simple router the slide made by salim malakouti. next we will create the router what do i we mean...
TRANSCRIPT
SIMPLE ROUTER
The slide made by Salim Malakouti
Next we will create the Router What do I we mean by a router?
Routers work similar to a map. It receives the URL user is requesting and allocates the PHP|JSP|RUBY|etc file that is needed to process that request
Why? We will hide the structure of our code
Simplicity: user doesn’t have to use odd long URL like pages/birthday.php
Security: We don’t want the hackers to know the structure of our code
Users don’t have to know the file extensions that we are using
Less confusing and more secure (we don’t want the hackers to know the technology that we are using)
Etc.
How to do it?
Lets go back to our own example
We want to create a router file which here will be “index.php” that will receive all requests and invoke the required php file for it?
What do you think is the first step required here?
.htaccess
We need to redirect everything to “index.php” even if they are requesting something else. How?
PHP can’t be used for that We use .htaccess file processed by Apache
Server
Creating .htaccess file
Create a .htaccess file in the root directory of your project with the following content
# Turn rewriting on
RewriteEngine On
RewriteCond %{REQUEST_URI} !=/example1/index.php
RewriteRule .* /example1/index.php
What does this do?
# Turn rewriting on
RewriteEngine On
Turns on the RewriteEngine
RewriteCond %{REQUEST_URI} !=/example1/index.php
We will rewrite every request except ”example1/index.php” since we want to avoid recursive redirections
RewriteRule .* /example1/index.php
We will change everything to “/example1/index.php”
Alternative – Use [END] Flag# Turn rewriting on
RewriteEngine On
Turns on the RewriteEngine
RewriteRule .* /example1/index.php [END]
The [END] flag will now prevent all recursive redirections without having to specify RewriteCond
Creating the router
Check $_SERVER varaible using the following command and see the content print_r($_SERVER);
How can you use these information to find which request is sent to “index.php” and which file to invoke for it?
REDIRECT_URL
Use $_SERVER['REDIRECT_URL'] and check which page has been requested Use conditions
How to invoke the proper php file for the request? Use include
In Class Exercise
In this exercise, we will use .htaccess files and Apache web server URL rewriting to implement a "router" for PHP files in a directory. This improves security since only files permitted by the router can be executed. The URL rewriting engine uses PCRE regular expressions that we discussed in class.
In Class Exercise
1. Try the ex16.php code example that uses redirection to display one of choice1.php, choice2.php, and choice3.php.
2. Create a new directory and copy over the files choice1.php, choice2.php, and choice3.php.
3. Write a .htaccess file that rewrites all URLs to be replaced with "index.php". Use RewriteCond to prevent recursive redirections.
In Class Exercise
4. Write the index.php script that acts as a router for the other PHP scripts. The router should map http://localhost/<your-path>/1" to
"http://localhost/<your-path>/choice1.php" and the same for choice2.php and choice3.php.
Inside index.php, use preg_match to match $_SERVER['REDIRECT_URL'] against one of the three allowed URLs.
Include the appropriate PHP script on a match. Note that redirecting the browser as in the case of redirect.php
will not work since that will generate a new request to choice1.php which will be rejected by the router.
If the match fails, index.php should print "Error: Invalid Request!!!".
5. Demonstrate your site to the TA
In Class Exercise
Extra Credit (double credit if completed) Implement the above functionality just using a .htaccess file
and regular expressions and no index.php. Refer to the following URLs for hints on how to construct the regular expression
http://httpd.apache.org/docs/current/rewrite/intro.html http://httpd.apache.org/docs/2.0/misc/ rewriteguide.html
Use the [END] flag to prevent recursions more conveniently. Hint
for easier debugging of the regular expressions, add the line "LogLevel alert rewrite:trace3" to "xamppfiles/etc/httpd.conf" and restart the web server.
This will allow debug log to be output in "xamppfiles/logs/error_log" for each page access.