When someone accesses a site via url www.mysite.com/index.php the php code is executed server side and you can't see the code. Can someone download my files such as index.开发者_运维百科php from my folder public_html somehow (other than hacking into my account with my password) and view my php code?
Unless your server is compromised or you have poorly coded scripts that allow the attacker to access any file he wants, no.
Depends. If you are on a crappy shared host, it's not impossible that you can look into other people's PHP files -- this often only requires guessing the username and consequently the absolute path to the file you want to see. You can't list the directories leading there but alas sometimes if you know the absolute path then you can read others file. Say, you are joe and the path is /home/j/joe/public_html/joesdomainname/index.php how long will it take for jack to figure this out when he sees /home/j/jack/public_html/jacksdomainname/index.php...? The cost of this attack (which is not by all means a sure short) is creating an account with the same company you are with. As this mostly works with truly crappy shared hosts, that cost won't be particularly high...
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论