I am trying to do the following in my web application:
<img src="static.example.com/image01.jpg?width=300&height=300" />
Is it possible to have my server (I use Apache in a shared hosting environment) run a PHP script when accessing a .jpg (or any filetype that I chose) instead of just serving the file?
I know that the PHP script has to set the right headers etc, I'm just wondering how it can be run in the first place.
I know this can be done as so :
<img src="static.example.com/get_image.php?name=image_01.jpg&width=300&height=300" />
but that's not how I would like to have it.
You could use mod_rewrite provided you are in a subdirectory, or that is all your other static.example.com will be doing.
Add something like this to your .htaccess in that subdirectory.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{query_string} ^height=([^&]+)&width=([^&]+)
RewriteRule (.*\.jpg|.*\.png|.*\.gif) controller.php?name=$1&height=%1&width=%2
</IfModule>
EDIT: Try the above. Like everything else, untested... :)
The order of the GET parameters becomes important.
test.jpg?height=100&width=120
should get turned into
controller.php?name=test.jpg&height=100&width=120
Another approach would be to make apache serve .jpg as php scripts for that directory.
Just look in your httpd.conf or php.conf and look for .php. Find that directive, and duplicate it within a <Directory> for .jpg.
I've never actually tried this for a single directory, but ultimately it would be faster than the mod_rewrite route.
Something like:
<Files *.jpg>
SetOutputFilter PHP
SetInputFilter PHP
</Files>
AddType application/x-httpd-php .jpg
Related
I know that the AddHandler directive allows you to associate a file extension with a a process.
Is it possible to associate a single file with a process?
For example, I would like to process something.css go run a PHP script to generate some CSS dynamically.
From what I have read so far, it might be possible using something like:
<Files something.css>
# go off to PHP script
</Files>
… but I don’t know what to do next.
OK, here’s how I got it working:
# .htaccess
<Files something.css>
RewriteEngine On
RewriteRule ^(.+)$ /styles/something.php [QSA,L]
</Files>
This goes directly into the /styles/ directory, since you can’t specify directories in the Files directive.
I was following a video tutorial on Youtube from phpacademy, https://www.youtube.com/watch?v=hxWYeCGa-PA&index=6&list=WL to make a dynamic RSS feed. In order to do that I need to be able to use php inside my rss file.
In this video the guy mentions adding the following line to the HTTPD-Conf file in order to allow this.
AddType application/x-httpd-php .rss
I contacted my web host 123-reg and asked them
Do I have access to the HTTPD.Conf file, or is it already configured to allow this.
I am looking to add the following line of code to the file if it isn't already in there.
AddType application/x-httpd-php .rss
What options do I have?
They responded with the following
The HTTPD.Conf file cannot be accessed with a shared hosting package
as the one used to host the website for the domain vwrx-project.co.uk.
This file is already configured to allow RSS, however you will need to
enable it. You can try adding the handler into the .htaccess file.
Does this make any sense to someone, I don't really know what code I should be looking to add into my .htaccess file
You can use url rewriting (if your hosting supports this) to direct non-existing files and directories, with .rss extension to .php:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)\.rss$ /$1.php [L,QSA]
Put all these lines into your .htaccess file and youtubefeed.rss will open youtubefeed.php, which you can program yourself.
After some more hunting around, and having looked up DaveG's code I wasn't sure it would do as I would have liked.
I have a file with a .rss extension for my rss feed, so from my understanding of the above code, it would redirect you from filnename.rss to filename.php where as what I was looking to do was retain the .rss extension but allow that file to read and interpret the php within it.
After some more searching I found that I could have used the original code from the video, and place it inside my .htaccess file instead on my httpd.conf file, I didn't realize that the code was interchangeable.
AddType application/x-httpd-php .rss // For older versions of php
Anyway whilst looking for this solution I saw some using the line of code below to achieve the same result, the only real difference being it is for PHP5 and later which is whats running on my server so AddType is now AddHandler and we add a 5 to the end of php
AddHandler application/x-httpd-php5 .rss // For use with PHP5+
I recently played with a .htaccess file to make one server to parse PHP files. Yesterday I uploaded the same .htaccess file and tried to test a PHP file. But something went wrong: visiting my page the browser offers to download the the html page rather then viewing the page!
On the server the filenames end in .html.
I added the following to my .htaccess file:
AddType application/x-httpd-php .html
I tried to find the htaccess file, but once uploaded it just disappears from the root dir.
I tried to upload other scripts I've found browsing. I even tried to search for some problem on a hosting forum. Nothing helped.
Please help!
Try this
AddType application/x-httpd-php .php .htm .html
OR
AddHandler application/x-httpd-php .php .htm .html
And remove other overriding handlers for application/x-httpd-php after above code.
Right, firstly things first, what host do you use?
Also what ftp client you are using? Some by default won't display files starting with . such as .htaccess and .htpasswd, that's why it may appear that you didn't upload it. Also it might be that you don't have the rights to upload in the very root directory, try to go one directory up.
Also from my experience, hosts won't allow you to modify headers via .htaccess this way, because the allowoverride directive is off; instead have a look at url rewrites (via mod_rewrite), which allow you to do the same thing without modifying headers.
