it all depends on what has already happened but if you haven't output anything then just send a blank html page or something

if (key not valid) {
echo ' ';
}

that would give a blank page

Are you sure you want a blank screen? As if someone enters the code wrong then they get no error message, just a white screen with no message.

So if you have a list of checks could you use break [uk.php.net] to redirect people to the final statement. Only works with the looping constructs and switch. May or may not be useful to you.

if (key not valid) {
echo ' ';
}

this will not stop the rest of the script.

" Are you sure you want a blank screen? As if someone enters the code wrong then they get no error message, just a white screen with no message."
yes that is precisely what I want, for the above mentioned reasons.

"looping constructs and switch. May or may not be useful to you. "
I got the constructions, it all works well, just need to get 'exit()' different to obfuscate even more.

it stops the rest if there is an else around the rest of your code

You could use eval to obfuscate your die or exit call. Of course, a clever hacker would look for eval if they couldn't find die/exit. ;)

<?php
echo 'Hi!'.PHP_EOL;
eval('d'.'i'.'e'.'('.'\'buh-bye\''.')'.';');
eval('e'.'x'.'i'.'t'.';');
echo 'Never makes it this far.'.PHP_EOL;
?>

You could always write a redirect function too. Check for valid license and if it does not exist call your redirect function which will send them to a custom page you have developed.

Also, if somebody has access to your source code they are going to find your edit check, one way or another. All your effort here is lost.

Perhaps something like Zend Guard [zend.com] would be worthwhile? It's $600, so it's out-of-range for personal projects but quite reasonable for commercial products.

@jatar_k
" it stops the rest if there is an else around the rest of your code "
that would be the easyest code ever for a reverse engineer to undo! hahaha.

@whoisgregg
eval is maybe also too obvious. better then exit, thou.

I've been looking into [ionolicensing.com....] Much cheaper, and on the fly decryption. (their demo was broken, could not post on their forum and they won't reply to my mails, to I tested obfuscation).

If your project does not call for such an expense as the Zend encoder
you might want looking into ioncube
It’s affordable and an authority in that field too.

that would be the easyest code ever for a reverse engineer to undo! hahaha.
eval is maybe also too obvious. better then exit, thou.

I think you're setting your sights on your hypothetical hacker a bit high. It's a losing battle to hide your code from someone as knowledgeable or more knowledgeable than yourself. If you can think of it, so can they, so why bother?

Obfuscation is only economical to block the casual code thief, the people who don't know enough to know what to look for. Those folks will spend about 30 seconds trying to look for a "

$change_this_from_false_to_true_to_show_you_paid = false;

" and, when they don't find it, they'll either pay or move on to a different solution.

If you plan on making money off your work, then you have to make a business decision about investing in a solution that actually prevents reverse engineering. If you aren't planning on making money, or don't expect to make enough to pay for a true solution, then why hide it at all? Use your open source project to get links and traffic to your website which you can, if you so choose, monetize.

@henry0
yes, ioncube (see the post above yours) :-)#

@whoisgregg
yes, ioncube. (If they would ever bother to answer their mail).