Home/ Questions/Q 9010779
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-16T02:33:13+00:00

Hello I’m making a website and I have issues with htaccess clean url redirects

  • 0

Hello I’m making a website and I have issues with htaccess clean url redirects when a user adds amps or slashes as a title for the article he is submiting.I decided thath I would like to allow only specific characters like alpanumeric, -, _, @,[,]. no quotes or double quotes etc etc…

I cant seem to make the regexp work I have not great esperience with regex and instead of using string replaces I thought I should ask.

Also any other proposals regarding this matter will be greatly appreciated

In my htaccess I have the following setup:

RewriteRule ^([^/]*)(.*)$ /index.php?page=$1&request=$2

and in my index I have: 

include 'db.php';
include 'generic.php';

$pages = array('','main','events','news','rss','search','add-event');

if(isset($_GET['page']) && in_array($_GET['page'], $pages))
{
    $event_category = null;
    $event_title = null;
    $search_string = null;
    $rss_category = null;
    $events_date = null;
    $search_page = null;

    validate_evented_page(trim(urldecode($_GET['page'])));
}
else
{
    evented_error_page(404);
}

function evented_error_page($err)
{
    include('errorpages/error.php');
}

function validate_evented_page($p)
{
    $page = strtolower($p);

    global $event_category;
    global $event_title;
    global $search_string;
    global $rss_category;
    global $events_date;
    global $search_page;

    if($page == 'main' || strlen($p) == 0)
    {   
        include 'main.php';
    }
    else if($page == 'events')
    {
        $params = explode_url($_GET['request']);

        if(count($params) == 0)
        {
            $events_date = "'';";
            include 'allevents.php';
        }
        else if(count($params) == 1)
        {   

            if(check_date($params[0]))
            {
                $date_split = explode('-',$params[0]);
                $events_date = "'".date("m/d/Y" , mktime(0, 0, 0, date('m'), $date_split[1], date('Y')))."';";
            }
            else
            {
                $events_date = "'';";
            }

            include 'allevents.php';
        }
        else if(count($params) == 2)
        {
            $event_category = trim(urldecode($params[0]));
            $event_title = trim(urldecode($params[1]));

            include 'event.php';
        }
        else
        {
            evented_error_page(404);
        }

    }
}

the following url:

/events/Drum+%26+Bass/Innersense+presents+ETHOS_v04-0

gives $_GET[‘request’] = /Drum

when it should have been Drum & Bass (in the database I have stored this category as “Drum & Bass”).

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You need to tell mod_rewrite to encode the & that gets grouped in the backreferene using the B flag:

    RewriteRule ^([^/]*)(.*)$ /index.php?page=$1&request=$2 [B,L]

    The URI gets decoded when it gets sent through the rewrite engine. So the %26 gets decoded to &, the B flag ensures it gets re-encoded as the backreference.

    • 0