php - How to add an extra directory in url that works in htaccess and match a selected post? - Stack Overflow

admin管理员组

文章数量:1345291

I have googled a lot, but I can't find the right answer, so I'm asking a question here. It's about htaccess and url for a simple website I'm building with php code. This is how a url currently looks like:

www.example/flowers-and-garden/white-flowers-in-spring

What I want to achieve is an extra directory for the name of the year 2025 in the url when I make a new post. And when I post next year a folder for 2026 in the url like this:

www.example/flowers-and-garden/2025/white-flowers-in-spring

I have made several attempts to change the code in the htaccess file, but it just gives me errors! I guess it's not just the code in htaccess that I need to change.

This is what part of the current code looks like in the htaccess file:

RewriteRule ^flowers-and-garden$ /?p=flowers-and-garden [L,QSA]

RewriteRule ^flowers-and-garden/(.+)$ /?p=post&id=$1 [L,QSA]

This is what my code currently looks like when someone select a post:

First the request:

{
$request = ($_GET["id"]);
}
else
{
$request = "start";
}

Then check if the requested post match post_path name in the table in the database like this:

$sql = "SELECT * FROM " . DB_TABLE_POSTS . " WHERE post_path='{$request}' AND post_status = 1 LIMIT 1;";

Instead of only check a match of the post white-flowers-in-spring in the table I need to check for a match of 2025/white-flowers-in-spring

How I should check if a requested post match a post in 2025 directory is what I need some help with and how to rewrite the code in htaccess and php. If anything is unclear in my question, please ask me! Thanks in advance!

I have googled a lot, but I can't find the right answer, so I'm asking a question here. It's about htaccess and url for a simple website I'm building with php code. This is how a url currently looks like:

www.example/flowers-and-garden/white-flowers-in-spring

What I want to achieve is an extra directory for the name of the year 2025 in the url when I make a new post. And when I post next year a folder for 2026 in the url like this:

www.example/flowers-and-garden/2025/white-flowers-in-spring

I have made several attempts to change the code in the htaccess file, but it just gives me errors! I guess it's not just the code in htaccess that I need to change.

This is what part of the current code looks like in the htaccess file:

RewriteRule ^flowers-and-garden$ /?p=flowers-and-garden [L,QSA]

RewriteRule ^flowers-and-garden/(.+)$ /?p=post&id=$1 [L,QSA]

This is what my code currently looks like when someone select a post:

First the request:

{
$request = ($_GET["id"]);
}
else
{
$request = "start";
}

Then check if the requested post match post_path name in the table in the database like this:

$sql = "SELECT * FROM " . DB_TABLE_POSTS . " WHERE post_path='{$request}' AND post_status = 1 LIMIT 1;";

Instead of only check a match of the post white-flowers-in-spring in the table I need to check for a match of 2025/white-flowers-in-spring

How I should check if a requested post match a post in 2025 directory is what I need some help with and how to rewrite the code in htaccess and php. If anything is unclear in my question, please ask me! Thanks in advance!

• php
• sql
• .htaccess
• url

Share Improve this question Follow asked yesterday 3D-kreativ3D-kreativ 9,3213737 gold badges106106 silver badges162162 bronze badges 16

• Are you struggling with the PHP part, the SQL part, or anything in the htaccess file? Also, be warned that the given SELECT query is highly vulnerable for SQL injection. Have a look at prepared statements to avoid getting hacked – Nico Haase Commented yesterday
• Your second rule should rewrite this to /?p=post&id=2025/white-flowers-in-spring, and if 2025/white-flowers-in-spring is what you have in your post_path column in the database, it should work. So what exactly is the problem? Be more specific than "it just gives me errors", please. – C3roe Commented yesterday
• @NicoHaase I'm struggling with all of them (PHP, SQL and htaccess). Concerning the SELECT query I sanitize the $id request and I also limit the length of the $id request. If it's longer then like 35 characters the visitor is redirected to the startpage or an error page. Isn't that a good protection? – 3D-kreativ Commented yesterday
• 1 Please add all clarification to your question by editing it. Sanitizing the user-specified data for an SQL query looks strange to me - why not use prepared statements instead? Also, what exactly is not working with the given SQL query? – Nico Haase Commented yesterday
• 1 "I thought sanitizing the input was good" - it can be, but then you are playing "I think I'm smarter than a hacker". – Chris Haas Commented yesterday

 |  Show 11 more comments

1 Answer 1

Sorted by: Reset to default 2

.htaccess Configuration

RewriteEngine On

# Optional: support the old format without year
RewriteRule ^flowers-and-garden/([^/]+)$ /?p=post&id=$1 [L,QSA]

# New format: with year (e.g., 2025/white-flowers-in-spring)
RewriteRule ^flowers-and-garden/([0-9]{4})/([^/]+)$ /?p=post&id=$1/$2 [L,QSA]

This will rewrite the URL to something like: ?p=post&id=2025/white-flowers-in-spring

PHP Code

$request = $_GET['id'] ?? 'start';

Now $request will be something like: 2025/white-flowers-in-spring SQL Query Using Prepared Statement

$sql = "SELECT * FROM posts WHERE post_path = :path AND post_status = 1 LIMIT 1";
$stmt = $pdo->prepare($sql);
$stmt->execute(['path' => $request]);
$post = $stmt->fetch();

This is safer and protects from SQL injection. Optional: Year and Slug in Separate Columns

list($year, $slug) = explode('/', $request);

$sql = "SELECT * FROM posts WHERE post_year = :year AND post_slug = :slug AND post_status = 1 LIMIT 1";
$stmt = $pdo->prepare($sql);
$stmt->execute([
    'year' => $year,
    'slug' => $slug
]);
$post = $stmt->fetch();

Let me know if you need help redirecting old URLs or generating links dynamically.

本文标签： phpHow to add an extra directory in url that works in htaccess and match a selected postStack Overflow