By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
459,707 Members | 1,651 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 459,707 IT Pros & Developers. It's quick & easy.

securing php scripts

100+
P: 170
Hi there,

just wondering, if I want to stop users of a site "stealing" the code, is there a way to achieve this? Is it automatic because any php is parsed before it reaches the browser? Am I better off putting basically everytthing inside php echos, even if it could be done using html? I guess I'm basically asking about security of the stuff I've done and whether there's a way to guarantee that someone won't be able to grab the code.

Thanks,
Nov 24 '08 #1
Share this Question
Share on Google+
6 Replies


Dormilich
Expert Mod 5K+
P: 8,639
no one without server access is able to see your php code (as you already mentioned). but I don't recommend putting all your html code in echos, it will be visible either way.
so put in a one-liner: php code is safe from stealing, html code never.

regards

note: of course you can add a copyright comment to all your code, that's more reasonable.
Nov 24 '08 #2

Markus
Expert 5K+
P: 6,050
Putting it in echo()s or not has exactly the same output. You could obfuscate you PHP code, just incase.
Nov 24 '08 #3

bilibytes
100+
P: 128
@beary
Hi,
i don't know the exact reason why you are wondering how to do that but,
i don't think you should care about it... if someone wants to copy your HTML code it can use Firebug and get all the code you wrote in one line-> indented.
don't protect your code, just improve your service and you will never fear someone stealing you clients...

regards
Nov 24 '08 #4

100+
P: 170
Thanks all for your replies to this.

Bilibytes, I have to say I'm confused. The exact reason I'm wondering how to do it is because surely if you think something is not only good but also reasonably unique, and you made it, you'd want to protect it. Wouldn't you? Particularly if there was some potential return.

I guess it's at the stage where due to the nature of the product, there isn't a client base for this at all. It'll need to be built. So I need to make sure that if I provide a web address for something, and say there's a demo section, that a cluey person can't use that fact to grab the necesary code.

When you write that someone can use firbug to grab the html code, you did mean html didn't you, not php?

Thanks for your thoughts.

@bilibytes
Nov 25 '08 #5

Markus
Expert 5K+
P: 6,050
Yes, firebug will only grab the sourcecode (the html, javascript and css). However, you need not Firebug to view the source - most major browsers have a rightclick option to 'view source'.

You do not need to worry about users being able to view your PHP - as long as you use the correct file extensions, a server running php, etc., you'll be good.

Markus.
Nov 25 '08 #6

100+
P: 170
Cool. Thanks Markus. Puts my mind at ease...

@Markus
Nov 25 '08 #7

Post your reply

Sign in to post your reply or Sign up for a free account.