Jump to content

Recommended Posts

I'm trying to hide the source code if a user directly goes to my xml page. I used this before and it worked, but it doesn't for this.

 

<?php
header("Cache-Control: no-cache, no-store, must-revalidate, max-age=0"); // HTTP/1.1
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
if(!empty($_SERVER['HTTP_REFERER']) && substr($_SERVER['HTTP_REFERER'],0,21)== "http://www.mywebsite.com")
{
echo '<?xml version="1.0" encoding="UTF-8"?>';
?>

......My XML CODE.......

<? } ?>

 

 

Here is my code to call this xml.php page.

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
	<script type="text/javascript" src="swfobject2.js?v=2.1"></script>
	<script type="text/javascript">
		var params = {allowfullscreen: "true"};
		var flashvars = {dataFile: "xml.php"};
		var attributes = {};
swfobject.embedSWF("file.swf", "flashContent", "640", "480", "9", false, flashvars, params, attributes);
	</script>

Link to comment
https://forums.phpfreaks.com/topic/163572-solved-hiding-the-source-code/
Share on other sites

you COULD do a shifty lil maneuver, but this doesn't actually prevent people from just viewing the source of js injecting the main page//

 

but on the main page do this

 

session_start();

$_SESSION['send_xml'] = true;

 

and then in the xml php page do this:

 

session_start();

if ($_SESSION['send_xml'] == true) {

  $_SESSION['send_xml'] = false;

  // send xml here..

}

 

that would ocne they hit the page set the session var, then when the page requests the xml, the xml php page will check for the session, if it has it set to true, then it sets it to false and displays the data, this way if they try to go directly to that xml php page.. the session wouldn't be set to true, and  they wouldn't get any output..

 

 

but firebug would be perfect for any beginner leecher to just rip it right outta your main page so this just protects against people going directly to the file

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.