hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Programming Discussion : What about ZEND --- PHP Encoding
Reply

Forum Jump

What about ZEND --- PHP Encoding

Reply Post New Thread In Programming Discussion Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 09-03-2002, 06:38 PM
cyberhussein cyberhussein is offline
New Member
 
Join Date: Sep 2002
Posts: 2
*

What about ZEND --- PHP Encoding


Hey how are you all ...
I'm wondering about the ZEND encoder for PHP code.
Q1--- Is it secure enough or can anyone find a crack to its encoding mechanism and reverse engineer it to get the original code??

Q2--- Another question is, won't the performance of the web application get affected performance wise by using the intermediate layer which is ZEND-Optimizer which has got the functionality of DE-coding the PHP code..???

If anyone can genoursly tell me his opinion about these 2 questions I'll be so grateful to him.. Thanks for your help...


You Know.. Sometimes you really feel that your code must be encoded to prevent your client from RE-selling or RE-using your application...



Sponsored Links
  #2  
Old 09-04-2002, 08:55 AM
leeb leeb is offline
Junior Guru Wannabe
 
Join Date: Aug 2002
Location: Wilmington, NC
Posts: 34
I just created a tread about other encoders besides Zend, I have read some postings in this forum about Zend's optimz. I also think some of the PHP programers beleive everthing needs to be free so they can modify your work.

I have found that we allowed customers to edit the code then there back asking us to fix what they break. If you encode it they can't play or breal it.

These are my thoughts on encoding.

Thanks for listening
LeeB

__________________
Lee B. Remsnyder, Jr.
http://www.ServNetix.com
Providing Billing, Marketing and Customer Care Solutions

  #3  
Old 09-04-2002, 09:50 AM
cyberhussein cyberhussein is offline
New Member
 
Join Date: Sep 2002
Posts: 2
Smile Thanks LeeB

Thank you very much for your reply ,,, But about the performance will it make a difference... I mean it will affect the performnce adversely.... And if you can give the name of the PHP encoding thread I will be thankful..... Thanks Again..

Sponsored Links
  #4  
Old 09-04-2002, 04:24 PM
The Prohacker The Prohacker is offline
iNET Interactive
 
Join Date: May 2001
Location: Dayton, Ohio
Posts: 4,894
Actually encoding can help speed scripts up...

Since all white space and comments are stripped during the encoding proccess, PHP doesn't have todo that...

As I remember an unencoded script still goes though an encode, so if it is already encoded it just skips it...


There is a nice PHP encoding system, that is low cost, and works much like Zend Encoder...
http://www.ioncube.com/encoder/

The author is very helpful...

__________________
-Mat

  #5  
Old 09-04-2002, 11:27 PM
Ahmad Ahmad is offline
Web Hosting Master
 
Join Date: Jan 2002
Location: Kuwait
Posts: 679
PHP files are first compiled (in memory) and then executed. Starting from PHP4, this process is actually done twice (two pass compiler). This allows some features like calling functions that are defined later in the source file.

This process takes some times, and the script is only executed after this has been done.

Zend Cache makes use of this by storing the PHP data in the format and only executing the script from the already compiled, in-memory version.

Zend Optimizer does this step, and instead of executing the file, it prints the in-memroy information in a yet another source format (binary format). This binary format is optimized for fast re-construction of the in-memory format. It is more like un-packing than parsing. So far, the files are executed faster.

According to what I heared, the files are also encrypted. Now I'm not sure if this is true or not, but if it was true, then I can't say that the overhead of decrypting the files before reading them will equalize the overhead of parsing the files. I doubt it, I think it will make them slower.

The only to tell, in that case, is to do your own benchmarking.

You can also contact Zend about weather or not they encrypt the binary format files.

If they were encrypted, then I must say that it's nothing but a big waste of resources and false security.

__________________
Ahmad Alhashemi
PHP, Apache, C, Python, Perl, SQL
18 related BrainBench certificates

  #6  
Old 09-13-2002, 06:59 PM
phpa phpa is offline
Aspiring Evangelist
 
Join Date: Mar 2002
Location: London & Kent, UK
Posts: 364
Thanks to prohacker for mention the ionCube encoder. Like Zend, the ionCube encoder encodes compiled code. This is the key to security and performance. Because code is compiled before it's even encoded (we use the same technology developed for PHPA, so it's reliable, proven and efficient), you get great security because code is never restored to source for execution. You get performance because the compilation process is eliminated (remember, it already happened when you encoded) Performance wise, the ionCube encoded files tend to be faster than the original source. The encoder also contains an optimiser developed for PHPA, and so the compiled code is a bit more efficient than from the PHP compiler without code optimisation.

