1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Need a way to hide plugin info within the Source code?

Discussion in 'HTML & JavaScript' started by phobia2381, Jan 14, 2014.

  1. phobia2381

    phobia2381 Junior Member

    Joined:
    Nov 3, 2012
    Messages:
    178
    Likes Received:
    258
    Location:
    Error 404! The Freedom you were looking for could
    I know I could probly just grab a plugin that hides right click to see source code but thats easily out did by just typing "view-source:" before the url of the page..

    I have a script that I paid for to get made into a wp plugin for cheap, it works and everything but after looking at the source code of the locked content. Everything shows for example the fb app id and also the locked content itself.

    So my question is: Is there some kind of script code I can wrap around part of the PHP file script that I'm using to make all that shows invisible?
    or any other way to hide these things..
     
  2. Kaistar

    Kaistar Power Member

    Joined:
    Jan 9, 2010
    Messages:
    562
    Likes Received:
    333
    • Thanks Thanks x 1
  3. phobia2381

    phobia2381 Junior Member

    Joined:
    Nov 3, 2012
    Messages:
    178
    Likes Received:
    258
    Location:
    Error 404! The Freedom you were looking for could
    No, I wanting to incorporate something within the php script for the plugin to hide some of the script, so when I giveaway or sell the plugin other people won't have the problem also of revealing their locked content and fb app id.. Thanks though
     
  4. mypmmail

    mypmmail Junior Member

    Joined:
    Jan 31, 2008
    Messages:
    111
    Likes Received:
    27
    I don't think you can totally hide the source.

    But what you can do is to code your source in Java script and then obfuscate it. Then, it will be rather difficult to figure out what it's doing.
    Just like trying to find out what adsense is doing.

    Hth
     
  5. Ste Fishkin

    Ste Fishkin "I'm watching you.." - Apricot Jr. VIP Premium Member UnGagged Attendee

    Joined:
    May 14, 2011
    Messages:
    1,836
    Likes Received:
    8,706
    Occupation:
    Rands Sex Slave
    Location:
    England
    Base 64 or remotely host the content you want to include.
     
    • Thanks Thanks x 1
  6. Amsterdammer

    Amsterdammer Power Member

    Joined:
    Aug 9, 2011
    Messages:
    515
    Likes Received:
    563
    Erm, at current I am under the influence of "means" but there is a way to first javascript your link to a php page and use that to redirect to the url you point to. Too lazy to go and find it for you tho. soz The JS is somewhere to to found on the forum.
    The JS will hide your php page "from the eye" when hovering above it, the php code will redirect. You could make it look like to point to G to the eye, a click will point it to yahell and nobody will know what happened.
    This is a combination of methods I never actually tried. The JS I did and the php code is simple logic and tried on other problems. Not sure on how to actually prevent the link you end up with from showing once the visitor clicked it.. A PHP script shouldn't show tho, please tell me if you found a way. :)
     
    Last edited: Jan 15, 2014
  7. phobia2381

    phobia2381 Junior Member

    Joined:
    Nov 3, 2012
    Messages:
    178
    Likes Received:
    258
    Location:
    Error 404! The Freedom you were looking for could
    alright thanks everyone for the suggestions I think I'll just have to get ahold of the guy that made the plugin for me..
     
  8. phobia2381

    phobia2381 Junior Member

    Joined:
    Nov 3, 2012
    Messages:
    178
    Likes Received:
    258
    Location:
    Error 404! The Freedom you were looking for could
    I guess its hard for me too explain with out showing you guys.. When I have the content locker set up and working on one of my pages or posts if I look at the source code at around line #375 this shows..
    Code:
    <div id='fb-root'></div><script>
      window.fbAsyncInit = function() {
        // init the FB JS SDK
        FB.init({
          appId      : '000000000000',                        // App ID from the app dashboard
          status     : true,                                 // Check Facebook Login status
          xfbml      : true                                  // Look for social plugins on the page
        });
    
    
        // Additional initialization code such as adding Event Listeners goes here
      };
    
    
      // Load the SDK asynchronously
      (function(d, s, id){
         var js, fjs = d.getElementsByTagName(s)[0];
         if (d.getElementById(id)) {return;}
         js = d.createElement(s); js.id = id;
         js.src = '//connect.facebook.net/en_US/all.js';
         fjs.parentNode.insertBefore(js, fjs);
       }(document, 'script', 'facebook-jssdk'));
    </script>
    
