有人可以偷走我的​​PHP文件吗? [英] How some one can Steal my PHP file?

问题描述

我已经将用户名和密码存储在userinfo.php文件中.

有人告诉我，这不是存储密码等的安全方法.
他告诉我，其他人也可以读取该文件.

我感到很困惑.

我知道Web服务器执行PHP代码，仅将HTML发送到浏览器.
然后如何获得PHP代码?

我不明白有人怎么读我的php文件.
有人可以简要解释一下吗?

I have stored my username and passwords in userinfo.php file.

Someone has told me that it is not a secure way to store passwords etc.
He told me that it is possible to read that file by some one else.

I am so confused.

I know that Web Server execute the PHP code and only send the HTML to the browser.
Then How it is possible to get the PHP code?

I can''t understand How some one can read my php file.
Can Some one explain me briefly?

推荐答案

您认为有多少人可以访问Web服务器?比你想像的还要多...
您将文件放在服务器上的什么位置?
文件的访问权限是什么?在文件夹上?

切勿以明文形式存储密码:这始终存在安全风险.
在此处有一些信息(C#代码，但是值得一读): ^ ]

How many people do you think have access to the web server? It''s more than you think...
Where on the server did you put the file?
What are the access permissions on the file? On the Folder?

Never store passwords in clear: it is always a security risk.
There is some info (c# code, but the discussion is well worth reading) here: Password Storage: How to do it.[^]

窃取PHP文件源代码的唯一方法.与您建立或下载网站的方式相同，还是控制Web服务器的人开始四处浏览.

查看 Zend Guard [

The only way to steal you PHP file source code. Is the same way you up or download your website or if someone that is controlling the web server begins to look around.

Check out Zend Guard[^] a PHP encoding and obfuscation

这篇关于有人可以偷走我的​​PHP文件吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！