Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    Regular Coder
    Join Date
    Jul 2008
    Posts
    150
    Thanks
    24
    Thanked 0 Times in 0 Posts

    notification code !!

    hello,
    i am coding new script this days, in the past i was using mail or @fopen to make the notification if any body installed my script or uploaded it to his host .

    PHP Code:
    mail("","","");  

    and 
    the @fopen("http://site/file.php?url=http://"."$HTTP_HOST"."$PHP_SELF","r"); 

    but i know about @fopen isn't secure enough beside the both of mail and @fopen are so clear in the code and anybody gonna remove them easlly .

    i don't like to use the both in the notification any more , so please any idea about better notification ways which gonna be more complex in the code ??

    thanks

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    You can never be 100% certain these will work (assuming that they were scripted correctly). Mail can be disabled, and fopen on a remote host will only work if they've enabled url_fopen in they're ini.

    This is part of the problem with PHP. Generally speaking, to make a portable generic script is pretty much to just pass out you're source code. You can scramble it all you want, it can always be re-evaluated by a good and determined developer.

    However, if you can program in C, you can write PHP extensions instead. Though they may or may not be usable on shared hosting, they can be added into dedicated servers. These are far more difficult to extract the code out of. Once again, if you have a determined programmer they could reverse engineer it. These are about the only way I can think of to reliably control program access with licensing keys.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 
    Been gone for a few months, and haven't programmed in that long of a time. Meh, I'll wing it ;)

  • #3
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    You could always buy Zen Guard. I don't know if its worth the money though. There is also this one: https://www.phpcipher.com/

    But I don't know how reliable these are.
    Last edited by _Aerospace_Eng_; 03-11-2009 at 07:10 AM.
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #4
    Regular Coder
    Join Date
    Jul 2008
    Posts
    150
    Thanks
    24
    Thanked 0 Times in 0 Posts
    thanks a lot for that helpful reply , but we missed something here .

    i was wasting my time with learning some hacking for fun before couple years ago, so i can tell you with being sure about almost of the hacker and the crackers haven't any knowledge about any programming language like more than 70 % of them, and this taking us to the this question, how those 70 % hacking and cracking our works without knowledge about any programming language ???

    almost of us know the answer as i guess, about the 30 % of the crackers who know some programming no comments about them but they exactly got almost of the targets which they looking for , after that they posting in the hacking forums to the other 70 % some toys to play with

    now if u would googling about some hacking forums you will find posts like "null some scripts and put your copyright" and into the body of the post you will find search the script for those words and remove them "eval(base64_decode(" or "mail(" or "file_get_contents" or .......

    so about us we cant make 100% secure script, but we trying to keep those 70% away from our work long as possible .

    that makes use have to do more complex ways in the notification which will be hard to find by searching the script , so any new ideas please ??

  • #5
    New to the CF scene
    Join Date
    Jul 2009
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    eval is evil. this is not wise to use it. why don't you look at the integration scripts of some php licensing softwares and see what they did and learn from them to make your own?


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •