Thread: Making things 'tamper proof'
Hi all, I am busy developing some applications which will be sold, once complete. The .php files, as far as I know, have to be distributed as they are (in source code). Is there any way to protect the application so that it can not be tampered with? Can I write some stored procedure of some sort which prevents people from messing with the code? Best regards, Chris _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
And this has *what* to do with PostgreSQL? On Fri, Jul 06, 2001 at 09:57:13AM -0500, some SMTP stream spewed forth: > > The .php files, as far as I know, have to be distributed as they are (in > source code). Is there any way to protect the application so that it can not > be tampered with? Yes. > Can I write some stored procedure of some sort which > prevents people from messing with the code? No, I don't even know what you are thinking here. The PHP code would have essentially nothing to do with the database. You can obscure PHP source code through the use of the PHP "compiler" by Zend. I do not how difficult it is to reverse engineer code obscured in this manner. "Compiling" PHP code also improves performance also. IIRC, the "compiled" code must still be executed by `PHP`. gh > Best regards, > Chris ---------------------------(end of broadcast)--------------------------- TIP 3: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to majordomo@postgresql.org so that your message can get through to the mailing list cleanly
On Fri, 6 Jul 2001, Chris Ruprecht wrote: > I am busy developing some applications which will be sold, once complete. > The .php files, as far as I know, have to be distributed as they are (in > source code). Is there any way to protect the application so that it can not > be tampered with? Can I write some stored procedure of some sort which > prevents people from messing with the code? Zend Encoder seems to be what you're after. http://www.zend.com/zend/products.php#encoder -- Phil Davey http://www.pod-designs.net/philandjo.html E-mail pod@pod-designs.net ICQ 46295740 Just because you're smart, doesn't mean you can't act stupid....
The Zend encoder will convert your source files into byte code. You need the Zend Optimizer installed for it to read these files, but it's also cross platform code, it'll run anywhere the proper version of PHP/Optmiizer is installed. Check out http://www.zend.com -----Original Message----- From: pgsql-php-owner@postgresql.org [mailto:pgsql-php-owner@postgresql.org]On Behalf Of Chris Ruprecht Sent: Friday, July 06, 2001 10:57 AM To: p-php Subject: [PHP] Making things 'tamper proof' Hi all, I am busy developing some applications which will be sold, once complete. The .php files, as far as I know, have to be distributed as they are (in source code). Is there any way to protect the application so that it can not be tampered with? Can I write some stored procedure of some sort which prevents people from messing with the code? Best regards, Chris _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com ---------------------------(end of broadcast)--------------------------- TIP 2: you can get off all lists at once with the unregister command (send "unregister YourEmailAddressHere" to majordomo@postgresql.org)
And this has *what* to do with PostgreSQL? On Fri, Jul 06, 2001 at 09:57:13AM -0500, some SMTP stream spewed forth: > > The .php files, as far as I know, have to be distributed as they are (in > source code). Is there any way to protect the application so that it can not > be tampered with? Yes. > Can I write some stored procedure of some sort which > prevents people from messing with the code? No, I don't even know what you are thinking here. The PHP code would have essentially nothing to do with the database. You can obscure PHP source code through the use of the PHP "compiler" by Zend. I do not how difficult it is to reverse engineer code obscured in this manner. "Compiling" PHP code also improves performance also. IIRC, the "compiled" code must still be executed by `PHP`. gh > Best regards, > Chris ---------------------------(end of broadcast)--------------------------- TIP 3: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to majordomo@postgresql.org so that your message can get through to the mailing list cleanly