marre de vous faire piquer votre travail, même par les débutants?. voici une classe qui devrait vous aider à limiter les dégâts:
<?php
class phpEncryption {
public $compress=true; // Strip comments and whitespace
public $removeComments=true; // Strip comments (Automatically enabled when using $compress).
public $usebase64=true; // Base64 passover
private $globals=array(); // Global variables
private $classes=array(); // Class specific variables
private $functions=array(); // Function variables
private $vars=array(); // To keep up with various variables.
private $code=null;
private $tokens=null;
private $class=false;
private $funct=false; //
private $depth=0; // Keep track of how deep in curly brackets we are, so we can unset $class and $funct when needed.
private $algos;
private $reserved=array('$_GET','$_POST','$_REQUIRE','$_SERVER','$_ENV','$_SESSION','$_FILES');
public function __construct() {
if (!defined('T_ML_COMMENT')) define('T_ML_COMMENT',T_COMMENT);
$this->algos=hash_algos();
return $this;
}
public function loadFile($file) {
if (file_exists($file)) $this->code=file_get_contents($file);
return $this->tokenize();
}
public function getEncryptedDatas($text=null) {
if (empty($text)) return $this->code;
$this->code=$text;
return $this->tokenize();
}
public function save($file) {
if (!empty($this->code)) if (@file_put_contents($file,$this->code,LOCK_EX)) return true;
return false;
}
private function randomString() {
$number=round((mt_rand(1,mt_rand(1000,10000))*mt_rand(1,10))/mt_rand(1,10));
if (!empty($this->algos)) $algo=$this->algos[mt_rand(0,(count($this->algos)-1))];
$hash=hash($algo,$number);
return $hash;
}
private function encode($tmp) {
if ($this->compress) $tmp=preg_replace('/\n\t\s]+/',' ',$tmp);
$tmp=preg_replace('/^\<\?(php)*/','',$tmp);
$tmp=preg_replace('/\?\>$/','',$tmp);
$tmp=str_replace(array('\"','$','"'),array('\\\"','\$','\"'),$tmp);
$tmp=trim($tmp);
if ($this->usebase64) {
$tmp=base64_encode("$tmp");
$tmp="<?php \$code=base64_decode(\"$tmp\"); eval(\"return eval(\\\"\$code\\\");\") ?>\n";
} else $tmp="<?php eval(eval(\"$tmp\")); ?>\n";
$this->code=$tmp;
}
private function encodeString($text) {
for ($i=0;$i<=strlen($text)-1;$i++) {
$chr=ord(substr($text,$i,1));
if ($chr==32||$chr==34||$chr==39) $tmp]=chr($chr); // Space, leave it alone.
elseif ($chr==92&&preg_match('/\\\(n|t|r|s)/',substr($text,$i,2))) {
// New line, leave it alone, and add the next char with it.
$tmp]=substr($text,$i,2);
$i++; // Skip the next character.
}
else $tmp]='\x'.strtoupper(base_convert($chr,10,16));
}
if (!empty($tmp)) $text=implode('',$tmp);
return $text;
}
private function createVar($var,$function=null,$class=null) {
while (empty($string)) {
$string="\$_{$this->randomString()}";
if (empty($function)&&empty($class)) {
if (!empty($this->globals$var])) return $this->globals$var];
else {
if (in_array($string,$this->globals)) $string=null;
else $this->globals$var]=$string;
}
}
elseif (!empty($function)&&empty($class)) {
if (!empty($this->functions$var])) return $this->functions$var];
else {
if (in_array($string,$this->functions)) $string=null;
else $this->functions$var]=$string;
}
}
elseif (!empty($function)&&!empty($class)) {
if (!empty($this->classes$class]'functions']$function]$var])) return $this->classes$class]'functions']$function]$var];
else {
if (!empty($this->classes$class]'functions']$function])&&in_array($string,$this->classes$class]'functions']$function])) $string=null;
else $this->classes$class]'functions']$function]$var]=$string;
}
}
elseif (empty($function)&&!empty($class)) {
if (!empty($this->classes$class]'globals']$var])) return $this->classes$class]'globals']$var];
else {
if (!empty($this->classes$class]'globals'])&&in_array($string,$this->classes$class]'globals'])) $string=null;
else $this->classes$class]'globals']$var]=$string;
}
}
}
return $string;
}
public function computeDatas() {
if (empty($this->tokens)) return false;
foreach ($this->tokens as $tokenkey=>&$token) {
if (is_array($token)) {
switch ($token[0]) {
case T_FUNCTION:
if ($this->tokens$tokenkey-2][0]==T_VARIABLE) $this->funct=$this->tokens$tokenkey-2][1];
elseif ($this->tokens$tokenkey+2][0]==T_STRING) $this->funct=$this->tokens$tokenkey+2][1];
break;
case T_CLASS:
$this->class=$this->tokens$tokenkey+2][1];
break;
case T_VARIABLE:
if ($token[1]=='$this') break; // Absolutely skip $this.
if (in_array($token[1],$this->reserved)) {
// Skip renaming anything that should be ignored, but encode it so that it's not in plaintext.
