All Activity

Well, crap - I meant to link to the page as a whole, not the anchor tag. Thanks for the correction!

The DATEDIFF() function will give the difference in days. Use TIMESTAMPDIFF() which lets you the specify the units for the result. mysql> SELECT NOW(), timestampdiff(SECOND, '2025-04-26 20:30:00', NOW()) as diff; +---------------------+------+ | NOW() | diff | +---------------------+------+ | 2025-04-26 21:34:51 | 3891 | +---------------------+------+ 1 row in set (0.00 sec) mysql> SELECT NOW(), timestampdiff(MINUTE, '2025-04-26 20:30:00', NOW()) as diff; +---------------------+------+ | NOW() | diff | +---------------------+------+ | 2025-04-26 21:35:22 | 65 | +---------------------+------+ 1 row in set (0.00 sec)

Check out https://dev.mysql.com/doc/refman/8.4/en/date-and-time-functions.html#function_datediff

Hi I have a feild in DB that have time() like 2025-04-26 20:30:00. I want to check and get difference between curremt time and the time in DB. example: time in DB is 2025-04-26 20:30:00 current time is 2025-04-26 20:40:00 the time allowed is 15 minutes so from the above example its only passing 10 minutes and have 5 minutes left, how to calculate that?

First off, don't inject variables directly into a query like that - use prepared statements. Secondly, if it's not too late already I recommend switching to the PDO database interface - it's much easier to work with and reason about. Now, as to your actual question, set the value to null. $qry = " UPDATE login_users SET otp_reset = 0 ,otp_expiry = :exp WHERE username_email = :email "; $sql = $pdoObject->prepare($qry); $result = $sql->execute($qry, [ 'exp' => null, 'email' => $myusername ]); Admittedly, I've been in the land of Laravel for about 5 years now and am not entirely sure of my syntax above, so take it with a grain of salt...

Him I have an OTP sysem where the user will enter the OTP that was sent to their email, in the DB it is saving the OTP and the expiry after 15 minutes. After they use it, I need to delete both from DB. I am able to set the number back to 0 since it is an integer. How to reset the dattime field to show 0000-00-00 00:00:00? $sqlUpdate = "UPDATE login_users SET otp_reset = 0, otp_expiry = ??? WHERE username_email = '$myusername'"; if(mysqli_query($db,$sqlUpdate)) { ..... }

Yep - I got so used to saying SwiftMailer I didn't even read the link I posted. Thanks much for that!

Agree strongly with this advice. I would also suggest looking at Symfony Mailer.

Great question. You start with the type of tests and look at tools that are designed for that type of testing. You've been focused on unit tests, which is absolutely the right way to go. Unit tests are your basis for set up of a CI/CD pipeline, and the typical dividing point between the things software engineers are responsible for, and the things that QA is responsible for. There are "suite" tools I've used in the past like https://codeception.com/ that are designed to support many different sets of tools, as the basis for building out a complete set of automated tests of different types. With that said, I'm going to copy this from a pretty good article series Atlassian has here: https://www.atlassian.com/continuous-delivery/continuous-integration So in each category of testing, there are different aims, and different environmental dependencies, tools and approaches. This is why in most mature companies, especially if they are offering SaaS or PaaS they typically have a well resourced QA department with QA Automation engineers, as well as QA Analysts/Testers, who come up with the testing plan, and are responsible for pass/fail. They'll often work with an automation engineer, who is typically concentrating on Integration and UI tests. So when you get into those areas, that is where you are more likely to require a more fully functional "test environment". Often it takes a good amount of effort, usually involving devops, to be able to build up/tear down a full/independent test environment, not to mention the time and resources involved. With containerization, cloud services, kubernetes etc, there are many different approaches that might facilitate this, so it depends on what/how you are deploying into production. Going back just to unit testing, which is where you are concentrating initially, I've found one of the most common areas of pain for unit testing is in "mocking", and the most common place where you might find an additional library to facilitate mocking, even if you are still using the de facto unit testing tool for the language. For PHP that would be an example of using something like "mockery" along with "phpUnit" even though phpUnit has its own mocking features. You also have to evaluate and decide what amount of code coverage is acceptable to you, and what tradeoffs might be involved. When you start looking into this you will find that there are a lot of opinions about certain tools/services. This article does a really good job providing you some background on this: https://djangostars.com/blog/continuous-integration-circleci-vs-travisci-vs-jenkins/ When you start looking into self hosting with something like Jenkins, you will find a lot of different opinions on it as a platform. Same goes for all the alternatives. You also have things like github actions or bitbucket pipelines. They might offer you a good way to move towards CI, although they tend to be limited in comparison to the other options. As I have projects which are using Bitbucket repos (as well as the atlassian suite, particularly jira) I've been working on their tools and find them to be a good way to start, but if I had them in Repo I would probably be trying to see what I could get out of actions as a first step in this direction. CD is also a nice goal to have. The more your work is built to take advantage of the foundation of containers, the more options you will probably find you have.

