Reimar Bauer wrote:
Dear all
I recognized today that if I have an echo statement on an else at the end of
my script the only thing which was downloaded by wget was this string.
Is this a common way to prevent uncontrolled downoading of php scripts?
The software I wrote is GPL licensed so I would share it as package not as
partial files.
Reimar
Using wget is the same as wandering to the page in X browser and saving
it to disk. It will only save the parsed data, in the same way that the
user only can view the parsed data. I wouldn't class it as a security
method, rather it is just the way server-side processing works.
However, lets say for example we have test.php, test.php checks for a
session/cookie/posted/get variable each access (the variable would be
passed on while the user is on the site), this is all normal application
logic for your site/web-app:
if(variable is set)
{
carry out normal job
}
else
{
echo 'thou shant spider mine site...';
}
Would prevent something like wget downloading the 'carry out normal job'
parsed data, however I don't think it would be that much of a useful
thing to do, and rather would harm sites who wish to be parsed by the
multitude of search engine robots forever wandering the 'net.
--
Anthony Plunkett
"If we can't play God, who will?"