homepage Welcome to WebmasterWorld Guest from 54.204.127.191
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
rewrite url and get php variable from url
rigaconnect




msg:4547475
 4:09 pm on Feb 21, 2013 (gmt 0)

Actual url is www.url.com/?01var
How to rewrite that the above url looks like www.01var.url.com

With $_SERVER['QUERY_STRING'] (modifying it) I can define php variable 01var
If user types www.01var.url.com can I get the variables in the same way?

 

jadebox




msg:4547483
 4:26 pm on Feb 21, 2013 (gmt 0)

You'd have to use a DNS wildcard and define a "server alias" in your web server's configuration. Do an internet search for a phrase like "Wildcard DNS php" for examples.

lucy24




msg:4547686
 11:54 pm on Feb 21, 2013 (gmt 0)

Obvious tangential question: Is the php involvement needed for some reason beyond what you've said here? If all you're looking at is redirecting and rewriting between url-with-query and url-using-subdomain, with the identical variable format ("01var") either way, you should be able to do it directly in the config file or htaccess. Or, uh, equivalent in That Other Server.

The variable is
:: shuffling papers ::
$_SERVER[HTTP_HOST]

Well, ###. I could have made that up and I'd have been right.

Enabling subdomains-- possibly including wild-card subdomains --is of course a completely different issue from the mechanics of redirecting and/or rewriting.

rigaconnect




msg:4547756
 6:11 am on Feb 22, 2013 (gmt 0)

Yes, that is necessary to use some countermeasure against hackers (trying brute force attacks).
For every user is unique url to login. So the user can login only if he tries to login from the unique url associated only with the user.
For example website login form is in file login.php
I mean:
1) user enters business name
2) the business name is recorded in mysql
3) the business name from mysql is placed at the end of url, like login.php?businessname. This is the url for particular user to login
4) when any of users type url like login.php?xyz(1,2,3 etc) login form is displayed (echo).
5)in that login form user types username and password.
6) get/create php variable that contains url after ? sign
7) compare if such variable exists in mysql and match username
8)if not exist, error message; if exists, check if password is correct

By the way would like to know thoughts how effective is such solution. Here is example https://secure.freshbooks.com/loginSearch.php

And by the way... question. Is it possible to create whitelist of bots that are allowed to see website? So if bot is not in the whitelist, it sees something blank (does not see input form code).

lucy24




msg:4547792
 10:08 am on Feb 22, 2013 (gmt 0)

Don't even let the robots get close to your php. If they're not whitelisted, slam a 403 in their face.

If the site requires a login, do you need to admit any robots anywhere? Don't know about anyone else, but as a user it makes me insane when something comes up in a search engine and when I go there it turns out I have to log in. And they don't just want my name, they want money. Sorry, site, but you're just not that desirable.

rigaconnect




msg:4547827
 11:50 am on Feb 22, 2013 (gmt 0)

Could you advice good way not to allow bad bots to see code? I have found list of bad bots... but suppose such list changes frequently

lucy24




msg:4548062
 10:20 pm on Feb 22, 2013 (gmt 0)

One way:

RewriteCond %{something-here} one distinguishing feature [OR]
RewriteCond %{something-here} another distinguishing feature [OR]
RewriteCond %{something-here} third distinguishing feature
RewriteRule special-protected-page - [F]

There are other ways. Just don't ask me about IIS. Closed book to me and I'm perfectly happy to keep it that way.

For good robots such as major search engines, a simple robots.txt Disallow line will do it. But bad robots respond only to brute force.

rigaconnect




msg:4548131
 6:27 am on Feb 23, 2013 (gmt 0)

OK. Thank you for answers

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved