Authorization of Software

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Authorization of Software

Post by tecktalkcm0391 »

Hello, I'm trying to setup a way that a program can send a license and authorization code to the server, and it will reply to the software if its valid or not...

How do you think it should reply, because if its just authorized, or not authorized, can't someone "trick" the program into thinking its authorized.... so any ideas on how to do this successfully....


Edit: Just thought of this... could I request a code from one page which is generated using the 2 codes, and then a request to another (which is what the value should be) and then if they match it authorizes the program?
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Re: Authorization of Software

Post by Mordred »

If, in the end, your check is concentrated in a single "if", it will be trivially defeated.
Multiple if-s make the problem only linearly harder for the would-be pirate.
Try to devise an if-less scheme, maybe make the software need some cruicial and mutable in time data, which will be get from your server.

If you live in a country when these things still work, you may be better of if you rely on a license agreement.
Otherwise, it's blackhat time.
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Re: Authorization of Software

Post by tecktalkcm0391 »

So how would I do an if-less...?
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Re: Authorization of Software

Post by alex.barylski »

Use one of those PHP encoders. Although they can be undone, it's better than just simple checks in your source code.

Your best bet is to compile PHP into a native binary using RoadSend's compiler.
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Re: Authorization of Software

Post by tecktalkcm0391 »

Its not a PHP code... everything is server-side...
Post Reply