Ben mod_rewrite'ı aşağıdaki yoluyla elde etmek çalışıyorum:
1. What is the basic directory structure?
- /
- main/ (folder)
- PHP dosyaları bir demet
- some_folder / (klasör)
- another_folder / (klasör)
- ... (Böyle klasörlerin bir rasgele sayı)
- yet_another_folder / (klasör)
- . Htaccess (sihirli burada gidiyor)
- main/ (folder)
2. What I am trying to do?
Bu senaryoda, tüm yürütülebilir dosyaları ana klasör içinde bulunan ve sadece ek klasörler aracılığıyla erişilebilir olmalıdır. Ayrıca, PHP betikleri onlara erişilen hangi aracılığıyla klasörün adıyla ilgili bazı bilgileri aktarmak için bir apache ortam değişkeni güveniyor. Başka bir özel gereksinimi ana klasörü (sadece dahili yönlendirme) aracılığıyla doğrudan erişilebilir olması gerektiğidir.
3. How far did I get?
I implemented the following .htaccess file:
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/(main|another)/.*$
RewriteRule ^(.*)/(.*)$ /main/$2 [QSA,L,env=VAR_NAME:$1/weird_include.php]
It generally does the redirect, however there are some issues...
4. What is the big deal?
Using this approach, the main
(and the another
as well) folder can still be accessed directly, and I want it to be accessible only through one of the auxiliary folders.
The second problem is that, because there is a rewrite, the mod_rewrite adds a REDIRECT_
prefix to the variables and since I have completely no control over the source code residing in main
and it requires specific variable names, that doesn't work for me at all.
Also I haven't found a decent way yet to isolate the access to main
and other-main
folders...
5. Where I believe the key to the tent is?
This post in the PHP doc on the topic suggests adding a rule similar to this one
RewriteRule ^index\.php$ \ - [E=VAR1:%{REDIRECT_VAR1},E=VAR2:%{REDIRECT_VAR2},L]
would resolve the issue. However I don't see how I can modify that to conform to the 'no direct access' requirement. And also - what overhead does mod_rewrite introduce?
The other important question would be how to restrict the access to main
and other-main
in the forementioned way?
Would adding a .htaccess file in these two folders, that does checks for REDIRECT_VAR_NAME1 and if it is present, rewrites it to VAR_NAME, leaving the url intact, and if it is not redirects to 403 forbidden
do the trick? And also any hint towards what the overhead of this would be greatly appreciated.