5.6. ObfuscationThe Obfuscation tab in the Project Settings dialog is illustrated below: Some strings remain in the PHP bytecode stream after encoding. For example, local variable names are present after compilation. To prevent these strings from appearing in encoded files, the Encoder features an optional obfuscation processor that is used after the PHP source has been encoded to compiled bytecode. Obfuscation options
The checked boxes determine which aspects of the compiled PHP bytecode
will be obfuscated. Currently class and method names, line numbers,
global function names and local variable names can be obfuscated.
The Obfuscation key should contain a secret phrase to be used
when obfuscating strings. A random obfuscation key can be created by
clicking on the Generate random key button. The obfuscation
algorithm is a one way process that would require a brute force attack
and knowledge of the key to reverse.
Obfuscation exclusionsWhile it can be desirable to obfuscate names, it is sometimes necessary to prevent specific class, method and function names from being obfuscated. Such cases include elements in non-obfuscated code that are to be referenced from obfuscated code, elements in obfuscated scripts that are to be called by unencoded scripts, and functions in obfuscated code used as callbacks to builtin functions.
To specify these exceptions, a text file should be created with the
required elements. The text file can contain sections identified with
An example of an exclusion file is below:
Blank lines and text appearing after a Notes:
|
Copyright 2002-2023 ionCube Ltd. All rights reserved.
|