All Activity

Right, so the error is telling you that the CA is untrusted. Aside from that, you should not be using the same cert for the client and the server. You need to generate a client cert for the client, and the CN's for each cert should be different. The MySQL manual has a walk through of process: https://dev.mysql.com/doc/refman/5.7/en/creating-ssl-files-using-openssl.html

I am uaing mariadb 11

I am attempting to create a connection to my database that I have set up with SSL. It is saying "Cannot make a connection to the database" The error in the apache log is as follows: [Sun Aug 03 02:27:59.418655 2025] [php:notice] [pid 176919] [client 71.244.230.195:62660] Database Connection Failed: SQLSTATE[HY000] [2006] MySQL server has gone away The error in mysql log is as follws: 2025-08-03 2:27:59 8 [Warning] Aborted connection 8 to db: 'unconnected' user: 'unauthenticated' host: 'web2.dataguy2020.com' (This connection closed normally without authentication) I have created a .env file that has information as follows: APP APP_NAME=MyApp APP_ENV=dev COMMUNITY_NAME="Community Name" CONTACT_EMAIL="[email protected]" CONTACT_PHONE="555-555-5555" #Database DB_HOST="domain.to.sqlhost.com" DB_PORT=3306 DB_NAME="databseName" DB_USER="username" DB_PASS="password" #Database Connection Certs DB_CA="/path/to/cacert.pem" DB_CERT="/path/to/cert.pem" DB_CERT_KEY="/path/to/key.pem" My classes/Database class is as follows: <?php require __DIR__ . "/../vendor/autoload.php"; use Dotenv\Dotenv; class Database { private PDO $pdo; public function __construct() { $parentDirectory = dirname(__DIR__); $dotenv = Dotenv::createImmutable($parentDirectory, '.env'); $dotenv->load(); // echo "<pre>"; // Use <pre> for formatted output in a browser //foreach ($_ENV as $key => $value) { // echo "$key = $value\n"; //} //echo "</pre>"; $dbHost = $_ENV['DB_HOST']; $dbName = $_ENV['DB_NAME']; $dbUser = $_ENV['DB_USER']; $dbPass = $_ENV['DB_PASS']; $dbca = $_ENV['DB_CA']; $dbcert = $_ENV['DB_CERT']; $dbkey = $_ENV['DB_CERT_KEY']; $dsn = "mysql:host=$dbHost;dbname=$dbName;charset=utf8mb4"; $options = [ PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, // PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, PDO::ATTR_EMULATE_PREPARES => false, // SSL/TLS options PDO::MYSQL_ATTR_SSL_CA => $dbca, // Path to CA certificate PDO::MYSQL_ATTR_SSL_CERT => $dbcert, // Path to client certificate (if required) PDO::MYSQL_ATTR_SSL_KEY => $dbkey, // Path to client key (if required) PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false // Verify server's SSL certificate ]; try { $this->pdo = new PDO($dsn, $dbUser, $dbPass, $options); //$this->pdo = new PDO($dsn, $this->username, $this->password, $options); $this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $this->pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch(PDOException $e) { //Handle connection errors error_log("Database Connection Failed: " . $e->getMessage()); die("Could not connect to the database."); } //end of catch } //end of function public function getConnection(): PDO { return $this->pdo; } } //end of class At the bottom of my index.php I have the following as I am using this as a test <?php include_once ('classes/Database.php'); $db = new Database(); $pdo = $db->getConnection(); if ($pdo) { echo "Database Connection was successful"; } else { echo "Database Connection has failed"; } ?> What shows up in the browser is "Database Connection has failed" In /etc/mysql/mariadb.conf.d I have configured both the server the client. They are both using the same certificates as they are connection from the same server for now. I am looking at expanding the number of database hosts. The 50-client.conf has the following information [client] # Example of client certificate usage ssl-cert = /path/to/cacert.pem ssl-key = /path/to/key.pem ssl_cert = /path/to/cert.pem ssl-cipher=ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256 tls_version = TLSv1.2 The 50-server.conf contains the following information ssl_ca = /etc/mysql/ssl/chain.pem ssl_cert = /etc/mysql/ssl/cert.pem ssl_key = /etc/mysql/ssl/privkey.pem require-secure-transport = on #ssl_cipher="DHE-RSA-AES128-GCM-SHA256:AES128-SHA" ssl_cipher="ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384" tls_version = TLSv1.2,TLSv1.3 When I attempt to run the following error I get the following error: mysql -h localhost -u #username --ssl-cert=/path/to/cert.pem --ssl-key=/path/to/key.pem --ssl-ca=/path/to/cacert.pem ERROR 2026 (HY000): TLS/SSL error: tlsv1 alert unknown ca Other key things to know is that I created these certs with certbot. I am not sure if that is what is the cause of these errors or not. I am doing the following ssl_cert = cert.pem that is generated ssl_ca = fullchain.pem that is generated ssl_key = privkey.pem that is generated Any assistance would be great!

