set version to 0.10.16 for upcoming release

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
try to fix travis irc notifications again
2020-05-01 16:27:23 +02:00 · 2020-04-30 20:10:52 +02:00 · 2020-04-30 20:03:54 +02:00 · 2020-04-30 19:49:20 +02:00 · 2020-04-30 13:03:19 +02:00 · 2020-04-28 07:59:37 +02:00
194 changed files with 9265 additions and 3406 deletions
--- a/.codecov.yml
+++ b/.codecov.yml
@@ -0,0 +1,4 @@
 codecov:
  notify:
    require_ci_to_pass: no
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -0,0 +1,4 @@
 # These are supported funding model platforms
 github: d00p
 custom: ['https://paypal.me/Froxlor']
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,7 @@
 install/update.log
 templates/*
 lib/userdata.inc.php
 lib/userdata.inc.php.bak
 logs/*
 !logs/index.html
 .buildpath
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,11 +1,9 @@
 language: php
-
+dist: bionic
 services:
  - docker
 php:
-#  - "5.4"
+  - 7.3
 #  - "5.6"
 #  - "7.0"
  - "7.1"
 #  - "7.2"
 branches:
  only:
@@ -14,47 +12,56 @@ branches:
 matrix:
  include:
- #   - php: 5.6
+    - php: 7.3
- #     env: deps=highest
+      env: "DOCKER_MYSQL_TYPE=mysql DOCKER_MYSQL_VERSION=5.6"
- #   - php: 5.4
+    - php: 7.3
- #     env: deps=lowest
+      env: "DOCKER_MYSQL_TYPE=mysql DOCKER_MYSQL_VERSION=5.7"
-    - php: 7.1
+    - php: 7.3
-      env: deps=highest
+      env: "DOCKER_MYSQL_TYPE=mysql DOCKER_MYSQL_VERSION=8.0 STARTCMD='mysqld --default-authentication-plugin=mysql_native_password'"
-
+    - php: 7.3
-mysql:
+      env: "DOCKER_MYSQL_TYPE=mariadb DOCKER_MYSQL_VERSION=10.3"
-  database: froxlor010
+    - php: 7.3
-  username: root
+      env: "DOCKER_MYSQL_TYPE=mariadb DOCKER_MYSQL_VERSION=10.4"
  encoding: utf8
 addons:
  apt:
    update: true
-# build.xml includes that
+before_install:
-#install:
+  - export MYSQL_DATABASE=froxlor010
-#  - composer install
+  - docker run -d --name mysql -e MYSQL_ROOT_PASSWORD=fr0xl0r.TravisCI -e MYSQL_DATABASE=$MYSQL_DATABASE -p 3306:3306 $DOCKER_MYSQL_TYPE:$DOCKER_MYSQL_VERSION $STARTCMD
  - sudo apt-get install -y ant
  - >
    export tries=0;
    export max_tries=20;
    while [[ true ]]; do
      tries=$((tries + 1));
      echo "waiting for database server to start up... [$tries]";
      sleep 5;
      # Now see that today's table is there, which would indicate that the cron job ran.
      mysql -h 127.0.0.1 --protocol=TCP -u root -pfr0xl0r.TravisCI -s -e 'SHOW VARIABLES LIKE "%version%";'
      look_exit=$?;
      if [[ "$look_exit" = "0" ]]; then echo "Database server successfully started"; break; fi;
      if [[ "$tries" -ge "$max_tries" ]]; then echo "Database server did not start in time"; exit 1; break; fi;
    done;
-service:
+install:
-  - mysql
+  - mysql -h 127.0.0.1 --protocol=TCP -u root -pfr0xl0r.TravisCI -e "CREATE DATABASE IF NOT EXISTS froxlor010;"
-
+  - mysql -h 127.0.0.1 --protocol=TCP -u root -pfr0xl0r.TravisCI -e "CREATE USER 'froxlor010'@'%' IDENTIFIED BY 'fr0xl0r.TravisCI';"
-before_script:
+  - mysql -h 127.0.0.1 --protocol=TCP -u root -pfr0xl0r.TravisCI -e "GRANT ALL ON froxlor010.* TO 'froxlor010'@'%';"
-  - mysql -e 'CREATE DATABASE IF NOT EXISTS froxlor010'
+  - mysql -h 127.0.0.1 --protocol=TCP -u root -pfr0xl0r.TravisCI froxlor010 < install/froxlor.sql
  - echo "USE mysql;\nUPDATE user SET password=PASSWORD('fr0xl0r.TravisCI') WHERE user='root';\nFLUSH PRIVILEGES;\n" | mysql -u root
  - mysql -u root -pfr0xl0r.TravisCI froxlor010 < install/froxlor.sql
  - mysql -u root -pfr0xl0r.TravisCI -e "CREATE USER 'froxlor010'@'localhost' IDENTIFIED BY 'fr0xl0r.TravisCI';"
  - mysql -u root -pfr0xl0r.TravisCI -e "GRANT ALL ON froxlor010.* TO 'froxlor010'@'localhost';"
 script:
-# sufficient for travis
+  - ant phpunit
-   - ant phpunit-no-coverage
+
-#  - ant full-build-parallel
+after_success:
-#      -Dpdepend=$(pwd)/vendor/bin/pdepend
+  - bash <(curl -s https://codecov.io/bash) -f "build/logs/clover.xml"
 #      -Dphpmd=$(pwd)/vendor/bin/phpmd
 #      -Dphpcpd=$(pwd)/vendor/bin/phpcpd
 #      -Dphpcs=$(pwd)/vendor/bin/phpcs
 #      -Dphploc=$(pwd)/vendor/bin/phploc
 #      -Dphpdox=$(pwd)/vendor/bin/phpdox
 #      -Dphpunit=$(pwd)/vendor/bin/phpunit
 notifications:
-  irc: "irc.freenode.org#froxlor"
+  irc: "chat.freenode.net#froxlor"
  webhooks:
    urls:
      - https://webhooks.gitter.im/e/bdf91d1c3f745e51f796
    on_success: always
    on_failure: always
    on_start: never
--- a/2fa.php
+++ b/2fa.php
@@ -38,7 +38,7 @@ if (AREA == 'admin') {
 }
 $success_message = "";
-$tfa = new \Froxlor\FroxlorTwoFactorAuth('Froxlor');
+$tfa = new \Froxlor\FroxlorTwoFactorAuth('Froxlor ' . Settings::Get('system.hostname'));
 // do the delete and then just show a success-message
 if ($action == 'delete') {
--- a/README.md
+++ b/README.md
@@ -1,4 +1,5 @@
 [![Build Status](https://travis-ci.com/Froxlor/Froxlor.svg?branch=master)](https://travis-ci.com/Froxlor/Froxlor)
 [![Gitter](https://badges.gitter.im/Froxlor/community.svg)](https://gitter.im/Froxlor/community?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge)
 # Froxlor
@@ -52,14 +53,21 @@ https://files.froxlor.org/releases/froxlor-latest.tar.gz [MD5](https://files.fro
 [HowTo](https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-on-debian)
-/etc/apt/sources.list.d/froxlor.list
+```
-> deb http://debian.froxlor.org {wheezy|jessie|stretch} main
+apt-get -y install apt-transport-https lsb-release ca-certificates
 wget -O - https://deb.froxlor.org/froxlor.gpg | apt-key add -
 echo "deb https://deb.froxlor.org/debian $(lsb_release -sc) main" > /etc/apt/sources.list.d/froxlor.list
 ```
-### Gentoo repository
+### Ubuntu repository
-[HowTo](https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-on-gentoo)
+[HowTo](https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-on-ubuntu)
-https://files.froxlor.org/gentoo/repositories.xml
+```
 apt-get -y install apt-transport-https lsb-release ca-certificates
 wget -O - https://deb.froxlor.org/froxlor.gpg | apt-key add -
 echo "deb https://deb.froxlor.org/ubuntu $(lsb_release -sc) main" > /etc/apt/sources.list.d/froxlor.list
 ```
 ## Contributing
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -0,0 +1,14 @@
 # Security Policy
 ## Supported Versions
 Our main and active version is currently 0.10.x. It will receive maintenance and security updates periodically. The older version 0.9.x will not receive any kind of updates. Please update to [0.10.x](https://github.com/Froxlor/Froxlor/wiki/Updating-Froxlor)
 | Version | Supported          |
 | ------- | ------------------ |
 | 0.10.x  | :white_check_mark: |
 |  0.9.x  | :x:                |
 ## Reporting a Vulnerability
 If you think you have found a vulnerability in froxlor, please send an email to [team@froxlor.org](mailto:team@froxlor.org) with as many information as possible. Also, please give us appropriate time to fix the issue and build update-packages before publishing anything into the wild.
