Everything was working fine till I added my .htaccess file. What I'm trying to do is route all my users to their profile page. So www.darudude.com/user1 routes to www.darudude.com/userinfo.php?user=user1
My .htaccess file as this:
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)\?*$ userinfo.php?user=$1 [L,QSA]
However ever since I added this, it breaks my sessions. On every page I have a initialize a session, and the sessions stores the referrer. This is the piece of code that handles the important part.
if(isset($_SESSION['url'])){
$this->referrer = $_SESSION['url'];
}else{
$this->referrer = "/index.php";
}
//this echo is used to debug why this thing isn't working!!
echo "<script>alert('".$this->referrer."');</script>";
/* Set current url */
$this->url = $_SESSION['url'] = $_SERVER['PHP_SELF'];
and then I'm returned to the original page using this piece of code:
header("Location: ".$session->referrer);
So for example, without the .htaccess file, if I login through one of the pages everything works and I get redirected back to the page I logged in from (i.e. if I logged in from index.php I get redirected back to index.php; if faq.php, I get redirected back to faq.php). With the .htaccess file I keep getting sent to /userinfo.php leading me to thing its something wrong with my rewriterule
This is how its supposed to work:
index.php loads. the $_SESSION['url'] is set to index.php
a login form is enacted whos action redirects to process.php
process.php the $session->referrer is set from $_SESSION['url']
After the login is confirmed the page should redirect using: header("Location: ".$session->referrer);
This is how it worked originally without any problems.
However, after the .htaccess was created it seems to redirect me to userinfo.php. I think it has something to do with my rule.
Any ideas?
I'm not sure if I understand the problem, but the rewrite rule you're using seems to turn the request to /index.php into a request to /userinfo.php?user=/index.php which may not be what you want.
It's because you're relying on $_SERVER['PHP_SELF'], which does not include the query string (the ?user= part of the URI). It worked before because your pages didn't rely on query strings to uniquely identify themselves. You can use $_SERVER['REQUEST_URI'] instead, though look out for circumstances where you don't want the query string to be preserved and now it is being.
Incidentally, the \?* in your RewriteRule regex is doing exactly the same as thing as if it weren't there.
You could try logging in with AJAX, thus never having to refresh the page at all. A simple Google search will throw up plenty of results, see below. Even if you're not using jQuery (which alot of the tutorials seem to expect you to), it's still possible with basic Javascript, in fact that's how I wrote my AJAX log-in script before converting it to use jQuery later.
http://www.google.com/search?q=php+ajax+log-in
Related
I have a domain which I want every attempted url after https://www.example.com/someFolder/ to not give an error but instead give a php page.
For example, I do not have a somefolder/abc.php file but going there will run a process.php file instead and display it there.
I have attempted to modify the 404 page as the process.php but that also modifies the example.com/ error page which I do not want.
It would be great if I do not need to modify/add a file at the root directory
PS. adding a .htaccess to the somefolder folder does work somewhat but then the url shows somefolder/404.php and not somefolder/abc.php
Modify your 404 page as you did putting php script there but check in php if the url that was requested was directory or not. Depending on that make an appropriate action
<?php
$url = $_SERVER[REQUEST_URI];
// check if requested url was ending with slash
$pattern = '#\/$#';
$result = preg_match($pattern, $url);
if ($result === 1) {
//request was to directory suffixed with slash
//do your php code for custom 404
die; //end the page generation
}
?>
request was not to directory ending with slash
put html of regular 404 page here or leave it blank
I have learned that I could turn somefolder into somefolder.php and use the $_SERVER['PATH_INFO'] to make all pages exist.
This is something that can only be done, in the general case, by using the .htaccess file, and redirecting every request like this...
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php [QSA,NC,L]
After that, you can use $_SERVER, $_SESSION, and other global variables in index.php to decide how to handle a 404 error (i.e., you can implement here how to define what a 404 is, etc.).
For instance, $_SERVER['PATH_INFO'] will be able to tell you what URL was requested, and you can use a combination of file_exists() and other calls, to determine if you want to display a full 404, search results, a redirect, or simply to display the results of another script.
This works for example.com/somefolder/, example.com/some/other/folder/, and example.com/a/b/c/d/e/f/g/, etc..
So I was thinking of a way to remove the parameters from url when page is downloaded to client and respond different in each different value of the get parameter.
