PHP code is open source WEB code, does not require compilation, and is an interpreted language. (That is, adding an interpreter with the corresponding extension in WebServer can complete the analysis and processing of the code).
According to the interpreted characteristics of the PHP language and combined with individual project needs, we can use php.exe (PHP interpreter) to interpret and apply PHP code, making PHP suitable not only for WEB environments but also for WEB environments. Processed locally, such as GTK, etc.
I have a project in hand that uses the Delphi channel (PIP) method to call the phpexe interpreter to interpret the PHP code to complete the process in the WEB.
But on the other hand, the disadvantages are reflected. Because PHP adopts an open source method, different users can easily see the source program written in the PHP language, analyze the source program, and easily obtain data connections. Processing procedures and even important information such as server names are also not conducive to the copyright protection of software developers. Therefore, it is necessary to encrypt and authorize the PHP source code, that is, (Encoding and License authorization)
There are two main types of software currently on the market that are more popular in the market for encrypting and authorizing PHP:
(1) ZendGuard by Zend Company. —-The latest version 5.0.1 (2008/06/17)
(2) ionCube PHP Encode of ionCube Company. ---The latest version 6.5 (2008/06/17)
For these two commonly used Encode software, they have different functions and respective advantages.
Zend Guard
Zend Guard can only encrypt files with PHP tags or source code (such as: .php, inc, etc.), and can save other text files without PHP tags. The files cannot be encrypted, support period, registration code.
Supports encryption of PHP4.2.X~5.2.X versions.
The ZendOptimizer (PHP engine) used can improve the speed optimization of the source code by more than 20~50%. Combined with ZendGuard, it can improve the performance speed optimization by more than 50%, and ZendOptimizer can be installed in many current mainstream systems. (When using ZendGuard encryption, you can choose the ZendOptimizer version for more optimization processing). In addition, ZendGuard can only be used in an environment configured with ZendOptimizer and cannot run independently. (Must be configured in the php.ini file)
* Also worth noting is the error of ZendGuard under PHP4. There will be a big difference between the absolute path and relative path of PHP4 during encryption.
In the PHP4.4.1 environment, if there are the following two files:
Test.php
Reference:
<?php require_once(”inc/test1.php”); ?>
inc/Test1.php
Quote:
<?php echo realpath(dirname(__FILE__)); ?>
Without encryption, the displayed result is: C:/LocalWeb/zendtest/inc
But after encryption, it is displayed: C:/LocalWeb/zendtest-encode/zendtest
It can be found that the inc directory has been removed after ZendGuard encryption, and the address of the file before being included is displayed. (That is, __FILE__ is displayed as a temporary constant).
*This problem has been tested and was not found in the PHP5.2.6 environment.
ionCube PHP Encode
ionCube PHP Encode, developed by ionCube, is used to encrypt PHP or non-PHP files. ionCube has been tested to be superior to Zend's ZendGuard in terms of functionality. It not only supports encryption methods such as expiration date, registration code, etc., but also supports complex encryption methods such as IP and MAC addresses. In addition, ionCube can not only encrypt PHP files with PHP tags or source code, but also can encrypt non-PHP files saved in text mode, such as xml, js, css, etc. (But you must use the read API provided by ionCube for reading and writing operations.)
The encryptable PHP version is from PHP4.0.6~5.2.X (2 levels higher than ZendGuard)
ionCube and Zend Similarly, in order to improve PHP performance optimization, a corresponding PHP engine is also provided, which can provide PHP optimization functions for most operating systems, but unfortunately, a Windows version of the PHP engine has not been provided so far.
Regarding the path problem in the PHP4 environment mentioned in ZendGuard before, it does not appear in ionCube. It can be seen that ionCube is relatively stable.
For ionCube, files with PHP tags or source code are processed using compression and encryption, and non-php text files are processed using encryption. When reading, you must use "ioncube_read_file/ioncube_write_file" to read and write files. Therefore, before using ionCube encryption, the corresponding PHP code needs to be modified before it can be used.
The above is the detailed content of Why should php source code be encrypted?. For more information, please follow other related articles on the PHP Chinese website!