I am trying to figure out how authenticates users. I'm running into what appear to be parameters being passed in the url. What's interesting is the file names have no extensions. I know practically nothing of php other than what it is. I know a little of ASP. Does anybody know what they are using?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
serverside scripting without extension
- Thread starter grnfvr
- Start date
Do you see something like this?
Or like this?
They are two very different things. The first one is simply passing query string vars to the default index file in the "name" directory, which is probably "index.php".
The second of these is a little more interesting. There are several ways to do that sort of thing, assuming the webserver is Apache:
1. One of the default modules (can't remember which) in modern versions of Apache provides an automatic "nearest match" redirect. This means if you have a file named , and you request , Apache will automatically redirect that request to the "name.php" file. (This is assuming there is no directory named "/name" at that location)
2. The Apache module called "mod_rewrite" allows for extensive hacking of your HTTP requests, so that any request can be redirected to any file, including patterns defined by regular expressions, etc...
3. The standard Apache file that handles "Error Document 404" can be a PHP file, which automatically parses the GET request for files which don't exist, and can thus serve out relevant data. (this is sort of an ugly kludge, for those who don't want to deal with mod_rewrite)
Or like this?
They are two very different things. The first one is simply passing query string vars to the default index file in the "name" directory, which is probably "index.php".
The second of these is a little more interesting. There are several ways to do that sort of thing, assuming the webserver is Apache:
1. One of the default modules (can't remember which) in modern versions of Apache provides an automatic "nearest match" redirect. This means if you have a file named , and you request , Apache will automatically redirect that request to the "name.php" file. (This is assuming there is no directory named "/name" at that location)
2. The Apache module called "mod_rewrite" allows for extensive hacking of your HTTP requests, so that any request can be redirected to any file, including patterns defined by regular expressions, etc...
3. The standard Apache file that handles "Error Document 404" can be a PHP file, which automatically parses the GET request for files which don't exist, and can thus serve out relevant data. (this is sort of an ugly kludge, for those who don't want to deal with mod_rewrite)
- Thread starter
- #3
That would indeed be one of the 3 methods I describe above. Most likely they are using mod_rewrite, which is the most common (and powerful) method of redirecting requests.
This has nothing to do with PHP or any server-side scripting environment directly, but is an effect of the Apache webserver's power and flexibility.
I may have misunderstood your first question. If you want to know exactly what server-side environment they are using, there is no way to tell for sure. has a place where you can enter a domain name and get the server environment response (See "What's that site running?"
, but this can easily by masked by the server admins, so it's not a surefire way. They could really be using any server-side technology, but it seems a fairly safe assumption that the webserver is Apache.
This has nothing to do with PHP or any server-side scripting environment directly, but is an effect of the Apache webserver's power and flexibility.
I may have misunderstood your first question. If you want to know exactly what server-side environment they are using, there is no way to tell for sure. has a place where you can enter a domain name and get the server environment response (See "What's that site running?"
, but this can easily by masked by the server admins, so it's not a surefire way. They could really be using any server-side technology, but it seems a fairly safe assumption that the webserver is Apache.- Status