> Of course the absolute safest way besides encryting
> your PHP is to just store your state secrets in files
> outside the web server's document tree.
>
> i.e.
> if your web server's document root is /var/www
>
> require("/var/super-secret/super-functions.php");
> if ($theanswer == 42)
> {
>
Of course the absolute safest way besides encryting
your PHP is to just store your state secrets in files
outside the web server's document tree.
i.e.
if your web server's document root is /var/www
then even if you screw up the web server config
and .php files are sent back unrendered all yo
On Mon, 13 Aug 2001 09:43:56 -0500 impersonator of [EMAIL PROTECTED]
(Tyler Longren) planted &I saw in php.general:
>The only real way to see the php code is if you don't have the webserver
>set to parse the code...then it will just be displayed on the page (or
>downloaded). If you're really par
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
they are kinda safe if the webserver is the only way that
your files can be viewed if people can log into the
machine, they could just view the plaintext of your PHP
script.
hint: security thru obscurity is not secure.
> -Original Message-
The only real way to see the php code is if you don't have the webserver
set to parse the code...then it will just be displayed on the page (or
downloaded). If you're really paranoid, you can get a tool to encrypt
your php code. There's some free ones, but here's a costly one that I
know of: www
5 matches
Mail list logo