WordPress Hijacks non-wp mod_rewrite rules

  • Hi there

    I hope someone can help confirm this is a major bug in WP2.0.

    It appears as soon as you include the wp-blog-header.php file into any non-Wordpress file, WordPress will hijack the mod_rewrite rules and cause the non-Wordpress rules to be completely ignored.

    Let me demonstrate.

    I’ve got a calendar on my site which is simply a php (calendar.php) file that simply includes the appropriate static html file depending on the year and month passed to it.

    In it’s simplest form, the code looks as follows:


    <?php
    require_once('../blog/wp-blog-header.php');
    get_header();
    include "$_GET[y]-$_GET[m].html";
    get_footer();
    ?>

    (The actual file has more error checking etc in it).

    I’ve included require_once('../blog/wp-blog-header.php'); so that I can use the get_header() and get_footer() functions to ensure a uniform look.

    Now calling https://www.example.com/cal-data/calendar.php?m=3&y=2006 will cause the 2006-3.html file to be included in the output. This works a treat.

    Now to keep things uniform, I’ve add a mod_rewrite rule manually to my .htaccess file as follows:


    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteRule ^calendar/?([0-9]{4})?/?([0-9]+)?/?$ /cal-data/calendar.php?m=$2&y=$1 [QSA,L]
    </IfModule>

    (The RewriteRule line is one line in my file).

    I added the rewrite rule to the top of my .htaccess file above the WordPress section.

    Now at face value, everything should work based on the fact the .htaccess is read from top to bottom, with each rule being matched one at a time, thus my rule should be found before any of the WordPress rules. This is exactly how it worked in WP 1.5.2.

    In practice, when viewing the page in Firefox, it appears there are no problems, that is until you view the HTTP headers (using the Live HTTP Headers plugin). It becomes very clear that a 404 status code is sent. IE/wget/curl just barf at the first hurdle and stop at the 404 error.

    This shouldn’t be happening. The .htaccess file is read top to bottom and each rule is read one at a time until a match is found. As my calendar rule is the first in the file, it should be found and as I’ve got “L” flag set, processing should stop there and the rest of the file ignored.

    However, after a bit of testing, I discovered that merely including the require_once('../blog/wp-blog-header.php'); line in my file causes the 404 errors to occur. I don’t even have to call any WordPress functions. If I don’t attempt to integrate my calendar into WordPress using this method, then I no longer get the 404 error.

    This looks like a major bug to me as it stops people from “embedding” their own pages with their own rewrite rules into WP without actually creating a plugin.

    As I said before, this all used to work without any problems in WP 1.5.2

Viewing 8 replies - 1 through 8 (of 8 total)
  • Thread Starter lildude

    (@lildude)

    Update: It seems IE 6 and later don’t have a problem viewing the page, however the 404 error is still there.

    Thanks for investigating this further Colin. Can we get some feedback from the WP developers please?

    From my own observations and debugging it would appear to me that wp2.0 has _serious_ issues with the way it handles mod_rewrite.

    I ran into a different, but not unrelated issue, with permalinks for certain categories:
    https://www.mneylon.com/blog/archives/2006/01/19/wordpress-2-permalink-issues/

    I’m seriously considering downgrading to wp 1.5* .

    That is the main reason why i still not upgrading to wp 2.0

    Argh! No resolution to this issue yet? I was tearing my hair out trying to get this going with Simple PHP Gallery. It looks like it’s working fine until you try IE6 or actually check the headers.

    Oh the frustration! Oh the humanity!

    I even blamed my hosting on this problem, it just seemed like an Apache bug to me. Now I know the aweful truth.

    Hopefully this will be resolved in the future. Is there ANY workaround for this?

    Is this still an issue? It seems to be the problem I am experiencing with two sites I just upgraded as well.

    Hey guys, I’m not sure how many wp developers ever actually wander by (granted, I wouldn’t know one if I bumped into him/her!).

    You might have a go at the mailing lists though – they seem to be much more active there. https://codex.www.ads-software.com/Mailing_Lists

    Thread Starter lildude

    (@lildude)

    Just an update for anyone who stumbles on this post. The problem still exists and I’m working on what exactly causes it and how to fix it. At the moment the work-around is to include wp-config.php instead of wp-blog-header.php.

    I’ll update this thread with my findings.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘WordPress Hijacks non-wp mod_rewrite rules’ is closed to new replies.