--- a/actions/admin/settings/100.panel.php
+++ b/actions/admin/settings/100.panel.php
@@ -45,7 +45,7 @@ return array(
 					'settinggroup' => 'panel',
 					'varname' => 'default_theme',
 					'type' => 'option',
-					'default' => 'Froxlor',
+					'default' => 'Sparkle',
 					'option_mode' => 'one',
 					'option_options_method' => array(
 						'\\Froxlor\\UI\\Template',
--- a/actions/admin/settings/120.system.php
+++ b/actions/admin/settings/120.system.php
@@ -253,7 +253,23 @@ return array(
 					'type' => 'hiddenString',
 					'default' => '',
 					'save_method' => 'storeSettingField'
-				)
+				),
 				'system_apply_specialsettings_default' => array(
 					'label' => $lng['serversettings']['apply_specialsettings_default'],
 					'settinggroup' => 'system',
 					'varname' => 'apply_specialsettings_default',
 					'type' => 'bool',
 					'default' => true,
 					'save_method' => 'storeSettingField'
 				),
 				'system_apply_phpconfigs_default' => array(
 					'label' => $lng['serversettings']['apply_phpconfigs_default'],
 					'settinggroup' => 'system',
 					'varname' => 'apply_phpconfigs_default',
 					'type' => 'bool',
 					'default' => true,
 					'save_method' => 'storeSettingField'
 				),
 			)
 		)
 	)
--- a/actions/admin/settings/122.froxlorvhost.php
+++ b/actions/admin/settings/122.froxlorvhost.php
@@ -105,6 +105,30 @@ return array(
 						'hasVhostContainerEnabled'
 					), true)
 				),
 				'system_honorcipherorder' => array(
 					'label' => $lng['admin']['domain_honorcipherorder'],
 					'settinggroup' => 'system',
 					'varname' => 'honorcipherorder',
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					'visible' => \Froxlor\Settings::Get('system.use_ssl') && call_user_func(array(
 						'\Froxlor\Settings\FroxlorVhostSettings',
 						'hasVhostContainerEnabled'
 					), true)
 				),
 				'system_sessiontickets' => array(
 					'label' => $lng['admin']['domain_sessiontickets'],
 					'settinggroup' => 'system',
 					'varname' => 'sessiontickets',
 					'type' => 'bool',
 					'default' => true,
 					'save_method' => 'storeSettingField',
 					'visible' => \Froxlor\Settings::Get('system.use_ssl') && call_user_func(array(
 						'\Froxlor\Settings\FroxlorVhostSettings',
 						'hasVhostContainerEnabled'
 					), true)
 				),
 				/**
 				 * FCGID
 				 */
--- a/actions/admin/settings/130.webserver.php
+++ b/actions/admin/settings/130.webserver.php
@@ -173,7 +173,8 @@ return array(
 					'websrv_avail' => array(
 						'apache2',
 						'nginx'
-					)
+					),
 					'visible' => \Froxlor\Settings::Get('system.awstats_enabled') == 1
 				),
 				'system_logfiles_type' => array(
 					'label' => $lng['serversettings']['logfiles_type'],
@@ -250,6 +251,23 @@ return array(
 					'default' => '',
 					'save_method' => 'storeSettingField'
 				),
 				'system_default_sslvhostconf' => array(
 					'label' => $lng['serversettings']['default_sslvhostconf'],
 					'settinggroup' => 'system',
 					'varname' => 'default_sslvhostconf',
 					'type' => 'text',
 					'default' => '',
 					'save_method' => 'storeSettingField',
 					'visible' => \Froxlor\Settings::Get('system.use_ssl') == 1
 				),
 				'system_include_default_vhostconf' => array(
 					'label' => $lng['serversettings']['includedefault_sslvhostconf'],
 					'settinggroup' => 'system',
 					'varname' => 'include_default_vhostconf',
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField'
 				),
 				'system_apache_globaldiropt' => array(
 					'label' => $lng['serversettings']['apache_globaldiropt'],
 					'settinggroup' => 'system',
--- a/actions/admin/settings/131.ssl.php
+++ b/actions/admin/settings/131.ssl.php
@@ -54,6 +54,16 @@ return array(
 					'default' => 'ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128',
 					'save_method' => 'storeSettingField'
 				),
 				'system_tlsv13_cipher_list' => array(
 					'label' => $lng['serversettings']['ssl']['tlsv13_cipher_list'],
 					'settinggroup' => 'system',
 					'varname' => 'tlsv13_cipher_list',
 					'type' => 'string',
 					'string_emptyallowed' => true,
 					'default' => '',
 					'visible' => \Froxlor\Settings::Get('system.webserver') == "apache2" && \Froxlor\Settings::Get('system.apache24') == 1,
 					'save_method' => 'storeSettingField'
 				),
 				'system_ssl_cert_file' => array(
 					'label' => $lng['serversettings']['ssl']['ssl_cert_file'],
 					'settinggroup' => 'system',
@@ -105,6 +115,15 @@ return array(
 					'visible' => \Froxlor\Settings::Get('system.webserver') == "apache2" && \Froxlor\Settings::Get('system.apache24') == 1,
 					'save_method' => 'storeSettingField'
 				),
 				'system_sessionticketsenabled' => array(
 					'label' => $lng['admin']['domain_sessionticketsenabled'],
 					'settinggroup' => 'system',
 					'varname' => 'sessionticketsenabled',
 					'type' => 'bool',
 					'default' => true,
 					'save_method' => 'storeSettingField',
 					'visible' => \Froxlor\Settings::Get('system.use_ssl') && (\Froxlor\Settings::Get('system.webserver') == "nginx" || (\Froxlor\Settings::Get('system.webserver') == "apache2" && \Froxlor\Settings::Get('system.apache24') == 1))
 				),
 				'system_leenabled' => array(
 					'label' => $lng['serversettings']['leenabled'],
 					'settinggroup' => 'system',
@@ -128,10 +147,9 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'leapiversion',
 					'type' => 'option',
-					'default' => '1',
+					'default' => '2',
 					'option_mode' => 'one',
 					'option_options' => array(
 						'1' => 'ACME v1',
 						'2' => 'ACME v2'
 					),
 					'save_method' => 'storeSettingField'
@@ -141,10 +159,10 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'letsencryptca',
 					'type' => 'option',
-					'default' => 'testing',
+					'default' => 'production',
 					'option_mode' => 'one',
 					'option_options' => array(
-						'testing' => 'https://acme-staging' . (\Froxlor\Settings::Get('system.leapiversion') == '2' ? '-v02' : '') . '.api.letsencrypt.org (Test)',
+						'testing' => 'https://acme-staging-v0' . \Froxlor\Settings::Get('system.leapiversion') . '.api.letsencrypt.org (Test)',
 						'production' => 'https://acme-v0' . \Froxlor\Settings::Get('system.leapiversion') . '.api.letsencrypt.org (Live)'
 					),
 					'save_method' => 'storeSettingField'
@@ -196,11 +214,11 @@ return array(
 					'save_method' => 'storeSettingField'
 				),
 				'system_disable_le_selfcheck' => array(
-					'label' => $lng['serversettings']['disable_le_selfcheck'],
+					'label' => $lng['serversettings']['le_domain_dnscheck'],
 					'settinggroup' => 'system',
-					'varname' => 'disable_le_selfcheck',
+					'varname' => 'le_domain_dnscheck',
 					'type' => 'bool',
-					'default' => false,
+					'default' => true,
 					'save_method' => 'storeSettingField'
 				)
 			)
--- a/actions/admin/settings/136.phpfpm.php
+++ b/actions/admin/settings/136.phpfpm.php
@@ -99,7 +99,7 @@ return array(
 					'settinggroup' => 'phpfpm',
 					'varname' => 'use_mod_proxy',
 					'type' => 'bool',
-					'default' => false,
+					'default' => true,
 					'visible' => \Froxlor\Settings::Get('system.apache24'),
 					'save_method' => 'storeSettingField'
 				),
--- a/actions/admin/settings/140.statistics.php
+++ b/actions/admin/settings/140.statistics.php
@@ -33,7 +33,8 @@ return array(
 						1 => $lng['admin']['webalizer']['quiet'],
 						2 => $lng['admin']['webalizer']['veryquiet']
 					),
-					'save_method' => 'storeSettingField'
+					'save_method' => 'storeSettingField',
 					'visible' => \Froxlor\Settings::Get('system.awstats_enabled') == 0
 				),
 				'system_awstats_enabled' => array(
 					'label' => $lng['serversettings']['awstats_enabled'],
@@ -50,7 +51,8 @@ return array(
 					'type' => 'string',
 					'string_type' => 'dir',
 					'default' => '/usr/bin/',
-					'save_method' => 'storeSettingField'
+					'save_method' => 'storeSettingField',
 					'visible' => \Froxlor\Settings::Get('system.awstats_enabled') == 1
 				),
 				'system_awstats_awstatspath' => array(
 					'label' => $lng['serversettings']['awstats_awstatspath'],
@@ -59,7 +61,8 @@ return array(
 					'type' => 'string',
 					'string_type' => 'dir',
 					'default' => '/usr/bin/',
-					'save_method' => 'storeSettingField'
+					'save_method' => 'storeSettingField',
 					'visible' => \Froxlor\Settings::Get('system.awstats_enabled') == 1
 				),
 				'system_awstats_conf' => array(
 					'label' => $lng['serversettings']['awstats_conf'],
@@ -68,7 +71,8 @@ return array(
 					'type' => 'string',
 					'string_type' => 'dir',
 					'default' => '/etc/awstats/',
-					'save_method' => 'storeSettingField'
+					'save_method' => 'storeSettingField',
 					'visible' => \Froxlor\Settings::Get('system.awstats_enabled') == 1
 				),
 				'system_awstats_icons' => array(
 					'label' => $lng['serversettings']['awstats_icons'],
@@ -77,7 +81,17 @@ return array(
 					'type' => 'string',
 					'string_type' => 'dir',
 					'default' => '/usr/share/awstats/icon/',
-					'save_method' => 'storeSettingField'
+					'save_method' => 'storeSettingField',
 					'visible' => \Froxlor\Settings::Get('system.awstats_enabled') == 1
 				),
 				'system_awstats_logformat' => array(
 					'label' => $lng['serversettings']['awstats']['logformat'],
 					'settinggroup' => 'system',
 					'varname' => 'awstats_logformat',
 					'type' => 'string',
 					'default' => '1',
 					'save_method' => 'storeSettingField',
 					'visible' => \Froxlor\Settings::Get('system.awstats_enabled') == 1
 				)
 			)
 		)
--- a/actions/admin/settings/160.nameserver.php
+++ b/actions/admin/settings/160.nameserver.php
@@ -107,6 +107,22 @@ return array(
 					'default' => false,
 					'save_method' => 'storeSettingField'
 				),
 				'system_dns_createcaaentry' => array(
 					'label' => $lng['serversettings']['caa_entry'],
 					'settinggroup' => 'system',
 					'varname' => 'dns_createcaaentry',
 					'type' => 'bool',
 					'default' => true,
 					'save_method' => 'storeSettingField'
 				),
 				'caa_caa_entry' => array(
 					'label' => $lng['serversettings']['caa_entry_custom'],
 					'settinggroup' => 'caa',
 					'varname' => 'caa_entry',
 					'type' => 'text',
 					'default' => '',
 					'save_method' => 'storeSettingField'
 				),
 				'system_defaultttl' => array(
 					'label' => $lng['serversettings']['defaultttl'],
 					'settinggroup' => 'system',
--- a/admin_admins.php
+++ b/admin_admins.php
@@ -43,67 +43,71 @@ if ($page == 'admins' && $userinfo['change_serversettings'] == '1') {
 			'traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')',
 			'deactivated' => $lng['admin']['deactivated']
 		);
-		$paging = new \Froxlor\UI\Paging($userinfo, TABLE_PANEL_ADMINS, $fields);
+		try {
 			// get total count
 			$json_result = Admins::getLocal($userinfo)->listingCount();
 			$result = json_decode($json_result, true)['data'];
 			// initialize pagination and filtering
 			$paging = new \Froxlor\UI\Pagination($userinfo, $fields, $result);
 			// get list
 			$json_result = Admins::getLocal($userinfo, $paging->getApiCommandParams())->listing();
 		} catch (Exception $e) {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result = json_decode($json_result, true)['data'];
 		$admins = '';
 		$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_ADMINS . "` " . $paging->getSqlWhere(false) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$numrows_admins = Database::num_rows();
 		$paging->setEntries($numrows_admins);
 		$sortcode = $paging->getHtmlSortCode($lng, true);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$i = 0;
 		$count = 0;
 		$dec_places = Settings::Get('panel.decimal_places');
-		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+		foreach ($result['list'] as $row) {
-			if ($paging->checkDisplay($i)) {
+			$row['traffic_used'] = round($row['traffic_used'] / (1024 * 1024), $dec_places);
 			$row['traffic'] = round($row['traffic'] / (1024 * 1024), $dec_places);
 			$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $dec_places);
 			$row['diskspace'] = round($row['diskspace'] / 1024, $dec_places);
-				$row['traffic_used'] = round($row['traffic_used'] / (1024 * 1024), $dec_places);
+			// percent-values for progressbar
-				$row['traffic'] = round($row['traffic'] / (1024 * 1024), $dec_places);
+			// For Disk usage
-				$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $dec_places);
+			if ($row['diskspace'] > 0) {
-				$row['diskspace'] = round($row['diskspace'] / 1024, $dec_places);
+				$disk_percent = round(($row['diskspace_used'] * 100) / $row['diskspace'], 0);
-
+				$disk_doublepercent = round($disk_percent * 2, 2);
-				// percent-values for progressbar
+			} else {
-				// For Disk usage
+				$disk_percent = 0;
-				if ($row['diskspace'] > 0) {
+				$disk_doublepercent = 0;
 					$disk_percent = round(($row['diskspace_used'] * 100) / $row['diskspace'], 0);
 					$disk_doublepercent = round($disk_percent * 2, 2);
 				} else {
 					$disk_percent = 0;
 					$disk_doublepercent = 0;
 				}
 				// For Traffic usage
 				if ($row['traffic'] > 0) {
 					$traffic_percent = round(($row['traffic_used'] * 100) / $row['traffic'], 0);
 					$traffic_doublepercent = round($traffic_percent * 2, 2);
 				} else {
 					$traffic_percent = 0;
 					$traffic_doublepercent = 0;
 				}
 				// fix progress-bars if value is >100%
 				if ($disk_percent > 100) {
 					$disk_percent = 100;
 				}
 				if ($traffic_percent > 100) {
 					$traffic_percent = 100;
 				}
 				$row = \Froxlor\PhpHelper::strReplaceArray('-1', 'UL', $row, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps subdomains');
 				$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
 				$row['custom_notes'] = ($row['custom_notes'] != '') ? nl2br($row['custom_notes']) : '';
 				eval("\$admins.=\"" . \Froxlor\UI\Template::getTemplate("admins/admins_admin") . "\";");
 				$count ++;
 			}
-			$i ++;
+			// For Traffic usage
 			if ($row['traffic'] > 0) {
 				$traffic_percent = round(($row['traffic_used'] * 100) / $row['traffic'], 0);
 				$traffic_doublepercent = round($traffic_percent * 2, 2);
 			} else {
 				$traffic_percent = 0;
 				$traffic_doublepercent = 0;
 			}
 			// fix progress-bars if value is >100%
 			if ($disk_percent > 100) {
 				$disk_percent = 100;
 			}
 			if ($traffic_percent > 100) {
 				$traffic_percent = 100;
 			}
 			$row = \Froxlor\PhpHelper::strReplaceArray('-1', 'UL', $row, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps subdomains');
 			$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
 			$row['custom_notes'] = ($row['custom_notes'] != '') ? nl2br($row['custom_notes']) : '';
 			eval("\$admins.=\"" . \Froxlor\UI\Template::getTemplate("admins/admins_admin") . "\";");
 			$count ++;
 		}
-		$admincount = $numrows_admins;
+		$admincount = $paging->getEntries();
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate("admins/admins") . "\";");
 	} elseif ($action == 'su') {
--- a/admin_autoupdate.php
+++ b/admin_autoupdate.php
@@ -36,6 +36,15 @@ if (! extension_loaded('zip')) {
 	));
 }
 // 0.10.x requires 7.0 at least
 if (version_compare("7.0.0", PHP_VERSION, ">=")) {
 	\Froxlor\UI\Response::redirectTo($filename, array(
 		's' => $s,
 		'page' => 'error',
 		'errno' => 10
 	));
 }
 // display initial version check
 if ($page == 'overview') {
@@ -43,8 +52,11 @@ if ($page == 'overview') {
 	$log->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "checking auto-update");
 	// check for new version
-	$latestversion = HttpClient::urlGet(UPDATE_URI);
+	try {
-
+		$latestversion = HttpClient::urlGet(UPDATE_URI, true, 3);
 	} catch (\Exception $e) {
 		\Froxlor\UI\Response::dynamic_error("Version-check currently unavailable, please try again later");
 	}
 	$latestversion = explode('|', $latestversion);
 	if (is_array($latestversion) && count($latestversion) >= 1) {
@@ -175,6 +187,8 @@ elseif ($page == 'extract') {
 			$zip->close();
 			// success - remove unused archive
 			@unlink($localArchive);
 			// wait a bit before we redirect to be sure
 			sleep(2);
 		} else {
 			// error
 			\Froxlor\UI\Response::redirectTo($filename, array(
@@ -216,5 +230,6 @@ elseif ($page == 'error') {
 	// 7 = local archive does not exist
 	// 8 = could not extract archive
 	// 9 = checksum mismatch
 	// 10 = <php-7.0
 	\Froxlor\UI\Response::standard_error('autoupdate_' . $errno);
 }
--- a/admin_cronjobs.php
+++ b/admin_cronjobs.php
@@ -17,8 +17,7 @@
 define('AREA', 'admin');
 require './lib/init.php';
-use Froxlor\Database\Database;
+use Froxlor\Api\Commands\Cronjobs;
 use Froxlor\Api\Commands\Cronjobs as Cronjobs;
 if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
@@ -31,45 +30,47 @@ if ($page == 'cronjobs' || $page == 'overview') {
 		$log->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, 'viewed admin_cronjobs');
 		$fields = array(
 			'c.module' => 'Module',
 			'c.lastrun' => $lng['cron']['lastrun'],
 			'c.interval' => $lng['cron']['interval'],
 			'c.isactive' => $lng['cron']['isactive']
 		);
-		$paging = new \Froxlor\UI\Paging($userinfo, TABLE_PANEL_CRONRUNS, $fields);
+		try {
 			// get total count
 			$json_result = Cronjobs::getLocal($userinfo)->listingCount();
 			$result = json_decode($json_result, true)['data'];
 			// initialize pagination and filtering
 			$paging = new \Froxlor\UI\Pagination($userinfo, $fields, $result);
 			// get list
 			$json_result = Cronjobs::getLocal($userinfo, $paging->getApiCommandParams())->listing();
 		} catch (Exception $e) {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result = json_decode($json_result, true)['data'];
 		$crons = '';
 		$result_stmt = Database::prepare("SELECT `c`.* FROM `" . TABLE_PANEL_CRONRUNS . "` `c` ORDER BY `module` ASC, `cronfile` ASC");
 		Database::pexecute($result_stmt);
 		$paging->setEntries(Database::num_rows());
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$i = 0;
 		$count = 0;
 		$cmod = '';
-		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+		foreach ($result['list'] as $row) {
 			if ($cmod != $row['module']) {
 				$_mod = explode("/", $row['module']);
 				$module = ucfirst($_mod[1]);
 				eval("\$crons.=\"" . \Froxlor\UI\Template::getTemplate('cronjobs/cronjobs_cronjobmodule') . "\";");
 				$cmod = $row['module'];
 			}
-			if ($paging->checkDisplay($i)) {
+			$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
-				$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
+			$row['lastrun'] = date('d.m.Y H:i', $row['lastrun']);
 			$row['isactive'] = ((int) $row['isactive'] == 1) ? $lng['panel']['yes'] : $lng['panel']['no'];
 			$description = $lng['crondesc'][$row['desc_lng_key']];
-				$row['lastrun'] = date('d.m.Y H:i', $row['lastrun']);
+			eval("\$crons.=\"" . \Froxlor\UI\Template::getTemplate('cronjobs/cronjobs_cronjob') . "\";");
-				$row['isactive'] = ((int) $row['isactive'] == 1) ? $lng['panel']['yes'] : $lng['panel']['no'];
+			$count ++;
 				$description = $lng['crondesc'][$row['desc_lng_key']];
 				eval("\$crons.=\"" . \Froxlor\UI\Template::getTemplate('cronjobs/cronjobs_cronjob') . "\";");
 				$count ++;
 			}
 			$i ++;
 		}
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate('cronjobs/cronjobs') . "\";");
--- a/admin_customers.php
+++ b/admin_customers.php
@@ -35,6 +35,7 @@ if ($page == 'customers' && $userinfo['customers'] != '0') {
 		unset($_SESSION['requestData']);
 		$log->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "viewed admin_customers");
 		$fields = array(
 			'c.loginname' => $lng['login']['username'],
 			'a.loginname' => $lng['admin']['admin'],
@@ -47,106 +48,109 @@ if ($page == 'customers' && $userinfo['customers'] != '0') {
 			'c.traffic' => $lng['customer']['traffic'],
 			'c.traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')'
 		);
 		try {
 			// get total count
 			$json_result = Customers::getLocal($userinfo)->listingCount();
 			$result = json_decode($json_result, true)['data'];
 			// initialize pagination and filtering
 			$paging = new \Froxlor\UI\Pagination($userinfo, $fields, $result);
 			// get list
 			$json_result = Customers::getLocal($userinfo, $paging->getApiCommandParams())->listing();
 		} catch (Exception $e) {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result = json_decode($json_result, true)['data'];
 		$paging = new \Froxlor\UI\Paging($userinfo, TABLE_PANEL_CUSTOMERS, $fields);
 		$customers = '';
 		$result_stmt = Database::prepare("
 			SELECT `c`.*, `a`.`loginname` AS `adminname`
 			FROM `" . TABLE_PANEL_CUSTOMERS . "` `c`, `" . TABLE_PANEL_ADMINS . "` `a`
 			WHERE " . ($userinfo['customers_see_all'] ? '' : " `c`.`adminid` = :adminid AND ") . "
 			`c`.`adminid` = `a`.`adminid` " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		Database::pexecute($result_stmt, array(
 			'adminid' => $userinfo['adminid']
 		));
 		$num_rows = Database::num_rows();
 		$paging->setEntries($num_rows);
 		$sortcode = $paging->getHtmlSortCode($lng, true);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$i = 0;
 		$count = 0;
-		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+		foreach ($result['list'] as $row) {
-			if ($paging->checkDisplay($i)) {
+			$domains_stmt = Database::prepare("
 				SELECT COUNT(`id`) AS `domains`
 				FROM `" . TABLE_PANEL_DOMAINS . "`
 				WHERE `customerid` = :cid
 				AND `parentdomainid` = '0'
 				AND `id`<> :stdd
 			");
 			Database::pexecute($domains_stmt, array(
 				'cid' => $row['customerid'],
 				'stdd' => $row['standardsubdomain']
 			));
 			$domains = $domains_stmt->fetch(PDO::FETCH_ASSOC);
 			$row['domains'] = intval($domains['domains']);
 			$dec_places = Settings::Get('panel.decimal_places');
-				$domains_stmt = Database::prepare("
+			// get disk-space usages for web, mysql and mail
-					SELECT COUNT(`id`) AS `domains`
+			$usages_stmt = Database::prepare("
-					FROM `" . TABLE_PANEL_DOMAINS . "`
+				SELECT * FROM `" . TABLE_PANEL_DISKSPACE . "`
-					WHERE `customerid` = :cid
+				WHERE `customerid` = :cid
-					AND `parentdomainid` = '0'
+				ORDER BY `stamp` DESC LIMIT 1
-					AND `id`<> :stdd");
+			");
-				Database::pexecute($domains_stmt, array(
+			$usages = Database::pexecute_first($usages_stmt, array(
-					'cid' => $row['customerid'],
+				'cid' => $row['customerid']
-					'stdd' => $row['standardsubdomain']
+			));
 				));
 				$domains = $domains_stmt->fetch(PDO::FETCH_ASSOC);
 				$row['domains'] = intval($domains['domains']);
 				$dec_places = Settings::Get('panel.decimal_places');
 				// get disk-space usages for web, mysql and mail
 				$usages_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DISKSPACE . "` WHERE `customerid` = :cid ORDER BY `stamp` DESC LIMIT 1");
 				$usages = Database::pexecute_first($usages_stmt, array(
 					'cid' => $row['customerid']
 				));
 			if ($usages) {
 				$row['webspace_used'] = round($usages['webspace'] / 1024, $dec_places);
 				$row['mailspace_used'] = round($usages['mail'] / 1024, $dec_places);
 				$row['dbspace_used'] = round($usages['mysql'] / 1024, $dec_places);
 			} else {
 				$row['webspace_used'] = 0;
 				$row['mailspace_used'] = 0;
 				$row['dbspace_used'] = 0;
 			}
 			$row['traffic_used'] = round($row['traffic_used'] / (1024 * 1024), $dec_places);
 			$row['traffic'] = round($row['traffic'] / (1024 * 1024), $dec_places);
 			$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $dec_places);
 			$row['diskspace'] = round($row['diskspace'] / 1024, $dec_places);
 			$last_login = ((int) $row['lastlogin_succ'] == 0) ? $lng['panel']['neverloggedin'] : date('d.m.Y', $row['lastlogin_succ']);
-				$row['traffic_used'] = round($row['traffic_used'] / (1024 * 1024), $dec_places);
+			/**
-				$row['traffic'] = round($row['traffic'] / (1024 * 1024), $dec_places);
+			 * percent-values for progressbar
-				$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $dec_places);
+			 */
-				$row['diskspace'] = round($row['diskspace'] / 1024, $dec_places);
+			if ($row['diskspace'] > 0) {
-				$last_login = ((int) $row['lastlogin_succ'] == 0) ? $lng['panel']['neverloggedin'] : date('d.m.Y', $row['lastlogin_succ']);
+				$disk_percent = round(($row['diskspace_used'] * 100) / $row['diskspace'], 0);
-
+				$disk_doublepercent = round($disk_percent * 2, 2);
-				/**
+			} else {
-				 * percent-values for progressbar
+				$disk_percent = 0;
-				 */
+				$disk_doublepercent = 0;
-				// For Disk usage
+			}
-				if ($row['diskspace'] > 0) {
+			if ($row['traffic'] > 0) {
