Protect a PHP application with QLM Enterprise

QLM Enterprise can protect PHP applications with permanent, trial and device bound keys. A PHP library (source code included) exposes an API that enables you to provide your customers with an evaluation of your software and then turn it at anytime into a permanent license, or simply extend it for subscription based applications.

Important: Note that protecting PHP applications with QLM is only recommended if you compile your PHP source code or if it is guaranteed that the user will never have access to the source code. If you distribute your source code, then there's no possible protection because the end user can simply modify your souce code and remove the protection calls.

The PHP library along with a sample applications are provided in the following QLM Enterprise samples folder: %Public%\documents\quick license manager\samples\qlmenterprise\Php\QlmPhpSample

The sample contains 3 main classes: qlmLicenseLib.php, LicenseSettings.php and QlmApp.php.

qlmLicenseLib.php is the class that performs the license validation, activation, decryption, etc. You typically do not need to change any code in this library. The QlmLicense class in this package is the main class you need to interfact with. The most common methods of this class are document in the help under "Quick License Manager Enterprise / Non-Windows Platforms / Mobile Devices API".

QlmApp.php simulates your application. When the application is launched, the code checks if a license has ever been activated on the device. If no key was ever activated, a dialog is launched to allow the user to enter an Activation Key and activate it.

LicenseSettings.php contains your product's specific settings such as the URL to the License Server, the product ID, major version, etc. You must customize the settings in the file based on your own setup.

Use the QLM Management Console to create an Activation Key from the Manage Keys tab. Note that activation keys can be created from your server using our API or directly from one of the ecommerce provider integrated with QLM. For a full list of ecommerce providers integrated with QLM, check the help or our web site.

Once the user enters the Activation Key, the code calls the QlmLicense.ActivateLicense method. If activation is successful, encrypted license information is stored on the system. QLM uses RSA asymmetric encryption to store license information on the system. The RSA public/private key pair is automatically generated by QLM when you define a product in the QLM Application Define Products page. The keys are displayed on the Encryption Keys tab / Mobile Devices Encryption.

Note that the encrypted data stored on the device is encrypted on the QLM server using the RSA private key and decrypted on the user system using the RSA public key.

In the event a client does not have an internet connection to activate a license online, you can perform an offline activation as described below:

  • In the QLM Management Console, under the Manage Keys tab, locate and select the license to activate.

  • Click on the Activate button.

  • Fill in the Computer ID field on the Activation tab along with other fields as required.

  • Click on the Advanced tab.

  • Select a location where you would like to store a license file then click Ok.

  • Send the generated license file to your customer and ask them to copy it to the folder where your application expects the license file to be located.

Last updated