This is mostly to help me test some of the security on my site, but how would I view the php on my site? For example

<?php
$handle = file_get_contents("http://www.mysite.com",NULL);
$handle=htmlentities($handle);
$handle=str_replace("\r\n","<br>",$handle);
echo "$handle";
?>will allow me to view the source code, but how do I view the include files and such that are in my php files.

Using an absolute url (including http, etc.), will just get the source, like from a remote server.
Use a path, like ../index.php and then you can load it that way with file_get_contents.

does this mean that someone else can't do the same or similar to view my website's php code?

Depends on how secure your server is. Most likely, yes.

Nothing to do with the server in terms of PHP includes, etc. The server will only output it's generated text, not the full PHP source if called from a remote server.
(Though, yes, if you have another way of being hacked, that's a problem in itself.)

in most cases the, if using the .inc extension, you can just type the absolute url in your browser and it will echo the source out as straight text depending on the server config. It is best in all cases to use .inc.php in place of include for this very reason, Or just straight .php for you includes.

Some versions of forums use this .inc extension, and in some case the db_connect file is .inc. You can see why this would pose real security issue.

if your security is this accessible there are several fixes located at the php.net site. All very simple but the most important of them revolve around the apache server. a combination of all and .htaccess files, i feel, is recommended.

Well, yeah, don't store your sensitive data in any unsecure file.

personally I like the use of .inc

however if you do store sensitive data in this type of file, just be sure to store it above the document root, so that it wont be able to be accessed

If you need a distinction, use .inc.php. Or set .htaccess to parse .inc as php.
Storing outside the root is fine, but also seems sorta silly. What if you just want it in the same directory? Then settle for .php? I'd rather have a more consistent system.