Dahili yeniden yazma + mod-rewrite/.htaccess ile ortam değişkenlerinin

0 Cevap php

Ben mod_rewrite'ı aşağıdaki yoluyla elde etmek çalışıyorum:

1. What is the basic directory structure?

  • /
    • main/ (folder)
      • PHP dosyaları bir demet
    • some_folder / (klasör)
    • another_folder / (klasör)
    • ... (Böyle klasörlerin bir rasgele sayı)
    • yet_another_folder / (klasör)
    • . Htaccess (sihirli burada gidiyor)

2. What I am trying to do?

Bu senaryoda, tüm yürütülebilir dosyaları ana klasör içinde bulunan ve sadece ek klasörler aracılığıyla erişilebilir olmalıdır. Ayrıca, PHP betikleri onlara erişilen hangi aracılığıyla klasörün adıyla ilgili bazı bilgileri aktarmak için bir apache ortam değişkeni güveniyor. Başka bir özel gereksinimi ana klasörü (sadece dahili yönlendirme) aracılığıyla doğrudan erişilebilir olması gerektiğidir.

3. How far did I get?

I implemented the following .htaccess file:
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/(main|another)/.*$
RewriteRule ^(.*)/(.*)$ /main/$2 [QSA,L,env=VAR_NAME:$1/weird_include.php]
It generally does the redirect, however there are some issues...

4. What is the big deal?

Using this approach, the main (and the anotheras well) folder can still be accessed directly, and I want it to be accessible only through one of the auxiliary folders. The second problem is that, because there is a rewrite, the mod_rewrite adds a REDIRECT_ prefix to the variables and since I have completely no control over the source code residing in main and it requires specific variable names, that doesn't work for me at all. Also I haven't found a decent way yet to isolate the access to main and other-main folders...

5. Where I believe the key to the tent is?

This post in the PHP doc on the topic suggests adding a rule similar to this one
RewriteRule ^index\.php$ \ - [E=VAR1:%{REDIRECT_VAR1},E=VAR2:%{REDIRECT_VAR2},L]
would resolve the issue. However I don't see how I can modify that to conform to the 'no direct access' requirement. And also - what overhead does mod_rewrite introduce? The other important question would be how to restrict the access to main and other-main in the forementioned way?
Would adding a .htaccess file in these two folders, that does checks for REDIRECT_VAR_NAME1 and if it is present, rewrites it to VAR_NAME, leaving the url intact, and if it is not redirects to 403 forbidden do the trick? And also any hint towards what the overhead of this would be greatly appreciated.

0 Cevap

etiketler