p2p.wrox.com Forums

Need to download code?

View our list of code downloads.


  Return to Index  

beginning_php thread: How to hide the code?


Message #1 by "Roel" <roelpbagao@h...> on Fri, 15 Feb 2002 18:02:07
Good Day to all,



 I would just like to ask. Is there a way to hide the PHP source code in 

the server, and still it works on the client?



  Let me elaborate it a little.  We are making a web based payroll 

system.  If we will put it on the server  the client pc can access it, it 

is no problem because the client can't see the source code. But if you are 

on the server you can see it's source code. How can we hide this source 

code??? Tnx



Message #2 by "sneax" <sneaker@p...> on Fri, 15 Feb 2002 19:30:52 +0100
By buying a "Zend" encrypter or something.

That way you can "license" your code and sell it like regular software in

the stores (ofcourse you can sell open-source too but it's easyer to copy

it)

A "Zend encrypter" costs a lot ofcourse !!!



Maybe I'm wrong here I'm not sure, let the pros give an answer here :)

But I think I'm right :)



Greetz, sneax





----- Original Message -----

From: "Roel" <roelpbagao@h...>

To: "beginning php" <beginning_php@p...>

Sent: Friday, February 15, 2002 6:02 PM

Subject: [beginning_php] How to hide the code?





> Good Day to all,

>

>  I would just like to ask. Is there a way to hide the PHP source code in

> the server, and still it works on the client?

>

>   Let me elaborate it a little.  We are making a web based payroll

> system.  If we will put it on the server  the client pc can access it, it

> is no problem because the client can't see the source code. But if you are

> on the server you can see it's source code. How can we hide this source

> code??? Tnx

>

>




$subst('Email.Unsub').

>



Message #3 by "Roel" <roelpbagao@h...> on Fri, 15 Feb 2002 18:47:46
Tnx sneax, I'll check on this Zend encrypter stuff, or better yet if you 

have some Url that will lead me there, kindly inform me. Tnx again



> By buying a "Zend" encrypter or something.

> That way you can "license" your code and sell it like regular software in

> the stores (ofcourse you can sell open-source too but it's easyer to copy

> it)

> A "Zend encrypter" costs a lot ofcourse !!!

> 

> Maybe I'm wrong here I'm not sure, let the pros give an answer here :)

> But I think I'm right :)

> 

> Greetz, sneax

> 

> 

> ----- Original Message -----

> From: "Roel" <roelpbagao@h...>

> To: "beginning php" <beginning_php@p...>

> Sent: Friday, February 15, 2002 6:02 PM

> Subject: [beginning_php] How to hide the code?

> 

> 

> > Good Day to all,

> >

> >  I would just like to ask. Is there a way to hide the PHP source code 

in

> > the server, and still it works on the client?

> >

> >   Let me elaborate it a little.  We are making a web based payroll

> > system.  If we will put it on the server  the client pc can access it, 

it

> > is no problem because the client can't see the source code. But if you 

are

> > on the server you can see it's source code. How can we hide this source

> > code??? Tnx

> >

> >




> $subst('Email.Unsub').

> >

> 

Message #4 by "sneax" <sneaker@p...> on Fri, 15 Feb 2002 19:59:45 +0100
I read it somewhere on a webpage or a readme, I don't remember where !!!



Maybe search google for "PHP+Zend+encrypter" or something!

You'll probably find it if you search some with google!



Greetz, sneax =)





----- Original Message -----

From: "Roel" <roelpbagao@h...>

To: "beginning php" <beginning_php@p...>

Sent: Friday, February 15, 2002 6:47 PM

Subject: [beginning_php] Re: How to hide the code?





> Tnx sneax, I'll check on this Zend encrypter stuff, or better yet if you

> have some Url that will lead me there, kindly inform me. Tnx again

>

> > By buying a "Zend" encrypter or something.

> > That way you can "license" your code and sell it like regular software

in

> > the stores (ofcourse you can sell open-source too but it's easyer to

copy

> > it)

> > A "Zend encrypter" costs a lot ofcourse !!!

> >

> > Maybe I'm wrong here I'm not sure, let the pros give an answer here :)

> > But I think I'm right :)

> >

> > Greetz, sneax

> >

> >

> > ----- Original Message -----

> > From: "Roel" <roelpbagao@h...>

> > To: "beginning php" <beginning_php@p...>

> > Sent: Friday, February 15, 2002 6:02 PM

> > Subject: [beginning_php] How to hide the code?

> >

> >

> > > Good Day to all,

> > >

> > >  I would just like to ask. Is there a way to hide the PHP source code

> in

> > > the server, and still it works on the client?

> > >

> > >   Let me elaborate it a little.  We are making a web based payroll

> > > system.  If we will put it on the server  the client pc can access it,

> it

> > > is no problem because the client can't see the source code. But if you

> are

> > > on the server you can see it's source code. How can we hide this

source

> > > code??? Tnx

> > >

> > >




> > $subst('Email.Unsub').

> > >

> >

>




$subst('Email.Unsub').

>



Message #5 by "Hermawan Haryanto" <hermawan@h...> on Sat, 16 Feb 2002 02:12:09 +0700
I believe the name of the product is "ZEND Encoder" not encrypter.

Please try download it, it has a free demo for member and on the server

which run encoded script must have ZEND Optimizer installed.



Thanks



Hermawan Haryanto

hermawan@h...



----- Original Message -----

From: "sneax" <sneaker@p...>

To: "beginning php" <beginning_php@p...>

Sent: Saturday, February 16, 2002 1:59 AM

Subject: [beginning_php] Re: How to hide the code?





> I read it somewhere on a webpage or a readme, I don't remember where !!!

>

> Maybe search google for "PHP+Zend+encrypter" or something!

> You'll probably find it if you search some with google!

>

> Greetz, sneax =)

>

>

> ----- Original Message -----

> From: "Roel" <roelpbagao@h...>

> To: "beginning php" <beginning_php@p...>

> Sent: Friday, February 15, 2002 6:47 PM

> Subject: [beginning_php] Re: How to hide the code?

>

>

> > Tnx sneax, I'll check on this Zend encrypter stuff, or better yet if you

> > have some Url that will lead me there, kindly inform me. Tnx again

> >

> > > By buying a "Zend" encrypter or something.

> > > That way you can "license" your code and sell it like regular software

> in

> > > the stores (ofcourse you can sell open-source too but it's easyer to

> copy

> > > it)

> > > A "Zend encrypter" costs a lot ofcourse !!!

> > >

> > > Maybe I'm wrong here I'm not sure, let the pros give an answer here :)

> > > But I think I'm right :)

> > >

> > > Greetz, sneax

> > >

> > >

> > > ----- Original Message -----

> > > From: "Roel" <roelpbagao@h...>

> > > To: "beginning php" <beginning_php@p...>

> > > Sent: Friday, February 15, 2002 6:02 PM

> > > Subject: [beginning_php] How to hide the code?

> > >

> > >

> > > > Good Day to all,

> > > >

> > > >  I would just like to ask. Is there a way to hide the PHP source

code

> > in

> > > > the server, and still it works on the client?

> > > >

> > > >   Let me elaborate it a little.  We are making a web based payroll

> > > > system.  If we will put it on the server  the client pc can access

it,

> > it

> > > > is no problem because the client can't see the source code. But if

you

> > are

> > > > on the server you can see it's source code. How can we hide this

> source

> > > > code??? Tnx

> > > >

> > > >




> > > $subst('Email.Unsub').

> > > >

> > >

> >




> $subst('Email.Unsub').

> >

>

>




$subst('Email.Unsub').

>



Message #6 by "sneax" <sneaker@p...> on Fri, 15 Feb 2002 20:40:52 +0100
Well i was right somewhere :)



greetz, sneax





----- Original Message -----

From: "Hermawan Haryanto" <hermawan@h...>

To: "beginning php" <beginning_php@p...>

Sent: Friday, February 15, 2002 8:12 PM

Subject: [beginning_php] Re: How to hide the code?





> I believe the name of the product is "ZEND Encoder" not encrypter.

> Please try download it, it has a free demo for member and on the server

> which run encoded script must have ZEND Optimizer installed.

>

> Thanks

>

> Hermawan Haryanto

> hermawan@h...

>

> ----- Original Message -----

> From: "sneax" <sneaker@p...>

> To: "beginning php" <beginning_php@p...>

> Sent: Saturday, February 16, 2002 1:59 AM

> Subject: [beginning_php] Re: How to hide the code?

>

>

> > I read it somewhere on a webpage or a readme, I don't remember where !!!

> >

> > Maybe search google for "PHP+Zend+encrypter" or something!

> > You'll probably find it if you search some with google!

> >

> > Greetz, sneax =)

> >

> >

> > ----- Original Message -----

> > From: "Roel" <roelpbagao@h...>

> > To: "beginning php" <beginning_php@p...>

> > Sent: Friday, February 15, 2002 6:47 PM

> > Subject: [beginning_php] Re: How to hide the code?

> >

> >

> > > Tnx sneax, I'll check on this Zend encrypter stuff, or better yet if

you

> > > have some Url that will lead me there, kindly inform me. Tnx again

> > >

> > > > By buying a "Zend" encrypter or something.

> > > > That way you can "license" your code and sell it like regular

software

> > in

> > > > the stores (ofcourse you can sell open-source too but it's easyer to

> > copy

> > > > it)

> > > > A "Zend encrypter" costs a lot ofcourse !!!

> > > >

> > > > Maybe I'm wrong here I'm not sure, let the pros give an answer here

:)

> > > > But I think I'm right :)

> > > >

> > > > Greetz, sneax

> > > >

> > > >

> > > > ----- Original Message -----

> > > > From: "Roel" <roelpbagao@h...>

> > > > To: "beginning php" <beginning_php@p...>

> > > > Sent: Friday, February 15, 2002 6:02 PM

> > > > Subject: [beginning_php] How to hide the code?

> > > >

> > > >

> > > > > Good Day to all,

> > > > >

> > > > >  I would just like to ask. Is there a way to hide the PHP source

> code

> > > in

> > > > > the server, and still it works on the client?

> > > > >

> > > > >   Let me elaborate it a little.  We are making a web based payroll

> > > > > system.  If we will put it on the server  the client pc can access

> it,

> > > it

> > > > > is no problem because the client can't see the source code. But if

> you

> > > are

> > > > > on the server you can see it's source code. How can we hide this

> > source

> > > > > code??? Tnx

> > > > >

> > > > >




> > > > $subst('Email.Unsub').

> > > > >

> > > >

> > >




> > $subst('Email.Unsub').

> > >

> >

> >




> $subst('Email.Unsub').

> >

>

>




$subst('Email.Unsub').

>



Message #7 by "Andrew d" <dumphux@h...> on Fri, 15 Feb 2002 13:48:42 -0800
I have also been looking to obfuscate my source code.  I found a free 

product pobs.  http://pobs.mywalhalla.net/ . I have not used it yet though.



Andrew





>From: "sneax" <sneaker@p...>

>Reply-To: "beginning php" <beginning_php@p...>

>To: "beginning php" <beginning_php@p...>

>Subject: [beginning_php] Re: How to hide the code?

>Date: Fri, 15 Feb 2002 20:40:52 +0100

>

>Well i was right somewhere :)

>

>greetz, sneax

>

>

>----- Original Message -----

>From: "Hermawan Haryanto" <hermawan@h...>

>To: "beginning php" <beginning_php@p...>

>Sent: Friday, February 15, 2002 8:12 PM

>Subject: [beginning_php] Re: How to hide the code?

>

>

> > I believe the name of the product is "ZEND Encoder" not encrypter.

> > Please try download it, it has a free demo for member and on the server

> > which run encoded script must have ZEND Optimizer installed.

> >

> > Thanks

> >

> > Hermawan Haryanto

> > hermawan@h...

> >

> > ----- Original Message -----

> > From: "sneax" <sneaker@p...>

> > To: "beginning php" <beginning_php@p...>

> > Sent: Saturday, February 16, 2002 1:59 AM

> > Subject: [beginning_php] Re: How to hide the code?

> >

> >

> > > I read it somewhere on a webpage or a readme, I don't remember where 

>!!!

> > >

> > > Maybe search google for "PHP+Zend+encrypter" or something!

> > > You'll probably find it if you search some with google!

> > >

> > > Greetz, sneax =)

> > >

> > >

> > > ----- Original Message -----

> > > From: "Roel" <roelpbagao@h...>

> > > To: "beginning php" <beginning_php@p...>

> > > Sent: Friday, February 15, 2002 6:47 PM

> > > Subject: [beginning_php] Re: How to hide the code?

> > >

> > >

> > > > Tnx sneax, I'll check on this Zend encrypter stuff, or better yet if

>you

> > > > have some Url that will lead me there, kindly inform me. Tnx again

> > > >

> > > > > By buying a "Zend" encrypter or something.

> > > > > That way you can "license" your code and sell it like regular

>software

> > > in

> > > > > the stores (ofcourse you can sell open-source too but it's easyer 

>to

> > > copy

> > > > > it)

> > > > > A "Zend encrypter" costs a lot ofcourse !!!

> > > > >

> > > > > Maybe I'm wrong here I'm not sure, let the pros give an answer 

>here

>:)

> > > > > But I think I'm right :)

> > > > >

> > > > > Greetz, sneax

> > > > >

> > > > >

> > > > > ----- Original Message -----

> > > > > From: "Roel" <roelpbagao@h...>

> > > > > To: "beginning php" <beginning_php@p...>

> > > > > Sent: Friday, February 15, 2002 6:02 PM

> > > > > Subject: [beginning_php] How to hide the code?

> > > > >

> > > > >

> > > > > > Good Day to all,

> > > > > >

> > > > > >  I would just like to ask. Is there a way to hide the PHP source

> > code

> > > > in

> > > > > > the server, and still it works on the client?

> > > > > >

> > > > > >   Let me elaborate it a little.  We are making a web based 

>payroll

> > > > > > system.  If we will put it on the server  the client pc can 

>access

> > it,

> > > > it

> > > > > > is no problem because the client can't see the source code. But 

>if

> > you

> > > > are

> > > > > > on the server you can see it's source code. How can we hide this

> > > source

> > > > > > code??? Tnx

> > > > > >

> > > > > >




> > > > > $subst('Email.Unsub').

> > > > > >

> > > > >

> > > >




> > > $subst('Email.Unsub').

> > > >

> > >

> > >




> > $subst('Email.Unsub').

> > >

> >

> >




>$subst('Email.Unsub').

> >

>

>




>$subst('Email.Unsub').





_________________________________________________________________

Join the world?s largest e-mail service with MSN Hotmail. 

http://www.hotmail.com



Message #8 by David Cameron <dcameron@i...> on Mon, 18 Feb 2002 11:15:23 +1100
This message is in MIME format. Since your mail reader does not understand

this format, some or all of this message may not be legible.



------_=_NextPart_001_01C1B811.5BCF1F60

Content-Type: text/plain



Think about it though. If someone has written a program to obfusticate your

code, someone else can write one to reverse the process. It might stop the

casual eye, but if someone wants your code, they can still get it, you are

just making it slightly more difficult.



regards

David Cameron

nOw.b2b

dcameron@i...




Message #9 by "Nikolai Devereaux" <yomama@u...> on Mon, 18 Feb 2002 11:58:44 -0800

I don't understand why you'd want to obfuscate or hide the source code

anyway...  It makes it much harder to maintain.  If you don't want people to

be able to see it, set the permissions of the files so that only the web

user can view them.



Message #10 by "Hermawan Haryanto" <hermawan@h...> on Tue, 19 Feb 2002 03:11:04 +0700
Maybe, he means is for the distribution.

You know... sometimes beside you expect money from someone who ask you

create the code,.. you expect them to not edit minor things of your app then

re-sell it again without your permition.



Thanks



Hermawan Haryanto

hermawan@h...

----- Original Message -----

From: "Nikolai Devereaux" <yomama@u...>

To: "beginning php" <beginning_php@p...>

Sent: Tuesday, February 19, 2002 2:58 AM

Subject: [beginning_php] Re: How to hide the code?





>

> I don't understand why you'd want to obfuscate or hide the source code

> anyway...  It makes it much harder to maintain.  If you don't want people

to

> be able to see it, set the permissions of the files so that only the web

> user can view them.

>

>




$subst('Email.Unsub').

>



Message #11 by "Roel" <roelpbagao@h...> on Tue, 19 Feb 2002 01:56:21
Yes, It is for distribution.  We don't want any people to edit our 

application and then resell it again without our permission. Tnx for all 

your replies, I already had an idea how to hide our code.



> Maybe, he means is for the distribution.

> You know... sometimes beside you expect money from someone who ask you

> create the code,.. you expect them to not edit minor things of your app 

then

> re-sell it again without your permition.

> 

> Thanks

> 

> Hermawan Haryanto

> hermawan@h...

> ----- Original Message -----

> From: "Nikolai Devereaux" <yomama@u...>

> To: "beginning php" <beginning_php@p...>

> Sent: Tuesday, February 19, 2002 2:58 AM

> Subject: [beginning_php] Re: How to hide the code?

> 

> 

> >

> > I don't understand why you'd want to obfuscate or hide the source code

> > anyway...  It makes it much harder to maintain.  If you don't want 

people

> to

> > be able to see it, set the permissions of the files so that only the 

web

> > user can view them.

> >

> >




> $subst('Email.Unsub').

> >

> 

Message #12 by "Lawrence" <lkrubner@g...> on Tue, 19 Feb 2002 17:07:35 -0500

> I don't understand why you'd want to obfuscate or hide the source code

> anyway...  It makes it much harder to maintain.  If you don't want people to

> be able to see it, set the permissions of the files so that only the web

> user can view them



What permission would that be? 















Message #13 by "Lawrence" <lkrubner@g...> on Tue, 19 Feb 2002 17:07:45 -0500



> Yes, It is for distribution.  We don't want any people to edit our

> application and then resell it again without our permission. Tnx for all

> your replies, I already had an idea how to hide our code.



Do your customers have direct access to your machines? Do your customers visit your offices and sit

down at your computers? If so, perhaps you could tell them to stop, or restrict them to a certain

part of your office, away from your computers.



Your code is not going to be sent out over the web, the web server will filter out your code and

send out only HTML. Your customers can only get your code if they access to your machines.













Message #14 by "Lawrence" <lawrence@k...> on Tue, 19 Feb 2002 17:08:32 -0500

> I don't understand why you'd want to obfuscate or hide the source code

> anyway...  It makes it much harder to maintain.  If you don't want people to

> be able to see it, set the permissions of the files so that only the web

> user can view them



What permission would that be? 















Message #15 by David Keyes <dave@s...> on Tue, 19 Feb 2002 15:22:07 -0800
Lawrence wrote:



> > I don't understand why you'd want to obfuscate or hide the source code

> > anyway...  It makes it much harder to maintain.  If you don't want people to

> > be able to see it, set the permissions of the files so that only the web

> > user can view them

>

> What permission would that be?

>






the permisions consist of 3 numbers between 0 and 7 (these are octal numbers).

Each number describes the permission.  The files can be read (1), write(2) or

execute(3). The  first number of the triplet is the root permission, the second

number of the triplet is the group permission, the third is other.

If you want nobody to read, write or execute the file then set the permission to

000 , if everyone can read, write and execute the file then set it to 777.

If you want to hide the code of a script but still make it executable  then you

can set permission to 330, but it's more likely that 730 is better.



DK



Message #16 by "Nikolai Devereaux" <yomama@u...> on Tue, 19 Feb 2002 14:30:05 -0800
> the permisions consist of 3 numbers between 0 and 7 (these are

> octal numbers).

> Each number describes the permission.  The files can be read (1),

> write(2) or

> execute(3). The  first number of the triplet is the root

> permission, the second

> number of the triplet is the group permission, the third is other.

> If you want nobody to read, write or execute the file then set

> the permission to

> 000 , if everyone can read, write and execute the file then set it to 777.

> If you want to hide the code of a script but still make it

> executable  then you

> can set permission to 330, but it's more likely that 730 is better.



This is a good explanation, but it's lacking in some details that might lead

to doubt or confusion.



The read, write, execute (rwx) permissions are grant-able at a user, group,

and world level (ugw).



so now we have this:



UUU GGG WWW

rwx rwx rwx



Each permission can be a "yes" or "no" value, conveniently represented with

a single bit: 1 or 0, respectively.



If we wanted to have read permissions on a file, we'd need to have the

left-most bit set to 1.



100 in binary = 4 in octal, decimal, hex, etc.



Let's take a look at 730.  if we convert to binary, 7 -> 111, 3 -> 011, 0 ->

000.



UUU GGG WWW

rwx rwx rwx

 7   3   0

111 011 000





This means that the user has "full permissions" -- read, write, and execute

are all enabled.  The user's group has write and execute permissions, only.

The rest of the world gets nothing.



Take care,



Nik



Message #17 by "Roel" <roelpbagao@h...> on Wed, 20 Feb 2002 15:41:54
Maybe you don't understand my question. Could you please kindly read what 

I mean before you reply.  I will elaborate it more for you, if you don't 

understand. 



When you sell a software of course you will install them in to their 

machine right,  So it is not our computer machines it's from the 

customers, and the computer is in their office not ours correct?



And also we know that our code is not going to be sent out over the web. 

It will not be sent on the client's computer. But I indicated that, our 

problem is on the server. If you are on the server you can see everything 

right?  



Let me give you a piece of advice.  Pls read everything before replying 

like this. I am not a lamer you know as you have expected. I will not 

developed software like this if I don't know this a little bit of 

information on web technology. Everybody knows that the web server will 

only sent HTML.  Next time Pls. understand a question before replying.



> Do your customers have direct access to your machines? Do your customers 

visit your offices and sit

> down at your computers? If so, perhaps you could tell them to stop, or 

restrict them to a certain

> part of your office, away from your computers.

> 

> Your code is not going to be sent out over the web, the web server will 

filter out your code and

> send out only HTML. Your customers can only get your code if they access 

to your machines.

> 

> 

> 

> 

> 

> 

Message #18 by "Peter Simard" <peter@p...> on Wed, 20 Feb 2002 11:04:25 -0500
QUOTE:

If you are on the server you can see everything 

right?  

END QUOTE



So, you're paranoid that the server administrators are going to steal your

 code so you want to encrypt the code?



IMHO, that's just wasted worry time.



PAS



Message #19 by "Hermawan Haryanto" <hermawan@h...> on Wed, 20 Feb 2002 23:20:47 +0700
Dear sir,

I really understand what you are trying to do.

Use this link below to protect your code,

It's not a free software but at least you had control of your script so it's

not viewable by your clients.



http://www.rssoftlab.com/ :

[Protect the PHP Source Code - Encrypt it, and can be used in Windows / *Nix

machine]



http://www.zend.com/store/products/zend-encoder.php

[Protect the PHP Source Code - Encrypt it, but can only be viewed if the Web

Server installing the PHP Optimizerr

(http://www.zend.com/store/products/zend-accelerator.php ]



Hope it gives you somethin



Thanks



Hermawan Haryanto

hermawan@h...



----- Original Message -----

From: "Roel" <roelpbagao@h...>

To: "beginning php" <beginning_php@p...>

Sent: Wednesday, February 20, 2002 3:41 PM

Subject: [beginning_php] Re: How to hide the code?





> Maybe you don't understand my question. Could you please kindly read what

> I mean before you reply.  I will elaborate it more for you, if you don't

> understand.

>

> When you sell a software of course you will install them in to their

> machine right,  So it is not our computer machines it's from the

> customers, and the computer is in their office not ours correct?

>

> And also we know that our code is not going to be sent out over the web.

> It will not be sent on the client's computer. But I indicated that, our

> problem is on the server. If you are on the server you can see everything

> right?

>

> Let me give you a piece of advice.  Pls read everything before replying

> like this. I am not a lamer you know as you have expected. I will not

> developed software like this if I don't know this a little bit of

> information on web technology. Everybody knows that the web server will

> only sent HTML.  Next time Pls. understand a question before replying.

>

> > Do your customers have direct access to your machines? Do your customers

> visit your offices and sit

> > down at your computers? If so, perhaps you could tell them to stop, or

> restrict them to a certain

> > part of your office, away from your computers.

> >

> > Your code is not going to be sent out over the web, the web server will

> filter out your code and

> > send out only HTML. Your customers can only get your code if they access

> to your machines.

> >

> >

> >

> >

> >

> >

>




$subst('Email.Unsub').

>



Message #20 by "Nikolai Devereaux" <yomama@u...> on Wed, 20 Feb 2002 09:07:34 -0800

I think we all understand WHAT you're trying to do... but really, is your

code so innovative or hot **** that you'd need it to remain a big secret?

I've written a lot of PHP code, and I'll be the first to admit that most of

the components I've written have similar cousins already posted on

phpclasses, hotscripts, phpbuilder, etc...



Do you really expect your clients to break any sort of licensing terms you

set?  If you tell them that they can't redistribute the code, then that

should be good enough, I would imagine.



The Zend approach costs over a grand a year.  That's a healthy chunk of

change to drop.  Zend doesn't say whether or not they use an encryption

algorithm to hide your code or not... I would guess that (since it MUST be

used with the "accelerator") that all you're really doing is compiling the

PHP down to an optimized bytecode representation of your script.



The PHP Encoder from RS Software costs anywhere from 100 to 500 bucks,

depending on what you get.  This seems much more reasonable, but since they

use encryption algorithms, I'd be worried that the performance hit of using

this would suck for larger sites... does this software decrypt each file

every time it's accessed before sending it to the php interpreter?  If so,

it probably isn't worth it... and since it uses any of several well known

key-based encryption algorithms to encipher your code, it's entirely

possible for someone with the key to decrypt your code as well.  After all,

the key must be stored somewhere on the server since the executable might

well have to keep track of what key(s) were used to encrypt what files, and

decrypt them before forwarding them to the php interpreter for processing.



Please note that my assumptions are nothing more than assumptions about each

product.  I still think you're much better off licensing your software on

the terms YOU want and assuming that your clients aren't going to break the

law.



Nik





> -----Original Message-----

> From: Roel [mailto:roelpbagao@h...]

> Sent: Wednesday, February 20, 2002 3:42 PM

> To: beginning php

> Subject: [beginning_php] Re: How to hide the code?

>

>

> Maybe you don't understand my question. Could you please kindly read what

> I mean before you reply.  I will elaborate it more for you, if you don't

> understand.

>

> When you sell a software of course you will install them in to their

> machine right,  So it is not our computer machines it's from the

> customers, and the computer is in their office not ours correct?

>

> And also we know that our code is not going to be sent out over the web.

> It will not be sent on the client's computer. But I indicated that, our

> problem is on the server. If you are on the server you can see everything

> right?

>

> Let me give you a piece of advice.  Pls read everything before replying

> like this. I am not a lamer you know as you have expected. I will not

> developed software like this if I don't know this a little bit of

> information on web technology. Everybody knows that the web server will

> only sent HTML.  Next time Pls. understand a question before replying.

>

> > Do your customers have direct access to your machines? Do your

> customers

> visit your offices and sit

> > down at your computers? If so, perhaps you could tell them to stop, or

> restrict them to a certain

> > part of your office, away from your computers.

> >

> > Your code is not going to be sent out over the web, the web server will

> filter out your code and

> > send out only HTML. Your customers can only get your code if

> they access

> to your machines.

> >

> >

> >

> >

> >

> >

>




> $subst('Email.Unsub').



Message #21 by "Hermawan Haryanto" <hermawan@h...> on Thu, 21 Feb 2002 00:30:09 +0700
Helo guys, is this happen only to me or to all of you guys ?,

I receipt dozens mail from wrox bouncing back to me.



Thanks



Hermawan Haryanto

hermawan@h...

----- Original Message -----

From: "Nikolai Devereaux" <yomama@u...>

To: "beginning php" <beginning_php@p...>

Sent: Thursday, February 21, 2002 12:07 AM

Subject: [beginning_php] Re: How to hide the code?





>

> I think we all understand WHAT you're trying to do... but really, is your

> code so innovative or hot **** that you'd need it to remain a big secret?

> I've written a lot of PHP code, and I'll be the first to admit that most

of

> the components I've written have similar cousins already posted on

> phpclasses, hotscripts, phpbuilder, etc...

>

> Do you really expect your clients to break any sort of licensing terms you

> set?  If you tell them that they can't redistribute the code, then that

> should be good enough, I would imagine.

>

> The Zend approach costs over a grand a year.  That's a healthy chunk of

> change to drop.  Zend doesn't say whether or not they use an encryption

> algorithm to hide your code or not... I would guess that (since it MUST be

> used with the "accelerator") that all you're really doing is compiling the

> PHP down to an optimized bytecode representation of your script.

>

> The PHP Encoder from RS Software costs anywhere from 100 to 500 bucks,

> depending on what you get.  This seems much more reasonable, but since

they

> use encryption algorithms, I'd be worried that the performance hit of

using

> this would suck for larger sites... does this software decrypt each file

> every time it's accessed before sending it to the php interpreter?  If so,

> it probably isn't worth it... and since it uses any of several well known

> key-based encryption algorithms to encipher your code, it's entirely

> possible for someone with the key to decrypt your code as well.  After

all,

> the key must be stored somewhere on the server since the executable might

> well have to keep track of what key(s) were used to encrypt what files,

and

> decrypt them before forwarding them to the php interpreter for processing.

>

> Please note that my assumptions are nothing more than assumptions about

each

> product.  I still think you're much better off licensing your software on

> the terms YOU want and assuming that your clients aren't going to break

the

> law.

>

> Nik

>

>

> > -----Original Message-----

> > From: Roel [mailto:roelpbagao@h...]

> > Sent: Wednesday, February 20, 2002 3:42 PM

> > To: beginning php

> > Subject: [beginning_php] Re: How to hide the code?

> >

> >

> > Maybe you don't understand my question. Could you please kindly read

what

> > I mean before you reply.  I will elaborate it more for you, if you don't

> > understand.

> >

> > When you sell a software of course you will install them in to their

> > machine right,  So it is not our computer machines it's from the

> > customers, and the computer is in their office not ours correct?

> >

> > And also we know that our code is not going to be sent out over the web.

> > It will not be sent on the client's computer. But I indicated that, our

> > problem is on the server. If you are on the server you can see

everything

> > right?

> >

> > Let me give you a piece of advice.  Pls read everything before replying

> > like this. I am not a lamer you know as you have expected. I will not

> > developed software like this if I don't know this a little bit of

> > information on web technology. Everybody knows that the web server will

> > only sent HTML.  Next time Pls. understand a question before replying.

> >

> > > Do your customers have direct access to your machines? Do your

> > customers

> > visit your offices and sit

> > > down at your computers? If so, perhaps you could tell them to stop, or

> > restrict them to a certain

> > > part of your office, away from your computers.

> > >

> > > Your code is not going to be sent out over the web, the web server

will

> > filter out your code and

> > > send out only HTML. Your customers can only get your code if

> > they access

> > to your machines.

> > >

> > >

> > >

> > >

> > >

> > >

> >




> > $subst('Email.Unsub').

>

>




$subst('Email.Unsub').

>



Message #22 by tonsil@s... on Wed, 20 Feb 2002 12:57:22 -0800
First, let's not get into a flame war or anything silly, it's just a 

waste of time. Secondly, I'm not there yet, but I can see in the 

future developing applications for people that will reside on their 

server. I want to give them use of the applications, but not the 

source, as I might want to sell it again to someone else. So I think 

that this thread is _very_ useful, and if you have success with the 

Zend software or another method, please keep us posted. 



Thanks.

Message #23 by "Nikolai Devereaux" <yomama@U...> on Wed, 20 Feb 2002 10:51:54 -0800

I'm not starting a flame war -- if anything, I'd think that my most recent

post asked some extremely fair questions, and added to them my own opinions

and insight.



What did I say that was flamey?  The "hot ****" part?  Come on!  If all I

wanted to do was flame somebody I'd insult him without really addressing the

matter at hand.



The nature of scripting languages like PHP is that they're interpreted --

not compiled.  That said, the interpreter works on the source code.

Interpreters can compile the source code to bytecode on the fly and execute

it.  (Lua is an example of an interpreted scripting language who's

interpreter can also execute compiled byte code.)



I honestly don't see what would prevent you from selling your application to

multiple parties if it's distributed as php source with a restrictive

license.  Think about it -- if all the encoder does is hide the source code,

what keeps your client from distributing your "hidden" php code to whoever

wants it?  There's really no difference -- as was posted before, anything

that can be encrypted can be decrypted.  If the application works out of the

box, it won't even need to be decrypted.



Shrug.



I still think that it's possible to prevent users with accounts on the

server to access your php source by setting the permissions on the source

directory so that only the webserver and root users are able to read them.



take care,



nik





> -----Original Message-----

> From: tonsil@s... [mailto:tonsil@s...]

> Sent: Wednesday, February 20, 2002 12:57 PM

> To: beginning php

> Subject: [beginning_php] Re: How to hide the code?

>

>

> First, let's not get into a flame war or anything silly, it's just a

> waste of time. Secondly, I'm not there yet, but I can see in the

> future developing applications for people that will reside on their

> server. I want to give them use of the applications, but not the

> source, as I might want to sell it again to someone else. So I think

> that this thread is _very_ useful, and if you have success with the

> Zend software or another method, please keep us posted.

>

> Thanks.



Message #24 by Jacob Cohen <cohen@r...> on Wed, 20 Feb 2002 11:18:38 -0800
Wednesday, February 20, 2002, 10:51:54 AM, you wrote:



> I honestly don't see what would prevent you from selling your application to

> multiple parties if it's distributed as php source with a restrictive

> license.  Think about it -- if all the encoder does is hide the source code,



>> -----Original Message-----

>> server. I want to give them use of the applications, but not the

>> source, as I might want to sell it again to someone else. So I think



Selling applications and distributing the source is a fairly common

practice. You draft a license that explicitly states that the customer

cannot resell your software, and leave it at that. It is the same sort

of licensing that prevents me from buying a copy of Office, adding

some templates and clip art, and selling it to the guy across

the hall.



Besides, providing the source is a way to attract additional

customers, as some people might want to customize the application to

their own specific needs, without having any intentions whatsoever of

selling the modified version.



-- 

Regards,

Jake                            mailto:cohen@r...



Message #25 by tonsil@s... on Wed, 20 Feb 2002 15:28:09 -0800
All of the points below are good ones, and I agree with them 

completely. However, I think it should be left up to the developers 

whether or not they wish to provide source, and I can think of 

certain instances where it might be preferable not to do so. If 

there's an affordable way to hide code that doesn't destroy 

performance, it could be useful to know about it.





On 20 Feb 2002, at 11:18, Jacob Cohen wrote:



> Wednesday, February 20, 2002, 10:51:54 AM, you wrote:

> 

> > I honestly don't see what would prevent you from selling your application to

> > multiple parties if it's distributed as php source with a restrictive

> > license.  Think about it -- if all the encoder does is hide the source code,

> 

> >> -----Original Message-----

> >> server. I want to give them use of the applications, but not the

> >> source, as I might want to sell it again to someone else. So I think

> 

> Selling applications and distributing the source is a fairly common

> practice. You draft a license that explicitly states that the customer

> cannot resell your software, and leave it at that. It is the same sort

> of licensing that prevents me from buying a copy of Office, adding

> some templates and clip art, and selling it to the guy across

> the hall.

> 

> Besides, providing the source is a way to attract additional

> customers, as some people might want to customize the application to

> their own specific needs, without having any intentions whatsoever of

> selling the modified version.

> 

> -- 

> Regards,

> Jake                            mailto:cohen@r...

> 

> 




> 





Message #26 by "Nikolai Devereaux" <yomama@u...> on Wed, 20 Feb 2002 12:30:18 -0800

Compile a Java Server Page to a Servelet and distribute that.  



=)





> -----Original Message-----

> From: tonsil@s... [mailto:tonsil@s...]

> Sent: Wednesday, February 20, 2002 3:28 PM

> To: beginning php

> Subject: [beginning_php] Re: How to hide the code?

> 

> 

> All of the points below are good ones, and I agree with them 

> completely. However, I think it should be left up to the developers 

> whether or not they wish to provide source, and I can think of 

> certain instances where it might be preferable not to do so. If 

> there's an affordable way to hide code that doesn't destroy 

> performance, it could be useful to know about it.

> 

> 

> On 20 Feb 2002, at 11:18, Jacob Cohen wrote:

> 

> > Wednesday, February 20, 2002, 10:51:54 AM, you wrote:

> > 

> > > I honestly don't see what would prevent you from selling your 

> application to

> > > multiple parties if it's distributed as php source with a restrictive

> > > license.  Think about it -- if all the encoder does is hide 

> the source code,

> > 

> > >> -----Original Message-----

> > >> server. I want to give them use of the applications, but not the

> > >> source, as I might want to sell it again to someone else. So I think

> > 

> > Selling applications and distributing the source is a fairly common

> > practice. You draft a license that explicitly states that the customer

> > cannot resell your software, and leave it at that. It is the same sort

> > of licensing that prevents me from buying a copy of Office, adding

> > some templates and clip art, and selling it to the guy across

> > the hall.

> > 

> > Besides, providing the source is a way to attract additional

> > customers, as some people might want to customize the application to

> > their own specific needs, without having any intentions whatsoever of

> > selling the modified version.

> > 

> > -- 

> > Regards,

> > Jake                            mailto:cohen@r...

> > 

> > 




> $subst('Email.Unsub').

> > 

> 

> 

> 




> $subst('Email.Unsub').

Message #27 by "Lawrence" <lkrubner@g...> on Thu, 21 Feb 2002 00:12:25 -0500
From: "Roel" <roelpbagao@h...>

> Maybe you don't understand my question. Could you please kindly read what

> I mean before you reply.  I will elaborate it more for you, if you don't

> understand.

> When you sell a software of course you will install them in to their

> machine right,  So it is not our computer machines it's from the

> customers, and the computer is in their office not ours correct?



Suppose your code was somehow compiled. If your customer wanted to break the law, which is what you

are assuming, then couldn't they just resell your software? Isn't this a major problem that the

whole software industry is facing? I agree with the guy from SGI that it is an interesting question,

for all scritping languages, but I don't think anyone has found an answer yet.









Message #28 by "Lawrence" <lkrubner@g...> on Thu, 21 Feb 2002 00:12:34 -0500
From: "Nikolai Devereaux" <yomama@u...>

> Compile a Java Server Page to a Servelet and distribute that.



Or ASP.Net . The new version of ASP is compiled. Microsoft has given up on the interpreted language

due to performance concerns.





















>

> =)

>

>

> > -----Original Message-----

> > From: tonsil@s... [mailto:tonsil@s...]

> > Sent: Wednesday, February 20, 2002 3:28 PM

> > To: beginning php

> > Subject: [beginning_php] Re: How to hide the code?

> >

> >

> > All of the points below are good ones, and I agree with them

> > completely. However, I think it should be left up to the developers

> > whether or not they wish to provide source, and I can think of

> > certain instances where it might be preferable not to do so. If

> > there's an affordable way to hide code that doesn't destroy

> > performance, it could be useful to know about it.

> >

> >

> > On 20 Feb 2002, at 11:18, Jacob Cohen wrote:

> >

> > > Wednesday, February 20, 2002, 10:51:54 AM, you wrote:

> > >

> > > > I honestly don't see what would prevent you from selling your

> > application to

> > > > multiple parties if it's distributed as php source with a restrictive

> > > > license.  Think about it -- if all the encoder does is hide

> > the source code,

> > >

> > > >> -----Original Message-----

> > > >> server. I want to give them use of the applications, but not the

> > > >> source, as I might want to sell it again to someone else. So I think

> > >

> > > Selling applications and distributing the source is a fairly common

> > > practice. You draft a license that explicitly states that the customer

> > > cannot resell your software, and leave it at that. It is the same sort

> > > of licensing that prevents me from buying a copy of Office, adding

> > > some templates and clip art, and selling it to the guy across

> > > the hall.

> > >

> > > Besides, providing the source is a way to attract additional

> > > customers, as some people might want to customize the application to

> > > their own specific needs, without having any intentions whatsoever of

> > > selling the modified version.

> > >

> > > --

> > > Regards,

> > > Jake                            mailto:cohen@r...

> > >

> > >




> > $subst('Email.Unsub').

> > >

> >

> >

> >




> > $subst('Email.Unsub').

>








Message #29 by "Nikolai Devereaux" <yomama@u...> on Thu, 21 Feb 2002 08:41:55 -0800

Yes, but if you use ASP you're extremely limited in choosing a server

platform.



take care,



nik



> -----Original Message-----

> From: Lawrence [mailto:lkrubner@g...]

> Sent: Wednesday, February 20, 2002 9:13 PM

> To: beginning php

> Subject: [beginning_php] Re: How to hide the code?

>

>

> From: "Nikolai Devereaux" <yomama@u...>

> > Compile a Java Server Page to a Servelet and distribute that.

>

> Or ASP.Net . The new version of ASP is compiled. Microsoft has

> given up on the interpreted language

> due to performance concerns.



Message #30 by "Roel" <roelpbagao@h...> on Sat, 23 Feb 2002 14:12:54
QUOTE

> I think we all understand WHAT you're trying to do... but really, is your

> code so innovative or hot **** that you'd need it to remain a big secret?

ENQUOTE



It's none of your business, just answer the question OK.
Message #31 by "Nikolai Devereaux" <yomama@u...> on Sat, 23 Feb 2002 14:00:37 -0800

Y'know, I'M here trying to help YOU.  What kind of help do you honestly

think you'll get by being rude?  My question was perfectly valid, and it's

funny to me that the only part of my message you responded to was the one

contained a potty-mouth word.



The rest of that post (iirc) went into more detail about your options than

any other post I'd seen, so why not just relax?



sheesh.



if you live in or near San Diego, drop on by and I'll buy you a drink.  It

might help.



nik







> -----Original Message-----

> From: Roel [mailto:roelpbagao@h...]

> Sent: Saturday, February 23, 2002 2:13 PM

> To: beginning php

> Subject: [beginning_php] Re: How to hide the code?

>

>

> QUOTE

> > I think we all understand WHAT you're trying to do... but

> really, is your

> > code so innovative or hot **** that you'd need it to remain a

> big secret?

> ENQUOTE

>

> It's none of your business, just answer the question OK.




> $subst('Email.Unsub').




  Return to Index