I have a blog with a add-post.php page which contains a simple form with the action:
<form id="form" action="add-post-php.php" method="POST" enctype="multipart/form-data">
I then have the file, add-post-php.php in the same folder as add-form.php. So I enter the details of my blog into the form and press submit and get:
Forbidden
You don't have permission to access /add-post-php.php on this server.
Additionally, a 404 Not Found error was encountered while trying to
use an ErrorDocument to handle the request.
I've tested this on my localhost and it works correctly, the permission of the file is set at 0644, but I've also tried it at 0755, with no improvement. There is nothing wrong with my .htaccess file and there are no other .htaccess files in the directory.
My add-post-php.php script in full is:
<?php
include("php/settings.php"); // Contains DB Connections
?>
<?php
$id= time();
$month = date("m");
$year = date("Y");
$path = "images/posts/$year/$month/";
$section = $_POST["section"];
$category = $_POST["category"];
$credit = $_POST["credit"];
$title = ucwords($_POST["title"]);
$text = $_POST["text"];
$exclusive = $_POST["exclusive"];
$added = date("Y-m-d H:i:s");
$photo = $_FILES["photo"]["name"];
$ext = substr(strrchr($photo, '.'), 1);
?>
<?php
$insert_sql = "INSERT INTO posts (id, section, category, credit, title, article, exclusive, added) VALUES('$id', '$section', '$category', '$credit', '$title', '$text', '$exclusive', '$added')";
$insert_res = mysqli_query($con, $insert_sql);
if(mysqli_affected_rows($con)>0){
move_uploaded_file($_FILES["photo"]["tmp_name"],"$path" . $id . "." . $ext);
}
else{
echo "0";
exit();
};
?>
<?php
header("Location: post.php?id=$id");
exit();
?>
Does anyone have any idea why I'm getting the Forbidden Error when the file clearly exists and it's permissions are correct?
Here is my .htaccess:
Options -MultiViews
DirectoryIndex posts.php
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^posts/([0-9]+)/?$ posts.php?currentpage=$1 [NC,L,QSA]
RewriteRule ^section/([\w-]+)/?$ section.php?section=$1 [NC,L,QSA]
RewriteRule ^section/([\w-]+)/([0-9]+)/?$ section.php?section=$1¤tpage=$2 [NC,L,QSA]
RewriteRule ^posts/([\w-]+)/?$ posts.php?category=$1 [NC,L,QSA]
RewriteRule ^posts/([\w-]+)/([0-9]+)/?$ posts.php?category=$1¤tpage=$2 [NC,L,QSA]
RewriteRule ^post/([0-9]+)/([\w-]+)/?$ post.php?id=$1&title=$2 [NC,L,QSA]
RewriteRule ^sites/([0-9]+)/?$ sites.php?currentpage=$1 [NC,L,QSA]
RewriteRule ^posts posts.php
RewriteRule ^section section.php
RewriteRule ^sites sites.php
RewriteRule ^about about.php
RewriteRule ^advertise advertise.php
RewriteRule ^subscribe subscribe.php
Folder structure:
I've just checked the php error log again and I'm seeing these messages:
[Thu Oct 22 13:04:14.575567 2015] [:error] [pid 1041578] [client 74.125.76.51:56087] File does not exist: /home/fulldist/public_html/***.com/feed.php,
[Thu Oct 22 09:53:14.646744 2015] [:error] [pid 944286] [client 31.13.113.90:59997] File does not exist: /home/fulldist/public_html/***.com/blog.php.
It's true that feed.php and blog.php don't exist, but why is it trying to look them up?
Is this not wrong
header("Location: post.php?id=$id");
Dont you need this as a header
header("Location: posts/$id");
based on this rule
RewriteRule ^posts/([0-9]+)/?$ posts.php?currentpage=$1 [NC,L,QSA]
Related
before I change the URL it was like
https://dastbaz.ir/quotes.php?id=1
and then I used this PHP code
if(isset($_GET['id'])) {
$stmt = $connection->prepare("XXXXXXXXXXXXXXXXX");
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows === 0) exit('No rows');
$row = fetch_array($result);
$author_name = $_GET['id']."/".$row['author_name'];
$journalName = preg_replace('/\s+/', '_', $author_name);
if (!empty($row)) {
Header("HTTP/1.1 301 Moved Permanently");
header("Location: " . $journalName . " ");
} else {
$html = "Error: cannot find short URL";
}
}
and select author_name by using id in URL and used it in URL and now it's like:
https://dastbaz.ir/1/author_name
but I have a problem with.HTACCESS and I get 404 on these pages. if there need any changes in.HTACCESS please help me to deal with that.
