This is the first time i’m doing this and have been
doing some research on it.
I have a page that selects some info from a database
and displays it with a link to a second page that uses
the result to query the database, something like this:
$sel=mysql_query("select id, title from thetable ");
while($row=mysql_fetch_array($sel))
{
$id=$row['id'];
$title=$row['title'];
echo "<a href='more.php?id=$id'>$title</a>";
}
The issue is, in the details.php page, instead of more.php?id=5 to show in
the address bar, I want something like more/title
Secondly, as it obtains in most sites, I want the link on the referring page
to show this friendly url on mouse hover not the more.php?id=5
And I notice in most sites some words like ‘a’, ‘and’, ‘the’ etc are usually
removed from the url title(even if there originally), moreover how does one
handle the situation where more than one record have the same title.
How does one go about achieving this url rewrite with htaccess or whatever
method is used.
You might benefit from reading the mod_rewrite tutorial linked in my signature as it contains explanations and sample code. It’s helped may members and should help you, too. Look for where I discuss NOT using the ID to pull a record from the database but use another (UNIQUE) field like TITLE. For a working example, have a look at the page links at http://wilderness-wally.com.
sammies,
Not bad BUT you need to specify a set of values in the RewriteRule rather than use the :kaioken: EVERYTHING :kaioken: atom as that is a major security problem. I’ve avoided the use of the file and directory checks on Wally’s website by eliminating the dot character from the character range definition (so .html, .css, .js, .php, … files are eliminated from the redirection).
With your PHP code, you made the same error tentim did by not providing a WHERE clause in the query statement - I also add a LIMIT 1 to be sure that I get only one record returned.
Finally, NEVER use a raw $_GET value in a query statement. THIS IS A MAJOR ATTACK VECTOR USED BY HACKERS! Before you EVER use a $_GET value, be sure that it does not contain a SQL Injection Attack code by specifying the allowable characters, removing HTML code and using the mysqli_real_escape_string to “safe” single/double quotes.