coded4u Posted September 19, 2012 Share Posted September 19, 2012 I have written something to encode my PHP Source code for my website, i'm going to use it for the download i give out for free. I want to encode it so people can't view/edit the real source code. I have managed to encode it and then decode it so it will run. Not too bad for those who don't really know how to use php as they wont know what to remove to get the real source code, but for those who know how to use php will get access to the real source code. This is what i'm using, if anyone has anything a little more advance then that would be great. (I know anything encoded can be decoded) I just want to try make things harder for them to decode it. Encode: <?php $php='The php source code...'; base64_encode(gzdeflate($php)) ?> Decode: <?php eval(gzinflate(base64_decode('S03OyFdQD/AIUAjOLy1KTlVwzk9JVbdWAAA='))); ?> If the user replaces eval for echo it will display the php, so maybe i need something that will stop the user removing eval? If eval isn't in the code dont run anything, something like that... i dont know, like i said, could do with some help from you guys. Quote Link to comment https://forums.phpfreaks.com/topic/268564-encoding-your-php-source-code/ Share on other sites More sharing options...
scootstah Posted September 19, 2012 Share Posted September 19, 2012 This has literally no purpose. If you want to obfuscate the code, at least use something that can't be decoded in a fraction of a second, like http://www.ioncube.com/. Quote Link to comment https://forums.phpfreaks.com/topic/268564-encoding-your-php-source-code/#findComment-1379358 Share on other sites More sharing options...
Christian F. Posted September 19, 2012 Share Posted September 19, 2012 You can't, anything you come up with in PHP you need to be able to undo in PHP. Which means you'll have to give the solution to get to the plain text version of the code with the script, in order to have it work. There are a number of commercial products out there that can encode your PHP code for you, but they all require a component on the server-side which is able to decrypt the code again. One such method is already implemented in PHP, if I haven't misunderstood anything, and is used by Zend Encoder (and a few others). That said, I really doubt your code is valuable enough to warrant any such obfuscation. Usually this is only an annoyance for legit customers, as those who want to get to your code can easily do so none the less. DRM is an oxymoron, and will only work if you control every single point in the chain. Quote Link to comment https://forums.phpfreaks.com/topic/268564-encoding-your-php-source-code/#findComment-1379368 Share on other sites More sharing options...
Jessica Posted September 19, 2012 Share Posted September 19, 2012 If you want to sell it, you can sell it as what's known as "software as a service". You host their site on your server, and they don't have access to the code. Quote Link to comment https://forums.phpfreaks.com/topic/268564-encoding-your-php-source-code/#findComment-1379370 Share on other sites More sharing options...
scootstah Posted September 19, 2012 Share Posted September 19, 2012 If you want to sell it, you can sell it as what's known as "software as a service". Or, license it properly. If your code is worth a damn, plenty of legitimate people will buy it. The people that crack it will most likely represent a small, irrelevant portion of users. There's plenty of nullified versions of vBulletin and IPB floating around the Warez world, but those companies are still thriving. Quote Link to comment https://forums.phpfreaks.com/topic/268564-encoding-your-php-source-code/#findComment-1379374 Share on other sites More sharing options...
Jessica Posted September 19, 2012 Share Posted September 19, 2012 Also true. Quote Link to comment https://forums.phpfreaks.com/topic/268564-encoding-your-php-source-code/#findComment-1379378 Share on other sites More sharing options...
coded4u Posted September 19, 2012 Author Share Posted September 19, 2012 Its just a project i want to build up on, i want to see how secure i can get it. I don't want to pay for other php encoders or anything. Takes the fun out of doing it myself... but if i can get it pretty secure then i will no doubt use it for the free downloads. Quote Link to comment https://forums.phpfreaks.com/topic/268564-encoding-your-php-source-code/#findComment-1379386 Share on other sites More sharing options...
kicken Posted September 19, 2012 Share Posted September 19, 2012 The best you can do without involving a server plugin/php extension of some sort is to make the code hard to read by doing things like replacing the variable names with incomprehensible messes. Similar to most JS minifiers these days that replace variable names with single letters and remove all spaces and what not. Quote Link to comment https://forums.phpfreaks.com/topic/268564-encoding-your-php-source-code/#findComment-1379392 Share on other sites More sharing options...
coded4u Posted September 19, 2012 Author Share Posted September 19, 2012 Thank you kicken. Quote Link to comment https://forums.phpfreaks.com/topic/268564-encoding-your-php-source-code/#findComment-1379397 Share on other sites More sharing options...
shlumph Posted September 19, 2012 Share Posted September 19, 2012 Zend Guard is one option: http://www.zend.com/en/products/guard/ Quote Link to comment https://forums.phpfreaks.com/topic/268564-encoding-your-php-source-code/#findComment-1379408 Share on other sites More sharing options...
coded4u Posted September 19, 2012 Author Share Posted September 19, 2012 But that means paying for Zend Guard & takes the fun out of trying to create something myself. Thanks anyway. Quote Link to comment https://forums.phpfreaks.com/topic/268564-encoding-your-php-source-code/#findComment-1379455 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.