I hosted on HostGator for a while quite a few years ago and if I'm not mistaken, you needed to authenticate the SMTP requests or emails would just fly out into the ether.

Thank you, I'm trying a different way until can sort the other email address out. a gmail email address has been set up and trying that and from what I read online, a app password needs to be created and use that within phpmailer settings instead of the password used to create the email address

this is a 'contact us' form. for the client to be able to receive and read the emails, they must be sent to an email address that the client has access to. is this To: address at their web hosting (mail_box_name@their_doman_name) or somewhere else, such as a gmail address ([email protected])? i didn't find any information about using unauthenticated smtp at hostgator, but if this is possible, it would require an email account to be created within cpanel for the domain name that's hosted at hostgator, then this email address would be used as the From: address. the To: address can then be anywhere, even the same as the From: address. everything I saw about hostgator email used smtp authentication, which needs an email account to be created within cpanel for the domain name hosted at hostgator, with the password known. if they have an email address at their domain name, but the password is not known, it needs to be reset to a known value within cpanel. for php to be able to send to (the From: and To: addresses would be the same and be the email account at hostgator) or through (the From: address would be the email account at hostgator and the To: can be anywhere) the mail server at hostgator, you would use the hostgator server settings. see the cPanel Emails, Outgoing Email Settings at this link - https://www.hostgator.com/help/article/email-connection-settings#cpanelemails you can, using the phpmailer/swiftmailer class, send an email to or through an external mail server, such as gmail, but this requires the username/password of the account on that external mail server.

Ahh ok sounds like it could be that and silently accepting emails. It's on the web hosting with hostgator. It's in the web hosting cPanel but it still don't seem to be sending, I'm using my email address at the moment as a test and it's not coming through so for some reason it don't seem to be sending the email

the php mail() function and the phpmailer/swiftmailer classes allow php to act like an email client, to send an email to a mail server. when you don't use smtp authentication against a mail box on that mail server, that mail server must be configured to "trust" the (ip address of the) web server where the php code is running. typically, a local mail server at web hosting is configured this way. if you are not getting any errors back, it is likely that the locally configured mail server is setup to silently accept emails, regardless of it it intends to send them, without returning an error. where are you running this php code at? a localhost development system or web hosting, and if on web hosting is the domain name in the From: address hosted at the sending web server or is it hosted at some other location?

Hi I am trying to use phpmailer without the smtp credentials as the client does not know the email password or they don't have it to hand so trying to use phpmailer without the smtp info, I am trying the following code and not getting any errors and it's going to the enquiry confirmation page but the email is not coming through <?php session_start(); use PHPMailer\PHPMailer\PHPMailer; use PHPMailer\PHPMailer\Exception; // Include PHPMailer 6.x autoloader require 'PHPMailer/src/Exception.php'; require 'PHPMailer/src/PHPMailer.php'; require 'PHPMailer/src/SMTP.php'; $name = ''; $phone = ''; $email = ''; $message = ''; if ($_SERVER['REQUEST_METHOD'] === 'POST') { $name = $_POST['name']; $phone = $_POST['phone']; $email = $_POST['email']; $message = $_POST['message']; $error=''; if(!$name || !$phone || !$email || !$message){ $error.="**Please fill the fields.!".'<br>'; } if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $error.="**Please enter valid email address.".'<br>'; } if(!$error){ // Initialize PHPMailer $mail = new PHPMailer(true); try { $mail->SMTPDebug = 0; // Enable verbose debug output / Enable SMTP debug information (for testing) //$mail->isSMTP(); // Set mailer to use SMTP //$mail->Host = 'smtp.gmail.com'; // Specify main and backup SMTP servers //$mail->SMTPAuth = true; // Enable SMTP authentication //$mail->Username = ''; // SMTP username //$mail->Password = ''; // SMTP password //$mail->SMTPSecure = 'tls'; // Enable TLS encryption, `ssl` also accepted //$mail->Port = 587; // TCP port to connect to $mail->setFrom('[email protected]', "Company Name"); $mail->addAddress('[email protected]', "Company Name"); // Add a recipient $mail->addReplyTo($_POST['email'], $_POST['name']); $mail->isHTML(false); // Set email format to HTML $mail->Subject = 'New Website Enquiry'; $mail->Body = "A new website enquiry has been made. The enquiry information is below\r\n\r\n" . "Name: " . $_POST["name"] . "\r\n" . "Phone: " . $_POST["phone"] . "\r\n" . "Email: " . $_POST["email"] . "\r\n" . "Message: " . $_POST["message"]; $mail->send(); // Redirect upon successful sending header("Location: http://domainname.co.uk/enquiry-confirmation.php"); exit(); } catch (Exception $e) { echo 'Message could not be sent.'; echo 'Mailer Error: ' . $mail->ErrorInfo; } } } ?> <form action="#form-section" method="post"> <div class="row"> <div class="col-sm-6 col-lg-6"> <div class="form-group"> <input type="text" value="<?php echo $name; ?>" name="name" id="name" class="form-control" required placeholder="Name"> </div> </div> <div class="col-sm-6 col-lg-6"> <div class="form-group"> <input type="text" value="<?php echo $phone; ?>" name="phone" id="phone" class="form-control" placeholder="Phone"> </div> </div> <div class="col-sm-12 col-lg-12"> <div class="form-group"> <input type="email" value="<?php echo $email; ?>" name="email" id="email" class="form-control" required placeholder="Email"> </div> </div> <div class="col-md-12 col-lg-12"> <div class="form-group"> <textarea name="message" class="form-control" cols="30" rows="8" required placeholder="Message" value="<?php echo $message; ?>"></textarea> </div> </div> <div class="col-md-12 col-lg-12"> <button type="submit" id="submit" name="submit" class="contact-btn btn">Send Message</button> <div class="clearfix"></div> </div> </div> </form> Can anyone see where I have gone wrong please as been trying for hours and can't see what the issue is

Hey everyone, I’ve been working more on full-stack projects recently, and while my backend is typically in PHP, I’ve started building more with JavaScript (Node.js) and Python (mainly Flask). I'm now focusing more on proper QA, especially around web app testing—functional, unit, and integration testing. I wanted to ask what tools or frameworks you all recommend for web app testing in these languages? For example: In JavaScript, I’ve tried Jest and Mocha but wonder how they stack up long-term. In Python, I’ve dabbled in PyTest and unittest, but I’m unsure how to scale them for larger apps. Also, how do you structure your test environments in these languages? Separate Docker containers? VMs? Would love to hear how others in the community handle this. Looking forward to your input!

Highly recommend switching to a library like PHPMailer or SwiftMailer - they're both easier to use and more reliable than php's native mail function.

telling us that something doesn't work is pointless. we are not sitting next to you and didn't see what symptom or error you got that leads you to believe something didn't work. you must tell or show us what result you got and what the expected result should be. do you have php's error_reporting set to E_ALL and display_errors set to ON, preferably in the php.ini on your system, so that php will help you by reporting and displaying all the errors it detects? have you checked in the browser's developer tools, console tab for errors? you should use 'require' for things your code must have. require/include are not functions. the () around the path/filename do nothing and should be removed. $_GET['email'] is an input to your code. it may not exist. you need to use isset() to prevent errors when it doesn't exist and you must trim, then validate it before using it, when it does exist. the two session variables are also inputs to your code. they may not exist. you need to use isset() to prevent errors when they don't exist.

