Re: [PHP] transformation to htm file when downloaded

* Thus wrote Gabino Travassos ([EMAIL PROTECTED]): > Hello All > > I'm just starting to get PHP, and I'm wondering about the security of the > code I write. It _seems_ that when I try to download the PHP file directly > (like using Save Target As...) it will download only as an HTML file and my >

Re: [PHP] transformation to htm file when downloaded

The PHP code is processed on the web server and removed. Only the HTML and images are sent back to the clients browser. > I'm just starting to get PHP, and I'm wondering about the security of the > code I write. It _seems_ that when I try to download the PHP file directly > (like using Save Tar

Re[2]: [PHP] transformation to htm file when downloaded

Hello Gabino, Thursday, April 15, 2004, 5:14:43 PM, you wrote: GT> I presumed that if someone ran my file.php from the server that there would GT> be some kind of transformation to render the tags before they are displayed. GT> I find it fascinating that just moving the file off the server to you

Re: [PHP] transformation to htm file when downloaded

> If you are saving to SQL you can limit this from the SQL end as well > as the PHP code, but it's worth doing at the PHP level too. By contraining the size of the string to "tiny" or whatever, right? I could also use Javascript, but I like that PHP is more of an invisible hand. I'm not using myS

Re[2]: [PHP] transformation to htm file when downloaded

Hello Gabino, Thursday, April 15, 2004, 4:36:48 PM, you wrote: GT> Thanks for the quick response. I'm thinking of adding a check for the string GT> length, so someone doesn't copy and paste a dictionary into my guestbook, GT> but I'm not looking at flood control because the comments might be some

Re: [PHP] transformation to htm file when downloaded

> GT> seems to be the common behavior. Is there a way someone can extract my php > GT> file without this transformation? > > In a nutshell - no. > > Not without your server being compromised (i.e. hacked into or > misconfigured). > > GT> One of the things I'm starting with is a simple blog/guestboo

Re: [PHP] transformation to htm file when downloaded

Hello Gabino, Thursday, April 15, 2004, 4:15:49 PM, you wrote: GT> seems to be the common behavior. Is there a way someone can extract my php GT> file without this transformation? In a nutshell - no. Not without your server being compromised (i.e. hacked into or misconfigured). GT> One of the

[PHP] transformation to htm file when downloaded

Hello All I'm just starting to get PHP, and I'm wondering about the security of the code I write. It _seems_ that when I try to download the PHP file directly (like using Save Target As...) it will download only as an HTML file and my PHP code is gone. I've tried this on a few other people's sites