#############################################################################
##### Flyspray .htaccess Config. To be used with Apache Server ###
##### Check for Mod-Rewrite module ############################################
#### rename this file to .htaccess to use these features
###############################################################################

AddDefaultCharset utf-8

DirectoryIndex index.php index.html

# Mod security conflicts with flyspray and you do not need it here

#for mod_security 1
<IfModule mod_security.c>
   SecFilterEngine Off
</IfModule>
#modsecurity 2
<IfModule security2_module>
   SecRuleEngine Off
</IfModule>

# php5 as  apache 1/2 module
<IfModule mod_php5.c>
php_flag register_globals Off
php_flag magic_quotes_gpc Off
php_flag session.use_trans_sid 0
php_flag session.auto_start 0
php_flag short_open_tag off
php_flag register_argc_argv Off
php_flag register_long_arrays Off
#not for now, flyspray has it's own filters.
php_value filter.default "unsafe_raw"
php_flag always_populate_raw_post_data Off
</IfModule>

# php4 as **apache 2** module
<IfModule sapi_apache2.c>
php_flag register_globals Off
php_flag magic_quotes_gpc Off
php_flag session.use_trans_sid 0
php_flag session.auto_start 0
php_flag short_open_tag off
php_flag register_argc_argv Off
php_value filter.default "unsafe_raw"
php_flag always_populate_raw_post_data Off
</IfModule>

# We only use POST GET and HEAD (implicit)
<LimitExcept POST GET>
	Deny From All
</LimitExcept>

# hide possible development files
<Files ~ "^composer\.(json|lock|phar)$">
	deny from all
</Files>

# Some hostings have autocorrection of minor misspelled URLs enabled.
# We do not want that for Flyspray as it could lead to subtile unwanted behavior.
<IfModule mod_speling.c>
	CheckSpelling Off
</IfModule>

# probably mod_negotiation plays foul with mod_rewrite on this two rules:
#     RewriteRule ^index$ index.php?do=index [L,QSA]
#     RewriteRule ^index/proj([0-9]+)$ index.php?do=index&project=$1 [L,QSA]
# So try to deactivate it by -MultiViews (which is sadly not possible in every web hosting environment - gives error500)
#Options -MultiViews

<IfModule mod_rewrite.c>
RewriteEngine on

# Set RewriteBase to urlpath where Flyspray is accessible.
RewriteBase /
# Use this if Flyspray is accessible from a subdirectory of your domain.
#RewriteBase /flyspray/

# You can force TLS/SSL by uncommenting this 2 lines if you have a valid certificate for your domain
#RewriteCond %{HTTPS} !=on
#RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# In the case of TLS/SSL available, set also session.cookie_secure=1
# so that the session cookie can't be sniffed by Man-in-the-Middle or same network.
# Depends on your server setup/webhosting if done in php.ini, .user.ini or somehow/somewhere else.
# Ask your web hoster if you don't know.

# used for enabling url_rewriting check in admin prefs
RewriteRule . - [E=HTTP_MOD_REWRITE:On]

RewriteRule ^.*\?do=admin&area=prefs$ index.php?do=admin&area=prefs [L,QSA]

RewriteRule ^([0-9]+)$ index.php?do=details&task_id=$1 [L,QSA]
RewriteRule ^task/([0-9]+)$ index.php?do=details&task_id=$1 [L,QSA]
RewriteRule ^task/([0-9]+)comment([0-9]+)$ index.php?do=details&task_id=$1comment$2 [L,QSA]
RewriteRule ^task/([0-9]+)/depends$ index.php?do=depends&task_id=$1 [L,QSA]
RewriteRule ^task/([0-9]+)/depends&prune=([0-9]+)$ index.php?do=depends&task_id=$1&prune=$2 [L,QSA]
RewriteRule ^task/([0-9]+)/edit$ index.php?do=details&task_id=$1&edit=yep [L,QSA]

RewriteRule ^newtask$ index.php?do=newtask [L,QSA]
RewriteRule ^newtask/proj([0-9]+)$ index.php?do=newtask&project=$1 [L,QSA]
RewriteRule ^newtask/proj([0-9]+)/supertask([0-9]+)$ index.php?do=newtask&project=$1&supertask=$2 [L,QSA]

RewriteRule ^reports/proj([0-9]+)$ index.php?do=reports&project=$1 [L,QSA]
RewriteRule ^myprofile$ index.php?do=myprofile [L,QSA]
RewriteRule ^user/([0-9]+)$ index.php?do=user&id=$1 [L,QSA]
RewriteRule ^logout$ index.php?do=authenticate&logout=1 [L,QSA]

RewriteRule ^admin/([a-zA-Z]+)$ index.php?do=admin&area=$1 [L,QSA]
RewriteRule ^pm/proj([0-9]+)/([a-zA-Z]+)$ index.php?do=pm&project=$1&area=$2 [L,QSA]

RewriteRule ^admin/editgroup/([0-9]+)$ index.php?do=admin&area=editgroup&id=$1 [L,QSA]
RewriteRule ^pm/editgroup/([0-9]+)$ index.php?do=pm&area=editgroup&id=$1 [L,QSA]
RewriteRule ^edituser/([0-9]+)$ index.php?do=admin&area=users&user_id=$1 [L,QSA]
RewriteRule ^register$ index.php?do=register [L,QSA]
RewriteRule ^lostpw$ index.php?do=lostpw [L,QSA]

# gantt and team are experimental pagetypes not within FS1.0 
RewriteRule ^gantt/proj([0-9]+)$ index.php?do=gantt&project=$1 [L,QSA]
RewriteRule ^kanban$ index.php?do=kanban [L,QSA]
RewriteRule ^kanban/proj([0-9]+)$ index.php?do=kanban&project=$1 [L,QSA]
RewriteRule ^team$ index.php?do=team [L,QSA]
RewriteRule ^team/proj([0-9]+)$ index.php?do=team&project=$1 [L,QSA]

RewriteRule ^roadmap$ index.php?do=roadmap [L,QSA]
RewriteRule ^roadmap/proj([0-9]+)$ index.php?do=roadmap&project=$1 [L,QSA]
RewriteRule ^toplevel$ index.php?do=toplevel [L,QSA]
RewriteRule ^toplevel/proj([0-9]+)$ index.php?do=toplevel&project=$1 [L,QSA]
RewriteRule ^tasklist$ index.php?do=tasklist [L,QSA]
RewriteRule ^tasklist/proj([0-9]+)$ index.php?do=tasklist&project=$1 [L,QSA]

# homepage (can be tasklist, toplevel, or roadmap; maybe gantt in future too)
RewriteRule ^index$ index.php?do=index [L,QSA]
RewriteRule ^index/proj([0-9]+)$ index.php?do=index&project=$1 [L,QSA]
RewriteRule ^newmultitasks/proj([0-9]+)$ index.php?do=newmultitasks&project=$1 [L,QSA]

RewriteRule ^proj([0-9]+)/dev([0-9]+)$ index.php?project=$1&do=index&dev=$2 [L,QSA]
RewriteRule ^proj([0-9]+)$ index.php?project=$1 [L,QSA]

</IfModule>

<IfModule mod_env.c>
#SetEnv HTTP_HTACCESS_ENABLED on
</IfModule>
