Imthiaz Blog

me and stupid works….!!!

Wordpress url rewrite hack plugin

October 5th, 2006 by Imthiaz

There is a simple way to push your rewrite rules to wordpress using a simple filter. To do this you need use rewrite_rules_array filter. Before starting with that let me explain the basic rewrite structure of wordpress 2.0 and above.

# BEGIN WordPress
< IfModule mod_rewrite.c >
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
< /IfModule >
# END WordPress

The rules above are the default rules in wordpress when you enable permalink option. The rules checks if the incoming request URI is a physical files or a physical directory. If both the conditions are false it directs the control to index.php. So that ends there. If you type any random url on permalink enabled wordpress blog you will get a 404 error page. This is because wordpress tries to decode the incoming url with series of rules and detects if the request is of some pattern. And if there is a pattern match it loads the needed stuff else it load a 404 page.

Basically the default pattern is generated based on what you set on permalink option page. And it has standard pattern rules for loading page, rss, author, category etc etc… The next thing you need to do it is to insert your pattern into wordpress rules array. This is achieved with the help of rewrite_rules_array filter. I will show how you can load your rewrite rules into wordpress.

function insertMyRewriteRules($rules){
$newrules = array();
$newrules['redirect/url/(.+)$']=’index.php?is_page_redirect=1&redirect_url=$matches[1]‘;
return $newrules+$rules;
}
add_filter(’rewrite_rules_array’,'insertMyRewriteRules’);

Using the above function I have added a pattern /redirect/url/(anything) to rewrite rules. If request URI has this pattern then it will pass two variables namely is_page_redirect and redirect_url to index.php. Variable redirect_url will hold the pattern match of string followed after /redirect/url/ in the request uri.
Example if I requested a url imthi.com/redirect/url/http://www.example.com/ redirect_url will hold ‘http://www.example.com’. Now pattern is matched and parsed into index.php as query variables. Now the next is to tell url query parser to use these variables. To do so you have apply a filter query_vars.

function insertMyRewriteQueryVars($vars){
array_push($vars, ‘is_page_redirect’, ‘redirect_url’);
return $vars;
}
add_filter(’query_vars‘,’insertMyRewriteQueryVars’);

The above function will add the two variables into the query vars and by which you instruct wordpress not to loose if these variables found in the request query. Okay that is done and the variables are retained. Next step is tell the query parser to use this. That is done with the help of action parse_query.

function insertMyRewriteParseQuery($query){
if(!empty($query->query_vars['is_page_redirect'])){
header(”location:”.$query->query_vars['redirect_url']);
exit();
}
}
add_action(’parse_query’,'insertMyRewriteParseQuery’);

The above fuction will check if there is variable is named is_page_redirect in query vars. If present it redirects to location present in variable redirect_url. :-D.. Lets wrap this up and make it a plugin which will apply redirect to comment author website urls.

Download comment url redirect plugin. Dont be surprised it is really simple.. ;-)

Posted in Programming on Thursday, October 5th, 2006 at 11:59 pm

9 Responses to “Wordpress url rewrite hack plugin”

  1. Imthiaz Says:
    October 6th, 2006 at 12:06 am

    Checking for comment author url redirection..!!!

  2. Imthiaz Says:
    October 6th, 2006 at 12:07 am

    Good :-D it works…!!!!

  3. Upekshapriya Says:
    October 22nd, 2006 at 7:07 am

    Hi Imthiaz

    Tried to activate this plugin and got the following error

    Fatal error: Call to a member function on a non-object in /home/fr15cool/public_html/wp-content/plugins/url-redirect-plugin.php on line 14

    Tried it on another blog and had the same message.

    Any ideas?

  4. tobias Says:
    May 29th, 2007 at 2:28 am

    Fantastic! Thank you for a luvly tutorial (found it googling “rewrite_rules_array”). Finally somebody could explain this to me in a simple way.

  5. pepe Says:
    June 3rd, 2007 at 12:22 am

    Thanks for this very useful tutorial.

  6. Dave Says:
    August 3rd, 2007 at 12:53 am

    Great example! But please be aware that this is not totally safe.

    First of all, any external call to /redirect/url/blah will work, not only from your site, also from email. This makes your site interesting as a relay for spammers.

    Second: i’m not sure about this one, as I couldn’t reproduce it on your site… but if it’s possible to send enters or LFs (%0D / %0A), it’d be possible to XSS/HRS “hack” your site as well. For example: http://imthi.com/redirect/url/%0A%0A%0A%3Cscript%3Ealert%28%27this%20could%20be%20xss%27%29%3B%

    Third: while testing I found that trying http://imthi.com/redirect/url/a makes it a great way to send the browser into a loop, and the webserver is DoS’ed

  7. Robin Says:
    October 23rd, 2007 at 11:25 pm

    Thanks for this! You should join the WP documentation team, a very good explanation for something I was struggling with for hours! Cheers!

  8. Andreas Schipplock Says:
    April 25th, 2008 at 2:15 am

    Thanks dude. insertMyRewriteRules simply did it.

  9. Steven Says:
    June 30th, 2008 at 1:08 pm

    Hi,

    How and where do you install/place this plugin? I put it into my /plugins dir but it does not show up in my plugin list so can not activate it??

    I use WP 2.5.1. Anybody please.

Leave a Reply

Visitor map

Flip Media - interactive digital agency in Dubai | Properties in Dubai
Copyright © 2005 - 2009 H.M Imthiaz Rafiq | Imthiaz Blog is powered by WordPress and theme by YGoY