Hell, Considering ... $imap = your connection to your imap server & E-Mail account etc . //$status = imap_setflag_full($imap , "1", "\SEEN" ); Sets as READ // $status = imap_clearflag_full($imap , "1", "\Seen" ); // SETS as UN Read echo gettype($status) . "\n"; echo $status . "\n"; imap_close($imap);

Hello, I found it :~) :~) PHP had a Hidden function :~/ = imap_clearflag_full() That Works :~) Marks as READ :~) BRILL :~) Ta Sid

Hello, I have been looking at this for 2 days now :~( Can anyone help ? I have a script that gets messages from my imap account and runs through them to get uids :~) BUT I need to Mark some as READ I have found imap_setflag_full() which uses \\SEEN as a Flag to set read, but I need to set Unread ! google etc says remove \\SEEN to set Unread BUT that does Not work ! Am I doing something wrong ? Can you suggest ? Thank-You Sid

I'm sorry for the incredibly long delay in replying to these, but I just wanted to say a big thank you for all your help. Have got it working now!

This is a problem you will encounter when you have code in production and need to update it. You'll need some way to "cache bust" files that users have already cached locally or they will continue to use the old version. For development, if you develop using Chrome, you can install an extension. I have used this one for a long time and it is safe and reliable: https://chromewebstore.google.com/detail/clear-cache/cppjkneekbjaeellbfkmgnhonkkjfpdn Make sure you set it up to pin the button to the extension window, and then when you need to test, you can click it will clear cached items for the site you are working on.

Paul-D: I've redacted a few things in your post as a courtesy but you can safely assume it's already out there on the internet. Be more careful in the future. Shame about the email addresses too.

I'd suggest changing your MySQL password now that you've posted it in a forum

Thanks. I need single quotes around ':ThisDate' working fine now. Thanks again.

Named arguments need to be quoted. An example from: https://www.php.net/manual/en/pdostatement.execute.php $sth->execute( array( ':calories' => $calories, ':colour' => $colour ) ); "Unexpected" colons in the middle of PHP code gives it indigestion. Regards, Phill Ward.

Hi I have an error on a web page Parse error: syntax error, unexpected token ":", expecting "]" in /vhost/r/e/d/redacted/www/secure/SecurePDO.php on line 256 The Code page with all the relevant functions is this. This worked before I converted from my_sql to PDO. Have checked this over and it seems to comply. function StoreData($Page) at the very end of the file. Thanks for any help. x

browses cache content by default. on your development system, you must tell the browser to not cache the content of file types that you will be changing often during the development process. your web server likely/should already have a setting that outputs headers for .php files that tell the browser to not cache the content for the request. you need to add the .js and possibly .css/.html file extensions to this. for an apache web server, there would be an entry in the .htaccess file that looks like - <IfModule mod_headers.c> <FilesMatch "\.(php|js|css|html)$"> Header set Cache-Control "no-store, no-cache, must-revalidate, max-age=0" Header set Pragma "no-cache" </FilesMatch> </IfModule>

Updates: the same problem happens again when I suspend the device and I try to close LAMPP and start it again, and it works but the same question WHY this happened ?

