You have to excuse me if this is a dumb question, I'm a self taught web design/graphic arts guy for a summer job during school, and I'm pretty decent at Logo, graphic, and web design, but when it comes to server-side stuff I'm a little behind. Anyway I'm designing a new internal web page and graphics for a medical and aeronautical firm, and am converting a lot of their old pages to the new site (the old one was some horrible, table layout:eek: ). Anyway their old pages are all saved as .php, but I want to save them as .html because I'm manually going through deleting all the table elements, and the colors in html make it easier in frontpage. My question is, on a password secured site, is a .php file any more secure then a .html?

Is there any php script currently on those php pages?

just includes. the group.php, .htaccess, and .htgroup are included in the footer (which is included). includes work fine in html (well they have for me in my experience.

Here's how its layed out:


<?php include('header.php'); ?> <!--Contains layout, CSS-->
<p>Content</p>
<?php include ('footer.php'); ?><!--Contains access files-->


and the footer

<div id="footer">
<hr>
<p>Questions or problems regarding this web site should be directed to <a href="webmaster@deltascanlaboratories.com">webmaster</a>.<br>
Copyright © 2007 Delta Scan Labs. -
<a href="TermsAndConditions.php">Terms and Conditions of Use</a> - All rights reserved.<br></p>
</div>
</div>
</body>
</html>
<?php include("group.php");?><!--Access files, USER ID, etc-->


Edit: This was included in the orginal files, but so far I have been ommitting it since I'm more worried about getting rid of the horrible code at the moment. My experience has previously always been client side (designing a new website for a local resteraunt,etc.) and getting into this server-side stuff is new to me. I'm just using all the old access files for the new site.

<?php
//Template Settings:
$SettingsPageMod = getlastmod();

?>

Edit 2: I guess that's just php script for a last modified timestamp.

a normal .php site isn't any more secure than a .html - Passwords in php are often encrypted using the MD5 hash tables which adds security. PHP is usually used in conjunction with MySQL or a similar database program to pull the information from a database rather than store the info in a site (which I imagine isn't a very secure way to store the info at all)

the only other advantage to using a php file would be someone wouldn't be able to view source and see the code that you have written because it is server side scripting.