Joe H wrote:
> Eddie Shipman wrote:
> > I would create a PHP script that does that for me. I would send the
> > information in a POST request using Either Indy HTTP or even
> > WinInet. I would have a database on my website with the info in it
> > and use PHP to query the database and return a validation code to
> > my program for valid users. If a validation code was not returned,
> > I'd disable my program.
> >
> > Very simple to do using PHP/mySQl and most hosts support that
> > combination.
>
> I found surely the simplest way of doing it. Web accesses are
> automatically entered in our website logs along with any parameters
> that were sent with them. Using that, all I need to do is, if a user
> is on the unauthorised list, I pull up a web page with an error
> warning that tells the user to call tech support, and that access
> includes an encrypted form of the program's serial number as a
> parameter. At the end of the month I scan the logs looking for
> accesses to that page and decode and lookup the parameter codes to
> identify which user attempted the access. This requires no database,
> no backend support on the web site, no script (not-even javascript in
> the web page) and really should do all that I need to do with this.
>
> If you see any problems with this approach, please point them out.
> Thanks again for answering.
How will your web app know if they are authorized?
--
