Also keep in mind that DRM and other solutions are often controversial, and will reduce your sales (especially among early-adopters). On a personal level, I would suggest viewing this as a compliment. After all, your script was useful enough that someone bothered to pirate it within a week!
PHP is easily decoded, so for people who really want to know, it's easy to find out the source code. However, there are certain obfuscator programs such as this one that'll make your PHP script almost unreadable for those trying to decode it.
Try ionCube or Zend Guard. They are both commercial offerings, but you say that you are selling your software so it might be worth it. Although nothing is foolproof and can be reverse engineered with enough effort and technical skill, these solutions are probably good enough for the average PHP script vendor.
I agree with Samoz's suggestion to keep the logic server side, however this can often be hard to do. The best strategy is to make the user want to buy it by offering updates automatically to registered users, as well as installation, advice and good support. You are never going to sway people hell bent on pirating, however your goal should be to persuade those who are undecided as to whether to pirate or purchase the script.
Jumping in very late to this conversation, but saw this question featured. Nobody mentioned contacting a lawyer and pursuing litigation. You likely saw the script on a server - hosted by a known hosting company - you can probably get a DMCA takedown to have the script removed. If you really press the case, you may be able to sue for damages.
If your script won't consume a lot of bandwidth, you could keep your \"logic\" server-side, as samoz suggested, but if your users won't use it responsively ( a crawler, for example ), this could be trouble.
In general it's hard to prevent users from stealing code when the program is written in a scripting language and distributed in plain text. I've found that did a really nice job of being able to sell PHP code but still give the code to users.
Nulled scripts are commercial web applications that you can obtain from pirate websites that have been modified to work without a license key. They are the web equivalent of pirated software. They include commercial WordPress themes and plugins.
Yeah, I knew about this some months ago.I downloaded a script for study and suddenly my Avast! Antivirus alerted.On scanning I discovered social.png was the culprit.So I simply used the antivirus to remove it and then saw the above php code in the theme files and removed it too.Now it is standard practice to scan every theme I get no matter the source. Safer that way.
This is something you need to pay particular attention with when switching themes. There are certain themes that have features where you can add the meta description, title tags, etc from the theme backend.
Het Nederlandse beveiligingsbedrijf Fox-IT ontdekte dat er duizenden plug-ins en thema's voor de populaire contentmanagementsystemen in omloop zijn die voorzien zijn van CryptoPHP. Van die malware zouden inmiddels zestien verschillende versies zijn. Het bedrijf schat dat er minstens een paar duizend sites besmet zijn. De ontwikkelaars van CryptoPHP zouden sitebeheerders verleiden met illegale versies van add-ons, waar ze normaal gesproken voor zouden moeten betalen. Zo kwamen de scripts van onder andere de Nulledstyles.com- en Dailynulled-sites met zogenoemde 'nulled scripts'. 076b4e4f54