How is this done
Code:http://www.gaiaonline.com/marketplace/itemdetail/50593
If I had to do something like that, it'd look like this
Code:http://www.gaiaonline.com/marketplace.php?itemid=50593
Results 1 to 9 of 9
Thread: Web programming question
- 20 Apr. 2013 07:13pm #1
Moderator Bachelor of Science in Virginity
- Age
- 31
- Join Date
- Nov. 2009
- Location
- Toronto
- Posts
- 5,421
- Reputation
- 546
- LCash (Rank 3)
- 1.96
- 20 Apr. 2013 07:17pm #2
- 21 Apr. 2013 02:05am #3
It's a common use of Apache's mod_rewrite module. The idea being you set up a range of regular expression rules in an .htaccess file, and these rewrite rules map to different files on the server (also allowing you also to pass through data matched by your regular expression).
So, for example:
Code:RewriteRule ^user\/([a-z0-9\-]+)$ user.php?username=$1
Code:http://example.com/user/artificial http://example.com/user/stapled http://example.com/user/matt-smith http://example.com/user/matt-smith-1
So for a marketplace item, you could have an htaccess file of:
Code:RewriteEngine On RewriteRule ^marketplace\/itemdetail\/(\d+)$ marketplace.php?itemdetail=$1
Though most modern frameworks these days will set up a blanket rewrite rule, which maps every URI to a single entry point. Something like:
Code:RewriteRule . index.php
- 21 Apr. 2013 04:07am #4
Moderator Bachelor of Science in Virginity
- Age
- 31
- Join Date
- Nov. 2009
- Location
- Toronto
- Posts
- 5,421
- Reputation
- 546
- LCash (Rank 3)
- 1.96
Thanks guys.
I'm trying to make a simple energy based just so I can work on my skills over the summer before I return to school in september. My plan in doing so is to explore new things they don't/haven't taught in school. Before I went to college I wasn't a huge fan of web programming but after my basic class that just taught html,css, and javascript I knew it was what I wanted to do.
- 21 Apr. 2013 05:18pm #5
- Join Date
- Apr. 2010
- Location
- When freedom is outlawed only outlaws will be free
- Posts
- 5,113
- Reputation
- 195
- LCash
- 1.03
Also, the first URL is much less exploitable than the second. All SQL injections are through vuln.com/vuln.php?blabla=1 type URLs, not vuln.com/vuln/1 haha.
- 21 Apr. 2013 05:27pm #6
- 21 Apr. 2013 06:19pm #7
- Join Date
- Apr. 2010
- Location
- When freedom is outlawed only outlaws will be free
- Posts
- 5,113
- Reputation
- 195
- LCash
- 1.17
- 22 Apr. 2013 01:28am #8
You're only right in the sense that, rewrite rules are often much more explicit. If you look at my regular expression pattern, I'm only accepting characters in the range of a-z, A-Z, 0-9 and - (and passing through some funky characters that aren't in the query string can often create a malformed URL. Still not impossible though).
- 22 Apr. 2013 04:46pm #9
It can also be a mix of apache's mod_rewrite, and using the HTTP REQUEST_URI, and PATH_INFO variables that are set during web requests.
mod_rewrite isn't necessary if you have a default handler (controller) that services all requests. You can write a controller that starts going up the REQUEST_URI path tree and checking to see if that's a valid PHP script/whatever, and then setting its arguments as the remaining arguments. Ex: /marketplace/itemdetail/50022 would check /marketplace/, then /marketplace/itemdetail/ for a valid index.php file, and then pass in the remaining parts (50022 in this case).
Take a look at this for more HTTP environment variables:
PHP: $_SERVER - Manual