ioncube rant

well, tonight was an interesting night... i was asked to do some work for another member on here and after getting everything setup and working correctly, i needed to add 2 lines of code to a page that handles a form's submission. well... come to find out this page is encoded with ioncube and after spending nearly all night working on this only to have add 2 lines of code to one freaking file... i can't. so i probably wont be able to finish this project and i probably wont be getting paid either. and from what i can tell, the client actually purchased the encoded script so there is no real reason for it to be encoded to begin with. not from my point of view anyways. i could see if it were unlicensed code but they paid for it. it's licensed. just a bunch of shit if you ask me. i could go on for hours about this so i am just going to leave it at that. but if any of you know where i get an application to decompile the compiled bytecode that ioncube generates or something that would be awesome but i doubt that i will be able to.
anyways, i'm going to take out my frustration on some poor coder now. thanks for listening.

ansi

 

You may try and contact hiredgunz.

He had posted on some forum (I don't remember if it was DP or some other forum) about decoding scripts encoded with ioncube.

I hope he can find a solution to your problem.

 

appreciate the input sachin, i will try and get in contact with him.

 

Some software authors sell different versions of their scripts, a lite version or one that you can not edit, ie the encrypted version, and then one that is more expensive and not encrypted. Its a way to keep people from removing copyright info in the scripts.

Chances are if the script was encrypted with ioncube, you will need to go back to the original author in order to get a decoded version.

 

What do the two lines of code do ??

Couldn't you just put the two lines in another file and include the original with a different name, if you need to edit the html then output buffering should enable you to do that .....

I don't see the problem with encoding your work, its not so much to stop the users getting to the code as it is the competition, it makes sense to protect your hard work if you can, although most authors make the effort to make sure that users can still have full control over the encoded files or just encode the functions and not every file........

 

require("ntc_connect.php");
ntc_add_user($username,$password,$email);

PHP:

the 2 lines i need to add. though i dont know what variables username and email are stored in. and the password is automatically generated. so i would need to see it to do it.

 

What type of script is it? There are some that want to hide their intellectual properly so I can see what they may encode it. Some have developer licenses but who knows what the price of that would be and if the client would want to purchase one. As for decoding it well there are some out there that claim to be able to do it but is there any truth to it who knows. Probably should have checked the files out before doing any of the work live and learn I suppose?

 

yeah well we will see i guess. the client is attempting to get the company that wrote the script to either release an encoded script or add my lines of code to their current one. i don't know. but yeah, live and learn i suppose.

 

I haven't used ionCube (nor mod_rewrite very much), but here's a thought: could you use mod_rewrite to push every page through to a 'wrapper' page which has those two lines and then includes the original page that was being called?

 

Ahhh .. heard my name mentioned

I think the post referred to above is about decoding hacked ioncube pages in the article dashboard script as it is commonly hacked by adding encoded code before and after the ioncube code.

I don't know which script you are trying to customize, but is there an API document with it?

How about creating a template page and adding your client's email form there and have the link go to that page instead?

You can view and save the page layout in view source, create your page and add your code (assuming you can change the link to that page)

Hope this helps,

Jan

 

hey Jan thanks for the reply. well i found out this morning that they do have a custom set of <php></php> tags that they use within their template systems so now all i have to do is figure out the variable names i guess. it's going to be tricky i think but i want to finish it. i guess we'll see.

 

http://www.zendecode.com/

They can decode ionCube encoded files. But its stealing if you do it to someone else's work.

You can try emailing the people who sell that script, I'm sure they'll help you out.

 

yeah i ran across them as well but i wouldn't consider it stealing being as i only need to see it to modify it some. i could care less about their system but meh. all i have gotten from them so far is to use the <php></php> tag system within the template system but that still doesn't give me access to the variables within their script.

 

It sounds as though the person with the encoded files was caught out by whoever encoded them in the first place, and where it had not been made clear that the files would be encoded. It definitely should have been, and we never like to hear of these types of cases. Whilst the end user should have ensured that they knew and had agreed in writing what they were getting, which crucially means that they were getting the source code that they'd paid for, not everyone thinks about this.

Some web agencies like to protect the files that they create because they want to lock in the chance to charge for future updates themselves, and this is certainly fair enough if it is agreed and disclosed in the end user contract, along with the terms for when sourcecode would be provided to ensure that their client doesn't get stuffed. Most only encode and produce time expiring files during the early stages when their has been partial or even no payment from their client, and then release the full sourcecode once the job is wrapped up and payment has been received.

The end user might want to go back to the provider of the scripts in order to negotiate terms to get the sourcecode, and I'd imagine that they'd cooperate.