Protect your page location
Posted: Tue Aug 25, 2009 3:55 am
Hi all, I'm new of regexps, but after a consistent number of tries I've found the way to do the basics.
However I still have problems to cover all the main cases.
I don't have problems in this cases:
http://www.mysite.com/section/Value+page
I use this to do the rewrite rule:
RewriteEngine on
RewriteRule ^section_name/([a-zA-Z0-9:punct:]*)$ section_name/page.php?id=$1
now i can insert all i want but i can't avoid malicius calls like this
section_name/page.php?id=Value+page
I've saw in the site LastFM (http://www.last.fm) a good use of regexp but I haven't found a way to do the same.
in facts, if i write http://www.last.fm/user/index.php?id=username the rewrite engine search for the username "index.php?id=username"
in my rule if i do it, the page return me an error and don't force the url to the right way
Can someone explain where I'm wrong?
I thought the expression section_name/([a-zA-Z0-9:punct:]*) means all i digit in the url after the string "section_name/".
thanks
Vitto
However I still have problems to cover all the main cases.
I don't have problems in this cases:
http://www.mysite.com/section/Value+page
I use this to do the rewrite rule:
RewriteEngine on
RewriteRule ^section_name/([a-zA-Z0-9:punct:]*)$ section_name/page.php?id=$1
now i can insert all i want but i can't avoid malicius calls like this
section_name/page.php?id=Value+page
I've saw in the site LastFM (http://www.last.fm) a good use of regexp but I haven't found a way to do the same.
in facts, if i write http://www.last.fm/user/index.php?id=username the rewrite engine search for the username "index.php?id=username"
in my rule if i do it, the page return me an error and don't force the url to the right way
Can someone explain where I'm wrong?
I thought the expression section_name/([a-zA-Z0-9:punct:]*) means all i digit in the url after the string "section_name/".
thanks
Vitto