I am trying to create a licensing system where you have a license key as a variable in a file. Then, it includes a file that's on an external server. The server then does all the validating, and returns whether the key is valid or not. The problem is, an experienced PHP programmer could just remove the include, and change the variable to true. Does anyone know of a way to force a file to be included? I'd like for all the security stuff to be on my server, not my client's.

Here's some of my code:

serial.php

<?php

$serial = "a1b2c3d4e5g6h7i8j9k0";

include("http://myserver.com/validate/license.php");

if($valid == 1) {

//license is valid

}

else {

//license is not valid

}

?>

http://myserver.com/validate/license.php

<?php

//check with MySQL database to see if license is valid

//if license is valid...

$valid = 1;

//else...

$valid = 0;

?>

You could use an obfuscator. It is not a 100% solution and it might create some work when maintaining but it is an option. Have look at http://www.phpprotect.info/.

How can you include(<page link on httprotocol>) ????

use codeeclipse dot com
copy paste and get ur file...

simple?

I faced (and still face) this issue recently. I sell scripts myself and have learned the hard way that the "call home" in scripts is so useless (unless just used to give shout outs about updates) in everything from stand alones to wordpress plugins. Even obfuscators are breakable when you get down to "experienced programmers" that you speak of.

I would recommend not giving away the script at all. Create a membership based site and have them use the script on your server.

get the included files then check that the file is included.
$myFiles = get_included_files();

if that helps at all.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.