如何为C#应用程序添加有限的时间和功能?
[英]How to add limited time and functionality for C# application?
问题描述
I have desktop C# application, What is the best way to add these functionalities: 
我有桌面C#应用程序,添加这些功能的最佳方法是什么:
- Limited time after which the app needs reinstall? 在有限的时间内需要重新安装该应用程序?
- Limited privileges? 特权有限? (Each user will have different access to some functions of the software) (每个用户对软件的某些功能都有不同的访问权限)
I want these options without login or server accessibility. 我希望这些选项不具有登录名或服务器可访问性。 I want something like library or dll. 我想要类似库或dll的东西。
1 个解决方案
解决方案1
0 已采纳 2016-08-29 04:37:57
It can be easily done and it is very hard at the same time.
它很容易做到,同时又很难。
Why can it be easily done?为什么容易做到? You can simply write the time of the first launch \\ installation in a text file / registry / somewhere else, and check it on every launch. 您可以在文本文件/注册表/其他地方简单地编写第一次启动\\安装的时间,并在每次启动时进行检查。
However, I would not rely on this approach since any experienced user can "reset" this limitation by deleting / modifying your file / registry key.但是,我不会依赖这种方法,因为任何有经验的用户都可以通过删除/修改文件/注册表项来“重置”此限制。
If your application is commercial, then it means (often, huge) loss of money.如果您的应用程序是商业应用程序,则意味着(通常是巨大的)金钱损失。
Recall how different commercial applications provide trial functionality (MS Windows, MS Office, Adobe Photoshop etc.) and recall how easily they are all cracked with a 300 KB application :)回顾不同的商业应用程序如何提供试用功能(MS Windows,MS Office,Adobe Photoshop等),并回顾使用300 KB应用程序对它们进行破解的容易程度:) If you want to make it safe, then you need to use generated and expirable license keys - better with license server , since offline keys generation / validation algorithm can be easily hacked as well.
如果您想使其安全,则需要使用生成的和到期的许可证密钥- 许可证服务器更好,因为脱机密钥生成/验证算法也很容易被黑客入侵。 You cannot implement a role-based system without login / computer / any other identification, because you need to differentiate your users.
如果没有登录名/计算机/任何其他标识,就不能实现基于角色的系统,因为您需要区分用户。 The only way to do this is to implement different applications for different roles. 唯一的方法是为不同的角色实现不同的应用程序。 Priviliges / roles etc. without a server also means hard-coded priviliges, and that's very bad.
没有服务器的特权/角色等也意味着硬编码的特权,这非常糟糕。
You can create something like a resource file with information about who is administrator and who is a simple user (for a two-role system, for instance).您可以创建类似资源文件的内容,其中包含有关谁是管理员和谁是简单用户的信息(例如,对于两角色系统)。 Then, in your code, implement logics based on their roles:
然后,在您的代码中,根据其角色实现逻辑: if (Session.User.IsAdministrator) // all are own-written classes, of course buttonRemoveUser.Show();It can be done in a way much better approach using role providers etc., it is all up to you.
可以使用角色提供程序等更好的方法来完成此操作,这完全取决于您。 However, these users and roles can be easily cracked through a decompiler / resource viewer.
但是,可以通过反编译器/资源查看器轻松破解这些用户和角色。 Also, if any user credentials become compromised, you cannot block this user or change its password. 另外,如果有任何用户凭据被泄露,则无法阻止该用户或更改其密码。
The proper solution is to use server authentication .正确的解决方案是使用服务器身份验证 。
You want to create a system with functionality, which requires client-server architecture. 您要创建一个具有功能的系统,该功能需要客户端-服务器体系结构。
Think twice before trying to implement it as offline application. 在尝试将其实现为脱机应用程序之前,请三思。
If it was possible and secure, then why would people use servers at all? 如果这是可行且安全的,那么人们为什么还要使用服务器?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.