-					$disk_percent = round(($row['diskspace_used'] * 100) / $row['diskspace'], 0);
+				$traffic_percent = round(($row['traffic_used'] * 100) / $row['traffic'], 0);
-					$disk_doublepercent = round($disk_percent * 2, 2);
+				$traffic_doublepercent = round($traffic_percent * 2, 2);
-				} else {
+			} else {
-					$disk_percent = 0;
+				$traffic_percent = 0;
-					$disk_doublepercent = 0;
+				$traffic_doublepercent = 0;
 				}
 				if ($row['traffic'] > 0) {
 					$traffic_percent = round(($row['traffic_used'] * 100) / $row['traffic'], 0);
 					$traffic_doublepercent = round($traffic_percent * 2, 2);
 				} else {
 					$traffic_percent = 0;
 					$traffic_doublepercent = 0;
 				}
 				$islocked = 0;
 				if ($row['loginfail_count'] >= Settings::Get('login.maxloginattempts') && $row['lastlogin_fail'] > (time() - Settings::Get('login.deactivatetime'))) {
 					$islocked = 1;
 				}
 				$row = \Froxlor\PhpHelper::strReplaceArray('-1', 'UL', $row, 'diskspace traffic mysqls emails email_accounts email_forwarders ftps subdomains');
 				$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
 				// fix progress-bars if value is >100%
 				if ($disk_percent > 100) {
 					$disk_percent = 100;
 				}
 				if ($traffic_percent > 100) {
 					$traffic_percent = 100;
 				}
 				$row['custom_notes'] = ($row['custom_notes'] != '') ? nl2br($row['custom_notes']) : '';
 				eval("\$customers.=\"" . \Froxlor\UI\Template::getTemplate("customers/customers_customer") . "\";");
 				$count ++;
 			}
-			$i ++;
+			$islocked = 0;
 			if ($row['loginfail_count'] >= Settings::Get('login.maxloginattempts') && $row['lastlogin_fail'] > (time() - Settings::Get('login.deactivatetime'))) {
 				$islocked = 1;
 			}
 			$row = \Froxlor\PhpHelper::strReplaceArray('-1', 'UL', $row, 'diskspace traffic mysqls emails email_accounts email_forwarders ftps subdomains');
 			$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
 			// fix progress-bars if value is >100%
 			if ($disk_percent > 100) {
 				$disk_percent = 100;
 			}
 			if ($traffic_percent > 100) {
 				$traffic_percent = 100;
 			}
 			$row['custom_notes'] = ($row['custom_notes'] != '') ? nl2br($row['custom_notes']) : '';
 			eval("\$customers.=\"" . \Froxlor\UI\Template::getTemplate("customers/customers_customer") . "\";");
 			$count ++;
 		}
-		$customercount = $num_rows;
+		$customercount = $paging->getEntries();
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate("customers/customers") . "\";");
 	} elseif ($action == 'su' && $id != 0) {
 		try {
--- a/admin_domains.php
+++ b/admin_domains.php
@@ -21,6 +21,7 @@ require './lib/init.php';
 use Froxlor\Database\Database;
 use Froxlor\Settings;
 use Froxlor\Api\Commands\Customers as Customers;
 use Froxlor\Api\Commands\Domains as Domains;
 if (isset($_POST['id'])) {
@@ -31,91 +32,55 @@ if (isset($_POST['id'])) {
 if ($page == 'domains' || $page == 'overview') {
 	// Let's see how many customers we have
-	$stmt = Database::prepare("
+	$json_result = Customers::getLocal($userinfo)->listingCount();
-		SELECT COUNT(`customerid`) as `countcustomers` FROM `" . TABLE_PANEL_CUSTOMERS . "` " . ($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = :adminid"));
+	$countcustomers = json_decode($json_result, true)['data'];
 	$params = array();
 	if ($userinfo['customers_see_all'] == '0') {
 		$params['adminid'] = $userinfo['adminid'];
 	}
 	$countcustomers = Database::pexecute_first($stmt, $params);
 	$countcustomers = (int) $countcustomers['countcustomers'];
 	if ($action == '') {
 		$log->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "viewed admin_domains");
 		$fields = array(
-			'd.domain' => $lng['domains']['domainname'],
+			'd.domain_ace' => $lng['domains']['domainname'],
 			'c.name' => $lng['customer']['name'],
 			'c.firstname' => $lng['customer']['firstname'],
 			'c.company' => $lng['customer']['company'],
 			'c.loginname' => $lng['login']['username'],
 			'd.aliasdomain' => $lng['domains']['aliasdomain']
 		);
-		$paging = new \Froxlor\UI\Paging($userinfo, TABLE_PANEL_DOMAINS, $fields);
+		try {
-		$domains = "";
+			// get total count
-		$result_stmt = Database::prepare("
+			$json_result = Domains::getLocal($userinfo)->listingCount();
-			SELECT `d`.*, `c`.`loginname`, `c`.`deactivated`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`standardsubdomain`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`
+			$result = json_decode($json_result, true)['data'];
-			FROM `" . TABLE_PANEL_DOMAINS . "` `d`
+			// initialize pagination and filtering
-			LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`)
+			$paging = new \Froxlor\UI\Pagination($userinfo, $fields, $result);
-			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id`
+			// get list
-			WHERE `d`.`parentdomainid`='0' " . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = :adminid ") . " " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+			$json_result = Domains::getLocal($userinfo, $paging->getApiCommandParams())->listing();
-		$params = array();
+		} catch (Exception $e) {
-		if ($userinfo['customers_see_all'] == '0') {
+			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 			$params['adminid'] = $userinfo['adminid'];
 		}
-		Database::pexecute($result_stmt, $params);
+		$result = json_decode($json_result, true)['data'];
-		$numrows_domains = Database::num_rows();
+
-		$paging->setEntries($numrows_domains);
+		$domains = '';
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$domain_array = array();
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			formatDomainEntry($row, $idna_convert);
 			if (! isset($domain_array[$row['domain']])) {
 				$domain_array[$row['domain']] = $row;
 			} else {
 				$domain_array[$row['domain']] = array_merge($row, $domain_array[$row['domain']]);
 			}
 			if (isset($row['aliasdomainid']) && $row['aliasdomainid'] != null && isset($row['aliasdomain']) && $row['aliasdomain'] != '') {
 				if (! isset($domain_array[$row['aliasdomain']])) {
 					$domain_array[$row['aliasdomain']] = array();
 				}
 				$domain_array[$row['aliasdomain']]['domainaliasid'] = $row['id'];
 				$domain_array[$row['aliasdomain']]['domainalias'] = $row['domain'];
 			}
 		}
 		/**
 		 * We need ksort/krsort here to make sure idna-domains are also sorted correctly
 		 */
 		if ($paging->sortfield == 'd.domain' && $paging->sortorder == 'asc') {
 			ksort($domain_array);
 		} elseif ($paging->sortfield == 'd.domain' && $paging->sortorder == 'desc') {
 			krsort($domain_array);
 		}
 		$i = 0;
 		$count = 0;
-		foreach ($domain_array as $row) {
+		foreach ($result['list'] as $row) {
-
+			formatDomainEntry($row, $idna_convert);
-			if (isset($row['domain']) && $row['domain'] != '' && $paging->checkDisplay($i)) {
+			$row['customername'] = \Froxlor\User::getCorrectFullUserDetails($row);
-				$row['customername'] = \Froxlor\User::getCorrectFullUserDetails($row);
+			$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
-				$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
+			// display a nice list of IP's if it's not an alias for another domain
-				// display a nice list of IP's
+			if (isset($row['aliasdomainid']) && $row['aliasdomainid'] != null && isset($row['aliasdomain']) && $row['aliasdomain'] != '') {
 				$row['ipandport'] = sprintf($lng['domains']['isaliasdomainof'], $row['aliasdomain']);
 			} else {
 				$row['ipandport'] = str_replace("\n", "<br />", $row['ipandport']);
 				eval("\$domains.=\"" . \Froxlor\UI\Template::getTemplate("domains/domains_domain") . "\";");
 				$count ++;
 			}
-			$i ++;
+			eval("\$domains.=\"" . \Froxlor\UI\Template::getTemplate("domains/domains_domain") . "\";");
 			$count++;
 		}
-		$domainscount = $numrows_domains;
+		$domainscount = $paging->getEntries();
 		// Display the list
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate("domains/domains") . "\";");
@@ -416,6 +381,10 @@ if ($page == 'domains' || $page == 'overview') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				try {
 					// remove ssl ip/ports if set is empty
 					if (!isset($_POST['ssl_ipandport']) || empty($_POST['ssl_ipandport'])) {
 						$_POST['remove_ssl_ipandport'] = true;
