mod_rewrite& PHP; $ _SERVER ['REQUEST_URI']与mod_rewrite [英] mod_rewrite & PHP; $_SERVER['REQUEST_URI'] vs. mod_rewrite
问题描述
快速一:
我很好奇,如果有人知道在某些情况下$_SERVER['REQUEST_URI']
会包含不同于$_GET['_uri']
的值,给定以下.htaccess
:
I'm curious if anyone knows of certain circumstances under which $_SERVER['REQUEST_URI']
would contain a different value than $_GET['_uri']
, given the following .htaccess
for the latter:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ ?_uri=$1 [L,QSA]
我一直在使用后一种方法$_GET['_uri']
,虽然我知道mod_rewrite
仍然是必需的,但我想摆脱将URI作为查询参数存储的问题.
I've been using the latter method $_GET['_uri']
, and while I'm aware that mod_rewrite
would still be necessary, I'd like to get away from storing the URI as a query parameter.
好吧,我找到了一个我以前没有注意到的东西.当mod_rewrite
转发到的应用程序引导不在根Web目录中时,$_SERVER['REQUEST_URI']
包含父目录,而$_GET['_uri']
仅包含后一个URI组件.示例:
Well, I've found one I didn't notice before; when the application bootstrap to which mod_rewrite
forwards is not in the root web directory, $_SERVER['REQUEST_URI']
contains the parent directories, whereas $_GET['_uri']
only contains the latter URI component. Example:
引导程序为
/subdir/index.php
请求http://localhost/subdir/foo/bar/baz/
Bootstrap is
/subdir/index.php
Requestinghttp://localhost/subdir/foo/bar/baz/
$_SERVER['REQUEST_URI']
"/subdir/foo/bar/baz/"
$_GET['_uri']
"foo/bar/baz/"
$_SERVER['REQUEST_URI']
"/subdir/foo/bar/baz/"
$_GET['_uri']
"foo/bar/baz/"
为了复制$_GET['_uri']
的结果,决定使用此:
In order to replicate the result of $_GET['_uri']
, decided to use this:
$prefix = trim(dirname(strtr($_SERVER['PHP_SELF'], '\\', '/')), '/') . '/';
$uri = trim($_SERVER['REQUEST_URI'], '/') . '/';
if(substr($uri, 0, strlen($prefix)) == $prefix){
$uri = substr($uri, strlen($prefix));
}
但是我过去很少使用$_SERVER['PHP_SELF']
,现在已经知道它带有某些漏洞和/或与它的用法不一致的地方.
But I've not used $_SERVER['PHP_SELF']
often in the past, and now have read that it carries certain vulnerabilities and/or inconsistencies with it's use.
推荐答案
http://example.com/meow?param=value&_uri=hihihi
- 预期的
$_GET['_uri']
结果:meow
- 实际结果:
hihihi
-
$_SERVER['REQUEST_URI']
值:/meow?param=value&_uri=hihihi
-
$_SERVER['REDIRECT_URL']
值:/meow
- Expected
$_GET['_uri']
result:meow
- Actual result:
hihihi
$_SERVER['REQUEST_URI']
value:/meow?param=value&_uri=hihihi
$_SERVER['REDIRECT_URL']
value:/meow
全部是由于[QSA]
标志.
改为使用$_SERVER['REQUEST_URI']
和/或$_SERVER['REDIRECT_URL']
.
以上内容适用于Apache.在IIS 7.x上可能有所不同.
The above is for Apache. On IIS 7.x it may be a bit different.
这篇关于mod_rewrite& PHP; $ _SERVER ['REQUEST_URI']与mod_rewrite的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!