After many years of coding I have managed to accumulate a sizable code library. I always provide a software license. If asked, I tell them my many years of experience, the library and why I license. By reusing code I can also work faster, cheaper with solid results.

As more time passes, the less inclined someone is to pay. There is nothing unethical about suspending a site as long as it is part of the contract. I am currently dealing with a client that is 2-weeks late on his bill. Not all clients are honest so I prefer to be prepared just in case. 30 days overdue is my limit.

In this case, you'll have to more finely arrange the deliverable / payment schedule so there is a dramatically reduced possibility of you being left to flap in the breeze.

The reason I say this is because of the legalities concerning disabling code on some else's computer. I'm pretty certain that this is frowned on. If they simply change your password and this code fires off, you have circumvented their security. Right?

In fact, that is the precise purpose of this code.

I can see a web developer or two doing a slow roast on the spit of justice.

Document, document, document, sue.

But don't break the law or you'll not only end up not getting paid for this work, but you'll lose out on future work while you are in the can and for a long time afterward.

Be careful, kids; it's a jungle out there.

http://menacingcloud.com/?c=ajaxKillSwitch2

Thanks!

What i have done once is, just create a “info.php” file and put some message in it under the variable name “$my_msg” or something.; after that, do this:

if(md5(md5($my_msg))=='5d41402abc4b2a76b9719d911017c592') {

Note that I haven't closed the brace opened.

Then include it in “index.php”

After that I will write all the HTML codes, CSS, and other includes. The index.php will include many other PHP files, and it may go into 3 or 4 levels of include. And I will put the closing brace for the above code somewhere in the include files, just mimicking like a for-loop close brace.

Now, If they edit the variable $my_msg, then MD5 changes, thus no-output! OK, they may change the condition in the if-condition. So I will write a complex set of 3-4 if-conditions.

Then, if they remove the if-condition, then the closing brace throws an ERROR.

Probably, after a set of trial-and-error, the new developer will go away…!

The real idea is in the MD5 and the BRACES BALANCING.

You mention it's not good to withdraw ownership from your client; last time I checked you don't own something until you've paid… this is where scripts like this come in useful.

I have experienced a number of clients who, despite my doing a very professional job, have basically been con-artists and ripped me off. Including clients who have changed their FTP passwords. To this end I've written my own “time-bomb” script which I can use to remove MY files from my clients servers should I need to. Once the client has paid, I remove my time-bomb and the protection is removed.

The point being, until the client has paid, they do not own the files I have developed for them and therefore I have the right to do as I wish with MY files.

You mention it's not good to withdraw ownership from your client; last time I checked you don't own something until you've paid… this is where scripts like this come in useful.

I have experienced a number of clients who, despite my doing a very professional job, have basically been con-artists and ripped me off. Including clients who have changed their FTP passwords. To this end I've written my own “time-bomb” script which I can use to remove MY files from my clients servers should I need to. Once the client has paid, I remove my time-bomb and the protection is removed.

The point being, until the client has paid, they do not own the files I have developed for them and therefore I have the right to do as I wish with MY files.

I've had personal experience of client's withholding payment for the full spectrum of possible reasons! In my opinion it is nice to have a kill switch option, but understand those that are worried by its ethical implications.

I've posted my approach at http://ajaxkillswitch.com

It demonstrates a VERY simple technique that takes advantage of jQuery's recently added cross-domain Ajax request functionality.

The advantage to the JavaScript Ajax kill switch is that it is independent of the server-side implementation. This makes it useful for even standard HTML websites.

Combination of the two methods (server and client-side) could be doubly effective ;)