View Full Version : how to obfuscate php code

01-23-2007, 11:56 AM
Does anyone know if there is any way to obfuscate php code without using the tool below:

Many thanks in advance.

01-23-2007, 01:17 PM
Short answer... not really... no. It's possible, sure. But I can't tell you how to do it.

PHP is totally secure on the web except if someone gains access to your server. So that's not a problem.

The only time this would be an issue is if you were planning to sell or give your code to people and hope they don't reverse engineer it. In that case, 1. You can probably afford the cost, if you're making money, and 2. it IS possible to decrypt, but just hard. So.... not totally secure.

Sorry if this isn't too much help.

01-23-2007, 05:59 PM
If you're looking for an obfuscator, the only one to use would have to be the the official Zend Guard (http://www.zend.com/products/zend_guard). However, the necessity and morality behind this are both questionable.

01-23-2007, 11:01 PM
Thanks to both for your iputs.
I encrpted the source code but because the page have both html code and php code, it did not work alright.
Is there a way to just encrpt the html code and leave the php code alone?

01-23-2007, 11:46 PM
It's not a good idea. For one thing, "encrypting" one's source code means that the page becomes dependant on client-side scripting; for another, it's necessary to provide the key to "decrypt" the source so that the browser can read it, meaning that it's never secure. The costs far outweigh the benefits.

01-24-2007, 01:43 AM
The browser MUST be able to know what the code is. If you are just trying to hide your source, don't bother. You must output the source to the browser.
Even if obfuscated, if someone who would steal it really wants to do so, then there's not much you'll be able to do to stop them. The only other thing it'll do is cause problems, like Twey said.

02-21-2007, 03:05 PM
Try http://www.obfusc.com
It works fine!

02-21-2007, 03:19 PM
Obfuscation offers better protection then any form of encoding/encryption because can't be reversed!What a lot of pants. If it can't be reversed, then it's not encryption or obfuscation: it's destruction. If the server can't read your code, you've just wasted one heck of a lot of your time.

02-21-2007, 07:11 PM
Haha. The 'lot of pants' description does, oddly, fit quite well.