Druide Posted April 15, 2003 Share Posted April 15, 2003 Note: this is NOT written by me, i found it funny so here it is... Not something i would like as a buyer but i have seen this request/question a few times lately. So let's start with it... When you view a page on the web..its downloaded on the persons computer already and viewed in their browser..there is no protecting your source. Javascript doesn't work ( they could just disable it ). No matter what methods one does to protect your source, its easily viewable by anyone. Here is a pretty funny list I saw on how to prevent people from stealing your source code. 1. Use the <INVISIBLE> </INVISIBLE> tags around the entire document. 2. Use the DONTSTEAL tag. 3. FTP to your server, select all files and directories, hit "Delete". 4. Put every existing copy of every file on floppies, place them in a shoebox and bury them in the backyard. There is another version of this method which involves placing the floppies in a plastic bag and hiding them in a different sort of hole. Both are equally effective. 5. Password protect your entire site and make sure no one has the password, not even you. 6. mploy a small but fanatically loyal and well-armed band of mercenaries to guard your site. 7. Start 8. Attack dogs, preferably rabid. 9. Use any version of Microsoft Frontpage to create your site. (This won't prevent people from viewing your source, but no one will want to steal it.) 10. Don't put your pages on the web. As pointed out by the true author of this list, the only true way of protecting your code is number 10. now some code for the 'DIE-HARDS' option 1: <script language=JavaScript> <!-- //Disable right mouse click Script var message="Function Disabled!"; /////////////////////////////////// function clickIE4(){ if (event.button==2){ alert(message); return false; } } function clickNS4(e){ if (document.layers||document.getElementById&&!document.all){ if (e.which==2||e.which==3){ alert(message); return false; } } } if (document.layers){ document.captureEvents(Event.MOUSEDOWN); document.onmousedown=clickNS4; } else if (document.all&&!document.getElementById){ document.onmousedown=clickIE4; } document.oncontextmenu=new Function("alert(message);return false") // --> </script> option 2: <SCRIPT language=JavaScript1.1> <!-- Begin function right(e) { if (navigator.appName == 'Netscape' && (e.which == 3 || e.which == 2)) return false; else if (navigator.appName == 'Microsoft Internet Explorer' && (event.button == 2 || event.button == 3)) { alert("This function disabled"); return false; } return true; } document.onmousedown=right; if (document.layers) window.captureEvents(Event.MOUSEDOWN); window.onmousedown=right; // End --> </SCRIPT> Robert We all need to learn it once, how hard it may seem when you look at it, also you will master it someday ;) Link to comment Share on other sites More sharing options...
Dusan Posted May 7, 2003 Share Posted May 7, 2003 ... or you can put oncontextmenu="return false;" inside your <body> tag. Same result -- without vexatious alert windows... Link to comment Share on other sites More sharing options...
orchard Posted May 7, 2003 Share Posted May 7, 2003 The best two methods to protect your code that I have seen are: 1) Program using terrible programming style, unnecessary function calls, poor and/or badly mispelled variable and function names, and in as unstructured and disoriented a style as possible. (some programmers natural mode of operation anyway :wink: ) 2) Put lots of white space at the start of each line and lots of blank lines at the start of the files and between the lines of the file. Then it will appear blank in view source and even if they figure it out it's a pain put it back to study it. In olden times the men were made of iron and the ships were made of wood; now it's the other way around. :wink: Link to comment Share on other sites More sharing options...
Guest Posted May 7, 2003 Share Posted May 7, 2003 I actually employ a fanatically loyal and well-armed band of small mercenaries to guard my sites. Ninja Squirrels. The great thing is they work for peanuts. Link to comment Share on other sites More sharing options...
Guest Posted May 8, 2003 Share Posted May 8, 2003 So how does that stop file>save as ...? Link to comment Share on other sites More sharing options...
