Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Security Concern of login.php


TCwho

Recommended Posts

Hello Everyone:

 

I was reading in the knowledgebase about setting a master password incase customer for gets his password:

Adding a Master Password

 

Well, it has you modify code in login.php

 

...can someone view the source code for login.php and see exactly what you dont want people to find out?

 

...how easy is it for people to view the source code of the php pages?...cus when I view the source code...I dont see the actual php page that I think...I see a combination of more than just one page...

 

>_<

Link to comment
Share on other sites

You are correct, you are seeing the 'output' of the php. This includes the header, footer, left and right columns, and the main content from that page at the includes/languages/english/ level. There is nothing in the source code that should cause any problems by getting into the wrong hands. The source code for osCommerce is freely available to all, so no need to try and hack a site to get it. As long as the Login is running on a shared or full ssl any data passed is encrypted.

 

Vger

 

Vger

Hello Everyone:

 

I was reading in the knowledgebase about setting a master password incase customer for gets his password: 

Adding a Master Password

 

Well, it has you modify code in login.php

 

...can someone view the source code for login.php and see exactly what you dont want people to find out?

 

...how easy is it for people to view the source code of the php pages?...cus when I view the source code...I dont see the actual php page that I think...I see a combination of more than just one page...

 

>_<

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...