This week we cover the Zend Encoder, a program which allows for you to distribute encoded versions of your software, therefore protecting your intellectual property and making sure that your licenses are upheld. First we go over exactly what the encoder does and a little bit of how it works, and then I'll move on to cover the open source alternative(s) and finally, give our humble opinion on the product.
One of the major problems I feared when using the encoder is that it would cause a slowdown in my PHP scripts. When working on high-traffic sites, every second counts and the benefit of encoding my applications would be outweighed if the performance suffered.
Surprisingly enough, some of my programs ran faster with the Zend Encoder then without it. Most of the other applications ran at close to the same speed (some a little faster, some a little slower). And if you couple in the Zend Cache, the performance stops being an issue (as the Zend cache saves a memory imprint of your application, and no decoding is necessary).
My second fear is the strength of the encryption used. After all, what's the use of using the Zend encoder if it doesn't properly encode your scripts (ie, it just messes up the whitespace a bit, or moves words around).
I've found the Zend Encoder's encryption to be quite satisfactory. While I really can't verify more than the fact, that I couldn't decrypt it. I don't think most customers will bother figuring out how to decrypt your encoded code, the fact that its encoded is enough.
Unfortunately, one problem that does occur with the encryption is that Zend's OP structures are not modified. Therefore if someone decided to write a program that translates an OP structure into working running PHP code. The encryption loses a lot of its value (of course the dumped output may be completely different than the original script, and will be devoid of comments). However, I don't see that happening any time soon, because its simply too much effort for too little gain