5.4. Reflection & KeysThe Reflection and Keys tab in the Project Settings dialog is illustrated below: This tab encompasses settings related to reflection operations and key-based security features. ReflectionSeveral PHP reflection functions require the bytecode of a function to be present so that the reflection operation can be performed. Due to security features in encoded files, some reflection functions might not function as expected, however a project can be configured in a way to support reflection. If reflection is not utilised in your application, the default option of None should remain selected. Opting for All indicates that any function in the encoded scripts might be referenced by PHP reflection functions. While this approach is straightforward, it's not the most efficient. For more granular control, the Functions listed in file option can be used. This requires providing a file listing patterns that identify specific functions or sets of functions. Patterns must be one per line, and the following syntax can be used:
If reflection functions may be performed on parts of your code, it's advisable, when feasible, to use a file with patterns to pinpoint the relevant segments of your codebase. Dynamic and External KeysDynamic and External keys can be used to enhance the security of encoded files. A Dynamic key protects a PHP function and requires an expression to be evaluated before the function can be decoded and run. The result of this evaluation is then used in a decryption step by the ionCube Loader. An External key is separate from the encoded file but is crucial for its proper decoding and execution. For a detailed understanding of these features, refer to the External and Dynamic Keys chapter in the User Guide PDF. The main points are summarised below. Dynamic KeysDynamic keys are specified as comments directly above the function they protect. This comment has a format recognised by the Encoder, and may include a URL, variable name, or function name, along with the expected value. The screenshot at the start of this section provides an example. The Encoder utilises the expected value during the encryption of the function's bytecode. At runtime, the key's source must produce this exact value, or decryption will fail. A significant advantage of this approach is the absence of a decryption key within the encoded file. As this relies on comments in the source code, there are no specific project settings associated with this feature. Detection of Dynamic Keys During EncodingWhen a Dynamic Key is detected during encoding, the relevant information will be recorded in the Event Log. As illustrated in the image below, you can see an example of a dynamic key associated with the myfn function. External KeysAn External key is data separate from the encoded files, and is required for successful decoding of files encoded to use it. Such a key can either be a string value or the contents of a file. If you're using a file as the external key, this file is used by the Encoder during encoding. Additionally, guidance must be provided on how the ionCube Loader can determine the path to a file on the run-time server with identical content when executing the encoded files. External Keys ConfigurationThe run-time location options for the key include:
If a file on the system running the encoded files supplies the key during runtime, a local file with identical content must also be specified for use when encoding. Below are some examples illustrating how to configure an external key using each of the three supported methods.
|
Copyright 2002-2023 ionCube Ltd. All rights reserved.
|