如何识别我的PHP脚本是否被别人托管

发布于 2024-09-26 00:13:11 字数 148 浏览 2 评论 0原文

我以 35 美元的价格在线向单个用户出售 PHP 脚本

有什么方法可以识别我的脚本是否由多个用户托管..

我应该在脚本中使用任何逻辑来查找他的身份吗?

有没有简单的方法可以找到盗版者,

请帮助我。 (抱歉有语法错误)

I am selling PHP script online at 35$ for a individual user

Is there any way to identify whether , my script is hosted by more than one user ..

Should i use any logic in my script to find his identity?

Is there an easy way to find the pirator

Please help me.
(sorry for grammatical mistakes)

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(5

ゃ人海孤独症 2024-10-03 00:13:11

例如,在脚本中的某个位置:

<?php
file_get_contents('http://yourserver.com/tranck_script_users.php?site='.url_encode($_SERVER['HTTP_HOST']));
?>

这样您将看到哪些主机使用您的脚本。当然,任何人都可以从脚本中删除这一行,但没有 100% 确定的方法。

For example, somewhere in your script:

<?php
file_get_contents('http://yourserver.com/tranck_script_users.php?site='.url_encode($_SERVER['HTTP_HOST']));
?>

This way you will see which hosts use your script. Of course, anyone can remove this line from your script, there is no 100% way to know for sure.

我是男神闪亮亮 2024-10-03 00:13:11

如果可以的话,尝试对您的服务器进行简单的调用来跟踪脚本的使用情况,您应该发送域名和 IP。为此,请使用 cURL。如果您的业务逻辑允许这样做,您甚至可以在跟踪不成功时禁用脚本功能。

因为 PHP 只是纯文本,任何人都可以删除您的跟踪代码部分。尝试混淆代码。

If you can, try to make simple calls to a server of yours to track the script usage, you should send the domain name and the IP. Use cURL for this. If your business logic permits this you can go as far as disabling the script functionality if tracking is not successful.

Because PHP is just plain text anyone can remove your tracking code portion. Try to obfuscate the code.

小霸王臭丫头 2024-10-03 00:13:11

PHP 中没有可靠的方法来阻止其他人使用您的脚本。由于 PHP 使用即时编译,因此任何有权访问文件的人都可以阅读源代码。这意味着您放入脚本中的任何回拨逻辑都可以轻松禁用。你能做的最好的事情就是混淆它,但任何有足够决心的人仍然可以编辑代码。

最好的解决方案是使用良好的许可证,或者使用可以分发的已编译语言进行开发。对于 PHP,没有可靠的方法来防止源代码的重复使用。

我强烈建议您不要将任何类型的回拨功能放入脚本中。首先,它可以被禁用,所以基本上没有用。其次,即使对于脚本的合法用户来说,它也会导致严重的延迟。最后,如果您必须将其放入,那么告诉用户您正在这样做至关重要。

There is no reliable way in PHP to prevent someone else using your script. Because PHP uses just-in-time compilation, the source code can be read by anyone with access to the files. This means that any call-home logic you put into your script can easily be disabled. The best you can do is obfuscate it, but the code can still be edited by anyone with sufficient determination.

Your best solution is to use a good licence, or to develop in a language that can be distributed already compiled. With PHP, there is not a reliable way to prevent re-use of your source code.

I would urge you not to put any kind of call-home functionality into your script. First, it can be disabled, so is essentially useless. Second, it will cause significant delays even for legitimate users of your script. Finally, if you must put it in, it is vital that you tell your users that you are doing so.

贪恋 2024-10-03 00:13:11

对于使用非编译脚本来消除盗版行为,您无能为力。任何人都可以修改源代码以删除您所采取的任何保护措施。但是,您可以尝试通过某种混淆工具运行脚本,或者尝试手动“编码”文件,就像许多 PHP 恶意软件所做的那样。不过,混淆和这种类型的编码可以而且将会被有足够时间的人击败。

如果您愿意投入一些钱来解决这个问题,您可以查看 IonCube EncoderZend Guard。这两者都会保护您的脚本,而且我知道至少 Zend Guard 允许按服务器许可。不过,这些解决方案需要您的最终用户安装 IonCube 或 Zend 加载程序。

There isn't much you can do to negate piracy with non-compiled scripts. Anybody can modify the source to remove whatever protections you have in place. You can, however, try to run the script through some sort of obfuscation tool, or otherwise try to manually "encode" the file, in much the same way a lot of PHP malware does. Obfuscation and this type of encoding can and will be beaten by somebody with enough time on their hands, though.

If you're willing to invest some money into the problem, you could check out IonCube Encoder or Zend Guard. Both of which will secure your script, and I know at least Zend Guard allows for per-server licensing. These solutions would require your end-users to have either the IonCube or Zend loaders installed, though.

等风也等你 2024-10-03 00:13:11

在不影响用户安全/隐私的情况下(IMO),没有办法做到这一点。

唯一“干净”的方法是使用像 IonCube 这样的工具对脚本进行编码(还有许多其他工具)但从未使用过它们)并限制在特定域上的执行。缺点(您也可以将其视为优点,具体取决于您的许可方案)是用户无法查看/修改您的代码。

There is no way to do this without (IMO) impacting the security/privacy of your users.

The only "clean" way to do this is to encode your scripts with a tool like IonCube (there are many others but never used them) and restrict the execution on a specific domain. The downside (you can also see this as a plus depending of your license scheme) is that the users can't see/modify your code.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文