Rectangle 27 1

RewrieEngine on
# 404 any URL ending .php (ignoring any query string)
RewriteRule ^(.+)\.php$ - [R=404,L,NC]
# Rewrite any URL that does not contain a dot (.), and therefore has no extension, to ini.php
RewriteRule ^([^.]*)$ ini.php [END]

I am assuming it will go in a .htaccess file from what you said. It would need changing to go in the main config.

Don't turn DirectorySlash off. It's a security risk to do so (see the link) and it only applies to existing directories anyway so is not causing any problems for you. There is no space in RewriteEngine.

Thanks for your response. I didn't actually want to disclose that I was handling php files, so I did want to go ahead and reply with a 404, though I really like your idea... It's actually kind of funny because you replied just as I found a solution... Could you look over it and see what you think for me? RewriteEngine on DirectorySlash off RewriteCond %{REQUEST_URI} (\.[php^\\/]+)$ RewriteRule ^(.*)$ - [L,NC,R=404] RewriteCond %{REQUEST_URI} !(\.[^\\/]+)$ RewriteRule ^.+$ / [L,NC] For DirectorySlash, if I turn off indexing, would it still be a security issue?

There is no reason to turn DirectorySlash off, why would you want to do it? I can't easily read the rest in a comment like that, could you post it in an update to the question please? Probably easiest is just that I update my answer to be a 404, which I'll do now.

Yeah you must have some other directives that are causing the whole URL processing phase to run through again, so the END flag ensures that it doesn't reprocess successful matches to that rule when they come back through. I'm not 100% clear on what possible causes there are for the processing phase to run through again, need to learn more on that. Glad it's working for you.

Sorry about that. Changing the plus sign for a star on the last line should sort it. I updated the answer.

php - .htaccess Multiple Rewrite Rules with Extensions - Stack Overflo...

php apache .htaccess mod-rewrite url-rewriting
Rectangle 27 5

RewriteEngine On
RewriteBase /news/

# first take out query string from your URLs
RewriteCond %{THE_REQUEST} \?\S+
RewriteRule ^/?$ %{QUERY_STRING}? [L]

# now convert all & to /
RewriteRule ^([^&]+)&(.*)$ $1/$2 [L]

# now convert all = to /
RewriteRule ^([^=]+)=([^=]+=.*)$ $1/$2 [L]
RewriteRule ^([^=]+)=([^=]+)$ $1/$2 [L,R]

# finally an internal rule to replace /n1/v1/n2/v2 to QUERY_STRING
RewriteRule "^([^/]+)/([^/]*)(?:/(.*))?$" $3?$1=$2 [L,QSA]

## Your existing stuff followed now
RewriteRule ^index\.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]

php - Dynamic URL rewrite using .htaccess - Stack Overflow

php .htaccess mod-rewrite url-rewriting
Rectangle 27 4

Unfortunately, it's not using a normal URL string, since it doesn't have the ? to separate out the query string. You may want to try using a few different functions together:

$path = parse_url($url, PHP_URL_PATH);
$path = explode('&',$path);
$filename = $path[0]; // and here is your test.png

PHP - How to get a file name from url string - Stack Overflow

php
Rectangle 27 2

RewriteEngine on
RewriteBase /

# Skip actual files/directories
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

# If the host matches example.com
RewriteCond %{HTTP_HOST} ^www\.example\.com$
# And the request URI starts with page.php
RewriteCond %{REQUEST_URI} ^\/page\.php
# And the querystring matches tokenid=DIGIT&tokenname=TOKEN_NAME
RewriteCond %{QUERY_STRING} tokenid=\d&tokenname=(.*)
# Then rewrite the URI to TOKEN_NAME
RewriteRule ^(.*)$ %1? [L,R]

You might want to try it online, if you wish.

i have tried your suggestion, but i am getting error 404 page, i am not able to retrive the page content.

As far as the apache's rewrite module is concerned, you're correctly redirecting to /About Us page. You need to make sure that the URI actually exists. Adding a rewrite rule does not magically make that page available.

yes but i am fetching the page from database based on tokenid and tokenname and i am rewriting the url so that the user does not see the extra query string .

Url rewriting in php with multiple query string variables using .htacc...

.htaccess url-rewriting query-string
Rectangle 27 1

This functionality cannot be implemented using only PHP. You need to configure URL rewriting for your HTTP server, which will transform the user-friendly URLs into query strings which your scripts can understand. In the case of Apache, you should look into mod_rewrite, which can usually be configured through .htaccess files.

php - User-friendly URLs instead of Query Strings? - Stack Overflow

php url
Rectangle 27 1

This functionality cannot be implemented using only PHP. You need to configure URL rewriting for your HTTP server, which will transform the user-friendly URLs into query strings which your scripts can understand. In the case of Apache, you should look into mod_rewrite, which can usually be configured through .htaccess files.

php - User-friendly URLs instead of Query Strings? - Stack Overflow

php url
Rectangle 27 2

You want to use .htaccess to rewrite your URLs internally and route them appropriately to your application.

Here's a specific .htaccess example that will do what you're looking for:

RewriteEngine on
RewriteRule ^cat_([0-9]*) /?cat=$1 [N,QSA]
RewriteRule ^item_([0-9]*) /?item=$1 [N,QSA]

Just put the above in a file called .htaccess in your root web folder, and you'll be good to go.

Note that you may have to enable mod-rewrite in your apache server if it's not already enabled (most shared hosting providers have it enabled)

php - User-friendly URLs instead of Query Strings? - Stack Overflow

php url
Rectangle 27 2

You want to use .htaccess to rewrite your URLs internally and route them appropriately to your application.

Here's a specific .htaccess example that will do what you're looking for:

RewriteEngine on
RewriteRule ^cat_([0-9]*) /?cat=$1 [N,QSA]
RewriteRule ^item_([0-9]*) /?item=$1 [N,QSA]

Just put the above in a file called .htaccess in your root web folder, and you'll be good to go.

Note that you may have to enable mod-rewrite in your apache server if it's not already enabled (most shared hosting providers have it enabled)

php - User-friendly URLs instead of Query Strings? - Stack Overflow

php url
Rectangle 27 2

This is accomplished through the use of .htaccess to modify how the URL is sent to the client. Or as other people say, to prettify the URL. Here are some links to articles to help you get started with the mod_rewrite rules required to make this function.

Sign up for our newsletter and get our top new questions delivered to your inbox (see an example).

php - User-friendly URLs instead of Query Strings? - Stack Overflow

php url
Rectangle 27 2

This is accomplished through the use of .htaccess to modify how the URL is sent to the client. Or as other people say, to prettify the URL. Here are some links to articles to help you get started with the mod_rewrite rules required to make this function.

php - User-friendly URLs instead of Query Strings? - Stack Overflow

php url
Rectangle 27 1

Assuming your .htaccess is in the web root / directory

RewriteEngine on
RewriteBase /

RewriteCond %{QUERY_STRING} !no-redir [NC]
RewriteCond %{QUERY_STRING} (^|&)subject=([^&]+) [NC]
RewriteRule ^(.*)/product.php$ $1/%2? [NC]

RewriteRule ^([^+\s]+)(?:[+\s]+)([^+\s]+)((?:[+\s]+).*)$ $1-$2$3 [DPI,N]
RewriteRule ^([^+\s]+)(?:[+\s]+)([^+\s]+)$ $1-$2 [R=301,DPI,L]

Chris, the idea is to now capture the subject from path info instead of a GET parameter because it's not being passed as ?subject=sub+info which makes it unavailable as $_GET['subject'] now.

You'd need to get the subject keywords from the URI path as follows:

$uri = $_SERVER['REQUEST_URI'];
$subject = substr($uri, strrpos($, "/"));

Add the following after the rules defined above.

RewriteRule ^(.*/popcorn)/([^/.]+)$ $1/product.php?subject=$2&no-redir [NC,L]

Notice, I've added another RewriteCond on %{QUERY_STRING} above. This also means you can revert your product.php to the way it was before since subject is being passed again as usual.

That code worked perfectly to reformat the URL's, however I am now getting a 404 Server Error. The landing page has a conditional to check if the $subject variable isset before the page loads - would the reformatted URL (without the 'subject=') affect the conditional?

Yes, it would. The landing page won't recognize subject unless passed as ?subject=. I think formatting the url as /shop/popcorn/?subject=Bacon-and-Cheddar-Popcorn should work. Your call. Shorten it to just s if you like or pass as /?Bacon-and... Your php would have to accommodate accordingly. I would suggest you keep the pretty url and use lastIndexOf "/" with sub-string to capture the subject.

