Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Disable VIEW SOURCE


Druide

Recommended Posts

Note: this is NOT written by me, i found it funny so here it is...

 

Not something i would like as a buyer but i have seen this request/question a few times lately.

 

So let's start with it...

 

When you view a page on the web..its downloaded on the persons computer already and viewed in their browser..there is no protecting your source. Javascript doesn't work ( they could just disable it ).

 

No matter what methods one does to protect your source, its easily viewable by anyone.

 

Here is a pretty funny list I saw on how to prevent people from stealing your source code.

 

1. Use the <INVISIBLE> </INVISIBLE> tags around the entire document.

2. Use the DONTSTEAL tag.

3. FTP to your server, select all files and directories, hit "Delete".

4. Put every existing copy of every file on floppies, place them in a shoebox and bury them in the backyard. There is another version of this method which involves placing the floppies in a plastic bag and hiding them in a different sort of hole. Both are equally effective.

5. Password protect your entire site and make sure no one has the password, not even you.

6. mploy a small but fanatically loyal and well-armed band of mercenaries to guard your site.

7. Start

8. Attack dogs, preferably rabid.

9. Use any version of Microsoft Frontpage to create your site. (This won't prevent people from viewing your source, but no one will want to steal it.)

10. Don't put your pages on the web.

 

As pointed out by the true author of this list, the only true way of protecting your code is number 10.

 

 

now some code for the 'DIE-HARDS'

option 1:

 

<script language=JavaScript> 

<!-- 



//Disable right mouse click Script 



var message="Function Disabled!"; 



/////////////////////////////////// 

function clickIE4(){ 

if (event.button==2){ 

alert(message); 

return false; 

} 

} 



function clickNS4(e){ 

if (document.layers||document.getElementById&&!document.all){ 

if (e.which==2||e.which==3){ 

alert(message); 

return false; 

} 

} 

} 



if (document.layers){ 

document.captureEvents(Event.MOUSEDOWN); 

document.onmousedown=clickNS4; 

} 

else if (document.all&&!document.getElementById){ 

document.onmousedown=clickIE4; 

} 



document.oncontextmenu=new Function("alert(message);return false") 



// --> 

</script>

 

option 2:

 

<SCRIPT language=JavaScript1.1> 

<!-- Begin 

function right(e) { if (navigator.appName == 'Netscape' && (e.which == 3 || e.which == 2)) return false; else if (navigator.appName == 'Microsoft Internet Explorer' && (event.button == 2 || event.button == 3)) { alert("This function disabled"); return false; } return true; } document.onmousedown=right; if (document.layers) window.captureEvents(Event.MOUSEDOWN); window.onmousedown=right; 

// End --> 

</SCRIPT>

Robert

 

We all need to learn it once, how hard it may seem when you look at it, also you will master it someday ;)

Link to comment
Share on other sites

  • 3 weeks later...

The best two methods to protect your code that I have seen are:

 

1) Program using terrible programming style, unnecessary function calls, poor and/or badly mispelled variable and function names, and in as unstructured and disoriented a style as possible. (some programmers natural mode of operation anyway :wink: )

 

2) Put lots of white space at the start of each line and lots of blank lines at the start of the files and between the lines of the file. Then it will appear blank in view source and even if they figure it out it's a pain put it back to study it.

In olden times the men were made of iron and the ships were made of wood; now it's the other way around. :wink:

Link to comment
Share on other sites

I actually employ a fanatically loyal and well-armed band of small mercenaries to guard my sites. Ninja Squirrels. The great thing is they work for peanuts.

Link to comment
Share on other sites

So how does that stop file>save as ...?

 

It doesn't.. There isn't anyway to stop someone from viewing the source of your page. Anything viewed on the Web is automatically stored on the user's hard drive so they always have access to the source if they want it.

 

Personally, I browse a lot using my context menu. I use it to put pages into new tabs for further review i.e. A product that interests me but isn't what I am searching for at the moment so I will come back to it. I use it to move back and forward in a site. I use it to bookmark pages in a site. And more. If I can't do this things from the context menu, chances are that I won't purchase from the site or ever even visit it again.

Link to comment
Share on other sites

It seems like when using PHP, the view source issue isn't very important because view source shows the generated HTML code not the original PHP code. For example on our product_info.php pages we have a bunch of real media links that are generated from db tables using PHP. Using view source you can see the hrefs, but not how the link info was retrieved from the database (not that it was hard to do anyway).

In olden times the men were made of iron and the ships were made of wood; now it's the other way around. :wink:

Link to comment
Share on other sites

So how does that stop file>save as ...?

 

It doesn't.. There isn't anyway to stop someone from viewing the source of your page. Anything viewed on the Web is automatically stored on the user's hard drive so they always have access to the source if they want it.

