SitePoint Sponsor

User Tag List

Page 2 of 5 FirstFirst 12345 LastLast
Results 26 to 50 of 111
  1. #26
    SitePoint Member
    Join Date
    Jun 2004
    Location
    Tarzana, CA
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Daijoubu
    That's going to add lots of overhead :|
    Just stick to mmcache/ioncube encoder...
    But doesn't that require a server mod?

  2. #27
    SitePoint Member
    Join Date
    Jun 2004
    Location
    Tarzana, CA
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by astericks
    hey brian, i took a look at it. nice script man.

    your addbytes() fn, I made one just like that to encode values being written to cookies

    Again, nice script...As Daijobu mentioned, it's gonna create quite some overhead, encoding one char by one. let's see where it goes from here.

    Good luck
    Thanks!
    The one-by-one byte encoding is just an example.
    THe whole point of making it open source is so that people
    can write custom crypt routines.

    But I am researching on better ways to do long string encryption
    (I will be adding password lock capability in the future, as well)

  3. #28
    SitePoint Addict silent's Avatar
    Join Date
    Jun 2004
    Location
    Roaming North America
    Posts
    220
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by xmitchx
    The problem is that it costs over 200 dollars for the simplest one
    that's nothing compared to even one person ripping off your source and redistributing it as their own...

  4. #29
    SitePoint Member
    Join Date
    Jun 2004
    Location
    Tarzana, CA
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by silent
    that's nothing compared to even one person ripping off your source and redistributing it as their own...
    Hehe... my name on PHPBuilder is silent... how strange.

  5. #30
    SitePoint Member
    Join Date
    Jun 2004
    Location
    Tarzana, CA
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    New method coming soon

    I have a new encryption method coming soon...
    I will be using mcrypt functions (optionally - since it isn't available on all systems)
    I have been playing around with Rijndael-128 in CFB mode. It's pretty kick-***.
    Just thought I'd post an update.
    Version 1.0 should be out in a week or so (hopefully --- I have 3 jobs )

  6. #31
    SitePoint Addict silent's Avatar
    Join Date
    Jun 2004
    Location
    Roaming North America
    Posts
    220
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by bgardner333
    Hehe... my name on PHPBuilder is silent... how strange.
    So you were the one that took it before me!

    I guess everyone will just have to figure out which silent is which on all the other forums!

    As if any other forum really comes close?!

    cheers,

    jay

  7. #32
    SitePoint Member
    Join Date
    Jun 2004
    Location
    Tarzana, CA
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    New Version!

    I just released FreeLock version 0.9.5 beta.
    It adds MCrypt support (using Rijndael-256 -- a very fast and secure algorithm)
    Next features will (possibly be) :
    supporting scripts that break in and out of PHP.
    directory traversal during encoding
    custom PHP extension for more secure encoding/decoding

    http://freelock.sourceforge.net

  8. #33
    SitePoint Evangelist Daijoubu's Avatar
    Join Date
    Oct 2002
    Location
    Canada QC
    Posts
    454
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    MMCache loader can be dl()'ed
    Not sure about the ionCube one

    And many host have them anyway
    Speed & scalability in mind...
    If you find my reply helpful, fell free to give me a point

  9. #34
    SitePoint Member
    Join Date
    Jun 2004
    Location
    Tarzana, CA
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Daijoubu
    MMCache loader can be dl()'ed
    Not sure about the ionCube one

    And many host have them anyway
    I am working on writing a PHP extension (that will be optional)
    for this purpose. It will just dl() as well.
    The only reason I do not want to make it mandatory is that
    you can not dl() on a threaded server (so if it's running as an apache module on a threaded apache, it won't work)

    I want this to be usable on as many systems as possible.
    But I think that the use of a php module would increase security/performance
    greatly. (It's just kind of a ***** to write a php module)

  10. #35
    SitePoint Evangelist Daijoubu's Avatar
    Join Date
    Oct 2002
    Location
    Canada QC
    Posts
    454
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    mmcache have pre-built binaries for win32
    Speed & scalability in mind...
    If you find my reply helpful, fell free to give me a point

  11. #36
    SitePoint Member
    Join Date
    Jun 2004
    Location
    Tarzana, CA
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Daijoubu
    mmcache have pre-built binaries for win32
    That's all well and good, but I want people to be able to distribute their
    scripts to people who have hosting companies that do not have/will not install
    a module.

    Work is coming along very slowly on the module though.. it's very difficult
    (because my C is VERY rusty)

    Who knows, maybe if I make it good enough, I can request that it be included
    with PHP's distribution at some point (yeah right)

  12. #37
    Web developer Carl's Avatar
    Join Date
    Sep 2003
    Location
    sweden
    Posts
    320
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I am getting nothing but parse errors on the encoded script:

    Code:
    Parse error: parse error, unexpected '<' in public_html/ex/frelock/fr/freelock.php(1) : 
    eval()'d code(44) : eval()'d code on line 15

  13. #38
    Web developer Carl's Avatar
    Join Date
    Sep 2003
    Location
    sweden
    Posts
    320
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ahh! there was plain HTML in the file before encoding. Hmm... got to be a way of improving on this.

  14. #39
    SitePoint Wizard triexa's Avatar
    Join Date
    Dec 2002
    Location
    Canada
    Posts
    2,476
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I am on a windows machine, and call to undefined function file_get_contents.. I have PHP 4.1.6, blah!

    I thought about buying an ecrypter ages ago... but I wonder -- how would the end user like this?

    For example, how could one customize my product if it is all jumbled???
    AskItOnline.com - Need answers? Ask it online.
    Create powerful online surveys with ease in minutes!
    Sign up for your FREE account today!
    Follow us on Twitter

  15. #40
    SitePoint Wizard triexa's Avatar
    Join Date
    Dec 2002
    Location
    Canada
    Posts
    2,476
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hmm... well I made my own file_get_contents function, and now it says token_get_all...

    If this is all needed for the encryption... fine, I could live with encoding on a remote server... but what about when the end-user runs it? Do you have the system requirements listed for running an encrypted file?
    AskItOnline.com - Need answers? Ask it online.
    Create powerful online surveys with ease in minutes!
    Sign up for your FREE account today!
    Follow us on Twitter

  16. #41
    SitePoint Member
    Join Date
    Jun 2004
    Location
    Tarzana, CA
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by sdesigns
    Hmm... well I made my own file_get_contents function, and now it says token_get_all...

    If this is all needed for the encryption... fine, I could live with encoding on a remote server... but what about when the end-user runs it? Do you have the system requirements listed for running an encrypted file?
    Sorry about that!
    As far as I know, it currently requires PHP 4.3.x
    I wasn't aware that file_get_contents wasn't available in 4.1.x

    And here is a list of (current) limitations on freelock :
    No breaking in and out of PHP (I know, it's a pain in the ***, but I am working on a parser for that purpose, that will split the code into a few variables, etc)
    Only works on scripts that start with <?php and end with ?>
    can't think of the others right now...

    But here is what I am working on :
    FreeLock PHP extension (dynamically loadable or can be compiled right into PHP)
    Support for scripts that break in and out of PHP
    Encoding of segments (to allow people to customize PARTS of the script)

    This is kind of slow going, as I am pretty busy these days. But I won't give up until I have made a VERY usable (and documented!!!) script encoder.

    Thanks all for your interest!
    Please, send me as much feedback as you can. I want you to like FreeLock!

  17. #42
    SitePoint Wizard subnet_rx's Avatar
    Join Date
    Aug 2001
    Location
    Hattiesburg, MS
    Posts
    1,085
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by colinr
    i don't like the idea... kinda against the whole OSS philosophy isn't it?

    use other people's freely given time and effort (and money) [apache, php, mysql, etc, etc] to write a script and then set up a system where you control who can use it or not....

    I wonder where we would all be if apache/php/mysql used that same thinking....

    secondly, if someone buys a php script package from you, why not let them tailor it to their needs?

