stackoom
  简体   繁体   中英

.htaccess remove a part of the url in PHPthumb

 原文  2011-11-30 13:09:20       php/ regex/ .htaccess/ mod-rewrite/ zend-framework

Question

I did the research and couldnt find anything useful

I have a problem with phpthumb , 

http://localhost/sandbox/public/PhpThumb/phpThumb.php?src=../../../../../../../../../etc/passwd&w=140px&h=120px&q=100

I need to replace the the ../ proceeding the src. Basically to remove all ../ occrunces. Or to redirect to an error page. I prefer both. 

RewriteRule ^(.*)phpThumb\.php?(src)?(=)?(\.\.\/)*$ images/unknown.gif [NC]

I suspect that the above rule which i created is not correct. Please advise.

Thanks in advance.

1 answers

solution1
 2 ACCPTED  2011-11-30 13:12:29

You cannot do this kind of modification via mod_rewrite like this. It is only concerned with the actual URL, not with GET parameters. You should handle those from within the executed PHP script.

Other option would be to add a RewriteCond using %{QUERY_STRING} which is (in comparison to RewriteRule ) able to work with GET parameters. Then you can use %1 , %2 , ... in the replacement part of your RewriteRule instead of $1 , $2 , ...

Something like this: 

RewriteCond %{QUERY_STRING} \.\./
RewriteRule phpThumb\.php$ images/unknown.gif [L]

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Htaccess Remove part of URL Phpthumb non-exisiting url redirection with .htaccess htaccess: Remove second part of url Remove part of URL using HTACCESS How to remove part of url in htaccess remove a part of url using htaccess Url rewriting htaccess remove part of url .htaccess redirect rule to remove specific part from url mod_rewrite .htaccess remove part of url prestashop blog Rewrite part of url htaccess
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM