堆栈内存溢出
  简体   繁体   English

保护或加密smarty插件

[英]secure or encrypt smarty plugins

 原文  2010-11-30 13:02:08       php/ smarty

问题描述

I am working on CMS system using smarty. 我正在使用smarty在CMS系统上工作。 The one cms system could support multiple websites with multiple websites, multiple templates, multiple plugins and components... 一个cms系统可以支持具有多个网站,多个模板,多个插件和组件的多个网站...

Client can register and create his website using pre existing templates and choose components to display them on that template. 客户可以使用预先存在的模板注册并创建其网站,然后选择组件以在该模板上显示它们。

My Question is that How i can make those component secure or encrypted. 我的问题是,我如何使这些组件安全或加密。 so if client take his site away from the server to another server, he won't able to use those module, components etc. or atleast these would expire after certain time.. 因此,如果客户将其站点从服务器移到另一台服务器,则他将无法使用这些模块,组件等,否则这些将在一定时间后失效。

I am going to create these components using smarty plugins. 我将使用smarty插件创建这些组件。

Is there any solution in php, smarty ? 有没有在php中的解决方案,smarty?

4 个解决方案

解决方案1
 1  2010-11-30 13:10:11

Zend Server提供了这样的功能。

解决方案2
 0 已采纳  2010-11-30 13:23:35

Instead of trying to secure the file itself, you may just make those templates private : 您可以仅将那些模板设为私有,而不是尝试保护文件本身的安全:

Set up the include_path of your php environment to a private folder, thus, your application can use the files in this folder, templates included. 将您的php环境的include_path设置到一个私有文件夹,这样,您的应用程序就可以使用此文件夹中的文件(包括模板)。 Your users however can't retrieve the files easily. 但是,您的用户无法轻松检索文件。

解决方案3
 0  2010-11-30 14:20:26

If you don't want to use something like the ionCube PHPEncoder which is able to do the job for Smarty (via a Patch), I would recommend you write a script that performs code obfuscation to your Smarty files to make it a real annoyance to de-obfuscate them. 如果您不想使用诸如ionCube PHPEncoder之类的东西(可以通过修补程序来完成Smarty的工作),建议您编写一个脚本,对Smarty文件执行代码混淆处理,以免给您带来麻烦。对它们进行模糊处理。 Ideally that would include variable obfuscation also but you then need to touch your PHP files also when handling the variables over to Smarty. 理想情况下,它还应包含变量混淆功能,但是在将变量传递到Smarty时,还需要触摸PHP文件。

This is not great, but as said, when not using a real encoder there's not much you can do. 这不是很好,但是如上所述,当不使用真正的编码器时,您无能为力。

解决方案4
 0  2010-11-30 16:48:43

As before mentioned IONCube do the job well, but if you need some fast solution without crypt or embarrassing the code with such a tool, then you need to code something... I remenber sometime ago I did a kind of tool, I crypt the data, then put it inside a database and after a time I retrieve that data, off course checking the passphrase key. 如前所述, IONCube可以很好地完成工作,但是如果您需要一些快速的解决方案而又不使用加密或使用这种工具使代码尴尬的话,那么您就需要编写一些代码...我前一段时间曾想过,我做了一种工具,数据,然后将其放入数据库中,一段时间后,我检索了该数据,当然会检查密码短语。 This is the way, but sometimes it can make your server very slow, specialy if you have a lot of users. 这样是可以的,但是有时它会使您的服务器非常慢,特别是如果您有很多用户的话。

good Luck man! 祝你好运!

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Smarty插件问题 - Smarty plugins issue 如何加密Smarty模板文件 - How to encrypt smarty template files 无法添加新的Smarty插件 - Can't add new Smarty plugins php中的加密/安全数据库连接字符串 - Encrypt/Secure DB connection string in php 什么是最安全的mcrpyt_encrypt算法? - What is the most secure mcrpyt_encrypt algorithm? 加密字符串并使其安全,即使提取了 apk - Encrypt A String and make it secure even apk is extracted Laravel 的加密和解密助手有多安全? - How secure is Laravel's encrypt and decrypt helpers? Smarty模板引擎-使用$ smarty-> fetch时卸载/禁用插件 - Smarty Template Engine - Unload/Disallow plugins while using $smarty->fetch 可以使用代码点火器中的加密类来发送URL中的安全数据吗? - Can the encrypt class in code igniter be used to send secure data in URL? 如何在Javascript中加密字符串并保证其安全? - How can I encrypt a string in Javascript and keep it secure?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM