Jump to content

Displaying source code...

cgm225

By cgm225
in PHP Coding Help

 Share

Recommended Posts

cgm225 Advanced Member

cgm225

Posted
Posted

I have a personal website, and I have put a lot of time in on the code.  However, now I want to make the code viewable so other people can learn from it.

 

Is there a good way for displaying php source code online?  I vaguely remember seeing a phps (?) file somewhere with an s added to the end, and that outputting the source code? 

 

Also, I realize that displaying my code could leave me vulnerable to attacks.  Do you think that should preclude me from providing my source code to the public?

 

Thanks again...  just looking for people's thoughts and ideas...

 

 

Link to comment
Share on other sites
cgm225 Advanced Member

cgm225

Posted
  • Author
Posted

Ok, so I want to go with the highlight_file('$filename') function.  I would like to use it with the GET function where I GET the name of a file (i.e. $filename) and insert it into the function.  However, simply doing that would allow someone to just insert a sensitive filename into the address bar and see the source (like a password.php).  Therefore, I was thinking about creating a "white-list" of filenames that I can check the GET filename against.  IF the filename is present in the white-list, then I will display the source code.

 

How would you go about coding this white-list?  Would you use an array for it?  Or would you do something completely differently?

 

Thanks again!

Link to comment
Share on other sites
Adam Advanced Member

Adam

Posted
Posted

yeah just loop thru the array checking for a match...

 

<?php

$allowedFiles[0] = "example1.php";
$allowedFiles[1] = "example2.php";
$allowedFiles[2] = "example3.php";
$allowedFiles[3] = "example4.php";

foreach($allowedFiles as $val) {
   if ($_GET['fileToShow'] == $val) {
       highlight_file($val);
   }
}

?>

 

Not tested but should work...

Link to comment
Share on other sites
thebadbad Newbie

thebadbad

Posted
Posted

You can also use an in_array(). Dunno why the dot disappeared - it certainly shouldn't.

 

<?php
$allowed = array(
'example1.php',
'example2.php'
);
if (in_array($_GET['filename'], $allowed)) {
highlight_file($_GET['filename']);
} else {
die('You\'re not allowed to view the source of the requested page.');
}
?>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.