// Helper: update stats for textarea function updateStats(textarea, spanElement) const text = textarea.value; const lines = text.split(/\r?\n/).filter(l => l.trim() !== "").length; const bytes = new Blob([text]).size; spanElement.innerText = `Lines: $lines
obfuscateBtn.addEventListener('click', runObfuscator); // initial stats update updateStats(inputTextarea, inputStatsSpan); updateStats(outputTextarea, outputStatsSpan); // demo default example (set a meaningful example) const example = `<?php // Simple calculator function add($a, $b) return $a + $b;
function showError(msg) errorDiv.innerText = msg; errorDiv.style.display = 'block'; setTimeout(() => if (errorDiv) errorDiv.style.display = 'none'; , 4000); php obfuscator online
// MAIN OBFUSCATE ACTION async function runObfuscator() errorDiv.style.display = 'none'; let rawCode = inputTextarea.value; if (!rawCode.trim()) showError('Please enter PHP code to obfuscate.'); return; try catch (err) console.error(err); showError('Obfuscation error: ' + err.message); outputTextarea.value = '// Error during obfuscation, check original syntax.\n' + rawCode;
// Step 1: Extract variable names ($var) inside code (excluding those inside strings and comments already stripped partially) // We'll do a simple regex that finds $[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]* but avoid special cases like ${} // We'll apply variable renaming only for user variables. if (optVarRename.checked) const varRegex = /\$([a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*)\b/g; let match; // collect all variables const candidates = new Set(); while ((match = varRegex.exec(obfuscated)) !== null) let varName = match[1]; // skip superglobals and common reserved? keep _GET, _POST, etc but user can rename them optionally risky? we skip $this and $GLOBALS if (['this', 'GLOBALS', '_SERVER', '_GET', '_POST', '_REQUEST', '_SESSION', '_COOKIE', '_FILES', '_ENV'].includes(varName)) continue; if (varName.startsWith('_')) continue; // keep some internal? candidates.add(varName); // assign random names for (let v of candidates) if (!varMap.has(v)) varMap.set(v, randName('_v')); // replace variables in code (with word boundaries) for (let [orig, rand] of varMap.entries()) const regex = new RegExp(`\\$$orig\\b`, 'g'); obfuscated = obfuscated.replace(regex, `$$rand`); we skip $this and $GLOBALS if (['this', 'GLOBALS',
footer text-align: center; margin-top: 2rem; font-size: 0.7rem; color: #4b556b;
<script> (function() { // DOM elements const inputTextarea = document.getElementById('inputCode'); const outputTextarea = document.getElementById('outputCode'); const obfuscateBtn = document.getElementById('obfuscateBtn'); const copyBtn = document.getElementById('copyBtn'); const clearBtn = document.getElementById('clearBtn'); const errorDiv = document.getElementById('errorMsg'); const inputStatsSpan = document.getElementById('inputStats'); const outputStatsSpan = document.getElementById('outputStats'); if (varName.startsWith('_')) continue
function obfuscatePHP(code) { // 0) if no code if (!code.trim()) return "// No PHP code provided";
button.secondary background: #2d3a5e;
inputTextarea.addEventListener('input', () => updateStats(inputTextarea, inputStatsSpan)); outputTextarea.addEventListener('input', () => updateStats(outputTextarea, outputStatsSpan)); // not editable but keep