0

I have a problem with my download file due to some wrong coding in htaccess,here is my htaccess code for this url

URL:

https//www.example.com/download.php?fil=`<?php echo $nm ; ?>`&fpath=`<?php echo $fpath ; ?>`&ntid=`<?php echo $ntid ; ?>`

$nm= b5fgh68dsk3nlxz.pdf , 
$fpath= ..uploads/45 ,
$ntid= 146

now htaccess is 

RewriteEngine ON
RewriteRule ^n9/([a-zA-Z0-9!@#$-_]*)/([a-zA-Z0-9!@#$-_]*)/([0-9]+)$     download.php?fil=$1&fpath=$2&ntid=$3

now problem is normally without htaccess files can download easily but with the htaccess download couldn't established

url looks after htaccess 

https://www.example.com/n9/b5fgh68dsk3nlxz.pdf/..uploads/45/146
Improve this question
1
  • $-_] would cause you errors. Use $_-] (the hyphen at the end) Commented Oct 7, 2015 at 5:24

1 Answer 1

Reset to default
2

That ..uploads part also looks like a possible vulnerability allowing people to get the source of possibly any file on the server if you're not careful. But if your download.php file takes precautions before giving them the file contents, I'd seek a workaround to preserve your slashes. From your PHP file which is generating the link, I'd do:

<?php
function base64url_encode($data) { 
return rtrim(strtr(base64_encode($data), '+/', '-_'), '='); 
} 
?>
<a href="https://www.example.com/n9/<?php echo base64url_encode($nm) ; ?>/<?php echo base64url_encode($fpath); ?>/<?php echo base64url_encode($ntid); ?>">download</a>

Then from your download.php on the top I'd use:

<?php 
function base64url_decode($data) { 
return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT)); 
}
if(isset($_GET['fil']))$_GET['fil']=base64url_decode($_GET['fil']); 
if(isset($_GET['fpath']))$_GET['fpath']=base64url_decode($_GET['fpath']); 
if(isset($_GET['ntid']))$_GET['ntid']=base64url_decode($_GET['ntid']);
?>

Finally, use can get by with the following clean .htaccess:

RewriteRule ^n9/([a-zA-Z0-9_-]+)/([a-zA-Z0-9_-]+)/([a-zA-Z0-9_-]+)$ download.php?fil=$1&fpath=$2&ntid=$3
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.