Because Zend and ionCube use server extensions rather than modified php engines or modules, you get safe mode compatibility if that's important to you. You can also install both the Zend Optimiser and the ionCube Loader on the same server, so you could execute a mix of zend encoded or ionCube encoded files. The ionCube encoder has two other advantages. It's compatible with PHP Accelerator, and provided that safe mode isn't used, it can be installed outside of the server (i.e. you make no changes to the server config at all). In this case, the loader is installed by the encoded scripts themselves on the fly.

__________________
Protection for PHP scripts - ionCube PHP Encoder
Create Web Application Installers - ionCube Package Foundry

  #7  
Old 09-15-2002, 10:47 PM
drsenay drsenay is offline
New Member
 
Join Date: Sep 2002
Posts: 2
Zend Encoder (from Zend) is a fabulous tool! I've been using it now for about 4 months and here are some answers to many of the questions above:

While given time, resources and desire just about ANYTHING can be cracked, applications/code encoded with the Zend Encoder is simply too expensive to break into. In short it is functionally and operationally hacker proof simply because the time and energy to crack it would make the effort SO EXPENSIVE folks would give up in short order...

Files are compiled in a literal sense, they are put through the same engine as to run un-encoded files but the internal memory ONLY format is saved, this cuts steps when you run it, cuts code size in the saved files, and speeds execution.

Files are also encrypted, meaning even if you break the encryption (not very likely) you'd still only have raw object code that can't be turned back into source code (much like and MD5 hash...) even if you really wanted to...

So, YES the results are FASTER, SMALLER (sometimes QUITE a bit smaller) and for all intents and purposes crack proof! Well worth the money IMHO...

Scott...

  #8  
Old 09-15-2002, 11:55 PM
MarlboroMan MarlboroMan is offline
WHT Addict
 
Join Date: Apr 2002
Location: Cornfield
Posts: 131
Is there a licesnse cost associated with the ionCube encoder? If so, is it comparable to/less than the license fee for the Zend Encoder?

__________________
Fire extinguisher extraordinare
-------------------------------
FastServers.Net NOC Admin

  #9  
Old 09-20-2002, 04:03 AM
phpa phpa is offline
Aspiring Evangelist
 
Join Date: Mar 2002
Location: London & Kent, UK
Posts: 364
Thumbs up

Quote:
Is there a licesnse cost associated with the ionCube encoder? If so, is it comparable to/less than the license fee for the Zend Encoder?
Not in the way there is for Zend. In fact you are buying licenses and not the product with ionCube, but the bottom line is that for $349, you get the same encoding technology as Zend (we both encode compiled. optimised code, giving great performance and security), and 4 licenses that never expire. So you can run the encoder on up to four machines of your choice, although it's suggested to keep 2 licenses as spares. The product is largely the same as Zend feature wise, and actually possibly better and with more attention to detail, and certainly much cheaper. I've been told by people evaluating both that Zend also have problems with handling _FILE_ correctly in some cases, and ionCube encoder works just fine. In tests, encoded files tend to execute faster than unencoded files, but performance may vary.

Encoded files can of course run anywhere, and provided that a host doesn't use safe mode, if necessary can run without php.ini edits or a server restart as the loader can be installed as an extension or loaded on demand. A feature missing in Zends product. You can also install the loader with Zend Optimiser if you have to, or with PHP Accelerator if you're after the same acceleration for unencoded files as Zend Cache but without the price tag; PHPA is free

Hope the info is helpful. Good luck!

  #10  
Old 05-03-2003, 06:04 PM
eyckzo eyckzo is offline
Junior Guru Wannabe
 
Join Date: Oct 2002
Location: Pawtucket, RI USA
Posts: 30
I have been using ionCube for awhile now and I love it. It DOES speed up my scritps and.. It just rocks, well worth the $349.

And 100x better than SourceGuardian since I am able to decode SourceGuardian files.

Reply

Related posts from TheWhir.com
Title Type Date Posted
Verizon To Acquire CDN EdgeCast Networks Web Hosting News 2013-12-09 16:03:44
The Fiber Optic Build Out and its Impact on Hosting Web Applications Web Hosting News 2013-07-31 10:22:07
Amazon Web Services Adds New EC2 Instances, Doubles IOPS for EBS Storage Volumes Web Hosting News 2012-11-02 16:46:48


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?