 					}
 					Domains::getLocal($userinfo, $_POST)->update();
 				} catch (Exception $e) {
 					\Froxlor\UI\Response::dynamic_error($e->getMessage());
@@ -717,18 +686,8 @@ function formatDomainEntry(&$row, &$idna_convert)
 	$row['domain'] = $idna_convert->decode($row['domain']);
 	$row['aliasdomain'] = $idna_convert->decode($row['aliasdomain']);
 	$resultips_stmt = Database::prepare("
 		SELECT `ips`.* FROM `" . TABLE_DOMAINTOIP . "` AS `dti`, `" . TABLE_PANEL_IPSANDPORTS . "` AS `ips`
 		WHERE `dti`.`id_ipandports` = `ips`.`id` AND `dti`.`id_domain` = :domainid
 	");
 	Database::pexecute($resultips_stmt, array(
 		'domainid' => $row['id']
 	));
 	$row['ipandport'] = '';
-	while ($rowip = $resultips_stmt->fetch(PDO::FETCH_ASSOC)) {
+	foreach ($row['ipsandports'] as $rowip) {
 		if (filter_var($rowip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
 			$row['ipandport'] .= '[' . $rowip['ip'] . ']:' . $rowip['port'] . "\n";
 		} else {
--- a/admin_index.php
+++ b/admin_index.php
@@ -387,8 +387,6 @@ if ($page == 'overview') {
 	}
 } elseif ($page == 'apikeys' && Settings::Get('api.enabled') == 1) {
 	require_once __DIR__ . '/api_keys.php';
 } elseif ($page == 'apihelp' && Settings::Get('api.enabled') == 1) {
 	require_once __DIR__ . '/apihelp.php';
 } elseif ($page == '2fa' && Settings::Get('2fa.enabled') == 1) {
 	require_once __DIR__ . '/2fa.php';
 }
--- a/admin_ipsandports.php
+++ b/admin_ipsandports.php
@@ -19,9 +19,8 @@
 define('AREA', 'admin');
 require './lib/init.php';
 use Froxlor\Database\Database;
 use Froxlor\Settings;
-use Froxlor\Api\Commands\IpsAndPorts as IpsAndPorts;
+use Froxlor\Api\Commands\IpsAndPorts;
 if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
@@ -43,29 +42,33 @@ if ($page == 'ipsandports' || $page == 'overview') {
 			'ip' => $lng['admin']['ipsandports']['ip'],
 			'port' => $lng['admin']['ipsandports']['port']
 		);
-		$paging = new \Froxlor\UI\Paging($userinfo, TABLE_PANEL_IPSANDPORTS, $fields);
+		try {
 			// get total count
 			$json_result = IpsAndPorts::getLocal($userinfo)->listingCount();
 			$result = json_decode($json_result, true)['data'];
 			// initialize pagination and filtering
 			$paging = new \Froxlor\UI\Pagination($userinfo, $fields, $result);
 			// get list
 			$json_result = IpsAndPorts::getLocal($userinfo, $paging->getApiCommandParams())->listing();
 		} catch (Exception $e) {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result = json_decode($json_result, true)['data'];
 		$ipsandports = '';
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` " . $paging->getSqlWhere(false) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		Database::pexecute($result_stmt);
 		$paging->setEntries(Database::num_rows());
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$i = 0;
 		$count = 0;
-		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+		foreach ($result['list'] as $row) {
-
+			$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
-			if ($paging->checkDisplay($i)) {
+			if (filter_var($row['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
-				$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
+				$row['ip'] = '[' . $row['ip'] . ']';
 				if (filter_var($row['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
 					$row['ip'] = '[' . $row['ip'] . ']';
 				}
 				eval("\$ipsandports.=\"" . \Froxlor\UI\Template::getTemplate("ipsandports/ipsandports_ipandport") . "\";");
 				$count ++;
 			}
-			$i ++;
+			eval("\$ipsandports.=\"" . \Froxlor\UI\Template::getTemplate("ipsandports/ipsandports_ipandport") . "\";");
 			$count ++;
 		}
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate("ipsandports/ipsandports") . "\";");
 	} elseif ($action == 'delete' && $id != 0) {
@@ -157,5 +160,14 @@ if ($page == 'ipsandports' || $page == 'overview') {
 				eval("echo \"" . \Froxlor\UI\Template::getTemplate("ipsandports/ipsandports_edit") . "\";");
 			}
 		}
 	} elseif ($action == 'jqCheckIP') {
 		$ip = $_POST['ip'] ?? "";
 		if ((filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) || filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) && filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE | FILTER_FLAG_NO_PRIV_RANGE) == false) {
 			// returns notice if private network detected so we can display it
 			echo json_encode($lng['admin']['ipsandports']['ipnote']);
 		} else {
 			echo 0;
 		}
 		exit();
 	}
 }
--- a/admin_logger.php
+++ b/admin_logger.php
@@ -19,7 +19,7 @@
 define('AREA', 'admin');
 require './lib/init.php';
-use Froxlor\Database\Database;
+use Froxlor\Api\Commands\SysLog;
 if ($page == 'log' && $userinfo['change_serversettings'] == '1') {
 	if ($action == '') {
@@ -29,20 +29,25 @@ if ($page == 'log' && $userinfo['change_serversettings'] == '1') {
 			'user' => $lng['logger']['user'],
 			'text' => $lng['logger']['action']
 		);
-		$paging = new \Froxlor\UI\Paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc', 30);
+		try {
-		$query = 'SELECT * FROM `' . TABLE_PANEL_LOG . '` ' . $paging->getSqlWhere(false) . ' ' . $paging->getSqlOrderBy();
+			// get total count
-		$result_stmt = Database::query($query . ' ' . $paging->getSqlLimit());
+			$json_result = SysLog::getLocal($userinfo)->listingCount();
-		$result_cnt_stmt = Database::query($query);
+			$result = json_decode($json_result, true)['data'];
-		$logs_count = $result_cnt_stmt->rowCount();
+			// initialize pagination and filtering
-		$paging->setEntries($logs_count);
+			$paging = new \Froxlor\UI\Pagination($userinfo, $fields, $result);
 			// get list
 			$json_result = SysLog::getLocal($userinfo, $paging->getApiCommandParams())->listing();
 		} catch (Exception $e) {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result = json_decode($json_result, true)['data'];
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$clog = array();
-		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+		foreach ($result['list'] as $row) {
 			if (! isset($clog[$row['action']]) || ! is_array($clog[$row['action']])) {
 				$clog[$row['action']] = array();
 			}
@@ -55,7 +60,6 @@ if ($page == 'log' && $userinfo['change_serversettings'] == '1') {
 			ksort($clog);
 		}
 		$i = 0;
 		$count = 0;
 		$log_count = 0;
 		$log = '';
@@ -83,7 +87,7 @@ if ($page == 'log' && $userinfo['change_serversettings'] == '1') {
 						case \Froxlor\FroxlorLogger::LOGIN_ACTION:
 							$_action = $lng['logger']['login'];
 							break;
-						case LOG_ERROR:
+						case \Froxlor\FroxlorLogger::LOG_ERROR:
 							$_action = $lng['logger']['intern'];
 							break;
 						default:
@@ -100,23 +104,20 @@ if ($page == 'log' && $userinfo['change_serversettings'] == '1') {
 				eval("\$log.=\"" . \Froxlor\UI\Template::getTemplate('logger/logger_log') . "\";");
 				$count ++;
 				$_action = $action;
 				// }
 				$i ++;
 			}
 			$i ++;
 		}
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate('logger/logger') . "\";");
 	} elseif ($action == 'truncate') {
 		if (isset($_POST['send']) && $_POST['send'] == 'send') {
-			$truncatedate = time() - (60 * 10);
+			try {
-			$trunc_stmt = Database::prepare("
+				SysLog::getLocal($userinfo, array(
-				DELETE FROM `" . TABLE_PANEL_LOG . "` WHERE `date` < :trunc");
+					'min_to_keep' => 10
-			Database::pexecute($trunc_stmt, array(
+				))->delete();
-				'trunc' => $truncatedate
+			} catch (Exception $e) {
-			));
+				\Froxlor\UI\Response::dynamic_error($e->getMessage());
-			$log->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, 'truncated the system-log (mysql)');
+			}
 			\Froxlor\UI\Response::redirectTo($filename, array(
 				'page' => $page,
 				's' => $s
--- a/admin_phpsettings.php
+++ b/admin_phpsettings.php
@@ -52,7 +52,7 @@ if ($page == 'overview') {
 				$domains = "";
 				$subdomains_count = count($row['subdomains']);
 				foreach ($row['domains'] as $configdomain) {
-					$domains .= $configdomain . "<br>";
+					$domains .= $idna_convert->decode($configdomain) . "<br>";
 				}
 				$count ++;
 				if ($subdomains_count == 0 && empty($domains)) {
@@ -81,8 +81,16 @@ if ($page == 'overview') {
 				));
 			} else {
-				$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = 1");
+				if (file_exists(\Froxlor\Froxlor::getInstallDir() . '/templates/misc/php/default.ini.php')) {
-				$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+					require_once \Froxlor\Froxlor::getInstallDir() . '/templates/misc/php/default.ini.php';
 					$result = [
 						'phpsettings' => DEFAULT_PHPINI
 					];
 				} else {
 					// use first php-config as fallback
 					$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = 1");
 					$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
 				}
 				$fpmconfigs = '';
 				$configs = Database::query("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` ORDER BY `description` ASC");
@@ -90,9 +98,9 @@ if ($page == 'overview') {
 					$fpmconfigs .= \Froxlor\UI\HTML::makeoption($row['description'], $row['id'], 1, true, true);
 				}
-				$pm_select = \Froxlor\UI\HTML::makeoption('static', 'static', 'static', true, true);
+				$pm_select = \Froxlor\UI\HTML::makeoption('static', 'static', 'dynamic', true, true);
-				$pm_select .= \Froxlor\UI\HTML::makeoption('dynamic', 'dynamic', 'static', true, true);
+				$pm_select .= \Froxlor\UI\HTML::makeoption('dynamic', 'dynamic', 'dynamic', true, true);
-				$pm_select .= \Froxlor\UI\HTML::makeoption('ondemand', 'ondemand', 'static', true, true);
+				$pm_select .= \Froxlor\UI\HTML::makeoption('ondemand', 'ondemand', 'dynamic', true, true);
 				$phpconfig_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php';
 				$phpconfig_add_form = \Froxlor\UI\HtmlForm::genHTMLForm($phpconfig_add_data);
@@ -234,9 +242,9 @@ if ($page == 'overview') {
 				));
 			} else {
-				$pm_select = \Froxlor\UI\HTML::makeoption('static', 'static', 'static', true, true);
+				$pm_select = \Froxlor\UI\HTML::makeoption('static', 'static', 'dynamic', true, true);
-				$pm_select .= \Froxlor\UI\HTML::makeoption('dynamic', 'dynamic', 'static', true, true);
+				$pm_select .= \Froxlor\UI\HTML::makeoption('dynamic', 'dynamic', 'dynamic', true, true);
-				$pm_select .= \Froxlor\UI\HTML::makeoption('ondemand', 'ondemand', 'static', true, true);
+				$pm_select .= \Froxlor\UI\HTML::makeoption('ondemand', 'ondemand', 'dynamic', true, true);
 				$fpmconfig_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php';
 				$fpmconfig_add_form = \Froxlor\UI\HtmlForm::genHTMLForm($fpmconfig_add_data);
--- a/admin_plans.php
+++ b/admin_plans.php
@@ -17,6 +17,7 @@
 define('AREA', 'admin');
 require './lib/init.php';
 use Froxlor\Api\Commands\HostingPlans;
 use Froxlor\Database\Database;
 use Froxlor\Settings;
@@ -37,54 +38,56 @@ if ($page == '' || $page == 'overview') {
 			'adminname' => $lng['admin']['admin'],
 			'p.ts' => $lng['admin']['plans']['last_update']
 		);
-		$paging = new \Froxlor\UI\Paging($userinfo, TABLE_PANEL_PLANS, $fields);
+		try {
 			// get total count
 			$json_result = HostingPlans::getLocal($userinfo)->listingCount();
 			$result = json_decode($json_result, true)['data'];
 			// initialize pagination and filtering
 			$paging = new \Froxlor\UI\Pagination($userinfo, $fields, $result);
 			// get list
 			$json_result = HostingPlans::getLocal($userinfo, $paging->getApiCommandParams())->listing();
 		} catch (Exception $e) {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result = json_decode($json_result, true)['data'];
 		$plans = '';
 		$result_stmt = Database::prepare("
 			SELECT p.*, a.loginname as adminname
 			FROM `" . TABLE_PANEL_PLANS . "` p, `" . TABLE_PANEL_ADMINS . "` a
 			WHERE " . ($userinfo['customers_see_all'] ? '' : " `p`.`adminid` = :adminid AND ") . "
 			`p`.`adminid` = `a`.`adminid` " . $paging->getSqlWhere(false) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		Database::pexecute($result_stmt, array(
 			'adminid' => $userinfo['adminid']
 		));
 		$paging->setEntries(Database::num_rows());
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$i = 0;
 		$count = 0;
-		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+		foreach ($result['list'] as $row) {
-
+			$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
-			if ($paging->checkDisplay($i)) {
+			$row['ts_format'] = date("d.m.Y H:i", $row['ts']);
-				$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
+			eval("\$plans.=\"" . \Froxlor\UI\Template::getTemplate("plans/plans_plan") . "\";");
-				$row['ts_format'] = date("d.m.Y H:i", $row['ts']);
+			$count ++;
 				eval("\$plans.=\"" . \Froxlor\UI\Template::getTemplate("plans/plans_plan") . "\";");
 				$count ++;
 			}
 			$i ++;
 		}
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate("plans/plans") . "\";");
 	} elseif ($action == 'delete' && $id != 0) {
-		$result_stmt = Database::prepare("
+		try {
-			SELECT * FROM `" . TABLE_PANEL_PLANS . "` WHERE `id` = :id");
+			$json_result = HostingPlans::getLocal($userinfo, array(
-		$result = Database::pexecute_first($result_stmt, array(
+				'id' => $id
-			'id' => $id
+			))->get();
-		));
+		} catch (Exception $e) {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result = json_decode($json_result, true)['data'];
 		if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['adminid'] == $result['adminid']) {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
-				$del_stmt = Database::prepare("
+				try {
-					DELETE FROM `" . TABLE_PANEL_PLANS . "` WHERE `id` = :id");
+					HostingPlans::getLocal($userinfo, array(
-				Database::pexecute($del_stmt, array(
+						'id' => $id
-					'id' => $id
+					))->delete();
-				));
+				} catch (Exception $e) {
 					\Froxlor\UI\Response::dynamic_error($e->getMessage());
 				}
 				$log->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_INFO, "Plan '" . $result['name'] . "' has been deleted by '" . $userinfo['loginname'] . "'");
 				\Froxlor\UI\Response::redirectTo($filename, array(
 					'page' => $page,
 					's' => $s
@@ -102,113 +105,11 @@ if ($page == '' || $page == 'overview') {
 	} elseif ($action == 'add') {
 		if (isset($_POST['send']) && $_POST['send'] == 'send') {
-			$name = \Froxlor\Validate\Validate::validate($_POST['name'], 'name');
+			try {
-			$description = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $_POST['description']), 'description', '/^[^\0]*$/');
+				HostingPlans::getLocal($userinfo, $_POST)->add();
-
+			} catch (Exception $e) {
-			$value_arr = array();
+				\Froxlor\UI\Response::dynamic_error($e->getMessage());
 			if (empty($name)) {
 				\Froxlor\UI\Response::standard_error('stringmustntbeempty', 'name');
 			}
 			$value_arr['diskspace'] = (int)($_POST['diskspace']);
 			if (isset($_POST['diskspace_ul'])) {
 				$value_arr['diskspace'] = - 1;
 			}
 			$value_arr['traffic'] = $_POST['traffic'];
 			if (isset($_POST['traffic_ul'])) {
 				$value_arr['traffic'] = - 1;
 			}
 			$value_arr['subdomains'] = (int)($_POST['subdomains']);
 			if (isset($_POST['subdomains_ul'])) {
 				$value_arr['subdomains'] = - 1;
 			}
 			$value_arr['emails'] = (int)($_POST['emails']);
 			if (isset($_POST['emails_ul'])) {
 				$value_arr['emails'] = - 1;
 			}
 			$value_arr['email_accounts'] = (int)($_POST['email_accounts']);
 			if (isset($_POST['email_accounts_ul'])) {
 				$value_arr['email_accounts'] = - 1;
 			}
 			$value_arr['email_forwarders'] = (int)($_POST['email_forwarders']);
 			if (isset($_POST['email_forwarders_ul'])) {
 				$value_arr['email_forwarders'] = - 1;
 			}
 			if (Settings::Get('system.mail_quota_enabled') == '1') {
 				$value_arr['email_quota'] = \Froxlor\Validate\Validate::validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array(
 					'0',
 					''
 				));
 				if (isset($_POST['email_quota_ul'])) {
 					$value_arr['email_quota'] = - 1;
 				}
 			} else {
 				$value_arr['email_quota'] = - 1;
 			}
 			$value_arr['email_imap'] = 0;
 			if (isset($_POST['email_imap'])) {
 				$value_arr['email_imap'] = (int)($_POST['email_imap']);
 			}
 			$value_arr['email_pop3'] = 0;
 			if (isset($_POST['email_pop3'])) {
 				$value_arr['email_pop3'] = (int)($_POST['email_pop3']);
 			}
 			$value_arr['ftps'] = (int)($_POST['ftps']);
 			if (isset($_POST['ftps_ul'])) {
 				$value_arr['ftps'] = - 1;
 			}
 			$value_arr['mysqls'] = (int)($_POST['mysqls']);
 			if (isset($_POST['mysqls_ul'])) {
