Using Apache 2.2 and PHP 5, what's the best way to run PHP without the .php extension? For example, I have a script called app.php and I like to invoke it as:
http://example.com/app
Please notice that I still want to keep the .php extension to the file and I don't have mod_rewrite. Don't want use index.php either because it requires too many directories.
I did find one way by adding this to my .htaccess,
AddHandler server-parsed .php
SetHandler application/x-httpd-php
AddHandler application/x-httpd-php .php
The page runs a little slower by using this. I suspect it invokes SSI on every PHP page. Wonder if there are any better ways to accomplish this.
An alternative is to use content negotiation. Turn on multiviews:
Options +MultiViews
If a named resource doesn't exist, Apache will glob for the file, then sort based on the media type and content encoding requirements send by the browser. If there's only one file (your PHP script), then that's what the URL resolves to.
You could also force the mime type of a specific file in your .htaccess:
<Files app>
ForceType application/x-httpd-php
</Files>
The short answer is that you aren't going to be able to do this the way you want to. PHP is going to require SOME extension in order to execute the files so you might as well leave it as *.php.
Unless you use mod_rewrite you are going to have to call the files using the full file and extension.
That is the beauty of mod_rewrite--it lets you do just such a thing.
I would pose the question back to you--why can't you use mod_rewrite? Is it an environment issue, a choice, are you using Lighttpd (lighty)?
Extension
Wrap your rewrite rules in something like this to keep it from blowing up if the server doesn't support mod_rewrite:
<IfModule mod_rewrite.c>
// DO REWREITE HERE
</IfModule>
If you believe it to be a security concern or something equally valid then you could also do the following check and send them to a custom 404 or even your documentation and give them examples of how to enable mod_rewrite and explain the need, etc. This second check is optional though--if you don't use it the users will simply see the .php extension but your pages should still work.
<IfModule !mod_rewrite.c>
ErrorDocument 404 /application/errors/404.php
// ERROR 404 ABOVE OR DO ANOTHER DIRECT REDIRECT TO AN INFORMATION PAGE
</IfModule>
Related
I wanted to change the .php extension to .foo, to hide it for visitors.
My webserver has cPanel installed, so I logged in and clicked on "MIME Types", and entered the following:
MIME Type: application/x-httpd-php
Extension: foo
The problem is that it's not being parsed as PHP, but instead is downloaded (when you click the link, a file containing all the code of that file is being downloaded)
How would I solve this?
Add in httpd.conf or vhost.conf
<IfModule mime_module>
AddType application/x-httpd-php .foo
</IfModule>
But best way to solve you problem is in using mod_rewrite
If you have the necessary AllowOverride permissions to use .htaccess, try
AddHandler application/x-httpd-php5 .php .foo
For some reason our CentOS server needs x-httpd-php5, where as our WAMP internal server just uses x-httpd-php like you have (and -php5 will not work)
I have a CPanel based website and we used the above rule to set .html to be parsed as php, didn't even bother with the CPanel Mime settings... but there are other ways to determine if a server is running PHP so you're not really hiding that you use PHP from anyone who knows what they are doing
Ok so I've recently installed to test Orbis CMS, and I love it, except two things - this being one of them.
Test page 'page.php' worked fine, great! Incorporated it into an existing html page and that's where I ran into the issue. Duhr, it won't run the php snippits.
Quick Google shed light that I needed to add a piece of code into the .htaccess file to allow the html file(s) to run the php code. Tried it, and nothing, didn't work, at all. Was going off this link (provided by Orbis) here: http://php.about.com/od/advancedphp/p/html_php.htm
When I did it for all pages it started doing funky stuff and asking me to download/open pages when I clicked the links throughout the site, but not every link.. ?? When I did it for the single test page it didn't work full stop.
Anyone got any ideas?
Cheers.
Why don't you just rename the .htm file to .php ? You can have normal HTML in PHP files aswell, just outside of the <?php ?>Tags.
.htaccess has to be allowed from your hoster, so that might be the reason why it didn't work.
EDIT: Then just replace the .htm File with a redirection to your .php file.
You can achieve this by <meta HTTP-EQUIV="REFRESH" content="0; url=http://www.yourdomain.com/yourfile.php">
Or if the .htaccess is run by the webserver you can do a redirect there:
Redirect /youroldsite.htm yournewsite.php (would be the better version)
You need to change your .html to .php.
as you mentioned that .htaccess is not working check these thing it may help you
Is .htaccess enabled?
It's unusual, but possible that .htaccess is not enabled on your site. If you are hosting it yourself, it's easy enough to fix; open your httpd.conf in a text editor, and locate this section
Your DocumentRoot may be different, of course
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/var/www/htdocs">
#
locate the line that reads..
AllowOverride None
and change it to..
AllowOverride All
Restart Apache. Now .htaccess will work. You can also make this change inside a virtual host, which would normally be preferable.
