How to secure the php code?

Question

I created now a Javascript Code that get the php variable into javascript code, my issue that the php variable is important and I don\'t want any can see this variable is there

Answer 1

People will only see the value of the variable. They wont know what it is or how important it is supposed to be. Nobody will see the variable name because the PHP code is executed BEFORE the page is sent to the client. Therefore there is no need to obfuscate the value, and you cant anyway since you need the value.

An example. if I use this PHP code in my file

<p>Hello Mr <?php echo $MY_SUPER_SECRET_VARIABLE ?></p>

the only thing people will be able to see in the source when the page loads is

<p>Hello Mr Bond</p>

The same rule applies if it is placed in Javascript

Answer 2

Nobody sees the PHP code. But if you expose values into Javascript, they are not secret anymore. There is no way to deal with this. You cannot use the value in Javascript and NOT reveal it.

If you want to keep process data secret on the server, and available for the next request of that user, use a session.

Answer 3

PHP files will be interpreted into static (like html or xml format) file, means that all variables will be replaced with certain values.What users see is static, no php code displayed but just interpreted text.

Answer 4

First you need to understand that Javascript is executed on the client side, every piece of code and variable are in some way accessible by someone with some programming background.

Although you can obfuscate the source code and encrypt the variable to make it harder to read, there is no 100% protection when things happen on client side.

Answer 5

who wants to get the value, will get it. but you can

• dynamically inject them via ajax
• encode (base64 etc.) the value
• obfuscate the code