gizmola

You should clarify: You have not changed client php code at all? When you ran curl from the cli on this same computer, did that work? Have you rebooted, the workstation you are using to connect to your owncloud? If it involved a DNS change on your part, if the DNS information was cached and stale, it's possible that your workstation was still resolving to the old host, and an IP that perhaps no longer works. It's also possible that this PaaS platform doesn't have port 80 open.

afaik, you can intermix them as you need, but there is no quoting used around table/fieldnames other than the [name] syntax.

Correct. That is an invalid mysql date. You can set a mode of mysql to accept that value, but that is not the way to handle this problem. Instead, make sure that the OTP expiry allows NULL. Then set the value to NULL. Personally, I would not design a system like this. Instead I would have a related table that only holds "events". I will usually have an user_event_type table that has different allowable authentication events. For example: user event type id | Description 1. Registration 2. Password Reset 3. One time Password 4. Login 5. Close account 6. Failed Login 7. Account locked etc. I don't know what your user table looks like but hopefully it has an ID other than "email". I'll assume you do. So you then have a user_event table with a structure like this: id | user_id | user_event_type_id | event_value | status | expire_date_time | created_at 100| 245 | 3 | xyzabc... | 0 | ..... | current_date There are a few reasons to do this. They include: - you have an audit trail of events - MySQL with InnoDB is optimized for insert queries, and they don't reduce concurrency unlike update queries. Instead of trying to overwrite the OTP, you can simply set the status from 0 to 1 (or whatever value you want). You could have several status values if you want fine grain control over the changes in status. Just to keep it simple, if the person logs in with the OTP, then it's used, so you set the status to 0. A subsequent query of "SELECT * FROM user_event WHERE user_id = 245 and user_event_type = 3 AND status = 0 ORDER BY created_at DESC LIMIT 1" will always find the most recent OTP request. You can then compare that with the OTP value. Making event_value a varchar of a specific length is no cost if the field is unused, as varchars will use the bytes required. So if you want to use event_value for additional data, you can do that, but if it's something simple like "login" event, you don't need to use it. Personally I would also have a client_ip field in a table like this, where I use a varbinary field to store the IP. This works for both IPv4 and IPv6 addresses, but there are some tricks to doing that, and it is not specifically related to your question. I mention it just to be complete.

What do you mean it works? It's not even in the list of Access SQL keywords: https://support.microsoft.com/en-us/office/sql-reserved-words-b899948b-0e1c-4b56-9622-a03f8f07cfc8 I also never mentioned single or double quotes. You can use either when you are working with string constants, but you aren't doing that. You either use [name] or the name by itself for table and columns. So table.column or [table].[column].

Microsoft access does not support Limit. It has a "TOP" keyword that does the same thing. So something like: SELECT TOP 3 * from Objects. It also does not support backtics. That is a MySQL feature. You use the square brackets, as you did in the final example. However, like MySQL's backtics you only need brackets if you have a non standard table or column name with perhaps spaces in it, or used a SQL keyword for the name. So your problem is most likely the use of LIMIT, which is not a keyword supported by Access.

We had a vote that was open to any and all active users. We get a lot of reading these days, but not as many posters as in years past. I appreciate your taking the time to post, but people that bothered to post, all voted to close it, so unfortunately your opinion comes a bit too late.

Yes, tcpdf does a great job and I've used it for really elaborate invoice documents and business check printing with barcodes. I didn't suggest it initially, because you indicated you wanted to try to come up with an html solution that would then be converted to pdf. I should point out the the developer of tcpdf has locked the project and has replaced it with a rewritten version with current PHP practices like namespacing. That project can be found here: https://github.com/tecnickcom/tc-lib-pdf

It doesn't change the fact that the code in vsp.php at line 2392 is trying to get the value of the constant LOG_READ_SIZE and LOG_READ_SIZE is undefined. As far as I can see there is no way to look at the source code. I did see that someone dockerized the app and put the source code in github, but the actual vsp code is in some zip file that the package downloads.

Suyadi's comment is factually accurate. The code expects the constant value LOG_READ_SIZE, and it is not defined. WIth that said, often utility applications come with instructions on how they should be configured, it looks like this might be the case for the application. Check instructions and see if there is a configuration file that needs to exist in a particular place. Many applications are distributed with a file with default settings that needs to be copied and renamed.

When people are using tutorials to try and create PHP based features, there are pitfalls, the potential for misunderstandings and the possibility of error. We need to see what your actual code is. The only exception is in the case of passwords, keys etc. Those should be replaced. So we would need to see your code and the actual path you used in your code. The operating system, hosting location etc, is also important information in many cases. It sounds like you have error turned off at present, and for development, errors need to be turned on, so you can see what they are. It looks like your code has one or more errors in it, and that is why you are getting a blank page, but if errors are turned off, you can't see what the error message is.