Your rewrite .htaccess file might look something like:
RewriteEngine On
RewriteBase /
RewriteRule ^(\w+)\.html$ $1.php [NC]
(Not tested though)
Using a rewrite will also mean that your files will in fact maintain the php extension, however they will be access via urls that include .html extension.
So, ok. I have many php files and one index.php file. All files can't work without index.php file, because I include them in index.php. For example. if somebody click Contact us the URL will become smth like index.php?id=contact and I use $_GET['id'] to include contacts.php file. But, if somebody find the file's path, for example /system/files/contacts.php I don't want that that file would be executed. So, I figured out that I can add before including any files in index.php line like this $check_hacker = 1 and use if in every files beginning like this if($check_hacker <> 1) die();. So, how can I do it without opening all files and adding this line to each of them? Is it possible? Because I actually have many .php files. And maybe there is other way to do disable watching separate file? Any ideas? Thank you.
You could put your index.php alone in your web directory. And put all the files it includes in another non web directory.
Let's say you website http://www.example.com/index.php is in fact /path/to/your/home/www/index.php, you can put contact.php in /path/to/your/home/includes/contact.php. No .htaccess, rewrite, auto appending. Just a good file structure and a server configured like needed.
Edit to detail my comment about using xamp :
In your httpd.conf file, add something like this :
<Directory "/path/to/your/site/root">
Options Indexes FollowSymLinks
AllowOverride all
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</Directory>
<VirtualHost *:80>
DocumentRoot /path/to/your/site/root
ServerName www.example.org
</VirtualHost>
Then in your windows hosts file (in C:\Windows\System32\drivers\etc), add this line :
127.0.0.1 www.example.com
I would highly recommend to use the .htaccess file to rejects all requests for files diffrent to index.php but I am not quite sure how to do that propperly.
This might work (can't test it now) but it will also block requests to css, js and so on:
order deny,allow
<FilesMatch "\.php">
deny from all
</FilesMatch>
<FilesMatch "(index.php)">
allow from all
</FilesMatch>
If someone knows the right solution, please edit my answer.
You might check this question: Deny direct access to all .php files except index.php
So you might have a FilesMatch only for php files in addition to the index.php rule.
EDIT: The new version of the code seems to work.
In response to Kau-Boy:
Place all your php files (except index.php) in a new directory and put the .htaccess file with the following contents:
deny from all
Make sure you don't put any images/css/jscript resources in this directory, because they will be blocked as well.
I'd use mod_rewrite in this case (if you are using Apache). It's much cleaner solution than writing gazillions of useless ifs in PHP.
This way, if someone wanted to "hack it" and tried /system/files/contacts.php, it'd redirect them to index.php?id=contact or whatever other site.
In your php.ini or in you htaccess set the following variable:
auto_prepend_file="[path to some .php file]"
This will include a header file of your choice that will be included before all php scripts on the system.
The php.ini directive auto_append_file, will create a footer that is included at the end of all PHP files on the system.
Check out the technique at http://www.electrictoolbox.com/php-automatically-append-prepend/
RewriteCond %{REQUEST_URI} system.*
RewriteRule ^(.*)$ /index.php?/$1 [L]
Will redirect any attempt to system folder back to root!
Using Apache 2.2 and PHP 5, what's the best way to run PHP without the .php extension? For example, I have a script called app.php and I like to invoke it as:
http://example.com/app
Please notice that I still want to keep the .php extension to the file and I don't have mod_rewrite. Don't want use index.php either because it requires too many directories.
I did find one way by adding this to my .htaccess,
AddHandler server-parsed .php
SetHandler application/x-httpd-php
AddHandler application/x-httpd-php .php
The page runs a little slower by using this. I suspect it invokes SSI on every PHP page. Wonder if there are any better ways to accomplish this.
An alternative is to use content negotiation. Turn on multiviews:
Options +MultiViews
If a named resource doesn't exist, Apache will glob for the file, then sort based on the media type and content encoding requirements send by the browser. If there's only one file (your PHP script), then that's what the URL resolves to.
You could also force the mime type of a specific file in your .htaccess:
<Files app>
ForceType application/x-httpd-php
</Files>
The short answer is that you aren't going to be able to do this the way you want to. PHP is going to require SOME extension in order to execute the files so you might as well leave it as *.php.
Unless you use mod_rewrite you are going to have to call the files using the full file and extension.
That is the beauty of mod_rewrite--it lets you do just such a thing.
I would pose the question back to you--why can't you use mod_rewrite? Is it an environment issue, a choice, are you using Lighttpd (lighty)?
Extension
Wrap your rewrite rules in something like this to keep it from blowing up if the server doesn't support mod_rewrite:
<IfModule mod_rewrite.c>
// DO REWREITE HERE
</IfModule>
If you believe it to be a security concern or something equally valid then you could also do the following check and send them to a custom 404 or even your documentation and give them examples of how to enable mod_rewrite and explain the need, etc. This second check is optional though--if you don't use it the users will simply see the .php extension but your pages should still work.
<IfModule !mod_rewrite.c>
ErrorDocument 404 /application/errors/404.php
// ERROR 404 ABOVE OR DO ANOTHER DIRECT REDIRECT TO AN INFORMATION PAGE
</IfModule>