This question already has answers here:
How to show php-files as plain text in Apache
(5 answers)
Closed 8 years ago.
i want help in this problem
this command not work good can u help me
i have new folder on my website under this name
"TextPHP"
and i put this code in .htaccess
RewriteRule ^(.*) /home/myhome/public_html/$1.php [L,T=text/plain]
i want any one go to that folder can read any source from my php files
and this not work
i try H=text/plain
and i got error 500
also i try
php_value engine off
php_value engine off
not working :(
its there any other trick
and sorry about my english language so bad :p
thanks for helping
You don't specify the full path to the file in the rewrite rule, what you are specifiying is a new absolute URL or a URI relative to the web root. So if you want to make any URI go to a PHP file of teh same name, here is how you would do it:
RewriteEngine On
RewriteRule ^(.*) /$1.php [L]
No need to specify /home/myhome/public_html here.
This is a basic example however, as typically, this is much too broad of a rule, as it would prevent you from serving up images or other actual files from the web root (they would all end up with .php appended to the. So assuming this is actually what you want, you would commonly see something like:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*) /$1.php [L]
This rule applies in cases when the URI does not match an actual filename or directory. Thus requests to /some_file.php would not be redirected to /some_file.php.php.
You can configure your webserver to show the source for *.phps files (e.g. make symlinks) with:
AddType application/x-httpd-php-source .phps
Or to disable PHP processing for that directory completely use:
RemoveHandler .php
RemoveType .php
Alternatively or additionally with:
php_flag engine off
On some setups (cgi / fastcgi) even:
Options -ExecCGI
If you wanna use mod_rewrite, then write a wrapper script for displaying them via readfile() (and some basename() filtering for security) and apply it like:
RewriteRule ^(.+\.php)$ showsrc.php?file=$1
Related
Note: This question has been asked before several times, but the answers are really bad, totally wrong and/or do not fit the above scenario (because there are several files called index.php). If you like, see [1].
I want to block direct access to all .php files in the application folder (see file structure image) via the .htaccess file in the root folder. There are some solutions for this on the web, but they miss one thing: They don't work if there is more than one file named index.php (which is a realistic scenario like the screenshot shows, see the file in the view/xxx/ folder):
Question: How to block access to all .php files, except the index.php in the root folder ?
In .htaccess:
RewriteEngine on
RewriteRule ^/application - [F]
The [F] option instructs it to issue a 403 Forbidden response on all matching URLs.
Or add a separate .htaccess file in /application containing just:
deny from all
Or in your Apache vhost definition:
<Location /application>
deny from all
</Location>
In addition to Niels Keurentjes excellent answer I would like to extend his solution according to my .htacces that uses some very common rewriting patterns (as a lot of people might run into the same problem):
When using URL rewrite rules, then the line RewriteRule ^/application - [F] has to be at exactly that place. It will not work if the line is placed before or below:
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-l
# The new line, blocking direct access to every file in /application and deeper
RewriteRule ^/application - [F]
RewriteRule ^(.+)$ index.php?url=$1 [QSA,L]
This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
Remove .php extension with .htaccess
I'm trying to hide the .php file extension but for some reason can't get it to work. My latest attempt was the following:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^folder/([a-zA-Z_\-0-9]+)/?$ /folder/$1.php
</IfModule>
I have tried many different variances of code I have found online but still no luck. The .htaccess file is placed within the root directory.
I've used this:
RewriteEngine On
# Unless directory, remove trailing slash
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^/]+)/$ http://example.com/folder/$1 [R=301,L]
# Redirect external .php requests to extensionless URL
RewriteCond %{THE_REQUEST} ^(.+)\.php([#?][^\ ]*)?\ HTTP/
RewriteRule ^(.+)\.php$ http://example.com/folder/$1 [R=301,L]
# Resolve .php file for extensionless PHP URLs
RewriteRule ^([^/.]+)$ $1.php [L]
See also: this question
The other option for using PHP scripts sans extension is
Options +MultiViews
Or even just following in the directories .htaccess:
DefaultType application/x-httpd-php
The latter allows having all filenames without extension script being treated as PHP scripts. While MultiViews makes the webserver look for alternatives, when just the basename is provided (there's a performance hit with that however).
1) Are you sure mod_rewrite module is enabled? Check phpinfo()
2) Your above rule assumes the URL starts with "folder". Is this correct? Did you acutally want to have folder in the URL? This would match a URL like:
/folder/thing -> /folder/thing.php
If you actually want
/thing -> /folder/thing.php
You need to drop the folder from the match expression.
