source security question

[ifreborn]

I wanted to know if it was possible to view the Underling php code of any site on the Internet. The answer I got was no. If this is the case why do people encode their source code?

[JP128]

I think that there is a way for people to view the php source. But if you do that it is considered hacking unless you have privileges. I know this from something that happened to one of my friends website. There was a paypal thing, and someone got to see the source of his codes.

[hackerkts]

Encode the php scripts is just adding a little security towards it, prevent
"noob" hacker from seeing your codes.

But those "professional hacker", they could decode it even if you encode your scripts.

[wildteen88]

No one can see your source code of your PHP scripts. It'll only display the output. The only way a person can see the source code to your scripts either the following:
* You save your script in either .phps which highlights the source code (the server must be configured in order for this to happen), or if you save your files with a file extension other than .php. But if you are saving your files as filename.inc everyone can see the source code. UNLESS your server is configured to parse .inc files as PHP
* A hacker manages to obtain your FTP/Web site control panel details

Thats the only way of someone managing to view the source code of your PHP scripts.

Now the reason why people may encode thier source code is because they may be selling thier scripts and dont want thier customers to edit the script in anyway, such as removing the copywrite from the script. Encode/Decoding PHP source code can be very expensive, unless the hacker has a few $1000+ hanging about in order to decrypt the source code.