The first thing I notice is that you have 2 session_start commands. I'm not sure that is the problem but remove the one in header.php.

I am trying to include a php header file to my page but it is not working. <?php session_start(); include("header.php"); $the_email = $_GET['email']; $_SESSION['user_email'] = $the_email; ?> and header have a navbar header.php <?php session_start(); $authenticated = false; $isadmin = false; if ($_SESSION['user']) { $thename = $_SESSION['user_name']; $theimage = $_SESSION['user_photo']; $authenticated = true; $isadmin = false; } if ($_SESSION['admin']) { $thename = $_SESSION['admin_name']; $authenticated = true; $isadmin = true; } ?> <!doctype html> <html lang="en"> <head> <!-- Required Meta Tags --> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <!-- Document Title, Description, and Author --> <title>Teacher License System</title> <meta name="description" content="Wave is a Bootstrap 5 One Page Template."> <meta name="author" content="BootstrapBrain"> <!-- Favicon and Touch Icons --> <link rel="icon" type="image/png" sizes="512x512" href="./assets/favicon/favicon-512x512.png"> <!-- Google Fonts Files --> <link rel="preconnect" href="https://fonts.googleapis.com"> <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin> <link href="https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&family=Satisfy&display=swap" rel="stylesheet"> <!-- CSS Files --> <link rel="stylesheet" href="./assets/css/wave-bsb.css"> <!-- BSB Head --> </head> <body data-bs-spy="scroll" data-bs-target="#bsb-tpl-navbar" data-bs-smooth-scroll="true" tabindex="0"> <!-- Header --> <header id="header" class="sticky-top bsb-tpl-header-sticky bsb-tpl-header-sticky-animationX"> <!-- Navbar 1 - Bootstrap Brain Component --> <nav class="navbar navbar-expand-lg navbar-light bg-light"> <div class="container"> <a class="navbar-brand" href="index.php"> <img src="/assets/img/logo.png" width="40" height="40" class="d-inline-block align-top" alt=""> TLS CS C2&3 </a> <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation"> <span class="navbar-toggler-icon">test</span> </button> <div class="collapse navbar-collapse" id="navbarSupportedContent"> <ul class="navbar-nav me-auto mb-2 mb-lg-0"> <li class="nav-item"> <a class="nav-link text-dark" href="index.php">Home</a> </li> <li class="nav-item"> <a class="nav-link text-dark" href="about.php">About</a> </li> <li class="nav-item"> <a class="nav-link text-dark" href="services.php">Services</a> </li> <li class="nav-item"> <a class="nav-link text-dark" href="pricing.php">Pricing</a> </li> <li class="nav-item"> <a class="nav-link text-dark" href="contact.php">Contact US</a> </li> </ul> <?php if ($isadmin) { ?> <ul class="navbar-nav"> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle text-dark" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false"> Hello, <?= $thename ?> </a> <ul class="dropdown-menu" aria-labelledby="navbarDropdown"> <li><a class="dropdown-item" href="main.php">TLS Materials</a></li> <li><hr class="dropdown-divider"></li> <li><a class="dropdown-item" href="logout.php">Logout</a></li> </ul> </li> </ul> <?php } else if ($authenticated) { ?> <img src='/files/<?=$theimage ?>' width="75px"> <ul class="navbar-nav"> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle text-dark" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false"><?= $thename ?> </a> <ul class="dropdown-menu" aria-labelledby="navbarDropdown"> <li><a class="dropdown-item" href="profile.php">My Profile</a></li> <li><a class="dropdown-item" href="main.php">TLS Materials</a></li> <li><hr class="dropdown-divider"></li> <li><a class="dropdown-item" href="logout.php">Logout</a></li> </ul> </li> </ul> <?php } else {?> <ul class="navbar-nav"> <li class="navbar-item"> <a href="register.php" class="btn btn-outline-primary me-2">Register</a> </li> <li class="navbar-item"> <a href="login.php" class="btn btn-primary">Login</a> </li> </ul> <?php } ?> </div> </div> </nav> <script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js" integrity="sha384-MrcW6ZMFYlzcLA8Nl+NtUVF0sA7MsXsP1UyJoMp4YLEuNSfAP+JcXn/tWtIaxVXM" crossorigin="anonymous"></script> </header> why is that? Am i missing something?