    Not that I think you are a bad person er something. just think its kinda hypocritical to make an open-source [its on sourceforge right] program that is built to make other programs (or scripts, etc) closed-source...
    I've got to agree with this. Build a program to encrypt Microsoft scripts, much more fitting. Personally, I like to open source world and contributing to it.

  18. #43
    Web developer Carl's Avatar
    Join Date
    Sep 2003
    Location
    sweden
    Posts
    320
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    well, after two sleepness nights I finally made some progress on the embedded PHP functionality. It works nicely. Uses regular expressions that eliminate the need for that str_replace of the PHP tags.

  19. #44
    SitePoint Wizard triexa's Avatar
    Join Date
    Dec 2002
    Location
    Canada
    Posts
    2,476
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ...I just wish it didn't require PHP 4.3.0
    AskItOnline.com - Need answers? Ask it online.
    Create powerful online surveys with ease in minutes!
    Sign up for your FREE account today!
    Follow us on Twitter

  20. #45
    SitePoint Wizard silver trophybronze trophy asp_funda's Avatar
    Join Date
    Jun 2003
    Location
    ether
    Posts
    4,497
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    why don't you just install PHP4.3?? Besides, PHP5 is nearly out,
    so you look holding onto antique software.
    Our lives teach us who we are.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Me - Photo Blog - Personal Blog - Dev Blog
    iG:Syntax Hiliter -- Colourize your code in WordPress!!

  21. #46
    SitePoint Wizard triexa's Avatar
    Join Date
    Dec 2002
    Location
    Canada
    Posts
    2,476
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I could upgrade if I really wanted to .. heh

    But i would lose a LOT of customers if I increased my product's requirements to v4.3.x... currently its at 4.1.0!
    AskItOnline.com - Need answers? Ask it online.
    Create powerful online surveys with ease in minutes!
    Sign up for your FREE account today!
    Follow us on Twitter

  22. #47
    SitePoint Wizard silver trophybronze trophy asp_funda's Avatar
    Join Date
    Jun 2003
    Location
    ether
    Posts
    4,497
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Maybe, but most hosts have atleast v4.3.3 installed, so I doubt
    that your clients will face any problems there. If a host has anything
    lower than v4.3.3, I for one wouldn't host with them, there are plenty
    of them offering v4.3.3, so why would I go with one which give me
    outdated software?
    Our lives teach us who we are.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Me - Photo Blog - Personal Blog - Dev Blog
    iG:Syntax Hiliter -- Colourize your code in WordPress!!

  23. #48
    SitePoint Enthusiast
    Join Date
    May 2003
    Location
    Houston
    Posts
    28
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    you know guys this really doesn't protect your source code at all. Its super simple to print it out again. Just takes a 1 liner.

    The only way to really protect your source is to use a byte code encoder like zend encoder. And if you are really serious about protecting your code... its not expensive... a small business package which comes with zend IDE, performance suite, and encoder costs like 200 bucks. I bought it and it was definitly worth the money.

  24. #49
    SitePoint Member
    Join Date
    Jun 2004
    Location
    Tarzana, CA
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Carl
    well, after two sleepness nights I finally made some progress on the embedded PHP functionality. It works nicely. Uses regular expressions that eliminate the need for that str_replace of the PHP tags.
    Very cool. I was using the PHP builtin tokenizer to identify tags (makes it pretty easy)

    Would you care to share your enhancements to freelock?

  25. #50
    SitePoint Member
    Join Date
    Jun 2004
    Location
    Tarzana, CA
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by JClawson
    you know guys this really doesn't protect your source code at all. Its super simple to print it out again. Just takes a 1 liner.

    The only way to really protect your source is to use a byte code encoder like zend encoder. And if you are really serious about protecting your code... its not expensive... a small business package which comes with zend IDE, performance suite, and encoder costs like 200 bucks. I bought it and it was definitly worth the money.
    Ah, but the zend encoder can be cracked as well (and as far as the whole
    encoding thing, I realize that there is no way to be really secure using a PHP include, as the PHP include is just gzipped/base64'd 20+ times.

    That is why I am writing a PHP extension module (dynamically loadable, of course) to address these issues. People can then customize their encryption methods.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •