PHP code obfuscator

**Alan B** · 11-05-2007, 11:53 PM

Has anyone here used a PHP obfuscator? The idea is that it makes a script less readable by humans. Typically it would remove comments and excess whitespace, and change user-defined variable and function names into meaningless strings. Here's a description of one of them:

PHP Processor optimizes PHP source code and considerably decreases size of your source code files. PHP Processor provides a fast, intuitive way to obfuscate your PHP source code. Both variable and function names can be replaced with meaningless strings making your code difficult to read and alter for a third party programmer.

Has anyone here used such tools? Can you recommend one?

I tried one on-line version, but my PHP script didn't work after the obfuscation so clearly that particular obfuscator was not well written.

**PsyCHZZZ** · 11-06-2007, 06:06 AM

Hmmm... never use one before. I guess I never had the need for it yet. Although, I might be cautious about it though... cause like you said - after the obfuscation process it might cause the script to break...

Imagine if you have multiple file includes and all of them shared some common variables. If the obfuscation process changes the variables but didn't change those of the include files or change them to something else.. then it's pretty pointless.

A quick search shows that most of them are paid/shareware softwares.

**Jef S.** · 11-06-2007, 11:08 AM

Are you looking to sell scripts you've written or something? If that's what you're doing, why not just compile them with Zend or ionCube or something?

I couldn't imagine removing comments and whitespace being anything I'd want to do, especially if I was trying to debug "XXX error on line 2" when line 2 was a 6000 character line with every bit of PHP in the script crammed into one line.

**Alan B** · 11-06-2007, 11:41 AM

I agree with you that I wouldn't want to work on a script after all comments and whitespace had been removed. In fact, I would not work on such a script.

The "obfuscated" script would be an output, to place on the web server. I would retain the original script complete with all my comments and whitespace.

Zend would do a much more complete job that what I'm doing with an obfuscator. I simply want to make the script less readable by humans. Reason: The client for whom I'm creating the web site has a server administrator who periodically decides to tinker with my code. She doesn't know PHP or CSS or HTML, yet she does sometimes make changes to my files. I'm tired of fixing her damage. If I simply make the script less easily readable, she'll likely leave it alone.

**mpyusko** · 11-06-2007, 05:14 PM

Just compile it with zend and place it on their server. Then keep a copy of the source code for yourself (.tar.gz) then if you need to make a change. edit you source, recompile it and then upload it again. Is't that the way most programmers work anyway?

That's what I would do if it were me.

**Alan B** · 11-07-2007, 09:25 AM

Yes, Zend or Ioncube would definitely be more secure.

Thread: PHP code obfuscator

LinkBack

Thread Tools

Display

PHP code obfuscator

Posting Permissions