[AthrinaV]

I am developing a new site and I want to put up all of my source codes on a "SourceCode.php" page that will be linked from index.php. I used a lot of open source programs to help me with the site so I want to share by making my codes public. If I do put up a source code page, I don't want to password protect it.

But I am worried that making the source codes public will compromise security on my website. Of course I won't display passwords or database information but anything else like the variable names will be available. The page is coded using PHP and requires login and registration to enter the site. I am mainly worried that people will be able to type in URL strings that will give them access to other people's accounts.

The site uses query strings such as index.php?action=profile&id=mpz5 but does not pass password information via URL strings.

If you need to see my site to answer, I would be happy to be give the site's name but since it's not finished yet, I don't want to display it.

Any answer would be helpful. Thanks a lot.

[Acecool]

This can be a touchy question, however a well coded website might not have the security issues so posting code does no harm...

However, if you do post the source code, some people may find errors in the code and exploit them, others will inform you right away...

I would say only allow REGISTERED users to view source code, that way you can track who has seen it.. Then if anyone does use any exploits available, you can track the ip and match it up so you know who did it.