Thanks for the help Ravi, is 'lastIndexOf"/" with sub-string' a JavaScript function? I am not familiar with a PHP function of that name. If you could provide any direction or links on how to use that technique I would be very appreciative.

@Chris, those were Java equivalents of PHP strrpos() and substr(). Please, have a look at my update. That's the change I'm proposing for your landing php page.

Ravi, I was able to utilize the $_SERVER['REQUEST_URI'] variable to satisfy the conditional

php - Formatting .htaccess RewriteCond / RewriteRule for removing quer...

php apache .htaccess rewrite
Rectangle 27 1

You'll need to use mod_rewrite and a condition (RewriteCond) that matches against the QUERY_STRING server variable.

Try the following in your root .htaccess file above any existing mod_rewrite directives.

RewriteEngine On

# PART 1 : Redirect old category URLs
RewriteCond %{QUERY_STRING} ^cat=(\w+)
RewriteRule ^portfolio/category$ /projecten/%1? [R=302,L]

# PART 2 : Redirect other old URLs
RewriteCond %{QUERY_STRING} ^s=(pagename-\w{3}-\w{3})
RewriteRule ^portfolio/post\.php$ /projecten/%1? [R=302,L]

This assumes that the xxx in pagename-xxx-xxx are 3 literal word characters (ie. a-z, A-Z, 0-9 or _).

UPDATE#1: The trailing ? on the RewriteRule substitution is necessary in order to remove the query string from the target. Or, use the QSD flag on Apache 2.4+.

Change the 302 (temporary) redirect to 301 (permanent) when you are sure it's working OK. 301 redirects are cached by the browser, which can make testing problematic.

UPDATE#2: With respect to the updated URL in "PART 2", try the following instead:

# PART 2 : Redirect other old URLs
# To essentially remove the date prefix, eg. "YYYY-MM-DD-"
RewriteCond %{QUERY_STRING} ^s=/d{4}-/d{2}-/d{2}-(.+)
RewriteRule ^portfolio/post\.php$ /projecten/%1? [R=302,L]
^s=[0-9{4}]+-(.+?)/?[0-9{2}]+-(.+?)/?[0-9{2}]+-(.+?)/?(.*)$

This is a bit of a mash, but also looks overly complex for what you are trying to achieve? For instance, why do you need to match an optional slash (ie. /?)? Your example URL does not contain any slashes?

A regex pattern such as [0-9{4}]+ isn't doing what you think it's doing. This would match any of the characters 0123456789{} 1 or more times. What you seem to be trying to do is to match exactly 4 digits. eg. [0-9]{4} (which is the same as /d{4}, using a shorthand character class).

The first part is working but the second part is not. I did not explain the right url. i will post underneath.

I've updated my answer with respect to your revised URL structure. I've also added the ? on the substitution that I missed earlier (I see you've used the QSD flag instead - that is an alternative on Apache 2.4+).

Yeah, i was trying to follow some examples i found to remove numbers and dashes. But obviously i did not know what i was doing... Your nwe code works perfectly, thanks a million!!!

php - Redirect URLs with query strings in .htaccess - Stack Overflow

php apache .htaccess redirect concrete5
Rectangle 27 1

You'll need to use mod_rewrite and a condition (RewriteCond) that matches against the QUERY_STRING server variable.

Try the following in your root .htaccess file above any existing mod_rewrite directives.

RewriteEngine On

# PART 1 : Redirect old category URLs
RewriteCond %{QUERY_STRING} ^cat=(\w+)
RewriteRule ^portfolio/category$ /projecten/%1? [R=302,L]

# PART 2 : Redirect other old URLs
RewriteCond %{QUERY_STRING} ^s=(pagename-\w{3}-\w{3})
RewriteRule ^portfolio/post\.php$ /projecten/%1? [R=302,L]

This assumes that the xxx in pagename-xxx-xxx are 3 literal word characters (ie. a-z, A-Z, 0-9 or _).

UPDATE#1: The trailing ? on the RewriteRule substitution is necessary in order to remove the query string from the target. Or, use the QSD flag on Apache 2.4+.

Change the 302 (temporary) redirect to 301 (permanent) when you are sure it's working OK. 301 redirects are cached by the browser, which can make testing problematic.

