Apache mod_rewrite Example: Forbidding Direct Script Access
We want friendly URL together with forbidding direct script access by using .htaccess.
For example:
1. If the input URL is "hello/iqbalhosan" then Redirect to URL "hello.php?visitor=iqbalhosan"
2. If the input URL is "hello/iqbalhosan/" then Redirect to URL "hello.php?visitor=iqbalhosan"
3. If the input URL is "hello.php" then Redirect to "Error 403: Access forbidden"
and also
4. If the input URL is "hello.php?visitor=iqbalhosan" then Redirect to "Error 403: Access forbidden"
create a file named ".htaccess" then copy & paste the below code:
RewriteEngine On
RewriteRule ^hello/([a-z]+)/?$ hello.php?visitor=$1
RewriteCond %{THE_REQUEST} hello\.php
RewriteRule ^hello\.php - [F]
Explanation of .htaccess file
RewriteEngine On : this line of code enables rewriting engine
RewriteRule ^hello/([a-z]+)/?$ hello.php?visitor=$1 : this line of code applies rewriting rule
where
^ start of input
$ end of input
hello/ REQUEST_URI starts with "hello"
([a-z]+) capture any word or characters and put it in $1
/? this is nothing but an optional trailing slash "/"
rewrite:
hello.php?visitor=$1
where $1 is the captured literal string.
and
RewriteRule ^hello\.php - [F] means redirect to error 403: access forbidden if hello.php is found in THE REQUEST.
RewriteCond %{THE_REQUEST} hello\.php means if hello.php is exist in THE REQUEST.
now create a file named ".hello.php" then copy & paste the below code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Apache mod_rewrite Example: Forbidding Direct Script Access</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="Author" content="Md Iqbal Hosan">
<meta name="title" content="apache mod rewrite example friendly url using htaccess">
<meta name="keywords" content="php, example, code, array, function, mod_rewrite, string, apache, htaccess, se friendly urls">
<meta name="description" content="apache mod rewrite example friendly url using htaccess">
<style>
h2, h4{background:#FFFF99; color:#000085;}
h2{ padding:3px; margin:3px; font-size:21px;}
h4{ padding:2px; margin:2px; font-size:17px;}
p{padding:2px; margin:2px;}
body{ background:#FFFFFA;}
span{ font-size:16px; font-weight:bold; color:#3366FF;}
</style>
</head>
<body>
<h1>Apache mod_rewrite Example: Forbidding Direct Script Access</h1>
<h2>you are currently visiting hello.php</h2>
<pre>
<?php
/*
--------------------------------------------------------------------------------
catch visitor name from url while forbidding direct script access by .htaccess
--------------------------------------------------------------------------------
*/
$VisitorNameFromURL = $_REQUEST['visitor'];
?>
<p>Hello <span><?php echo $VisitorNameFromURL; ?></span></p>
</pre>
</body>
</html>
Explanation of hello.php file
this file receives nothing but a name from URL and make a greeting message with it.
Apache mod_rewrite Example: Forbidding Direct Script Access - output in the browser
while THE REQUEST is "hello/iqbalhosan" or "hello/iqbalhosan/"
while THE REQUEST is "hello/iqbalhosan/webdeveloper"
while THE REQUEST is "hello.php"
while THE REQUEST is "hello.php?visitor=iqbalhosan"
No comments:
Post a Comment
leave your comments here..