SECURITY: PHP Encoding?

**Baby Boy** · 06-21-06, 11:05 PM

I was just wondering, many people worry over the so-called "open-source software" debate of it being easier to hack and access. Well, I was thinking (as I was looking over some osCommerce contributions as I've always had a goal of modifying a osCommerce with 50-60 contributions that would be useful to all stores... including admin panel re-design, re-designed default template and gift certificate and RMA addons and a ton of other things) as is, meaning that I'd release it with no support or anything... but knowing it would be bugless and if not then maybe could be ironed out by something else.

The only thing I was wondering was the open-source things, would it make people feel like their store is more safer from problems if the source code was ENCODED (like maybe the core of it, the functions.php file to keep from problems.) Is PHP encoding at all effective against it being opposed as an open-source problem.

**Max** · 06-21-06, 11:51 PM

Well, generally speaking, encoding the software will attract less hackers because of the obvious fact that the software will be harder to hack. Many of the common encoders can be decoded anyway.

As far as I know, your idea has already been done (http://www.zen-cart.com/).

**Baby Boy** · 06-22-06, 12:06 AM

Yeah, true, but Zen-Cart sometimes fails in the heat of the moment. Plus the only idea they took was the re-design, its all still osCommerce and such so yeah.

The number one rule is to ALWAYS ALWAYS ALWAYS keep a backup copy of the actual source code. Even though it is decodable, there are multiple things you can do to keep from such things. Isn't there a such thing as suing them for decoding your software by copyrighting the encoded software or something?