diff --git a/lib/classes/api/abstract.ApiCommand.php b/lib/classes/api/abstract.ApiCommand.php
index 333985d5..ee8f1a90 100644
--- a/lib/classes/api/abstract.ApiCommand.php
+++ b/lib/classes/api/abstract.ApiCommand.php
@@ -60,6 +60,34 @@ abstract class ApiCommand
 	 */
 	private $cmd_params = null;
 
+	/**
+	 * language strings array
+	 *
+	 * @var array
+	 */
+	protected $lng = null;
+
+	/**
+	 * froxlor version
+	 *
+	 * @var string
+	 */
+	protected $version = null;
+
+	/**
+	 * froxlor dbversion
+	 *
+	 * @var int
+	 */
+	protected $dbversion = null;
+
+	/**
+	 * froxlor version-branding
+	 *
+	 * @var string
+	 */
+	protected $branding = null;
+
 	/**
 	 *
 	 * @param array $header
@@ -73,8 +101,11 @@ abstract class ApiCommand
 	 */
 	public function __construct($header = null, $params = null, $userinfo = null)
 	{
-		global $lng;
-		
+		global $lng, $version, $dbversion, $branding;
+
+		$this->version = $version;
+		$this->dbversion = $dbversion;
+		$this->branding = $branding;
 		$this->cmd_params = $params;
 		if (! empty($header)) {
 			$this->readUserData($header);
@@ -93,6 +124,7 @@ abstract class ApiCommand
 		}
 
 		$this->initLang();
+		$this->lng = $lng;
 		$this->initMail();
 		
 		if ($this->debug) {
diff --git a/lib/classes/api/commands/class.Admins.php b/lib/classes/api/commands/class.Admins.php
index 4c66592d..88ee04e1 100644
--- a/lib/classes/api/commands/class.Admins.php
+++ b/lib/classes/api/commands/class.Admins.php
@@ -438,37 +438,37 @@ class Admins extends ApiCommand implements ResourceEntity
 				// than actually used by the admin/reseller
 				$res_warning = "";
 				if ($customers != $result['customers'] && $customers != -1 && $customers < $result['customers_used']) {
-					$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'customers');
+					$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'customers');
 				}
 				if ($domains != $result['domains'] && $domains != -1 && $domains < $result['domains_used']) {
-					$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'domains');
+					$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'domains');
 				}
 				if ($diskspace != $result['diskspace'] && ($diskspace / 1024) != -1 && $diskspace < $result['diskspace_used']) {
-					$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'diskspace');
+					$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'diskspace');
 				}
 				if ($traffic != $result['traffic'] && ($traffic / 1024 / 1024) != -1 && $traffic < $result['traffic_used']) {
-					$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'traffic');
+					$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'traffic');
 				}
 				if ($emails != $result['emails'] && $emails != -1 && $emails < $result['emails_used']) {
-					$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'emails');
+					$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'emails');
 				}
 				if ($email_accounts != $result['email_accounts'] && $email_accounts != -1 && $email_accounts < $result['email_accounts_used']) {
-					$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email accounts');
+					$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'email accounts');
 				}
 				if ($email_forwarders != $result['email_forwarders'] && $email_forwarders != -1 && $email_forwarders < $result['email_forwarders_used']) {
-					$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email forwarders');
+					$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'email forwarders');
 				}
 				if ($email_quota != $result['email_quota'] && $email_quota != -1 && $email_quota < $result['email_quota_used']) {
-					$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email quota');
+					$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'email quota');
 				}
 				if ($ftps != $result['ftps'] && $ftps != -1 && $ftps < $result['ftps_used']) {
-					$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'ftps');
+					$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'ftps');
 				}
 				if ($tickets != $result['tickets'] && $tickets != -1 && $tickets < $result['tickets_used']) {
-					$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'tickets');
+					$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'tickets');
 				}
 				if ($mysqls != $result['mysqls'] && $mysqls != -1 && $mysqls < $result['mysqls_used']) {
-					$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'mysqls');
+					$res_warning .= sprintf($this->lng['error']['setlessthanalreadyused'], 'mysqls');
 				}
 
