.htaccess rewrite with WordPress plugin

Asked 27/9, 2017 at 0:46 Answered 29/9, 2017 at 12:34

Solved php wordpress .htaccess mod-rewrite multisite

I am working on building a WordPress plugin for a custom WordPress multisite network and have a few files that use URL variables to load information from a second database (not the WordPress database).

In the version built outside of WordPress by navigating to http://website.com/NAME-HERE it would check to see if it is a username in my database, if not check to see if its a group in my database and load the file that corresponds to if its a username or group.

Now I'm totally lost about implementing this into WordPress Multisite. As far as I know plugins can't make .htaccess rewrites? How do I make it work on all the network sites?

If not whats the best way to accomplish this?

Do I need to place my pretty.php & .htaccess rewrites into my root directory and point the pages to the files located in the plugin? If so how does this work with multiple themes?

At this point I figured my best bet was to reach out to the StackOverflow community for assistance or direction.

.htaccess

RewriteEngine On  
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]  
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]  

RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f

RewriteRule ^(\w.+)$ ./pretty.php?pretty=$1 [QSA]

ErrorDocument 404 /404.php

pretty.php

// First check if passed pretty parameter is a username.
if(checkIfUserByUsername($_GET['pretty']))
{
    $_GET['username'] = $_GET['pretty'];
    
    include("USERNAME.php");

// If not a username, check to see if it's an event.
}else if(checkIfStreamByPretty($_GET['pretty'])){
    $_GET['id'] = getStreamIdFromPretty($_GET['pretty']);
    
    include("GROUP.php");
}else{
    // If it's none, redirect to the 404 page.

    include("404.php");
}

Nubia answered 27/9, 2017 at 0:46 Comment(3)

It's not clear what you're looking to achieve as a desired result. Please break down your question to be more concise for what you actually want to happen, as opposed to the struggles you've encountered. As for edits to .htaccess you could checkout other plugins that do make edits to the .htaccess file, such as All In One WP Security & Firewall. – Intolerant 29/9, 2017 at 1:50

if I go to example.com/Dustin it checks if its a username or a group and displays the page-template file for which one it is. – Nubia 29/9, 2017 at 2:58

but it also needs to work for the multisites created so example.com/SITE/Dustin – Nubia 29/9, 2017 at 3:21

There are a handful of ways you could approach this, if I am understanding what you want to achieve. You likely don't need to use any rewrites.

The easiest solution would be to add your "pretty.php" code to your header.php file in your Wordpress template. This will load on every request to the front end of the website. If you need it to load the code only on a specific page, simply check for what page you are on using is_page.

for example, in your header.php:

if(is_page("groups")){
  if(checkIfUserByUsername($_GET['pretty']))
  {
    // the rest of your code
  }
}

If you want to write a Wordpress plugin, you just need to use "add_action" in your plugin:

add_action('wp_head', 'function_containing_your_code');

Again, this will load on every page so simply check that your are on the page you want to load your code on.

https://codex.wordpress.org/Plugin_API/Action_Reference/wp_head https://developer.wordpress.org/reference/functions/is_page/

Also, you can edit your .htaccess file just like you can edit any file that your user has permission to edit. Assuming you are running an apache server, your .htaccess file needs to have permissions that allow the file to be edited and you can edit the file with PHP. for example:

$file = fopen("/path/to/.htaccess", "a+");
fwrite($f, "RewriteRule ^(\w.+)$ ./pretty.php?pretty=$1 [QSA]");
fclose($f);

Many people would say that it is a security risk to have PHP writing to your .htaccess file. I would say that in some circumstances that is true, but certainly not always. Make you understand permissions before allowing PHP to write to your .htaccess file.

Strafford answered 29/9, 2017 at 2:7 Comment(4)

I've got the .htaccess rewrite working but it only applies to my main site not all the sites in the network. – Nubia 29/9, 2017 at 3:14

This was the direction I was going in as well. I would say that allowing wordpress to have write access to .htaccess and applying changes in production is bad-practice. A single bad write would bring-down the entire network of sites. Depending on server configuration and third-party plugin uses, editing the .htaccess may not be desirable. e.g. server-side and client-side caching, preventing new rules from being applied. Doing so may even degrade responsiveness, due to many rewrite rules needing to be processed for every request. – Intolerant 29/9, 2017 at 13:19

Okay if I am using the Rewrite rule RewriteRule ^(\w.+)$ ./pretty.php?pretty=$1 [QSA] How do I get it to work for all the multisite sites not just the main site. Lets start here. – Nubia 29/9, 2017 at 16:3

Just came back to this post almost a year later after forgetting about it and this was the best answer incorporated directly to the 404 page. – Nubia 22/8, 2018 at 19:22

In addition to John Gile's answer please sanitize the Get parameters. You can read about some sanitizing option's here

In your questions context something like $username = sanitize_text_field( $_GET['pretty'] ); Should be sufficient. But please take a deeper look at what needs sanitizing.

Regarding your original Question the first approach John suggested seems to be the better one.

Consider the moment two separate request are requesting the same url with the same username. Since File Reading/Writing is a blocking Stream one of the requests have to wait for the stream to close and the website won't render until this happens.

If you bypass this with an additional stream or whatever your risking to end up with duplicate entries or worse a corrupted file which could lead to Server Errors.

Edit

I'am not quite sure what you are trying to achieve with including include('USERNAME.php') are you creating a dedicated php file for every user that signs up for your "multi-site network"? If that is the case I think you made wrong decisions when planing this.

Usually when you want to share, control or alter behavior depending on external resources you'd fetch data in the JSON data format.

Now if I were in your shoes I'd create a REST web service that returns the JSON depending on the username get parameter and control the output depending on the data coming in.

Creating a api is rather complex and depending on your needs you'd go with whatever tool fits these best. I personally enjoyed working with apigility for rather complex things and lumen for small things. You can also create this yourself if you choose, too.

After creating the api you then could easily get the JSON with file_get_contents() described here or use whatever rest tool you can find for php.

Phonology answered 29/9, 2017 at 12:34 Comment(0)

Recommended topics

Hot tags