SolidPHP

• Iono Home
• Forums
• About
• Hosting
• Servers
• Contact

iono Documentation - Licensing

iono is a product licensing and distribution system that allows you to sell your products and keep track of where they are installed to enforce your licensing restrictions. This is achieved by integration a small amount of code generated by iono into your own source code. The code communicates with your installation of iono and checks the validity of the customer's license.

iono offers several different methods of integration your product. Our recommended option is the Local License Keys method but several other options are also available.

License Key String

The license key string is generated automatically by iono and is used to uniquely identify the customer's license. The key string is generated in the format:

User ID-License ID-Product ID-Timestamp-Hashed Product License ID

You can use this to restrict the license based on the product in use. It is the product license ID you're after to do this - this is specific to each type of product license you can add. The hashed product key is generated by:

substr(md5($license['product_license_id']), 0, 8)

The integration code does not include the functionality to check that the correct product ID is used in the key. However this is something that will be added in v1.2.0. This means to compare the value you will need to md5() hash the ID and then substr() it by 8 characters.

But to integrate this into your code is easy. For example, if this is your product:

Product XYZ -- Free Trial (ID 1) -- Leased License (ID 2) -- Owned License (ID 3)

Then you could have code looking like this:

<?php  
//$product_id = substr(md5(1), 0, 8); // Free Trial  
//$product_id = substr(md5(2), 0, 8); // Leased License  
//$product_id = substr(md5(3), 0, 8); // Owned License    

if ($key_parts[4] != $product_id)  
{  
	echo 'License Error: Invalid license key for license type in use.';  
	exit;  
}  
?>

Then in your download for the free trial, you would uncomment the first line, and so on. Note that this assumes you have different download packages for each license type to allow this code to be changed for each package.

To actually get the product ID from the key, you just use explode() where - is the separator:

$key_parts = explode('-', $license_key);

The key will have the array key of 2.

Developer Reference

The code generated by iono is a quick way of integrating your product into the iono licensing system. However, it is possible to develop your own remote calling code.

The Remote Request

The remote call to iono is made using an HTTP GET request to remote.php. This then calls the licenses remote function file at sources/remote/licenses.php. This file dissects the query string sent in the GET request and calls several functions to validate the license key.

The query string sent in the GET request is built up as follows:

remote.php?remote=licenses
&type=1
&license_key=urlencode(base64_encode($license_key))
&host_ip=urlencode(base64_encode($_SERVER['SERVER_ADDR']))
&host_name=urlencode(base64_encode($_SERVER['SERVER_NAME']))
&hash=urlencode(base64_encode(md5($request)))

The type defines whether this is a per page request (1), install request (2), install & bind request (3) or a per page & bind request (4).

Every component of the string is first base64 encoded and then URL encoded to ensure the data arrives at the iono installation intact.

To ensure the security and validity of the data, a hash is also transmitted with the string. The entire string (except for the hash) is stored in the variable $request which is then md5 hashed before being base64 encoded and the URL encoded. This provides a hash of the full request string which can be checked when it arrives in your installation of iono. If the hash does not match the query string then an error code is sent back.

As well as a security hash, the user agent is also checked. The user agent sending the request must be iono (www.olate.co.uk/iono) or an error will be returned. The Remote Response

After you have sent the remote request to iono, it will respond with a status code and a hash in the form of:

status-hash

This response will be in plain text. The status will be one of the following:

• 0 - License disabled
• 1 - License OK
• 2 - License suspended
• 3 - License expired
• 4 - Install limit reached
• 10 -Invalid request/license (no type specified, user does not exist, hostname does not match, IP does not match or incorrect license key)

The hash is generated based on the hostname of the server and the user defined string. The user defined string is randomly generated when you install iono and can be seen on the Settings page of the iono admin control panel. It is checked as follows:

md5($user_defined_string.$_SERVER['SERVER_NAME'])

If the hash sent by iono is checked and does not match the hash generated by the code, then an invalid hash error will be generated.

© 2008 - SolidPHP, Inc. - Legal Notices Home - Docs - Development - Forums - Customers