基于Web的许可证激活 [英] Web-based license activation

问题描述

我有一个现有的应用程序有一个免费的路径，相同的代码/下载也可以通过给它一个许可证密钥升级到全功能的应用程序。这是用一些魔法和半黑客的方法来获取一些机器的名字。所以，基本上我每台电脑销售许可证。

目前的付款和激活步骤如下：

客户通过paypal付款，然后我收到一封电子邮件paypal然后发送客户的电子邮件请求他们的ID，所以我可以发回许可证密钥。这不是很好的原因。

如果我是客户，我不会留下深刻的印象。

这个主题在这里简单解释并提到：

http://secretgeek.net/25steps_21tools.asp

不幸的是，我不太清楚备择方案。我想能够以编程方式做所有这些。我有自己的域名，它托管在linux服务器上。如果需要，我可以使用服务器端代码。

我想要的是获取客户端许可证密钥的自动化过程。他们将不得不向前提供机器ID（无法在paypal中看到）或回复电子邮件。

在许多/有些情况下，软件不在具有互联网接入的机器上，所以通过软件支付是不好的。

我可以想到很多涉及到我网站上的代码的rube-goldberg的东西，一些涉及数据库，所有涉及到使用许可证密钥等等。

支付服务是好的 - 我不想花时间在这个东西 - 我有很多事要升级产品。

现在是Win32 - 希望尽快转到Mono。

我更喜欢将许可计划保留为它是一个与机器有关的钥匙。

有没有人有一个很好的干净的解决方案？

编辑：
两个答案（只有两个的写作）是好的。我要做的是PayPal IPN的事情，并且IPN通知页面发送一个包含表单链接的电子邮件。它还将使用authcode进入数据库，稍后将进行检查。

客户进入链接，从他们的特定机器输入详细信息，以及从IPN / Paypal发送的验证码。我检查数据库以确保这是有效的，而不是重复的，然后如果成功显示许可证密钥，并将其发送给他们。

尚未实现，但应该都可以正常工作。只需要砍掉一些php。

编辑

感谢您的建议。这一切都完成了，现在使用PHP，mySQL和paypal ipn。

解决方案

这是一个适用于我的商业产品的方案。

购买时使用 PayPal IPN 来生成一个激活号码服务器端（我用PHP + MySQL这样做），将其存储在一个数据库中，并将其发送给新客户。

客户收到激活码并将其输入到您的产品中。

产品验证激活码，然后生成硬件/机器代码。然后，它将返回到您的服务器（我使用经过身份验证的HTTP POST请求返回到我的服务器），以验证激活号码是否仍然有效，并且机器代码是否正常。

服务器端，您可以在将机器代码与激活号码关联之前检查机器代码是否未激活，并告知产品允许激活。

如果激活码已经准备就绪，您可以禁止激活。

您可以在此基础上构建更多功能。像大多数复制/许可证保护一样，它可以被绕过，但它可以让您对合法客户的控制得到可观的控制。

I have an existing app that has a free trail, and the same code/download can also be "upgraded" to a full-featured application by giving it a "license key". This is done with some magic and the semi-hacky method of getting some name for a machine. So, basically I am selling licenses per computer.

The current payment and activation proceed as follows:

Customers pay via paypal, then I get an email from paypal and then send customer an email to request their ID, so I can send back a license key. This is not optimal for a lot of reasons.

If I were a customer I would not be impressed.

The topic is briefly addressed and mentioned here:

http://secretgeek.net/25steps_21tools.asp

Unfortunately I am not sure of the good alternatives. I want to be able to do all this programmatically. I do have my own domain and it is hosted on linux server. I can server side code if needed I suppose.

What I want is an automated process for getting the license key to the client. They will have to either supply the machine ID up front (no way that I can see in paypal) or in a response to an email.

In many/some cases the software is not on a machine with internet access, so a pay through the software is no good.

I can think of lots of rube-goldberg things that involve code on my website, some involving databases, all involving CCing me with license keys, etc.

Paying for the service is fine - I do not want to spend my time on this stuff - I have lots to do to upgrade the product.

It is Win32 right now - moving to Mono soon hopefully.

I prefer to keep the licensing scheme as it is - with a key tied to a machine.

Does anyone have a nice clean solution?

EDIT: Both answers (only two as of this writing) are good. I am going to do the paypal IPN thing and have the IPN notified page send an email with a link to a form. It also will make an entry into a database with the authcode - which will be checked later.

The customer goes to the link, enters the details from their specific machine and the auth code I send from the IPN/Paypal. I check the database to ensure this is valid and not a duplicate, and then if successful display the license key and also email it to them.

Not implemented yet, but it should all work. Just have to hack out some php.

EDIT

Thanks for the suggestions. This is all done and working now using PHP, mySQL and paypal ipn.

解决方案

Here is the scheme I use for a commercial product which works well for me.

Upon purchase use PayPal IPN to generate an activation number server side (I do this with PHP + MySQL), store it in a database and e-mail it to the new customer.

Customer receives the activation code and enters it into your product.

The product verifies the activation code and then generates a hardware/machine code. It then goes back to your server (I use an authenticated HTTP POST request back to my server) to verify if the activation number is still active and if the machine code is okay.

Server side you can check if the machine code has not been activated before you associate the machine code with the activation number and tell the product to allow activation.

If the activation code has all ready been used you can disallow activation.

You can build on all this for more features. Like most copy/license protection it can be bypassed but it gives you a decent amount of control over your legit customers.

这篇关于基于Web的许可证激活的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！