FUDforum: comp.lang.php

Home » Imported messages » comp.lang.php » Nested PHP

Show: Today's Messages :: Polls :: Message Navigator

Re: Nested PHP [message #184858 is a reply to message #184856]

Tue, 11 February 2014 16:24

Jerry Stuckle
Messages: 2598
Registered: September 2010

Karma:

Senior Member

On 2/11/2014 10:31 AM, Adrian Tuddenham wrote:
> Jerry Stuckle <jstucklex(at)attglobal(dot)net> wrote:
>
>> On 2/11/2014 9:31 AM, Adrian Tuddenham wrote:
>>> Jerry Stuckle <jstucklex(at)attglobal(dot)net> wrote:
>>>
>>> [...]
>>>> My main question here would be - what are you trying to accomplish by
>>>> having files encrypted on your server. Since the decryption code is
>>>> right in plain sight, encrypting the files adds no security. If they
>>>> can get to your raw files, they can get to your decryption code.
>>>
>>> I'm not trying to produce a high-security system, just something which
>>> deters the casual user from downloading PDFs that members of the group
>>> have paid their membership fee to receive. I doubt if anyone wants to
>>> go to all the trouble of decrypting a PDF file in order to avoid paying
>>> £7.50
>>>
>>
>> First of all, you don't need to go to all the trouble of encrypting a
>> pdf to make it unavailable to the casual user. Just place the file
>> outside of your document_root hierarchy and download it with PHP.
>
> I have no access to the server outside my own directory.
>

Then I would suggest you change hosting companies. Any decent hosting
company will give you access to one level below your web root directory.
I wouldn't host with one which does not.
>
>> Second, it's still no security. Once someone has the pdf, they can make
>> and send all the copies they want.
>
> That is why I said it is only a deterrent. Members who receive the
> printed copy can photocopy it and send it to their friends - or even
> scan it in and distribute their own PDF of it.
>

No, it's not even a deterrent. It's only the illusion of one.

>>> I am a bit worried by your statement that the decryption code is in
>>> plain sight,
>
>> That's correct. Anyone who can access your source files can see the
>> decryption code.
>
> How would they get access the source files? I thought the server
> blocked that sort of thing.
>

If everything is working correctly, and hackers don't get into the
server. But this also includes potentially other websites on the same
server, for instance, if the server isn't properly secured, as well as
anyone who has direct access to the server itself.

Personally, if your hosting company don't even give you access to a
directory below your document root, I wouldn't be trusting them to
properly secure the server, either (that doesn't necessarily mean they
DO secure the server if they give you this access - it's just more
LIKELY they know what they're doing).

--
==================
Remove the "x" from my email address
Jerry Stuckle
jstucklex(at)attglobal(dot)net
==================

Report message to a moderator

[Message index]

		Nested PHP By: adrian on Mon, 10 February 2014 20:24
		Re: Nested PHP By: Jerry Stuckle on Mon, 10 February 2014 20:56
		Re: Nested PHP By: adrian on Mon, 10 February 2014 21:44
		Re: Nested PHP By: Jerry Stuckle on Mon, 10 February 2014 21:51
		Re: Nested PHP By: Peter H. Coffin on Tue, 11 February 2014 14:14
		Re: Nested PHP By: Jerry Stuckle on Tue, 11 February 2014 14:27
		Re: Nested PHP By: Peter H. Coffin on Wed, 12 February 2014 00:41
		Re: Nested PHP By: Jerry Stuckle on Wed, 12 February 2014 01:03
		Re: Nested PHP By: adrian on Wed, 12 February 2014 10:13
		Re: Nested PHP By: Tim Streater on Wed, 12 February 2014 10:33
		Re: Nested PHP By: Jerry Stuckle on Wed, 12 February 2014 11:30
		Re: Nested PHP By: adrian on Wed, 12 February 2014 12:52
		Re: Nested PHP By: The Natural Philosoph on Wed, 12 February 2014 13:11
		Re: Nested PHP By: Denis McMahon on Thu, 13 February 2014 06:55
		Re: Nested PHP By: Peter H. Coffin on Thu, 13 February 2014 18:02
		Re: Nested PHP By: Stefan+Usenet on Wed, 12 February 2014 12:14
		Re: Nested PHP By: The Natural Philosoph on Mon, 10 February 2014 22:09
		Re: Nested PHP By: Christoph Michael Bec on Mon, 10 February 2014 22:23
		Re: Nested PHP By: Tim Streater on Mon, 10 February 2014 22:27
		Re: Nested PHP By: Geoff Muldoon on Mon, 10 February 2014 22:30
		Re: Nested PHP By: Denis McMahon on Mon, 10 February 2014 23:06
		Re: Nested PHP By: Jerry Stuckle on Tue, 11 February 2014 01:46
		Re: Nested PHP By: adrian on Tue, 11 February 2014 10:11
		Re: Nested PHP By: Tim Streater on Tue, 11 February 2014 11:17
		Re: Nested PHP By: adrian on Tue, 11 February 2014 12:01
		Re: Nested PHP By: Tim Streater on Tue, 11 February 2014 12:45
		Re: Nested PHP By: Christoph Michael Bec on Tue, 11 February 2014 12:55
		Re: Nested PHP By: Denis McMahon on Tue, 11 February 2014 13:29
		Re: Nested PHP By: adrian on Tue, 11 February 2014 14:31
		Re: Nested PHP By: Denis McMahon on Tue, 11 February 2014 17:24
		Re: Nested PHP By: Jerry Stuckle on Tue, 11 February 2014 13:15
		Re: Nested PHP By: adrian on Tue, 11 February 2014 14:31
		Re: Nested PHP By: Jerry Stuckle on Tue, 11 February 2014 15:10
		Re: Nested PHP By: adrian on Tue, 11 February 2014 15:31
		Re: Nested PHP By: Jerry Stuckle on Tue, 11 February 2014 16:24
		Re: Nested PHP By: adrian on Wed, 12 February 2014 10:13
		Re: Nested PHP By: Jerry Stuckle on Wed, 12 February 2014 11:33
		Re: Nested PHP By: Ben Bacarisse on Tue, 11 February 2014 15:26
		Re: Nested PHP By: Ben Bacarisse on Tue, 11 February 2014 14:41
		Re: Nested PHP By: adrian on Tue, 11 February 2014 15:31
		Re: Nested PHP By: Ben Bacarisse on Tue, 11 February 2014 15:53
		Re: Nested PHP By: Jerry Stuckle on Tue, 11 February 2014 16:26
		Re: Nested PHP By: bill on Tue, 11 February 2014 12:12
		Re: Nested PHP By: Mr Oldies on Wed, 12 February 2014 14:33
		Re: Nested PHP By: Denis McMahon on Thu, 13 February 2014 06:47
		Re: Nested PHP By: Scott Johnson on Thu, 13 February 2014 13:01
		Re: Nested PHP By: Evan Platt on Fri, 14 February 2014 15:19
		Re: Nested PHP By: Scott Johnson on Fri, 14 February 2014 18:43
		Re: Nested PHP By: Arno Welzel on Sun, 02 March 2014 14:54
		Re: Nested PHP By: adrian on Sun, 02 March 2014 18:10
		Re: Nested PHP By: The Natural Philosoph on Mon, 03 March 2014 11:38
		Re: Nested PHP By: Arno Welzel on Mon, 17 March 2014 14:26
		Re: Nested PHP By: Jerry Stuckle on Mon, 17 March 2014 14:52
		Re: Nested PHP By: The Natural Philosoph on Mon, 17 March 2014 15:33
		Re: Nested PHP By: Peter H. Coffin on Mon, 17 March 2014 22:10
		Re: Nested PHP By: The Natural Philosoph on Mon, 17 March 2014 23:01
		Re: Nested PHP By: Christoph Michael Bec on Mon, 17 March 2014 23:31
		Re: Nested PHP By: The Natural Philosoph on Tue, 18 March 2014 13:10
		Re: Nested PHP By: Gabriel on Mon, 17 March 2014 15:18

Previous Topic:	Filling an array with random input doesn't quite work
Next Topic:	string length

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Sun Nov 24 03:38:47 GMT 2024

Total time taken to generate the page: 0.03382 seconds