improve 404 behavior

diff --git a/.htaccess b/.htaccess
index af54bb2..3847e70 100644 (file)
--- a/.htaccess
+++ b/.htaccess
@@ -7,9 +7,7 @@ DirectoryIndex disabled
 AddDefaultCharset UTF-8
 AddCharset UTF-8 .css
 RewriteEngine  on
-RewriteRule    ^[^/.]*$  /wfpl_main.php [L]
-# Close loophole in security restriction/exception below
-RewriteRule    ^.*/.*wfpl_main.php$  /error_404 [L,R]
+RewriteRule ^[^/.]*$ /wfpl_main.php [L]
 
 <FilesMatch "\.(css|jpg|png)$">
        ExpiresActive On
@@ -23,10 +21,9 @@ SetHandler default-handler
 Options SymlinksIfOwnerMatch
 php_flag engine off
 RemoveHandler .cgi .php .php3 .php4 .php5 .phtml .pl .py .pyc .pyo
-# Exception: allow access to wfpl_main.php
-#
-# this allows access to any files named "wfpl_main.php" anywhere, so there's a
-# rewrite rule above to use the top-level one, no matter which was requested.
+# code execution exception: allow only /wfpl_main.php
+# <Files> matches regardless of directory/path, so rewrite php in subdirs
+RewriteRule ^.*/.*\.php$ - [L,R=404]
 <Files "wfpl_main.php">
        php_flag engine on
        SetHandler application/x-httpd-php

diff --git a/error_404.html b/error_404.html
new file mode 100644 (file)
index 0000000..c5e8269
--- /dev/null
+++ b/error_404.html
@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+       <title>~$title show {~404: File Not Found~}~</title>
+</head>
+<body>
+       <!--~$body show {~-->
+               <h1>404: File Not Found</h1>
+
+               <p>Oops, we don't have a page at <code>~path html~</code></p>
+
+               <p>If you got here by clicking a link on this site, please let us know where we can find that broken link.</p>
+       <!--~}~-->
+       
+</body>
+</html>

diff --git a/error_404.php b/error_404.php
new file mode 100644 (file)
index 0000000..9c9d958
--- /dev/null
+++ b/error_404.php
@@ -0,0 +1,5 @@
+<?php
+
+function error_404_main() {
+       tem_set('path', $_SERVER['REQUEST_URI']);
+}