requinix

What are these "functions" supposed to do?

If it can't connect then apparently define('PHPMAILERHOST', 'localhost'); define('PHPMAILERPORT',2500); define('PHPMAILER_SECURE',false); those settings are wrong. Do you really have a mail server running on localhost? And it uses the unusual port 2500?

You seem really fixated on this "I have to create a stored procedure in my code" thing when you don't have to do that. According to the code you posted, which is a really important point to make so if the code you posted is not what you actually want to do then you need to say something right now (and I'm about 99% sure it is not what you want), DROP PROCEDURE IF EXISTS test1; DELIMITER || CREATE PROCEDURE test1(IN LastID INT(5)) BEGIN SELECT person.RecordID AS PersonID, organization.Name FROM person INNER JOIN organization ON person.lnk_organization = organization.RecordID LIMIT 10; SELECT person.RecordID AS PersonID, organization.Name, organization.City, organization.State, organization.Zip FROM person INNER JOIN organization ON person.lnk_organization = organization.RecordID LIMIT 25; END || DELIMITER ; I'll say again what I've said before: there is nothing in that query which means you have to create it in your PHP code at the point when you want to call it. There is no information in there that depends on something only the code knows. So do me a favor and try something, okay? Create your "test1" stored procedure manually and remove the stuff about creating it from your code. Now try calling it. You can supply whatever "LastID" parameter you feel like. SQL injection won't be a thing because "LastID' is typed as an integer and SQL injection isn't possible with an integer. Now, you say you want to do something with variable limits. Okay. Have you tried doing that? Because recent MySQL will just let you do that: make the two limit numbers be parameters and specify those variables in the LIMIT clauses. Worst case, your desired stored procedure does not match your posted stored procedure, and the desired stored procedure actually has some aspect that cannot be parameterized. I don't know what it would be. If that was the case then you still (probably) wouldn't create a stored procedure at runtime because that is tied to the answer of a particular question: would your code, the code that hypothetically creates this stored procedure, ever call it multiple times? I don't mean "yes, it would call the procedure every time the code runs". I mean once that procedure was created, would the code that is currently running want to use it multiple times, and would completely separate code anywhere else running shortly after that code also want to use it? I can't imagine why your answer would be anything other than "no", which means you don't need a stored procedure because you can just run those SELECT statements at the time you want them. There's absolutely zero reason to create a stored procedure if it's only going to be used once.

Exactly. And in here, DROP PROCEDURE IF EXISTS test1; DELIMITER || CREATE PROCEDURE test1(IN LastID INT(5)) BEGIN SELECT person.RecordID AS PersonID, organization.Name FROM person INNER JOIN organization ON person.lnk_organization = organization.RecordID LIMIT 10; SELECT person.RecordID AS PersonID, organization.Name, organization.City, organization.State, organization.Zip FROM person INNER JOIN organization ON person.lnk_organization = organization.RecordID LIMIT 25; END || DELIMITER ; there's nothing about it that means it can't be set up ahead of time. You create this stored procedure yourself in the database, preferably under a different name, and then you can use PDO to invoke it. The LastID variable is obviously not known until code wants to call the procedure, but the procedure itself doesn't vary.

$row and $row2 both come from while loops. They're only useable within those loops. Your code tries to show reservations for one user, and then booking slots for one reservation. Does that make sense to do? Which user and which reservation are they supposed to show?

Any particular reason you want to create stored procedures programmatically? Those are normally things you set up ahead of time, not while the application is running.

A 500 happens on the server, not in the browser. Check server log files for a clue what went wrong.

This external-server-terminates-SSL-and-proxies-internally-without-SSL ("offloading") is a common strategy, especially back in the days when SSL was (or at least people thought it was) computationally expensive. It's not as much now because everything's fast, but the convenience in not having to deploy more certificates across more machines is worthwhile. The only requirement to doing that is securing the network against unwanted servers (ie, MITM attacks), but that really shouldn't be much of a concern. Because if it was a concern, it would really be a concern. Apache shouldn't care... I tend to circumvent problem solving by declaring the problem is moot to begin with. Is the error for every request or intermittent?

Home network? Get rid of HTTPS on the intranet. Have external HTTPS connections pass through the router to the non-containerized server, have that handle all the SSL as a terminator, and then proxy requests to the containerized server's non-SSL on 8080/80. Far simpler.

Well you're the only one on this site even remotely familiar with the stuff you're working on, so it's going to be hard to find someone who can tell you what you need to do. The problem is specifically this stuff about paying the pilot some $/mi rate, yes? Describe the whole payment thing in as much detail as you can so that hopefully we can catch up near to the knowledge you already have.

