kind of thinking publicly - here are what I see as all the possible URL's that might be requested:

domain.com/ - site home page ( either /index.php or sitefiles/index.php )
domain.com/help - ( needs to load domain.com/sitefiles/help - there are about 10 sub directories that need to be added to a list of exceptions )
domain.com/username - ( needs to load domain.com/userfiles/username )

Ideally I'd not like to expose the file structure in the browser address bar - seems mod_rewrite might be the best way?

However, if the application get a lot of users, the userfiles directory will start to get large - hence the need for a system that will allow this to work virtually ( in the sense that the userfiles/#*$! directory does not exist )

this is my mod_rewrite code - any problems?

# switch on modrewrite
Options -Indexes +Includes +FollowSymLinks
RewriteEngine On
DirectoryIndex index.php index.html

# DO NOT GO FURTHER IF THE REQUESTED FILE / DIR DOES EXISTS
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

# avoid loop with sitefiles
RewriteCond $1 !^(sitefiles)(/.*)$
# send all other requests to userfiles
RewriteRule ^(.*)$ /userfiles/index.php?1=$1 [L]

I moved the main site index.php to the root - the rest of the physical files work, as the first rules stops further rewrites ( should this rule go last, as it's less generic than the first one? ) and the index.php in userfiles does a check on the passed variable 1 to see if it can find the user's directory in the DB - if not, it's passed back to a "find" option in the main sitefiles

seems too simple, but seems to be working?

One thing to take into account is that URL paths are not server paths so the internal folder structure for "where stuff is kept" does not have to resemble in any way "the URLs that are used to access the content".

Additionally, never use "index.php" in a URL. Use DirectoryIndex to map URL requests for "/" to the respective index filename.



You said:

Use mod-rewrite to rewrite all requests to domain.com/userfiles/username - to domain.com/username

In reality you are rewriting requests for the URL domain.com/username to the server internal filepath at /userfiles/username/.

In order to get this code right you need to be absolutely clear which is a "URL used out on th web" and which is a "server filepath used inside the server".

fair warning - I think I've got that sorted.. and the .htaccess is doing it's job.

AA bit of a mess to move from one system to another at this late stage, but it is clearly better this way.. so worth the effort.

thanks for the advice

Design your system to use "nice" URLs.

Organise the files inside the server in a logical folder structure.

Use Mod_Rewrite to map those URL requests to the correct folders and files.

Your code checks the disk twice for each and every request to your server -- very inefficient.
Reorder your rewriteconds and add a few exclusions to get much better performance.

Also, if you try to cover up the fact that you have multiple users, then your site will suffer from maintenance and growth difficulties. Either put all users' directories under one easily-detectable "users" URL-path, or consider using a subdomain -- or even a subdomain for each user.

# Rewrite requests for user pages to common /users/index.php, passing
# username from requested 'virtual' subdirectory URL-path 
RewriteCond $1 !\.(php|gif|jpe?g|png|css|js)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^users/(.+)$ /users/index.php?username=$1 [L]

Jim

Hi Jim... glad to see you're still going!

here is what I have --

#### switch on modrewrite
Options -Indexes +Includes +FollowSymLinks
RewriteEngine On
RewriteBase /home/username/root/00/
DirectoryIndex index.php index.html

#### DO NOT GO FURTHER IF THE REQUESTED FILE / DIR DOES EXISTS
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

#### send all requests to users folder - apart from listed exceptions
RewriteCond $1 !^(00|01)(/.*)$
RewriteRule ^(.*)$ /users/?user=$1 [L]

Can you please point out where the double check occurs?

also this line:

RewriteCond $1 !\.(php|gif|jpe?g|png|css|js)$

says not to stop rewrites if the request is to any of the listed filetypes - right?..

This stuff drives me mad

cheers.

I think, looking at it now.. I already know that the exceptions:

RewriteCond $1 !^(00|01)(/.*)$

is not doing anything - right?

Did you mean

RewriteCond $1 !^0[01](/.*)?$ 

If URL-path does NOT start with 00 or 01, optionally followed by a slash and any additional path info?

Regardless, any and all such exceptions should be placed BEFORE the file- and directory-exists checks unless you want to beat up your disk and have a slow server...

Always do the disk checks last, after testing for all other possible URL- filepath- and server-variable-based exclusions. The same applies to doing reverse-DNS lookups, which are also very slow and server-resource-intensive, e.g.

RewriteCond %{REMOTE_HOST} ^blah$

This line actually requires your server to send a request to the DNS system (often on another server, or even on another network) -- and wait for the response -- before it can proceed to handle your user's request. If that lookup fails, then your user's request also fails... Not good.

When using disk checks or rDNS lookups, try to add the most comprehensive exclusions possible, so that these functions are only performed when absolutely necessary. Doing so can increase reliability, increase your server's performance, put off a required serve upgrade for years (perhaps indefinitely), and will certainly make your disk last longer...

Jim

Thanks again Jim - g1smd.

g1smd suggested not to rewrite to the index.php file - instead just to the directory - which is more efficient?

Here's my code now:

#### don't rewrite these exceptions
RewriteCond $1 !^(00|00_something)(/.*)$

#### stop if file or directory exists
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

#### rewrite rest to users folder - pass username in querystring
RewriteRule ^(.+*)$ /users/?user=$1 [L]

have I managed to exclude the double checks?

suggested not to rewrite to the index.php file

No. I said not to "redirect" to an index page. URLs for index pages should end in a trailing slash.

I guess I'm turning a common semantic error into a syntactical one...

so.. should I rewrite to the index.php or the directory with trailing slash?

cheers!

Yes, you should internally "rewrite" to a named file.

I get a 500 when I add the " + " sign in the rewrite rule:

RewriteRule ^(.+*)$ /users/index.php?user=$1 [L]

this works:

RewriteRule ^(.*)$ /users/index.php?user=$1 [L]

what's the difference?

Only

.

or

.?

or

.*

or

.+

is valid.

thanks,

any chance of a quick run-down of the subtle difference between these selectors?

cheers!

Please see the documentation cited in our Apache Forum Charter... Spending a day with that documentation will save you weeks, months, or years of frustration...

Jim