User friendly URLs - mod rewrite and php redirections

Question

So far I've done this:

RewriteBase /
RewriteCond  %{REQUEST_FILENAME} !-f
RewriteCond  %{REQUEST_FILENAME} !-d
RewriteRule  ^(.*)$ index.php?load=$1 [QSA,L]

Then on my index page (in the root directory) I'm using PHP to determine which page to load:

// Swap to variables
    $load = $_GET['load'];

// Home page
    if (!$load || $load == "") { include('home.php'); exit(); }

// Dashboard
    if ($load == "dashboard") { include('dashboard.php'); exit(); }

// About
    if ($load == "about") { include('about.php'); exit(); }

// Username
    $data_array = array(':username' => $load);
    $select_account = $connect->prepare("SELECT * FROM `users` WHERE `username` = :username");
    $select_account-> execute($data_array);
    $account_amount = $select_account->rowCount();
    if ($account_amount > 0) { include('profile.php?name=$load'); exit(); }

// Redirect to 404 if there are no results
    include('404.php'); exit();

Everything so far is working but users can upload photos to a gallery and I want them to be viewed like so:

www.mysite.com/[username]/gallery/

But if you were to type that as the url the rewrite reads [username]/gallery/ as one section which means $load = [username]/gallery which would give me a '404'.

There is probably a better solution to getting the desired results but I'm not too good with the .htaccess and rewriting. I would like to add that I like this rewrite too since I have sub-directories called signup and signin which both have sub-directories in them too, but if I go to the URL:

www.mysite.com/signup
www.mysite.com/signin

It ignores the rewrite and goes to the directory instead of running it through the $load statements which is what I want.

Also, to note, on registering an account, any username which matches strings such as dashboard or about etc it doesn't allow them to use it, this stops usernames and the $load if/else statements and their includes being mixed up etc

EDIT

Another thing I forgot to note is since they can call the gallery whatever they like, it needs to do a search to see if that gallery exists, so for example:

www.mysite.com/username/my+first+album

It would first need to check the username exists, then check the album exists, then display it if it does or 404/redirect to wherever if it doesn't. So basically, both parameters/queries will be dynamic. Not only that but then individual photos within that album need to work the same, for example:

www.mysite.com/username/my+first+album/my+picture

I hope that makes sense...

Answer 1

A simple solution would be: EDIT HTACCESS

RewriteBase /
RewriteCond %{REQUEST_URI}  !/signup
RewriteCond %{REQUEST_URI}  !/signin
RewriteRule ^([^/]*)/([^/]*)$ index.php?load=gallery&username=$1&gallery=$2
RewriteCond  %{REQUEST_FILENAME} !-f
RewriteCond  %{REQUEST_FILENAME} !-d
RewriteRule  ^(.*)$ index.php?load=$1 [QSA,L]

Now that PHP part ( for index.php ):

$load = $_GET['load'];
switch ($load){
    default:
        include('home.php');
        exit();
    break;
    case 'dashboard':
        include('dashboard.php');
        exit();
    break;
    case 'about':
        include('about.php');
        exit();
    break;
    case 'gallery':
        $username = $_GET['username'];
        $gallery = $_GET['gallery'];

        //check for the username and gallery

        header("Location: your-gallery-location-goes-here");
    break;
}

Hopefully it's gonna help :)

Answer 2

What you want is what is known as an URL router, this requires you to analyze the url and make decisions based on the contents. Most systems do this by getting you to provide an url template, and a function to call if the url matches. The function is normally passed any sub-matches in the template url.

For example Django uses regexes for its url routing and passes the named matches as arguments to a given function (or class).

If this is too complex for your needs then you can just use specific regexes to parse the url, your gallery case would be:

$matches = array();
$re = "/\/([\w\d])+\/([\w\d+%])+\/?/";
preg_match($re, $load, $matches);
$username = $matches[0];
$gallery  = $matches[1];

you can then use $username and $gallery however you wish.

Note

The above assumes that it will match, you will need to check the return value of preg_match to make sure. Also, I have not checked the regex, it may be wrong, or use features not in this syntax.

Reference

• Regular Expressions
• PHP PCRE Function Documentation (PCRE = Perl-Compatible Regular Expressions)

Answer 3

With help from both Aatch and Sally and a few search results on URL routing, I've got the following method to achieve what I was after so I thought I'd share it with everyone in case anybody might want to use it...

First of all I need to mention the site I'm working on is within 2 sub-directories of the root folder mysite.com/sub/folder/index.php hence why on the arrays I'm starting from [3]

With that said my .htaccess file is as followed:

RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . sub/folder/index.php [QSA,L]

This, as far as I'm away, gets anything that is written after sub/folder/ and redirects the page straight back to the index.php, however, it masks the URL in the address bar.

