I want to deter novice users from seeing the source code. I have a php code that generates a html page.
edit1: I came across a simple tool which encrypted html code into %C%D%F but which worked with the browser just fine.
A:
You should use javascript's escape/unescape functions instead so that it is harder for humans to decipher but not the browser.
Sarfraz
2010-05-14 13:28:31
+14
A:
You can't encrypt the HTML output that is sent to your users. They wouldn't be able to load the web page if you did.
If you're concerned about them seeing the PHP code, you don't have to worry about that. They'll never see the PHP code - it's processed by the server and turned into HTML before sending to the client.
Jeff
2010-05-14 13:29:25
+1 It's possible to obfuscate the HTML, but as there are no variables and functions to give obfuscated names, it's an excercise in futility and restored within seconds using a HTML formatter.
Pekka
2010-05-14 13:31:54
I used the wrong word. It should be encoded instead of encryption.
Karthik Kottapalli
2010-05-15 01:37:53
seen the souce from a google results page latley, comes pretty close lol..
RandyMorris
2010-05-16 16:10:55
A:
I don't think you can encrypt HTML. It has to be interpreted by the client browser, it wouldn't work if you used a different language
shanabus
2010-05-14 13:30:17
You can encrypt anything. I think you mean that browsers aren't set up to handle encrypted HTML
thetaiko
2010-05-14 13:56:28
A:
You could be ultimately cheeky and use this: http://www.dynamicdrive.com/dynamicindex9/encrypter.htm
It basically encrypted your HTML code into a javascript document.write line.
Not really encryption, but will deter over half the people browsing the source.
Enjoi.
Neurofluxation
2010-05-14 13:33:49
It is ultimately cheeky because you're basically telling users with JavaScript disabled to FO.
Andy E
2010-05-14 13:35:41
It is ultimately cheeky because HTML has to somehow get to the browser. Face it: if the user can see it, the user can see how it's made. Using javascript for that points out your site is not worth the click.
nc3b
2010-05-14 13:37:30
WoooOOOOooo now now, calm down you two... Some really agitated-prepubescent-angsty people on here today. *sigh* Chill you lot... It's simple impossible to encrypt HTML as the clients browser still has to interpret it.
Neurofluxation
2010-05-14 13:40:01
You can not only prevent novice users from spending time on it, you can also prevent Google from spending time on it.
thetaiko
2010-05-14 13:52:57
+1
A:
While, as @Jeff said, you can't encrypt your HTML output, you can obfuscated it to make it more difficult for a human to understand. Here is a link to a free product that does just that: link
Skywalker
2010-05-14 13:36:44
A:
See: http://farhadi.ir/works/rc4
Two simple libraries allow you to encode in PHP and decode in Javascript. In your output simply set up the HTML skeleton and then run the decrypt with the key and encrypted string in a document.ready function and populate the <body> tag with the product of decryption.
Of course, this only works with Javascript enabled. Otherwise the use won't see anything useful. You're also passing your secret key in the clear which is fine since you're only trying to prevent "novice" users from accessing your source code. I also don't think it will really help you out that much in preventing someone from grabbing an image from your site. You're much better off working with .htaccess to do that. Check out http://bignosebird.com/apache/a13.shtml or Google
thetaiko
2010-05-14 14:21:31