How to protect source code in php

Code Obfuscation Encryption

The actual encryption is not counted. The specific implementation idea is to base64 encrypt the code , and then perform string mapping on the string in base64 (randomly generated dictionary obfuscation)

represents the code as follows:

<?php

 function RandAbc($length = "") { // 返回随机字符串 
  $str = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; 
  return str_shuffle($str); 
 } 

 $filename = &#39;index.php&#39;; //要加密的文件 
 $T_k1 = RandAbc(); //随机密匙1 
 $T_k2 = RandAbc(); //随机密匙2 
 $vstr = file_get_contents($filename); 
 $v1 = base64_encode($vstr); 
 $c = strtr($v1, $T_k1, $T_k2); //根据密匙替换对应字符。 
 $c = $T_k1.$T_k2.$c; 
 $q1 = "O00O0O"; 
 $q2 = "O0O000"; 
 $q3 = "O0OO00"; 
 $q4 = "OO0O00"; 
 $q5 = "OO0000"; 
 $q6 = "O00OO0"; 
 $s = &#39;$&#39;.$q6.&#39;=urldecode("%6E1%7A%62%2F%6D%615%5C%76%740%6928%2D%70%78%75%71%79%2A6%6C%72%6B%64%679%5F%65%68%63%73%77%6F4%2B%6637%6A");$&#39;.$q1.&#39;=$&#39;.$q6.&#39;{3}.$&#39;.$q6.&#39;{6}.$&#39;.$q6.&#39;{33}.$&#39;.$q6.&#39;{30};$&#39;.$q3.&#39;=$&#39;.$q6.&#39;{33}.$&#39;.$q6.&#39;{10}.$&#39;.$q6.&#39;{24}.$&#39;.$q6.&#39;{10}.$&#39;.$q6.&#39;{24};$&#39;.$q4.&#39;=$&#39;.$q3.&#39;{0}.$&#39;.$q6.&#39;{18}.$&#39;.$q6.&#39;{3}.$&#39;.$q3.&#39;{0}.$&#39;.$q3.&#39;{1}.$&#39;.$q6.&#39;{24};$&#39;.$q5.&#39;=$&#39;.$q6.&#39;{7}.$&#39;.$q6.&#39;{13};$&#39;.$q1.&#39;.=$&#39;.$q6.&#39;{22}.$&#39;.$q6.&#39;{36}.$&#39;.$q6.&#39;{29}.$&#39;.$q6.&#39;{26}.$&#39;.$q6.&#39;{30}.$&#39;.$q6.&#39;{32}.$&#39;.$q6.&#39;{35}.$&#39;.$q6.&#39;{26}.$&#39;.$q6.&#39;{30};eval($&#39;.$q1.&#39;("&#39;.base64_encode(&#39;$&#39;.$q2.&#39;="&#39;.$c.&#39;";eval(\&#39;?>\&#39;.$&#39;.$q1.&#39;($&#39;.$q3.&#39;($&#39;.$q4.&#39;($&#39;.$q2.&#39;,$&#39;.$q5.&#39;*2),$&#39;.$q4.&#39;($&#39;.$q2.&#39;,$&#39;.$q5.&#39;,$&#39;.$q5.&#39;),$&#39;.$q4.&#39;($&#39;.$q2.&#39;,0,$&#39;.$q5.&#39;))));&#39;).&#39;"));&#39;; 

 $s = &#39;<?php &#39;."\n".$s."\n".&#39; ?>&#39;; 
 //echo $s; 
 // 生成 加密后的PHP文件 
 $fpp1 = fopen(&#39;temp_&#39;.$filename, &#39;w&#39;); 
 fwrite($fpp1, $s) or die(&#39;写文件错误&#39;); 

 ?>

Confuses garbled characters

The code obfuscation variable also has some things similar to the principle of 1, but it changes the string to non-human characters between ascii 127 and 255, and the characters that the editor cannot understand. The result is 100% correct. It is only a matter of time before it is cracked and restored.

Issuing opcode

Do not distribute the code, but precompile the PHP code first and distribute the opcode. After PHP7, opcache deeply integrates this thing. After PHP7, you can use this method to protect it. Source code, but it will also be decompiled by opcode and will be cracked.

Write a PHP extension with obfuscation and encryption

Write a PHP extension with obfuscation and encryption, but any open source PHP extension will be cracked unless you write your own encryption algorithm and encrypt the PHP code , and then use the C voice to write extended closed source. Others don’t know your encryption and cracking ideas, so the possibility of being cracked is very small.

Swoole Compiler

The one produced by swoole is to take the generated opcode and then obfuscate the encryption. Then this is awesome. If you want to execute this, it is obvious that the zend engine is It is impossible to recognize the obfuscated and encrypted opcode, so he actually needs to rewrite zend, so the supporting zend engine also needs to be changed.

Recommended tutorial: PHP video tutorial

The above is the detailed content of How to protect source code in php. For more information, please follow other related articles on the PHP Chinese website!