ASP vs PHP compiliation

I am starting a major project and will be hiring developers soon. Right now im trying to decide between ASP.net and PHP and leaning strongly toward开发者_开发问答s asp as most of the desktop apps will be written in C#

About 50% of this project will be coded into a web system. My question is about how i could secure the code. Does php or asp offer any form of compilation that will not reveal the default source code?

On a properly secured server, neither will reveal their source code. You should let the programmers have a big say in choosing the tech. No offense, but you are not qualified to make that choice alone.

The biggest issue will be how skilled your team is. If you hire a bunch of .net guys and expect them to code PHP you will have a poorly working site, and visa-versa.

You should hire some developers or at least your lead developer and talk with her about it.

Since you will be having desktop apps .net seems the logical choice, but there are other issues specific to your business/application you have not considered.

PHP code is executed from the raw text script files in the exact same form as you compose them. ASP code can be compiled into libraries that you can import.

Moral of story: PHP provides no protection from server-side in-lookers, ASP does if you use the form aforementioned. This is of course assuming that they have some way to get into the server in the first place: both will provide basic protection by hiding the scripts from outsiders.

You can add another form of protection by making sure that the user the scripts are executing under has a strong password and is protected from other users reading, writing or execution.

I would recommend to make the choice based on what you're most comfortable with coding in: you can't beat an egg with a knife.

Let me start by saying that I know nothing about ASP.net. But, as far as PHP is concerned, you have 3 options for securing PHP code:

1. Use Zend Gaurd to encode and obfuscate the code. It is, of course, reversible, but having decoded code that was encoded by a less sophisticated mechanism, obfuscated code like this is incredibly tedious to decode and grok. I haven't used it, so I don't know how it fits into the publishing process, but I assume it's just another step. Also, if you're going to be installing this software on customer servers, it also offers licensing.
2. Write your the bulk of your proprietary code as php extension (eek!). That's mostly tongue in cheek, but if it works for you, then it works for you.
3. Secure the code by securing the server. If this is not going to be on a public server or distributed, then it's not really an issue.

Shall we throw say Java and Ruby into the mix to make the conversation even more lively? Pick the technology which you or your team have the most expertise for. They all have their pluses and minuses and the biggest mistake people make is to feel personally attached to any of these

1. Which server O/S (Linux, Windows, Mac)?
2. Which web server (Apache or IIS)?
3. What's the browser compatibility matrix?
4. Silverlight?
5. AJAX? JQuery?
6. Which database?
7. Expected load? Scalability requirement?
8. Web services? SOAP or REST?

My recommendation is regardless of your environment, expose the functionality through web services; it forces MVC separation and gives good hard points for unit testing. Then prototype your web interfaces in both PHP and ASP.Net and see what you like.

If you're hosting the app yourself then hiding the code won't be an issue. If you're selling it then you're stuck having to obfuscate, but there's good tools for both environments.