PHP Tokens - finding user defined constants.

Question

Hi, got a reall head scratcher. Im trying to make a PHP obfuscator ( http://www.actwebdesigns.co.uk/web-design-blog/actobfuscator-free-open-source-php-obfuscator/ )

I've hit a little problem tho. I cant find a guaranteed way of finding a user defined constant.

some of my the token_name()'s return as T_STRING and others as T_CONSTANT_ENCAPSED_STRING, which with my code as it is does not change all constantss as shown below;

 <?php
//ACTObfuscator - Created by ACT Web Designs
//http://www.actwebdesigns.co.uk
?>
<?php
 @define("V566B1DF8B3B32D1", false); if( V566B1DF8B3B32D1 ) { define('DB_USERNAME', "wefghgfh"); define('DB_PASSWORD', "mulfghgfh"); define('DB_SERVER', "gfhgst"); define("V2FC1E4F930A251A", "webfghgfh"); define("VDA9E0DAA31346F8", "<+ site_name +>"); define("V4424E58002D8BE7", "actvbiz.co.uk"); define("VBE72B58F4FE19A6", '<img src="./?0000=jpg&0001=0001&0002=pic" width="277" style="position:relative; z-index:5; background:url(./?0000=png&0001=shade&0002=pic) bottom repeat-x;" height="167" alt="ACTvBiz Logo" />' ); define("V7052A961BF53D55", "http://www.actvbiz.co.uk"); define("V692CD2C3D40F692", "[email protected]"); define("VDC5565EDE9405AA", "nnn_accounts"); }else{ header("location: http://www.actvbiz.co.uk"); exit; } ?>

(ignore the <+ foobar +> as thats for something else)

any help is much appreciated.

Answer 1

Please format your code, this way it's not very readable.

You can check if a constant is defined by that very function: defined.

if (defined('V566B1DF8B3B32D1')) {
}

Is that what you're looking for?

Answer 2

How I would find user defined constants (using whose with define, not the const ones):

foreach (token_get_all($source) as $token) {
    if (!is_array($token)) continue;
    list($id, $content) = $token;
    if ($id == T_STRING && $content == 'define') {
        // and now extract the constant name!
    }
}

Answer 3

I realise what the problem is... throughout the whole of my documents I have removed ( lets say ) DOMAIN constant and is only left with DEFINE('DOMAIN'); So in theory, as it is not used anywhere, it has no need to be 'changed'. But to over come this, and only alter the 'defined' constants and not what 'appears' ( no proof of it being defined ) to be a constant, I wrote this:

foreach( $tokens as $key => $packet ) {
    $x = $key + 1;
    if( is_array( $packet ) && $packet[0] == T_STRING && $packet[1] == 'define' ) {
        while( true ) {
            if( is_array( $tokens[$x] ) && $tokens[$x][0] == T_CONSTANT_ENCAPSED_STRING ) {
                $constants[] = str_replace( array("\s", "'", '"'), '', $tokens[$x][1] );
                break;  
            }
            $x++;
        }
    }
}

This will only add value as a constant if in the defined() function. Output:

Array
(
    [0] => VIA_SITE
    [1] => DB_USERNAME
    [2] => DB_PASSWORD
    [3] => DB_SERVER
    [4] => DB_NAME
    [5] => SITE_NAME
    [6] => PROFILE_URL
    [7] => _LOGO
    [8] => DOMAIN
    [9] => SUPPORT_EMAIL
    [10] => ACCOUNT_TABLE
)