I'm working on a script that I'd like to obfuscate only. I don't want to use a tool that requires uploading loaders etc. I've seen some code that simple encodes everything into a base64 code. That's simple enough for me assuming there is no need for loaders. I'm not concerned about people reverse engineering. Any recommendation on a tool to do that? My second question: My script has an install script that creates in an include file that stores the database connection information. Since the code is written during install, do I need to worry about the file and variables being created from obfuscated code? Hope that makes sense. Jeff
Depends on what you're planning to do with your code once obfuscated. If you're passing code on to others then yes - it might be worth it (I say "might!") else if it's just for you then I have to ask - why? PHP once on a server cannot be downloaded by a visitor and re-used. No matter how hard they try all they'll get is whatever the script makes.
The scripts will be passed on and installed by the customer. Once they receive the script and upload it to their server there is an "install" step for them in which they enter theur mysql connection information. That information is stored in a file that is created during the install process and then included in the script. My concern is whether the obfuscator will cause problems with either reading or writing to the file.
Any obfuscator that does its job properly shouldn't cause any problems. Using Google I found this one and it really does mess it all up so I'm wondering if any pre-loader is required. www. raizlabs.com/software/phpobfuscator/ I can't post links properly yet so remove the space after "www." That one is free and I've noticed they have a support tab - you could contact them and ask if it'll be a problem? They also have support forums. I've never used them personally so I'm probably not the best person to give advice to about this. Another side-effect which could be good is that if anyone had problems installing then they have to come back to you for assistance.
Thanks. I'll look into that. My only concern is how it will handle my config files that are created dynamically. I've seen some that basically convert all of the code to a base64 string which is fine with me, but I'm trying to find some software that will do that for the 30+ files in my project. This way I don't have to worry about variables etc getting corrupt in my config files.
I ended up creating a quick script that will base64 encode everything and create a new file. That's really all I'm looking for. Thanks for the help.