Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
So i made a php program that you can send me a comment on my website. So my friend is like yeh i can get your code, like i steal SWF off newgrounds. So he said if i can if you give me $5, and vica versa. So i let him, where at the library on my free period and he does the follow code.
Like feyd said, the file should be parsed by the server. When parsed by the server it can only output HTML to the browser, no php will be shown. If php is installed on the server and php scripts are defined to have the file extension .php there should be no problems. If you try this locally on your computer and not on the server, then it should pop up a download box to download the script, but that really is besides the point. So you won the bet. Maybe your friend was thinking of getting JavaScript by viewing the source.
LiLpunkSkateR wrote:Depends, if he specifically said your PHP code, he loses. If he said your code, he could say he was refering to the HTML, which he COULD get.
Better bewar.
Well, he said he wrote a php script so it seems as though he would be referring to that, but I suppose he could mean HTML.
Ambush Commander wrote:
That or it's a Window's server.
I run a WAMP server thank you very much.
The operating system has nothing to do with how he's stealing it. If you look at the code, the kinds of things he could "steal" (aka download) would include static files (html, css, js, mov, swf, etc..).
Most shared hosting give you ASP for Windows and PHP for Unix based systems. True, I use Windows and I have PHP running too. Ah well. I guess I haven't seen enough webservers out there.
The operating system has nothing to do with how he's stealing it. If you look at the code, the kinds of things he could "steal" (aka download) would include static files (html, css, js, mov, swf, etc..).
Yes. We shall not go into a rant about how futile it is to try to obfuscate HTML code, for all attempts shall end in VAIN!!! I guess it's the server config that really has to do with it. My mistake.