Template Encryption Until PAID!

[php4ever]

How to get paid by time locking your templates
I like to get paid when hired to do a job, maybe I'm strange because of it. But when I trust someone to pay me after a project is done, it irritates me when I get burned. I rarely request a deposit unless I'm after special files, photos or other things which will incur an expense up front.

I recently designed an XHTML / CSS osCMax template and a custom random flash rotator all fully XML controlled for a guy. It was so clean that employees could login in, add new banners to their featured products inventory, add the link and hit submit and the slide show would cycle featured products with links. I mean how easy can it get for this person. Well I never got paid because they said they couldn't afford my work but promised they wouldn't use my code. Yeah, BS!

So before you get burned by being a competent trusting coder or designer, do this; encrypt and time lock your code.

Anytime you want to deliver a design for a client to load up and test on his machine (common request even by scammers) you simply encrypt the code below the doctype all the way down into the <body> somewhere say about half way just for good measure. But do so ONLY AFTER you include the little snippet below.

How do I encrypt?
Zend and IonCube are great investments. I own a license of IonCube and its great but if you don't want to spend the $$ then use a product I purchased a few years ago that works dandy. You can visit http://www.jaredritchey.com/codelock/ and select SEGMENT on the right to paste in your PHP or HTML code type to encrypt. (REMEMBER to keep a backup of your unencrypted code. I'm not even going to tell you how foolish I was by forgetting that a year ago) So using my codelock tool on my site is fine just don't attempt to use other methods because all of the directories have been CHMOD 644 and will likely not encrypt your code.

So where is this time lock code?
To begin with create a file called time.php or getservertime.php and add the following PHP code to get the server time.

<?php
echo time();
?>

Next after you upload that to a server and access it in your browser you will get a long server time date back which we will use now as the "START DATE" for the time lock.

The code below is fully commented so you can examine it and all you do is create a expiration date like this.

If you want to give them 7 days to try your product then its;
7 days x 24 hours x 60 minutes x 60 seconds = 604800 for a 7 day trial
That number "604800" is going to be placed in the end trial variable. Lets look at the code below;

<?php
//PHP Code for timelock:
// add the following code to your project.
// the time reflects the linux / unix time using the simple echo time();
// the $start_trial time is the current time or the time I create the trial period to begin.
$start_trial = 1157044256;
// to add the trial time you multiply days times hours times minutes times seconds so
// it would be 7x24x60x60=604800 for a 7 day trial.
// add echo time(); to a file called time.php to get server time.
//$end_trial = $start_trial + 604800;
$end_trial = $start_trial + 604800;
$current_time = time();
$remaining_trial = $end_trial - $current_time;
if ($current_time > $end_trial) {
die('Your demo has expired. Jared would like to get off the government cheese program, <a href="http://www.jaredritchey.com" target="_blank">Pay The Man!</a> You will then receive the unlock files');
}
?>

Once you get your server time (AKA: start time) and enter your trial time you simply paste that code above in the header of your PHP or HTML (parsed by php) file. It can be in as many php files in your package as you like you highlight the code, copy it, paste it into the encryptor (after you save an original) you encrypt it, paste it back into your document, save it, deliver it and GET PAID. Because if you don't they get a message that instructs them to where ever you want.

Now I did make a version that sends you an email of the install location the first time its installed but some people get psychotic about that one. I did that when I would sell a template only to have it passed around like Paris Hilton. So I changed my method to encrypt a portion of the code by using PHP Includes and a domain lock in my templates. This saves headaches from being ripped off and it doesn't put a dent in the XHTML or CSS validation of the layout. The above method however does.

Is this a surefire way to solve this issue. No! any clever person can just recreate the header area of your template and any portion they feel should be required duping your efforts. However its difficult to do so and if you use dependent external includes, each encrypted as well, the task is daunting and it would be better if they just used PayPal to enjoy their new design.

~ Jared

[jpf]

I feel your pain.....

Why don't you host it on your own site before payment? (That way they don't have access to your customized PHP code until after payment.)

Setup a time line and payment schedules? If they don't pay after the first (modest) payment - they you stop work. This first step can be the MOCKUP/design that you have done in say a graphics package that has NO HTML/PHP code (or a screen pics/movie...). Upon them "approving the design" by pay a small "retainer" to make sure they are serous on paying you (say $40 or 60...).

Another way I just thought of - is host it on a remote PC and give access via VNC or Netmeeting. Yea slow a bit. But then they have FULL use for testing and they get the feel for the system. NO HTML or code can be transfered via a VNC session unless you manually transfer a file. Your 100% protected from fraud that way.

Don't get me wrong I do the same approach - pay me when done. However I make sure they know exactly how much they will be paying (not an estimate but a hard number - extra work is always quoted separately). I make sure they know how much the bill is as it goes though the project.

[php4ever]

Hello JPF, yes I agree and I had just answered that very question on another forum too and what I had said there was that most the people that hire me do so for bulk as I worked for one of the largest template houses on the web (whos name I wont mention) and its usually template resellers that hire me because they buy in bulk from me like 5, 10, 20+ for example and then they resell them.

I'm not entirely setup to do one up jobs although with as slow as business is I've been doing one up work at the price of multi product orders which is why I didn't really worry to much about being burnt. The price was low enough I figured any store owner could afford unless its just some hobby site then those come and go quickly.

I agree, deposits is my routine now but that script above none the less can have its purposes. I'm converting all 50+ OpenRealty templates I did and making them available for demo trial so people can see if they like it then they can buy. I'd setup a demo install which I've strongly considered but those things NEVER answer peoples questions "will it work on my server, etc and so on" largely because NONE of my designs are A-Typical they have some degree of customization to make them worthy of buying otherwise people would just go out, see a site, and clone it, but you can't easily clone php features and functions by looking at someones source code.

I'm always open to suggestions though.

Thank you for your reply

~ Jared

[php4ever]

Oh I've created an updated version of this that for all testing purposes validates XHTML, doctype, css and everything else that mattes while locking the theme to a specific domain.

I'll publish that for you people here at osCMax as soon as I get the tutorials on my blog written about it and how to use it.

The beautiful thing is this. You could sell one up designs and lock the design to work only an a licensed domain. This will help because your code wont be tossed around as frequently as an unprotected solution is.

I've also decided to try out an install notification script which in the osCMax installer so that you receive an email when ever complete installs are done that you distribute. Most of the designs I did for osCommerce for example naturally had to include the core because there were hard coded elements, images, and the database.

Wouldn't it be nice to know where your template is installed when it is installed. Well messing around with it I got this notification email to work just fine using the servers sendmail and I'll try a variant using phpMailer class. I can see countless good reasons to use this and naturally anyone here is free to use as they please.

I'll get back here and get this posted a bit later, right now I'm up to my NECK in WordPress 2.2 theme fixes for people.

~ Jared