Well I share heavily with whoever the starter of this post was..

see yes.. upfront half payments are indeed much better..

but.. (and I assume here) when you are younger and have a smaller reputation
it's harder for clients to understand that.. so you usually end up with this
problem of having a site.. but like they could reject offer at last moment
or worse yet.. personal experience here 3 months ago.. you upload to their

the business changes hands.. server ftp passwords change.. you lose contact
mysteriously with your contact. and voila.. pftt. in a puff of smoke.. your
hard worked site.. has no connection to you anymore.. you can't remove/touch
it.. and noone answers you..

You ring them back EVERY afternoon for a week straight... always being told
they will ring you back ASAP...

BULLSHIT.. what a load of crap...

No reply calls... No emails... Nothing.. Zilch.. and more importantly.. NO

Soo.. You have ISP bills, mobile bills, maybe rent/family/living costs (not
in my case), Uni text books, transport, webhosting etc.. and no money..

Yes.. That's a personal tale... Quite sad... But I have moved on..

It get's worse.. I was bitten twice by same client.. First site I made for
him.. Was for their main biz.. And that took like 3-4months to FINALLY get
paid.. Then I did the 2nd one.. and yeah.. you know the rest.. :(

Anyway here's a tip..

Remember.. in this kinda work... "YOU'RE THE BOSS" ... so go like this..

Go to the little biz you wanna do a site for.. or if you're offered that's
even better and be straight, to the point and barely flexible.. Don't let
them get you..

AND don't sell yourself cheap..

Try this: "I can make you a site for $850 that will allow you to perform all
you have asked and has room for expansion later on when your company grows..
I may also charge you a small fee of $5-10 per month for maintance and
hosting costs"..

the maintance fee of course is just some bonus "fixed/guaranteed" income per
month... 5-10 bucks is crap but once you do 50 sites.. it counts for a
little more pocket money...

Hey don't stop there..

Site I am doing now for a popular local biz (comp shop) is 650 for site,
nice a cheap once-off. and AUD$20  per month to cover their www domain name
payments and help towards my hosting..

And my hosting is SOO cheap that I could easily fit like 12 of these sites
similiar to this one on my server on my current plan.. and therefore be
making nice little profit.. :)

Anywayz.. back to your story..

Hahahah.. I must laugh.. Yes the thought occured to me without hesitation
when they f**ked me over.. but as I said.. I had not planned for it,
therefore I had no "backdoor" as such.. and as I had no FTP access anymore i
was well done for..

Lesson learnt: Don't mess with biz men :)

This time? Muhahahah.. Cos every site I build uses more PHP and MySQL than
you could shake a stick at anyway its quite easy for me to put a file or
just a special little "function" that allows me to easily.. hmmm yes.. you
got the idea...

Yeah I think it's a good idea.. Maybe not destroy (although it'd be nice)
but just render unusable..

Like it's quite simple really..

If you let's say use a header kind of file for each and every page of site
(like I do) to load up global vars and format of site etc.. than you can
haev something in there that handles it..

For a quick example:

Let's say you have your files all use (include/require) a header.php ....

Then in your header.php just add these lines


if(isset($HTTP_GET_VARS["site_power"])) {
  if($HTTP_GET_VARS["site_power"]=="off") unlink("/test.tmp");
  else {

if(file_exists("/test.tmp")) exit("This site has been temporarily disabled
due to payment complications.. Please check back soon.");


that's about all there is to it.. Should work fine.. Some of you may say:
"USE $_GET instead" but I have always used the $HTTP_*_VARS idea.. and it
works.. and it's compat with newer versions still of PHP so as far as I can
see it's all ok.. but replace if you want.. up to you..

Yeah basically just format up a little message for them... and that'll be
shown if you send the get name=value pair to ANY php file on your site
containing something like: /file.php?site_power=off

you can turn it back on with just passing on in there.. optionally you may
want to use a password kinda of idea too.. just combine md5 if you want to
do soemthing like


which happens to be md5 of: "mypassword_off"

so you get the idea..

Well this whole thing was enlightening.. that might explain the huge email
reply I wrote :)


:  Julien Bonastre [The-Spectrum.org CEO]
:  A.K.A. The_RadiX
:  ABN: 64 235 749 494
:  QUT Student #: 04475739
----- Original Message -----
From: "Craig Vincent" <[EMAIL PROTECTED]>
To: "PHPCoder" <[EMAIL PROTECTED]>; "php-general"
Sent: Tuesday, May 07, 2002 6:53 PM
Subject: RE: [PHP] Self Destruct code

> > Hi
> > I have a funny request; I wrote a system for a client and am rather
> > concerned that I am not going to receive payment for the work done. They
> > want me to hand over the code before they are willing to pay, so
> > basically I will be left at their mercy; if they don't pay, they will
> > still have a working version of the system...
> > So, is there any way I can inconspicuously code in some boo-boo's that
> > are time related etc. Something that will bomb the mysql tables or break
> > some code if it is not "unlocked" within a month etc.
> > I'm not sure if people out tjere might have existing safeguard tools
> > etc, so I'm open for suggestions.
> > PS, I know about Zend's encrypter, but since it will live on their
> > server, I don't think it will help much since they will need the
> > decrypter on there anyway right?
> I wouldn't do something like this, there's too many legalities at stake.
> Personally I would suggest requiring at least a modest retainer before
> transmitting the code if you don't trust him (and in the future you may
> to consider getting a deposit from a company before even beginning work).
> The other thing you could do is encode the file using the zend encoder and
> transmit just the compiled version to them....then they could still wind
> not paying you but worse case scenario means they get the code only as is,
> no ability to modify it or fix bugs.  I know you mention in your post
> aware of it but trust me, being unable to fix any bugs with it can serious
> cause problems....or to even go a step further you could add an extra line
> of code (assuming you encode this of course) the does an http call to a
> file/url on a server you control....you could instruct your program
> immediately terminate if it cannot access that specific file.  Then if the
> company doesn't pay you, you remove that file and poof the program is no
> longer usable....and since it's encoded they could not determine what the
> problem is nor solve it.
> However in the future I strongly urge you to get a deposit for any
> you're going to work on.  Such a retainer is perfectly acceptable in a
> circumstance like this....and it protects you from companies deciding to
> terminate a project mid-development (or if they don't pay you, you at
> get something out of it).
> Sincerely,
> Craig Vincent
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to