Guest Posted May 8, 2003 Share Posted May 8, 2003 So how does that stop file>save as ...? It doesn't.. There isn't anyway to stop someone from viewing the source of your page. Anything viewed on the Web is automatically stored on the user's hard drive so they always have access to the source if they want it. Personally, I browse a lot using my context menu. I use it to put pages into new tabs for further review i.e. A product that interests me but isn't what I am searching for at the moment so I will come back to it. I use it to move back and forward in a site. I use it to bookmark pages in a site. And more. If I can't do this things from the context menu, chances are that I won't purchase from the site or ever even visit it again. Link to comment Share on other sites More sharing options...
orchard Posted May 8, 2003 Share Posted May 8, 2003 It seems like when using PHP, the view source issue isn't very important because view source shows the generated HTML code not the original PHP code. For example on our product_info.php pages we have a bunch of real media links that are generated from db tables using PHP. Using view source you can see the hrefs, but not how the link info was retrieved from the database (not that it was hard to do anyway). In olden times the men were made of iron and the ships were made of wood; now it's the other way around. :wink: Link to comment Share on other sites More sharing options...
Guest Posted May 8, 2003 Share Posted May 8, 2003 So how does that stop file>save as ...? It doesn't.. There isn't anyway to stop someone from viewing the source of your page. Anything viewed on the Web is automatically stored on the user's hard drive so they always have access to the source if they want it. Personally, I browse a lot using my context menu. I use it to put pages into new tabs for further review i.e. A product that interests me but isn't what I am searching for at the moment so I will come back to it. I use it to move back and forward in a site. I use it to bookmark pages in a site. And more. If I can't do this things from the context menu, chances are that I won't purchase from the site or ever even visit it again. Yeah I know.... my question was rhetorical.... I surf much the same way as you do... I generally leave sites with right click disabled immediately... Link to comment Share on other sites More sharing options...
smiley Posted May 11, 2003 Share Posted May 11, 2003 There is a list here of 'attempts' to hide source code. http://www.devwebpro.com/devwebpro-39-2003...ource-Code.html HTH Neil Common sense is genius dressed in working clothes. Ralph Waldo Emerson Link to comment Share on other sites More sharing options...
Aceicol Posted May 15, 2003 Share Posted May 15, 2003 Spot the irony. We have all spent this thread talking about Hiding code yet we are all on an Open Source product website. :P Link to comment Share on other sites More sharing options...
Guest Posted May 26, 2003 Share Posted May 26, 2003 Is this not open source? And if so why stop ppl looking? Link to comment Share on other sites More sharing options...
Obewanz Posted June 16, 2003 Share Posted June 16, 2003 I don't know about you guys, but our product catalog has well over 10,000 images that are prepared for the most part internally. (this costs us LOTS of Moolah!) Other sites, or worse yet our competitors, actually LINK to the images on our servers. If they can't see where the image was retrieved from and can't simply do a right-click/save picture, it takes just a bit more work on their part to use our images (without permission of course) let alone actually STEAL our BANDWIDTH by linking to product pictures, etc. (again without permission). :cry: Since changing to osCommerce, I don't have a very good solution for this yet, but I figure whenever I do get one - the links that were made without permission will get broken and we'll get some of our bandwidth back... :shock: Regards, Obewanz PS: There's always more than one way to look at a rat, even if it is from the bottom up! :P The GraphicZoo check profile for web address Link to comment Share on other sites More sharing options...
orchard Posted June 16, 2003 Share Posted June 16, 2003 I supposed to could write some code to rename the images directory every day and edit the configure.php file to match. It wouldn't stop the stealing of images, but it would break external links. In olden times the men were made of iron and the ships were made of wood; now it's the other way around. :wink: Link to comment Share on other sites More sharing options...
smiley Posted June 16, 2003 Share Posted June 16, 2003 Hi Obewanz, If you're on a unix or linux server running Apache add this to your .htaccess to stop bandwidth/ image thiefs. :roll: RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www.)?domain.com/.*$ [NC] RewriteRule .(gif|jpg)$ - [F] Just change 'domain.com' to the name of your domain. (Each command should be on a single line. There are 4 lines above, each starting with 'Rewrite'). :lol: HTH Neil Common sense is genius dressed in working clothes. Ralph Waldo Emerson Link to comment Share on other sites More sharing options...
