cmcarey Posted September 28, 2012 Share Posted September 28, 2012 Hey, first post here. I need to know if it is possible to lock a certain line into a php file, whatever method, so that when I distribute this php file I always have a way of remotely disabling it. I would prefer if it involved the default libraries rather than having to install / recompile php and other libraries, but if needed then I will. Cheers, CM Quote Link to comment https://forums.phpfreaks.com/topic/268881-lock-php-code/ Share on other sites More sharing options...
ManiacDan Posted September 28, 2012 Share Posted September 28, 2012 PHP is not a compiled language, it is interpreted. The source code is always available. There are expensive products like ioncube which attempt to obfuscate the code so something like this is possible, but it's not possible to simply push a button somewhere and "lock" your source code. As an aside: I would never buy a product which relies on your server being up in order to work. Quote Link to comment https://forums.phpfreaks.com/topic/268881-lock-php-code/#findComment-1381536 Share on other sites More sharing options...
cmcarey Posted September 28, 2012 Author Share Posted September 28, 2012 PHP is not a compiled language, it is interpreted. The source code is always available. There are expensive products like ioncube which attempt to obfuscate the code so something like this is possible, but it's not possible to simply push a button somewhere and "lock" your source code. As an aside: I would never buy a product which relies on your server being up in order to work. This is a temporary solution for a large scale project I am currently coding. Is there any way for it to require an external php file which tells it the mysql password on each run? Cheers, CM Quote Link to comment https://forums.phpfreaks.com/topic/268881-lock-php-code/#findComment-1381542 Share on other sites More sharing options...
Psycho Posted September 28, 2012 Share Posted September 28, 2012 (edited) This is a temporary solution for a large scale project I am currently coding. Is there any way for it to require an external php file which tells it the mysql password on each run? Cheers, CM file_get_contents(); But, yeah, what you are asking to do sounds very problematic. At the very least it is going to introduce a slight delay in processing. At worst it could prevent the application from running if there are connectivity problems Edited September 28, 2012 by Psycho Quote Link to comment https://forums.phpfreaks.com/topic/268881-lock-php-code/#findComment-1381546 Share on other sites More sharing options...
ManiacDan Posted September 28, 2012 Share Posted September 28, 2012 You need to pay someone to do this. Because you don't know how, any solution you come up with could be circumvented by anyone with higher skill than you. If you use file_get_contents(), you'd have to either use eval() (which is wrong) or force your clients to turn on allow_url_fopen and require() a remote file (which is not only wrong, but a serious security flaw). Even so, I could just as easily pull that file down by hand and replace your security code with a local version. The only true way to protect your PHP code is to not give it to anyone. Have this demo or whatever run on your server, don't distribute the code. Quote Link to comment https://forums.phpfreaks.com/topic/268881-lock-php-code/#findComment-1381559 Share on other sites More sharing options...
Christian F. Posted September 28, 2012 Share Posted September 28, 2012 Not to mention that the connection details would be easily available to everyone who wanted to see them, by simply visiting the same URI in any kind of browser. Which would end up as a huge security issue, unless you added quite a bit of security layers to it. Though, in the end the ones running the code would still be able to see the details quite easily. Which means that all of the extra work added to get this secure was a waste, when compared to the original intent. As Dan just posted: The only way to keep your code (relatively) safe, is to keep it all in house and not let any outsiders get access to run any custom code in your system. Quote Link to comment https://forums.phpfreaks.com/topic/268881-lock-php-code/#findComment-1381569 Share on other sites More sharing options...
Mahngiel Posted September 28, 2012 Share Posted September 28, 2012 even if you used an API to check cross server, if the end user has the code, they have the code. there are better ways to profit from your work without trying to figure how to control it. look at the major entertainment studios: sure their products are infringed by some users, but a majority of people will pay for quality products. Quote Link to comment https://forums.phpfreaks.com/topic/268881-lock-php-code/#findComment-1381574 Share on other sites More sharing options...
Psycho Posted September 28, 2012 Share Posted September 28, 2012 Even so, I could just as easily pull that file down by hand and replace your security code with a local version. Um, yeah. I have no idea what I was thinking. Quote Link to comment https://forums.phpfreaks.com/topic/268881-lock-php-code/#findComment-1381597 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.