Apache mod_rewrite Example: Forbidding Direct Script Access

Apache mod_rewrite Example: Forbidding Direct Script Access

  We want friendly URL together with forbidding direct script access by using .htaccess.
  
  For example:
  
  1. If the input URL is "hello/iqbalhosan" then Redirect to URL "hello.php?visitor=iqbalhosan"
  2. If the input URL is "hello/iqbalhosan/" then Redirect to URL "hello.php?visitor=iqbalhosan"
  3. If the input URL is "hello.php" then Redirect to "Error 403: Access forbidden"
  and also
  4. If the input URL is "hello.php?visitor=iqbalhosan" then Redirect to "Error 403: Access forbidden"
 

create a file named ".htaccess" then copy & paste the below code:

 RewriteEngine On
 
 RewriteRule ^hello/([a-z]+)/?$ hello.php?visitor=$1
 
 RewriteCond %{THE_REQUEST} hello\.php
 RewriteRule ^hello\.php - [F]
 

Explanation of .htaccess file

  RewriteEngine On : this line of code enables rewriting engine
  RewriteRule ^hello/([a-z]+)/?$ hello.php?visitor=$1 : this line of code applies rewriting rule
  
  where
  
  ^              start of input
  $              end of input
  hello/         REQUEST_URI starts with "hello"
  ([a-z]+)       capture any word or characters and put it in $1
  /?             this is nothing but an optional trailing slash "/"
  
  rewrite:
  
  hello.php?visitor=$1
  where $1 is the captured literal string.
  
  and
  
  RewriteRule ^hello\.php - [F]  means redirect to error 403: access forbidden if hello.php is found in THE REQUEST.
  RewriteCond %{THE_REQUEST} hello\.php  means if hello.php is exist in THE REQUEST.
 

now create a file named ".hello.php" then copy & paste the below code:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
 <head>
  <title>Apache mod_rewrite Example: Forbidding Direct Script Access</title>
  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
  <meta name="Author" content="Md Iqbal Hosan">
  <meta name="title" content="apache mod rewrite example friendly url using htaccess">
  <meta name="keywords" content="php, example, code, array, function, mod_rewrite, string, apache, htaccess, se friendly urls">
  <meta name="description" content="apache mod rewrite example friendly url using htaccess">
  <style>
   h2, h4{background:#FFFF99; color:#000085;}
   h2{ padding:3px; margin:3px; font-size:21px;}
   h4{ padding:2px; margin:2px; font-size:17px;}
   p{padding:2px; margin:2px;}
   body{ background:#FFFFFA;}
   span{ font-size:16px; font-weight:bold; color:#3366FF;}
  </style>
 </head>
 <body>
  <h1>Apache mod_rewrite Example: Forbidding Direct Script Access</h1>
  <h2>you are currently visiting hello.php</h2>
  <pre>
   <?php
    /*
     --------------------------------------------------------------------------------
     catch visitor name from url while forbidding direct script access by .htaccess
     --------------------------------------------------------------------------------
    */
    $VisitorNameFromURL = $_REQUEST['visitor'];
   ?>
   <p>Hello <span><?php echo $VisitorNameFromURL; ?></span></p>
  </pre>
 </body>
</html>

Explanation of hello.php file

this file receives nothing but a name from URL and make a greeting message with it.

Apache mod_rewrite Example: Forbidding Direct Script Access - output in the browser

while THE REQUEST is "hello/iqbalhosan" or "hello/iqbalhosan/"

while THE REQUEST is "hello/iqbalhosan/webdeveloper"

while THE REQUEST is "hello.php"

while THE REQUEST is "hello.php?visitor=iqbalhosan"

No comments:

Post a Comment

leave your comments here..