tags:

views:

60

answers:

3
Q: 

RewriteRule is breaking $_SESSION

Everything was working fine till I added my .htaccess file. What I'm trying to do is route all my users to their profile page. So www.darudude.com/user1 routes to www.darudude.com/userinfo.php?user=user1

My .htaccess file as this:

RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)\?*$ userinfo.php?user=$1 [L,QSA]

However ever since I added this, it breaks my sessions. On every page I have a initialize a session, and the sessions stores the referrer. This is the piece of code that handles the important part.

if(isset($_SESSION['url'])){
     $this->referrer = $_SESSION['url'];
}else{
     $this->referrer = "/index.php";
}
//this echo is used to debug why this thing isn't working!!
echo "<script>alert('".$this->referrer."');</script>";
/* Set current url */
$this->url = $_SESSION['url'] = $_SERVER['PHP_SELF'];

and then I'm returned to the original page using this piece of code:

header("Location: ".$session->referrer);

So for example, without the .htaccess file, if I login through one of the pages everything works and I get redirected back to the page I logged in from (i.e. if I logged in from index.php I get redirected back to index.php; if faq.php, I get redirected back to faq.php). With the .htaccess file I keep getting sent to /userinfo.php leading me to thing its something wrong with my rewriterule

This is how its supposed to work: index.php loads. the $_SESSION['url'] is set to index.php
a login form is enacted whos action redirects to process.php
process.php the $session->referrer is set from $_SESSION['url']
After the login is confirmed the page should redirect using: header("Location: ".$session->referrer);

This is how it worked originally without any problems.

However, after the .htaccess was created it seems to redirect me to userinfo.php. I think it has something to do with my rule.

Any ideas?

A: 

It's because you're relying on $_SERVER['PHP_SELF'], which does not include the query string (the ?user= part of the URI). It worked before because your pages didn't rely on query strings to uniquely identify themselves. You can use $_SERVER['REQUEST_URI'] instead, though look out for circumstances where you don't want the query string to be preserved and now it is being.

Incidentally, the \?* in your RewriteRule regex is doing exactly the same as thing as if it weren't there.

chaos  2010-09-10 18:42:33
This doesn't work either. I'm not trying to go to the userinfo page with the correct user. I want to go back to the original page I was logging in from i.e. index.php
darudude  2010-09-10 18:49:28
I don't understand how that's supposed to ever happen, since if you ever got redirected to userinfo.php you're going to keep getting redirected there forever, but okay. In that case, when it's userinfo.php that your session URL setting code is happening in, you need to set the URL to `$_GET['user']` instead of `$_SERVER[anything]`.
chaos  2010-09-10 18:54:23
I was never getting redirected to userinfo.php before the .htaccess file was created.This is how its supposed to work:index.php loads. the $_SESSION['url'] is set to index.php.a login form is enacted whos action redirects to process.php.process.php the $session->referrer is set from $_SESSION['url'].After the login is confirmed the page should redirect using: header("Location: ".$session->referrer);.This is how it worked originally without any problems.However, after the .htaccess was created it seems to redirect me to userinfo.php. I think it has something to do with my rule.
darudude  2010-09-10 19:15:53
A: 

You could try logging in with AJAX, thus never having to refresh the page at all. A simple Google search will throw up plenty of results, see below. Even if you're not using jQuery (which alot of the tutorials seem to expect you to), it's still possible with basic Javascript, in fact that's how I wrote my AJAX log-in script before converting it to use jQuery later.

http://www.google.com/search?q=php+ajax+log-in

eclipse31  2010-09-10 20:15:12
+2  A: 

I'm not sure if I understand the problem, but the rewrite rule you're using seems to turn the request to /index.php into a request to /userinfo.php?user=/index.php which may not be what you want.

Pies  2010-09-10 20:23:30
Yes this is exactly what I dont want! Do you have any idea how to do that? From my understanding the 2 rewrite conditions only enforce the rule when the file and directory don't exist. Also when I type in index.php into the address bar it redirects me to the correct page (not userinfo.php)
darudude  2010-09-10 20:38:33
Because of the 2 RewriteConds, @Pies is incorrect as the file index.php will exist, therefore the rewrite rule won't apply and a request to /index.php will be sent there correctly. It's only a request to e.g. /abc (where neither a directory nor a file called abc exist) will enforce the rewrite rule.
eclipse31  2010-09-10 21:06:43
Are you sure that index.php exists in the same directory as userinfo.php? Try removing RewriteBase \ from .htaccess.
Pies  2010-09-10 21:11:27
Here is another interesting conditions. I changed the rewrite rule to RewriteRule ^~(.*)\?*$ userinfo.php?user=$1 [L,QSA] and everything works. However, my users' url will be www.darudude.com/~user. I would still prefer to have www.darudude.com/user
darudude  2010-09-10 21:11:42
Why not just this? RewriteRule ^(.*)$ userinfo.php?user=$1 [L,QSA]
Pies  2010-09-10 21:12:52
Both files exist. Already tried removing the rewritebase, that didn't work
darudude  2010-09-10 21:13:10
Tried RewriteRule ^(.*)$ userinfo.php?user=$1 [L,QSA] as well. Still breaks the login
darudude  2010-09-10 21:13:52
It seems that I have to have something in between the / and my user name, otherwise it messes up the login from any file in my base directory
darudude  2010-09-10 21:14:41
Try redirecting to 'index.php' instead of '/index.php'.
Pies  2010-09-10 21:24:10
Still no go :( This makes me sad...
darudude  2010-09-11 00:37:32

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases