Write For Us
php
code-generation
obfuscation
minify
haxe

Minify / Obfuscate PHP Code

Viewed   134 times

I use Haxe to generate PHP code. (This means you write you code in the Haxe language and get a bunch of php files after compiling.) Today a customer told me that he needs a new feature on a old project made with Haxe. He also told me that he altered some small things on the code for his own needs. Now I first have port his changes to my Haxe code and then add the new feature, because otherwise his changes will be overwritten by the next time I compile the project.

To prevent that this happens again I am looking for some kind of program that minifies / obfuscates the PHP code. The goal is to make the code unreadable / uneditable as possible.
The ideal tool would run under Linux and could process whole folders and all it containing files.

Anybody any suggestions?

 Answers

1

I agree with the comment, what you are doing is very underhanded, but after 10 years in this biz I can attest to one thing: Half the code you get is so convoluted it might as well have been minified, and really function/var names are so often completely arbitrary, i've edited minified js and it wasn't much more of a hassle than some unminified code.

I couldn't find any such script/program, most likely because this is kind of against the PHP spirit and a bit underhanded, never the less.

First: Php isn't white space sensitive, so step one is to remove all newlines and whitespace outside of string.

That would make it difficult to mess with for the average tinkerer, an intermediate programmer would just find and replace all ;{} with $1n or something to that effect.

The next step would be to get_defined_functions and save that array (The 'user' key in the returned array), you'll need to include all of the files to do this.

If it's oo code, you'll need get_defined_classes as well. Save that array.

Essentially, you need to get the variables, methods, and class instances, you'll have to instantiate the class and get_object_vars on it, and you can poke around and see that you can get alot of other info, like Constants and class vars etc.

Then you take those lists, loop through them, create a unique name for each thing, and then preg_replace, or str_replace that in all of the files.

Make sure you do this on a test copy, and see what errors you get.

Though, just to be clear, there is a special place in hell reserved for people who obfuscate for obfuscation's sake.

Check out: get_defined_functions get_declared_classes and just follow the links around to see what you can do.

Saturday, November 26, 2022
 
sourabh_-_msft
 
sourabh_-_msft
1

I put together the following list a ways back - don't know if they are all current, or how many are now free, but you should find something useful here:

About:

  1. Wikipedia article: PHP Accelerator
  2. Comparison of APC, Zend, xCache, & the Zend Framework

Software:

  1. Safeyar (Best)
  2. PHP's APC (PECL page)
  3. RoadSend
  4. Turck-mmcache
  5. eAccelerator
  6. PHP-Accelerator
  7. SourceGuardian
  8. NuSphere Nu-coder
  9. Gridinsoft
  10. IonCube SA-Encoder.php

Another thread on SO that adds a few more (check it out):

Can I encrypt PHP source or compile it so others can't see it? and how?

  1. Zend Guard
  2. BCompiler (PECL page)
  3. PHC
Monday, December 5, 2022
 
ttran4040-40b803dbdf17
 
ttran4040-40b803dbdf17
1

If I'm not mistaken http://pear.php.net/package/PHP_Beautifier uses token_get_all() and then rewrites the stream. It uses heaps of methods like t_else and t_close_brace to output each token. Maybe you can hijack this for simplicity.

Friday, November 18, 2022
 
dreeves
 
dreeves
1

Symfony does this (at least the 1.x series I am used to). I should think version 2.0 also does, under either Doctrine or Propel (and both of those will work with MySQL).

Sunday, November 20, 2022
 
rob_mensching
 
rob_mensching
4

Under Windows it seems that files in vendor/bin are actually batch files, invoking the original file (and not php files which phpdbg will understand).

In this case:

dir=$(d=${0%[/\]*}; cd "$d"; cd "../phpunit/phpunit" && pwd)
                                  ^^^^^^^^^^^^^^^^^^
"${dir}/phpunit" "$@"
 ^^^^^^^^^^^^^^

i.e. ../phpunit/phpunit/phpunit (this path is relative to vendor/bin); thus the actual file is at vendor/phpunit/phpunit/phpunit.

And you can invoke it directly via phpdbg -qrr vendor/phpunit/phpunit/phpunit then.

Friday, December 23, 2022
 
roman_grigoriadi
 
roman_grigoriadi
Only authorized users can answer the search term. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :
php
code-generation
obfuscation
minify
haxe
 
Share
Related Answers
84
 How can I perform static code analysis in PHP?
73
 Obfuscate PHP code
80
 Problem when loading php file into variable (Load result of php code instead of the code as a string)
113
 Conditional Statements in PHP code Between HTML Code
112
 Eclipse Kepler - PHP Code completion not working
205
 How to diagnose these PHP-Code-Coverage segmentation and zend_mm_heap corrupted errors
90
 PHP - How to count lines of code in an application
110
 How many lines of PHP code is too many for one file?
302
 How to run PHP code from Visual Studio Code (VSCode)?
65
 (Re)formatting PHP code in Vim
Top Answers Related To

php,code-generation,obfuscation,minify,haxe

39
 Seriously, should I write bad PHP code?
56
 Generating PHP code (from Parser Tokens)
48
 Simple CRUD Generation
60
 Dynamic PHP Code creation based on MySQL Column Data Types
84
 NHibernate Code Generation
69
 Is it possible to change IntelliJ's code generation template for equals() and hashCode()
46
 JPA java code generation
103
 Atomic operations and code generation for gcc
33
 Do you use code generation tools?
75
 Builder pattern code generation in IntelliJ
Write For Us · Blog · Privacy · Faqs · Terms of Use · Contact us ·