melbourne chapter

Ugly URLs…
Querystring style URLs like below are synonymous with dynamic systems

http://www.mysite.com.au/catalog.php?category=cartridges&prod_id=33

While URLs like this are completely functional, there are a few issues with URLs like this you should consider before going live:

1. The underlying technology is exposed such that script kiddies can inject their own data - such as an sql injection.
2. The URL contains ampersands which, when unescaped will affect the XHTML compliance of linking websites
3. Search engines will avoid indexing dynamic pages like this
   

So without refactoring the application how can you make more freindly URLs? A simple solution for Apache based users is to utilize the mod rewrite module.

mod rewrite to the rescue!

Note: mod_rewrite is not loaded into Apache by default, to do so open your httpd.conf file and uncomment the module load code

Apache’s mod rewrite module can rewrite requested URLs on the fly, meaning you can substitute ugly querystrings with meaningful URLs, which address security issues, compliance and SEO. So how does mod rewrite work?

Basic rewriting

Typically mod rewrite directives are added to a htaccess file in your web root. Here’s a simple example to start with:

RewriteEngine on
RewriteRule ^old_page.html$ new_page.html

This rewrite transparently redirects a request for old_page.html to new_page.html. The first line enables the engine (only required once per htaccess file):

RewriteEngine on

This next line basically tells the server if there is a request matching oldpage.html, then substitute it with new_page.html. The caret ^ and dollar $ sign signify the start and end of the string used for the match.

RewriteRule ^old_page.html$ new_page.html

If you want to actually do a more traditional redirect and show the location of the page in the status bar just add [R] to the end of the RewriteRule.

Easy enough? That was a pretty simple rewrite. The real flexibility of mod rewrite requires some knowledge of Regular Expressions, which can get quite complex. However, the functionality and flexibility Regular Expressions offer in PHP make them well worth learning. So lets take a look at some common rewrites and the expressions used to make them happen.

Unleashing mod rewrite with Regular Expressions

With the help of Regular Expressions we can create RewriteRules which match a set of URLs and redirect them to their actual pages. Consider the products pages in our fictional Shopping Cart app which only vary in category name and product id. We can identify requests for products page by specifically matching the PHP filename, something representing a category name, forward slash, then something representing a product id. And here’s how our rule looks:

RewriteRule ^catalog/([a-zA-Z0-9-])/([0-9]+)/$ /catalog.php?category=$1&prod_id=$2

The parts in square brackets are known as ‘ranges’. In this case where allowing anything in an alphanumeric range (case insensitive) for our category name, then anything in the numeric range for our product id. We’ve also encased these regular expressions in parenthesis so we can ‘back reference’ our matches to pass the values onto our PHP page. Back referencing is done via indexing each set of parenthesises, $1 for our first parenthesises, being our category name, and $2 for our second parenthesises, being our product id.

Well this is the end of my tutorial on how to use mod rewrite to create freindly URLs. If you have any questions please feel free to post a comment. Cheers!