Posted by planetney on September 5, 2013 at 6:58pm
So it has been a year almost and this client will NOT PAY ME!
SO, he changed the FTP accounts and now is ignoring my calls and probably making money off the site, BUT he left the USER1 acct unchanged...
Any ideas???
ps- Keep in mind he can always ask the hosting company for a copy of the previous day mysql, but I think they only back up for up to 5 days.
Comments
If you want to toy with him
Try installing this Misery: https://drupal.org/project/misery
See how long it will take him to figure out why the site periodically messing things up… :-)
Muahahahahha!
Thank you!
If you can get in to user 1,
If you can get in to user 1, you can execute PHP. If you can execute PHP, you still pwn the server.
The host backs up the database, but do they back up the files? Is there a repo elsewhere the client has access to?
Don't joke with a client that won't pay. Ruin their site to the greatest extent possible and ransom it back to them. Your contract did say that you own the code until it's paid off, right?
The Boise Drupal Guy!
hmmm
The guy owns a mining company so he definitely has the money. We never signed a contract because I actually meet the guy and we just shook on it, never thought he would do me like this.
I have all the emails from him and his staff though, I even had to pay a guy to help me with openlayers and google maps integration. They are based in PERU. What could I do in terms of PHP? I do have access to user 1. Hosting company probably backs up data as well. I do not have ftp access anymore. Thank you guys!
Berne Convention
Actually, in the US and in any other country party to the Berne Convention, your original work remains your own until you have explicitly transferred copyright ownership to another party. In this sense, getting a signed contract is more important for the client than it is for the developer.
see Title 17 United States Code Section 101, including those rights and obligations embodied in and in accordance with Sections 101, 106, 107, and 108.
Berne Convention: http://en.wikipedia.org/wiki/Berne_Convention
The right way
Contact their hosting provider and notify them that the website is considered stolen code. Some providers (if given reasonable proof) might close the site down.
Hypothetically speaking...
I think the first thing you
shouldcould do is create several backup users with the permission to administer permissions. Then when you areinevitablyhypothetically locked out you can get back in. You might want to let the users sit unused for the five days it takes to get them into every last backup they have.use the power of the php module!
Hello, so basically if you are still in control of uid 1 you can be evil and take the site offline so that only hacking the db will get it back. That will either mean to pay you or to hire someone with enough knowledge to fix it.
steps to site domination:
<?phpif (time() >= 6daysfromnow) {
die("beware! the developer was not paid for creating this site!");
}
?>
of course you could add
&& $_GET['allow'] != "thesecretkey"
so that you will have easy access to the page to disable the block once you get your money...
this does not take a lot of creativity, but you see the general line of thoughts.
oh and yes I am happy php is not part of Drupal 8 any more...