You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Jan Eden <li...@janeden.org> on 2005/03/03 16:24:04 UTC
[users@httpd] mod_rewrite and forms
Hi,
I use mod_rewrite to provide simpler URLs for my database-driven site. My document root's .htaccess contains the following line (among others):
RewriteRule pages/([0-9]+) cgi-bin/show.pl?id=$1
It works fine.
But some of my pages are password-protected. For these pages, show.pl displays a form where username and password can be entered. The form calls the script itself:
...
$q->start_form(),
qq{<p>Benutzer<br />}, $q->textfield("user_name"), "</p>",
qq{<p>Passwort:<br />}, $q->password_field("user_password"), "</p>",
$q->hidden("id", "$id"),
$q->submit;
...
If the username/password are entered correctly, show.pl is called again with three parameters (id, username and password), and the protected page is displayed
Unfortunately, when sending the form, the browser's address bar changes from
http://mysite.com/pages/1234
to
http://mysite.com/pages/1234?id=1234
The page itself is displayed correctly.
But why is the query string added? When I change the form's method to get, I get
http://mysite.com/pages/1234?user_name=user&user_password=pass&id=1234&.submit=Senden
as you would expect.
Why is the "id=1234" part still added when using POST?
Thanks,
Jan
--
There are 10 kinds of people: those who understand binary, and those who don't
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_rewrite and forms
Posted by Jan Eden <li...@janeden.org>.
Jan Eden wrote on 03.03.2005:
>Hi,
>
>I use mod_rewrite to provide simpler URLs for my database-driven
>site. My document root's .htaccess contains the following line
>(among others):
>
>RewriteRule pages/([0-9]+) cgi-bin/show.pl?id=$1
>
>It works fine.
>
>But some of my pages are password-protected. For these pages,
>show.pl displays a form where username and password can be entered.
>The form calls the script itself:
>
>...
>$q->start_form(), qq{<p>Benutzer<br />}, $q->textfield("user_name"),
>"</p>", qq{<p>Passwort:<br />}, $q->password_field("user_password"),
>"</p>", $q->hidden("id", "$id"), $q->submit;
>...
>
>If the username/password are entered correctly, show.pl is called
>again with three parameters (id, username and password), and the
>protected page is displayed
>
>Unfortunately, when sending the form, the browser's address bar
>changes from
>
>http://mysite.com/pages/1234
>
>to
>
>http://mysite.com/pages/1234?id=1234
>
>The page itself is displayed correctly.
>
>But why is the query string added? When I change the form's method
>to get, I get
>
>http://mysite.com/pages/1234?user_name=user&user_password=pass&id=
>1234&.submit= Senden
>
>as you would expect.
>
>Why is the "id=1234" part still added when using POST?
I should have chosen a slightly different subject line, as "mod_rewrite + post forms" got a response quickly. ;-)
I solved the problem myself by using the input to mod_rewrite (pages/1234) as the script's action parameter.
Best,
Jan
--
There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence. - Jeremy S. Anderson
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org