Q&A: Is PHP safe in regargs to people downloading your scripts?

scripts
by Kmeron

Question by nuxeon: Is PHP safe in regargs to people downloading your scripts?
Just a security question here, Is it possible for people to download your uncompiled PHP scripts and view the code. I only ask because I recently did a web development project whre I stored the password to an admin page inside of the PHP script. Is this safe, if not, how would I go about doing this short of saving it in a database.

Best answer:

Answer by extremity
First of all what do you mean inside of a PHP script?
Is it something like (if $ passwd==1234) $ usname = admin, please never do that in any project ever. you could have use “.htacess” to do the required job, it is much safer than the above option.
As far as i know unless something is *wrong* with the web server/ you have an open shell sitting in your server and the permissions are more of a joke rather than for security then people cant see your “uncompiled ” PHP code.
Not unless you want people to see the code any way.

Give your answer to this question below!

Get the book now