Jump to content

Recommended Posts

I've written a regex as part of my mod_rewrite schematic.  It works as it should, however, for some reason it allows an infinite number of forward slashes.  I'm not sure why it would allow this, could someone help me fix it?

 

^tutorials/([0-9]{3,})(/([0-9]{1,2}))?(/([^/]*)/?)?$

 

What it should do is match strings in the following format:

 

tutorials/123/12/example-string/

 

Any of the three parameters can vary, obviously, and moreover, the last two are optional.  Therefore, any of the following would be allowed:

 

tutorials/123/
tutorials/123/12/
tutorials/123/example-string/

 

Like I said, this is all working, but I'm having a strange issue with forward slashes.  If a user duplicates any of the forward slashes in the URL, it still works for some reason.  I don't want this to be the case.  The following all work, when they shouldn't:

 

tutorials////////123/////
tutorials/123/12/example-string/////
///////tutorials/123/12/

 

Why is this happening?  Even when these slashes are added to the URL, each parameter still points to the variable it is meant to, so it isn't affecting the page at all, I just don't want it to match.

 

All help appreciated.

 

P.S. I've tried adding {1} after all of the slashes in the REGEX, but this didn't solve the issue.

Link to comment
https://forums.phpfreaks.com/topic/232330-repeating-forward-slashes/
Share on other sites

hmm...the only flaw I outright see in it is you should be using a + instead of * towards the end there, as it will allow for

 

tutorials/123/12//

 

But other than that...here is what I get as results, using a list of both your good and bad examples:

 

Array
(
    [0] => Array
        (
            [0] => tutorials/123/
            [1] => tutorials/123/12
            [2] => tutorials/123/example-string/
        )

    [1] => Array
        (
            [0] => 123
            [1] => 123
            [2] => 123
        )

    [2] => Array
        (
            [0] => 
            [1] => /12
            [2] => 
        )

    [3] => Array
        (
            [0] => 
            [1] => 12
            [2] => 
        )

    [4] => Array
        (
            [0] => /
            [1] => 
            [2] => /example-string/
        )

    [5] => Array
        (
            [0] => 
            [1] => 
            [2] => example-string
        )

)

 

IOW I'm thinking your problem isn't really with the regex but somewhere else in your mod_rewrite

Thanks for that input CV.

 

I think you are right with there being an error elsewhere in the mod_rewrite.  Upon playing with it a bit more, I found that ALL of my rewrites were allowing this strange behavior, even simple ones like

 

RewriteRule ^home/?$ index.php

 

This was accepting things like /////home and ///home/// for some strange reason.  The contents of .htaccess before the RewriteRules is as following:

 

AddType 'text/html; charset=utf-8' php

Options -Indexes

ErrorDocument 410 /410/
ErrorDocument 404 /404/
ErrorDocument 403 /403/
ErrorDocument 302 /302/
ErrorDocument 301 /301/

RewriteEngine on
RewriteCond %{HTTP_HOST} !^www.nethnet.com$
RewriteRule ^(.*)$ http://www.nethnet.com/$1 [R=301]

 

I don't see how anything would be allowing this.  Is there perhaps an Apache directive that correlates to this behavior?

 

All of a sudden this has gone far beyond the realm of REGEX.  Apologies..

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.