code security?

Status
Not open for further replies.
M

max1212

New Member
Messages
17
Reaction score
0
Points
0
Hey all,
how are you doing out there? :biggrin:

I'm looking for some help with security like...
...some kind of javascript encryption or some thing like that.
I did some reading online, some people seem to think that it's not possible
but when I look at the work online I can see some thing going on that looks like encryption.

This one is not my work...
Super Mario Bros in 14kB Javascript
...if you look at the script for this game under 'view page source' you get code that looks like this...

~C_ +�"�+
link

now thats got to be encryption!!
How can I wright like this? can any body out there drop me a good link or maybe some advice?
Thanks Max

---------------Edit
o wait, maybe I'm using the wrong words here. It could be a 'filter' I'm looking for and not 'encryption'.

Does x10 have any filters like this...
quote: "When the client attempts to access a JavaScript file on the server.....access denied." link
 
Last edited:
galaxyAbstractor

galaxyAbstractor

Community Advocate
Community Support
Messages
5,508
Reaction score
35
Points
48
That is not possible, as the JS is executed clientside, and not on the server. You could base64 encode and decode it, but base64 is easy to decode, so it's quite useless
 
M

max1212

New Member
Messages
17
Reaction score
0
Points
0
Ok, thanks vigge_sWe.
Maybe I need something else, how about PHP? Does PHP have good security?

maybe I could pass some numbers over to a PHP file ...hmm...
there must be some why that the big games are doing it, like travian, thats just javascript and PHP.
 
Twinkie

Twinkie

Banned
Messages
1,389
Reaction score
12
Points
0
You cannot encode it (as viggy explains). That means that you cannot make it impossible to read, but you can make it extremely difficult. Look into a method called obfustication, which renamed all the variables, functions, etc, and compresses it to make it close to unreadable. However, this will not stop a skilled programmer from looking into your code.

PHP does not require protection because what is returned to the client side is pure HTML. No one can steal a PHP page just by loading it. Now if you are distributing PHP applications and want to protect it, you can do one of a few things:

1) obfustication - not secure, explained above.
2) encrypt - certain but not most servers support encrytion. This is not viable as you should be writting for the largest audience.
3) PHP archive - puts your php files in a read only archive, ideal for distributing. However, this is not secure and malicious users can compile PHP to extract these archives.

Protection is not important unless you have a script to protect. You only need to protect a script if you are planning to distribute a script to other people, and don't want them reading it (closed source). This is ideal for companies like vBulletin who want to protect their software from piracy. Otherwise, there is no use for software protection.
 
Last edited:
galaxyAbstractor

galaxyAbstractor

Community Advocate
Community Support
Messages
5,508
Reaction score
35
Points
48
Twinkie said:
You cannot encode it (as viggy explains). That means that you cannot make it impossible to read, but you can make it extremely difficult. Look into a method called obfustication, which renamed all the variables, functions, etc, and compresses it to make it close to unreadable. However, this will not stop a skilled programmer from looking into your code.

PHP does not require protection because what is returned to the client side is pure HTML. No one can steal a PHP page just by loading it. Now if you are distributing PHP applications and want to protect it, you can do one of a few things:

1) obfustication - not secure, explained above.
2) encrypt - certain but not most servers support encrytion. This is not viable as you should be writting for the largest audience.
3) PHP archive - puts your php files in a read only archive, ideal for distributing. However, this is not secure and malicious users can compile PHP to extract these archives.

Protection is not important unless you have a script to protect. You only need to protect a script if you are planning to distribute a script to other people, and don't want them reading it (closed source). This is ideal for companies like vBulletin who want to protect their software from piracy. Otherwise, there is no use for software protection.
Click to expand...

What about Zend? I've seen files, that when you open it, it just says Zend
 
Twinkie

Twinkie

Banned
Messages
1,389
Reaction score
12
Points
0
Zend encryption is what I was referring to. It is not supported on many hosts, so it is not much of a viable option if your audience is most people.
 
M

max1212

New Member
Messages
17
Reaction score
0
Points
0
Thanks Twinkie, thanks Vigge.
I'll go read up about obfustication.
This protection thing is new to me and even if I don't end up using it I'm still having fun learning.

peace, M
 
Status
Not open for further replies.
Top