So I implemented that mod_rewrite hack (but added string sanitizing, etc.) on a project for a client.
The other morning, it failed spectacularly. It was definitely one of those “But it worked fine yesterday” moments that we all love.
In this instance, the host uses cPanel (an out-of the-box hosting solution), and I was not able to specify a custom 404 page (neither via the .htaccess nor the unaccessible virtual server config). I could do a custom 404 page though – it would create a 404.shtml file in the pubilc_html folder. Just fuckin’ dandy. SHTML is pretty much worthless.
What I was able to do, however, is add a custom handler in the .htaccess that says “hey Apache, treat .shtml files as if they are really PHP files!” like so:
AddHandler application/x-httpd-php .shtml
Apache was parsing the PHP code in the .shtml document. Every it seemed, would be all right.
Fast forward a few months to the other morning. Instead of processing the PHP code in the 404.shtml, it was printing it out. BAD. Turns out, the web host updated to PHP5 overnight. As you very well may know or have surmised, PHP4 and PHP5 are handled very differently on the server level.
Now, the humble little .htaccess that looks like this:
AddHandler application/x-httpd-php5 .shtml
Don’t you love how those one character differences make all the difference in the world? How nobody was notified? How they didn’t anything in place so that all would be backwards compatible and therefore gravy-like?