 				if (!empty($res_warning)) {
diff --git a/lib/classes/api/commands/class.Customers.php b/lib/classes/api/commands/class.Customers.php
index 339631b2..26ae4568 100644
--- a/lib/classes/api/commands/class.Customers.php
+++ b/lib/classes/api/commands/class.Customers.php
@@ -97,8 +97,6 @@ class Customers extends ApiCommand implements ResourceEntity
 
 	public function add()
 	{
-		global $lng;
-		
 		if ($this->isAdmin()) {
 			if ($this->getUserDetail('customers_used') < $this->getUserDetail('customers') || $this->getUserDetail('customers') == '-1') {
 				
@@ -600,7 +598,7 @@ class Customers extends ApiCommand implements ResourceEntity
 							'adminid' => $this->getUserDetail('adminid'),
 							'deflang' => $def_language
 						), true, true);
-						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['createcustomer']['subject']), $replace_arr));
+						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $this->lng['mails']['createcustomer']['subject']), $replace_arr));
 						
 						$result_stmt = Database::prepare("
 						SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
@@ -609,7 +607,7 @@ class Customers extends ApiCommand implements ResourceEntity
 							'adminid' => $this->getUserDetail('adminid'),
 							'deflang' => $def_language
 						), true, true);
-						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['createcustomer']['mailbody']), $replace_arr));
+						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $this->lng['mails']['createcustomer']['mailbody']), $replace_arr));
 						
 						$_mailerror = false;
 						try {
diff --git a/lib/classes/api/commands/class.FpmDaemons.php b/lib/classes/api/commands/class.FpmDaemons.php
index 205d6be8..c604e53c 100644
--- a/lib/classes/api/commands/class.FpmDaemons.php
+++ b/lib/classes/api/commands/class.FpmDaemons.php
@@ -52,7 +52,7 @@ class FpmDaemons extends ApiCommand implements ResourceEntity
 				}
 				
 				if (empty($configs)) {
-					$configs[] = $lng['admin']['phpsettings']['notused'];
+					$configs[] = $this->lng['admin']['phpsettings']['notused'];
 				}
 				
 				$row['configs'] = $configs;
diff --git a/lib/classes/api/commands/class.Froxlor.php b/lib/classes/api/commands/class.Froxlor.php
index 8483e5a5..21c0951e 100644
--- a/lib/classes/api/commands/class.Froxlor.php
+++ b/lib/classes/api/commands/class.Froxlor.php
@@ -26,14 +26,12 @@ class Froxlor extends ApiCommand
 	 */
 	public function checkUpdate()
 	{
-		global $version, $branding;
-		
 		if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) {
 			// log our actions
 			$this->logger()->logAction(ADM_ACTION, LOG_NOTICE, "[API] checking for updates");
 			
 			// check for new version
-			define('UPDATE_URI', "https://version.froxlor.org/Froxlor/api/" . $version);
+			define('UPDATE_URI', "https://version.froxlor.org/Froxlor/api/" . $this->version);
 			$latestversion = HttpClient::urlGet(UPDATE_URI);
 			$latestversion = explode('|', $latestversion);
 			
@@ -44,7 +42,7 @@ class Froxlor extends ApiCommand
 				
 				// add the branding so debian guys are not gettings confused
 				// about their version-number
-				$version_label = $_version . $branding;
+				$version_label = $_version . $this->branding;
 				$version_link = $_link;
 				$message_addinfo = $_message;
 				
@@ -53,7 +51,7 @@ class Froxlor extends ApiCommand
 					// check for customized version to not output
 					// "There is a newer version of froxlor" besides the error-message
 					$isnewerversion = - 1;
-				} elseif (version_compare2($version, $_version) == - 1) {
+				} elseif (version_compare2($this->version, $_version) == - 1) {
 					// there is a newer version - yay
 					$isnewerversion = 1;
 				} else {
@@ -64,7 +62,7 @@ class Froxlor extends ApiCommand
 				// anzeige über version-status mit ggfls. formular
 				// zum update schritt #1 -> download
 				if ($isnewerversion == 1) {
-					$text = 'There is a newer version available: "' . $_version . '" (Your current version is: ' . $version . ')';
+					$text = 'There is a newer version available: "' . $_version . '" (Your current version is: ' . $this->version . ')';
 					return $this->response(200, "successfull", array(
 						'message' => $text,
 						'link' => $version_link,
@@ -82,13 +80,15 @@ class Froxlor extends ApiCommand
 	}
 
 	/**
-	 * @TODO import settings
+	 *
+	 * @todo import settings
 	 */
 	public function importSettings()
 	{}
 
 	/**
-	 * @TODO export settings to file
+	 *
+	 * @todo export settings to file
 	 */
 	public function exportSettings()
 	{}
@@ -100,21 +100,24 @@ class Froxlor extends ApiCommand
 	 */
 	public function listSettings()
 	{
-		$sel_stmt = Database::prepare("
-			SELECT * FROM `" . TABLE_PANEL_SETTINGS . "` ORDER BY settinggroup ASC, varname ASC
-		");
-		Database::pexecute($sel_stmt, null, true, true);
-		$result = array();
-		while ($row = $sel_stmt->fetch(PDO::FETCH_ASSOC)) {
-			$result[] = array(
-				'key' => $row['settinggroup'] . '.' . $row['varname'],
-				'value' => $row['value']
-			);
+		if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) {
+			$sel_stmt = Database::prepare("
+				SELECT * FROM `" . TABLE_PANEL_SETTINGS . "` ORDER BY settinggroup ASC, varname ASC
+			");
+			Database::pexecute($sel_stmt, null, true, true);
+			$result = array();
+			while ($row = $sel_stmt->fetch(PDO::FETCH_ASSOC)) {
+				$result[] = array(
+					'key' => $row['settinggroup'] . '.' . $row['varname'],
+					'value' => $row['value']
+				);
+			}
+			return $this->response(200, "successfull", array(
+				'count' => count($result),
+				'list' => $result
+			));
 		}
-		return $this->response(200, "successfull", array(
-			'count' => count($result),
-			'list' => $result
-		));
+		throw new Exception("Not allowed to execute given command.", 403);
 	}
 
 	/**
@@ -122,7 +125,7 @@ class Froxlor extends ApiCommand
 	 *
 	 * @param string $key
 	 *        	settinggroup.varname couple
-	 *
+	 *        	
 	 * @throws Exception
 	 * @return string
 	 */
@@ -142,12 +145,15 @@ class Froxlor extends ApiCommand
 	 *        	settinggroup.varname couple
 	 * @param string $value
 	 *        	optional the new value, default is ''
-	 *
+	 *        	
 	 * @throws Exception
 	 * @return string
 	 */
 	public function updateSetting()
 	{
+		// currently not implemented as it required validation too so no wrong settings are being stored via API
+		throw new Exception("Not available yet.", 501);
+
 		if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) {
 			$setting = $this->getParam('key');
 			$value = $this->getParam('value', true, '');
diff --git a/lib/classes/api/commands/class.PhpSettings.php b/lib/classes/api/commands/class.PhpSettings.php
index 8d0a5dd8..db10ac8d 100644
--- a/lib/classes/api/commands/class.PhpSettings.php
+++ b/lib/classes/api/commands/class.PhpSettings.php
@@ -81,7 +81,7 @@ class PhpSettings extends ApiCommand implements ResourceEntity
 				}
 				
 				if (empty($domains)) {
-					$domains[] = $lng['admin']['phpsettings']['notused'];
+					$domains[] = $this->lng['admin']['phpsettings']['notused'];
 				}
 				
 				// check whether this is our default config