I want to write a script in PHP and javascript and somehow protect my source code so that I can sell my script.
I am looking for ideas how to protect my script. If I sell it to someone, how can I stop that person from redistributing it as their product?
I know there is ZEND and ionCube, but are there any other methods? As I don't like to force a user to have zend optimizer installed on the server.
Is there any way of generating a "serial number" protection for these scripts that cannot be removed by editing the code?
There are ways to obfuscate and encrypt your code but if you rely on your profit coming from folks having a hard time cracking your code, not on the quality/usability of your code/programming then I think you're approaching your market from the wrong perspective.
Make your code's accessibility a feature, which could make it easier for your customers to audit their security or get/make plugins to enhance your code's usability.
Sorry; this isn't really an answer to your question, is it?
There is no way. You can obfuscate it, but not make it impossible to steal.
As with the answer from rice bowl, you should focus on the functionality and usability rather than the protection. In my view torrent users who steal the script should be the least of your concerns, as the type of people who steal scripts probably wouldn't pay for it anyway. Offer services to help enhance the product that's not available for illegal downloads, such as installation and configuration, user forum for registered purchasers, new updates through automated downloads from your server, etc. This will make your code less valuable and the product as a whole worthwhile.
As for protection, it is not really a problem of having Zend, Ioncube or Source Guardian on the users server. Even a novice can decode zend, I have seen Ioncube be decoded, and I imagine Source Guardian will fall quickly if it hasn't already. There is no safe way to prevent people stealing your code, so instead you need to make the user want to buy it.
Unless the code is hosted on your server, there is going to be a way to reproduce it. If you store it in an encrypted string, at some point you will need to eval() it, and by changing the eval to a echo you get the full text of the program. Thats why people hire programmers to work for them instead of just getting buying software.
Just as a side note, this is the same sort of thing that the movie and music industry gets into. They try to restrict things, and end up having people go and crack the code. The only difference is that PHP is much easier to change.
Don't sell scripts, sell maintenance and service. Give your scripts away- it is always the particular application that has value for the end user.