如何阻止 htaccess 重写规则重写所有 url

Question

i am having a mod rewrite problem and i am new to htaccess not because i tried to do a mod_rewrite and link i try to open assumes that i am in profile.php
heres my code

.htaccess file contents

ErrorDocument 404 /404,/
RewriteEngine On
RewriteRule ^([a-z\A-Z\0-9\_\-]+)$ profile.php?username=$1
RewriteRule ^([a-z\A-Z\0-9\_\-]+)/$ profile.php?username=$1

I just wanted localhost/qwerty to display profile.php anything else should show the normal page and if it does not exists it shows a 404 error


`profile.php` contents

                                               htdocs(xampp)
                                                   |
 =======================================================================================
 |         |          |              |                       |                         |
login,    404,     style.css      profile.php              index.php               .htacccess

NOW MY FILE TREE

 htdocs(xampp) | ======================================================================================= | | | | | | login, 404, style.css profile.php index.php.htacccess

Now the problem is that none of the style sheets (or the javascript files) load, all the pages on http://localhost are now assumed to be `profile.php`, and in `profile.php` $_GET['username'] displays `PROFILE.PHP' instead of 'USER123'
Just to be clear i want it that if http://localhost/login, is the url then login, loads(i even added a comma at the end of login to make the .htaccess not to look at login as a username, but that doesn't work)

Answer 1

 RewriteRule ^([az\AZ\0-9\_\-]+)$ profile.php?username=$1

The problem is with the regex - you shouldn't be backslash escaping the literal 0 inside the character class. In doing so you are increasing the character range (from "char code 0" instead of "char code 48" - a literal zero) and so includes the dot ( . - character code 46). This results in profile.php?username=<something> (and any file) getting further rewritten resulting in $_GET['username'] having the value profile.php - as you've stated.

Remove all the backslash escapes...

RewriteRule ^([a-zA-Z0-9_-]+)$ profile.php?username=$1 [L]

Providing the hyphen ( - ) is at the end (or beginning) of the character class, it does not need to be escaped.

However, this still won't work for login and 404 URLs (unless you append a comma to the filename). Although this highlights another potential problem. These represent physical files so should have a file extension. By omitting the file extension, Apache won't necessarily know how to handle/process it. By default, it will simply be sent back to the client - unprocessed - without a Content-Type header and then left for the browser to interpret - probably as text/html, but could be text/plain (HTML is exposed to the client), depending on the browser.

If login is required to be processed as PHP then it should be called login.php . If you want to be able to access it from the client as /login (no extension) then you need an additional rewrite directive in .htaccess , just as you did for /qwerty . This directive needs to go before your existing directive in order to avoid conflicts. (You can't have a username called "login" unless you change the format of your /qwerty URL to identify this as a user.)

404 is an error document and shouldn't be directly accessible anyway. So this should simply be 404.php (or 404.html ) and referenced as such in the ErrorDocument directive. (You had also appended a trailing slash /404,/ , so this wouldn't have served the file anyway.)

For example:

Options -MultiViews

ErrorDocument 404 /404.php

RewriteEngine On

RewriteRule ^login$ login.php [L]
RewriteRule ^([\w-]+)$ profile.php?username=$1 [L]

The shorthand character class \w is the same as [a-zA-Z0-9_] .