SitePoint Sponsor

User Tag List

Results 1 to 7 of 7
  1. #1
    SitePoint Zealot
    Join Date
    Mar 2008
    Location
    Asheville, NC
    Posts
    183
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    protect web application

    hi, all.

    I have this web application that I'd like to distribute/licence to clients.

    it's HTML, obviously, javascript/ajax and PHP with mysql database.

    now, it there a way to protect the source code, hiding the HTML and javascript as well, and binding the software to a domain name without using loaders or installing anything on the server?

    I don't trust this client, he'll probably resell the application as turnkey websites on ebay.

    any idea appreciated.

    thanks!

  2. #2
    Follow Me On Twitter: @djg gold trophysilver trophybronze trophy Dan Grossman's Avatar
    Join Date
    Aug 2000
    Location
    Philadephia, PA
    Posts
    20,580
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    You can't hide the HTML, that has to be out there so the browser can render the page.

    The most you can do without installing ioncube/zend guard or the like on the server is obfuscation. Look for "php obfuscation" or "php obfuscator". All it does is randomize your variable and function names, and apply some simple reversible encoding.

    If someone really wants to get around any protection you build in with that, they can and will. Even with obfuscation a good coder will figure out where your licensing code is and get rid of the calls home so that it can run on any site.

  3. #3
    SitePoint Zealot
    Join Date
    Mar 2008
    Location
    Asheville, NC
    Posts
    183
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    yep, I looked into obfuscating the code, but the limitations are exactly the ones you pointed out.
    about the licencing code, do you by any chance know of any good library or class that can take care of that?

    I will probably go with obfuscating the code with PHPobfuscator (which is free), and add some licencing functionality - just to get some basic protection.
    obviously if the code is bound to the site a coder can just find the domain name in the code and change it, but...

    thanks a 1000!

  4. #4
    Follow Me On Twitter: @djg gold trophysilver trophybronze trophy Dan Grossman's Avatar
    Join Date
    Aug 2000
    Location
    Philadephia, PA
    Posts
    20,580
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Wouldn't know, I sell completely unprotected code, and it's worked out just fine

    If I were to do licensing, it'd be with ioncube or zend.

  5. #5
    SitePoint Enthusiast
    Join Date
    Jun 2009
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    yes ioncube is a good recomandation

  6. #6
    SitePoint Zealot
    Join Date
    Mar 2008
    Location
    Asheville, NC
    Posts
    183
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    it's kind of a pain, though, as it requires a loader and most of the times my clients are on a shared hosting with no shell access.

    not sure if the loader can just be published as a regular file and it will just work or if you need shell access...

  7. #7
    SitePoint Addict nimasdj's Avatar
    Join Date
    Dec 2007
    Posts
    298
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ioncube is very popular now and most major hostings install it.
    if not installed in php.ini by server admin and if dl() function is not disabled on server, loader can be used on runtime if software verndor bundles loader while encoding.

    no need to shell access and no pain at all.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •