i few weeks ago i wanted to create an app because i came up with a good idea now , firstly i want to implement it on webpage and , there are several ways how to create a webpage well.
The first possible way is to create it locally and set up a server. Then you can install MySQL there PHP etc... you can basicaly develope it while being OFFLINE.
The second way is to find a good hosting and start creating the webpage on hosting , usually all those hosting services have php mysql and all this stuff preinstalled so you can start in a second
i dont want anyone to see what i do before i release it , i also dont anyone to see it and maybe steal or create the same thing as i am doing
The first way of creating webpages is probably safer because you dont share all the source codes with anyone else but , if i want to use the way of doing it using Hosting , how can i make sure that noone can break into that? To be more exact:
i wrote onto the beggining of every php file that if the !isset($_SESSION['user']) doesn't exist then header(location: index.php) , now you probably ask me why? because i created a login form in which you have to login , now registration doesn't work so i just created an account right in the database so is THIS safe? my goal is that noone can access the phpfiles i have written without logging in , even thought they are on hosting , without logging you shouldnot be able to open them , only the index.php which contains something like : Hello , please login to continue , is this way safe ? is it that much safe so i can for example write my card cerdentials on that php page? cant someone just simulate a SESSION without really logging in? and open those webpages even thought there is a condition if session name is not set then redirect index.php ? thanks , what are the risks ? should i swap to local development?