i wondering if possible rewrite url might this
www.example.com/item.php?id=1 www.example/item.php without `?id=1` please note 1 product id might change 2 or number depending on product user choose
my current htaccess
my current .htaccess looks this:
rewriteengine on rewritebase / rewriterule ^item/(.*)$ test/main/pages/account/$1 [l] // **the item.php file in item folder** errordocument 404 /test/main/pages/general/index.php options -indexes authname "main" i did like
<?php include('global.php'); ///database connection function create_guid() { $microtime = microtime(); list($a_dec, $a_sec) = explode(" ", $microtime); $dec_hex = dechex($a_dec* 1000000); $sec_hex = dechex($a_sec); ensure_length($dec_hex, 5); ensure_length($sec_hex, 6); $guid = ""; $guid .= $dec_hex; $guid .= create_guid_section(3); $guid .= '-'; $guid .= create_guid_section(4); $guid .= '-'; $guid .= create_guid_section(4); $guid .= '-'; $guid .= create_guid_section(4); $guid .= '-'; $guid .= $sec_hex; $guid .= create_guid_section(6); return $guid; } $stmt = $conn->prepare("insert `product (`pid`, `guid`, `price`) values (13, '".$guid."', 13)"); $stmt->execute(); ?> also did using pdo because not big fan of mysql
since main motive here keep people form guessing id in url , since pointed out lucas william way want not possible in .htaccess instead can store id of each product in database guid format(this format of id storage database used sugarcrm) proper substitute satisfy required , can use id uniquely identify product table each records:
the functions create guid follows:
function create_guid() { $microtime = microtime(); list($a_dec, $a_sec) = explode(" ", $microtime); $dec_hex = dechex($a_dec* 1000000); $sec_hex = dechex($a_sec); ensure_length($dec_hex, 5); ensure_length($sec_hex, 6); $guid = ""; $guid .= $dec_hex; $guid .= create_guid_section(3); $guid .= '-'; $guid .= create_guid_section(4); $guid .= '-'; $guid .= create_guid_section(4); $guid .= '-'; $guid .= create_guid_section(4); $guid .= '-'; $guid .= $sec_hex; $guid .= create_guid_section(6); return $guid; } function create_guid_section($characters) { $return = ""; for($i=0; $i<$characters; $i++) { $return .= dechex(mt_rand(0,15)); } return $return; } function ensure_length(&$string, $length) { $strlen = strlen($string); if($strlen < $length) { $string = str_pad($string,$length,"0"); } else if($strlen > $length) { $string = substr($string, 0, $length); } } now using above function can generate id as:
$guid = create_guid(); //guid of format 79cb3604-e634-a142-d9cb-5113745b31e2 can see quite impossible guess. also sugest keep auto increment field in product table. because idea maintain auto incremented field in table uniquely identity records.
i hope can of help
edit :
what need add field in database product table named "guid" current database product table structure has following fields:
id, name, price //where id auto incremented after adding field guid becomes
id, guid, name, price //where id auto incremented field , guid uniquely identifies each row in product table and when insert of product data in database product table generate guid using above code , insert it. ie
for example
$sql = "insert product_table('guid','product_name',product_price) values('".$guid."','product1','59.00'); so example data in product table this:
1, 79cb3604-e634-a142-d9cb-5113745b31e2, product1, 59.00 now in product.php page url say
yoursite.com/product.php?guid=79cb3604-e634-a142-d9cb-5113745b31e2 instead of using url
yoursite.com/product.php?id=1 you can query data database product table in relation "guid" of course uniquely identifies each row in product table in database there elimiting risk of user guessing id in url of webpage.
i hope gives idea of trying explain.
Comments
Post a Comment