verify content format of licenst text file - license addon

[durangod]

i got the license addon and i have the license key and also the local key working correctly, im using a flat file for the local key, it is encrypted as you know.

 

If i am going to get contents of a file and use those contents i am concerned about security. Meaning i would like to check the contents of that flat file to make sure it is genuine.

 

I know this is a stretch, but i am concerned that the flat file could get corrupted by some sneaky ass hacker and i would not be checking a valid local key file.

 

So i thought i could do this by making a mirror image of the file and doing a compare before i get contents. Or i could somehow validate the contents before get contents function.

 

Maybe i could count characters in the string, put contents, then compare the number of characters before the next get contents. This would at least allow me to know that i am probably pulling exactly what i posted before.

 

Maybe there is a new php function that verifies that the content in a string is encoded.

 

Im not sure which way is best or if honestly this is overkill, i tend sometimes to try to relieve every possible situation but i know it may not be possible entirely. It might be overkill especially since the we are also dealing with a license key validation.

 

Any suggestions for doing this, mirror image? char count? something else?

 

Basically do you feel its a good idea to compare the txt file and validate that it is genuine?

 

Thanks.

[laszlof]

store the md5 hash of the contents of the local license key in the file that does the license check. Then you can ensure (mostly) that the license file has been unaltered.