Making code harder to understand

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
jaymoore_299
Forum Contributor
Posts: 128
Joined: Wed May 11, 2005 6:40 pm
Contact:

Making code harder to understand

Post by jaymoore_299 »

I have a script I'd like to prevent others from ripping off, though it is not so valuable that I'd need it completely secure. What are some ways to make code harder to read/understand?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

That somewhat depends on the code, but basically.. if no compiler is allowed (bytecode), obfuscation is about the only real direction you can go.

Personally, I find obfuscation stupid to do on many levels. Granted there are varied levels of obfuscation. Choosing any combination of the following is obfuscation:
  • Compression. A very common approach that compacts words or phrases in an attempt to reduce overal size. The trade-off is it has to be decompressed to run.
  • Line crushing. Although a form of compression, I single this out because it requires no added code to decrypt. This often involves removing most whitespace, along with comments to make a single, very long line containing code. (the farthest I go, personally)
  • Encryption. Often coupled with compression, this will use an algorithm to transform the code into (often) complete garbage. Trade-off, like compression, requires unencrypted code to decrypt the actual code.
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

Harder to read when someone is looking at the source code?

I guess that's not really possible, unless you give them a hashed or encrypted version of the source code... which really wouldn't make much sense.

I guess just add comments that don't make any sense and use deprecated functions? But that's not suggested.
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
foobar
Forum Regular
Posts: 613
Joined: Wed Sep 28, 2005 10:08 am

Post by foobar »

Easy: Don't share your source-code.

Costly: Use Zend Encoder to distribute your bytecode rather than the source. You may experience a slight speed increase as well.
jaymoore_299
Forum Contributor
Posts: 128
Joined: Wed May 11, 2005 6:40 pm
Contact:

Post by jaymoore_299 »

I heard of line crushing, encryption, but what is compression? How do you compress and run a php script?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

without a "native" compiler to rehidrate the encryption or compression, a decrypt or decompress script must be placed around the actual code which is finally eval'd. Here's a rough example:

Code: Select all

$_='!@&#&FAVBB&A(*&FASHDfhasldfhasF&AF&*!#R&F&F&F&V&VLAKJSVJV BHKZXJLVZLXKJVKB LKJSDLFKJLKJL';
/* insert magical decrypt/decompress code here */
eval($u);
Here, $_ is a hypothetical resultant string created by the encryption/compression algorithm, and $u is the "original" code represented by $_ which could be anything (cure for cancer, maybe). The original code isn't actual code yet until it's been interpretted by the language, so eval() is used to do just that.

Now, because the decrypt/decompress will take a certain amount of space, the routine performing the crush has to weigh whether there is any real savings. Generally speaking, the compression ratio will determine whether it's even worth running through (unless forced)
Post Reply