Obviously this is downloadable. But is it easily viewable by the end user?
[edit]Assume the current working directory is /docroot/ and .. would be one level above the doc root.
[edit2]bleh, this should be in client side
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
if i cant get to the javascript with my browser then it wont load it...
i.e. php stuff can be stored outside the docroot, as my browser doesnt need to see it, but my browser MUST be able to download the javascript, and as such, can be viewed by the end user.
Oh, so the post i made wouldn't load the javascript? Hmm, for some reason I assumed it would.
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
scottayy wrote:Oh, so the post i made wouldn't load the javascript? Hmm, for some reason I assumed it would.
Nope, anything which the client needs has to be accessible from the web root. You can't hide your JavaScript code, but you can make it a pain in the ass to do anything with.
<?php
if ($_SERVER['REMOTE_ADDR']=='127.0.0.1'){
echo 'alert("Hello from PHP!")\n';
} else {
echo "Hah! You can't see anything!";
}
?>
I tested it, you CAN load a php script with <script>.
I just know realized it, but the REMOTE_ADDR will always be the client's IP, so maybe if you can find a way around it...
[edit]
Even better!
use include('realscript.js') where the alert is.
That won't hide it from everybody, it will only hide the js from people he doesn't want to see it.
Just for a second assume that we're using my script above and when the browser fetches the file, it uses, say...127.0.0.1, but if the actual person goes there, they use 127.0.0.2. (I know, I know... That won't happen, and that's the problem w/ using an IP, but hang with me)
The browser fetches it with 127.0.0.1, and PHP shows the js code.
The person fetches it with 127.0.0.2, and PHP denies access.
Do you understand what I'm talking about?