Execute PHP code before any files using .htaccess

[Slyke]

Not sure if this is the right place for this, but I need to be able to run some PHP code before anything loads up on the server.

So far I have a .htaccess file with the following in it:

 

Options +FollowSymLinks

RewriteEngine On

RewriteBase /

RewriteRule (.*) auth.php?torun=$1 [QSA]

 

And in auth.php I have this:

 

<?php

$method="http";

$domain="example.com";



error_reporting(E_ALL);

ini_set('display_errors', 1);



if ($_GET['grantaccess']=="true") {

  header ( 'Location: ' . $method . '://' . $domain . '/' . $_GET['torun'] ) ;

} else {

  echo "Access denied";

}

 

So far it's working right up to the point where it runs header function. Once that's run there are 2 things which go wrong:

It strips off the query string grantaccess=true (So that there is no query string at all). I need to have the query string left on.

And the second - the most important thing, is that it re-executes the .htaccess file again (Which will cause an infinite loop if the query string is put on). I basically want to somehow disable it re-executing the .htaccess file, or make it only run once per page load/connection.

Edited September 16, 2014 by Slyke

[CroNiX]

You're not adding a query string. You're just adding a variable FROM the query string as the last segment.

[Jacques1]

What is your goal, Slyke? What are you trying to achieve with this redirect stuff?

 

The whole approach looks very strange, and that's generally a sure sign that you're using the wrong tool.

[Slyke]

@CroNiX

It is passing the query string into the $_GET I just realized and I can write a function to put the original query string onto the header change.

 

 

@Jacques1

I'm trying to add in 2 factor git authentication using a MySQL database (for the users, passwords, serials) over HTTPS, and disable the directory from public access.

 

Just stuck on getting it to not re-execute the .htaccess file now.

Edited September 16, 2014 by Slyke

[Slyke]

Here is my updated code that now fixes the query string issue.

 

Still can't figure out how to stop .htaccess re-executing though.

 

<?php
$method="http";
$domain="example.com";


error_reporting(E_ALL);
ini_set('display_errors', 1);


if ($_GET['grantaccess']=="true") {
  $url=$method . '://' . $domain . '/' . $_GET['torun'];
  unset($_GET['torun']);
  unset($_GET['grantaccess']); //Comment out to prevent loop
  if (count($_GET) >= 1) {
    $queryString = "?" . http_build_query($_GET);
  } else {
    $queryString = "";
  }
  //header ( 'Location: ' . $url . $queryString);
  printf ( 'Location: ' . $url . $queryString);
} else {
  echo "Access denied";
}

[jazzman1]

why don't you run php in to a shell mod, if you want to execute something before apache to spill the content out?

[Slyke]

It's after the request comes in that PHP needs to be executed, but before it serves any files. It needs to run before apache runs htaccess files and after the connection comes in.

[CroNiX]

You can't do that. .htaccess is processed before anything else.

[jazzman1]

If the .htaccess file is your problem, then remove / rename it by using php, execute the script that you want to be executed and create / rename it again using php. This file is just a simple text file. Never try it, but it should work I think, however not sure what would happened if two or more users try to run the same script at the same time, you have to check before doing this

 

 

You can't do that. .htaccess is processed before anything else.

 

Using php into a shell it's like running a shell commands into the terminal. But not sure what happens if you try to run $_GET / $_POST variables into a shell.

Edited September 16, 2014 by jazzman1

[jazzman1]

.htaccess gets not-affected into files running by shell_exec using STDIN.

 

1.get_header.html

<form action="phpinfo.php">
    Name: 
    <input type="text" name="type" />
    <input type="submit" value="Go!"/>
</form>

2. phpinfo.php

<?php

if (defined('STDIN')) {
    $type = $argv[1];
} else {
    $type = $_GET['type'];
}

var_dump($type);

3. .htaccess

RewriteEngine on 
RewriteRule ^/?phpinfo.php$ http://phpfreaks.com [R=301]

4. shell_exec.php

<?php

$get= 'jazzman';

$cmd = shell_exec("php -f phpinfo.php type=".escapeshellarg($get));

echo $cmd;

So, he could achieve that with the code given above, but running php into a shell can be a challenge

Edited September 16, 2014 by jazzman1

[CroNiX]

.htaccess also cascades, so it will affect the dir it is in and any subdirs of that dir.  So it would also be possible to have another dir with php below the dir with .htaccess and .htaccess wont come into play for that request.

 

@jazzman1 yes, I agree .htaccess can also be bypassed via CLI. My earlier comment was directed at the OP's remark about having the request processed before .htaccess, which you can't do if accessing via a http request unless .htaccess is in a different dir.

 

Although I don't think any of these ways are really a good solution for the "git 2 factor authentication" issue. HTTP_BASIC_AUTH might be a better way to go, and you can create the htpasswd file via a php backend if it needs to be dynamic. Then they can get access by user:pass@host.com if they are authorized.

[CroNiX]

You can also use a RewriteCond to check for a specific script name in the request, and only rewrite if it's that script name is the same.

[Slyke]

Here is my code solution. I'm not sure how secure this will be (Obviously $_GET['grantaccess']=="true" is going to be changed), any comments would be appreciated:

 

<?php



error_reporting(E_ALL);

ini_set('display_errors', 1);



$method="http";

$domain="example.com";



$defaultMIME="text/plain";



$fileType = $defaultMIME;



if ($_GET['grantaccess']=="true") {

  $navFile=str_replace("..", "", $_GET['torun']);

  $fileURL=$method . '://' . $domain . '/' . $navFile;



  if (file_exists($navFile)) {

  

    $finfoHandler = finfo_open(FILEINFO_MIME_TYPE);

    $fileType = finfo_file($finfoHandler, $navFile);

    finfo_close($finfoHandler);

    

    if ($fileType===FALSE) {

      $fileType = $defaultMIME;

    }

    

    header('Content-Type: '.$fileType);



    $fileHandle = fopen($navFile, "r");

    //$fileContents = stream_get_contents($fileHandle); //Can't use a URL with fopen, it will reexecute .htaccess.

    $fileContents = fread($fileHandle, filesize($navFile));

    fclose($fileHandle);

    

    echo $fileContents;

    

  } else {

    header("HTTP/1.0 404 Not Found", true, 404);

    echo "Not Found";

  }

  

} else {

  header("HTTP/1.0 403 Forbidden", true, 403);

  echo "Access denied";

}

 

 

 

I only wanted to give access to sub-directories from here, not anything above / when navigating from browser. I believe Apache is Chrooted anyway when you specify the virtual host's document root in the config, but I replaced all ".." with nothing just to be sure.