.htaccess rewrite rule issue
P粉316890884
P粉316890884 2024-03-20 00:01:01
0
1
453

.htaccess There is a problem with the rewrite rules. Pass the URL from the user's email to the browser that contains the token for password reset.

Current .htaccess Rules:

Options FollowSymLinks -MultiViews
RewriteEngineOn
RewriteBase/

RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\.DOMAIN\.com [NC]
RewriteRule ^(.*)$ https://DOMIAN.com/$1 [L,R=301]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME}\.php -f
RewriteRule ^(.*)$ $1.php [L]

RewriteCond %{THE_REQUEST} ^(?:GET|POST)\ /.*\.php\ HTTP.*$ [NC]
RewriteRule ^(.*)\.php$ $1 [R=301,L]

When the user tries to go

example.com/activate/00803e6632236414ebcdc34c7e7690d764e567083fac6

Producing these errors in debugging

example.com/activate/00803e6632236414ebcdc34c7e7690d764e567083fac6.php.php.php.php.php.php.php.php.php

So I followed the comments below and updated .htaccess like this:

Options FollowSymLinks -MultiViews

RewriteEngineOn
RewriteBase/

RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\.EXAMPLE\.com [NC]
RewriteRule ^(.*)$ https://EXAMPLE.com/$1 [L,R=301]

RewriteCond %{THE_REQUEST} ^(?:GET|POST)\ /.*\.php\ HTTP.*$ [NC]
RewriteRule ^(.*)\.php$ $1 [R=301,L]

# Rewrite extensionless ".php" URLs
RewriteCond %{DOCUMENT_ROOT}/$1.php -f
RewriteRule (. ) $1.php [L]

# Rewrite "/<file>/<code>" to "/<file>.php/<code>"
RewriteCond %{DOCUMENT_ROOT}/$1.php -f
RewriteRule ^([^/] )/([a-f0-9])$ $1.php/$2 [L]

I get the following error:

AH00128: File does not exist: /var/www/html/htdocs/activate/00803e6632236414ebcdc34c7e7690d764e567083fac6

P粉316890884
P粉316890884

reply all(1)
P粉651109397

The problem with this rule is that you are checking one file system path (i.e. %{REQUEST_FILENAME}\.php) and rewriting to another file system path ($1.php ). These don't necessarily mean the same thing. For a request to /activate/foo, where activate is not a file system directory, the format of REQUEST_FILENAME is /var/www/html/htdocs /activate (so the file check succeeds because /var/www/html/ htdocs/activate.php exists), but it rewrites the request to activate/foo.php (using $1 backreference) - The request does not exist. It will do this repeatedly, appending .php each time (until the internal rewrite limit is reached; default 10).

Aside#1: Before checking whether request .php is mapped to a file, there is no need to check whether the request is mapped to a directory and not to a file. That's 3 (expensive) filesystem checks when only one is needed.

Aside#2: You also don't need to backslash escape the literal dots in TestString (the first parameter), since this is a "normal" string, Not a regular expression.

This rule needs to be corrected so that you test the same file paths that will ultimately be rewritten. For example:

# Rewrite extensionless ".php" URLs
RewriteCond %{DOCUMENT_ROOT}/$1.php -f
RewriteRule (. ) $1.php [L]

Then you need an additional rule to rewrite request /activate/ to /activate.php/ (replace / Passed to your script as path information). If this is a one-off, this may be "hardcoded". For example:

# Rewrite "/activate/" to "/activate.php/"
RewriteRule ^(activate)/([a-f0-9] )$ $1.php/$2 [L]

(I'm assuming is a hexadecimal sequence, which seems to be the case in your example.)

Alternatively, if you have a similar request, make it more generic. For example. /<File>/ to /<File>.php/. For example:

# Rewrite "//" to "/.php/"
RewriteCond %{DOCUMENT_ROOT}/$1.php -f
RewriteRule ^([^/] )/([a-f0-9] )$ $1.php/$2 [L]

Narration:

This rule (external redirect) should precede the above rewrite.

Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template