Easy &quot;Why insecure&quot; question!

Easy "Why insecure" question!

Anon

Reading from HTML table.

<?php

if (($user == "user") + ($pass == "pass"))

{echo "This is insecure, why?"};

Now, I now thats insecure, but why. The PHP is hidden and can't be seen, yet I know its a terrible password protection method (though I have seen sites do it using javascript, so its relativly strong compared to that)!

Thanks, any insight appreciated.

Anon

I'd say that is secure to be honest. If the username and password don't need to change, then I'd go with it.
The one problem that I can see is on some (maybe all) shared web servers, other customers could potentially browse your directory and view your files.... that would be my only concern...