Preventing a missing or faulty plugin loaded inside of wp-settings from halting a script

foreach ( wp_get_active_and_valid_plugins() as $  plugin ) {     echo $  plugin;     wp_register_plugin_realpath( $  plugin );     include_once $  plugin;      /**      * Fires once a single activated plugin has loaded.      *      * @since 5.1.0      *      * @param string $  plugin Full path to the plugin's main file.      */     do_action( 'plugin_loaded', $  plugin );     echo 'end'; } 

So I have a script that loads wp-settings and the script halts at: /var/www/public/wp-content/plugins/w3-total-cache/w3-total-cache.php. I am thinking that do_action(‘plugin_loaded’, $ plugin); throws an exception and stops the script from running, how do you prevent an exception like that from halting a script? I tried to put a try catch, but it doesn’t work.

Preventing character skill from impeding player enjoyment

Let’s consider a player, whom we shall call Bob. Bob loves exciting gunfights and is a big John Woo fan. So he makes up “Shooty McShootenstein,” who is a master with a gun. One thing that Bob is not interested in is the cyberpunk hacking trope. So Shooty doesn’t really have any ability at that. From the player’s choices, it seems they want a game with lots of gunplay but no hacking. But here’s what happens in practice:

  • When Shooty gets into a gunfight, his high skill means he blows everyone away in a round or two, or a few minutes of table time. Bob’s real choices during this time are largely restricted to taking actions to stack additional bonuses that are mostly unnecessary or making tactical choices that are often rote. Bob is left unsatisfied.

  • When Shooty finds he needs to hack a computer, suddenly his choices open up! He can hire a hacker, threaten the owner, bluff about already having the information, etc. This will take considerably more table time. The problem is that it’s still indirectly all about hacking and is exactly what Bob didn’t want to play. He ends up bored because he doesn’t like this theme and his character is bad at it.

Many proposed suggestions don’t seem to help. Putting Shooty against better gunfighters is a good idea, except that in most systems, a gunfight between two characters with Firearms and Dodge skills at 20 have the same actions, probabilities, and modifier stacks as one between two sides with Firearms and Dodge at 2. Essentially, Bob might as well have played a much weaker character. Making the consequences for failing at the hacking-related stuff easier on the character might encourage Bob to experiment a bit, but fundamentally he’s still going to be bored because his share of spotlight time was spent in 2 minutes about him being awesome with a gun and 2 hours about him being a lousy hacker.

What techniques can be used to overcome this contradictory tendency in play, either as a game-master or as a player?

Are there any restriction preventing you from using Demon to build Manse?

One of my players wants to use a Demon he intends to summon to build him a Manse.

Looking at the rules this seems to be within the scope of a demon contract. Core Rule Book p.473

Alternatively, she may assign it to complete a specific task—“Construct a tower using these plans,” “Murder Magistrate Yang,” “Dig a tunnel through this wall”—for as long as it takes to complete. Task-bound demons form a Defining Principle of “I must complete my task,” which is similarly impervious to tampering.

The core of the question I have is how can this be handled? But that question could be broken into a few subparts. Are there any rules that would apply to this situation, and what are they? Also looking for practical experience of how this has been handled by others, and how to avoid the player being able to build castle after castle just using demons as "free" labour. Prefer the suggestions of how to handle it to be linked to rules for 3rd edition.

It would be a bonus if the answer would adress if this would be different if the player "only" wanted to build a mundane tower.

Is there anything preventing a first-level alchemist from buying a sixth-level alchemical formula?

The alchemist starts at level 1 with eight first-level alchemical formulae – two from their specialisation, four from their alchemical crafting feat, and two for free because they’re alchemists.

Alchemy alchemy alchemy.

But when I looked up purchasing formulae on page 293 of the CRB, I found that a sixth-level alchemical formula is only 13gp.

If a level 1 alchemist were to spend 13 of the 15 gold pieces they start with on such a formula, would they immediately be able to craft it and use it?

Alternatively, given that moderate versions of bombs are only level 3 formulae, could the alchemist purchase these formulae and start using them immediately with their infused reagents and quick alchemy, skipping the lesser versions entirely?

