Page 1 of 1

hide php code?

Posted: Wed Jun 16, 2010 7:42 am
by madspoihur
I wrote a website in PHP and when you option+click a link on my page you can download the entire php script, which includes sensitive information like passwords etc. Is there a way to prevent this?

Re: hide php code?

Posted: Wed Jun 16, 2010 8:17 am
by aravona
You can easily google a disable right click function. But if you use it, expect massive limitations from your userbase. Personally I right click a lot on website links to open in a new tab when they're set to open in a new window. :)

Alternatively, you can put sensitive code in a seperate file and call it when needed :)

Re: hide php code?

Posted: Wed Jun 16, 2010 9:48 am
by andyhoneycutt
If your source is actually being downloaded, and not the interpreted code, when someone right-clicks, save as... Then disabling right-click is not a solution at all. I could simply wget your source, or generate links to your source and save those.

Sounds like you are having trouble with apache. Make sure it's setup to run your PHP. First, are your PHP scripts actually running when you visit them? Second, if they are running, are you sure that the right-click, save as... doesn't just download the generated html source?

Re: hide php code?

Posted: Wed Jun 16, 2010 10:43 pm
by Phoenixheart
Indeed. PHP code is server-side, and it should be interpreted by the webserver before returning to the browser. If it is not, then your webserver has problems. Disabling right-click doesn't help in this case.