在 .htaccess 中设置环境变量并在 PHP 中检索它
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/17550223/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Set an environment variable in .htaccess and retrieve it in PHP
提问by Bruno Cloutier
I am trying to set an environment variable in an .htaccess file and retrieve it in PHP. I've looked through a bunch of other threads here on SO but everything I've tried so far has failed.
我正在尝试在 .htaccess 文件中设置环境变量并在 PHP 中检索它。我已经在 SO 上浏览了一堆其他线程,但到目前为止我尝试过的一切都失败了。
I've added this line to the .htaccess file:
我已将此行添加到 .htaccess 文件中:
SetEnv SPECIAL_PATH /foo/bin
I have tried retrieving this value using the getenv() PHP function:
我尝试使用 getenv() PHP 函数检索此值:
<?php $specialPath = getenv('SPECIAL_PATH'); ?>
I have runned phpinfo() to see the list of available environment variables, SPECIAL_PATH is not there. I am puzzled as to why this is not working.
我已经运行 phpinfo() 来查看可用环境变量的列表,但 SPECIAL_PATH 不存在。我很困惑为什么这不起作用。
Thank you!
谢谢!
采纳答案by Jacob S
Assuming your configuration has AllowOverrides with .htaccess, you must enable mod_env in Apache for this to work.
假设您的配置具有带 .htaccess 的 AllowOverrides,您必须在 Apache 中启用 mod_env 才能使其工作。
回答by George Lerner
Apache Docs custom-error.html covers environment variables passed to error handling pages
Apache Docs custom-error.html 涵盖传递给错误处理页面的环境变量
Says "REDIRECT_ environment variables are created from the environment variables which existed prior to the redirect. They are renamed with a REDIRECT_ prefix, i.e., HTTP_USER_AGENTbecomes REDIRECT_HTTP_USER_AGENT."
说“REDIRECT_ 环境变量是从重定向之前存在的环境变量创建的。它们被重命名为 REDIRECT_ 前缀,即HTTP_USER_AGENT变为REDIRECT_HTTP_USER_AGENT。”
Says "None of these will be set if the ErrorDocument target is an external redirect (anything starting with a scheme name like http:, even if it refers to the same host as the server)."
说“如果 ErrorDocument 目标是外部重定向(任何以 http: 等方案名称开头的内容,即使它指的是与服务器相同的主机),这些都不会被设置。”
Says about SetEnv: "The internal environment variables set by this directive are set after most early request processing directives are run, such as access control and URI-to-filename mapping. If the environment variable you're setting is meant as input into this early phase of processing such as the RewriteRule directive, you should instead set the environment variable with SetEnvIf."
关于 SetEnv:“此指令设置的内部环境变量是在大多数早期请求处理指令运行后设置的,例如访问控制和 URI 到文件名映射。如果您设置的环境变量是作为输入到此在 RewriteRule 指令等早期处理阶段,您应该使用 SetEnvIf 设置环境变量。”
On some servers, user-declared environment variables must start with 'HTTP_' for security purposes, e.g.: SetEnv HTTP_MY_VARIABLE "my value"
在某些服务器上,出于安全目的,用户声明的环境变量必须以“HTTP_”开头,例如: SetEnv HTTP_MY_VARIABLE "my value"
Here are some .htaccess ways of setting and using server environment variables, taken from my modifying the Perishable Press 5G Blacklist/Firewall http://perishablepress.com/5g-blacklist-2013/to use environment variable reporting:
以下是一些 .htaccess 设置和使用服务器环境变量的方法,摘自我修改 Perishable Press 5G Blacklist/Firewall http://perishablepress.com/5g-blacklist-2013/以使用环境变量报告:
SetEnv myServerName %{SERVER_NAME}
RewriteCond %{QUERY_STRING} (base64_encode|localhost|mosconfig|open_basedir) [NC,OR]
RewriteCond %{QUERY_STRING} (boot\.ini|echo.*kae|etc/passwd) [NC,OR]
RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC]
RewriteRule .* - [E=badQueryString:%0--%1--%2,F,L]
SetEnvIfNoCase User-Agent ^$ noUserAgent
SetEnvIfNoCase User-Agent (binlar|casper|cmsworldmap|comodo|diavol|dotbot|feedfinder|flicky|ia_archiver|jakarta|kmccrew|nutch|planetwork|purebot|pycurl|skygrid|sucker|turnit|vikspider|zmeu) badUserAgent=
<limit GET POST PUT>
Order Allow,Deny
Allow from all
Deny from env=badUserAgent
</limit>
Notice the use of paramters, e.g. $0--%1--%2. %0 gives the full string, %1 gives the match from the 1st parenthesized statement, %2 the 2nd. The hyphens are literal display characters, to visually separate parameter results (don't think is any way to put spaces in there).
注意参数的使用,例如 $0--%1--%2。%0 给出完整字符串,%1 给出第一个括号中的语句的匹配项,%2 给出第二个。连字符是文字显示字符,用于在视觉上分隔参数结果(不要认为是在其中放置空格的任何方法)。
Here are some PHP methods of accessing the environment variables (in my case from 403.php and 404.php). Note that you don't look in phpinfo(), but in $SERVER, and that your variables get prefixed with REDIRECTNote also that with a 403/404 redirect, the QUERY_STRING becomes REDIRECT_QUERY_STRING This is stuff that could easily be server dependent, so check $_SERVER for your actual values. For example,
这里有一些 PHP 访问环境变量的方法(在我的例子中来自 403.php 和 404.php)。请注意,您不是在 phpinfo() 中查看,而是在 $ SERVER 中查看,并且您的变量以 REDIRECT 为前缀请注意,使用 403/404 重定向时,QUERY_STRING 变为 REDIRECT_QUERY_STRING 这很容易依赖于服务器,因此检查 $_SERVER 以获得您的实际值。例如,
if (getenv("HTTP_REFERER") !== FALSE) {
$httpref = getenv("HTTP_REFERER");
} else {
$httpref = '';
}
if (isset($_SERVER['REDIRECT_STATUS'])) {
$status = $_SERVER['REDIRECT_STATUS'];
} else {
$status = '';
}
if (isset($_SERVER['REMOTE_HOST'])) {
$remoteHost = $_SERVER['REMOTE_HOST'];
} else {
$remoteHost = '';
}
if (isset($_SERVER['REDIRECT_QUERY_STRING'])) {
$querystring = $_SERVER['REDIRECT_QUERY_STRING'];
} else {
$querystring = '';
}
if (isset($_SERVER['REDIRECT_noUserAgent']) ) {
$htaccessErrors[] = 'NoUserAgent';
}
if (getenv("REDIRECT_badQueryString") !== FALSE) {
/* must exactly match what shows up in $_SERVER, is case sensitive (e.g. badQueryString not BadQueryString) */
$htaccessErrors[] = 'badQueryString:'.getenv("REDIRECT_badQueryString");
}
I cover in some depth in http://lcblog.lernerconsult.com/2013-server-alert-you-file-not-found-errors/
我在http://lcblog.lernerconsult.com/2013-server-alert-you-file-not-found-errors/中进行了深入介绍
