Page 1 of 1

phpGuardian (protect your script!)

Posted: Sat Feb 02, 2008 3:07 am
by phakko
hi,
I want to introduce my "small creature" phpGuardian, a script php that it allows of monitorare and protect sources through codifies and/or obfuscator...

download here the version 3.0: http://www.service4pc.it/logging/

if someone wants to participate to this project sends me a pvt.
I hope that there is useful to all, I hope to receive of the response with respect to the using and eventual problems Smiley
I have created also a group on linkedin for anyone wanted to support this project:
http://www.linkedin.com/e/gis/53884/3CFFD81EB4A6

bye bye

ps: sorry for my english:(

Re: phpGuardian (protect your script!)

Posted: Sat Feb 02, 2008 11:50 pm
by John Cartwright
Moved to General Discsussion.

Re: phpGuardian (protect your script!)

Posted: Sun Feb 03, 2008 12:55 am
by Benjamin
Hi phakko. I had a look at your code. For the most part the code is pretty decent.

Here is some feedback.

1. You're using error suppression a bit more than I would like to see. I would encourage you to cut that down a bit.
2. Your using global variables. I would get rid of those.
3. There are some database queries that have numerous unfiltered variables. This can lead to query injection. I didn't track back where the variables came from, but I saw at least one that I believe may come from an end user. I would use data validation using regex and the mysql escape_string functions.

As for the concept of zipping the code and base64'ing the code, which it seems your doing, I can't say that offers hardly any protection. While it would definitely ruin a newbies day, it's fairly trivial for an experienced programmer to get the original code.