1

For my site let's say I have a file in a folder called 'download'

so the direct link for the file would be www.testing.com/download/file.exe

I want to throw an authorization token with it like so, .../download/file.exe?auth=asdffg122**, with the auth token being a hash from time and expiry. So far I have written in a .htaccess file :

 RewriteEngine on
 RewriteRule \(.*)$.(exe)$ check.php?file=$1?auth=$2 [QSA]

I want to pass the name of the file to variable $1, and the auth token to the $2 variable. Is there a way to do this?

Improve this question
3
  • Do you expect the auth value to be generated inside the htaccess file? Commented Feb 28, 2012 at 20:08
  • no it would be generated when the link is created. I just want to pass the variables to the php file. Commented Feb 28, 2012 at 20:12
  • Or the real file name could be file.exe and then the download link would be file_dummy.exe?auth=**hash** .. and then just passing the file name and the hash into the php but the link looks like its linking to a direct file. Commented Feb 28, 2012 at 20:13

2 Answers 2

Reset to default
1

like this?

 RewriteEngine on
 RewriteCond %{QUERY_STRING} .*auth=(.*)\&*.*$
 RewriteRule ^.*\/(.*\.exe)$ check.php?file=$1&auth=%n

Assuming you add the auth= to the GET request Edit: Modified based on comment from $@Orbling

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

The query string is stripped before entry to RewriteRule, so you can not match against it like that. If matching is desperately needed, it can be matched on RewriteCond with %{QUERY_STRING} and the matching groups used in subsequent RewriteRule commands using %n substitutions (as opposed to $n). The [QSA] tag appends the query string back on after the rewrite, combining it with anything you have added on the destination of the rule.
I don't necessarily need it matched, i just need it passed to the php file.
1

What you probably wanted to, or should write is:

RewriteRule ^(.*\.exe)$ check.php?file=$1 [QSA]

The leading \ backslash should be a ^ start anchor, if you place that Rewriterule into the download folder. You can also only have one $ end of subject marker (usually). To assert the file extension, move it into the parenthesis. The whole of (.*\.exe) becomes $1.

The ?auth=abc22 is automatically appended as &auth=abc22 when you use [QSA]. So that adding a $2 becomes redundant. (You would need a separate RewriteCond to match the QUERY_STRING anyway. It's not part of the rewrite path.)

See also Serverfault: Everything You Ever Wanted to Know about Mod_Rewrite Rules but Were Afraid to Ask? for more examples.

Improve this answer

4 Comments

thanks for your answer, so are you saying when (.*\.exe) is passed to $1 .. file.exe?auth=abc22 = $1?
Only the part until the ? question mark becomes $1. The query string isn't seen by the RewriteRule. See wiki.apache.org/httpd/Rewrite for some details.
how would i go on writing a rewriterule for the query? Something like rewrite (^.\?)$ .. then passing that? or no? sorry for asking a lot of questions.. :/ lol
Google for RewriteCond %{QUERY_STRING} ... examples.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.