I was wondering if there is a need to change the database table names and script variables of an open source script to enhance security.
A script I have has lots of pages and variables that are used throughout the site. I have changed database table names as I believe this is a great security enhancement but is there a need to change variable names and even page names if the script is open source?
I am also splitting up the code and placing the PHP and database stuff in files in a hidden directory for added protection. But is the script still vunerable if it has the same variables/page names that it was writting with?
For example ... $username is obviously used for users names on pages throughout the site and also for mysql queries and the log in cookies.
Could someone who knows the script use all these variables and even the page names to hack the site?