datakick

@marci123 said in PrestaShop Will Enforce Encrypted Modules Soon: If somebody buys a module it should be allowed to test it on a development site first, shouldn’t it? Definitely agree it should be allowed to test it. And I hope it will be possible within this new system somehow. I was just pointing out that it's quite easy to inadvertently infringe on someone's rights. And I wasn't really talking about the new system - this is the current situation. Even today, many paid modules have a single domain clause in their license agreement. (I actually never read the official addon's license agreement, but I wouldn't be surprised if they had such clause in it as well). And if you install such module on your development site, you are violating the license agreement, and you could get sued. You will probably not, but it could very easily happen.

@Havouza said in PrestaShop Will Enforce Encrypted Modules Soon: A simple question. I buy a protected module and use it. But that shop is not successful so I close it and open another one. With fresh shop install.Now I still owns one module license and want to use it in my new shop. But can I? That probably depends on the license agreement. I can imagine there will be multiple types of licenses in the system - single user + single domain, single user + multiple domains, multiple user + multiple domains (for development agencies) So, if you purchase single user + single domain, and you have already used the license key on domain A, then you will not be able to use it on domain B. If you have bought single user + multiple domain license, then sure, why not. You see - this is exactly the case when even honest merchant can inadvertently infringe on developer's rights.

@datakick Thanks for this plausible explanation. I think as soon as you allow developers to generate and sell licenses themselves you open the door for piracy since there will be a loophole in the system (with regard to piracy). Not really, developer will register the module into the shared ledger using his own private key, and licenses will be generated using the same key. There's no way anyone could submit forged license key into the system without the private key. What do you think is the main purpose? Fighting piracy or binding custumers to the addon marketplace? Personally I think the latter is perhaps the main goal. Yes, this is my concern also. That's why I pointed to this issue in A few thinks to consider section. But I hope prestashop will be smart about this. If they don't, this system don't stand a chance. Another thing to remember is that it's really hard to control these distributed systems. They are actually designed to prevent tampering. You can't impose any rules on the system without majority of nodes agreeing with them (well, majority of computer power, actually). Basically, decision whether the transaction is valid is based on network consensus. When a new transaction is submitted to the system, it will be part of some block. Every node in the system will receive this block, but they will append it to their version of blockchain only if all transaction in this block are valid. So, if majority of nodes in the ecosystem decides that licenses generated by Envato are valid, there's nothing Prestashop marketplace can do about it. These transaction will be valid part of the blockchain forever. Unless Prestashop can harvest more then 50% of all computing power in the system and use it to kill the transaction. Regarding piracy ... using modules and other stuff from warez sites is not without risk. Especially in the ecommerce sector more serious merchants won't even consider using modules from such sites and on the other site, if a module cannot be copied users from warez sites in most cases won't consider buying the module but would use something else instead. I think the damage caused by warez sites is a bit overrated. There will always be users who are honest and would never use modules from shady sources, and there will always be users who don't want to spend money and use everything as long as it is free. Those people however won't turn into paying customers if there is a licensing system, in most cases they would use something else instead. Considering those human factors it is questionable if it is worth the efforts. But we will see. I am curious how things will develop. I totally agree serious merchants will not use modules from these warez sites. But they might be tempted to use the module multiple times (for example on their development site). Or they could simply forgot they have purchased it, and send it via email to their friend. Or they could hire some third-party developer to prepare the shop for them, and this developer could install some paid module to their system without their knowledge... These could stack up. I'm saying that this system, if implemented right, will not harm honest merchants in any way. It's just a way to protect developers.

