Page 1 of 1

Authorization of Software

Posted: Thu Jun 26, 2008 7:54 pm
by tecktalkcm0391
Hello, I'm trying to setup a way that a program can send a license and authorization code to the server, and it will reply to the software if its valid or not...

How do you think it should reply, because if its just authorized, or not authorized, can't someone "trick" the program into thinking its authorized.... so any ideas on how to do this successfully....


Edit: Just thought of this... could I request a code from one page which is generated using the 2 codes, and then a request to another (which is what the value should be) and then if they match it authorizes the program?

Re: Authorization of Software

Posted: Fri Jun 27, 2008 8:42 am
by Mordred
If, in the end, your check is concentrated in a single "if", it will be trivially defeated.
Multiple if-s make the problem only linearly harder for the would-be pirate.
Try to devise an if-less scheme, maybe make the software need some cruicial and mutable in time data, which will be get from your server.

If you live in a country when these things still work, you may be better of if you rely on a license agreement.
Otherwise, it's blackhat time.

Re: Authorization of Software

Posted: Fri Jun 27, 2008 9:11 am
by tecktalkcm0391
So how would I do an if-less...?

Re: Authorization of Software

Posted: Fri Jun 27, 2008 3:21 pm
by alex.barylski
Use one of those PHP encoders. Although they can be undone, it's better than just simple checks in your source code.

Your best bet is to compile PHP into a native binary using RoadSend's compiler.

Re: Authorization of Software

Posted: Sat Jun 28, 2008 3:38 pm
by tecktalkcm0391
Its not a PHP code... everything is server-side...