[SOLVED] Can someone steal my PHP script?

[lokie538]

Hi,

 

Im new to php and im wondering if anyone can see my php files, more importantly the code? All the files on my website are .php's and I am concerned that my code will be stolen? is this possible? or do they need ftp access to gain access to the code?

 

Thanks in advance,

lokie538

[RMcLeod]

If all your files end with .php nobody can see the code as PHP will automatically parse the file and return the html output.

 

There was an issue when people used to use .inc as the file extension for includes. If this page is requested directly PHP won't parse it and the contents of the file would be displayed as plain text.

[JasonLewis]

The poster above me is correct. You can, if you really want to, save your files as .phps which WILL let people see your code. Hehe. It's pretty neat, try it out.

[The Little Guy]

No one can see the actual PHP, unless you print or echo it out, or some of the following:

 

- Save the file incorrectly (Examples: .txt,.html,.htm,.phps,.inc)

- Use a .htaccess file to force the php to be displayed as text

 

to make it more secure, DO NOT place the PHP file in the web root directory (or its sub folders), place it outside of the directory, you can still link to them an run them from php scripts in the directory, but you cannot access them from a web browser, or the command line.

[lokie538]

to make it more secure, DO NOT place the PHP file in the web root directory (or its sub folders), place it outside of the directory, you can still link to them an run them from php scripts in the directory, but you cannot access them from a web browser, or the command line.

 

Hi, what do u mean place it outside the root directory?? do you mean just put it in a sub folder or something? or do u mean place the .php files outside the directory the public is loading from and just use a include file code and link it into a different directory?

[haku]

That's a good little trick Little Guy