Another user on the same shared server can probably work at it and manage to
read anything in your web-tree...
Stuff like database passwords should be moved to a directory not in your web
tree, and change your include_path to reach it -- It's still readable by
somebody who works at it, but not as easy.
If you have an algorithm that *MUST* stay secret, re-code it in C and
compile it into PHP, or use the Zend Encoder off-line to make a binary.
--
WARNING [EMAIL PROTECTED] address is an endangered species -- Use
[EMAIL PROTECTED]
Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm
Volunteer a little time: http://chatmusic.com/volunteer.htm
----- Original Message -----
From: Seb Frost <[EMAIL PROTECTED]>
Newsgroups: php.general
To: <[EMAIL PROTECTED]>
Sent: Monday, August 27, 2001 7:56 PM
Subject: Reading php source code?
> How hard is it for someone to somehow read the source code out of my php
> files on my isp hosted website. They use linux & apache & php 4.0.6.
>
> I ask because in my logfile it seems someone accessed a uniquely named
> not-guessable folder in my web root. It is mentioned in my source code.
I
> use imagecreatefromjpeg on files in this directory. How can someone see
my
> folders if not by viewing my source code?
>
> - seb
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
