This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
Are PHP short tags acceptable to use?
I'm just learning php and (been learning for about 6 months) and in a tutorial that I'm going through, it's using php shorthands, so when I looked it up on google, I came to this stack overflow question StackOverflow question where one of the popular answers says that shorthands are bad.
I know one of the following comments then suggest that it's not bad but I also remotely remember reading from a php book before that it's not always good to use them. So I'm a bit confused, are they bad or not?
It is generally a bad idea because of portability. All PHP configurations understand the <?php ?> tags, but not all are configured to use <? ?>.
Same thing goes for <? =$variable; ?> for printing.
They are not bad actually, but you can say that it's kinda a bit lazy sort of thing to do for a GOOD TECHNICAL programmer. Why I'm using this word "GOOD TECHNICAL" is because, since they know about the technicalities of PHP, then they should also know whether the shorthands will be of any use or not in the long run, whenever any adjustments is to be made regarding the fine tunings of the PHP Server.
But still, it's one of my views & may be it will not match with others' answers.
I personally never use them because I find it makes my code ugly, hard to read and harder to debug. I'm talking about shorthands like the one-line if statement.
Not every PHP configuration understands short open and ending tags, and not every programmer knows about shorthand notation so this might be a problem if you want to share code at some point. I wouldn't advise using it.
the code "<? ?>" depends on the "php.ini", you should change the state short open tag. While the code "<?php ?>" can run everytime everywhere, without any configuration.
I recommend you to use smarty template.It's perfectly easy to use. And code is beautiful.
Related
This question already has answers here:
encoding php scripts on fly [duplicate]
(4 answers)
Closed 9 months ago.
I have a PHP script,
for example
<?php
$name="Alfred";
echo $name;
?>
I used following script to encrypt,(by www.rightscripts.com/phpencode/index.php)
<?php
eval(gzinflate(str_rot13(base64_decode('encrypted code'))));
?>
But it only print "$name="Alfred";" and "Undefined variable $name".
What is the problem ? Is there any other solution ? Please help me ?
"Encoding" this way doesn't really protect you from anything.
The encoded PHP code is on the server, and so is the code that decodes it back to regular PHP.
If someone has sufficient access to your server that they can read your encoded PHP scripts, then it is almost certain that they also have sufficient access to read the decoder script. Which means your code isn't actually protected at all.
There are a number of obfuscators and encoders which can do what you want, but at the end of the day, all you're really doing to your code is slowing it down (eval() is a major performance killer, quite aside from its other issues).
A better solution might be to compile your code. There is a PHP compiler called HipHop which will do the trick for you. It's worth giving it a try.
Even with compiled code (in any language), it is still possible for someone who's determined to pull it apart and learn your secrets, but it'll be a lot harder than a simple encoded script, and also it should run faster than normal when compiled, compared with slower than normal when encoded, so you win both ways.
This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
What does this symbol mean in PHP <?=
Reference - What does this symbol mean in PHP?
In some coding I've found, I've seen the author use <?= and ?> in his code. I'm wondering if this is some fancy PHP or another language. I'm eager to know the answer as I would love to learn off of this code. I believe it could be the Fuel PHP framework but I am not sure as there is no documentation for it. Thanks.
An example of it's use:
<?=SITEROOT?>
They are called short tags, but you should avoid using it as much as you can, because the short tags can be set to Off and then your script wont work, so use <?php tags,
http://php.net/manual/en/ini.core.php
It's just an alternate way to write the <?php ?> tags, think of it as a synonym of <?php echo SITEROOT; ?>.
I believe it is a configuration item, some servers have it turned on, others don't; so it isn't 100% portable, other then that though, it is standard php functionality
I just inherited a website written in PHP to internationalize it... The problem is the code is not consistent. It has some functions that have strings inside echo and another pieces and in another functions the php is closed and html is presented the right way.
I was looking for a tool that could easy my job as much as possible. Retrieving as much strings as it could and defining (through defines) in another file.
I though about creating a script with regex functions to achieve this but if there was anything out there... I looked but couldn't find. Maybe I'm using wrong terms as I'm not English native.
Does anyone know a good way to do this?
If you are open to using gettext for I18N, then you can use xgettext: http://www.gnu.org/s/hello/manual/gettext/xgettext-Invocation.html
Here is a tutorial detailing how you can use it in PHP: http://www.phpdig.net/ref/rn26.html
This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
Are PHP short tags acceptable to use?
The <?= is one of the very few elegant things about PHP, IMO. Yet, there are people that deliberately avoid it (in favor of the much longer <?php echo). Why would they do that?
<?= is easier to use but some servers don't support short tags. Therefore, if you ever run into a server that doesn't support them, you need to replace all tags.
A more elaborate answer is already given: Are PHP short tags acceptable to use?
Because the feature isn't enabled by default in PHP, so if someone else uses the code who doesn't, the code breaks.
The problem is that not all servers support short tags
If you are developing an application for an controlled environment (for example, it will run only on your company server), then I don't see any problems with short tags
But, if it'll be a redistributable code, them you should open all tags explicitly <?php echo ?>
Many servers has got that <? "shortform" turned off.
The only sure way to have your php executed is using the <?php form. so you have to use <?php echo in code you're going to distribute or reuse.
Because by default servers aren't set up with php short-tag support, its something that needs to be toggled. if for some reason the server does not have short-tag support turned on, your code will error out. better to just add a couple characters, and aviod potential problems.
EDIT
search before posting: Are PHP short tags acceptable to use?
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 8 years ago.
Improve this question
I use Haxe to generate PHP code. (This means you write you code in the Haxe language and get a bunch of php files after compiling.) Today a customer told me that he needs a new feature on a old project made with Haxe. He also told me that he altered some small things on the code for his own needs. Now I first have port his changes to my Haxe code and then add the new feature, because otherwise his changes will be overwritten by the next time I compile the project.
To prevent that this happens again I am looking for some kind of program that minifies / obfuscates the PHP code. The goal is to make the code unreadable / uneditable as possible.
The ideal tool would run under Linux and could process whole folders and all it containing files.
Anybody any suggestions?
Why not use the php buid in function php_strip_whitespace()
string php_strip_whitespace ( string $filename )
Returns the PHP source code in filename with PHP comments and whitespace removed. This may be useful for determining the amount of actual code in your scripts compared with the amount of comments. This is similar to using php -w from the commandline.
I agree with the comment, what you are doing is very underhanded, but after 10 years in this biz I can attest to one thing: Half the code you get is so convoluted it might as well have been minified, and really function/var names are so often completely arbitrary, i've edited minified js and it wasn't much more of a hassle than some unminified code.
I couldn't find any such script/program, most likely because this is kind of against the PHP spirit and a bit underhanded, never the less.
First: Php isn't white space sensitive, so step one is to remove all newlines and whitespace outside of string.
That would make it difficult to mess with for the average tinkerer, an intermediate programmer would just find and replace all ;{} with $1\n or something to that effect.
The next step would be to get_defined_functions and save that array (The 'user' key in the returned array), you'll need to include all of the files to do this.
If it's oo code, you'll need get_defined_classes as well. Save that array.
Essentially, you need to get the variables, methods, and class instances, you'll have to instantiate the class and get_object_vars on it, and you can poke around and see that you can get alot of other info, like Constants and class vars etc.
Then you take those lists, loop through them, create a unique name for each thing, and then preg_replace, or str_replace that in all of the files.
Make sure you do this on a test copy, and see what errors you get.
Though, just to be clear, there is a special place in hell reserved for people who obfuscate for obfuscation's sake.
Check out: get_defined_functions get_declared_classes and just follow the links around to see what you can do.
We use Zend Guard to encode our PHP code with certain clients, but as Parrots said, you need to be sure you own the code. We only encode in certain situations, and only when it's explicit that we retain ownership of the code, otherwise Parrots is right, the client has a right to modify it.
I know of Zendguard, Expressionengine used it to encrypt their trial version's core code. You could always give that a go although you need to pay for it.
However, while I understand the frustration of having to port his changes, I assume they purchased the code from you? They have the right to modify it. You just have the right to charge them extra to port their changes ;) Imagine if you stopped working for them, how could they ever hire someone else to update the code?
Our PHP Obfuscator does exactly the the job of stripping comments, whitespaces, and scrambling identifiers.
It operates across a complete set of PHP files to ensure that scrambled symbols are scrambled
consistently across those files, ensuring correct operation even after scrambling.
EDIT 2013: Now encrypts string literals to make them unreadable. Operates under Windows, and on Linux under Wine.
You can try PHP Obfuscator or the bcompiler PHP extension.
I have just find minify-service for PHP. It's really looks usefull. They says, that obfuscating will be available soon. I hope this is true :)
http://customhost.com.ua/php-minify/