有人用过PHP的混淆器吗?我试过一些,但它们不适用于非常大的项目。例如,它们不能处理包含在一个文件中而在另一个文件中使用的变量。

或者你有其他阻止代码传播的技巧吗?


当前回答

我不确定你是否可以将混淆解释语言标记为毫无意义(我无法在Schwern的帖子中添加评论,所以这里有一个新的条目)。

我认为,假设你知道所有可能的情况下,有人想要混淆代码,你假设任何人都愿意去看任何必要的长度,一旦混淆的代码。考虑一下我目前的情况:

I work for a consulting company that is developing a large and fairly sophisticated PHP-based site. The project will be hosted on a client's server that is hosting other sites developed by other consultancies. Technically any code we write is owned by the client, so we can't license it. However, any other consultancy (competitor) with access to the server can copy our code without getting permission from the client first. We therefore have a genuine reason for obfuscation - to make the effort required for a competitor to understand our code more than the effort of creating a copy of our work from scratch.

其他回答

没有什么是完美的。如果你只是想阻止非程序员,那么这里有一个我写的小脚本,你可以使用:

<?php
$infile=$_SERVER['argv'][1];
$outfile=$_SERVER['argv'][2];
if (!$infile || !$outfile) {
    die("Usage: php {$_SERVER['argv'][0]} <input file> <output file>\n");
}
echo "Processing $infile to $outfile\n";
$data="ob_end_clean();?>";
$data.=php_strip_whitespace($infile);
// compress data
$data=gzcompress($data,9);
// encode in base64
$data=base64_encode($data);
// generate output text
$out='<?ob_start();$a=\''.$data.'\';eval(gzuncompress(base64_decode($a)));$v=ob_get_contents();ob_end_clean();?>';
// write output text
file_put_contents($outfile,$out);

我见过最好的是Zend Guard。

用于PHP的Thicket™混淆器

PHP Obfuscator工具打乱了PHP源代码,使其非常难以理解或逆向工程(示例)。这为必须托管在网站上或交付给客户的源代码知识产权提供了重要的保护。它是SD源代码混淆器家族的成员。

使用SourceGuardian很好,因为它有一个很酷且易于使用的GUI。

但要注意:

注意它的——相当有趣的——许可条款。

每台机器只允许运行1个-到目前为止这是可以接受的 如果你想在另一台机器上运行命令行界面,比如你的web服务器,你将需要另一个许可证(是的,这很有趣,我也能听到你的笑声)。

我不确定你是否可以将混淆解释语言标记为毫无意义(我无法在Schwern的帖子中添加评论,所以这里有一个新的条目)。

我认为,假设你知道所有可能的情况下,有人想要混淆代码,你假设任何人都愿意去看任何必要的长度,一旦混淆的代码。考虑一下我目前的情况:

I work for a consulting company that is developing a large and fairly sophisticated PHP-based site. The project will be hosted on a client's server that is hosting other sites developed by other consultancies. Technically any code we write is owned by the client, so we can't license it. However, any other consultancy (competitor) with access to the server can copy our code without getting permission from the client first. We therefore have a genuine reason for obfuscation - to make the effort required for a competitor to understand our code more than the effort of creating a copy of our work from scratch.