Encrypt Footer Contents

[dzhax]

I'm working on a project that I might decide to distribute/sell. I don't want to loose credit for it down the line so I was wondering if I could somehow encrypt the footer contents.The kicker is the copyright to the site content needs to be changed by the user but i need the powered by... to not be changeable.ex1.Theme By: mesagePowered By: messagecopyright $year $companyAny ideas?

[requnix]

I am a beginner, so sorry if there anything wrong... Add some secret code on the footer page so without it, the page won't load,,, then just encrypt the page :)Not bad I think

[dzhax]

thats kinda what i was thinkin but i have no idea how to do that... my luck everything will stop working.

[Synook]

You can't technically "encrypt" HTML (how does the browser know how to unencrypt it?) - the best you can do is obfuscate it and then use JS to print it out correctly. http://www.google.com.au/search?q=javascript+HTML+obfuscate

[Ingolme]

In fact, the way it's done in some places if that the PHP code that prints out the footer is obfuscated and encrypted.Here's a good example of a difficult to modify footer:http://w3schools.invisionzone.com/index.php?showtopic=24400

[requnix]

You can't technically "encrypt" HTML (how does the browser know how to unencrypt it?) - the best you can do is obfuscate it and then use JS to print it out correctly. http://www.google.com.au/search?q=javascript+HTML+obfuscate

Umm,,Didn't he want to encrypt the php, not only the html?

[Synook]

Umm,,Didn't he want to encrypt the php, not only the html?

From the initial post, I got the impression that he wanted to encrypt the HTML, so that end users couldn't just change it. Though, maybe he did want the PHP encrypted... but how do you "encrypt" a PHP page anyway?

[Ingolme]

From the initial post, I got the impression that he wanted to encrypt the HTML, so that end users couldn't just change it. Though, maybe he did want the PHP encrypted... but how do you "encrypt" a PHP page anyway?

Obfuscate it, encrypt the code itself as a string and then use eval().

[justsomeguy]

You can encrypt PHP code using the Zend Loader or Ioncube Loader. In order to run the encrypted code you need the corresponding decryption software installed on the server. The code won't run without the decryption software. If you don't have decryption software installed (Zend or Ioncube) then you can't encrypt the code. You can obfuscate it by encoding and evaling it but anyone who knows what they're doing will be able to decode it. With Zend or Ioncube you can't decrypt it without the software loaded on the server. Using Zend or Ioncube does give it true encryption, but people won't be able to run the code unless they have the decryption software installed. That may restrict how many people would use your product.

[requnix]

I am a beginner, how to encrypt with zend or ioncube?Is there a software to do that?

[justsomeguy]

The products are called Zend Guard and Ioncube PHP Encoder.

[requnix]

What is the difference between zend guard and zend optimization?

[justsomeguy]

Zend Guard encrypts files, Zend Optimizer runs the encrypted files. Optimizer is what you need to be installed on the server.

[dzhax]

Wow first thread that I ever posted that actually got a decent amount of information in one day...Not to say any information I have received before was not good.This Zend Optimizer does it need configured? Or can I just include it in the installation?

[justsomeguy]

No, you can't include it. It needs to be installed when PHP is installed. I've seen products that ship with one version for Zend and another for Ioncube and it just detects which one is installed and includes the appropriate file. Even so, it's limited to only being able to run on servers that have at least one of them installed.

[dzhax]

I have found software called Stunnix JS-Obfus Project Manager.It seems to be a pretty good software but I only have a trial version.The complete version is $281. With the trial I can not see much being changed, but it says the complete version will "mangle" the code unreadable by spambots.Is this what I need? If it is ill have to look around for a cracked version, because $281 is steep.-----Also does anyone know if this will need to be installed on the web server for the website to be readable? Or does the browser somehow know how to read mangled code?

[justsomeguy]

If the code is just obfuscated, it's still valid code, just confusing. It might change something like this:

var str = 'Hello World';function show(val){  alert(val);}show(str);

to this:

var jsm2ns84h4n = 'Hello World';function msks83jsjj24(nehduwksjtjt){  alert(nehduwksjtjt);}msks83jsjj24(jsm2ns84h4n);

Some of them will also replace a constant string with each ASCII code. The code still runs, it's just harder for a person to understand. Sometimes they will also encode it in a different character set, like base64. That just means the code has to be decoded back to ASCII before they execute it, which makes it run slower.Anyway, the main difference is that obfuscated code can still be understood, it just requires more time. Encrypted code cannot be understood unless it is decrypted, bottom line. Obfuscating will stop casual users from understanding the code, but won't necessarily stop a professional.

[requnix]

Can we use gzip_deflate() to encrypt?It can reduces the file size too, right?

[justsomeguy]

That's not encryption, that's just compression. You can just as easily uncompress it to get the original code.