Page 1 of 1

How to take HTML and php and put it in a variable?

Posted: Thu Mar 24, 2005 5:41 pm
by jclarkkent2003
Hey all,
I'm trying to take a file like index.html, fopen it with my file_editor.php, and take ALL the index.html code and put it in a long variable named $HTML_CODE_PAGE;

Do I need to use things like html special characters or what? I want to base64 encrypt the php variable $HTML_CODE_PAGE, so my code is more encrypted (it won't stop here but it's a start). I have had problem with quotes and slashes etc...

Thanks.

Posted: Thu Mar 24, 2005 5:43 pm
by John Cartwright

Code: Select all

$file = file_get_contents('index.html');

echo htmlentities($file);
if you are having problems with quotes

addslashes() and stripslashes()

Posted: Thu Mar 24, 2005 7:01 pm
by jclarkkent2003
thanks, I'll try it.

I want to retain the integrity of the html AND php code perfectly, so I could undo whatever I did to encode it into base64, and look at it and it's just the same as it was before I did anything.

you understand what I'm trying to do? Basically I'm going to write a simple encryptor that does same thing like zend and ion cube, but without having to install those.

What else do you think I can use to encrypt and decrypt in php like base64 ? If there are any other scripts or php functions that I can use to confuse and obfuscate / encrypt the php/html code, and or other people's scripts which they have written FUNCTIONS in php to encrypt data, that would be awesome.

I'm not too big of a fan of zend and ion cube cause you gotta install them on the server, I'm a bigger fan of things like php codelock (even though I've never really used it, it does the thing I want to do).

thanks.

Posted: Thu Mar 24, 2005 7:05 pm
by John Cartwright
base_64_encode does nothing but encode the data, it does not encrypt it.
It is absolutly not secure and the data can be restored with a simple base_64_encode.

Why do you want to encrypt your code?

Posted: Thu Mar 24, 2005 7:17 pm
by Ambush Commander
The fact that you have to install Zend and Ionblock are exactly what makes it possible for them to obfuscate PHP code.
I want to retain the integrity of the html AND php code perfectly, so I could undo whatever I did to encode it into base64, and look at it and it's just the same as it was before I did anything.
Base64 is for cleaning up strings before sending them through binary streams that are not 8bit clean. What ever you send through there, it will look weird, but it's easily "decrypted".
you understand what I'm trying to do? Basically I'm going to write a simple encryptor that does same thing like zend and ion cube, but without having to install those.
The problem with encrypting PHP is that you're going to have to be able to decrypt and parse it. The only way to do that is either to compile it (decompiling binaries is notoriously hard), or have a black box program (Zend or Ioncube) use a decryption algorithm to ready the code for the parser.
What else do you think I can use to encrypt and decrypt in php like base64 ? If there are any other scripts or php functions that I can use to confuse and obfuscate / encrypt the php/html code, and or other people's scripts which they have written FUNCTIONS in php to encrypt data, that would be awesome.
Once again, base64 is not really "encrypting your code". Sure, it obfuscates it, but if you don't have a high programming language extension to the Zend engine, what you'll end up doing is base54_decode'ing and then "eval"ing the whole thing (which is a performance nightmare).
I'm not too big of a fan of zend and ion cube cause you gotta install them on the server, I'm a bigger fan of things like php codelock (even though I've never really used it, it does the thing I want to do).
There's a good reason why you have to install them onto the server. Even though CodeLock seems to purport to have a PHP only solution, I have no idea how they would do it, and base64 is definitely NOT the way to go about trying to obfuscate PHP code.

Posted: Thu Mar 24, 2005 7:22 pm
by jclarkkent2003
yea, I know that was why I was asking for more options. I'm not looking for a totally black box security lock right now, I'm looking to confuse the heck out of it, so for some free php script I hand out don't get ripped too easily. It's all about time, and if I can just make it really HARD to DECODE but not impossible, that would be perfect.

Zend and ion cube, are these totally unhackable or how do they encrypt data?

Posted: Thu Mar 24, 2005 7:26 pm
by Ambush Commander
Zend and ion cube, are these totally unhackable or how do they encrypt data?
From my *limited* understanding (that's right, I have no clue what I'm talking about) Zend takes your PHP and obfuscates it. Then, the user downloads the code and also installs the Zend interpeter on their system. The interpreter is free, but also closed source. It integrates with the Zend Parser to tightly integrate the decryption with the compilation process.
yea, I know that was why I was asking for more options. I'm not looking for a totally black box security lock right now, I'm looking to confuse the heck out of it, so for some free php script I hand out don't get ripped too easily. It's all about time, and if I can just make it really HARD to DECODE but not impossible, that would be perfect.
Why not just open-source it? Sorry, I can't help you here: everything that I can think of introduces a bottleneck element that would scare away anyone even thinking of using your code.

Posted: Thu Mar 24, 2005 8:19 pm
by jclarkkent2003
yea, well as much as I am for open source, I prefer to keep my copyrights and not get ripped off, ALL my scripts are free anyways, if they want the source code to modify, I think I will have to charge for that and let them redistrubute.

It's all about security as well. not just for the scripts I distrubute as free ware, but my more advanced websites which I put YEARS into coding in php, I know MANY MANY MANY people who would steal my php code at the drop of a dime without thinking twice. I want to prevent this from happening, and if my last resort is ion cube or zend, I can manage that, but I'm just concerned about the COSTS for those encryption programs, they cost a fortune.