On Thu, Jul 7, 2011 at 7:02 PM, Devraj Mukherjee <devraj@xxxxxxxxx> wrote:
> Hi,
>
> If your Rewrite rule reads something like this
>
> RewriteRule ^api/(.*) api-gateway.php [L]
>
> Then basically you can extract the last few bit using regular
> expression in our case
>
> $urlParts = null;
> preg_match('/api\/([^\/]+)\/([0-9]+)*/', $_SERVER['REQUEST_URI'], $urlParts);
> $handlerName = count($urlParts) > 1 ? $urlParts[1] : null;
> $identifier = count($urlParts) > 2 ? $urlParts[2] : null;
>
> I would strongly suggest that you use Rewrite rules to achieve this.
> Allowing arbitary patterns to use the PHP parser could be an issue
> from a security standpoint.
So asking the admin to mod_rewrite the .php script into the URI and
then having the developer to reverse the rewrite rule within the
script is more secure? I don't think so.
This is a wreck and I must say I don't think it has much to do with
PHP. It has to do with the CGI model which is all but dead.
Mike
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|