Security
|
|
|
|
<?
##################################################################################
### Phrozen - one simple way to protect your scripts in real time.
### Joel De Gan 2002.
### http://www.tenshimedia.com, http://www.joihost.com
### If you use this somewhere, give me credit for the idea..
###
### The idea, you want to encode your scripts, however you don't want to make
### the end user have to install something to "un-encode" them.
###
### solution: "Phrozen"
###
### This is more of the skeleton of the program, however it is fully functional.
### To run this example you will need to create a directory under where this
### file is located called "pages" and chmod it so that it is writable.
### load up the page, drop in some php code in the textarea and click on
### "phreeze", it will create a file in the pages directory that is an md5 hash
### of the code.
### copy the name of that file and paste it into the box for "unphreeze"
### the encoded code in the file will be uncoded on the fly, written to disk
### and then included into this page.
###
### I am working out an idea for doing remote licensing of products written in
### PHP, passing keys back and forth (software license keys) and having all the
### pages encrypted.
###
##################################################################################
$page_dir = getcwd() . "/pages/"; // where out 'phro' files are located.
$include_dir = "pages/"; // same dir for includes for this example
$temp = "temp.php"; // also can use the following; md5(time()) . ".php";
$temp_file = $page_dir . $temp;
$include_this = $include_dir . $temp;
// this function just reads an entire file into a string
function file_get_contents($filename, $use_include_path = 0) {
$fd = fopen ($filename, "rb", $use_include_path);
$contents = fread($fd, filesize($filename));
fclose($fd);
return $contents;
}//end function
###
### phreeze/unfreeze functions, you can obviously add to these
### add in gzcompressing, encryption etc.
###
function phreeze($z){
$z = serialize($z);
$z = base64_encode($z);
return $z;
}//end function
function unphreeze($z){
$z = base64_decode($z);
$z = unserialize($z);
$z = stripslashes($z); // this is necessary.. don't remove
return $z;
}//end function
###
### some logic for how to phreeze/unfreeze data.
###
if ($code){
// we got some data we need to phreeze.
$phcode = phreeze($code);
$name = md5($phcode) . ".phro";
if (file_exists($page_dir . $name)) {
$fp = fopen ($page_dir.$name, "aw");
fputs ($fp, $phcode);
fclose($fp);
}else{
$fp = fopen ($page_dir .$name, "w");
fputs ($fp, $phcode);
fclose($fp);
}//fi
}//fi
// if we pass in the name of the file ($pcode) lets unphreeze it and
// toss it in a temporary file and include it, then unlink it.
if ($pcode){
if (file_exists($page_dir . $pcode)) {
$thecode = file_get_contents($page_dir . $pcode);
$out = unphreeze($thecode);
$fp = fopen ($temp_file, "w");
fputs ($fp, $out); // slap the data in the file
fflush($fp); // flush contents to file
fclose($fp); // close our handle
require "$include_this"; // include it
unlink($temp_file);// remove the temp file
}else{
exit; // file not there.. don't do anything.
}//fi
}//fi
### rest is just the forms for playing around with it.
?>
<form method=post>
<textarea cols=60 rows=10 name=code></textarea>
<br>
<input type=submit value=" phreeze it ">
</form>
<form method=post>
<input type=text name=pcode>
<br>
<input type=submit value=" unphreeze it ">
</form>
|
|
|
Usage Example
|
|
|
Rate This Script
|
|
|
|
Store
Your email: