100% Private Proxies – Fast, Anonymous, Quality, Unlimited USA Private Proxy!
Get your private proxies now!
I m trying to show the user Score on a Quiz in their posts, I m adding this inside the Single.php loop:
global $ wpdb; $ user_id = the_author_ID(); $ table_name = "MYWP_quizresults"; $ sql = "SELECT * FROM ".$ table_name." WHERE user_id = ".intval($ user_id); $ result = $ wpdb->get_results($ sql); if(!empty($ result)) { foreach($ result as $ row){ echo "ID: ". $ row->user_id. " Name: ". $ row->user_name; } } I am trying to intercept the Traffic of my iPhone default mail client. I have burp suite setup with the certificate installed correctly cause I get traffic from the browser but I don’t see the traffic from my mail app.
Could someone help me out what this is happening ?
Gutenberg allows extra CSS styles for an image.
I want to make the image a circle and I thought this CSS would work:
img.imgcircular { -webkit-clip-path: circle(15.7% at 50% 50%); clip-path: circle(15.7% at 50% 50%); } And the class on the image is “imgcircular”
Any ideas why it doesn’t work?
Thanks
After listening to and enjoying some “actual play” podcasts I’m about to try DnD with my wife and children. None of us have played before, so after some research I’ve decided to go with the official DnD 5e starter set.
Due to a slight misunderstanding I thought that the set was fine for four players including the DM, it seems that actually it’s meant for a party of four or five plus the DM.
Given that the party will only be three strong, none of them have played before, and two of them are children I would expect them to not be hugely effective to begin with.
As DM I’m planning to help as much as I can with the rules and hints about what they can do (initially they won’t have read all the rules). But I’m concerned that as a small party they might struggle.
The kids have decided that they like the wizard and rogue and my wife is happy to play any of the remaining characters. From my research I’ve suggested the cleric for her so that they have someone with high AC and good healing.
As I haven’t played before either I’m looking for suggestions on what else I can do to get things off to a good start. Obviously I can do things like reduce the number of enemies in fights, but I assume that there are a lot of other tricks that I’m not aware of to help in this kind of situation.
On page 366 of Pathfinder 2e Core Rulebook, for the Sanctuary spell it states:
You ward a creature with protective energy that deters enemy attacks. Creatures attempting to attack the target must attempt a Will save each time. If the target uses a hostile action, the spell ends.”
Does trying to break a door count as a hostile action? It does not specify if the action is considered hostile only if it is directed towards a creature.
I have recently launched a new django based api, and quite quickly, I started to receive INVALID_HOST_HEADER SOME RANDOM URL errors. My understanding is that this is caused by somebody manually changing the HOST header, or proxying my API through some other domain.
This is probably a basic question, but what is the point? What are they trying to achieve? Presumably it’s not a regular MITM attack, because it would be easy enough to correct the HOST header on its way out of the middle server, and they’re not doing so.
Here’s the setup:
My familiar is adjacent to a target. My familiar is blinded.
I cast a touch spell. My familiar uses its reaction to deliver the spell.
Normally, being blinded causes you to attack at disadvantage, so I attack at disadvantage, right? I’m nearly certain about this, but wanted to confirm.
Background reading:
Casting while blinded in D&D 5e (mentions casting while blind, but not specifically the issue of a familiar delivering a touch spell)
Blinded + casting a spell with a bonus action + Find Familiar
Does an invisible familiar delivering a touch spell have advantage?
Two days ago I built a Debian 10 server in the United States for use as a file server for my web application. When I created the server, I installed the fail2ban package and configured a basic, minimal firewall using the following rules:
*filter # Allow all loopback (lo0) traffic and reject traffic # to localhost that does not originate from lo0. -A INPUT -i lo -j ACCEPT -A INPUT ! -i lo -s 127.0.0.0/8 -j REJECT # Allow ping. -A INPUT -p icmp -m state --state NEW --icmp-type 8 -j ACCEPT # Allow SSH connections. -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT # Allow inbound traffic from established connections. # This includes ICMP error returns. -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Log what was incoming but denied (optional but useful). -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables_INPUT_denied: " --log-level 7 # Reject all other inbound. -A INPUT -j REJECT # Log any traffic which was sent to you # for forwarding (optional but useful). -A FORWARD -m limit --limit 5/min -j LOG --log-prefix "iptables_FORWARD_denied: " --log-level 7 # Reject all traffic forwarding. -A FORWARD -j REJECT COMMIT Today when I checked my firewall, I found the following:
Chain INPUT (policy ACCEPT) target prot opt source destination f2b-sshd tcp -- anywhere anywhere multiport dports ssh ACCEPT all -- anywhere anywhere REJECT all -- 127.0.0.0/8 anywhere reject-with icmp-port-unreachable ACCEPT icmp -- anywhere anywhere state NEW icmp echo-request ACCEPT tcp -- anywhere anywhere tcp dpt:ssh state NEW ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED LOG all -- anywhere anywhere limit: avg 5/min burst 5 LOG level debug prefix "iptables_INPUT_denied: " REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain FORWARD (policy ACCEPT) target prot opt source destination LOG all -- anywhere anywhere limit: avg 5/min burst 5 LOG level debug prefix "iptables_FORWARD_denied: " REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain f2b-sshd (1 references) target prot opt source destination REJECT all -- 49.88.112.114 anywhere reject-with icmp-port-unreachable RETURN all -- anywhere anywhere There are only two user accounts on the server, the root account and a personal account for myself. I’m not a firewall expert but the Chain f2b-sshd entry looks suspicious to me:
When I run whois on that IP address, I see that it originated somewhere in China.
I have other production servers that have been running for over a year that are built on Debian 9 and I’ve never seen entries like this ever.
I’m trying to get a link from a custom post with a custom taxonomy but I’m running into issues trying to get it. I’m wanting to send the user straight to the post if the taxonomy count is 1. If its greater than one post it goes to a page showing all the posts of the taxonomy. I have this second part working but I cant at the first bit to work, I cant get the taxonomy to return the post.
<?php $ taxonomy = 'treatment_type'; $ terms = get_terms($ taxonomy); // Get all terms of a taxonomy //print_r($ terms ); if ( $ terms && !is_wp_error( $ terms ) ) :?> <?php foreach ( $ terms as $ term ) { if('trending-treatment' !== $ term->slug && 'skin-care' !== $ term->slug){ ?> <?php if($ term->count == 1){?> <?php $ posts_array = get_posts( array( 'showposts' => -1, 'post_type' => 'treatment', 'tax_query' => array( array( 'taxonomy' => 'treatment_type', 'field' => 'term_id', 'terms' => $ term->slug, ) ) ) ); print_r( $ posts_array ); ?> <h1>only 1</h1> <?php print_r($ term); ?> <article class="portfolio-item pf-rejuv"> <div class="portfolio-image"> <a href="POST LINK TO GO HERE"> <img src="<?php the_field('image', $ term); ?>" alt="<?php echo $ term->name; ?>"> </a> </div> <div class="portfolio-desc"> <div class="team-title"><h4><?php echo $ term->name; ?></h4><span> <?php the_field('types_of_treatments', $ term); ?></span></div> </div> </article> <?php }else{ ?> <article class="portfolio-item pf-rejuv"> <div class="portfolio-image"> <a href="<?php echo get_term_link($ term->slug, $ taxonomy); ?>"> <img src="<?php the_field('image', $ term); ?>" alt="<?php echo $ term->name; ?>"> </a> </div> <div class="portfolio-desc"> <div class="team-title"><h4><?php echo $ term->name; ?></h4><span> <?php the_field('types_of_treatments', $ term); ?></span></div> </div> </article> <?php } ?> <?php } } ?> <?php endif;?> I am working on a django project and trying to create a REST api to verify email without using any database.
My present server connection is HTTP and not HTTPS
So some one using the api end point POST his email.
REQUEST: curl --location --request POST 'http://127.0.0.1:8000/api/openlogin' \ --header 'Content-Type: application/json' \ --data-raw '{ "email":"test13@test.com", }' Now i am generating a random 6 digit number eg: 435667 and an email will be sent to test13@test.com
send_mail('PIN TO VERIFY','ENTER THE PIN 435667',None,[test13@test.com]) Send the HMAC value of 435667 as a response to this api
raw = '435667'.encode("utf-8") key = 'SOME_SECRET_KEY'.encode('utf-8') hashed = hmac.new(key, raw, hashlib.sha1) pin_hmac_hash = base64.encodebytes(hashed.digest()).decode('utf-8') eg: pin_hmac_hash = "SOME_HMAC_HASH_OF_PIN" So the response for /api/openlogin will be
{ 'email': 'test13@test.com' 'pin': "SOME_HMAC_HASH_OF_PIN" } Now the user sends me back the pin along with the HMAC hash in the response
curl --location --request POST 'http://127.0.0.1:8000/api/verifypin' \ --header 'Content-Type: application/json' \ --data-raw '{ 'pin': "SOME_HMAC_HASH_OF_PIN", 'email': 'test13@test.com', 'emailed_pin':'435667' }' Will someone guess the pin from SOME_HMAC_HASH_OF_PIN.
Ofcourse i will further try to autenticate the api using JWT token. So the email cannot be tampered
This is an example of PIN but it can be any string of sensitive information. Can i rely on hmac