securing php scripts 
November 24th, 2008, 03:37 AM
| | Familiar Sight | | Join Date: Nov 2006
Posts: 159
| | |
Hi there,
just wondering, if I want to stop users of a site "stealing" the code, is there a way to achieve this? Is it automatic because any php is parsed before it reaches the browser? Am I better off putting basically everytthing inside php echos, even if it could be done using html? I guess I'm basically asking about security of the stuff I've done and whether there's a way to guarantee that someone won't be able to grab the code.
Thanks,
|
November 24th, 2008, 05:14 AM
|  | Moderator | | Join Date: Aug 2008 Location: Leipzig, Germany
Posts: 3,488
Provided Answers: 9 | | | re: securing php scripts
no one without server access is able to see your php code (as you already mentioned). but I don't recommend putting all your html code in echos, it will be visible either way.
so put in a one-liner: php code is safe from stealing, html code never.
regards
note: of course you can add a copyright comment to all your code, that's more reasonable.
|
November 24th, 2008, 05:41 PM
|  | Moderator | | Join Date: Jun 2007 Location: York, England, with wolves.
Posts: 4,862
Provided Answers: 9 | | | re: securing php scripts
Putting it in echo()s or not has exactly the same output. You could obfuscate you PHP code, just incase.
|
November 24th, 2008, 08:02 PM
|  | Familiar Sight | | Join Date: Jun 2008 Location: Europe
Posts: 128
| | | re: securing php scripts
Quote:
Originally Posted by beary  Hi there,
just wondering, if I want to stop users of a site "stealing" the code, is there a way to achieve this? Is it automatic because any php is parsed before it reaches the browser? Am I better off putting basically everytthing inside php echos, even if it could be done using html? I guess I'm basically asking about security of the stuff I've done and whether there's a way to guarantee that someone won't be able to grab the code.
Thanks, | Hi,
i don't know the exact reason why you are wondering how to do that but,
i don't think you should care about it... if someone wants to copy your HTML code it can use Firebug and get all the code you wrote in one line-> indented.
don't protect your code, just improve your service and you will never fear someone stealing you clients...
regards
|
November 25th, 2008, 03:23 AM
| | Familiar Sight | | Join Date: Nov 2006
Posts: 159
| | | re: securing php scripts
Thanks all for your replies to this.
Bilibytes, I have to say I'm confused. The exact reason I'm wondering how to do it is because surely if you think something is not only good but also reasonably unique, and you made it, you'd want to protect it. Wouldn't you? Particularly if there was some potential return.
I guess it's at the stage where due to the nature of the product, there isn't a client base for this at all. It'll need to be built. So I need to make sure that if I provide a web address for something, and say there's a demo section, that a cluey person can't use that fact to grab the necesary code.
When you write that someone can use firbug to grab the html code, you did mean html didn't you, not php?
Thanks for your thoughts. Quote:
Originally Posted by bilibytes Hi,
i don't know the exact reason why you are wondering how to do that but,
i don't think you should care about it... if someone wants to copy your HTML code it can use Firebug and get all the code you wrote in one line-> indented.
don't protect your code, just improve your service and you will never fear someone stealing you clients...
regards | |
November 25th, 2008, 12:04 PM
| | Moderator | | Join Date: Jun 2007 Location: York, England, with wolves.
Posts: 4,862
Provided Answers: 9 | | | re: securing php scripts
Yes, firebug will only grab the sourcecode (the html, javascript and css). However, you need not Firebug to view the source - most major browsers have a rightclick option to 'view source'.
You do not need to worry about users being able to view your PHP - as long as you use the correct file extensions, a server running php, etc., you'll be good.
Markus.
|
November 25th, 2008, 09:32 PM
| | Familiar Sight | | Join Date: Nov 2006
Posts: 159
| | | re: securing php scripts
Cool. Thanks Markus. Puts my mind at ease... Quote:
Originally Posted by Markus Yes, firebug will only grab the sourcecode (the html, javascript and css). However, you need not Firebug to view the source - most major browsers have a rightclick option to 'view source'.
You do not need to worry about users being able to view your PHP - as long as you use the correct file extensions, a server running php, etc., you'll be good.
Markus. | |  |
| | |  /bytes/about
We are a network of experts and professionals in IT and software development that help one another with answers to tough questions and share insights.
Get the best answers to your questions from over 225,698 network members.
|
