116 lines
3.7 KiB
PHP
116 lines
3.7 KiB
PHP
<?php
|
|
/**
|
|
* LICENSE MANAGER SERVER (Standalone Module)
|
|
*
|
|
* This is the central authority that manages license keys and activations.
|
|
* It should be hosted on a secure, separate server.
|
|
*/
|
|
|
|
header('Content-Type: application/json');
|
|
require_once __DIR__ . '/config.php';
|
|
|
|
// Simple Router
|
|
$request_uri = $_SERVER['REQUEST_URI'] ?? '';
|
|
$endpoint = '';
|
|
|
|
if (strpos($request_uri, '/activate') !== false) $endpoint = 'activate';
|
|
if (strpos($request_uri, '/verify') !== false) $endpoint = 'verify';
|
|
if (strpos($request_uri, '/deactivate') !== false) $endpoint = 'deactivate';
|
|
|
|
// If running as a simple script without proper URL rewriting
|
|
if (empty($endpoint)) {
|
|
$endpoint = $_GET['action'] ?? '';
|
|
}
|
|
|
|
$input = json_decode(file_get_contents('php://input'), true);
|
|
|
|
try {
|
|
$pdo = db_manager();
|
|
} catch (Exception $e) {
|
|
echo json_encode(['success' => false, 'error' => 'Database connection failed.']);
|
|
exit;
|
|
}
|
|
|
|
if ($endpoint === 'activate') {
|
|
$key = strtoupper(trim($input['license_key'] ?? ''));
|
|
$fingerprint = $input['fingerprint'] ?? '';
|
|
$domain = $input['domain'] ?? '';
|
|
$product = $input['product'] ?? '';
|
|
|
|
if (empty($key) || empty($fingerprint)) {
|
|
echo json_encode(['success' => false, 'error' => 'Missing required parameters.']);
|
|
exit;
|
|
}
|
|
|
|
// 1. Find License
|
|
$stmt = $pdo->prepare("SELECT * FROM licenses WHERE license_key = ? LIMIT 1");
|
|
$stmt->execute([$key]);
|
|
$license = $stmt->fetch();
|
|
|
|
if (!$license) {
|
|
echo json_encode(['success' => false, 'error' => 'Invalid license key.']);
|
|
exit;
|
|
}
|
|
|
|
if ($license['status'] !== 'active') {
|
|
echo json_encode(['success' => false, 'error' => 'License is ' . $license['status'] . '.']);
|
|
exit;
|
|
}
|
|
|
|
// 2. Check current activations
|
|
$stmt = $pdo->prepare("SELECT COUNT(*) FROM activations WHERE license_id = ?");
|
|
$stmt->execute([$license['id']]);
|
|
$current_activations = $stmt->fetchColumn();
|
|
|
|
// 3. Check if this machine is already activated
|
|
$stmt = $pdo->prepare("SELECT * FROM activations WHERE license_id = ? AND fingerprint = ?");
|
|
$stmt->execute([$license['id'], $fingerprint]);
|
|
$existing = $stmt->fetch();
|
|
|
|
if (!$existing) {
|
|
if ($current_activations >= $license['max_activations']) {
|
|
echo json_encode(['success' => false, 'error' => 'Maximum activation limit reached.']);
|
|
exit;
|
|
}
|
|
|
|
// Record new activation
|
|
$stmt = $pdo->prepare("INSERT INTO activations (license_id, fingerprint, domain, product) VALUES (?, ?, ?, ?)");
|
|
$stmt->execute([$license['id'], $fingerprint, $domain, $product]);
|
|
}
|
|
|
|
// Success: Return signed token
|
|
$token = hash_hmac('sha256', $key . $fingerprint, SERVER_SECRET);
|
|
echo json_encode([
|
|
'success' => true,
|
|
'activation_token' => $token
|
|
]);
|
|
exit;
|
|
}
|
|
|
|
if ($endpoint === 'verify') {
|
|
$key = strtoupper(trim($input['license_key'] ?? ''));
|
|
$fingerprint = $input['fingerprint'] ?? '';
|
|
$token = $input['token'] ?? '';
|
|
|
|
// Simple validation: re-calculate token and check DB status
|
|
$expected_token = hash_hmac('sha256', $key . $fingerprint, SERVER_SECRET);
|
|
|
|
if ($token !== $expected_token) {
|
|
echo json_encode(['success' => false, 'error' => 'Invalid activation token.']);
|
|
exit;
|
|
}
|
|
|
|
$stmt = $pdo->prepare("SELECT status FROM licenses WHERE license_key = ?");
|
|
$stmt->execute([$key]);
|
|
$status = $stmt->fetchColumn();
|
|
|
|
if ($status === 'active') {
|
|
echo json_encode(['success' => true]);
|
|
} else {
|
|
echo json_encode(['success' => false, 'error' => 'License is no longer active.']);
|
|
}
|
|
exit;
|
|
}
|
|
|
|
echo json_encode(['success' => false, 'error' => 'Invalid endpoint.']);
|