$token[1]="\${$this->encodeString(substr($token[1],1))}";
break;
}
if (!empty($this->tokens$tokenkey-1][1])&&$this->tokens$tokenkey-1][0]==T_DOUBLE_COLON) break; // Static class variable. Don't touch it.
if (!empty($this->tokens$tokenkey-2][1])&&$this->tokens$tokenkey-2][0]==T_GLOBAL) {
if ($this->funct)
if ($this->class) $token[1]=$this->vars'classes']$this->class]$this->funct]$token[1]]=$this->createVar($token[1]);
else $token[1]=$this->vars'functions']$this->funct]$token[1]]=$this->createVar($token[1]);
elseif ($this->class) die("\nPHP syntax error found. Exiting.\n");
}
elseif ($this->funct) {
if ($this->class) {
if (!empty($this->vars'classes']$this->class]$this->funct]$token[1]])) $token[1]=$this->vars'classes']$this->class]$this->funct]$token[1]];
else $token[1]=$this->createVar($token[1],$this->funct,$this->class);
}
else {
if (!empty($this->vars'functions']$this->funct]$token[1]])) $token[1]=$this->vars'functions']$this->funct]$token[1]];
else $token[1]=$this->createVar($token[1],$this->funct);
}
}
elseif ($this->class) {
$token[1]=$this->createVar($token[1],null,$this->class);
}
else {
$token[1]=$this->createVar($token[1]);
}
break;
case T_OBJECT_OPERATOR:
if ($this->tokens$tokenkey-1][1]=='$this'&&$this->funct&&$this->class) {
$this->tokens$tokenkey-1][1]='$'.$this->encodeString('this');
if ($this->tokens$tokenkey+2]=='('); // Function, encode $this and leave it alone.
else $this->tokens$tokenkey+1][1]=substr($this->createVar("\${$this->tokens$tokenkey+1][1]}",null,$this->class),1);
} else die("\nPHP syntax error found: \$this referenced outside of a class.\n");
break;
case T_DOUBLE_COLON:
if ($this->tokens$tokenkey-1][1]=='$this') {
if ($this->funct&&$this->class) {
$this->tokens$tokenkey-1][1]='$'.$this->encodeString('this');
if ($this->tokens$tokenkey+2]=='('); // Function, leave it alone.
else $this->tokens$tokenkey+1][1]=$this->createVar($this->tokens$tokenkey+1][1],null,$this->class);
} else die("\nPHP syntax error found: \$this referenced outside of a class.\n");
} else {
if ($this->tokens$tokenkey+2]=='('); // Function, leave it alone.
else $this->tokens$tokenkey+1][1]=$this->createVar($this->tokens$tokenkey+1][1],null,$this->tokens$tokenkey-1][1]);
}
break;
case T_COMMENT:
case T_DOC_COMMENT:
case T_ML_COMMENT: // Will be equal to T_COMMENT if not in PHP 4.
if ($this->removeComments||$this->compress) $token[1]='';
break;
case T_START_HEREDOC:
// Automatically turn whitespace stripping off, because formatting needs to stay the same.
$this->compress=false;
break;
case T_END_HEREDOC:
$token[1]="\n{$token[1]}";
break;
case T_CURLY_OPEN:
case T_DOLLAR_OPEN_CURLY_BRACES:
case T_STRING_VARNAME:
if ($this->funct) $this->depth++;
break;
}
} else {
switch ($token) {
case '{':
if ($this->funct) $this->depth++;
break;
case '}':
$this->depth--;
if ($this->depth<0) $this->depth=0;
if ($this->funct&&$this->depth==0) {
$functions=array(); // Empty function variables array
$this->vars'functions']=array(); // Empty any temp variables
$this->funct=false;
}
elseif ($this->class&&$this->depth==0) {
$this->vars'classes']=array(); // Empty any temp variables
$this->class=false;
}
break;
}
}
}
$this->detokenize();
return $this;
}
private function tokenize() {
if (empty($this->code)) return false;
$this->tokens=token_get_all($this->code);
return $this;
}
private function detokenize() {
if (empty($this->tokens)) return; // No tokens to parse. Exit.
foreach ($this->tokens as &$token) {
if (is_array($token)) {
switch ($token[0]) {
// Looks like overkill, but helpful when extending to encode certain things differently.
case T_INCLUDE:
case T_INCLUDE_ONCE:
case T_REQUIRE:
case T_REQUIRE_ONCE:
case T_STATIC:
case T_PUBLIC:
case T_PRIVATE:
case T_PROTECTED:
case T_FUNCTION:
case T_CLASS:
case T_EXTENDS:
case T_GLOBAL:
case T_NEW:
case T_ECHO:
case T_DO:
case T_WHILE:
case T_SWITCH:
case T_CASE:
case T_BREAK:
case T_CONTINUE:
case T_ENDSWITCH:
case T_CONST:
case T_DECLARE:
case T_ENDDECLARE:
case T_FOR:
case T_ENDFOR:
case T_FOREACH:
case T_ENDFOREACH:
case T_IF:
case T_ENDIF:
case T_RETURN:
case T_UNSET:
case T_EXIT:
case T_VAR:
case T_STRING:
case T_ENCAPSED_AND_WHITESPACE:
case T_CONSTANT_ENCAPSED_STRING:
$token[1]=$this->encodeString($token[1]);
break;
}
$tmp]=$token[1];
}
else $tmp]=$token;
}
$tmp=implode('',$tmp);
$this->encode($tmp);
}
}pour son utilisation, rien de bien compliqué:
// Create a new phpEncryption class instance.
$packer=new phpEncryption();
//$packer->compress=false; // désactiver la suppression des espaces.
//$packer->removeComments=false; // désactiver la suppression des commentaire (default: true.)
//$packer->usebase64=false; // désactiver l'encodage base64.
/*
* METHODE 1
*
*/
// on charge le fichier.
$packer->loadFile('file_to_encrypt.php');
// on le crypte
$packer->computeDatas();
// afficher le code.
echo $packer->getEncryptedDatas(); //(clic droit souris -> afficher code source) pour voir le resultat
// ou enregistrer dans un fichier
if ($packer->save('encrypted_file.php')) echo "Saved file.\n";
/*
* AUTRE METHODE
* vous pouvez enchainer les commandes en une seule.
*/
// afficher le code source
echo $packer->loadFile('ini.php')->computeDatas()->getEncryptedDatas();
// sauvegarder dans un fichier
$packer->loadFile('file_to_encrypt.php')->computeDatas()->save('encrypted_file.php');
2 réponses
exemple de sortie:
<?php
$code=base64_decode("XHg2M1x4NkNceDYxXHg3M1x4NzMgXHg0M1x4NjFceDYzXHg2OFx4NjUgeyBceDcwXHg3Mlx4NjlceDc2XHg2MVx4NzRceDY1IFwkXzNjOTAyNTJiNjkyMTVhYTQ5NjExM2JlN2MzOTgwOTMxOyBceDcwXHg3Mlx4NjlceDc2XHg2MVx4NzRceDY1IFwkXzA4MzI4ZjA3YjRlYjdiZTIgPSBceDQzXHg0MVx4NDNceDQ4XHg0NVx4NTBceDQxXHg1NFx4NDg7IFx4NzBceDcyXHg2OVx4NzZceDYxXHg3NFx4NjUgXCRfNzQ0YjkzZjk5NTBmYzM4ZGFkNzA1NTU2OTMxZWE0ODE5M2I5OWRjYjE5MWNjOWJkNzcwOTdmNjVmYmUyZjBiODsgXHg3MFx4NzVceDYE5NGFhMjZiOGY5ZTY2Y2FhOTkwM2MwODMyNzQ4MmJkNSwgXCRfYWU3NTY5ZTRiNmQzMzE5YmYxYWI4MTNhNjYwZTU0Y2EzOGU1NzUwNjA0MDhmZDU3OGM4YTFiOTQ5MTJkNGIwOTRhYTM2NjU3ZDk1MzA3MDMsIFx4NENceDRGXHg0M1x4NEJceDVGXHg0NVx4NTgpKSB0aHJvdyBceDZFXHg2NVx4NzcgXHg0OVx4NzJceDY5XHg3Nlx4NjVceDZFXHg0NVx4NzhceDYzXHg2NVx4NzBceDc0XHg2OVx4NkZceDZFKCdceDQzXHg2MVx4NkVceDVDJ1x4NzQgXHg2M1x4NzJceDY1XHg2MVx4NzRceDY1IFx4MkVceDY4XHg3NFx4NjFceDYzXHg2M1x4NjVceDczXHg3MycsX19DTEFTU19fLF9fTUVUSE9EX18pOyB9IH0gfQ=="); eval("return eval(\"$code\");") ?>