how to hide PHP from browser?

**seaside** · Dec 23 '06, 01:15 AM

Re: how to hide PHP from browser?

Chuck schrieb:

Hi,
>
I'm using Apache, and I created a .php page and viewed it
in Firefox, and discovered that all of the <? ?content
was visible using View Source.
>
How do I hide that PHP code from users?
>
That code necessarily has PHP commands for acessing
a database and so on... sensitive stuff.

Install Apache's PHP module. Depending on your linux distribution, you
might probably configure certain stuff. In case you use SuSE,
everything should be automatic.

Once PHP is installed, Apache hands over each PHP file to the PHP
processors, which in turn computes results. If PHP isn't installed,
Apache handles PHP files as any other file - and thus passed it along
to the browser as is.

**Geoff Berrow** · Dec 23 '06, 07:55 AM

Re: how to hide PHP from browser?

Message-ID: <1166835153.013 937.264740@79g2 000cws.googlegr oups.comfrom
Chuck contained the following:

>I'm using Apache, and I created a .php page and viewed it
>in Firefox, and discovered that all of the <? ?content
>was visible using View Source.
>
>How do I hide that PHP code from users?
>
>That code necessarily has PHP commands for acessing
>a database and so on... sensitive stuff.

Don't worry. If you can see the code you won't be accessing anything.
Once you get PHP working you won't see it. However, it's a good idea to
but really sensitive stuff (db username and password etc) above the web
root, just in case PHP accidentally gets turned off.

--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/

**Rik** · Dec 24 '06, 11:15 AM

Re: how to hide PHP from browser?

Chuck wrote:

Hi,
>
I'm using Apache, and I created a .php page and viewed it
in Firefox, and discovered that all of the <? ?content
was visible using View Source.
>
How do I hide that PHP code from users?
>
That code necessarily has PHP commands for acessing
a database and so on... sensitive stuff.

If you have enabled php and you still see the code, try using <?php to open
a php block, and look up short open tags.

--
Rik Wasmus

**hackajar@gmail.com** · Dec 25 '06, 09:25 AM

Re: how to hide PHP from browser?

Is this in your httpd.conf?

AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

For PHP 4:

LoadModule php4_module libexec/libphp4.so

For PHP 5:

LoadModule php5_module libexec/libphp5.so

if not see php.net manual:

PHP: Installation on Unix systems - Manual

http://www.php.net/manual/en/install.unix.php#install.unix.apache

Installation on Unix systems

Cheers,

Hackajar
Chuck wrote:

Hi,
>
I'm using Apache, and I created a .php page and viewed it
in Firefox, and discovered that all of the <? ?content
was visible using View Source.
>
How do I hide that PHP code from users?
>
That code necessarily has PHP commands for acessing
a database and so on... sensitive stuff.
>
Thanks.

**Curtis** · Dec 25 '06, 10:15 AM

Re: how to hide PHP from browser?

If you're using Win32, the config is different; you'll need to load the
right DLL, which can vary, depending upon Apache version. If you don't
know what version of Apache you have, open the terminal and type
`apache -v`. Just check the install.txt file that comes with your PHP
distribution for the details.

Common sense, I guess, but if your DB info has been out in the public,
don't forget to change your user and password after getting PHP up and
running.

Curtis

On Dec 25, 1:22 am, hacka...@gmail. com wrote:

Is this in your httpd.conf?
>
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
>
For PHP 4:
>
LoadModule php4_module libexec/libphp4.so
>
For PHP 5:
>
LoadModule php5_module libexec/libphp5.so
>
if not see php.net manual:http://www.php.net/manual/en/install...ll.unix.apache
>
Cheers,
>
Hackajar
>
Chuck wrote:

Hi,

>

I'm using Apache, and I created a .php page and viewed it
in Firefox, and discovered that all of the <? ?content
was visible using View Source.

>

How do I hide that PHP code from users?

>

That code necessarily has PHP commands for acessing
a database and so on... sensitive stuff.

>

Thanks.

**Manish** · Dec 26 '06, 04:15 AM

Re: how to hide PHP from browser?

In php.ini file, set

short_open_tag = Off

;--------------------------------------------------------

; Allow the <? tag. Otherwise, only <?php and <scripttags are
recognized.
; NOTE: Using short tags should be avoided when developing applications
or
; libraries that are meant for redistribution, or deployment on PHP
; servers which are not under your control, because short tags may not
; be supported on the target server. For portable, redistributable
code,
; be sure not to use short tags.
short_open_tag = Off

;--------------------------------------------------------

But using <?php will be better.

Using <?php echo ... instead of <?= is better.

as in some servers short_open_tag may be Off and <?, <?= will not work
there.

Chuck wrote:

Hi,
>
I'm using Apache, and I created a .php page and viewed it
in Firefox, and discovered that all of the <? ?content
was visible using View Source.
>
How do I hide that PHP code from users?
>
That code necessarily has PHP commands for acessing
a database and so on... sensitive stuff.
>
Thanks.

how to hide PHP from browser?

how to hide PHP from browser?

Comment

Comment

Comment

Comment

Comment

Comment