Trial Software Script

Hi there guys,

I have written some software that I want to sell for a small fee but I want users to be able to download a trial version which expires in say one month.

It is a web application so it will always be used online but I am not sure how to create the necessary script to deactivate it, if the user hasn’t paid the full price after a given period.

It is heavily database driven and I am proficient enough to understand that I could use some stored key to do this but I want to do it well enough to prevent it from being cracked and appearing in a torrents search.

Any help would be much appreciated :slight_smile:

First of all, you’ll never be 100% safe from having your software cracked. Even MicroSoft can’t manage that, so don’t worry if some people end up cracking your software anyway.

Now to answer your question: you’ll need to purchase something like IonCube (http://www.ioncube.com/) to encode (parts of) your software and to provide license expiration (I think you’ll need the pro or cerberus version to do that).

Alternatives to IonCube include the Zend SafeGuard Suite.

There are also free tools which purport to do the same thing. You should, however, avoid these as they generally tend to obfuscate code instead of encrypting it (which adds about 0% extra security).

some pseudocode:


$timestampOfInstallationFromDatabase;
$currentTimestamp=time();
$isValidLicense=false;
$trialLengthInDays=strtotime("+30 days");


if(!isValidLicense && (($timestampOfInstallationFromDatabase+$trialLengthInDays)<$currentTimestamp)){
	//let the trial continue!
}
else{
	die('<html><body><p>Sorry, your trial is over. Please purchase a valid license at <a href="http://example.org">my site</a></p></body></html>');
}

You’d just have to make sure to protect the timestamp from being tampered with in the database.

Hey thanks for that force flow,
I will give it a try :wink:

But… what if the person who is trialing the script is somewhat PHP-savvy?

They can bypass the check by commenting out the die() statement…

You could always provide a hosted trial instead of allowing trial downloads. As an added benefit, your conversion rate will most likely improve since people are more likely to try something out that doesn’t involve an installation.

Just a thought.

Thats a good point thanks for your input aamonkey, I’ll think it all through :wink:

I was assuming that the source code would be encrypted, as was mentioned in your earlier post.

If it’s not encrypted, you will not have much luck enforcing the purchase of a license.

Yes thats true isn’t it. I was thinking maybe doing something like, requiring it to register a unique key with each product sold and cross referencing it with a key in my own database (the product will only work on the web anyway). That way I can monitor which licenses are valid and either make them automatically expire or receive a prompt on thier expiration and manually delete them from the db. But again…if someone is php savvy, they could disable the request to my server for the key. Hmmmmmm…

So how do you encrypt source code anyway? I know there are new js plugins out now to prevent users from selecting the view source option in a browser but with a physical script file (php) on the customer’s webspace what would you do?

You would have to use a PHP encoding package to encrypt your source code.

I’ve found IonCube to be easy to use and the loader (the component responsible for decoding the encrypted files at runtime) is supported on a wide number of hosting providers. The other reason why I like to use IonCube is because it has an online encoder–you can encrypt your source for a few bucks instead of having to purchase a $200+ software suite that you might not use more than a few times a year.