What's the problem with installing composer? Takes 2 seconds, and that is what PHP uses for dependency management and autoload building. Every option you have is going to start with using composer, and not using it is going back to PHP development as it was done in the bad old days of copying entire library codebases into project directories and everything that was painful, error prone and annoying with PHP library use, as of 10+ years ago. As for "best path" there really isn't one. There are different technical approaches to the problem, that tend to have different requirements, gotchas and limitations. You are best off doing a quick evaluation using the html docs you already have to explore the libraries. One up and coming option you didn't mention is gotenberg: a sophisticated go based conversion engine that has a php api. It has a lot going for it, but also has more moving parts. Here's the PHP Api that lets you talk to the Gotenberg server: https://github.com/gotenberg/gotenberg-php Puppeter (or rather the PHP api to it) takes a similar approach, in that it's a bridge to a headless browser used to render a page, which then allows you to save a pdf version. The https://github.com/zoonru/puphpeteer library is still being maintained, but already it's a fork of the original. You also have more moving parts (depending on Node, and the rialto bridge to Node). jspdf has similar issues, being a js library. For the Pure PHP library options, I'd start with dompdf and see if that works for you. Known limitations are the lack of support for flexbox or grid, so that might be a deal breaker. I probably wouldn't use mpdf, due to the age and lack of updates. It's a fork of fpdf. With that said, not unlike dompdf, if you constrain your html it might be fine for your use case, but the lack of updates is not a great sign. Along those same lines, lots of people are still using Snappy https://github.com/KnpLabs/snappy particularly with Laravel or Symfony, since there are integrations for both of those, but it does depend on a https://wkhtmltopdf.org/ which is now a dead project, even though you can still get builds of it for most linux distros.

See gw1500se and mac_guyver's posts, and implement those changes. One other thing I noted in your code, is that when you mix PHP and HTML, it's best to use PHP Alternative syntax for control structures. For the if -then - else section of your code, here is how you would change that. <?php if ($isadmin): ?> <ul class="navbar-nav"> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle text-dark" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false"> Hello, <?= $thename ?> </a> <ul class="dropdown-menu" aria-labelledby="navbarDropdown"> <li><a class="dropdown-item" href="main.php">TLS Materials</a></li> <li><hr class="dropdown-divider"></li> <li><a class="dropdown-item" href="logout.php">Logout</a></li> </ul> </li> </ul> <?php elseif ($authenticated): ?> <img src='/files/<?=$theimage ?>' width="75px"> <ul class="navbar-nav"> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle text-dark" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false"><?= $thename ?> </a> <ul class="dropdown-menu" aria-labelledby="navbarDropdown"> <li><a class="dropdown-item" href="profile.php">My Profile</a></li> <li><a class="dropdown-item" href="main.php">TLS Materials</a></li> <li><hr class="dropdown-divider"></li> <li><a class="dropdown-item" href="logout.php">Logout</a></li> </ul> </li> </ul> <?php else: ?> <ul class="navbar-nav"> <li class="navbar-item"> <a href="register.php" class="btn btn-outline-primary me-2">Register</a> </li> <li class="navbar-item"> <a href="login.php" class="btn btn-primary">Login</a> </li> </ul> <?php endif; ?>

strtotime() returns a unix timestamp value. Timestamps are an integer value which is the number of seconds since the January 1, 1970 00:00:00 UTC. Helpers like "+10 minute" are nice for abstraction, but all the minute addition does is add (minutes * 60) to the value. So you might note that this code will print "Same". $t1 = strtotime("now") + 10 * 60; $t2 = strtotime("+10 Minute"); if ($t1 == $t2) { echo "Same\n"; } An important limitation of strtotime is that it doesn't have any concept of timezone, so in most cases you should use PHP DateTime classes, which do allow you to account for timezones and translate between them. You also need to be aware of what the configured locale settings of your server are. In most cases servers should be setup to be UTC, and thus datetime values set in the database will also be UTC. This is the best practice. When you develop your application you want to be aware of the server and PHP settings, and translate the date/time values at presentation time, by applying the desired timezone relevant to your server or the client.

Agree strongly with this advice. I would also suggest looking at Symfony Mailer.

Don't do that. Under no circumstances should the session storage location be under the web root. So first of all, the session does not "timeout" after 30 minutes. Most likely your shared host has a cron job that is going through the directories where session files are stored and deleting any session files that haven't been updated (the mtime) in over 30 minutes. Normal session file garbage collection is highly dependent on having a certain amount of requests, such that the garbage collector actually runs. You should be able to do this. If it doesn't work, then I wouldn't use the feature. Hard to say for sure, but you should check the value of gc_probability. Some OS's like Debian set it to 0, and use os level scripts to remove session files. As I stated above, it does sound like this might be the case with your host. A site with very low traffic is unlikely to run the session garbage collector in any reliable manner.