Don't do that. Under no circumstances should the session storage location be under the web root. So first of all, the session does not "timeout" after 30 minutes. Most likely your shared host has a cron job that is going through the directories where session files are stored and deleting any session files that haven't been updated (the mtime) in over 30 minutes. Normal session file garbage collection is highly dependent on having a certain amount of requests, such that the garbage collector actually runs. You should be able to do this. If it doesn't work, then I wouldn't use the feature. Hard to say for sure, but you should check the value of gc_probability. Some OS's like Debian set it to 0, and use os level scripts to remove session files. As I stated above, it does sound like this might be the case with your host. A site with very low traffic is unlikely to run the session garbage collector in any reliable manner.

Hi I am trying to send email through php as html template. Below code, if I put the headers it will get the custom error message that the email is not sent. If I remove the headers it will send the email but the email will be not formatted as html and it will send the whole template.php as a text. $to = $myusername; $subject = "OTP - RESET PASSWORD"; $headers = array( 'MIME-Version' => '1.0', 'Content-type' => 'text/html;charset=UTF-8', 'From' => '[email protected]', 'Reply-To' => '[email protected]' ); //$message = "hi!"; ob_start(); include("mail-template.php"); $message = ob_get_contents(); ob_end_clean(); $sent = mail($to, $subject, $message); if(!$sent){ echo "Error: Message not sent. Please try again"; }else{ echo "Message was sent successfully"; }

I can answer number one and the answer is yes: <?php require_once __DIR__ . '/../config/starlite_config.php'; require_once "vendor/autoload.php"; and maybe number 4? public function logoff(): void { error_log("Starting logout process"); // Clear database token if (isset($_SESSION['user_id'])) { $sql = "UPDATE {$this->table} SET token = NULL WHERE id = :id"; $stmt = $this->pdo->prepare($sql); $stmt->execute(['id' => $_SESSION['user_id']]); } // Clear login cookie $isLocal = in_array($_SERVER['REMOTE_ADDR'], ['127.0.0.1', '::1']); $cookieDomain = $isLocal ? '' : 'www.phototechguru.com'; setcookie('login_token', '', [ 'expires' => time() - 3600, 'path' => '/', 'domain' => $cookieDomain, 'secure' => !$isLocal, 'httponly' => true, 'samesite' => 'Lax' ]); // Clear session $_SESSION = []; if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time() - 3600, '/'); } session_destroy(); error_log("Logout complete"); header('Location: index.php'); exit(); }

In a PHP membership website hosted in shared hosting, the session used to timeout in 30 minute after closing browser. We solve that problem by creating users.ini file and creating folder 'session' in public_html. In users.ini file session.cookie_lifetime, session.gc_maxlifetime was extended also session.save_path was set to new directory path. The values of session.cookie_lifetime, session.gc_maxlifetime and session.save_path also set in each PHP program. We are facing a new problem about securing folder session that's storing PHP sessions. These are some queries that I have in this regard. 1) Is it possible to have session folder above public_html to avoid direct access? If not then what can be done to secure that folder? 2) Is anything needs to be mentioned in .htaccess to secure users.ini file or session folder? (It currently uses following in .htaccess file: Options -Indexes <Files php.ini> order allow,deny deny from all </Files>) 3) Can anyone directly access session files like sess_xyz123 created in session folder? (We can't browse session files by visiting url www.domain.com/session/sess_xyz123) 4) The session folder gets populated with session files for each user visit to website. How to remove empty session files that are no longer needed when user leaves website? Looking forward to your reply. Thank you.

If the only reason for that value is to write to the DB then you can do it in the insert query... INSERT INTO tablename (colx, coly, colz) VALUES (?, ?, NOW() + INTERVAL 10 MINUTE)