If you are among the ones who give away free self written php scripts to everybody but want some way to stop script kiddies and newbies just copy-pasting and modifying your script or you just dont want code newbies to know the original code then this post is probably for you. The trick is to encode your php code as a string and then parse the encoded string as php code after decoding it. This trick is very commonly usede by developers. Though this trick cannot stop code copying but can discourage the viewer to a certain extent to copy the code.
Here is how to do it:
- Encode your code as string using any encoding method/functions . the most commonly used is base64_encode. You can even use Dynamicguru’s Online base 64 encoder and decoder to instantly convert your code to base64 format
- In your script file, decode the generated string using base64_decode function and assign it to a variable
- Now call the function eval() passing your decoded string as argument and you are done!
Example :
Consider the following piece of code :
<?php
echo "hello world";
?>
Now suppose you want to disguise the code and make it look un-interpretable , Encode it using our Online base 64 encoder and decoder . here is what the code looks like after encoding :
PD9waHANCmVjaG8gXCJoZWxsbyB3b3JsZFwiOw0KPz4=
//Amazing isnt it?
Now call the eval() function :
eval(base64_decode("PD9waHANCmVjaG8gXCJoZWxsbyB3b3JsZFwiOw0KPz4= "));
//the above code is equal to :
<?php
echo "hello world";
?>
//!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Note
This trick should not be used if you want to completely disguise your code, as anybody can go a step further and decode it using base64_decode function.
The eval fucntion evaluates a string as a php code and is of immense help in situations where you want a piece of code to be stored in a file / database and executed at a later time
hope you enjoyed the post and learnt something new and useful 
The most common use of php on the internet is probably to make Contact Forms or mail forms . Here is a free php contact form script that takes input from 5 fields : name,email,url,subject and message. The script also validates the input and checks to see if the name , email and message fields are filled out properly and also checks if the email address provided is valid. the script then sends a mail to the administrator containing the message and the visitor info and also writes (appends) the input to a “contact.log” file . The script is quiet easy to understand and edit as it is commented and well written. Just place the following code in a “contact.php” file and change the value of $admin_mail to your email id. You can style the form to your taste using css.
<?php
error_reporting(0);
//Replace with your email ID
$admin_mail="mujtaba_91@yahoo.com";
if (isset($_POST[‘button’])) {
$date=date(‘l dS \of F Y h:i A e’);
$name=htmlentities($_POST[‘name’]);
$email=htmlentities($_POST[‘email’]);
$url=htmlentities($_POST[‘url’]);
$subject=htmlentities($_POST[’subject’]);
$message=htmlentities(stripslashes($_POST[‘message’]));
//Form Validation
$errors="";
if(empty($name)) {
$errors.="Please enter your name <br />";
}
if(empty($email) || !strpos($email, "@") || !strpos($email, ".")) {
$errors.="Please enter a valid email ID <br />";
}
if(empty($message)) {
$errors.="Please enter a message <br />";
}
if(!empty($url) && !strpos($url,"http://")) {
$url="http://".$url;
}
//Building mail if the input is valid
if ($errors=="") {
$mail_subject="Message from :".$email;
//Required for html formatted mail, do not remove
$headers = ‘MIME-Version: 1.0′ . "\r\n";
//Required for html formatted mail, do not remove
$headers .= ‘Content-type: text/html; charset=iso-8859-1′ . "\r\n";
$headers .= "To: Admin <".$admin_mail.">" . "\r\n";
$headers .= "From: ".$name." <".$email.">" . "\r\n";
//The mail
$mail_message="
<html>
<head>
<title> Message from ".$name." </title>
</head>
<body>
<b>Name</b> :<br /> $name <br />
<b>Email</b> :<br /> $email <br />
<b>URL</b> :<br /> <a href=\"$url\">$url</a> <br />
<b>IP Address</b> : <br/>
".$_SERVER[‘REMOTE_ADDR’]." <br />
<b>Date and Time</b> : <br />
$date <br />
<b>Message</b> :<br/> ".nl2br($message)."
</body>
</html>";
if(mail($admin_mail,$mail_subject,$mail_message,$headers)) {
$status="Mail Sent Successfully";
//echo "<div class=’success’>$status</div>";
}
else {
$status="Mail Failed to Send";
//echo "<div class=’error’>$status</div>";
}
//Logging the message to a file
$file="contact.log";
$log_message="
Name : $name\r\n
Email : $email\r\n
URL: $url\r\n
Subject: $subject\r\n
Time: $date\r\n
IP Address: ".$_SERVER[‘REMOTE_ADDR’]."\r\n
Message:
$message\r\n
Mailing Status: $status\r\n
_______________________________________________________________________\r\n
";
$fh=fopen($file,"a+");
fwrite($fh,$log_message);
fclose($fh);
echo "Thanx! i will get back to you soon";
}
else {
echo $errors;
}
}
else {
echo "
<form action=\"contact.php\" method=\"post\" id="myform" >
<input type=\"text\" name=\"name\" /> Name <br />
<input type=\"text\" name=\"email\" /> Email <br />
<input type=\"text\" name=\"url\" /> URL <br />
<input type=\"text\" name=\"subject\" /> Subject <br />
<textarea cols=\"30\" rows=\"20\" name=\"message\" ></textarea>
<input type=\"submit\" name=\"button\" value=\"Submit\" />
</form>";
}
?>
The following line of code shows your visitors their IP address,
<?php echo $_SERVER['REMOTE_ADDR'] ?>
For knowing what all super globals are available for you use the function phpinfo(); or print the complete $_SERVER array using print_r($_SERVER);
