Jump to content

Lock Php Code?


cmcarey

Recommended Posts

Hey, first post here.

I need to know if it is possible to lock a certain line into a php file, whatever method, so that when I distribute this php file I always have a way of remotely disabling it.

I would prefer if it involved the default libraries rather than having to install / recompile php and other libraries, but if needed then I will.

 

Cheers,

CM

Link to comment
Share on other sites

PHP is not a compiled language, it is interpreted. The source code is always available. There are expensive products like ioncube which attempt to obfuscate the code so something like this is possible, but it's not possible to simply push a button somewhere and "lock" your source code.

 

As an aside: I would never buy a product which relies on your server being up in order to work.

Link to comment
Share on other sites

PHP is not a compiled language, it is interpreted. The source code is always available. There are expensive products like ioncube which attempt to obfuscate the code so something like this is possible, but it's not possible to simply push a button somewhere and "lock" your source code.

 

As an aside: I would never buy a product which relies on your server being up in order to work.

 

This is a temporary solution for a large scale project I am currently coding.

Is there any way for it to require an external php file which tells it the mysql password on each run?

 

Cheers,

CM

Link to comment
Share on other sites

This is a temporary solution for a large scale project I am currently coding.

Is there any way for it to require an external php file which tells it the mysql password on each run?

 

Cheers,

CM

file_get_contents();

 

But, yeah, what you are asking to do sounds very problematic. At the very least it is going to introduce a slight delay in processing. At worst it could prevent the application from running if there are connectivity problems

Edited by Psycho
Link to comment
Share on other sites

You need to pay someone to do this. Because you don't know how, any solution you come up with could be circumvented by anyone with higher skill than you. If you use file_get_contents(), you'd have to either use eval() (which is wrong) or force your clients to turn on allow_url_fopen and require() a remote file (which is not only wrong, but a serious security flaw). Even so, I could just as easily pull that file down by hand and replace your security code with a local version.

 

The only true way to protect your PHP code is to not give it to anyone. Have this demo or whatever run on your server, don't distribute the code.

Link to comment
Share on other sites

Not to mention that the connection details would be easily available to everyone who wanted to see them, by simply visiting the same URI in any kind of browser. Which would end up as a huge security issue, unless you added quite a bit of security layers to it.

Though, in the end the ones running the code would still be able to see the details quite easily. Which means that all of the extra work added to get this secure was a waste, when compared to the original intent.

 

As Dan just posted: The only way to keep your code (relatively) safe, is to keep it all in house and not let any outsiders get access to run any custom code in your system.

Link to comment
Share on other sites

even if you used an API to check cross server, if the end user has the code, they have the code. there are better ways to profit from your work without trying to figure how to control it. look at the major entertainment studios: sure their products are infringed by some users, but a majority of people will pay for quality products.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.