 | 推荐给朋友 | 订阅主题 | 收藏主题



论坛跳转:  




Powered by Discuz! 2.5 © 2001-2005 Comsenz Technology Ltd.
Processed in 0.006539 second(s), 7 queries, Gzip enabled
------------------------------------------------------------------------------
本论坛属网普科技交流与技术支持论坛!
拒绝任何人以任何形式在本论坛发表与中华人民共和国法律相抵触的言论!
美国主机, 美国虚拟主机, cPanel+PHP+Mysql+Ftp+Email+Zend+GD2+国际域名支持
技术支持 QQ: 126818 EMail & MSN: support[AT]netpu.net
[ 联系我们 ] - [ 网普科技 ]