Hello sir/ma'am
My name is andre from Indonesia. I am a student of a university, and i'm doing my thesis.
I subscribe to this list to look for some help.
Oh by the way, my thesis is about PHP file encryption. So i need to decrypt the file when it's accessed and before any further processing.
I'm surely not as smart and experienced as all of you, so please be patient
Mr. Malyshev told me that i have 2 options
- Override the zend_compile function (he said that this one seems to be the easiest way)
- Use the PHP stream system (http://php.net/streams) to create filters that decrypt data on-the-fly.
So i decided to try the second option. But still i can't understand it well. The example i've read (http://php.net/streams) is not clear enough for me. I mean, how to make the filter itself, and how to use it? and can the filter automaticaly applied to every .php files?
And can anyone tell me where i must insert my codes if i want to override the zend_compile? I'm afraid that i don't have much time left, so if i can't use option 2, i will use option 1 instead.
Sorry if my english impolite or confusing. Thank you very much for your patience and help.
Andreas K Santoso wrote:
Hello sir/ma'am
My name is andre from Indonesia. I am a student of a university, and
i'm doing my thesis. I subscribe to this list to look for some help.
Oh by the way, my thesis is about PHP file encryption. So i need to
decrypt the file when it's accessed and before any further
processing. I'm surely not as smart and experienced as all of you, so
please be patientMr. Malyshev told me that i have 2 options 1. Override the
zend_compile function (he said that this one seems to be the easiest
way) 2. Use the PHP stream system (http://php.net/streams) to create
filters that decrypt data on-the-fly.So i decided to try the second option. But still i can't understand
it well. The example i've read (http://php.net/streams) is not clear
enough for me. I mean, how to make the filter itself, and how to use
it? and can the filter automaticaly applied to every .php files?And can anyone tell me where i must insert my codes if i want to
override the zend_compile? I'm afraid that i don't have much time
left, so if i can't use option 2, i will use option 1 instead.Sorry if my english impolite or confusing. Thank you very much for
your patience and help.
Hi Andreas,
For stream filters, check out the zlib and bz2 stream filters in
ext/zlib/zlib_filter.c and
ext/bz2/bz2_filter.c
The filter can't be automatically applied without overriding
zend_compile, but I still highly recommend you implement it as a stream
filter. Why? You can check for encryption on file inclusion and then
append the stream filter to the returned stream inside the
zend_file_handle, or disable this in php.ini and decrypt on a per-file
basis manually.
For an example of zend_compile() interception that does something
similar, look at the end of ext/phar/phar.c. In this case, phar's
zend_compile override checks for filenames containing '.phar' and
attempts to process them as a phar archive, creates a phar stream URL
and passes that to zend_stream_open_function to return a file_handle.
You could simply call zend_stream_open_function, and then read in the
first few bytes of the file handle in the modified zend_file_handle * to
determine if decryption is necessary, and then use code something like
this to append the filter and compile the file:
filter = php_stream_filter_create("my.encrypt", NULL,
php_stream_is_persistent(file_handle->handle.stream.handle) TSRMLS_CC);
php_stream_filter_append(&file_handle->handle.stream.handle->readfilters,
encrypt_filter);
return encrypt_orig_compile_file(file_handle, type TSRMLS_CC);
where encrypt_orig_compile_file is the saved value of zend_compile_file.
Greg