I just started to learn htaccess and i'd like to rewrite my current urls from this:
http://www.url.com/?location=script
To:
http://www.url.com/script
So far i've managed to do this but now i want to have a directory with more controllers so i can have something like this:
http://www.url.com/script/method
Structure: Script directory --> method.php
Currently my directory structure for includes its like this:
assets-->client(directory):
login.php
logout.php
register.php
something.php
And i'd like to access these using a url like:
url.com/client/login
url.com/client/logout
url.com/client/register
url.com/client/something
My .htaccess:
<ifModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^/]+)/?$ index.php?location=$1 [L]
</ifModule>
PHP based inclusion code:
####################################################################
# PARSE THE CURRENT PAGE #
####################################################################
$includeDir =".".DIRECTORY_SEPARATOR."assets/controllers".DIRECTORY_SEPARATOR;
$includeDefault = $includeDir."home.php";
if(isset($_GET['ajaxpage']) && !empty($_GET['ajaxpage'])){
$_GET['ajaxpage'] = str_replace("\0", '', $_GET['ajaxpage']);
$includeFile = basename(realpath($includeDir.$_GET['ajaxpage'].".php"));
$includePath = $includeDir.$includeFile;
if(!empty($includeFile) && file_exists($includePath)) {
include($includePath);
}
else{
include($includeDefault);
}
exit();
}
if(isset($_GET['location']) && !empty($_GET['location']))
{
$_GET['location'] = str_replace("\0", '', $_GET['location']);
$includeFile = basename(realpath($includeDir.$_GET['location'].".php"));
$includePath = $includeDir.$includeFile;
if(!empty($includeFile) && file_exists($includePath))
{
include($includePath);
}
else
{
include($includeDefault);
}
}
else
{
include($includeDefault);
}
All my controllers are in assets/controllers/ucp/login.php for example.
How about:
<ifModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} ^(/client/[a-zA-Z0-9_\-]+)$
RewriteRule ^[a-z]+ index.php?location=$2 [L]
</ifModule>
It does include a leading slash and doesn't have the PHP extension. But this can be altered in PHP to suit your needs.
Be wary though, your code gives access to all your PHP files. You might want to check $_GET['location'] against an array of allowed locations. Consider the following URL as example of how this could go wrong
http://example.com/index.php?location=../drop_database.php
Related
I have .htaccess file + a index file with the defined url links. But now i want to except 1 php file from this rule, that i can open it with .php cause it is needed for my GET. the link is than mydomain.com/admin/user.php?id=1 but with the ending removal it is no longer working. How can i get it working ?
My .htaccess file looks like that:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php?action=$1 [QSA,L]
and my index.php looks like that:
session_start();
if ($_SERVER['REQUEST_URI'] == '/') {
include './dashboard.php';
} elseif ($_SERVER['REQUEST_URI'] == '/Login') {
include './login.php';
} elseif ($_SERVER['REQUEST_URI'] == '/Admin/User') {
include './admin/user.php';
} else {
include './sites/404.php';
}
Thanks for your help guys.
I get mysite.com/?file=abc
<?php if(!empty($_GET['file'])) {?>
<?php echo $_GET['file']; ?>
<?php } ?>
it's possible get value like this:
mysite.com/file/abc
If you are using apache, and your config allows for htaccess overrides,
you can create an .htaccess file like this
# Turn on URL rewriting
RewriteEngine On
# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php?q=$1 [L]
URL
mysite.com/file/abc
In your php file do something like this
<?php
$query = explode('/', $_GET['q']);
if ($query[0] === 'file') {
echo $query[1];
}
SOLUTION:
it seems htaccess requires 'B' for it to retain the ampersand
so using
RewriteRule ^album/([a-zA-Z0-9-=_.]+)$ view.php?album=$1 [L,B]
works
SOLUTION
I am trying to read the get value from the url which is:
view.php?album=something
This is one of my rules in my .htaccess file:
#this rewrite 'view.php?album=something' to 'album/something'
RewriteRule ^album/([^/\.]+)/?$ ^view.php?album=$1 [L]
The problem is that sometimes the album name ie 'something' may contain and & in the name and this causes $_GET to trip up.
**For example**
album name is 'football&basketball'
The view.php page will only read up to football and throw an error.
Without the rewrite rule it works perfectly fine, but with the rewrite rule it messes up for that one case.
I am using rawurlencode at the moment
If there is no & in the name then it also works fine - its only with the & when it messes up
Does anyone have any suggestions on how to overcome this? I have tried using htmlspecialchars and htmlentities etc.
EDIT: Added Code
htaccess:
<IfModule mod_rewrite.c>
RewriteEngine On
#rewrite view.php?album=whatever to album/whatever
RewriteRule ^album/([a-zA-Z0-9-=_.]+)$ view.php?album=$1 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteBase /ShyamJoshi/dist/
#remove .php and .html extension
RewriteRule ^([^\.]+)$ $1.php [NC,L]
RewriteRule ^([^\.]+)$ $1.html [NC,L]
RewriteOptions Inherit
ReWriteCond %{HTTP:accept-encoding} (gzip.*)
ReWriteCond %{REQUEST_FILENAME} !.+\.gz$
RewriteCond %{REQUEST_FILENAME}.gz -f
RewriteRule (.+) $1.gz [QSA,L]
</IfModule>
PHP:
This function is being used twice. First it shows all directories and then it shows all images in directories (which is the 'else' part)
function getImagesOrImageDirs($dirOnly) {
$dirLoc = getcwd() . '/images/events/';
$allDirs = preg_grep('/^([^.])/', scandir($dirLoc));
echo '<div class="row">';
if ($dirOnly == true) {
foreach($allDirs as $dir) {
$innerDirImages = preg_grep('/^([^.])/', scandir($dirLoc.'/'.$dir));
$firstImageOfDir = reset($innerDirImages);
/* view.php?album=something -> rewritten by htaccess to albums/something*/
$href = 'album/'.$dir;
// $href = 'album/'.$dir;
$imageSrc = 'images/events/'.$dir.'/'.$firstImageOfDir;
echo albumAndPhotoTemplate($href, $imageSrc, true, $dir, 'col-xs-12 col-sm-3');
}
} else {
if (empty ($_GET['album']) ) {
return ;
}
$albumName = $_GET['album'];
print_r($albumName);
$dirLoc = $dirLoc .'/'.$albumName;
$allImages = preg_grep('/^([^.])/', scandir($dirLoc));
foreach($allImages as $image) {
$imgSrcAndHref = 'images/events/'.$albumName.'/'.$image;
echo albumAndPhotoTemplate($imgSrcAndHref, $imgSrcAndHref, false, '', 'col-xs-12, col-sm-3');
}
}
echo '</div>';
}
Try like this..
RewriteEngine On
RewriteRule ^album/([a-zA-Z0-9-=_.]+)$ view.php?album=$1 [L]
Get your variable using
$_GET['album'];
If you want to both variable and name:
print_r($_GET);
To escape & on url use %26 like this..
view.php?album=something%26basketball
See more here escaping ampersand in url
I want to protect pages from the actual path so I'm using the server uri variable to know what the user write in the nav bar:
page.php
if ($_SERVER['REQUEST_URI'] == '/path/to/page.php') {
unset($_SERVER['REQUEST_URI']); // nothing will be displayed
} else // page content
And it's working fine, but now the problem is ?id=x or just adding ? will show the page with errors.
Is there a way to add OR == ?....
I want to prevent the direct access, because I'm using a router that includes those pages in index.php like this: site.com/page and site.com/page?...
Thank YOU!
EDIT: Add more info:
.htaccess
Options -Indexes
DirectoryIndex index.php
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
the router in index.php
// array whitelist for match
$includes = array(
'/home' => 'dir/to/home.php',
'/other' => 'dir/to/other/page.php'
);
if ($_SERVER['REQUEST_URI'] == '/')
$_SERVER['REQUEST_URI'] = '/home';
preg_match('/^([\w\/]+)/', $_SERVER['REQUEST_URI'], $matches);
$matches[1] = isset($matches[1]) ? $matches[1] : null;
if(array_key_exists($matches[1], $includes)) {
$content = include($includes[$matches[1]]);
} else $content = include('views/error.php');
return $content;
I don't know if I understand, but if you do this way:
if (preg_match('\/path\/to\/page\.php', $_SERVER['REQUEST_URI'] ))
I've currently got a web application that I need optimizing, and one of methods or something I'm trying to achieve is such:
http://myweb/dept/app
from
http://myweb/?dept=dept&app=app
I've currently this as the PHP code for it:
if(empty($_REQUEST['dept'])) {
$folder = "apps/";
} else {
$folder = str_replace("/", "", $_REQUEST['dept']) . "/"; }
if(empty($_REQUEST['n'])) {
include('user/home.php');
} else {
$app = $_REQUEST['n'];
if(file_exists($folder.$app.".php")) {
include($folder.$app.".php");
} else {
include("global/error/404.php");
}
}
How do I do this?
I'm currently half there with:
RewriteRule ^([A-Za-z]+)$ /index.php?app=$1
but that only rewrites part of it.
Thanks
The way many frameworks do this is with one of the following rules:
RewriteRule ^(.*)$ /index.php?q=$1
RewriteRule ^(.*)$ /index.php
In the 1st case you get the query string in $_GET["q"].
In the 2nd case you have to get the query string from $_REQUEST or something. (just do some var_dumps till you find what you need).
Then you explode("/") this and you're all set.
Have a look at how TYPO3, eZPublish, Drupal do this.
You should also add the following conditions to allow the site to open your static files (like images/css/js/etc). They tell apache to not do the rewrite if the URL points to a location that actually matches a file, directoy or symlink. (You must do this before the RewriteRule directive)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
This should work:
RewriteRule ^([A-Za-z]+)/([A-Za-z]+)$ index.php?dept=$1&app=$2 [QSA]
You need the QSA part in order for any GET parameters to be appended to the rewritten URL.
You might find that it can be more flexible to rewrite everything to index.php, and then handle splitting up the url there, e.g.
.htaccess:
#only rewrite paths that don't exist
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1
PHP:
<?php
$parts = explode('/', $_SERVER['PATH_INFO']);
$dept = isset($parts[0]) ? $parts[0] : 'someDefault';
$app = isset($parts[1]) ? $parts[1] : 'anotherDefault';