requinix

If you don't want to delete everything and recreate permissions then that means you want to delete the ones you don't want and add the new ones that you do. Right? So do that. Figure out all the pages the user had access to, figure out the pages the user should have access to, figure out what's different between the two, and run the appropriate queries. For the other question, is giving access to everything a common requirement? Then you could set that up as its own thing: the user has a little flag on their account that says they have access to everything. Then modify your permission checking to account for that flag. Another idea is to group pages together and grant/revoke access to the groups. Or you could adopt a sort of tagging system, tagging each page with whatever sounds good, then you grant access based on tags instead of direct pages.

Have you tried grepping for any files that mention opcache?

They're basically the same thing. A constraint exists to enforce some rule on the table, and an index exists to support queries. A unique constraint enforces uniqueness, and the way PostgreSQL implements that is by setting up a unique index. In other words, you just about always want a constraint. Because you want to enforce uniqueness. The index created for you is a bonus.

They could be used that way, but I would not. How are your dependencies set up in code? Are you using relationships? Doctrine should be able to save in the right order but can only do so if it knows about the relationships between all objects. I haven't really used Doctrine myself, but I would expect that you should be able to construct the whole chart hierarchy in code, with objects contained in other objects, and then tell Doctrine to save the whole thing. It would then combine that with its knowledge of your foreign keys to save the the dependencies before whatever is using them.

Clearly you've never had to do that. If they get breached then I'll have to get a new number. But if someone else gets breached then all I have to do is go to the app and disable the card. They don't care who I am. They just bill my credit card. Oh great, so it's an exclusive community. And I have to pay to get access to it. I'm sure the 1% will love it. I don't have the energy for explaining to you all the bad things that happen when companies and institutions have tried to mandate personal identification with their accounts. There it is. But we're not talking about screwing around. You want to target "anonymous users that do not behave the same way they would in real life". Your goal is to make sure that you have a community full of nice people who have to be careful about what they say lest they offend someone. Do you think PHP Freaks should require proof of identity for all of its members? After all, it's only to "protect our online community". You do the same thing every other online community does: ban the user, keep an eye out for their IP address and familiar activity from other accounts, and move on with your life. I'm done. I have other things to do than fight this. Like I said, I can't stop this from happening, but I'll be damned if I help it along.

You don't need to defer constraints to use transactions. I can't tell for sure but it sounds like you're establishing a circular dependency somewhere in there. Can either of those entities exist in their own right without the other? Also, circular dependency. Rethink the architecture. That's a very good reason to not defer the uniqueness... Deferring a constraint means you need to perform a series of operations where a constraint must be violated. So before saying deferring is the answer, think about whether you really do have to violate a constraint. If the answer is not "no", think again. There is only one good reason I know of to do this: importing lots of data. Constraints necessarily slow operations, and slowing a lot of data means it takes longer to load it all. That's when you use deferred constraints, except the process goes: 1. Start with tables that are not already deferred - because there was no reason for them to be deferred until now 2. Modify to enable deferring 3. Start a transaction and begin deferring 4. Load all the data for all the tables 5. Commit 6. Modify the tables back to not allow deferring And remember: this is all my opinion. I'm sure there are DBAs out there who believe that all constraints should be deferrable, or that there are more lax requirements for doing it, or who otherwise disagree with me. And that's okay.

They are the "bank" for a block of credit card numbers. When a transaction needs to be processed it goes to their system and they can handle the charge however they want. lol Riddle me this: Why the hell would I want to sign up for your community knowing (a) you are taking my personal information, including credit card numbers, in such a way that you are actively trying to establish my identity, (b) are doing so for reasons that have nothing to do with me initiating transactions on your site, but instead (c) are doing so because you want to be able to terminate my account if you decide that you don't like my behavior? Have you learned nothing from Twitter or Facebook or YouTube? Or from what is happening in China? I can't stop you from going forward with this idea, but I can tell you that I hate it and would never sign up for it.

I have on my phone an app that lets me create nearly unlimited valid credit card numbers associated to me. I can defeat your system by taking the same measures I would with every other online transaction I enter into: by creating a new virtual card. That's to say nothing about the fact that I have more than one billable piece of plastic to my name. Trying to say that a credit card is an identity is naive. Why do you care whether someone uses the same credit card? I pay Netflix for myself and two other people, using three separate accounts, all with the same billing information. Do you think they care?

Whatever the problem is, I doubt needing deferrable constraints is the answer. Why do you think you need them?

I can't help but notice you had to sudo to access the file. Think about what that mmight mean. Maybe. Maybe not. I'm not the one who designed it. There might be a reason they made it just a warning.

I don't see any PHP in there. I do see Javascript though. Probably means this question will do better in the Javascript forum. document.form1.sku999.value="44"; sku999 is a name. It is not a variable. You cannot stick a variable in there because Javascript is only going to look at its name. document.form1.'sku'+a.value="44"; I don't know why you think you can just stick a string in there. There are rules to how this kind of stuff works. Follow the rules. document.form1.conc.value="44"; Better except that "conc" is a variable, and like I said earlier, Javascript will only look at the name. And form1 doesn't have a "conc". Fortunately there is a way to access an object member using the value of a variable or expression. Square brackets. Just like arrays. document.form1['sku'+a].value="44";

You begin checking the web server configuration. Web. I don't recommend starting with the cronjob or syslog configuration.

The 404 has nothing to do with the SSL certificate. The problem is somewhere in your web server configuration.

As a very simple and hopefully straightforward approach, try copying the certificate file to your computer and just seeing what sorts of things you can do with it. You assume you know how to right-click?

Private keys are private. Keep them that way. IIRC you take the public key from the server and install it on your computer. Then, when your browser sees that and asks your computer what to do, your computer can say that it's trusted. For creating a certificate authority... nevermind. It's going to be too much work. Do the Let's Encrypt thing, or if you can't then the install thing.

Yes. You would accomplish that by writing code to prevent it from inserting values into MySQL if they are left blank. Also, you need to switch to prepared statements now. You can continue using mysqli if you wish, but much of the PHP community prefers PDO because it is a little easier to use.

Where's the rest of the code?

You will get the warning when your computer does not trust the signing authority. Which is the case for self-signed certificates. The certificate functions, it's just not trustworthy. You can download and store the public key on your computer and tell it to trust that. Or you can create a certificate signing authority, trust that, then have it create the cert. Or you can get a certificate by Let's Encrypt, if there's a way to get the domain name publicly exposed.

Have you considered that might have something to do with the part of your code that deliberately returns a 500?

Are you getting an error from mysqli? Or is it from PHP this time? Do you see the "no data found" message?

You need to learn how to read error messages from the software you want to use. Syntax error messages from MySQL (and forks) will show you where in your query the problem was detected. That almost always means what you need to do is look at that spot, or perhaps slightly before, to see what's wrong.

Your query failed to run. Get an error message from mysqli to see what the server thinks is wrong. Or spend a couple minutes looking closely at the query. That might do it too.

Apparently some bad people have finally realized how to make obfuscated scripts in a way that can't be decoded by just anyone. It's more than 99.9% likely that's malicious. Assume that your website and any databases have been compromised. Take down your website, restore everything from backups, update WordPress and all your plugins, then bring the site back up. Also notify your web hosting company that your site was compromised so they can make sure their own systems weren't affected.

That question has the same answer as whether $a = 1; $b = 2; is a "better coding practice" than $b = 2; $a = 1; No. The second form suggests that you don't know whether the session has been started yet, and not knowing what your code is doing is not "proper".

That's not all you have to change... What input is the Javascript expected to send and what response is it looking for? To make sure we both understand the requirements.