469,953 Members | 1,896 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Share your developer knowledge by writing an article on Bytes.

Don't want to send your comments with the code?

hsriat
1,654 Expert 1GB
I am not sure how many of you would have faced this problem, but I faced this many times. I am not good at memorizing things, so I give lot of code comment in my code. And never wanted that code to reach the client. So I used to remove comments from each file by a PHP code and then upload that minified file to the server.

Then an idea came across my mind. And I never removed comments afterwards. May be some of use would already be using this thing, but it's new to me, so thought of posting here.

Here it is...
  • Instead of a regular name folder eg. js or scripts, in which you save your JavaScript files, save them in a random name folder. Something like js_kl32lnfdn.
  • We call our external JavaScript files as [html]<script type="text/javascript" src="/scripts/myscript.js"></script>[/html]
    Instead of this, make a PHP function, something like this:[php]function send_script($script)
    {
    echo "<script type=\"text/javascript\" src=\"/js.php?js=".$script."\"></script>"; //don't use the XML style closing tag (<script .... />) IE would not read it.
    }[/php]Keep this function in a saperate file.
  • In the root folder, save this PHP file (js.php)[php]<?php

    //define the folder name, so that it can be changed anytime.
    define("FOLDER_NAME", "js_kl32lnfdn");

    //path for the original file
    $js_original = $_SERVER['DOCUMENT_ROOT']."/".FOLDER_NAME."/".$_GET['js'];

    //header for the javascript file (will give a warning if not provided)
    header("content-type:text/javascript; charset:UTF-8");

    //alert error if file doesn't exisit
    if (!file_exists($js_original))
    die('alert(\'JavaScript file error!\')');

    //include minificator class
    require('jsmin-1.1.0.php');

    //read and minify the content
    $minified = JSMin::minify(file_get_contents($js_original));

    //header for caching
    header("Expires: ".gmdate("D, d M Y H:i:s", (time()+9000)) . " GMT");

    //year to write on copyright notice
    $year = getdate();
    $year = $year['year'];

    //send your copyright notice
    echo "/* Copyright ".$year." - www.your-website.com */";

    //send the minified version
    echo $minified;

    ?>[/php]
    The minificator PHP class is here: JSMin

What will happen is..
  • The JavaScript file will get minified by the js.php file, which in itself will use a minificator class (not made by me).
  • A file with path js_kl32lnfdn/script1.js will be called as js.php?js=script1.js. So one would never come to know the path to the original (commented) file.
  • For futher security, like if you only want the logged in user to be able to call the javascript or other things, you can add some verification code just in the starting of the js.php.


Hope you will like it. But if there's any drawback, do tell me. :)

Regards,
Harpreet
May 16 '08 #1
2 3296
acoder
16,027 Expert Mod 8TB
Haven't tested, but can't see why it can't work.

More useful than trying to hide actual code which is more trouble than it's worth.
May 17 '08 #2
FLEB
30
It's an interesting idea-- both as an obfuscation device and as an automatic space-saving measure.

Instead of using an obscure directory name for the scripts, you would be better off, IMO, putting an .htaccess file into the cleartext scripts directory with a "deny from all" directive (or a full-fledged password-protected directory if you want clear web access to privileged people). Or, you could store the scripts outside the document-root of the server, making them impossible to directly access via the Web. That way there are no cryptic names to remember (just call it "clear-scripts"), and there is no access for anyone-- even if they guess the directory name.

Also, for extra fun, you might want to look into a mod_rewrite rule that would automatically redirect any calls for your scripts to the pre-processor. It's a slick trick, although kind of a pain to debug.
Aug 7 '08 #3

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

7 posts views Thread by Angelos | last post: by
4 posts views Thread by Nataraj M | last post: by
7 posts views Thread by Anne M | last post: by
5 posts views Thread by BabyATX13 via AccessMonster.com | last post: by
4 posts views Thread by #kiss# | last post: by
2 posts views Thread by M | last post: by
3 posts views Thread by David Jackson | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.