Simple serial/activation number

I am not talking about an anti piracy protection (I’d consider myself successful if someone decides it’s worth pirating it)… What I would like is to keep track of people using my app. No matter if it’s free or paid.

What would be the technique/approach in my code to let a user activate the app with some code I’d send by email ? How should I create that serial/activation number ?


In another thread you say that do not want to try selling your app before it is "1000% confident it works good and it’s bug free. ". Don’t you think this matter of license number is a bit premature ?

Are you even sure it is at all necessary ?

Honestly… I don’t know… I thought that keeping track of who uses/installs the app might be a good idea… don’t you think ?

Here’s some thoughts:

You need to run your own server for this, of course. On that, place a php file that contains code like this:

<?php function log_call() { $now = date('Y-m-d H:i:s'); $rawinput = file_get_contents('php://input'); $addr = $_SERVER['REMOTE_ADDR']; $uri = $_SERVER['REQUEST_URI']; file_put_contents('calls.log', $now."\\t".$addr."\\t".$uri."\\t".$rawinput."\ ", FILE_APPEND); } log_call(); ?>
You may have to create an empty “calls.log” file first. Then, every time this php file gets requested, it’ll log the request.

Next, you could use a HTTPSocket to make a GET call to this address. But at least on OSX people may be using a URL-centric firewall (“Little Snitch”) to block outgoing requests like this. That may prevent your from learning which of the more computer-savvy users are using your app.

A trick that’s easy to do and works fairly well around that is to use Xojo’s ShowURL instead, which will open the user’s web browser. That may as well be blocked the same way, but that’s much less likely, because monitoring every site with a firewall that you want to visit in your browser is too tedious to most. So, usually, web browsers aren’t blocked this way and you’ll get the request to your server sent. If your web page then even shows something like “Thanks for trying my software”, it’ll be innocuous, i.e. people won’t be suspicious why your app did that.

But if you do that, you need to make sure you won’t do that again next time the user launches your app. So you need to store a flag that you did that ShowURL already. Store it with the app’s prefs, for instance. But you may keep calling your server using the HTTPSocket at every app start - the user won’t notice that much, so you can keep doing that.

And while you’re doing that, you may as well calculate a large random number, e.g. by adding the strings of the current date+time (Date.SQLDateTime), the user’s name or the system’s creation date, and maybe the primary network’s MAC address, and checksumming it with the MD5 function. Then store that value on the user’s disk as well. Now, when you make your call home, include that value as a parameter in the ShowURL call (by appending: “?id=”+userid) and in the HTTPSocket.Get call.

Also, you could keep incrementing a counter every time the user launches your app, and include that info, too. That way, you learn how many users use it frequently and how many use it only a few times and then stop using it.

Also, for those who read this because they’re actually interested in a serial number method, I suggest reading my article on this:

If your free app is any successful (which I wish for you), you will not deal with hundreds of activation, but tens of thousands. That is a lot of data.

Any activation system can be a source of errors, and it needs some maintenance. I have been delivering software over the Internet for years, and you would not believe the number of users who cannot simply enter their email address.

The best statistic I know of for free software is the number of downloads, which any average server will usually provide very nicely.

Thomas gave you good pointers for the rest.

thanks for the feedback!