If your site is hosted with someone else, check your control panel (Plesk. CPanel, etc.) to see if you can enable it there, and if not, contact your hosting admins. Perhaps they don't allow this. In which case, switch to a better web host.
and also check that rewrite_module is marked
Rename your Files to .php or change your server configuration to recognize .htm files as PHP files, too.
Example (httpd.conf):
<IfModule php5_module>
AddType application/x-httpd-php .php .htm .html
</IfModule>
As an alternative you could setup mod_rewrite to route to your php file on specific URLs.
You need to change your .html to .php. You mentioned you need to keep the link equity from other sites to your .html pages. To get around this, simply add a 301 redirect in your .htaccess file.
//301 Redirect
Redirect 301 oldfile.html newfile.php
I recently played with a .htaccess file to make one server to parse PHP files. Yesterday I uploaded the same .htaccess file and tried to test a PHP file. But something went wrong: visiting my page the browser offers to download the the html page rather then viewing the page!
On the server the filenames end in .html.
I added the following to my .htaccess file:
AddType application/x-httpd-php .html
I tried to find the htaccess file, but once uploaded it just disappears from the root dir.
I tried to upload other scripts I've found browsing. I even tried to search for some problem on a hosting forum. Nothing helped.
Please help!
Try this
AddType application/x-httpd-php .php .htm .html
OR
AddHandler application/x-httpd-php .php .htm .html
And remove other overriding handlers for application/x-httpd-php after above code.
Right, firstly things first, what host do you use?
Also what ftp client you are using? Some by default won't display files starting with . such as .htaccess and .htpasswd, that's why it may appear that you didn't upload it. Also it might be that you don't have the rights to upload in the very root directory, try to go one directory up.
Also from my experience, hosts won't allow you to modify headers via .htaccess this way, because the allowoverride directive is off; instead have a look at url rewrites (via mod_rewrite), which allow you to do the same thing without modifying headers.
Your rewrite .htaccess file might look something like:
RewriteEngine On
RewriteBase /
RewriteRule ^(\w+)\.html$ $1.php [NC]
(Not tested though)
Using a rewrite will also mean that your files will in fact maintain the php extension, however they will be access via urls that include .html extension.
Last night I made some admin changes to my webserver. I use php. The php processor failed after the update and if someone went to my homepage, the php page would simply download and show the proprietary code and password to anyone visiting. So I was wondering if there is a way to prevent any form of download for php files using .htaccess -- but still allow for normal viewing of the files.
A good pattern to follow during development is to use a minimal initialization file, which invokes the actual application which resides outside the webroot. That way only a minimal stub with no critical information is exposed in a case like this.
Simplified example:
/
/app
critical_code.php
/webroot
.htaccess <- rewrites all requests to index.php
index.php <- invokes ../app/critical_code.php (or other files as requested)
The trouble here is that either .htaccess is serving your files to the user or it's not. You can't tell it to deny access to the .php files, because then access will be denied during normal use, as well. There is no fallback behavior for the PHP processor simply not running correctly.
Maybe it's worth temporarily moving the web root to point to an "under maintenance" site when doing big things like that, to minimize risk as much as possible.
Assuming you're using Apache, your .htaccess file would look something like this.
<FilesMatch ".*\.php">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
<IfModule php5_module>
<FilesMatch ".*\.php">
Allow from all
Satisfy All
</FilesMatch>
</IfModule>
The first rule denies access to all .php files. By default, the user will see a 403 (Forbidden) error.
If the PHP5 module successfully loads, the second rule will take affect, which grants access.
I am trying to do the following in my web application:
<img src="static.example.com/image01.jpg?width=300&height=300" />
Is it possible to have my server (I use Apache in a shared hosting environment) run a PHP script when accessing a .jpg (or any filetype that I chose) instead of just serving the file?
I know that the PHP script has to set the right headers etc, I'm just wondering how it can be run in the first place.
I know this can be done as so :
<img src="static.example.com/get_image.php?name=image_01.jpg&width=300&height=300" />
but that's not how I would like to have it.
You could use mod_rewrite provided you are in a subdirectory, or that is all your other static.example.com will be doing.
Add something like this to your .htaccess in that subdirectory.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{query_string} ^height=([^&]+)&width=([^&]+)
RewriteRule (.*\.jpg|.*\.png|.*\.gif) controller.php?name=$1&height=%1&width=%2
</IfModule>
EDIT: Try the above. Like everything else, untested... :)
The order of the GET parameters becomes important.
test.jpg?height=100&width=120
should get turned into
controller.php?name=test.jpg&height=100&width=120
Another approach would be to make apache serve .jpg as php scripts for that directory.
Just look in your httpd.conf or php.conf and look for .php. Find that directive, and duplicate it within a <Directory> for .jpg.
I've never actually tried this for a single directory, but ultimately it would be faster than the mod_rewrite route.
Something like:
<Files *.jpg>
SetOutputFilter PHP
SetInputFilter PHP
</Files>
AddType application/x-httpd-php .jpg