URL is working for me. Maybe your nearby CDN is having connectivity problems? What IP address does maxcdn.bootstrapcdn.com resolve to for you?

Forget regular expressions. As a human being, how do you look at the contents of that file and decide what to take away from it? Describe the process in detail, step by step. Once you've done that, try expressing the exact same thing in code.

The only place the Let's Encrypt stuff needs to happen is on the proxying server. Is it containerized too? Because I can't tell what "the docker" is supposed to mean. The servers in the background handling regular requests don't even necessarily need SSL if it's inside your own network (and you trust it's secure against rogue servers or whatever), but otherwise you can use a self-signed cert just for the TLS aspect and make the proxying server ignore the insecurity - or even use a local cert authority, grant certs as needed, and of course install the CA's as a trusted root everywhere. To tell Apache not to proxy a path, normally I would have the virtualhost configuration broken down into <Location>s, but if you don't need that then you can literally tell ProxyPass not to proxy the one path.

You're not there yet. You can't implement something until you know what it's supposed to be. How those points are dealt with is a business decision. How the airlines recoup money is a business decision. How pilots get paid and at what rate is a business decision. You need answers to these questions - a specification, if you will - before you can move forward.

😆 Physical printed books are out of date by the time they get published (coughphpsix). Use online resources as much as you can.

Just one. With certbot running on a public server, a file is much easier to work with than DNS. For larger organizations with multiple servers, the renewal process running somewhere internally and writing to DNS is easier than having to replicate files. certbot handles all that magic for you. The important thing is that you are given a key and token to prove you have ownership, and those two need to be discoverable by Let's Encrypt. More certbot magic. It handles certificate files - you just point your webserver to the relevant file paths and specify a reload command for it to pick up any changes.

If your public server is the one with the cert then it should be the one handling the cert. Think about it as SSL termination. What this site does is use a custom authenticator script that writes certbot's generated key/token pair to a publicly-accessible /.well-known/acme-challenge file (plus a custom cleanup script to remove it). Your server could do that too - just don't proxy /.well-known/acme-challenge/* to the backend server.

I see one command with a typo and another command with output that tells you something important (assuming that sometime before those commands you did what I think you did). Neither of those commands are what the man page told you to do regarding insecurity of an individual apt source.

+1 for DOM. If you want to insert an ad between paragraphs then you likely want to insert it between top-level paragraphs, and simple iteration on the top node's children will do the job quite easily.

Perhaps because what you had before was better. In fact it wasn't just better, it was correct. All it was missing was an equals sign.

"Borrow" implies that they will eventually return the book. Are you not going to keep track of who has returned their books? I would think that's a crucial piece of information. I don't see any problematic code regarding $sql. I do see a ton of other problematic code in other places, though. How about posting your real code and the real error message(s) you're getting? Well, if you're putting in the bare minimum then I should probably do the same. I have critiqued your structure and no, the quantity column does not make sense.

Step away from the computer, make yourself a sandwich or watch some TV or whatever you like, then come back to your code and look at the first line.

That's actually not a great idea. Having that counter means you have to keep that number in sync, and if something happens and interrupts the process then your quantity will be off. If you have a table for borrowed books then it's easy to find out whether you have available books or not: compare the "all books" quantity with the number of books out being borrowed. Not sure how the borrowed books table works... Is there also a column for the date the book is returned? If you do something like that then you're guaranteed to always be accurate. Don't have to manage a counter for it because you already have all the information you need - just in a slightly different form and location. What this gets at is a concept where you don't store duplicate information in different places. You know the available books with a quick query so storing the available books in a second place would be duplication. And if there's duplication then there's a problem that the two (or more) values could get out of sync. And if that happens then you have a problem because you don't necessarily know which value is correct (if either actually is) and which is incorrect. That aside, If you get errors and need help resolving them, posting what those errors are would be really helpful for us. Kinda hard to do anything if we don't know what the problem is, eh?

It's not about PDO but about MySQL. If you tell MySQL that you want to run a certain query, it will remember that for a while in case you want to run it again. And not in a literal sense of "here is the query as a string and does it match a previous query" but in a more sophisticated way that doesn't care much about LIMITs or the exact values submitted with a prepared statement. So you're probably good to go without trying to do anything special. Remember: databases like MySQL are built by very smart people who know a lot about what they're doing and how the system needs to be used, so just use it normally and see how it goes.

The part where it talks about how you can mark one single repository to allow it being insecure.