Hello, I have been wondering how to keep a value even after a program ends. An example could be a countdown of days on a trial of a product. It must be able to not be changed by the user. How would I do this?

Several ways

  • save values to a file on program exit and read on program start
  • save values in the registry
  • save values in the program *.exe file

All you really need to do is save the installation date in a hidden file somewhere then read it each time the program starts and compare that date with the current computer's clock.

>save values to a file on program exit and read on program start
Coupled with encryption and a good tampering check, I'd prefer this one.

>save values in the registry
Which adds a whole new layer of complexity to your application. Best to avoid the registry.

>save values in the program *.exe file
Maybe I'm not up on the latest tricks, but I don't recall ever hearing about this one. It sounds like a good way to corrupt your executable if you aren't careful. ;)

If you aren't concerned about portability then the registry would be my first choice because it isn't reall all that difficult for programmers who have a pretty firm grasp of c or c++ language. There's only two or three win32 api functions you need to learn in order to implement this. Of course any half-decent hacker can easily change the registry entry to whatever he wants. I would encrypt the data to make that more difficult to accomplish.

I have written a few things in the *.exe itself, but its very tricky For example in your case the installation program could add a date to the end of the *.exe file and the *.exe file could read that date each time it is executed.

Ok, how would I put the date at the end of the *.exe file? I want it to bee as secure as possible. I have heard of a lot of programs that can decode a hash, so I don't want to use the registry or a file.

This requires two programs: 1) the program you want to install, and 2) and installation program. The installation program writes a signatrue and time_t object to the end of the application program then the application program reads this info on program startup to verify that the signature and time exists. This in no way guarentees any amount of security because the program can be changed by anyone with enough knowledge about c/c++.

The installation program does at least this:

#include <fstream>
#include <ctime>
using namespace std;

int main()
{
    char filename[] = "\\dvlp\\test1\\debug\\test1.exe";
    char signature[] = "Ronald McDonald:";
    time_t now = time(0);
    ofstream stream(filename, ios::app | ios::binary);
    if( stream.is_open())
    {
        stream.write(signature,strlen(signature)+1);
        stream.write((char *)&now, sizeof(time_t));
        stream.close();
    }
	return 0;
}

And the application program

#include <fstream>
#include <iostream>
#include <ctime>
using namespace std;

int main()
{
    char signature[] = "Ronald McDonald:";
    char temp[40]= {0};
    time_t t = time(0);
    // name of the application program
    ifstream in("..\\debug\\test1.exe",ios::binary);
    if( in.is_open() )
    {
        int pos = static_cast<int>(sizeof(time_t)) + strlen(signature) + 1;
        in.seekg(-pos, ios::end);
        in.read(temp, strlen(signature) + 1);
        if( strcmp(temp,signature) != 0)
        {
            cout << "Signature not found -- invalid installation\n";
            return 1;
        }
        in.read((char *)&t, sizeof(size_t));
        struct tm* tm = localtime(&t);
        cout << asctime(tm);
    }
    return 0;

}
This question has already been answered. Start a new discussion instead.