Question

在public_html profile.php中有一个安全页面，它检查用户是否已登录。它在未登录时重定向到login.php。当我尝试访问http://my-domain.com/profile但不在{{3 （最后斜线）

这里是我的.htaccess

<ifModule mod_rewrite.c>
RewriteEngine On
RewriteBase /

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
</ifModule>

的index.php

<?php

    $path = $_SERVER['REQUEST_URI'];

    $chunks = explode("/", $path);

    //print_r($chunks);


    if($chunks[1] == "profile") {

        if($chunks[2] != "") {
            $profile_id = $chunks[2];
            require_once("profile.php");        
        } else {
            require_once("profile.php");        
        }

    }
?>

profile.php

<?php

    require_once("../includes/initialize.php");

if(!$session->is_logged_in()) {
        redirect_to("login.php");
    }

    if(isset($_GET['id'])) {
        $profile_id = $_GET['id'];
    }

    echo "This is the profile page of ID: ".$profile_id;

?>

Answer 1

多数民众赞成因为尾部斜杠是一个目录，它与-d测试匹配。

我使用这一点来确保我没有尾随斜杠

## Redirect to remove trailing slashes on extensionless URL requests 
# If requested URL ending with slash does not resolve to an existing directory 
RewriteCond %{REQUEST_FILENAME} !-d 
# Externally redirect to remove trailing slash 
RewriteRule ^(.+)/$ http://%{HTTP_HOST}/$1 [R=301,L]

.htaccess - 重定向无效

1 个答案: