Jump to content


Photo

source security question


  • Please log in to reply
3 replies to this topic

#1 ifreborn

ifreborn
  • New Members
  • Pip
  • Newbie
  • 7 posts

Posted 24 June 2006 - 02:21 AM

I wanted to know if it was possible to view the Underling php code of any site on the Internet. The answer I got was no. If this is the case why do people encode their source code?

#2 JP128

JP128
  • Members
  • PipPipPip
  • Advanced Member
  • 233 posts
  • LocationWisconsin

Posted 24 June 2006 - 02:44 AM

I think that there is a way for people to view the php source. But if you do that it is considered hacking unless you have privileges. I know this from something that happened to one of my friends website. There was a paypal thing, and someone got to see the source of his codes.
-----------------------------------------------------------------------
John Ensign - Age 16 - PHP Learner

My email is Johnny.Ensign@gmail.com

#3 hackerkts

hackerkts
  • Members
  • PipPipPip
  • Advanced Member
  • 593 posts
  • LocationSingapore
  • Age:18

Posted 24 June 2006 - 02:47 AM

Encode the php scripts is just adding a little security towards it, prevent
"noob" hacker from seeing your codes.

But those "professional hacker", they could decode it even if you encode your scripts.

Regards,
hackerkts

To be a coder, you must learn how to think and not to give up so easily.


#4 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 24 June 2006 - 11:45 AM

No one can see your source code of your PHP scripts. It'll only display the output. The only way a person can see the source code to your scripts either the following:
* You save your script in either .phps which highlights the source code (the server must be configured in order for this to happen), or if you save your files with a file extension other than .php. But if you are saving your files as filename.inc everyone can see the source code. UNLESS your server is configured to parse .inc files as PHP
* A hacker manages to obtain your FTP/Web site control panel details

Thats the only way of someone managing to view the source code of your PHP scripts.

Now the reason why people may encode thier source code is because they may be selling thier scripts and dont want thier customers to edit the script in anyway, such as removing the copywrite from the script. Encode/Decoding PHP source code can be very expensive, unless the hacker has a few $1000+ hanging about in order to decrypt the source code.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users