0

I am new to htaccess, and really bad with regex, so here goes nothing...

I am building a pretty simple and basic web application. I have 5 pages, that handle everything in the application.

  • home.php
  • login.php
  • content.php
  • admin.php
  • error.php

home handles just the homepage; login handles just the login and account creation; content handles all the other pages in the site; admin handles just the admin portion that is behind the login; error handle errors - clearly

In order to achieve this I have had to work out some quirky htaccess rules. The login form is submitted via ajax, so that was the first hurdle.

I have gotten the login to successfully redirect to the admin portal and the admin portal will show up, but the logout will not work and none of the ajax functionality inside the admin portal will work.

here is my htaccess so far:

#I have no idea what this line does
Options -Indexes

# Turn on rewritting
RewriteEngine On

# This will get the admin portal to load it needs to go through the admin controller 
# not content, but nothing inside admin works
# /admin - works! 
# /admin/save, /admin/logout, /admin/getPage all fail and are submitted via ajax
RewriteCond %{REQUEST_URI} ^/(.*)/admin$
RewriteRule ^(.*)$ index.php?url=admin/default/ [L,NC,QSA]

# this let's the login form submission via ajax work successfully, otherwise it gets 
# processed by the last rule as a content page - it needs to go through the login 
# controller, not content.
RewriteCond %{REQUEST_URI} ^/(.*)/login/login$
RewriteRule ^(.*)$ index.php?url=login/login/ [L,NC,QSA]

# this handles all the other pages in the site successfully
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php?url=content/default/$1 [L,NC,QSA]

I have been searching the internet for answers to this all day, and what I have may be completely wrong, if so please let me know, and let me know why and how to fix it (those last two are optional I suppose). Once I get this working, my application will be ready. All help will be sincerely appreciated.

tereško
  • 58,060
  • 25
  • 98
  • 150
AverageJoe
  • 131
  • 1
  • 8

1 Answers1

1

A much better alternative to using a query string variable (like your url) is the following:

  • Parse each request through index.php
  • Read the URI path from the REQUEST_URI value of the $_SERVER global variable and the HTTP method from REQUEST_METHOD. Save them together with the values of the other global variables ($_POST, $_GET, etc) into a Request object (e.g. an instance of a class named, for example, Request).
  • Get a router like FastRoute (my personal choice) and build your routes list - read the docs please. Each route is defined as an object with a HTTP method, a pattern, and a handler (e.g. a controller method, e.g. an action) as properties.
  • Compare the request components (the HTTP method and the URI path from the Request object) with the components of each route object (the HTTP method and the pattern properties) in the routes list.
  • If a match is found, e.g. if the request components are the same as the ones of a route, then call the corresponding route handler, e.g. the controller action. Pass the Request object as argument, in order to be able to read the POST, GET, etc values.

Now regarding the configuration (for Apache 2.2):

First of all don't forget to deny the access to all folders!

<Directory />
    Options None
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>

Then the virtual host configuration would look something like this - where demoproj refers to the MVC project:

httpd-vhosts.conf

NameVirtualHost *:80

<VirtualHost *:80>
    ServerName localhost
    DocumentRoot "/path-to/htdocs"
</VirtualHost>

<VirtualHost *:80>
    ServerName local.demoproj
    DocumentRoot "/path-to/demoproj/public"
    Include "/path-to/httpd-vhosts-demoproj.conf"
</VirtualHost>

httpd-vhosts-demoproj.conf

<Directory "/path-to/demoproj/public">
    Allow from all

    # When off then RewriteRule directive is forbidden!
    # ---------------------------------------------------------------------------------------------
    # https://stackoverflow.com/questions/12120035/what-is-options-followsymlinks/26732503#26732503
    # https://stackoverflow.com/questions/12120035/what-is-options-followsymlinks/12129326#12129326
    # ---------------------------------------------------------------------------------------------
    Options FollowSymLinks

    # Activate rewriting engine.
    RewriteEngine On

    # Allow pin-pointing to index.php using RewriteRule.
    RewriteBase /

    # Rewrite url only if no physical folder name is given in url.
    RewriteCond %{REQUEST_FILENAME} !-d

    # Rewrite url only if no physical file name is given in url.
    RewriteCond %{REQUEST_FILENAME} !-f

    # Parse the request through index.php.
    # -----------------------------------------------------------------------------------------------------
    # https://httpd.apache.org/docs/current/rewrite/flags.html "RewriteRule Flags"
    # https://stackoverflow.com/questions/45997912/exposed-folders-in-mvc-application/45998123#45998123
    # https://stackoverflow.com/questions/2102128/mod-rewrite-what-does-this-rewriterule-do/2102189#2102189
    # -----------------------------------------------------------------------------------------------------
    RewriteRule ^(.*)$ index.php [QSA,L]
</Directory>
PajuranCodes
  • 303
  • 3
  • 12
  • 43