Am 22.05.2014 um 09:08 schrieb Bas van Beek <bas@tobin.nl>:
>
> op 21-05-14 12:20, Nicolai Scheer schreef:
>> Hi all,
>>
>> I'm currently facing the situation, that I need to protect my php sources
>> and retain opcache compatibility.
>>
>> I know there are quite a few commercial tools for "encoding" and protecting
>> php sources, but none of them seems to work in conjunction with php's
>> opcache extension.
>>
>> Most products see this as part of their protection scheme.
> As said in the conversation spawned by your question it is possible to reverse engineer the
> opcodes to php script and as you noted you're ok with at least a first line of defense against
> customers altering scripts. I might have a workable solution to your problem.
>
> I faced a similar problem where I didn't want the PHP source code for a client application
> (win32 service/*nix daemon with embedded webserver, PHP API layer and AngularJS front-end) to be
> easily viewed and/or modified. So I built an embedded filesystem that is encrypted. For this
> embedded filesystem I wrote a PHP stream extension so I can access the files in that filesystem as
> if they reside on a regular disk. In the C++ code of the main app I open the embedded filesystem
> with the decryption key and I make a filesystem handle available to the PHP stream extension. The
> embedded webserver can access the embedded filesystem directly with its API and within PHP the
> stream extension takes care of that. This solution is compatible with PHP 5.5 and opcache and has
> the added bonus of only needing to ship a single file for all PHP, JS, Image and other web resource
> files). Hope this solution points you in the right direction.
This solution sounds very great! Creating a PHP extension to operate on an encrypted, virtual,
filesystem mibht offer exactly what one is looking for. If the app is small, it could be loaded into
memory, and be read by far faster from there.
Definitively an aproach I am going to test out myself, to learn more about this.
Kind regards, Ingwie.