How to encrypt HTML source code output using PHP

Question

I want to deter novice users from seeing the source code. I have a php code that generates a html page.

edit1: I came across a simple tool which encrypted html code into %C%D%F but which worked with the browser just fine.

Why the downvotes? It's a perfectly valid question. The fact that it can't be done is irrelevant. — Graeme Perrow
– Graeme Perrow, Commented May 14, 2010 at 13:34
@nc3b: Maybe he wants to deter himself from seeing the source code? :-) Darn that was funnier before you edited your comment! — Andy E
– Andy E, Commented May 14, 2010 at 13:36
Out of curiosity - what is so significant about your HTML that you want to encrypt it? — thetaiko
– thetaiko, Commented May 14, 2010 at 13:43
Trying to “protect” images is doomed from so many angles. Give up, or drive yourself completely crazy. — bobince
– bobince, Commented May 14, 2010 at 14:14
I seriously don't get the down votes for questions like this. WE know you can't hide your html or JavaScript but that is no reason to spank someone who does not yet know that. Just answer the question...or not...and move on. Now if he was posting a question about code that was obviously off topic or a "Do my work for me" question, that is another thing entirely. — Bradley Mountford
– Bradley Mountford, Commented May 14, 2010 at 14:28

Jeff · Accepted Answer · 2010-05-14 13:29:25Z

17

You can't encrypt the HTML output that is sent to your users. They wouldn't be able to load the web page if you did.

If you're concerned about them seeing the PHP code, you don't have to worry about that. They'll never see the PHP code - it's processed by the server and turned into HTML before sending to the client.

answered May 14, 2010 at 13:29

Jeff

21.9k6 gold badges54 silver badges55 bronze badges

Sign up to request clarification or add additional context in comments.

2 Comments

Pekka Over a year ago

+1 It's possible to obfuscate the HTML, but as there are no variables and functions to give obfuscated names, it's an excercise in futility and restored within seconds using a HTML formatter.

user244333 Over a year ago

I used the wrong word. It should be encoded instead of encryption.

Skywalker · Accepted Answer · 2012-12-19 03:54:56Z

7

While, as @Jeff said, you can't encrypt your HTML output, you can obfuscated it to make it more difficult for a human to understand. Here is a link to a free product that does just that.

edited Dec 19, 2012 at 3:54

answered May 14, 2010 at 13:36

Skywalker

4121 gold badge8 silver badges14 bronze badges

Comments

thetaiko · Accepted Answer · 2010-05-14 14:21:31Z

See: http://farhadi.ir/works/rc4

Two simple libraries allow you to encode in PHP and decode in Javascript. In your output simply set up the HTML skeleton and then run the decrypt with the key and encrypted string in a document.ready function and populate the <body> tag with the product of decryption.

Of course, this only works with Javascript enabled. Otherwise the use won't see anything useful. You're also passing your secret key in the clear which is fine since you're only trying to prevent "novice" users from accessing your source code. I also don't think it will really help you out that much in preventing someone from grabbing an image from your site. You're much better off working with .htaccess to do that. Check out http://bignosebird.com/apache/a13.shtml or Google

shanabus · Accepted Answer · 2010-05-14 13:30:17Z

1

I don't think you can encrypt HTML. It has to be interpreted by the client browser, it wouldn't work if you used a different language

answered May 14, 2010 at 13:30

shanabus

13.1k6 gold badges55 silver badges78 bronze badges

1 Comment

thetaiko Over a year ago

You can encrypt anything. I think you mean that browsers aren't set up to handle encrypted HTML

Sarfraz · Accepted Answer · 2010-05-14 13:28:31Z

0

You should use javascript's escape/unescape functions instead so that it is harder for humans to decipher but not the browser.

answered May 14, 2010 at 13:28

Sarfraz

384k81 gold badges561 silver badges613 bronze badges

Comments

Barrie Reader · Accepted Answer · 2010-05-14 13:33:49Z

0

You could be ultimately cheeky and use this: http://www.dynamicdrive.com/dynamicindex9/encrypter.htm

It basically encrypted your HTML code into a javascript document.write line.

Not really encryption, but will deter over half the people browsing the source.

Enjoi.

answered May 14, 2010 at 13:33

Barrie Reader

10.7k11 gold badges77 silver badges141 bronze badges

4 Comments

Andy E Over a year ago

It is ultimately cheeky because you're basically telling users with JavaScript disabled to FO.

nc3b Over a year ago

It is ultimately cheeky because HTML has to somehow get to the browser. Face it: if the user can see it, the user can see how it's made. Using javascript for that points out your site is not worth the click.

Barrie Reader Over a year ago

WoooOOOOooo now now, calm down you two... Some really agitated-prepubescent-angsty people on here today. sigh Chill you lot... It's simple impossible to encrypt HTML as the clients browser still has to interpret it.

thetaiko Over a year ago

You can not only prevent novice users from spending time on it, you can also prevent Google from spending time on it.

Collectives™ on Stack Overflow

How to encrypt HTML source code output using PHP

6 Answers 6

2 Comments

Comments

Comments

1 Comment

Comments

4 Comments

Linked

Hot Network Questions

Collectives™ on Stack Overflow

6 Answers 6

2 Comments

Comments

Comments

1 Comment

Comments

4 Comments

Linked

Related