The only time it ignores this is if the sub directory actually exists. So for example I have a folder /sub/folder/signup/ if I was to type that in the address bar, because the directory exists then you are not redirected to the index.php file but sent to the directory requested, just like normal.

Now on my index.php file (Remember I'm starting at $uri[3] because I'm in sub folders!)

$uri = $_SERVER['REQUEST_URI']; // This brings back /sub/folder/foo/bar/test/
$uri = explode("/", $uri); // Separate each one

$var_one = $uri[3]; // foo
$var_two = $uri[4]; // bar
$var_three = $uri[5]; // test

switch ($var_one) {

    case '':
    case 'home':
        include('home.php');
        exit();
        break;

    case 'signout':
    case 'logout':
        include('signout.php');
        exit();
        break;

    case 'dashboard':
    case 'dash':
        include('dashboard.php');
        exit();
    break;

}

// By Username
    $data_array = array(':username' => $var_one);
    $select_account = $connect->prepare("SELECT * FROM `users` WHERE `username` = :username");
    $select_account -> execute($data_array);
    $account_amount = $select_account->rowCount();
    if ($account_amount > 0) { include('profile.php'); exit(); }

// By Account ID
    $data_array = array(':id' => $var_one);
    $select_account = $connect->prepare("SELECT * FROM `users` WHERE `id` = :id");
    $select_account -> execute($data_array);
    $account_amount = $select_account->rowCount();
    if ($account_amount > 0) { include('profile.php'); exit(); }

include('page_not_found.php');

The switch cases are simple includes, if the url is: /sub/folder/dashboard/ then dashboard.php is shown. If none of the cases match then we could possibly be looking at a profile. The first checks to see if it could be a username, if it exists then the view profile page is displayed. Then, it checks to see if it could be the unique ID number for that profile and does the same check.

Finally, if no results are brought back from any of them, then we are shown a 404 page not found page.

If it was a profile page, on the profile.php file I can then run checks for $var_two and see if they have uploaded a photo album under that name, for example /sub/folder/joe/holiday/ if yes, then run a query to fetch it all, if not, display a message/redirect or whatever.

Then if there is even more, say a specific picture ($var_three) in that folder ($var_two), for example /sub/folder/joe/holiday/beach/ - then run it through a similar query showing the results.

It may not be the best method but it's pretty straight forward and everything is working as I'd like it too so I can't really complain.

Answer 4

Here is simple example to begin with:

.htaccess

RewriteEngine On
RewriteRule ^includes/.*$ index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php [QSA,L]

First, you must deny direct access to .php files, you can put them in separate folder like '/includes' and redirect any call to that folder to index.php. Second, allow direct access to files ( like images or javascripts ). Last rule, redirect anything else to index.php.

PHP

Basically you must have set of rules to test URL and some controller to handle the result.

define( 'WEB_ROOT', rtrim( dirname($_SERVER["SCRIPT_NAME"]), '/' ) );
define( 'INCLUDES_ROOT', 'includes/' );

// examples of rewrite rules ( $key = action, $value = regular expression )
$rules = array( 
    'pages' => "/(?'page'dashboard|about|signin|signup)",   // e.g. '/about'
    'gallery' => "/(?'username'[\w\-]+)/gallery",   // e.g. '/some-user/gallery'
    'album' => "/(?'username'[\w\-]+)/(?'album'[\w\-]+)",   // e.g. '/some-user/some-album'
    'picture' => "/(?'username'[\w\-]+)/(?'album'[\w\-]+)/(?'picture'[\w\-]+)",     // e.g. '/some-user/some-album/some-picture'
    'home' => "/"   // e.g. '/'
    );

// get uri
$uri = '/' . trim( str_replace( WEB_ROOT, '', $_SERVER['REQUEST_URI'] ), '/' );

// test uri
foreach ( $rules as $action => $rule ) {
    $pattern = '/^'.str_replace( '/', '\/', $rule ).'$/';

    if ( preg_match( $pattern, $uri, $params ) ) {
        /* now you know the action and parameters so you can 
         * include appropriate template file ( or proceed in some other way )
         * NOTE: variable $params vill be visible in template ( use print_r( $params ) to see result )
         */
        include( INCLUDES_ROOT . $action . '.php' );
        // exit to avoid the 404 message 
        exit();
    }
}

// nothing is found so handle 404 error
include( INCLUDES_ROOT . '404.php' );

The next step is to check the received parameters.