There was an interesting post on the in-phpug list today about hiding and compiling your PHP code such that others can not see it. People do not really do a Google before posting questions to a mailing list and that really sucks. Tarique posted an off-topic message (which actually was quite on-topic) about Help Vampires. People who ask stupid questions on lists and suck the energy of others.
There are obviously a lot of answers to hiding PHP code. Encoding, obfuscating and compiling. There are products like Zend Encoder and ionCube that encode the source code. And this code is decoded by the Zend Engine at execution time. Roadsend and other PHP compilers compile the PHP into a single executable file – especially suited for command line or desktop applications. Then there is the all too popular obfuscating technique. Sometime, people write such ugly code that you don’t need to obfuscate it. At others, you can use products like POBS. Justine Silverton has a nice post about how any encoded code can easily be decoded and how obfuscation is the best answer to the need.
Some related resources:
- Zend Encoder
- ionCube Encoder
- SourceGuardian
- PHP Obfuscator
- PHTML Encoder
- PHP Processor
- SourceCop
- PHP Code Lock
I feel obfuscation is a better way of hiding the code. Compiling should be used if you want to distribute standalone executables.
PS: Thanks to Tarique for inspiring me to write this up 😉
it’s more valid to call those who ask stupid questions (un-googled questions….similar to uninformed questions) help vampires on these technical lists….ain’t it? but then there are the”RTFM” vampires too….either having a solid memory of what post number on yahoo groups it’s been answered….or a “Search before you ask” or a google search link like http://google.com/search?q=where+can+i+locate+prey
initially i used to answer but later…it was like….let the new members try their hands….so everyone’s climbing the same rungs of the ‘experience’ ladder.
since i’m not yet in the industry (mca first year in goa univ.), i’ve never tried these encoding/obfuscating packages…and i suppose they aren’t free as well.
don’t these create vendor-lockin of any sorts…well i guess it’s required in some cases…but which?
related to hiding stuff…when am working on database driven websites….which is better for storing the username and password to connect to the db….php script or the httpd.conf file
That’s all…. 🙂
For your questions, do some Google 😉 I am sure you will find some answers!
Nirav, Correct the last link! I think its broken..
Corrected! Thanks for pointing out Kartik!