how protect external javascript using PHP

**bluewalrus** · 07-26-2010, 07:06 PM

Try

PHP Code:


<?php

error_reporting(E_ALL);

 ini_set("display_errors", 1);

echo "start<br />";

if (defined('IN_SITE')) {

echo "in site";

echo "$_GET['type']";

    $sPath = '';

    switch($_GET['type']) {

        case 'css':

echo "in css";            

header('Content-type: text/css');

            $sPath = "Excss/$_GET['serve'].css";

            break;

        case 'js':

echo "in js";

            header('Content-type: text/js');

            $sPath = "Exjs/$_GET['serve'].js";

            break;

    }

echo "out of case $sPath was set?";   

 // sPath should be a non-published directory

    $fp = file_get_contents($sPath);

    if ($fp) {

       echo $fp; 

    }

}

?>

Post back any error message or what the output is.

**M rosi** · 07-26-2010, 07:30 PM

via this code no out put at all(no error message).
other parts are working.it seems to be, there is no css & no JavaScript.

**traq** · 07-26-2010, 07:46 PM

are you trying to prevent hotlinking (other sites linking directly to your files, on your server, for their own use) to your javascript/css?

>> you can prevent hotlinking using .htaccess

or, do you want to prevent people from being able to see/copy your javascript/css?

>> that's impossible.

**madu** · 07-26-2010, 07:58 PM

try this,

PHP Code:


<html>

<head>

<title>Test</title>



<?php



session_start();

$_SESSION['insite'] = true;



function quitInsite()

{

    unset($_SESSION['insite']);

}



if (!defined('SHUTDOWN_REGISTERED')) // *_once, this shouldn't be necessary

{

    register_shutdown_function('quitInsite');

    define('SHUTDOWN_REGISTERED', true);

}



?> 



<link rel="stylesheet" type="text/css" href="hide.php?type=css&serve=css_test"/>  



<script type="text/javascript" src="hide.php?type=css&serve=js_test">  



</head>

<body>

</body>

</html>

PHP Code:


<?php

session_start();



if (isset($_SESSION['insite']))

{

    $sPath = '';

    switch(@$_GET['type'])

    {

        case 'css':

            header('Content-type: text/css');

            $sPath = 'Excss/' . @$_GET['serve'] . '.css';

            break;

        case 'js':

            header('Content-type: text/js');

            $sPath = 'Exjs/' . @$_GET['serve'] . '.js';

            break;

    }



    // sPath should be a non-published directory

    $fp = @fopen($sPath, 'r');

    if ($fp)

    {

        fpassthru($fp);

        fclose($fp);

    }

}



?>

**M rosi** · 07-27-2010, 02:39 AM

thanx for help me.
it is not working again. should it be with session! however it is not working dear!

Thread: how protect external javascript using PHP

Thread Tools

Search Thread

Bookmarks

Bookmarks

Posting Permissions