SPF record does not preventing the sender spoofing

I am bug hunter & still new in bug bounty programs. I’ve reached to this topic which I can’t go further before understanding this one .

I used one of the most SPF record finder online , the result of this test was they already have a SPF record

BUT

I still can send an email as their domain exactly!

so , does really SPF record prevent email spoofing attack? If it does, why I still can send an email as their domain exactly ?, if it doesn’t, how can we really prevent the email spoofing attacks

also maybe I’ve some misunderstanding between SPF misconfiguration & missing of SPF record do they mean same ?! what is the situation as written above is it a misconfiguration or missing SPF record ?!

regards

Preventing HTTPS Replay Attacks

I’ve read here that HTTPS replay attacks aren’t possible from MITM attacks but I want to be sure that it’s not saying that HTTPS replay attacks aren’t possible at all. I want to know if I have to implement my own obscure method for temporarily preventing the inevitable or if something like this already exists.

Suppose the attacker is the client. They have access to the client and are communicating with the server legitimately, analyzing the traffic. Therefore the attacker has access to the client’s private key (or at least, the ability to replicate its generation). What’s stopping them from just replaying the traffic through a fake client after sniffing the payload before it’s encrypted? That is to say, running it through the client to encrypt it then send it themselves.

My client relies on the hardware information from the system to validate one-user-per-subscription and want to know what all of the weak points are for this system. Spoofing it seems really easy if they generate it normally once then spoof it every time after.

Custom structure permalink preventing 404

I am trying to find out what impact setting a custom stucture prefix in permalinks has on 404’s

I have a custom structure of:

/news-opinion/%postname%/

This is working as expected if you tried to go to a page: domain.com/news-opinion/non-existing-url I will get a 404 as expected.

However if I use: domain.com/non-existing-url this will redirect a user back to the homepage and not 404.

Am I missing somthing here I should have accounted for?

This is a Bedrock / Composer based install and this is the list of plugins in use if any of these are known to cause this issue:

"wpackagist-plugin/cache-enabler": "^1.3.4", "wpackagist-plugin/classic-editor": "1.5", "wpackagist-plugin/relevanssi": "4.2.0", "wpackagist-plugin/safe-svg": "1.9.4", "wpackagist-plugin/wp-mail-smtp": "^1.8", "wpackagist-plugin/instant-images": "4.2.0", "wpackagist-plugin/shortpixel-image-optimiser": "4.16.1", "deliciousbrains-plugin/wp-migrate-db-pro": "^1.9", "humanmade/s3-uploads": "^2.1", "custom-repo/advanced-custom-fields-pro": "^5.7.0", "custom-repo/gravityforms": "^2.4.0", "wpackagist-plugin/duplicate-post": "3.2.4", "wpackagist-plugin/filebird": "2.7.1", "wpackagist-plugin/crop-thumbnails": "1.2.6", "wpackagist-plugin/redirection": "4.7.1", "wpackagist-plugin/advanced-cron-manager": "2.3.10", "wpackagist-plugin/wp-seopress": "3.8.4", "wpackagist-plugin/cookie-bar": "1.8.7", "custom-repo/vcaching": "^1.8.0",  "wpackagist-plugin/wordpress-importer": "0.7", "wpackagist-plugin/export-media-with-selected-content": "2.0", "wpackagist-plugin/user-roles-and-capabilities":"^1.2.3", "wpackagist-plugin/wp-all-export": "1.2.5" 

If I can provide any more information that may be pertanent to this please let me know.

Any help with this would be apperciated.

Is there anything preventing a familiar from Readying a Help action? [duplicate]

Suppose the following situation: I want a familiar to give me advantage on melee attacks via the help action. However, I do not want to be yet another adventurer with an owl familiar doing fly-by helps. Instead, I pick something smaller (say, a spider), and have it ride on me.

My idea is thus: The familiar, on its turn, readies an action to help me whenever I attack anybody. Seeing as I close to melee to do that, the familiar is within both 5ft of whoever they’re helping and the target, satisfying the range requirement. Is there a RAW reason this shouldn’t work?