Andreas K Santoso wrote:
> Hello sir/ma'am
>
> My name is andre from Indonesia. I am a student of a university, and
> i'm doing my thesis. I subscribe to this list to look for some help.
> Oh by the way, my thesis is about PHP file encryption. So i need to
> decrypt the file when it's accessed and before any further
> processing. I'm surely not as smart and experienced as all of you, so
> please be patient
>
> Mr. Malyshev told me that i have 2 options 1. Override the
> zend_compile function (he said that this one seems to be the easiest
> way) 2. Use the PHP stream system (http://php.net/streams) to create
> filters that decrypt data on-the-fly.
>
> So i decided to try the second option. But still i can't understand
> it well. The example i've read (http://php.net/streams) is not clear
> enough for me. I mean, how to make the filter itself, and how to use
> it? and can the filter automaticaly applied to every .php files?
>
> And can anyone tell me where i must insert my codes if i want to
> override the zend_compile? I'm afraid that i don't have much time
> left, so if i can't use option 2, i will use option 1 instead.
>
>
> Sorry if my english impolite or confusing. Thank you very much for
> your patience and help.
Hi Andreas,
For stream filters, check out the zlib and bz2 stream filters in
ext/zlib/zlib_filter.c and
ext/bz2/bz2_filter.c
The filter can't be automatically applied without overriding
zend_compile, but I still highly recommend you implement it as a stream
filter. Why? You can check for encryption on file inclusion and then
append the stream filter to the returned stream inside the
zend_file_handle, or disable this in php.ini and decrypt on a per-file
basis manually.
For an example of zend_compile() interception that does something
similar, look at the end of ext/phar/phar.c. In this case, phar's
zend_compile override checks for filenames containing '.phar' and
attempts to process them as a phar archive, creates a phar stream URL
and passes that to zend_stream_open_function to return a file_handle.
You could simply call zend_stream_open_function, and then read in the
first few bytes of the file handle in the modified zend_file_handle * to
determine if decryption is necessary, and then use code something like
this to append the filter and compile the file:
filter = php_stream_filter_create("my.encrypt", NULL,
php_stream_is_persistent(file_handle->handle.stream.handle) TSRMLS_CC);
php_stream_filter_append(&file_handle->handle.stream.handle->readfilters,
encrypt_filter);
return encrypt_orig_compile_file(file_handle, type TSRMLS_CC);
where encrypt_orig_compile_file is the saved value of zend_compile_file.
Greg
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