I usually use this to route request to page without php (but yours should work which leads me to think that mod_rewrite may not be enabled):
RewriteRule ^([^/\.]+)/?$ $1.php [L,QSA]
3) Assuming you are declaring your rules in an .htaccess file, does your installation allow for setting Options (AllowOverride) overrides in .htaccess files? Some shared hosts do not.
When the server finds an .htaccess file (as specified by
AccessFileName) it needs to know which directives declared in that
file can override earlier access information.
Generally a url that looks like this:
http://www.domain.com/product.php/12/
will open up product.php and serve the /12/ as request parameters, which then my PHP script can process to pull out the right product info. However when I migrated this whole site, after developing it, to a new server, I get a 404 error, because on that server it's not defaulting to the mother directory/file in case of an absence of requested directories.
I vaguely remember learning that this is generally a common apache function but I can't seem to recall how to set it up or how to manipulate it.. if there's an .htaccess method to achieve this that would be great.
What you're referring to is mod_rewrite. The official docs for it are here: http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html
You would configure it either in your VHost definition (recommended) or in an .htaccess file.
Assuming that you want to map all requests to a resource that Apache cannot serve (such as files that don't exist) to products.php you can use the following:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^(.*)$ /products.php?request=$1 [NC,L]
You can then use $_GET['request'] to get the path requested and take it from there, depending on what you want to do. I'd normally recommend letting mod_rewrite handle parsing the request and passing the proper attributes to your PHP, but if you're not familiar with mod_rewrite it's probably easier to do it in your PHP.
you can use mod rewrite engine to map this to
http://www.domain.com/product.php?arg=12
Mod rewrite details: http://forum.modrewrite.com
Sample:
Options +FollowSymlinks
RewriteEngine on
RewriteRule ^files/([^/]+)/(.+) files.php?app=$1&file=$2 [NC]
this rewrite rule will map any request containing files/firstrPart/secondpart to the script files.php
everything between the first and second slash after files will be passed as parameter app and the rest as file
Basicly you define a regex with some subpaterns and state which script should really be called.
You cna refer to the subpatterns with $n where n is the 1 based index of the pattern.
Have fun.
NOTE this is a extreme simplification of mod rewrite. Please do some research before you use it because this might go terribly wrong...
The directive you're looking for is "AcceptPathInfo on". mod_negotiations MultiViews feature would also give you the option of not including the ".php" which is another common one people abuse mod_rewrite to do.
On my website I have an affiliates/ folder.
Inside that I have showgames.php
I want to be able to access the file as www.website.com/affiliates/showgames.aff
Inside affiliates folder,I placed this .htaccess
AddType application/x-httpd-php .php .aff
RewriteEngine on
RewriteBase /
RewriteRule ^(.*)\.php$ $1.aff [R=permanent]
For some reasons , it doesnt work .
You misunderstand what rewriting is.
You say you have a /affiliates/showgames.php page that you want to be accessible as /affiliates/showgames.aff. This means the second must be internally rewritten to the first when it's requested, not the other way around.
This also means that you do not need to interpret .aff files as PHP scripts. Just do this in affiliates' .htaccess:
RewriteRule ^(.*)\.aff$ $1.php [QSA]
What handles the disabling of the extension? Is it APACHE or the PHP install? How would one go about configuring the web server where the .php extension is not required? Is there an option that would make both www.example.com/page.php and www.example.com/page work as the URL?
It's URL rewriting through Apache:
http://www.addedbytes.com/apache/url-rewriting-for-beginners/
Apache also has a setting called MultiViews that will serve domain.com/index.* as domain.com/index, domain.com/example.* as domain.com/example, etc.
I've occasionally run into issues where MultiViews beats out mod_rewrite rules, so I tend to turn it off.
Check out some articles from A List Apart on this topic: You use Apache (in your case) to setup ReWriteRule's and then you have PHP parse the url to fetch the correct information. (again, in your case. You can do this with many languages and http servers)
http://www.alistapart.com/articles/succeed/
http://www.alistapart.com/articles/urls/
brianreavis is correct. Here's an example for your .htaccess file:
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}\.php -f
RewriteRule ^(.*)$ $1.php
I just throw it all at PHP and parse it however I want in there:
.htaccess
RewriteEngine On
RewriteRule !\.(js|ico|gif|jpg|png|css)$ #frontend.php
I use this in my .htaccess
<Files ~ "^[^.]+$">
ForceType application/x-httpd-php5
</Files>
That way I can remove all extensions (.php) from my files, and it will still work.
I use $_SERVER['PATH_INFO'] to retrieve the remainder of the path as parameters. E.g. /page/param1/param2 where page is an actual php file.