Let me take it clearer for you. Say I have this url: www.abc.com/?q=jsdfnjns. Ideally, I am thinking of shortening this url with goo.gl and then send it to the customer. When customer clicks on it, it will automatically go to www.abc.com clean url and set a cookie to the client with the q's value. I have seen it before in many affiliate links except that the initial url had no get parameters but value was actually a sub-folder e.g www.abc.com/jsdfnjns
So what's the way to actually get the value of a get parameter and manipulate it with php, while removed from the url without user's notice, or setting a cookie when parameter is given as a sub-folder. I suspect it must be some htaccess rules and php tricks but can't find a way.
With given url www.abc.com/jsdfnjns how can i redirect immediately to www.abc.com
and have the jsdfnjns saved ideally server-side in apache or in a user cookie ?
Is there any way to make it also happen with actual get parameters too ?
And a schematic:
www.abc.com/jsdfnjns convert it to -> goo.gl/sjbjsb -> when clicked, user is going to www.abc.com but somehow i get the jsdfnjns and respond in the main page different.
Hope my question is well defined, any ideas will be appreciated.
Thanks.
Firstly you need to set .htaccess file
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)$ index.php?q=$1 [QSA,L]
</IfModule>
index.php code:
session_start();
if(isset($_REQUEST['q'])) {
$_SESSION['q'] = $_REQUEST['q'];
header('Location:index.php');
die();
}
else{
if(isset($_SESSION['q'])) $q = $_SESSION['q'];
else $q = null;
//YOUR CODE
var_dump($q);
}
In my php page I have a hyperlink like:
Remove User";
The delete_user_page.php via GET takes the name of the user and executes the script. I want a URL rewrite mechanism inorder to hide the passed variable. So I wrote:
.htaaccess
RewriteEngine On #Turn on the re-writing engine
RewriteRule ^delete/?$ delete_user_page.php?name=$1 [NC,L] # Handle requests for "Delete users page"
When loading this onto the server and refreshing the results nothing has changed/showed so I realized I am doing something wrong.
Where does htcaccess have to be located relative to delete_user_page.php?
Looking at "delete_user_page.php?name=$1", is $1 correct or should it be different?
If there is something else wrong in my script please tell me.
I'm new at Code Igniter. My index page is named abc_welcome where i've below code
public function index()
{
$this->load->library('session');
$login_data = $this->session->userdata('user');
if($login_data) {
redirect('/product/product_details');
}
else {
$this->display();
}
}
So when a already logged in user hit he can redirect to product page. But strangely it is not redirecting.
Where as at login page i've same piece of code and it is redirecting all right.
So when a user come to my www.abc.com page it's not redirecting (if loged in) and session has no data checked but when cliking login button he is and obviously session got the right data. i want him to redirect first time.... more strangely in my demo site (my laptop) Index redirecting is working!!! but not at hostgator.com.
Thanks in advance.
Farness
Thank you all for your support.
i finally made it work by .htaccess redirecting. i just put below code to my .htaccess and it's working as expected.
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www.abc.com [NC]
RewriteRule ^(.*)$ http://abc.com/$1 [L,R=301]
yes #farness put $config['base_url'] = 'http://www.abc.com/'; in your config.php file
From what you're describing, it seems like your code is fine, if it runs locally on your laptop, so it's likely that the session data isn't being stored/read properly. Aside from the base_url above, you should also verify the following settings in /appication/config.php:
$config['cookie_domain'] should be set to .abc.com (with the leading dot) if your base url is www.abc.com
$config['cookie_path'] just to be safe, set this to "/"
$config['cookie_secure'] set to FALSE (unless your site is accessed only using https, keep this as false
Hopefully that gets you up and running.
Please help me to resolve hotlinking, how to prevent direct access to this URL and redirect visitors to index.php:
http://www.example.com/index.php?link=http://www.anysite.com/dir/file&name=on&email=on&submit=on
are you searching for something like this:
if(!strpos('mysite.com',$_SERVER["HTTP_REFERER"])) header('Location: index.php')
For purposes of answering this, I'm going to assume you don't care if the same user accesses
it multiple times (provided that the first visit came through the main index page). This also assumes the user will accept a cookies.
When on the main index page:
start up a session on index.php
put some random value inside their session. eg: md5(microtime()) = af1929191...
also put that random value inside each url as another parameter eg: index.php?verify=af19...&link=http://foo.com
When loading a url:
check to see if the "verify"
param is set if it isn't there,
redirect them back to main index
page. Or more helpfully, since you are creating a weird behavior, show them
a error message indicating what you are doing, and why.
Start up the
session and make sure that the value
in their session matches the value
in the url.
Using an htaccess file is a common solution to this problem:
from http://altlab.com/htaccess_tutorial.html
This code in particular redirects anyone trying to hotlink an image.
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ http://img148.imageshack.us/img148/237/hotlinkp.gif [L]