Can CakePHP code be obfuscated for protection?
Locked
 
|
Dear CakePHP gurus,
I have an upcoming project with a stingy customer who looks like the not-willing-to-pay-up type. My cakePHP code will be deposited to his web server for testing before payment. I want to obfuscate my code so that he cannot steal it and then find all sorts of excuses not to pay me. May I know if there is a way to obfuscate my cakePHP code such that someone who has access to the webserver and steals it will have trouble reading it? Thank you. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [hidden email] For more options, visit this group at http://groups.google.com/group/cake-php |
Re: Can CakePHP code be obfuscated for protection?
|
That's hard with PHP. Instead, why not host it somewhere else? Get your own domain name and cheap hosting package and put on a subdomain - cheapclient.myhostingpackage.com - and tell him that he can test there. If he likes it you'll move it to his server after testing, fixing and payment. It could be the best $20 you ever spent and will save you a bunch of hours trying to hide what is essentially open source code. Don't suggest this to the client, just tell him that's what you are going to do. If he baulks, stop working on the project immediately because your suspicions are right. I put this into each and every one of my contracts up front.
Jeremy Burns http://www.classoutfit.com On 6 Aug 2012, at 03:03:38, Lightee <[hidden email]> wrote: Dear CakePHP gurus, -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [hidden email] For more options, visit this group at http://groups.google.com/group/cake-php |
|
Well said, Jeremy. I'm putting your message in my "freelancing tips" notebook.
On Monday, August 6, 2012 11:30:37 AM UTC+8, Jeremy Burns wrote: -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [hidden email] For more options, visit this group at http://groups.google.com/group/cake-php |
Re: Can CakePHP code be obfuscated for protection?
|
|
Cool. I actually take payment in stages:
i) 5% before doing anything. ii) 15% to the end of definition (all the docs, plans, mockups etc) - this shows the client what he is going to get and removes any doubt about what the app will do, timescales etc. If done well, this can be the longest part of the process. iii) 20% to start coding. iv) 20% on delivery into test (in my own test environment). v) final balance on fixing issues (to the spec agreed in stage ii) and putting it live. If a client won't agree to this you are risking spending your time on a client who won't pay. In my experience, they all agree to this and sign a contract at outset. Jeremy Burns http://www.classoutfit.com On 6 Aug 2012, at 04:36:44, "OJ Tibi - @ojtibi" <[hidden email]> wrote: Well said, Jeremy. I'm putting your message in my "freelancing tips" notebook. Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [hidden email] For more options, visit this group at http://groups.google.com/group/cake-php |
|
|
Thanks for the suggestion. It is a good one. However, my project is divided into 2 phases. I still need to obfuscate the code so that there will be a 2nd phase. Otherwise, customer can steal the phase 1 code and do phase 2 himself. My boss negotiated the deal. I have no control over the terms.
Does anyone have a good suggestion on how to obfuscate the code for cakephp? Obfuscating code for php is simpler but doing it for cakephp may be a problem because of the naming conventions. I just need to obfuscate app folder. Any suggestion? Thank you. On Monday, August 6, 2012 11:56:35 AM UTC+8, Jeremy Burns wrote: -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [hidden email] For more options, visit this group at http://groups.google.com/group/cake-php |
Re: Can CakePHP code be obfuscated for protection?
|
In reply to this post by Lightee
On 06/08/12 03:03, Lightee wrote:
> Dear CakePHP gurus, > > I have an upcoming project with a stingy customer who looks like the > not-willing-to-pay-up type. My cakePHP code will be deposited to his > web server for testing before payment. I want to obfuscate my code so > that he cannot steal it and then find all sorts of excuses not to pay me. > > May I know if there is a way to obfuscate my cakePHP code such that > someone who has access to the webserver and steals it will have > trouble reading it? > > Thank you. > -- > Our newest site for the community: CakePHP Video Tutorials > http://tv.cakephp.org > Check out the new CakePHP Questions site http://ask.cakephp.org and > help others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > [hidden email] For more options, visit this > group at http://groups.google.com/group/cake-php all whitespace and comments from your code and replacing meaningful variable names with meaningless ones. https://github.com/kcampion/PHP-Compactor.git is a nice starting point and as an added bonus, the compacted script will obviously load a little faster. There are some heavy weight systems around like Zend Encoder but if you simply make it so that it will take the client just as long to untangle what you have written as it would have done to write it themselves then I would think they will be unlikely to steal it if the project is of a decent size. Steve. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [hidden email] For more options, visit this group at http://groups.google.com/group/cake-php |
Re: Can CakePHP code be obfuscated for protection?
|
|
I think sometimes you also have to let go and trust the client. So what if they do it themselves? Have faith in yourself; it's not just the code they are buying, it's also your ability to create and deliver that counts.
