I offer a number of free scripts that allow Joomla users to search add-on components from the main search feature. In order to drive traffic to my site, I display my website in the results of the search results. Kind of sneaky I know but it does the job. Most users can nearly eliminate any sign of the credit link if they select "When Related" in the credit link options. Nevertheless, I still get requests to remove the link completely. I write the free scripts to attract visitors and the credit link is my reward. The traffic becomes clicks and the clicks become cash, etc...

For my next update of scripts, I would like to offer users the chance to purchase an activation key that would prevent the credit link from being displayed.

Here is a little background on the search scripts.

A package is a ZIP file with and XML document and a PHP document. The XML tells Joomla what the parameters are for the script and adds the appropriate data to the database. The PHP file reads the fixed and user set parameters and then searches the components database tables for related records and send the data to the main search system.

What I did was to insert my link information into the database and perform a search on that table as well. By default, the search has no where clause so the link is always returned. This is by far the simplest section of the code. LOL

What I want to do is generate a different identification code for each script download and store that information in a separate database table. Both the XML and PHP files will be marked with this ID and that ID will correspond to and activation key that is either generated on the fly when they purchase the key or stored in the database when the ID is generated. I can add a parameter to the XML file to allow the insertion of the key and I can have the script check that key against what the key should be for that script's ID.

Obviously most of my users can't hack my code or they would have done it by now but if I do one key for everyone, everyone will be selling them. I also don't want the magic key to be found by simply looking in the database or script.

I can do a number of hashes and other methods to generate the key but usually with a little looking into the code, the method is easy to find and replicate. I had considered doing the process backwards. Create the key and then the ID is the hash of that string. So that to turn the credit link of, the script takes the inputed key, hashes it and if that equals the ID then the key is good. Since the script would generate that which the user already knows only after the key is generated, the key would be more difficult to determine unless extreme measures are taken like reverse MD5 hashing. I you get what I mean?

I don't want to get too complicated and I cannot assume that any libraries are available on the user's server.

Any ideas or thoughts?

Thanks,
vujsa

__________________
Need PHP Help? - Handy PHP