Guest Posted June 16, 2003 Share Posted June 16, 2003 Using PHP will go a long way to hiding the source - you can only see the HTML it generates, not the original PHP code. OSC would be a secret if it weren't OS. Link to comment Share on other sites More sharing options...
Guest Posted June 16, 2003 Share Posted June 16, 2003 I don't know about you guys, but our product catalog has well over 10,000 images that are prepared for the most part internally. (this costs us LOTS of Moolah!) Other sites, or worse yet our competitors, actually LINK to the images on our servers. If they can't see where the image was retrieved from and can't simply do a right-click/save picture, it takes just a bit more work on their part to use our images (without permission of course) let alone actually STEAL our BANDWIDTH by linking to product pictures, etc. (again without permission). :cry: Since changing to osCommerce, I don't have a very good solution for this yet, but I figure whenever I do get one - the links that were made without permission will get broken and we'll get some of our bandwidth back... :shock: Regards, Obewanz PS: There's always more than one way to look at a rat, even if it is from the bottom up! :P Use mod_rewrite to prevent them from linking to your images. Heck, you can do it so only you can link to your images quite easily. http://www.sitepoint.com/article/910 Link to comment Share on other sites More sharing options...
azer Posted June 21, 2003 Share Posted June 21, 2003 thanks for all u r tricks MS2 Link to comment Share on other sites More sharing options...
PiGGiEE Posted November 20, 2003 Share Posted November 20, 2003 On site if you try to view source on one of the member profiles/pages ... it doesn't display anything.... do you know how this is done? Link to comment Share on other sites More sharing options...
jpf Posted November 20, 2003 Share Posted November 20, 2003 Just a though on image theft/bandwith..... All of your DOWNLOADS files/pics/zip/mp3 - even site/product pics could be STORED in MYSQL.... - The ONLY way to get them it though a proper MySQL command. Link to comment Share on other sites More sharing options...
emanresu Posted November 22, 2003 Share Posted November 22, 2003 to stop bandwidth/ image thiefs. :roll: How does this affect the spiders? Citizen of US Minor Outlying Islands Link to comment Share on other sites More sharing options...
nobhead Posted November 25, 2003 Share Posted November 25, 2003 Im a bit of a noob with php but couldnt you stop people using the view source and save as by placing all ya files in https:// i probably wrong here but hey! go fish! :blink: Link to comment Share on other sites More sharing options...
wizardsandwars Posted November 26, 2003 Share Posted November 26, 2003 Im a bit of a noob with php but couldnt you stop people using the view source and save as by placing all ya files in https:// i probably wrong here but hey! go fish! :blink: No. ------------------------------------------------------------------------------------------------------------------------- NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit. If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help. Link to comment Share on other sites More sharing options...
jpf Posted November 26, 2003 Share Posted November 26, 2003 to stop bandwidth/ image thiefs. :roll: How does this affect the spiders? If Images are stored in MySQL - you can't link directly to the image - you would have to link to the WHOLE php page. Thus (I would think) a Google "cache view" would show the text and place holder for all PICS -unless it was able to recreate the session on your server. Storing in MySQL would prvent someone from try to DIRECTLY download eveything in your "IMAGES" directory. As said before there is NO way to STOP ALL people for grabing your PICS if it is displayed on your site. Link to comment Share on other sites More sharing options...
mikes Posted November 26, 2003 Share Posted November 26, 2003 According to the sitepoint article (a few posts above), it sounds like I need to have the ability to restart the apache server for these changes to take effect. Am I understanding this correctly? I am renting webspace and don't have full control over the server. I'm not even sure yet that they have mod_rewrite loaded although I assume that they do. Just thought I'd ask before spending the time to really start researching the rewrite command. Link to comment Share on other sites More sharing options...
jpf Posted November 26, 2003 Share Posted November 26, 2003 mod_rewrite --, it's an Apache module, and it's even installed by default! Rebooting should not be needed. Even so - most host reboot there servers every so often..... If you ASK your host to check and then they can "restart" the service to reload httpd.conf... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.