From what you wrote, the %{QUERY_STRING} variable won't be populated until *after* your RewriteRule executes, so this construct won't work.

Also be aware that the URL-path matched by the RewriteRule pattern contains only the requested URL-path -- everything after "example.com/" and before "?some-query-here", and the %{QUERY_STRING} variable contains only the query data -- everything after the "?" and before any "#" character.

I think what you may be looking for here is the %{HTTP_COOKIE} variable. In many or most "session" systems, the session is passed to the client as a cookie, and the client then sends that cookie back to your server with every HTTP request it makes. If your cookie is complex, you'll likely have to parse out just the sID part, but then, that's exactly what regular expressions are good for... :)

If you're not sure what your sID strings look like in your cookie, try the "Live HTTP Headers" add-on for Firefox or something similar; You can then "watch" all of the HTTP transactions between your browser and your server as you log in, get a session, and surf around your site. It will show the cookie(s) being passed back and forth, as well as (probably) far more detail than you need to solve this problem.

Jim

[edited by: jdMorgan at 4:35 pm (utc) on Jun 1, 2010]

just wanted to also ask if this would help in any way... if I just add this php code to the user login page which (i think) sets an apache environment variable:

<?php
apache_setenv("SOURCE_VAR", $sourceID);
?>

then in the htaccess file, would I be able to access this environment variable for the particular user session?

so the htaccess file would look like this:

Options +FollowSymlinks
RewriteEngine On
RewriteCond %{QUERY_STRING} .php(.*)
RewriteRule ^grab(.*) ?utm_source=SOURCE_VAR (er, not sure how to access an env var in htaccess file)

is anything like this possible?

No, because PHP runs *after* mod_rewrite is finished, so mod_rewrite will never see that variable.

Use the cookie.

Jim

thanks Jim (my second reply was actually posted before I saw your original response ... my bad).

using a cookie makes perfect sense ... and if i could trouble you a little further for the details? I set the cookie in php like this:

setcookie("sourceCookie", $sourceID);

right?

then i can access that in the htaccess file, which would now look like this:

Options +FollowSymlinks
RewriteEngine On
RewriteCond %{QUERY_STRING} .php(.*)
RewriteRule ^grab(.*) ?utm_source=%{HTTP_COOKIE} ^.*sourceCookie.*$

is that right?

so if my sourceCookie contained the value '1234', this would then append
?utm_source=1234
to the end of all my url's that currently just end in .php
is that right?

so if after logging in, that user went to www.example.com/aboutus.php
it will now be: www.example.com/aboutus.php?utm_source=1234
correct?

(i truly apologize if i am trying your patience ... i just don't really know what i'm doing with cookies and htaccess files)

Your idea will only work if the cookie contains *only* "1234".

Otherwise use a RewriteCond to examine %{HTTP_COOKIE} and extract the part you need to use in the query string.

Please study (not skim) the mod_rewrite documentation at Apache.org, and learn it well -- at least the RewriteRule and RewriteCond directives. You are about to add "just three little lines" of code you your server configuration. But those three lines of code must be absolutely perfect in every way, or unintended results may quite literally put you out of business...

If you are in too much of a hurry to do this right, then I strongly suggest that you do not use mod_rewrite -- It is quite compact, quite cryptic at the start, quite powerful, and therefore quite dangerous.

I was fairly explicit about what variables contain what values above, but my exposition did not seem to make it into your code...

There is no guessing at this. We here can help you get close, but cannot guarantee that any sample code posted here is "perfect enough" to avoid problems. Testing to verify this will be up to you.

In outline, you'll likely need something like this:

Options +FollowSymLinks
RewriteEngine on
#
# If utm_source query string has not already been appended
RewriteCond %{QUERY_STRING} !^([^&]*&)*utm_source=([^&]+)
# Extract SID from client cookie
RewriteCond %{HTTP_COOKIE} ^some-pattern-here-to-match-SID-(value)$
# internally rewrite to add SID to query string as utm_source value for all .php requests
RewriteRule ^(([^/]+/)*[^.]+\.php)$ /$1?utm_source=%1 [QSA,L]

Again, using "Live HTTP Headers" to examine HTTP client/server transactions on your site as it is right now will likely give you the information you need to confidently specify your requirements and to design a rule to meet those requirements. It will also give you some experience using the tool so that you can use it confidently while testing and troubleshooting the new code.

Jim