Check out IonCube.

It encodes php, and they have a free online demo that will encode it for 8 hours. It is a lot cheaper than the zend one.

Encoding is the only reliable and secure way to do this. I run my own server for this reason.

I pretty much hand over the code but the scripts/programs are priced accordingly to make one shot sales worth while. Zend is great stuff but presents its own issues and it isn't overly cheap.

I did hear an interesting story this past weekend of someone purchasing a script and all the var/function names were in hungarian. This protected the code fairly well since it made it extremely difficult to understand exactly what was going on.

LOL - Hungarian vars! That's a good idea, could try the cyrillic (Russian) alphabet too maybe!

Contract wording is one option, but then you have to enforce it - and that means getting lawyers into the mix - not necessarily a cheap option.

One shot pricing could work too. Another pricing option is to have an upfront price and then require a yearly maintanence fee. That would include upgrades and bug fixes (if needed). You'd probably want contract wording as well.

I think the IonCube encryption option may be the best.

Scott

I have looked into encoding files too but nothing seems satisfactory for one reason or another. Obfuscation could help a little, as in creating all the variables in hungarian *LOL - but any programmer worth his salt could still reverse engineer the thing.

One idea I have come up with is to keep the code and database on my own server - and call it from the server the customers website is hosted on. So basically they are paying for a liscense to access our server and the scripts located there that then output their dynamic site.

Any comments on this method?

If they are scripts that are posted to (search/forms/etc) then that would be fine. Their form posts to it and you return them to their site, seamless. If it is something that is integral to the normal function of their website on a page by page basis, bad plan. It would cause their site to slow down dependant on your load. A time out could wreak havoc.

Its a tough question, everyone has different ways of protecting their intellectual property and none are bulletproof. It would seem that you need to make the situation viable for your own situation. I try to provide good service and when they need something else they will come back.

I played around with POBS - its an excellent Obfuscator. But the problem is with all that manipulation you run the danger of obfuscating it for yourself also!

Cheers guys & gals

IonCube looks very impressive - I like the ability to restrict the ip address and time limit the license :))

You don't even have to modify the server (php.ini) either as it comes with its own loader - though perfomance would be better with it. The price is also very good...

Thanks again - I have been led to a very good product :))