Tag Archive: .htaccess

There might be an easier way of doing this but i’ve been working on a project which needed the following which i have done as a simple single php page and thought i’d share it in case anyone wants to do the same thing.

1. Error page generated by dynamic pages
   (using any code; 403, 404 etc)
2. Error page to handle genuine errors
   (404 ‘Not Found’, 403 ‘Forbidden’ etc)
3. Forbid visitors from visiting sensitive areas/directories
   also returning 403 ‘forbidden’ header.
   (e.g. /images, /css /javascript, /ajax etc)

Download all these files: http-error-code.zip

instructions for use are commented within the error.php code but in summary:

You need to create a .htaccess entry for each error code:

Code for .htaccess:


ErrorDocument 403 /error/error.php
ErrorDocument 404 /error/error.php


For forbidden folders just add this code into a file called index.php then put this file into the folder that you want to forbid directory listing for:

Code for index.php:

<?php
// Set response code
$error = 403; //Forbidden
// include the error page (
include ($_SERVER['DOCUMENT_ROOT'].'/error/error.php'); // assuming "/error/error.php" is the location/name of this file
// stop processing the current page
exit();
?>


Save this code to a file called error.php and save to yourdomain.com/errors/error.php

Code for error.php:

<?php
/*
------------------------------------------
PHP Response Header / Error Page Generator
------------------------------------------
Created by Alan Hart (www.alanhart.co.uk)
19/09/2011
------------------------------------------

To generate response from another page, as a result of incorrect database query or invalid content etc just add this code:
(make sure no page output has been generated before this include)

<?php
// Set response code
$error = 403; //Forbidden
// include the error page (
include ($_SERVER['DOCUMENT_ROOT'].'/error/error.php'); // assuming "/error/error.php" is the location/name of this file
// stop processing the current page
exit();
?>

-------------------------------------------------------
TIP:
-------------------------------------------------------
Hide the default directory listing for a folder
e.g. /images, /css, /java etc.

1. create a blank file called index.php
2. paste the php code above into the file
3. place it inside the folder
-------------------------------------------------------
*/

// ------------------------------
// THE CODE...
// ------------------------------

// if the error code has been set by referring page:
if ($error <> ""){
// Use the error code from referring page
$code = $error;
} else {
// Use the error code from server
$code = $_SERVER['REDIRECT_STATUS'];
}

// set $path variable to the requested path/uri
$path = $_SERVER['REQUEST_URI'];

// Create array with error codes and messages
// You must add a line to .htaccess for each code used here.
// e.g.
// ErrorDocument 403 /error/error.php
// ErrorDocument 404 /error/error.php
// etc...
// (assuming /error/error.php is the location/name of this file)

// Common Error Codes / Responses:
$response['403'] = array('title' => '403 Forbidden', 'message' => 'The server has refused to fulfill your request.
You do not have permission to access '.$path.' on this server.');
$response['404'] = array('title' => '404 Not found', 'message' => 'The document/file requested was not found on this server.') ;
$response['405'] = array('title' => '405 Method Not Allowed', 'message' => 'The method specified in the Request-Line is not allowed for the specified resource.') ;
$response['408'] = array('title' => '408 Request Timeout', 'message' => 'Your browser failed to send a request in the time allowed by the server.') ;
$response['500'] = array('title' => '500 Internal Server Error', 'message' => 'The request was unsuccessful due to an unexpected condition encountered by the server.') ;
$response['502'] = array('title' => '502 Bad Gateway', 'message' => 'The server received an invalid response from the upstream server while trying to fulfill the request.') ;
$response['504'] = array('title' => '504 Gateway Timeout', 'message' => 'The upstream server failed to send a request in the time allowed by the server.') ;