    
    	<style type='text/css'>
    		.v36-unlock-button { display:block !important;}    
    	    #locked-content {
    	    margin:20px 0 0 0;
    	    }
    	</style><div id='locked-content'>
    <p>test</p>
    <p></div>
    	<script type='text/javascript'>
    	    jQuery(document).ready(function($) {
    	    $('#locked-content').postAndTagToUnlock({
    	    uniqid: '1234567',
    	    header_text: 'header text goes here',
    	    button_text: 'button text goes here',
    	    facebook_app_id: 00000000000000,
    	    num_friends: 3,
    	    image_url: 'image goes here',
    	    image_text: 'image text goes here'
    	    });
    	    });
        </script>
    
    
    
    So I'm wanting to hide this from the source code, this is basically what shows within the php file for the plugin also..

    I was just told by another person this is made in javascript so there isn't a way to do it besides having it write in a different coding language, though I don't know anything about it so I can't say if there is an alternative or not..
     
    Last edited: Jan 15, 2014
  9. Amsterdammer

    Amsterdammer Power Member

    Joined:
    Aug 9, 2011
    Messages:
    515
    Likes Received:
    563
    Simple rule:
    JS= Visible
    PHP= not visible.
    One is client based, the other server based.
    So I agree with whoever told you the JS is always visible, you want this sort of thing server based.
    A simple way to hide you code is to base 64 (Encoded) your personal information but it isn't full proof to any none newbie. You do want that though, especially for your content locker and personal information. You would want your code in PHP or whatever server based language like PHP/asp or others. Definitely not JS.
    It is a good thing to be cautious when providing code you want protected. Just like you want your information given public so it's subjected to scrutiny and you don't get a pain in your exhaust pipe... This is blackhat afterall . lol
    I will tell you this though, the code visible when right clicking and viewing source is visible to all. If the code you showed is shown, I would be worried. You want this in PHP, like mentioned before. Only reason you use JS to hide your links is because it looks natural/valid to visitors.

    Give your thread some time, there are bound to come some sober people willing to help. :)
    I did a quick search for you but am too much "influenced" right now it seems. Still, I trust in the power of this forum, it never let me down. :D
     
    • Thanks Thanks x 1
  10. phobia2381

    phobia2381 Junior Member

    Joined:
    Nov 3, 2012
    Messages:
    178
    Likes Received:
    258
    Location:
    Error 404! The Freedom you were looking for could
    I don't care how under the "influence" you are you did a great job explaining ;) Ste Huges summed it up also, I've have to look more into this, Thanks a bunch man and yeah If anyone else has any other suggestions I'd like to hear them..
     
    • Thanks Thanks x 1
  11. mypmmail

    mypmmail Junior Member

    Joined:
    Jan 31, 2008
    Messages:
    111
    Likes Received:
    27
    As mentioned, as javascript actually runs on the user side, it's not foolproof to stop them from seeing it.

    But you can make it not easily understandable.

    e.g.
    your can put your script into hxxp://www.javascriptobfuscator.com/Default.aspx to generate an obfuscated version of it.
    The script still runs as intended, but looking at it doesn't really make sense.

    hth
     
    • Thanks Thanks x 1
  12. Amsterdammer

    Amsterdammer Power Member

    Joined:
    Aug 9, 2011
    Messages:
    515
    Likes Received:
    563
    ^^ Hence the remark about sober people OP. It is still not completely hidden, but you can make things so hard to decipher people will go elsewhere unless they are willing to spend some serious time decoding.

    On a side note, I was rereading parts and something needs explaining. You can't wrap JS around PHP but you can the other way around.
    From top to bottom: PHP, JS, HTML. Where the first supercedes the next. (I left out CSS on purpose and some others languages too, to prevent discussions, you could say it comes after the JS but it would override PHP for instance while PHP can make it be there in the first place. See why I left it out? lolz.)

    JS is very useful and parts of your page will still need to use it. You use JS when you want to save bandwidth or for tasks you don't need to validate or some other task done client side, like prevent right-clicks. Not if the content locker can be unlocked for instance because the user could fiddle with that. :p People will still need to allow your script to function tho, by default it will be allowed unless the user has NoScript installed for instance.

    Anyways, obfuscate and base 64 it, make it mandatory to have JS enabled to view the page, but in the end you will want this rewritten. :)

    Glad I could be of service so you are very welcome. :)
     
    • Thanks Thanks x 1