PHP/Web Script Protection

views:

424

answers:

PHP/Web Script Protection

I want to write a script in PHP and javascript and somehow protect my source code so that I can sell my script.

I am looking for ideas how to protect my script. If I sell it to someone, how can I stop that person from redistributing it as their product?

I know there is ZEND and ionCube, but are there any other methods? As I don't like to force a user to have zend optimizer installed on the server.

Is there any way of generating a "serial number" protection for these scripts that cannot be removed by editing the code?

Unless the code is hosted on your server, there is going to be a way to reproduce it. If you store it in an encrypted string, at some point you will need to eval() it, and by changing the eval to a echo you get the full text of the program. Thats why people hire programmers to work for them instead of just getting buying software.

Just as a side note, this is the same sort of thing that the movie and music industry gets into. They try to restrict things, and end up having people go and crack the code. The only difference is that PHP is much easier to change.

Chacha102 2009-06-13 21:32:26

+2 A:

There is no way. You can obfuscate it, but not make it impossible to steal.

antennen 2009-06-13 21:33:01

+5 A:

There are ways to obfuscate and encrypt your code but if you rely on your profit coming from folks having a hard time cracking your code, not on the quality/usability of your code/programming then I think you're approaching your market from the wrong perspective.

Make your code's accessibility a feature, which could make it easier for your customers to audit their security or get/make plugins to enhance your code's usability.

Sorry; this isn't really an answer to your question, is it?

David Thomas 2009-06-13 21:47:24

Thank you for the comment/answer. It was what I was looking for. Thanks again.

Sev 2009-06-13 23:18:37

No worries, thank *you* for the accepted =]

David Thomas 2009-06-13 23:22:12

Agree with the answer. That said, the way you keep them from redistributing it as their product is via copyright/licensing. Include a license then, if someone violates it, you have legal recourse.

fiXedd 2009-06-14 01:44:20

@fiXedd, +1 for that, I really should've mentioned licensing and so on. On the other hand my own inclination is to reward the person/company that promotes my business.Give a discount or additional service if they get somebody else to sign up. If the company signs up, give reduced cost personal-use licenses to its employees for home use, and so on.Most likely people not using/knowing of your software will bite you faster than folks 'pirating' it.

David Thomas 2009-06-14 09:45:37

+2 A:

As with the answer from rice bowl, you should focus on the functionality and usability rather than the protection. In my view torrent users who steal the script should be the least of your concerns, as the type of people who steal scripts probably wouldn't pay for it anyway. Offer services to help enhance the product that's not available for illegal downloads, such as installation and configuration, user forum for registered purchasers, new updates through automated downloads from your server, etc. This will make your code less valuable and the product as a whole worthwhile.

As for protection, it is not really a problem of having Zend, Ioncube or Source Guardian on the users server. Even a novice can decode zend, I have seen Ioncube be decoded, and I imagine Source Guardian will fall quickly if it hasn't already. There is no safe way to prevent people stealing your code, so instead you need to make the user want to buy it.

Lobe 2009-06-13 22:00:41

Thanks for the answer and further details.

Sev 2009-06-13 23:19:10

Don't sell scripts, sell maintenance and service. Give your scripts away- it is always the particular application that has value for the end user.

kennebec 2009-06-14 01:30:56

ansaurus

tags:

views:

answers:

PHP/Web Script Protection

related questions