Download a php file ?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
anjanesh
DevNet Resident
Posts: 1679
Joined: Sat Dec 06, 2003 9:52 pm
Location: Mumbai, India

Download a php file ?

Post by anjanesh »

I have a php file on the server. When a internet user visits the page, the html code is the one that is sent. But what is the user downloads it (as in save as or use some download manager like DAP & give the url:someurl/somepage.php) ? Is it possible for him to get the code ? I mean, if we write a vb code using the inet control I think its posible to get the code.
Thanks
User avatar
pelegk2
Forum Regular
Posts: 633
Joined: Thu Nov 27, 2003 5:02 am
Location: Israel - the best place to live in after heaven
Contact:

i dont know whats inet control

Post by pelegk2 »

but php cant be d/l and saved beacuse hwen u reference it
the serverautomaticlly runs is
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

Yep, PHP is server side, so by the time the user gets to it all they get is the generated client-side code (HTML and JavaScript) not any PHP code.

Mac
Vietboy
Forum Commoner
Posts: 41
Joined: Mon Dec 01, 2003 10:59 pm

Post by Vietboy »

if you can save php files.. then it's pointless to with the admin control

Peopl can dl files and view your user/pass to login in the mySQL databse.
User avatar
aquila125
Forum Commoner
Posts: 96
Joined: Tue Dec 09, 2003 10:39 am
Location: Belgium

Post by aquila125 »

not necessarily...


good PHP code should be safe even when downloaded by a hacker... make sure you put your .inc files (like db_conf.inc) in a seperate folder, and don't give webusers access to this folder... PHP will have access and have no problem with opening it...
Second is your database security.. make sure the user you'r using in your php script only has the necessary security settings to do only what it has to do (no drop tables and such)... also make sure that that user can only connect from a fixed IP (eg localhost)
User avatar
pelegk2
Forum Regular
Posts: 633
Joined: Thu Nov 27, 2003 5:02 am
Location: Israel - the best place to live in after heaven
Contact:

Post by pelegk2 »

if u ask me never use inc file ony php
more safer
User avatar
m3mn0n
PHP Evangelist
Posts: 3548
Joined: Tue Aug 13, 2002 3:35 pm
Location: Calgary, Canada

Post by m3mn0n »

I use inc.php to seperate the two. Never .inc.
AnsonM
Forum Commoner
Posts: 72
Joined: Thu Sep 25, 2003 7:21 am

Post by AnsonM »

i thought u could use something like websnake to mirror a copy of a site on your computer..

try searching for it on google...

but it probably wont work cuz php is server side
User avatar
Pyrite
Forum Regular
Posts: 769
Joined: Tue Sep 23, 2003 11:07 pm
Location: The Republic of Texas
Contact:

Post by Pyrite »

You could rename a copy of the php file to .phps so they can view the source. Or use the highlight function to setup your site so ppl can view the source on each page.
Post Reply