 

Personally, I browse a lot using my context menu. I use it to put pages into new tabs for further review i.e. A product that interests me but isn't what I am searching for at the moment so I will come back to it. I use it to move back and forward in a site. I use it to bookmark pages in a site. And more. If I can't do this things from the context menu, chances are that I won't purchase from the site or ever even visit it again.

 

Yeah I know.... my question was rhetorical....

 

I surf much the same way as you do... I generally leave sites with right click disabled immediately...

Link to comment
Share on other sites

  • 2 weeks later...
  • 3 weeks later...

I don't know about you guys, but our product catalog has well over 10,000 images that are prepared for the most part internally. (this costs us LOTS of Moolah!)

Other sites, or worse yet our competitors, actually LINK to the images on our servers. If they can't see where the image was retrieved from and can't simply do a right-click/save picture, it takes just a bit more work on their part to use our images (without permission of course) let alone actually STEAL our BANDWIDTH by linking to product pictures, etc. (again without permission). :cry:

 

Since changing to osCommerce, I don't have a very good solution for this yet, but I figure whenever I do get one - the links that were made without permission will get broken and we'll get some of our bandwidth back... :shock:

 

Regards,

Obewanz

 

PS: There's always more than one way to look at a rat, even if it is from the bottom up! :P

The GraphicZoo

check profile for web address

Link to comment
Share on other sites

I supposed to could write some code to rename the images directory every day and edit the configure.php file to match. It wouldn't stop the stealing of images, but it would break external links.

In olden times the men were made of iron and the ships were made of wood; now it's the other way around. :wink:

Link to comment
Share on other sites

Hi Obewanz,

If you're on a unix or linux server running Apache

add this to your .htaccess

to stop bandwidth/ image thiefs. :roll:

 

RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$

RewriteCond %{HTTP_REFERER} !^http://(www.)?domain.com/.*$ [NC]

RewriteRule .(gif|jpg)$ - [F]

 

Just change 'domain.com' to the name of your domain.

 

(Each command should be on a single line. There are 4 lines above, each starting with 'Rewrite'). :lol:

HTH

Neil

 

Common sense is genius dressed in working clothes.

Ralph Waldo Emerson

Link to comment
Share on other sites

Using PHP will go a long way to hiding the source - you can only see the HTML it generates, not the original PHP code. OSC would be a secret if it weren't OS.

Link to comment
Share on other sites

I don't know about you guys, but our product catalog has well over 10,000 images that are prepared for the most part internally. (this costs us LOTS of Moolah!)

Other sites, or worse yet our competitors, actually LINK to the images on our servers. If they can't see where the image was retrieved from and can't simply do a right-click/save picture, it takes just a bit more work on their part to use our images (without permission of course) let alone actually STEAL our BANDWIDTH by linking to product pictures, etc. (again without permission). :cry:

 

Since changing to osCommerce, I don't have a very good solution for this yet, but I figure whenever I do get one - the links that were made without permission will get broken and we'll get some of our bandwidth back... :shock:

 

Regards,

Obewanz

 

PS: There's always more than one way to look at a rat, even if it is from the bottom up! :P

 

Use mod_rewrite to prevent them from linking to your images. Heck, you can do it so only you can link to your images quite easily.

 

http://www.sitepoint.com/article/910

Link to comment
Share on other sites

  • 4 months later...

Just a though on image theft/bandwith.....

 

All of your DOWNLOADS files/pics/zip/mp3 - even site/product pics could be STORED in MYSQL.... - The ONLY way to get them it though a proper MySQL command.

Link to comment
Share on other sites

Im a bit of a noob with php but couldnt you stop people using the view source and save as by placing all ya files in https://

 

i probably wrong here but hey! go fish! :blink:

No.

-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Link to comment
Share on other sites

to stop bandwidth/ image thiefs. :roll:

 

How does this affect the spiders?

If Images are stored in MySQL - you can't link directly to the image - you would have to link to the WHOLE php page. Thus (I would think) a Google "cache view" would show the text and place holder for all PICS -unless it was able to recreate the session on your server.

 

Storing in MySQL would prvent someone from try to DIRECTLY download eveything in your "IMAGES" directory.

 

As said before there is NO way to STOP ALL people for grabing your PICS if it is displayed on your site.

Link to comment
Share on other sites

According to the sitepoint article (a few posts above), it sounds like I need to have the ability to restart the apache server for these changes to take effect. Am I understanding this correctly?

 

I am renting webspace and don't have full control over the server. I'm not even sure yet that they have mod_rewrite loaded although I assume that they do.

 

Just thought I'd ask before spending the time to really start researching the rewrite command.

Link to comment
Share on other sites

mod_rewrite --, it's an Apache module, and it's even installed by default!

 

Rebooting should not be needed. Even so - most host reboot there servers every so often.....

 

If you ASK your host to check and then they can "restart" the service to reload httpd.conf...

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...