Welcome to WebmasterWorld Guest from 54.226.60.235

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

rewrite url and get php variable from url

     

rigaconnect

4:09 pm on Feb 21, 2013 (gmt 0)



Actual url is www.url.com/?01var
How to rewrite that the above url looks like www.01var.url.com

With $_SERVER['QUERY_STRING'] (modifying it) I can define php variable 01var
If user types www.01var.url.com can I get the variables in the same way?

jadebox

4:26 pm on Feb 21, 2013 (gmt 0)

10+ Year Member



You'd have to use a DNS wildcard and define a "server alias" in your web server's configuration. Do an internet search for a phrase like "Wildcard DNS php" for examples.

lucy24

11:54 pm on Feb 21, 2013 (gmt 0)

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



Obvious tangential question: Is the php involvement needed for some reason beyond what you've said here? If all you're looking at is redirecting and rewriting between url-with-query and url-using-subdomain, with the identical variable format ("01var") either way, you should be able to do it directly in the config file or htaccess. Or, uh, equivalent in That Other Server.

The variable is
:: shuffling papers ::
$_SERVER[HTTP_HOST]

Well, ###. I could have made that up and I'd have been right.

Enabling subdomains-- possibly including wild-card subdomains --is of course a completely different issue from the mechanics of redirecting and/or rewriting.

rigaconnect

6:11 am on Feb 22, 2013 (gmt 0)



Yes, that is necessary to use some countermeasure against hackers (trying brute force attacks).
For every user is unique url to login. So the user can login only if he tries to login from the unique url associated only with the user.
For example website login form is in file login.php
I mean:
1) user enters business name
2) the business name is recorded in mysql
3) the business name from mysql is placed at the end of url, like login.php?businessname. This is the url for particular user to login
4) when any of users type url like login.php?xyz(1,2,3 etc) login form is displayed (echo).
5)in that login form user types username and password.
6) get/create php variable that contains url after ? sign
7) compare if such variable exists in mysql and match username
8)if not exist, error message; if exists, check if password is correct

By the way would like to know thoughts how effective is such solution. Here is example [secure.freshbooks.com...]

And by the way... question. Is it possible to create whitelist of bots that are allowed to see website? So if bot is not in the whitelist, it sees something blank (does not see input form code).

lucy24

10:08 am on Feb 22, 2013 (gmt 0)

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



Don't even let the robots get close to your php. If they're not whitelisted, slam a 403 in their face.

If the site requires a login, do you need to admit any robots anywhere? Don't know about anyone else, but as a user it makes me insane when something comes up in a search engine and when I go there it turns out I have to log in. And they don't just want my name, they want money. Sorry, site, but you're just not that desirable.

rigaconnect

11:50 am on Feb 22, 2013 (gmt 0)



Could you advice good way not to allow bad bots to see code? I have found list of bad bots... but suppose such list changes frequently

lucy24

10:20 pm on Feb 22, 2013 (gmt 0)

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



One way:

RewriteCond %{something-here} one distinguishing feature [OR]
RewriteCond %{something-here} another distinguishing feature [OR]
RewriteCond %{something-here} third distinguishing feature
RewriteRule special-protected-page - [F]

There are other ways. Just don't ask me about IIS. Closed book to me and I'm perfectly happy to keep it that way.

For good robots such as major search engines, a simple robots.txt Disallow line will do it. But bad robots respond only to brute force.

rigaconnect

6:27 am on Feb 23, 2013 (gmt 0)



OK. Thank you for answers
 

Featured Threads

Hot Threads This Week

Hot Threads This Month