htaccess Code:
AddType application/x-httpd-php56 .php
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*?)$/^(\w+) /quotes.php?id=$1
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} ^dastbaz.ir/ [NC]
RewriteRule ^(.*)$ https://dastbaz.ir/$1 [L,R=301]
Having problem in mod-rewrite .HTACCESS and php.
I have a page name users.php this page display selected user and my normal link is like this users.php?member=John then i changed it to clean url like this users/member/John but my problem is when you visit the page using normal url it will work fine but now i have rewrite it in my .HTACCESS it will take me to user page but not information will display it will be empty
Here is my .HTACCESS
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s/+users\.php\?member=([^\s&]+) [NC]
RewriteRule ^ users/member/%1? [R=301,L]
RewriteRule ^users/member/([^/]+)/?$ users.php?member=$1 [L,QSA]
HERE IS MY PHP CODE
<?php
if(isset($_GET['member'])) {
include($root . '_inc/dbconn.php');
try{
$db_conn = new PDO('mysql:host='.DB_HOST.';dbname='.DB_NAME,DB_USERNAME,DB_PASSWORD);
$db_conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$stmtData = $db_conn->prepare("SELECT * FROM users WHERE username=:getmember ");
$stmtData->bindParam(":getmember", $_GET['member']);
$stmtData->execute();
$UserData = $stmtData->fetch(PDO::FETCH_OBJ);
if ($UserData) {
$Dusername = $UserData->username;
$Dphoto = $UserData->photo;
$Demail = $UserData->email;
}
}
catch(PDOException $e)
{
echo "Error:" . $e->getMessage();
}
$db_conn = null;
}
?>
<?php echo $Dusername;?>
The problem is your RewriteCond. You have to negate the condition (note the '!' sign):
RewriteCond %{REQUEST_URI} !^[A-Z]{3,}\s/+users\.php\?member=([^\s&]+) [NC]
RewriteRule ^users/member/%1? [R=301,L]
RewriteRule ^users/member/([^/]+)/?$ users.php?member=$1 [L,QSA]
You can test your Rewrite Rules on online htaccess tester.
Excuse me , I just start to learn about .htaccess files . I'm trying to write it this way (my htaccess file)
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /exmpl/vadik_route/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
ReqriteRule ^(.*)$ index.php/$l
</IfModule>
and my index.php
<?php
echo $_SERVER['PATH_INFO'];
?>
but server through this error.
Server error!
The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there was an error in a CGI script.
If you think this is a server error, please contact the webmaster.
Error 500
localhost
Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.15
How can I fix that
Change your .htaccess with this one:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
</IfModule>
you can send the url by get method for example getme.php?url=/controller/model/
and you can take the url also divide by slash
$_GET['url'] //it is going to show you the url.
lets look at the .htaccess and explain it.
RewriteEngine On
RewriteBase / #dont forget to modify this part. it is explain which folder you project in
RewriteEngine On Options All -Indexes RewriteBase /directoryname/ RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
############### SEO ##########################
#http://www.example.com/hello/booboo/ it takes the url after .com/
RewriteRule ^(.*)$ getme.php?url=$1 [QSA,L]
now we sent all the url to getme.php and we can use it
getme.php
<?php
//we redirect to get in url=$1 so our get method name is url
$parca = explode("/", $_GET["url"]); //and we divided the url by slash .
echo $parca[0];//this is first part "/hello/
echo $parca[1];// and this is second part "/booboo/;
?>
<?php
session_start();
//Define Language file paths
define("LANG_EN_PATH", $_SERVER['DOCUMENT_ROOT'] . '/exmpl/sayt/multilang/en/');
define("LANG_RU_PATH", $_SERVER['DOCUMENT_ROOT'] . '/exmpl/sayt/multilang/ru/');
define("LANG_KR_PATH", $_SERVER['DOCUMENT_ROOT'] . '/exmpl/sayt/multilang/kr/');
define("LANG_TR_PATH", $_SERVER['DOCUMENT_ROOT'] . '/exmpl/sayt/multilang/tr/');
if (isset($_GET['lang']))
{
// GET request found
if ($_GET['lang'] == 'ru')
{
include LANG_RU_PATH . 'ru.php';
$_SESSION['lang'] = 'ru';
}
else if ($_GET['lang']=='en') {
include LANG_EN_PATH .'en.php';
$_SESSION['lang'] = 'en';
}
else if ($_GET['lang']=='tr') {
include LANG_TR_PATH .'tr.php';
$_SESSION['lang'] = 'tr';
}
else
{
include LANG_KR_PATH . 'kr.php';
$_SESSION['lang'] = 'kr';
}
}
//translate for russian
else if (isset($_SESSION['lang']))
{
if ($_SESSION['lang'] == 'ru')
{
include LANG_RU_PATH . 'ru.php';
}
//translate for kyrg
else if($_SESSION['lang'] == 'en')
{
include LANG_KR_PATH . 'en.php';
$_SESSION['lang'] = 'en';
}
// translate for turkish
if($_SESSION['lang'] == 'tr')
{
include LANG_TR_PATH . 'tr.php';
$_SESSION['lang'] = 'tr';
}
else {
include LANG_KR_PATH . 'kr.php';
}
}
else
{
include LANG_KR_PATH . 'kr.php';
$_SESSION['lang'] = 'kr';
}
?>
could you write path for this , as clear url
I have a blog with a add-post.php page which contains a simple form with the action:
<form id="form" action="add-post-php.php" method="POST" enctype="multipart/form-data">
I then have the file, add-post-php.php in the same folder as add-post.php. So I enter the details of my blog into the form and press submit and get:
Forbidden
You don't have permission to access /add-post-php.php on this server.
Additionally, a 404 Not Found error was encountered while trying to
use an ErrorDocument to handle the request.
I've tested this on my localhost and it works correctly
The permission of the file is set at 0644, but I've also tried it at 0755, with no improvement.
There is nothing wrong with my .htaccess file and there are no other .htaccess files in the directory.
I've tried using the full url path in my form action
My add-post-php.php script in full is:
<?php
include("php/settings.php"); // Contains DB Connections
?>
<?php
$id= time();
$month = date("m");
$year = date("Y");
$path = "images/posts/$year/$month/";
$section = $_POST["section"];
$category = $_POST["category"];
$credit = $_POST["credit"];
$title = ucwords($_POST["title"]);
$text = $_POST["text"];
$exclusive = $_POST["exclusive"];
$added = date("Y-m-d H:i:s");
$photo = $_FILES["photo"]["name"];
$ext = substr(strrchr($photo, '.'), 1);
?>
<?php
$insert_sql = "INSERT INTO posts (id, section, category, credit, title, article, exclusive, added) VALUES('$id', '$section', '$category', '$credit', '$title', '$text', '$exclusive', '$added')";
$insert_res = mysqli_query($con, $insert_sql);
if(mysqli_affected_rows($con)>0){
move_uploaded_file($_FILES["photo"]["tmp_name"],"$path" . $id . "." . $ext);
}
else{
echo "0";
exit();
};
?>
<?php
header("Location: post.php?id=$id");
exit();
?>
Here is my .htaccess:
Options -MultiViews
DirectoryIndex posts.php
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^posts/([0-9]+)/?$ posts.php?currentpage=$1 [NC,L,QSA]
RewriteRule ^section/([\w-]+)/?$ section.php?section=$1 [NC,L,QSA]
RewriteRule ^section/([\w-]+)/([0-9]+)/?$ section.php?section=$1¤tpage=$2 [NC,L,QSA]
RewriteRule ^posts/([\w-]+)/?$ posts.php?category=$1 [NC,L,QSA]
RewriteRule ^posts/([\w-]+)/([0-9]+)/?$ posts.php?category=$1¤tpage=$2 [NC,L,QSA]
RewriteRule ^post/([0-9]+)/([\w-]+)/?$ post.php?id=$1&title=$2 [NC,L,QSA]
RewriteRule ^sites/([0-9]+)/?$ sites.php?currentpage=$1 [NC,L,QSA]
RewriteRule ^posts posts.php
RewriteRule ^section section.php
RewriteRule ^sites sites.php
RewriteRule ^about about.php
RewriteRule ^advertise advertise.php
RewriteRule ^subscribe subscribe.php
And folder structure:
I've checked the php error log and there's nothing suspicious there. Does anyone have any idea why I'm getting the Forbidden Error when the file clearly exists and it's permissions are correct?