UPDATE#2: With respect to the updated URL in "PART 2", try the following instead:

# PART 2 : Redirect other old URLs
# To essentially remove the date prefix, eg. "YYYY-MM-DD-"
RewriteCond %{QUERY_STRING} ^s=/d{4}-/d{2}-/d{2}-(.+)
RewriteRule ^portfolio/post\.php$ /projecten/%1? [R=302,L]
^s=[0-9{4}]+-(.+?)/?[0-9{2}]+-(.+?)/?[0-9{2}]+-(.+?)/?(.*)$

This is a bit of a mash, but also looks overly complex for what you are trying to achieve? For instance, why do you need to match an optional slash (ie. /?)? Your example URL does not contain any slashes?

A regex pattern such as [0-9{4}]+ isn't doing what you think it's doing. This would match any of the characters 0123456789{} 1 or more times. What you seem to be trying to do is to match exactly 4 digits. eg. [0-9]{4} (which is the same as /d{4}, using a shorthand character class).

The first part is working but the second part is not. I did not explain the right url. i will post underneath.

I've updated my answer with respect to your revised URL structure. I've also added the ? on the substitution that I missed earlier (I see you've used the QSD flag instead - that is an alternative on Apache 2.4+).

Yeah, i was trying to follow some examples i found to remove numbers and dashes. But obviously i did not know what i was doing... Your nwe code works perfectly, thanks a million!!!

php - Redirect URLs with query strings in .htaccess - Stack Overflow

php apache .htaccess redirect concrete5
Rectangle 27 1

RewriteEngine On

# Unless directory, remove trailing slash
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^/]+)/$ http://example.com/folder/$1 [R=301,L]

# Redirect external .php requests to extensionless url
RewriteCond %{THE_REQUEST} ^(.+)\.php([#?][^\ ]*)?\ HTTP/
RewriteRule ^(.+)\.php$ http://example.com/folder/$1 [R=301,L]

# Resolve .php file for extensionless php urls
RewriteRule ^([^/.]+)$ $1.php [L]

.htaccess - Hide .php extention from urls with query string - Stack Ov...

php .htaccess url-rewriting
Rectangle 27 1

You will need to activate the mod_rewrite and create the file .htaccess

.htaccess with Codeigniter:

<IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ index.php?$1 [L]    
</IfModule>
example.com/class/function/ID
mod_rewrite

php - User-friendly URLs instead of Query Strings? - Stack Overflow

php url
Rectangle 27 1

You will need to activate the mod_rewrite and create the file .htaccess

.htaccess with Codeigniter:

<IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ index.php?$1 [L]    
</IfModule>
example.com/class/function/ID
mod_rewrite

php - User-friendly URLs instead of Query Strings? - Stack Overflow

php url
Rectangle 27 15

Some characters have special meaning to the SQL database you are using. When these characters are being used in a query they can cause unexpected and/or unintended behavior including allowing an attacker to compromise your database. To prevent these characters from affecting a query in this way they need to be escaped, or to say it a different way, the database needs to be told to not treat them as special characters in this query.

In the case of mysql_real_escape_string() it escapes \x00, \n, \r,\, ', " and \x1a as these, when not escaped, can cause the previously mentioned problems which includes SQL injections with a MySQL database.

@thanks John this was a good starter answer. I am really glad someone ticked it as well because it was also a valid answer.

php - What does it mean to escape a string? - Stack Overflow

php mysql security escaping
Rectangle 27 15

Some characters have special meaning to the SQL database you are using. When these characters are being used in a query they can cause unexpected and/or unintended behavior including allowing an attacker to compromise your database. To prevent these characters from affecting a query in this way they need to be escaped, or to say it a different way, the database needs to be told to not treat them as special characters in this query.

In the case of mysql_real_escape_string() it escapes \x00, \n, \r,\, ', " and \x1a as these, when not escaped, can cause the previously mentioned problems which includes SQL injections with a MySQL database.

@thanks John this was a good starter answer. I am really glad someone ticked it as well because it was also a valid answer.

php - What does it mean to escape a string? - Stack Overflow

php mysql security escaping
Rectangle 27 2

Even in this distinct case you SHOULD NOT "sanitize" your input variables altogether. There are different rules for the different parts of the query: you can't escape identifier the same way as data.

php - A better SQL string sanitization function - Stack Overflow

php security
Rectangle 27 2

Even in this distinct case you SHOULD NOT "sanitize" your input variables altogether. There are different rules for the different parts of the query: you can't escape identifier the same way as data.

php - A better SQL string sanitization function - Stack Overflow

php security