Is it possible for people to view my php scripts

Forum Moderators: coopster

Message Too Old, No Replies

Is it possible for people to view my php scripts

icpooreman

4:01 am on Dec 31, 2005 (gmt 0)

I was just curious if it is possible for people to view my php scripts before they are executed by my machine. Mainly because I'm including things like password protected databases and am wondering if it's secure to just put the password right in the script.

Mr_Fern

4:05 am on Dec 31, 2005 (gmt 0)

PHP scripts are parsed by the software on the server before being delivered.

In the event that your host (if you host yourself this paragraph can be ignored) has uninstalled PHP or modified configuration that PHP is not parsed, then you'd have a problem. Although during that time, the script wouldn't work, and you could always change the p/w in the file afterwards.

The only way they'd be able to read the source was if they had access to the server itself, at which point, a password in a script is the least of your worries.

encyclo

4:11 am on Dec 31, 2005 (gmt 0)

It is never a good idea to have important passwords stored as plain text. If you are on a shared server you should check to see if the other users of the server have read access to your files (very possible). In the event of the PHP files not being parsed, you can avoid exposing the password by keeping it outside the document root.