I found that the problem was with the include statement within the add-post-php.php file:
<?php
include("php/settings.php"); // Contains DB Connections
?>
I took this out and changed it to:
<?php
//Database Connect
$con = mysqli_connect("localhost","username","password","database");
?>
The script worked as soon as I edited this line of code.
I have been struggling for months now, and I'm just not getting it. I'm trying to get clean urls with php on xampp, I either get server error 500 or www.something.com/root/index.php?page=whatever does not go away I want www.someting.com/page/queryresult/
Can anyone help?
I think the problem is linking the menu to the query and the sticky part is in the switch
function display_menus_new()
{
$sql = "SELECT * FROM menus";
$query = mysql_query($sql) or die(mysql_error());
$array = array();
if (mysql_num_rows($query)){
while($rows = mysql_fetch_array($query)){
$array[$rows['parent_id']][] = $rows;
}
loop_array($array);
}
}
function loop_array($array = array(), $parent_id = 0)
{
if(!empty($array[$parent_id])) {
echo '<ul>';
foreach($array[$parent_id] as $items){
echo '<li>';
switch($items['name']){
case 'Home': print_r('<a href="home.php" >'.($items['name']).'</a>');
$items = str_replace("name", "", "");
case 'About': print_r('<a href="about.php" >'.($items['name']).'</a>');
$items = str_replace("name", "", "");
case 'Services': print_r('<a href="services.php" >'.($items['name']).'</a>');
$items = str_replace("name", "", "");
case 'Contact': print_r('<a href="contact.php" >'.($items['name']).'</a>');
$items = str_replace("name", "", ""); }
//This part Connects the menu to the Database Query Where ?Page= the Data Value connection
print_r('<a href="?Page='.($items['name']).'" >');
echo $items['name'];
loop_array($array, $items['Cat']);
echo '</a></li>';
}
echo '</ul>';
}
}
i have xampp on windows;
.htaccess:
RewriteEngine On
# Run everything else but real files through parse.php
# RewriteCond %{REQUEST_FILENAME} !-d
# RewriteCond %{REQUEST_URI} !^/dev-boards
# RewriteCond %{REQUEST_URI} !^/tests
#RewriteCond %{HTTP_HOST} !^(admin|admintemplate)\.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !\.(css|png|html|js|json|jpg|jpeg)$
RewriteRule ^(.*)$ parse.php?info=$1 [L]
parse.php:
<?php
include("../connect.local.php");
session_start();
$getVars = $_GET['info'];
$vars = explode("/",$getVars);
//http://localhost/viewprofile/0/yes
//$vars[0] is "viewprofile"
//$vars[1] is 0
//$vars[2] is "yes"
What i do is i use file_exists to use $vars[0] and $vars[1] to reference a folder/file. if the file doesnt exist, route to $vars[0]/index.php
if the folder doesnt exists, redirect to index.php
Hope this helps to get you started.
add a file called .htaccess in your home directory
start the rewrite engine at the top of the file:
<IfModule mod_rewrite.c>
RewriteEngine On
In that file, you'll write some conditions for re-directing to a clean URL:
#first, we need to define the request, in this case, index.php?page=whatever
RewriteCond %{THE_REQUEST} /index.php?page=([0-9]*)
# now we need to make it look like it's just the clean url
RewriteRule ^$ /page/%1? [R=301,L,NE]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^page/([0-9]+) /index.php?page=$1 [L]
This is a bit confusing, but basically what it means is that when your browser receives the ugly URL, it gets redirected to the pretty URL. Then, the re-write fills the pretty URL with the content from the ugly URL.
Close your if statement after you're done re-writing:
</IfModule>