looking for php code to protect footer

[easyweb]

Looking for something to add to footer, that if removed will give a site php error.

Currently using a footer.inc.php file that only has footer link back to me, If I encode it now, one could simply remove it and add there own html/php.

Wondering if there is anything I could add " before" I encode it, this way, if if removed and they add their own, the script would then be null.

Is this possible?

Thank you in advance.

EasyWeb

[traq]

there are things you could do, of course. You could define code in the footer and check for it elsewhere in your script, and die() if it's not found. This might be more complex depending on how you add your footer to the site, and how you handle your output.

What I can tell you is that you will spend more time and effort trying to "protect" your footer than is worthwhile, and, in the end, people will still be able to circumvent your precautions (likely with far less effort than you spent). What you're trying to do is largely impractical.

You mentioned "encoding" your script: I would highly recommend against that approach, for several reasons:

• Encoding a php script will typically involve using the eval() function. eval is evil. eval presents security and stability problems in that it allows arbitrary execution of php code. Relying on this function is a sign that you've done something wrong in your program.
• Encoding a script (and so "hiding" its contents from the end-user) is suspicious. I always recommend that people avoid scripts that have been obfuscated, simply because that's the first thing malicious coders do to try and hide whatever they're sneaking onto your server. Your users deserve transparency.
• Obfuscation is ineffective anyway. It's not like you're creating a binary file that the average coder has no hope of deciphering. You must provide the PHP interpreter a way to decode the script - from there, it's a simple matter to look at the resulting code instead of executing it.

Your efforts would be better spent drafting a license that requires your clients to maintain your footer. Often times, a letter is all it takes. If not, you can contact their hosting provider with the complaint.

[ajfmrf]

Not being a php guru by any means causes me to agree with Adrian regarding the license.

It also seems the best,least amount of work ,and also should be quite a bit professional too.To add a license regarding the footer sounds and will also look good to me.

Writing a php code to make the footer a required part of the page/script seems like a lot of work too.

But this is just me opinion,if you are interested.

[Beverleyh]

I totally agree with traq.

Several years ago I installed a (what I thought at the time) was a convenient and nifty auction package on a convention website. I spent hours customising the html template, but in a hacky CSS way due to the bulk obfuscated code.
Anyway, all seemed well for a week and off I travelled to the US to attend the convention in question.

Next thing I know is that I'm getting ready one morning in my hotel room and loads of panicky con-goers and desperate staff are banging down my door, the phone is ringing and I get manhandled into another suite with a laptop.

Turned out that the auction software had been doing some really nasty stuff on the server - the web host had been trying to contact me ask me to stop what was doing, but I hadn't checked emails/replied as I was on holiday, so they deleted the website!!! So that left dozens and dozens of stranded convention attendees who were in transit and yet to arrive at the hotel, unable to login and check their details because the website was gone!!! AAARGGHH! Nightmare! But a valuable lesson learned.

I spent a full day and night of my vacation on the phone with the web host, re-uploading the website/dbs from a flash drive (lucky that I'd taken it on holiday - I hadn't taken my laptop) while also uninstalling the dodgy scripts and cleaning up after it all.

That WAS a fun holiday experience! I got everything fixed but needless to say, I will NEVER use obfuscated code again. It just can't be trusted.

[easyweb]

Thank you for all your advice.

This looks interesting here: http://www.scriptomart.com/view-item...on-Script.html

However, to most points, it dose suggest to encript one part of the code.

I created an ebay clone some years ago, and now being resold all over the net and ebay it'sself.

Now creating other scripts, and just dident want to see the same thing happening all over again.

Thank you everyone for your feedback.

[easyweb]

And of course, cannot get the free script at the:

http://www.scriptomart.com/view-item...on-Script.html

to work???

On their front page it states:

You can now download all our dynamic scripts for Free, Budget & Premium Scripts for FREE. No Licence is required for any script, just enter any charactors for the license key.

However,,, takes you too the No lic key page

If anyone wants to look and can get it to work, this would be helpful.

Thanks again....

[traq]

I didn't try to download it, but from the description, it looks like you'll be making your scripts dependent on verification of a license key (i.e., verified by your website). Consider, then, that you're making your scripts dependent on the presence of your website. That could mean longer load times for your clients, plus it legally obligates you to keep your site and licensing software operational in the long term - at least as long as you have any unexpired licenses.

A lot of effort...

-----------------
if I can get it to download, I'll have a look at it and give you my opinion.

[VBAssassin]

They will always be able to reverse engineer the code to remove any protections you add. UNLESS you encode the entire project using something like ioncube. I've used that in the past and to be honest, it works very well. If you had encoded it using ioncube, removing the footer would result in a corruption error!