// Other header response codes (not necessarily errors) that you may want to use:
// $response['100'] = array('title' => '100 Continue', 'message' => 'Continue')
// $response['101'] = array('title' => '101 Switching Protocols', 'message' => 'Switching Protocols')
// $response['200'] = array('title' => '200 OK', 'message' => 'OK') // *Not an error so should never be handled by this script*
// $response['201'] = array('title' => '201 Created', 'message' => 'Created')
// $response['202'] = array('title' => '202 Accepted', 'message' => 'Accepted')
// $response['203'] = array('title' => '203 Non-Authoritative Information', 'message' => 'Non-Authoritative Information')
// $response['204'] = array('title' => '204 No Content', 'message' => 'No Content')
// $response['205'] = array('title' => '205 Reset Content', 'message' => 'Reset Content')
// $response['206'] = array('title' => '206 Partial Content', 'message' => 'Partial Content')
// $response['300'] = array('title' => '300 Multiple Choices', 'message' => 'Multiple Choices')
// $response['301'] = array('title' => '301 Moved Permanently', 'message' => 'Moved Permanently') // *Not an error so should never be handled by this script*
// $response['302'] = array('title' => '302 Found', 'message' => 'Found')
// $response['303'] = array('title' => '303 See Other', 'message' => 'See Other')
// $response['304'] = array('title' => '304 Not Modified', 'message' => 'Not Modified')
// $response['305'] = array('title' => '305 Use Proxy', 'message' => 'Use Proxy')
// $response['307'] = array('title' => '307 Temporary Redirect', 'message' => 'Temporary Redirect') // *Not an error so should never be handled by this script*
// $response['400'] = array('title' => '400 Bad Request', 'message' => 'Bad Request')
// $response['401'] = array('title' => '401 Unauthorized', 'message' => 'Unauthorized')
// $response['402'] = array('title' => '402 Payment Required', 'message' => 'Payment Required')
// $response['406'] = array('title' => '406 Not Acceptable', 'message' => 'Not Acceptable')
// $response['407'] = array('title' => '407 Proxy Authentication Required', 'message' => 'Proxy Authentication Required')
// $response['409'] = array('title' => '409 Conflict', 'message' => 'Conflict')
// $response['410'] = array('title' => '410 Gone', 'message' => 'Gone')
// $response['411'] = array('title' => '411 Length Required', 'message' => 'Length Required')
// $response['412'] = array('title' => '412 Precondition Failed', 'message' => 'Precondition Failed')
// $response['413'] = array('title' => '413 Request Entity Too Large', 'message' => 'Request Entity Too Large')
// $response['414'] = array('title' => '414 Request-URI Too Large', 'message' => 'Request-URI Too Large')
// $response['415'] = array('title' => '415 Unsupported Media Type', 'message' => 'Unsupported Media Type')
// $response['416'] = array('title' => '416 Requested range not satisfiable', 'message' => 'Requested range not satisfiable')
// $response['417'] = array('title' => '417 Expectation Failed', 'message' => 'Expectation Failed')
// $response['418'] = array('title' => '418 I\'m a teapot', 'message' => '(RFC 2324) Hyper Text Coffee Pot Control Protocol')
// $response['501'] = array('title' => '501 Not Implemented', 'message' => 'Not Implemented')
// $response['503'] = array('title' => '503 Service Unavailable', 'message' => 'Service Unavailable')

// get the relevant title from array
$title = $response[$status]['title'];

// get the relevant message from array
$message = $response[$status]['message'];

// return message if error code provided isn't in the $codes array
if ($title == false || strlen($code) != 3) {
$message = 'Please supply a valid status code.';
}
// Return response header(s) with relevant code
header("HTTP/1.1 ".$title);

// Customise the page to be displayed below...

// -------------------------------------------------------
// You can use the variables $title and $message in the page
// -------------------------------------------------------
// e.g.
//        echo "<h2>".$title."</h2><p>".$message."</p>";
// -------------------------------------------------------

// -------------------------------------------------------
// !! IMPORTANT !!
// -------------------------------------------------------
// if you want to include a header / footer in the page displayed
// make sure you use $_SERVER['DOCUMENT_ROOT'] in your include code
// e.g.
//         include($_SERVER['DOCUMENT_ROOT']."/inc/header.php");
//
// this ensures the header/footer path is always correct
// e.g.
//        actual path of header.php = "http://www.domain.com/inc/header.php"
//         if path/uri is "domain.com/foo/" header path would incorrectly become "domain.com/foo/inc/header.php"
//        if path/uri is "domain.com/foo/bar/" header path would incorrectly become "domain.com/foo/bar/inc/header.php"
// -------------------------------------------------------

?>
<?php
// Include your own header here
//         include($_SERVER['DOCUMENT_ROOT']."/inc/header.php");
// or use HTML as below
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Error: <?php print $title;?></title>
</head>
<body>
<center>
<?php echo '<h2>'.$title.'</h2><p>'.$message.'</p>'; ?>
</center>
<?php
// Include your own footer here
//         include($_SERVER['DOCUMENT_ROOT']."/inc/footer.php");
// or use HTML as below
?>
</body>
</html>