banjax Posted November 13, 2008 Share Posted November 13, 2008 Any one know how i can secure my code i saw this whole encryption thing but is there anything easier and better then that. all my pages are php and some include forms and connections to database's Quote Link to comment https://forums.phpfreaks.com/topic/132549-secure-code/ Share on other sites More sharing options...
trq Posted November 13, 2008 Share Posted November 13, 2008 Secure them against what? Quote Link to comment https://forums.phpfreaks.com/topic/132549-secure-code/#findComment-689251 Share on other sites More sharing options...
waynew Posted November 13, 2008 Share Posted November 13, 2008 You're talking about keeping your PHP files encrypted? Quote Link to comment https://forums.phpfreaks.com/topic/132549-secure-code/#findComment-689252 Share on other sites More sharing options...
banjax Posted November 13, 2008 Author Share Posted November 13, 2008 Your normal stuff, my friend told me it would be good if i secured it so users can steal passwords and stuff Quote Link to comment https://forums.phpfreaks.com/topic/132549-secure-code/#findComment-689255 Share on other sites More sharing options...
trq Posted November 13, 2008 Share Posted November 13, 2008 Your normal stuff, my friend told me it would be good if i secured it so users can steal passwords and stuff As long as your passwords are never echo'd a user cannot see them. Quote Link to comment https://forums.phpfreaks.com/topic/132549-secure-code/#findComment-689257 Share on other sites More sharing options...
Mchl Posted November 13, 2008 Share Posted November 13, 2008 And as long as Apache (or webserver in general) is configured to never echo php files when php is disabled for some reason. You can move php files containing sensitive data out of servers document root. That's much better solution than encrypting source. Quote Link to comment https://forums.phpfreaks.com/topic/132549-secure-code/#findComment-689275 Share on other sites More sharing options...
premiso Posted November 13, 2008 Share Posted November 13, 2008 You should always encrypt user passwords with MD5 (a one way hash). This ensures that no one will ever see the clear text password. Although it cannot be reversed, which is a good thing, it protects the user's password. Even if it is echo'd out, it would not do anyone any good. That and I would hope user information is kept in a database such as MySQL. Quote Link to comment https://forums.phpfreaks.com/topic/132549-secure-code/#findComment-689316 Share on other sites More sharing options...
Canman2005 Posted November 13, 2008 Share Posted November 13, 2008 You could use something like http://www.phpcipher.com/ Quote Link to comment https://forums.phpfreaks.com/topic/132549-secure-code/#findComment-689319 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.