Hi …demo is not working
Oops sorry … wrong post …
What encryption type and level does the class employ?
Hi, HBLocker uses:
cipher = MCRYPT_RIJNDAEL_256
mode = MCRYPT_MODE_CBC
iv_source = MCRYPT_DEV_URANDOM
Private keys for encrypting and decrypting
Ofcource you could switch all of those by your choise
Thank you for asking
Excellent! Is the private key downloaded by the user?
From the documentation this would appear to be a class without front or backend, or are they set up? Private key delivery and other parameters will need to be configured for each user separately then.
A private key is already set by default for all files – it is located in the Library folder.
It is a good practice to change this key for you to be unique from other useing HBLocker.
This key for sure can be changed on runtime with:
This method will only change the key for the current quene.
Becarefull if you change the key on encryption, the same key must be given for decryption.
Yes the class dose not have GUI.
Thank you for the detailed clarification. Can I lock an entire folder without the need to invoke HBLocker for each file? Can private keys be set for each user on a website for his files or folder?
You initlize HBLocker one time then you can do a chain
This version of HBLocker dose not provide an automatic way to check a folder. But you can do it with php directory iterator and a foreach loop. If you need help for this i will make it for you.
Yes private key can be set on each user, you just need something unique for the user that cannot be changed, like a hash value of the user id from the user table or anything else that is not going to be changed and is unique for each user.
Many thanks for the patient and edificatory replies. I am going ahead with the purchase and wish you luck for limitless sales. Also as I am a DIY enthusiast (AND non-coder), let me try to lock a directory by iteration and contact you if I fall flat!
Thank you, feel free to ask
Hullo again. The demerits of advancing age are too many and my skills are too sparse, both of which preclude me from implementing directory iteration beyond reading up the php.net manual! I should be grateful for your help to enable folder locking with HBLocker. I see tremendous potential in the script.
It will be done soon as i can, maybe day or two and i will contact you.
May you prosper!
Version 1.1 is released, and its queued for review.
The update is:
- Added recursively(on your choise) and non-recursively(on your choise) directory loop with auto collect of files.
The update is documented you can find it in section – Usage.
In folder Test/ you will see two new test files which covers the update.
The selection of folder is same as the selection of files, just the name of the method is different.
I am expecting your feedback on the update.
Bless you for the swiftest turnaround ever! With CBC, Rijndael 256, entropy from dev_urandom, AND your skills, I can see this script soon becoming indispensable for users who wish to provide fortress-like security on their sites. All the best.
Thank you for your feedback i appreciate it.
Hello, a new version is already released.
Version 1.2 released.
Added zip and unzip methods. You can now create a zip arhive with choosen files and locked or unlocked them. The newly created zip can be forced easly to be download with the second parameter – view method section in documentation.
If you are running php 5.4 in order to use the zip methods you may need to enable php_zip.dll in php.ini if is not auto enabled already.
Downloaded and installed the latest version. This script is fast becoming an essential tool for site and content security. Am I glad I purchased it!
I have spent some time on the script and found that it works flawlessly as stated in the documentation. The only thing lacking is a gui for sales to take off!!
Thank you for your feedback, maybe soon i will work on that.
Do you think PHP’s built-in streams extension with mcrypt encryption filter would be faster and more efficient with large files?
Good script! GLWS codew
Very good script, good work Boyarov!
P.S – Ako iskash mojesh da me namerish na Skype: extreemer55, za da obmenqme opit i suveti.
Nice work, GLWS!
Hello, no live demo is provided, but you can lookup what output is given after a file is locked on this link: http://hblocker.boyarov.bg/
- The locked(encrypted) file is generated with extension – .”loff” in the folder where the original file was.
- When you call $locker->unlock(); on a locked file, then you will recive the original file with its original extension on the same folder where the locked files was.
“720p” : “http://www.xxxx.mp4.com”,
“480p” : “http://www.xxxx.mp4.com”
It can protect the url of the link to see the video It?
One question : I code and sell PHP scripts.
To protect them, i use a self-made licensing system on my server.
Each of my scripts “calls home” to check license validity and that
portion of the code is protected by ioncube.
BUT. My server runs on http, not hrrps, which means that any
man in the middle wiresharking the connection between script
and server could find out the licensing mechanism.
My point is, could this be used to encrypt the licensing part
of my scripts and would it be more secure than encoding with ioncube ?
Can you tell me what exactly your scripts are sending to the your server and is the sent data always the same?
If is like this, you could do an encryption on the licensing part of each of your scripts on server side with a private key for each of them.
Those encrypted licensing parts are then distrubed with your selled items.
So the check process will be:
1. Sending encrypted licensed data from your script to the server.
So if anyone get the licensed data – it cannot do anything with it(not readable), becouse they won’t have the private key to decrypt the data.
2. The server gets the data and decrypt it with the proper private key.
3. Server does the check with the decrypted data and returns response.
Now something about HBLocker. It is mainly for encrypting file contents and making the file non executable and readable, so to be passed securley on the internet and only the sender and reciver to have the key for encrypting/decrypting.
In your case the server is the sender and the reciver.
But you can use it too for encrypting only data (not files).
In the item their is a file with a class wich only encrypts/decrypts any data (not files).
Does this plugin support the ability to encrypt a submission form that allows a user to upload a file?
For now this plugin does’t support client side encryption.
It could be added in future updates. A JS must be written for client side which encrypts the uploaded file before is send to the server.
In your case I suggest you to use SSL/TLS protocol for the connection, that’s all you need.
Hello. I have an app that upload files in to hosted directory. The problem is the file is in plaint, and can be seen by the host user. I want it unreadable. Is this app can be plugin to my application (CI3) and it will encrypt the file before write to storage. and decrypt on requested by Client side? Thanks youl.
Hello, you can do something like that: When a file is uploaded you call the HBLocker and encrypt the file. Later when you need the file the client side must call some controller with a reference indicator for the file, 1.) the controller get’s the encypted file source. 2.) Creates some temporary file with the encrypted source. 3.) Call the HBLocker to decrypt the temporary file. 4.) Get the decrypted file source 5.) Create a response from controller with the decrypted source and set correct content-type. 6.) The original file now is downloaded to client side 7.) Remove temporary file.
The downside of that is that you must create a temporary file.
Another way is to edit the plugin to accept raw source, so when the Controller gets the encrypted source it must directly give it to the HBLocker to decrypt and return decrypted source, no need of temporary file here.
But if the host user can view your files, he can view the method of encrypt/decrypt and use it.
nice work gud luck
Use, by you or one client, in a single end product which end users are not charged for. The total price includes the item price and a buyer fee.
Use, by you or one client, in a single end product which end users can be charged for. The total price includes the item price and a buyer fee.
View license details
Get it now and save up to $2.50