In the early days of web, when pages were static *.html files, there was a 1-1 relation (~mapping) between a URL path and the actual file path on the server.

For example, if someone was asking for:

... the web server was actually serving “fuse.html” from the directory /products/electronics”.

It was mid 1998 when Apache 1.3, featuring the famous mod_rewrite module, gave webmasters the ability to decouple physical file structure from the URL path. Around the same time, PHP 3.x and server side scripting in general, were starting to transform the web into the dynamic medium it is today.

The main entrance

The above straightforward design of serving requests is still alive and used by many popular dynamic systems. It is just that static *.html files are replaced with executable scripts. Unfortunately, this is like building a house, in the middle of nowhere, without outside walls and a main entrance. Since web visitors can arbitrarily execute whatever script they enter in the URL, developers must take an extra step to prevent this from happening.

This is usually done as following:

  • For directories having both types of scripts (those meant to be executed and those meant to be included), they add an inclusion guard (~software trap) in the beginning of the included scripts, so that they throw an error if some predefined variable (apparently defined in a master script) does not exist.
  • For directories having no direct (from the URL) executable script, they add a void index.html file and/or an .htaccess protector, depending on its contents.

There is another method for handling requests, which has its roots to the MVC design pattern and the related frameworks that were built upon it. It is known as Front Controller and refers to a single script that acts as a “receptionist”, which directs (~routes) requests to other scripts (~controllers) according to their context (pages, images, etc). This is what zoglair is using.

The Front Controller design offers the following benefits:

  • Complete separation (~decoupling) of URLs and physical layout. Since only one file is ever directly executed (index.php) and all others are practically included, file structure is irrelevant to the outside world. This means freedom to (re)arrange things at will.
  • No worries about inclusion guards, void indexes and directory protections. An additional step to the security ladder.
(C) Nick B. Cassos - All Rights Reserved
powered by zoglair
page generated in 46ms (11 queries, 8ms)