I have a subfolder that holds user uploaded files. I want to redirect all direct file requests to this folder to another .php script...so i can check if the user is logged in before i send/show the file to him. For example:
/mainsite/uploads/user/2324/file.pdf
needs to be forwarded to
/mainsite/uploads/permissions.php
But i need inside the permissions.php to be able to do:
$url = $_SERVER['REQUEST_URI'];
and see what was the initial request...in order to readfile() the file after all the 'checking'.
I've tried this:
RewriteEngine On
RewriteRule ^/uploads/user/?$ /uploads/permissions.php [R=301,L]
but this is just a simple forwarding...i got no idea what file or folder the user requested.
I know i can do this by creating an individual htaccess file inside every folder that is created under 'user/{userid}' but i wanted a simpler function. I dont want to have 10000 htaccess files, if i can do this with just one.
Thanks
try with this syntax: (i added the R=301 part, which wasn't necessary in my version, so it is not fully tested, works without the R option)
RewriteRule "^/uploads/user/(.+)$" "/uploads/permissions.php?file=$1" [R=301,QSA,L]
You can the get your file var in the $_GET array in permissions.php. However, i wouldn't recommend to use directly this value because it can be unsecure. The best way is to only allow fixed values, with a switch for example, having filtered the var as a string before.