$_SESSION variable with .htaccess DirectoryIndex redirection


#1

Hi everyone!

I have, in my .htaccess, a “DirectoryIndex /boot.php” and a “ErrorDocument 404 /” line to redirect all my pages to boot.php.



boot.php

session_start();

require 'php/databases.php';

$req = $_SERVER['REQUEST_URI'];
$get = explode('/', $req);
$dir = '/' . $get[1] . '/';
$dir = __DIR__ . $dir;
$url = $dir . 'index.php';

ob_start();
if (is_file($url)) require $url;
else require 'error.php';
$content = ob_get_clean();

require 'page.php';




php/databases.php

$db = new PDO('mysql:host=localhost;dbname=***;charset=utf8', '***', '***');

$id = $_SESSION['id'];

if ($id) {
    $req = $db->prepare('SELECT * FROM users WHERE id = ?');
    $req->execute([$id]);
    $user = $req->fetch();

    extract($user);
}




… and page.php is basically the HTML part.

My problem is that the $_SESSION[‘id’] variable is functional on the pages that uses the “DirectoryIndex /boot.php” redirection (like “/” (home), “/register/” and “/login/”), but not on those that uses the “ErrorDocument 404 /” one (like “/profil/1/” because the “/profil/” folder does exist but not the “/profil/1/” one, which has to use the Error 404 redirection).

My website: Kruxy.fr

I’m French so there is a little French lesson if you want:
home → accueil
register → s’inscrire
log in → se connecter
username → pseudo
password → mot de passe
my profile → mon profil
log out → se déconnecter

Even if you can create an account, I created one for you to test if you want to:
Username: test
Password: password

You can see that it doesn’t work in the “/profil/” section by looking at the header which shows “Se connecter” and “S’inscrire” instead of “Mon profil” and “Se déconnecter”…

Please help me! How can I make the $_SESSION variable working on Error 404 pages? Keep in mind that it does function on certain pages.

Thank you! ✘


#2

Did you put session_start(); variables in 404 pages?


#3

Yes! all my pages lead to boot.php which has the session_start(); line!


#4

Do not worry, I understand french.
Seems to be working fine on my end.


#5

I put a $_SESSION[‘id’] = <?php echo $_SESSION['id'] ?> in the aside for you to see when the “2” appears, and, if you look on the “/profil/1/” or “/profil/2/” page, the “2” after "$_SESSION[‘id’] = " does not appear! It is the same in a random page like “/axdyezg/”…


#7

I see this
(test) $_SESSION[‘id’] =
Did you add php tags?


#8

You just have to be connected to have a $_SESSION[‘id’]… (2 with the test account I created)


#9

Okay, where do I login so I can examinate?


#10

Se connecter”: test with password password


#11

I’ll check that later I’m busy right now :slight_smile:


#12

Finally, I just chose to use $_GET variables: it’s less beautiful in the URL but so more convenient…