# PHP轻论坛 v3.0 .htaccess 文件
# 伪静态规则

# 启用重写引擎
RewriteEngine On

# 设置基础路径（如果论坛不在网站根目录，请修改此项）
RewriteBase /

# 如果请求的是真实存在的文件或目录，则直接访问
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]

# 主题页面伪静态规则
RewriteRule ^topic-([0-9]+)(-.*)?\.html$ topic.php?id=$1 [L,QSA]

# 分类页面伪静态规则
RewriteRule ^category-([0-9]+)(-.*)?\.html$ category.php?id=$1 [L,QSA]

# 用户资料页面伪静态规则
RewriteRule ^user-([0-9]+)(-.*)?\.html$ profile.php?id=$1 [L,QSA]

# 分页伪静态规则
RewriteRule ^page-([0-9]+)\.html$ index.php?page=$1 [L,QSA]
RewriteRule ^category-([0-9]+)-page-([0-9]+)\.html$ category.php?id=$1&page=$2 [L,QSA]
RewriteRule ^topic-([0-9]+)-page-([0-9]+)\.html$ topic.php?id=$1&page=$2 [L,QSA]

RewriteRule ^edit-topic-([0-9]+)\.html$ edit_topic.php?id=$1 [L,QSA]


# 其他页面伪静态规则
RewriteRule ^login\.html$ login.php [L,QSA]
RewriteRule ^register\.html$ register.php [L,QSA]
RewriteRule ^logout\.html$ logout.php [L,QSA]
RewriteRule ^search\.html$ search.php [L,QSA]
RewriteRule ^new-topic\.html$ new_topic.php [L,QSA]
RewriteRule ^categories\.html$ categories.php [L,QSA]
RewriteRule ^forgot-password\.html$ forgot_password.php [L,QSA]

# 防止直接访问PHP文件
# 注意：如果启用此规则，需要确保所有PHP文件都有对应的伪静态规则
# RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*\.php
# RewriteRule ^(.*)\.php$ /$1.html [R=301,L]

# 错误页面
ErrorDocument 404 /404.html
ErrorDocument 403 /403.html
ErrorDocument 500 /500.html

# PHP设置
<IfModule mod_php7.c>
    # 设置PHP最大上传文件大小
    php_value upload_max_filesize 20M
    php_value post_max_size 20M
    
    # 设置PHP最大执行时间
    php_value max_execution_time 300
    
    # 设置PHP内存限制
    php_value memory_limit 128M
</IfModule>

# 缓存控制
<IfModule mod_expires.c>
    ExpiresActive On
    
    # 图片缓存1年
    ExpiresByType image/jpg "access plus 1 year"
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/gif "access plus 1 year"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType image/webp "access plus 1 year"
    ExpiresByType image/svg+xml "access plus 1 year"
    
    # CSS和JavaScript缓存1个月
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType text/javascript "access plus 1 month"
    ExpiresByType application/javascript "access plus 1 month"
    
    # HTML和数据文件不缓存
    ExpiresByType text/html "access plus 0 seconds"
    ExpiresByType application/json "access plus 0 seconds"
    ExpiresByType application/xml "access plus 0 seconds"
</IfModule>

# 压缩文件
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json
</IfModule>

# 安全设置
<IfModule mod_headers.c>
    # 防止点击劫持
    Header set X-Frame-Options "SAMEORIGIN"
    
    # XSS保护
    Header set X-XSS-Protection "1; mode=block"
    
    # 禁止MIME类型嗅探
    Header set X-Content-Type-Options "nosniff"
</IfModule>

# 禁止访问敏感文件
<FilesMatch "^(\.htaccess|\.htpasswd|config\.php|database\.php)$">
    Order Allow,Deny
    Deny from all
</FilesMatch>

# 禁止列出目录内容
Options -Indexes

