files are too darn readable!

Anon

win2k
php
mysql
xitami web server

How do I make my supporting files (.css, logic code, etc) from being able to be visible to the outside world?

I don't mind folks looking at my default pages source code, but I don't want snoops to be able to see my heavy lifting logic pages and such. Can someone give my a bit of advice on this one?

Thanks bunches
DavidN

ame12

David, not sure if you're talking about server-side PHP logic or client-side Javascript. Your server-side stuff is never available to the end user (it's all processed ahead of time and the final page is just sent as HTML). Protecting your client-side stuff like JavaScript is basically all but impossible. You can disable the View/Source menu and other stuff, but anyone committed to the task can get it.

Dave

===========================================
http://badblue.com/helpphp.htm
Free small footprint web server for Windows

PHP, file-sharing, Access/Excel transcoding

brandonschnell

1) don't use extensions that the web server will handle as plain text, such as .inc . instead give your included files a .php extension also.

2) place code outside of the web root and use php include() functions to include the files. remote users now can't request your secret_password.php include file.

the only thing left now is html & possible misconfiguration problems. if something should fail and the web server starts sending out .php files as plain text, they'll only contain minor php functions and the include() functions.