PHP Encryption

At one time or another, a software developer is faced with a potential troublesome issue. When all the programming is done, and it's time to distribute the actual program, the question arises: How do I protect my intellectual property from being misused, changed and sold by a potential user of my program? Of course there are copyrights, but not all users might be aware or care about it.

Usually this is not a problem when using ordinary executable files. The customer would have a hard time opening up the file in code debugger, figuring out assembler code and modifying the content. This process is called reverse engineering, and for some people this is an art.

The problem is a bit trickier when programming in an open format such as ASP, PHP or any type of scripting. The program is easily readable and sometimes ingenious and potential lucrative algorithms could fall into the wrong hands.

unencrypted PHP script, clearly visible and easy to modify

But there is a solution. This article is focused on how to protect your PHP scripts using obfuscation techniques that makes the program unreadable for humans - but still fully functional for a computer.

encrypted PHP script, hard to read and nearly impossible to modify

There are several open-source tools that solves this problem for you. Open Source means that anyone can view modify and contribute to a program in development. The main benefit for a lone programmer is that it's completely free of charge and can be used to solve this PHP encryption issue.

There is one thing that separates all of these programs. Type One is the programs that needs to have additional software installed on the hosting server in order for it to run. This means that the administrator (most often not you) will have to modify something on the server where the encrypted files will be executed. In turn, this means an additional layer of time consuming stuff when distributing your software. Sometimes this is okay, but most often not.

Type Two is the programs that doesn't need to have additional software installed on the server. PHP Obfuscator falls into this category. Theoretically it is possible to have a higher level of security (and sometimes performance) when using Type One encrypters. In practice, noone will ever put that much effort into trying to reverse engineer your scripts. This is why we chose PHP Obfuscator for this How-To part.

Here are two of the main Open Source PHP encryption tools:

• Turck MMCache is an open source software package with many included features, such as PHP accelerator, optimizer, encoder and dynamic content cache. One drawback is that in order to use all these functions you need to have additional software installed on the running server. It is fully compatible with Zend Optimizer, but not recommended.
  
  
• RaizLabs PHP Obfuscator (POBS) is the software package focused on in this arcicle. It does not need additional server PHP modules installed in order to run. It's easy to install and easy to use. The main feature is the actual PHP encryption, with many configuration options.

RaizLabs PHP obfuscator application encodes and obfuscates PHP code to make the output difficult to reverse engineer. The application requires no pre-modifications to your code and no additional components on your server. This product allows for encoding of functions, variables and the removal of whitespace. The application is provided for free. Compatible with Windows XP and higher.

Why Obfuscation?

PHP Obfuscation allows you to scramble your PHP code. Obfuscation allows you to provide normal PHP files that have been encoded making the source code difficult to reverse engineer. Unlike some other solutions PHP Obfuscator does not require special server side libraries or server components to work properly. This allows you to target a broad range of servers that support PHP. This may be useful for commercial products looking to secure their source code.

What does Obfuscated code look like?

Here is a sample of what obfuscated code looks like...
function FC7321B391B6EF18F0711B835402E91D1($RE91192A00FF990477EE414AD5D708F08) { global $db_prefix; global $R695CD54D1F9CB31C11C71AF5EF74FDDB; $R9E9F3EDB7A84E99A0567F313F4EAC1BA = $RE91192A00FF990477EE414AD5D708F08; $R37A721F3B04CA577A7730084048F2BE3 = array_keys($R695CD54D1F9CB31C11C71AF5EF74FDDB); foreach($R37A721F3B04CA577A7730084048F2BE3 as $R90E8291866BD6CB7ED5089CE7E833D11) { $R9E9F3EDB7A84E99A0567F313F4EAC1BA = str_replace($R90E8291866BD6CB7ED5089CE7E833D11, $db_prefix . $R90E8291866BD6CB7ED5089CE7E833D11 , $R9E9F3EDB7A84E99A0567F313F4EAC1BA); } return $R9E9F3EDB7A84E99A0567F313F4EAC1BA;}.

Chat with other webmasters!

What is JSON?

JSON (JavaScript Object Notation) is a lightweight data format based on the object notation of the JavaScript language. It is minimal, textual, and a subset of JavaScript. Specifically, it is a subset of ECMA-262 (The ECMAScript programming Language Standard, Third Edition, December 1999).

JSON has been widely adopted by people who found that it made it a lot easier to produce distributed applications and services. It is lightweight and very easy to parse by any language and libraries and tools exist in many languages to handle JSON. There are now JSON libraries or built-in JSON support for these programming languages and systems: ActionScript, C, C++, C#, Cold Fusion, D, Delphi, E, Erlang, Haskell, Java, Lisp, LotusScript, Lua, Perl, Objective-C, OCAML, PHP, Python, Rebol, Ruby, Scheme, and Squeak.

JSON has been formalized in RFC 4627. The MIME Media Type is application/json. JSON has no version number. No revisions to the JSON grammar are anticipated. If something has a 1.0, it will inevitably get a 1.1 and a 2.0, and everything is crap until it is 3.0. JSON is very stable.

The character encoding of JSON text is always Unicode. UTF-8 is the only encoding that makes sense on the wire, but UTF-16 and UTF-32 are also permitted. A JSON decoder MUST accept all well-formed JSON text. A JSON decoder MAY also accept non-JSON text. A JSON encoder MUST only produce well-formed JSON text. This is consistent with Postel's Law: "Be liberal in what you accept, and conservative in what you send."

JSON is built on two structures:

• A collection of name/value pairs. In various languages, this is realized as an object, record, struct, dictionary, hash table, keyed list, or associative array.
• An ordered list of values. In most languages, this is realized as an array, vector, list, or sequence.

JSON Format Overview

JSON is a very simple text format based on JavaScript's object notation. The notation contains these basic elements:

• Objects. Objects begin and end with curly braces ({}).
• Object members. Members consist of strings and values, separated by colon (:). Members are separated by commas.
• Arrays. Arrays begin and end with braces and contain values. Values are separated by commas.
• Values. A value can be a string, a number, an object, an array, or the literals true, false, or null.
• Strings. Strings are surrounded by double quotes and contain Unicode characters or common backslash escapes.

A simple example of JSON output looks like this:

{
"Image": {
  "Width":640,
  "Height":480,
  "Title":"Screen shot of my web",
  "Thumbnail":
  {
    "Url":"http:\/\/myweb.com\/image\/837492",
    "Height": 160,
    "Width": "120"
  },
"IDs":[ 123, 467, 87346 ]
}
}

In this example, Image is a top-level object; all other data is a member of that object. Width, Height and Title are all simple members containing number and string data. Thumbnail is a nested object, containing members for URL, Height and Width. IDs is an array, containing number values. Note the string value for URL, in which the slashes are escaped ("\/").

---

For a complete description of JSON and its many uses, we suggest a visit to Douglas Crockford's JSON.org, with a side trip to JSON: The Fat-Free Alternative to XML, on the same server.

Free 2 Gb Online Storage

This is a good service I've recently discovered...

With Diino you can easily store, share, manage, access, send and backup your documents, music, e-mails, photos and files with the highest security available online. Your data is stored on 2048-bits encrypted secure servers.

Diino provides easy access to all your important files, from any PC - and now you are also able to access your files from your personal DiinoWeb page using your cell phone’s web or wap browser. Anywhere, anytime – and on any device!

New secure email functionality
Collect all your email messages in one place and access all your email accounts from anywhere. Large storage capacities (up to 100 GB) means you never need to delete any emails.

Mobile access and personal mobile blog!
Did you know you can access your files and emails from your cell phone. You can even send blog entries with pictures and text from your cell phone to your Diino blog page.

No more worries about Backing up your files
Backup important files from your computer over Internet to our secure servers. Schedule your backups to run automatically at regular intervals.

You can get a 2GB Diino account for free and discover yourself what Diino can do for you.

Google Translation Buttons

Google offers a list of bookmarklets that you can drag to your browser's links bar and that allows you to translate the current page from a language to another language.

"While surfing the web, if you find a piece of text you'd like to translate, select the text with your mouse and click the browser button. If you want to translate a whole web page, simply click the button."

Here is the code...

<script type="text/javascript">
function googleTranslate(lpair) {
var t=(
(window.getSelection&&window.getSelection()) ||
(document.getSelection && document.getSelection()) ||
(document.selection && document.selection.createRange &&
 document.selection.createRange().text)
);
var e=( document.charset || document.characterSet );
if(t!=''){
 location.href=
   'http://translate.google.com/translate_t?'+
   'text='+t+'&hl=en&langpair='+lpair+'&tbb=1&ie='+e;
}else{
 location.href=
 'http://translate.google.com/translate?'+
 'u='+escape(location.href)+
 '&hl=en&langpair='+lpair+'&tbb=1&ie='+e;
};
} //end_of_googleTranslate()
<script>

Then to use it on your page, simply add a simple link like this:
<a href="javascript:googleTranslate('en|fr');">voir cette page en France </a>

Demo: Click here to view this page in France

What does `lorem ipsum dolor' mean?

"Lorem ipsum dolor sit amet. Consectetuer adipiscing elit, sed diam nonummy nibh euismod tincidunt ut laoreet dolore magna aliquam erat volutpat. Ut wisi enim ad minim veniam, quis nostrud exerci tation ullamcorper suscipit lobortis nisl ut aliquip ex ea commodo consequat.
Duis autem vel eum iriure dolor in hendrerit in vulputate velit esse molestie consequat, vel illum dolore eu feugiat nulla facilisis at vero eros et accumsan et iusto odio dignissim qui blandit praesent luptatum zzril delenit augue duis dolore te feugait nulla facilisi. Lorem ipsum dolor sit amet, consectetuer adipiscing elit, sed diam nonummy nibh euismod tincidunt ut laoreet dolore magna aliquam erat volutpat. Ut wisi enim ad minim veniam, quis nostrud exerci tation ullamcorper suscipit lobortis nisl ut aliquip ex ea commodo consequat."

This is the first part of a nonsense paragraph sometimes used to demonstrate a web template. It has been well established that if you write anything as a sample, people will spend more time reading the copy than looking at the actual feature. The "gibberish" below is sufficiently like ordinary text to demonstrate content sample but doesn't distract the reader. Hopefully.

Rick Pali submits the following from Before and After Magazine, Volume 4 Number 2.:

After telling everyone that Lorem ipsum, the nonsensical text that comes with PageMaker, only looks like Latin but actually says nothing, I heard from Richard McClintock, publication director at the Hampden-Sydney College in Virginia, who had enlightening news:

"Lorem ipsum is latin, slightly jumbled, the remnants of a passage from Cicero's _de Finibus_ 1.10.32, which begins 'Neque porro quisquam est qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit...' [There is no one who loves pain itself, who seeks after it and wants to have it, simply because it is pain.]. [de Finibus Bonorum et Malorum, written in 45 BC, is a treatise on the theory of ethics very popular in the Renaisance.]

"What I find remarkable is that this text has been the industry's standard dummy text ever since some printed in the 1500s took a galley of type and scambled it to make a type specemin book; it has survived not only four centuries of letter-by-letter resetting but even the leap into electronic typesetting, essentially unchanged except for an occational 'ing' or 'y' thrown in. It's ironic that when the then-understood Latin was scrambled, it became as incomprehensible as Greek; the phrase 'it's Greek to me' and 'greeking' have common semantic roots!"

About FreeForBiz.com

FreeForBiz projects enables and empowers ordinary internet users to establish their online business presence easily with no capital investment.

Service provided including free hosting plan (300 Mb disk space, 10 Gb monthly traffic, PHP, MySQL database, FTP account, POP3/Webmail email account) with related tools and references that might be required to build a complete commerce ready website.

User without established business can also take benefit by providing creative content (blog,picture,etc.) and receive 1:1 payment from advertisement displayed in their site.




Introduction

Do you have email account in Google, Yahoo!, Hotmail, or any other free mail service?
Did you pay for their good service?
Majority of us will answer those questions with both answer in this sequence: yes and no.
Yes, we have enjoyed their free service for years. No, we didn't pay for it.

Have you ever wonder, why they generously give us such services for free? Why are they not only financially survived but even growth into giant multi-billions dollars corporation? Are they getting their profit from users that paid for premium services (i.e., bigger mailbox)? Well... surely they score some cash from such premium charge, but it's not their main source of income. So can you guess where do those greens come from? Yes, they come from...

ONLINE ADVERTISEMENTS

Online advertising is a form of advertising utilizing the Internet and World Wide Web in order to deliver marketing messages and attract customers. Examples of online advertising include contextual ads on search engine results pages, banner ads, advertising networks and e-mail marketing.

With recent web technology refinements, online advertising has evolve to better forms of interactive communication. Information/content can be chanelled based on audience geography, specific time and occasions, statistical analysis of visitors behavior, contextual relation with corresponding content, etc. All of these methods is cross-calculated in sophisticated complex algorithm, resulting into high conversion ratio from impression to actual business transaction. In short, today online advertisement cost much less than its conventional media counterpart yet resulting more sales and profits.

Reports from Pricewaterhouse Coopers LLP, states that Online Advertising generated over $17 BILLION in 2006 and growing rapidly.