Jeremy Burns Class Outfit http://www.classoutfit.com On 7 Aug 2012, at 12:19:01, Steve Found <[hidden email]> wrote: > On 06/08/12 03:03, Lightee wrote: >> Dear CakePHP gurus, >> >> I have an upcoming project with a stingy customer who looks like the not-willing-to-pay-up type. My cakePHP code will be deposited to his web server for testing before payment. I want to obfuscate my code so that he cannot steal it and then find all sorts of excuses not to pay me. >> >> May I know if there is a way to obfuscate my cakePHP code such that someone who has access to the webserver and steals it will have trouble reading it? >> >> Thank you. >> -- >> Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org >> Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. >> >> >> To unsubscribe from this group, send email to >> [hidden email] For more options, visit this group at http://groups.google.com/group/cake-php > I would be tempted to go the usual javascript route and simply remove all whitespace and comments from your code and replacing meaningful variable names with meaningless ones. https://github.com/kcampion/PHP-Compactor.git is a nice starting point and as an added bonus, the compacted script will obviously load a little faster. > > There are some heavy weight systems around like Zend Encoder but if you simply make it so that it will take the client just as long to untangle what you have written as it would have done to write it themselves then I would think they will be unlikely to steal it if the project is of a decent size. > > Steve. > > > -- > Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > [hidden email] For more options, visit this group at http://groups.google.com/group/cake-php -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [hidden email] For more options, visit this group at http://groups.google.com/group/cake-php |
|
In reply to this post by Steve Found
For some of my Cake projects I use a "paid" software that work pretty well: "SourceCop".
The problem: There is an online decoder that can be found googling...it's an obfuscator no an encrypter.
2012/8/7 Steve Found <[hidden email]>
Christopher Castro. Analista Programador Senior PHP/MySQL Pamplona, EspaƱa quickappscms.org Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [hidden email] For more options, visit this group at http://groups.google.com/group/cake-php |
Re: Can CakePHP code be obfuscated for protection?
|
|
In reply to this post by Jeremy Burns | Class Outfit
Spot on sir. 99% of people are honest
... and to be fair, if they could have done it themselves, why would they have called you ? :) Steve. On 07/08/12 12:27, Jeremy Burns | Class Outfit wrote: > I think sometimes you also have to let go and trust the client. So what if they do it themselves? Have faith in yourself; it's not just the code they are buying, it's also your ability to create and deliver that counts. > > Jeremy Burns > Class Outfit > > http://www.classoutfit.com > > On 7 Aug 2012, at 12:19:01, Steve Found <[hidden email]> wrote: > >> On 06/08/12 03:03, Lightee wrote: >>> Dear CakePHP gurus, >>> >>> I have an upcoming project with a stingy customer who looks like the not-willing-to-pay-up type. My cakePHP code will be deposited to his web server for testing before payment. I want to obfuscate my code so that he cannot steal it and then find all sorts of excuses not to pay me. >>> >>> May I know if there is a way to obfuscate my cakePHP code such that someone who has access to the webserver and steals it will have trouble reading it? >>> >>> Thank you. >>> -- >>> Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org >>> Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. >>> >>> >>> To unsubscribe from this group, send email to >>> [hidden email] For more options, visit this group at http://groups.google.com/group/cake-php >> I would be tempted to go the usual javascript route and simply remove all whitespace and comments from your code and replacing meaningful variable names with meaningless ones. https://github.com/kcampion/PHP-Compactor.git is a nice starting point and as an added bonus, the compacted script will obviously load a little faster. >> >> There are some heavy weight systems around like Zend Encoder but if you simply make it so that it will take the client just as long to untangle what you have written as it would have done to write it themselves then I would think they will be unlikely to steal it if the project is of a decent size. >> >> Steve. >> >> >> -- >> Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. >> >> >> To unsubscribe from this group, send email to >> [hidden email] For more options, visit this group at http://groups.google.com/group/cake-php -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [hidden email] For more options, visit this group at http://groups.google.com/group/cake-php |
Re: Can CakePHP code be obfuscated for protection?
|
|
In reply to this post by Jeremy Burns | Class Outfit
This is superb way of doing it IMHO
Jeremy since by the time the get to the stage Lightee is now at
(iv) they have already paid 60% of the money even if they insisted
on having it on their own server.
If they decided to pull out then they would have a system that may well have issues but they would have probably have paid enough to make the code you have delivered theirs. We all know that the final 20% of the project (step v) takes the most time and effort on our part !!! Steve. On 06/08/12 04:56, Jeremy Burns | Class Outfit wrote: Cool. I actually take payment in stages: -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [hidden email] For more options, visit this group at http://groups.google.com/group/cake-php |
«
Return to CakePHP
|
1 view|%1 views
Loading...
| Powered by Nabble | Edit this page |