My.htaccess如下:
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ ./backend-scripts/url_parser.php
然后,处理url重定向的是文件url_parser.php,如下所示。
<?php
// open file and get its contents in a string format.
$string = file_get_contents("../json/site_map.json");
// decode the json string into an associative array.
$jsonArray = json_decode($string, TRUE);
// add trailing slash to URI if its not there.
$requestURI = $_SERVER['REQUEST_URI'];
$requestURI .= $requestURI[ strlen($requestURI) - 1 ] == "/" ? "" : "/";
// split up the URL at slashes.
$uriArray = explode('/', $requestURI);
// select the last piece of exploded array as key.
$uriKey = $uriArray[count($uriArray)-2];
// lookup the key in sitemap
// retrieve the absolute file URL.
$absPath = $jsonArray[$uriKey];
// reformulate the URL.
$path = "../$absPath";
// include the actual page.
include($path);
?>
为了测试我的php代码,我替换了
$requestURI = $_SERVER['REQUEST_URI'];
通过以下方式:
$requestURI = "/welcome";
而且效果很好。所以我很确定我的.htaccess文件中有问题。我该怎么改?
更改:
RewriteRule ^(.*)$ ./backend-scripts/url_parser.php
至
RewriteRule ^(.*)$ ./backend-scripts/url_parser.php?url=$1
然后将$requestURI = $_SERVER['REQUEST_URI'];
更改为:
$requestURI = (!empty($_GET['url']))
? $_GET['url']
: ''; // no url supplied
警告:请勿将用户提供的值传递给include()
。请确保根据正确的白名单检查路径,否则恶意用户可能会劫持您的服务器。