Hi all, I sell a number of scripts and generally they have all been 100% unencoded php source code. Recently there have been some issues with buyers duplicating the code on multiple sites without paying for multiple licences - this is obviously hard to control when they have the complete source code. I'm therefore looking at ways to encrypt the code by to adding code which restricts it to a particular domain name. The 'restricting' code I have no issues with, the problem is what to encrypt? My initial thoughts where to have an include which did the lookup and validation of the domain name/license, this would be encrypted with zend or sg. The problem however is that since the rest of the code is unencrypted, anyone could just remove the include code in the relevant file. I wouldn't want to encode the entire site since it's of benefit that the code is available. Any ideas?
I had the same problem. The answer i got was make the call to your encrypted functions deep inside your code. But if you leave the code largely un-encrypted...someone that knows php will be able to read your code and get ideas how to do what you did and rewrite it
there is a way, zend has the solution but that will cost some $ maybe you will find more on the zend website!
Yeah ultimately I think I've come to the conclusion that it's not going to be 100% secure no matter what I do. The scripts however do have a function library file so I'll probably look including the license here and encrypting, since the scripts wont run without this file.
Before you buy the zend or ioncube...ioncube has a service that you can encrypte a file/folders for a few dollars. No need to spend $100 + if you only gona use it once.
There is an option I found online. You can find it at http://www.gstudios.org/php-encrypter.php. It is free and even allows you to lock it specific domains. For example, you could set it to yoursite.com so if mysite.com tries to run it, it won't allow it to. The whole PHP source code is encoded. I hope that works!
zend is easily decrypted now a days. I same go with ioncube it can still be decrypted, but a great deal harder.