If I understood the idea correctly, then I believe this could be very beneficial for the entire community ( if done right ) What is the problem? Paid module licensing. At the moment it's very hard for paid module developers to stop their customers from misusing their product ( illegal distributing / copying / sharing / multi installation etc). This could really cut their profits. You know, it's quite easy to find most paid modules on warez sites, free to download by anyone. If developer wanted to fight this, it's a lot of work - if you are lucky and the warez site is located in US you can use DMCA takedown notice, but more often these are offshore servers in countries with limited digital rights legislations. Your options are very limited. In the end, this is the cost of business. You could, of course, implement some sort of licensing mechanism inside your module. But then you will have hard time selling it on official marketplaces. Solution One solution is to have build-in licensing mechanism inside prestashop core that would ensure merchant have the rights to use the module (of course, you can always modify the prestashop core and disable this licensing mechanism, but that's not something that regular user will do) We all know such mechanism is very easy to implement. Why haven't prestashop do it already? Because it's hard to make this open-source friendly. Nobody want single centralized license server that is controlled by one company (Prestashop). That would really hurt the PR. The blockchain is ideal solution - it's decentralized, open and very secure. How it works? When you buy a module on marketplace, they will generate a license key(s) and put them into a shared ledger as a transaction. When you use the license key in your prestashop installation, your prestashop will consume the key - it will create a new transaction in shared ledger marking the key as used. These transactions are verified, and protected by proof-of-work concept in the same way it's used by cryptocurrencies. Basically, after a few minutes it's not possible to change old entries in shared ledger. Not unless you own the most powerful supercomputer in the world. Benefits This will benefits two parties. The module developer and marketplaces - they will see a nice bump in sales. Also, they will not have to worry about piracy copies of their work, since nobody could use them (on vanilla prestashop anyway) Merchants, on the other hands, will not see any benefit - the only bonus for them is the proof of license purchase. But the important part is that this will not hurt them in any way. Not unless they are scumbags that wants to use paid modules for free. Also, merchants can still install and use modules from other sources (free modules, etc...) This mechanism can really attract more developer to the platform. I personally would love it. If prestashop rolls out a system like this, it would be really nice to back-port into 30bz. A few things to consider Open system I believe for this to succeed it's important to keep this system open. This shared ledger has to work with multiple marketplaces, not only prestashop marketplace, so the developer can sell his module over different channels. And, of course, it must be possible for developer itself to generate and sell licenses. But this all it's very easily possible. Who will pay for cpu The blockchain technology requires enormous amount of cpu cycles to be spend. And that costs money. Cryptocurrencies solved this problem by mining - the miners do the heavy lifting, but they will get a rewards in form of bitcoins - every 10 minutes a few new bitcoins are generated and awarded to one lucky miner (or more probably to a cluster of miners). How to motivate miners in prestatrust? There could be a fee associated with every transaction that will be awarded to miners. Or maybe miners can get a license for some module in exchange for their work, and they can later resell them to marketplaces / customers, or use them as they will. There are many possibilities. We really don't know yet At the moment we really don't know how this will turn out. Meanwhile, please, don't look at this initiative with prejudice. It may be very nice functionality. But of course, execution is the king. They may very easily kill this idea.

@roband7 one possible solution is to detach php process from request - installModule will immediately return response, but php process will continue to work (this is basically the same way cron works). There would have to be some javascript on frontend that would periodically check if the process finished yet.

I've encountered similar problem just few days ago - it was caused by low fastcgireadtimeout settings in my nginx configuration. Apparantly 90 seconds isn't good enough. I increased it to 360s and it went well. I guess it would be beneficial to split the installModules phase to several separate steps.

This looks like a bug. There's definitely different behaviour than in ps1.6 . In tb - the language prefix is present if there are multiple languages in store, even if only one of them is enabled in ps - language prefix is not preset if there are multiple languages in shop, but only one is enabled

I agree with @Skipper that this should be renamed. I understand that some retailers use the term “wholesale price” for the price they pay to a wholesaler. But really, how much confused would they be if we renamed this to "cost price"? I believe every merchant would immediately understand what that means. On the other hand, if we keep the name, there will always be the ambiguity.

use the theme that has twitter card metadata - when you share the url, twitter will automatically fetch this url, parse the metadata and display the card.