How to protect coding & database

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Deejam
    New Member
    • Apr 2007
    • 13

    How to protect coding & database

    hello,

    i am doing a web project.(Intran et Application)
    Is there any way to secure the coding and database, so that the project works only on his machine (i.e local server) ...

    Things i need:

    1. hiding the php/javascript coding part.
    2. hiding database structure and contents. (strictly database should be accessible only via project)

    3. copy & paste the project to other machine should not work..


    somewhat similar like window application, where the project exe is given to client

    PLEASE GUYS I NEED YOUR SUGGESTION ....
  • tolkienarda
    Contributor
    • Dec 2006
    • 316

    #2
    well php can't be viewed by users to a website. it is possible to put some protection on .js files but in the end no .js information is realy safe. as far as database information it seems like the hackers are always one step ahead but try to protect against basic injection by always using htmlspecialchar s() and addslashes() to data gotten from form fields.

    i hope this helps

    eric

    Comment

    • Deejam
      New Member
      • Apr 2007
      • 13

      #3
      tolkienarda thanks for your reply,

      here , i have to give the total project code to the client...
      need to know how to secure (coding and database) from copying to other company...

      Comment

      • sumaiya
        New Member
        • Apr 2007
        • 43

        #4
        I know the best way to hide php coding. You can use Zend encoder (http://www.zend.com/products/zend_guard). Zend encoder or guard hides the php code and can even create license like windows application. But the catch is it is not free and u need to have zend optimizer to run any application which is encoded by the zend encorder.

        But its worth the trouble.

        Comment

        • Atli
          Recognized Expert Expert
          • Nov 2006
          • 5062

          #5
          JavaScrip can never be completely hidden from client browsers.
          PHP will never be sent to browsers but can easilly be copied from the server.

          Databases however can be configured so that only local connections can be made, forcing anybody who wants to access it to do so from the server computer. MySQL for instance is configured like that by default.

          You could use the database to store the PHP code and have your index file read it from the database at runtime, which would make it impossible for anybody to see anything but the code you use to connect to the database, which is useless unless you have access to the server machine.

          Comment

          • Deejam
            New Member
            • Apr 2007
            • 13

            #6
            sumaiya and Atli thanks for your reply

            Comment

            Working...