Hello developers, When I was working on password generator website using PHP, I connect the main.js file to the index file and everything is okay and it works, but when I close the device and reopen it and open the project any change in the javascript file does not affect on the index file and when I open the inspect and see the sources the main.js file is constant at the code before I turn off the device, then I change the name of js file and reconnect it to the index.php and it works, and the question here WHY this happened? I wish anyone help me because in real life I will not change the name of the files everyday. NOTE: my OS is Ubuntu. Thank you.

You can specify either the width or the height for an image, and it will size to that. Generally speaking you want to pick one or the other, and allow the other dimension to be sized relative to the one you specify, otherwise the browser will attempt to fit the image which if the ratio of width/height doesn't match will cause the image to skew. What maxxd pointed out, is that the browser will download the full image either way, so if the image is much larger than the place where you are using it, clients will still have to pull down the full size image, which makes things slower and eats up more of your bandwidth. One very useful css property to be aware of is object-fit. I frequently use object-fit: cover in styles for images, although there are other options that might be better for your particular use cases. It's also very useful for backgrounds, as you can do things like this: .canvas__bg-img { height: 100%; width: 100%; object-fit: cover; opacity: 0.15; }

Okay. I can re size using the <img> tag but for video, found a solution <video width="640" height="480" controls> <source src="HosePipe.mp4" type="video/mp4"> Your browser does not support the video tag. </video>

If it's a very large image, you'll be better off resize it in an image editor and save the download time and bandwidth. Images should only be (about) as big (in pixel dimensions) as they're going to appear on the page at 100%, otherwise you're degrading the image integrity by resizing it in CSS. If it's just a little bit bigger than 100% (say, 10-20% maybe), you can give the image an id and use CSS to define the dimensions. Or, in a pinch, use the height and width attributes.

I know this is a simple one for you but I would like to display images on a web page but this is a large image. Can I put it in a container that fixes it's size. <body> <a href="BillBen.jpg">It's a plant.</a> </body> I might want to contain mp4 videos in this also. Thanks.

Not according to what you originally stated. You stated that for every request you wanted to "issue a reply quickly and start a timer." It was never clear if this was just a means to an end or not, because you didn't explain the problem you are trying to solve. What it does sound like at this point, is that you are trying to create your own home grown IDS or WAF, and you already got a suggestion from me, and a suggestion from requinix. For the most part people use fail2ban to drop annoying ssh bots and other similar port based traffic by bots and script kiddies trying brute force password attacks. It's written in Python, so it's not exactly light weight either, but it also has a simpler job in practice -- just count a small number of bad attempts and block the IP. That isn't going to work for something more sophisticated. This is why I suggested looking at OSSEC, and if it's more a WAF you want there are bunch of self hosted ones that also have FOSS versions like Safeline, Modsecurity and Bunkerweb.

You're right, it is a frequent requirement. It's so frequent that people don't implement these things themselves. If you want to monitor for "bad" activity and ban clients, that's literally what tools like fail2ban are made for.

Which is precisely why I'm trying to aggregate requests. I'd have thought that this would be such a frequent requirement that I'm surprised there isn't a ready-made solution.

It appears that writing PHP event handlers is simple and works well, and people have been using fullcalendar with PHP for some years now without issue. It's a fairly standard approach to wiring together js UI with PHP backend. Hopefully it's clear that you send and receive data in json format.

But what is the 1st task, and how is it connected to this? My kneejerk reaction is that there are FOSS IDS tools like OSSEC you should look into. Even if you continue to go forward, an asynchronous approach is going to be better. When your site is inevitably accessed by bots/spiders, the overhead of spawnng a php process for every request is likely one that you will regret.