 				$value_arr['mysqls'] = - 1;
 			}
 			$value_arr['phpenabled'] = 0;
 			if (isset($_POST['phpenabled'])) {
 				$value_arr['phpenabled'] = intval($_POST['phpenabled']);
 			}
 			$value_arr['allowed_phpconfigs'] = array();
 			if (isset($_POST['allowed_phpconfigs']) && is_array($_POST['allowed_phpconfigs'])) {
 				foreach ($_POST['allowed_phpconfigs'] as $allowed_phpconfig) {
 					$allowed_phpconfig = intval($allowed_phpconfig);
 					$value_arr['allowed_phpconfigs'][] = $allowed_phpconfig;
 				}
 			}
 			$value_arr['perlenabled'] = 0;
 			if (isset($_POST['perlenabled'])) {
 				$value_arr['perlenabled'] = intval($_POST['perlenabled']);
 			}
 			$value_arr['dnsenabled'] = 0;
 			if (isset($_POST['dnsenabled'])) {
 				$value_arr['dnsenabled'] = intval($_POST['dnsenabled']);
 			}
 			$ins_stmt = Database::prepare("
 				INSERT INTO `" . TABLE_PANEL_PLANS . "`
 				SET `adminid` = :adminid, `name` = :name, `description` = :desc, `value` = :valuearr, `ts` = UNIX_TIMESTAMP();
 			");
 			$ins_data = array(
 				'adminid' => $userinfo['adminid'],
 				'name' => $name,
 				'desc' => $description,
 				'valuearr' => json_encode($value_arr)
 			);
 			Database::pexecute($ins_stmt, $ins_data);
 			$log->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "added plan '" . $name . "'");
 			\Froxlor\UI\Response::redirectTo($filename, array(
 				'page' => $page,
 				's' => $s
@@ -266,11 +167,14 @@ if ($page == '' || $page == 'overview') {
 			eval("echo \"" . \Froxlor\UI\Template::getTemplate("plans/plans_add") . "\";");
 		}
 	} elseif ($action == 'edit' && $id != 0) {
-		$result_stmt = Database::prepare("
+		try {
-			SELECT * FROM `" . TABLE_PANEL_PLANS . "` WHERE `id` = :id");
+			$json_result = HostingPlans::getLocal($userinfo, array(
-		$result = Database::pexecute_first($result_stmt, array(
+				'id' => $id
-			'id' => $id
+			))->get();
-		));
+		} catch (Exception $e) {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result = json_decode($json_result, true)['data'];
 		if ($result['name'] != '') {
@@ -284,110 +188,11 @@ if ($page == '' || $page == 'overview') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
-				$name = \Froxlor\Validate\Validate::validate($_POST['name'], 'name');
+				try {
-				$description = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $_POST['description']), 'description', '/^[^\0]*$/');
+					HostingPlans::getLocal($userinfo, $_POST)->update();
-
+				} catch (Exception $e) {
-				$value_arr = array();
+					\Froxlor\UI\Response::dynamic_error($e->getMessage());
 				$value_arr['diskspace'] = (int)($_POST['diskspace']);
 				if (isset($_POST['diskspace_ul'])) {
 					$value_arr['diskspace'] = - 1;
 				}
 				$value_arr['traffic'] = $_POST['traffic'];
 				if (isset($_POST['traffic_ul'])) {
 					$value_arr['traffic'] = - 1;
 				}
 				$value_arr['subdomains'] = (int)($_POST['subdomains']);
 				if (isset($_POST['subdomains_ul'])) {
 					$value_arr['subdomains'] = - 1;
 				}
 				$value_arr['emails'] = (int)($_POST['emails']);
 				if (isset($_POST['emails_ul'])) {
 					$value_arr['emails'] = - 1;
 				}
 				$value_arr['email_accounts'] = (int)($_POST['email_accounts']);
 				if (isset($_POST['email_accounts_ul'])) {
 					$value_arr['email_accounts'] = - 1;
 				}
 				$value_arr['email_forwarders'] = (int)($_POST['email_forwarders']);
 				if (isset($_POST['email_forwarders_ul'])) {
 					$value_arr['email_forwarders'] = - 1;
 				}
 				if (Settings::Get('system.mail_quota_enabled') == '1') {
 					$value_arr['email_quota'] = \Froxlor\Validate\Validate::validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array(
 						'0',
 						''
 					));
 					if (isset($_POST['email_quota_ul'])) {
 						$value_arr['email_quota'] = - 1;
 					}
 				} else {
 					$value_arr['email_quota'] = - 1;
 				}
 				$value_arr['email_imap'] = 0;
 				if (isset($_POST['email_imap'])) {
 					$value_arr['email_imap'] = (int)($_POST['email_imap']);
 				}
 				$value_arr['email_pop3'] = 0;
 				if (isset($_POST['email_pop3'])) {
 					$value_arr['email_pop3'] = (int)($_POST['email_pop3']);
 				}
 				$value_arr['ftps'] = (int)($_POST['ftps']);
 				if (isset($_POST['ftps_ul'])) {
 					$value_arr['ftps'] = - 1;
 				}
 				$value_arr['mysqls'] = (int)($_POST['mysqls']);
 				if (isset($_POST['mysqls_ul'])) {
 					$value_arr['mysqls'] = - 1;
 				}
 				$value_arr['phpenabled'] = 0;
 				if (isset($_POST['phpenabled'])) {
 					$value_arr['phpenabled'] = intval($_POST['phpenabled']);
 				}
 				$value_arr['allowed_phpconfigs'] = array();
 				if (isset($_POST['allowed_phpconfigs']) && is_array($_POST['allowed_phpconfigs'])) {
 					foreach ($_POST['allowed_phpconfigs'] as $allowed_phpconfig) {
 						$allowed_phpconfig = intval($allowed_phpconfig);
 						$value_arr['allowed_phpconfigs'][] = $allowed_phpconfig;
 					}
 				}
 				$value_arr['perlenabled'] = 0;
 				if (isset($_POST['perlenabled'])) {
 					$value_arr['perlenabled'] = intval($_POST['perlenabled']);
 				}
 				$value_arr['dnsenabled'] = 0;
 				if (isset($_POST['dnsenabled'])) {
 					$value_arr['dnsenabled'] = intval($_POST['dnsenabled']);
 				}
 				$ins_stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_PLANS . "`
 					SET `name` = :name, `description` = :desc, `value` = :valuearr, `ts` = UNIX_TIMESTAMP()
 					WHERE `id` = :id
 				");
 				$ins_data = array(
 					'name' => $name,
 					'desc' => $description,
 					'valuearr' => json_encode($value_arr),
 					'id' => $id
 				);
 				Database::pexecute($ins_stmt, $ins_data);
 				$log->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "updated plan '" . $name . "'");
 				\Froxlor\UI\Response::redirectTo($filename, array(
 					'page' => $page,
 					's' => $s
@@ -480,6 +285,7 @@ if ($page == '' || $page == 'overview') {
 				$result['customernumber'] = null;
 				$result['custom_notes'] = null;
 				$result['custom_notes_show'] = null;
 				$result['api_allowed'] = null;
 				$hosting_plans = null;
 				$admin_select_cnt = null;
 				$admin_select = null;
@@ -502,11 +308,14 @@ if ($page == '' || $page == 'overview') {
 		}
 	} elseif ($action == 'jqGetPlanValues') {
 		$planid = isset($_POST['planid']) ? (int) $_POST['planid'] : 0;
-		$result_stmt = Database::prepare("
+		try {
-			SELECT * FROM `" . TABLE_PANEL_PLANS . "` WHERE `id` = :id");
+			$json_result = HostingPlans::getLocal($userinfo, array(
-		$result = Database::pexecute_first($result_stmt, array(
+				'id' => $planid
-			'id' => $planid
+			))->get();
-		));
+		} catch (Exception $e) {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result = json_decode($json_result, true)['data'];
 		echo $result['value'];
 		exit();
 	}
--- a/api.php
+++ b/api.php
@@ -23,7 +23,7 @@ if (empty($request)) {
 }
 // decode json request
-$decoded_request = json_decode(stripslashes($request), true);
+$decoded_request = json_decode($request, true);
 // is it valid?
 if (is_null($decoded_request)) {
@@ -32,6 +32,7 @@ if (is_null($decoded_request)) {
 // validate content
 try {
 	$decoded_request = stripcslashes_deep($decoded_request);
 	$request = \Froxlor\Api\FroxlorRPC::validateRequest($decoded_request);
 	// now actually do it
 	$cls = "\\Froxlor\\Api\\Commands\\" . $request['command']['class'];
@@ -72,3 +73,8 @@ function json_response($status, $status_message = '', $data = null)
 	echo $json_response;
 	exit();
 }
 function stripcslashes_deep($value)
 {
 	return is_array($value) ? array_map('stripcslashes_deep', $value) : stripcslashes($value);
 }
--- a/api_keys.php
+++ b/api_keys.php
@@ -88,15 +88,17 @@ if ($action == 'delete') {
 	$valid_until = isset($_POST['valid_until']) ? (int) $_POST['valid_until'] : - 1;
 	// validate allowed_from
-	$ip_list = array_map('trim', explode(",", $allowed_from));
+	if (! empty($allowed_from)) {
-	$_check_list = $ip_list;
+		$ip_list = array_map('trim', explode(",", $allowed_from));
-	foreach ($_check_list as $idx => $ip) {
+		$_check_list = $ip_list;
-		if (\Froxlor\Validate\Validate::validate_ip2($ip, true, 'invalidip', true, true) == false) {
+		foreach ($_check_list as $idx => $ip) {
-			unset($ip_list[$idx]);
+			if (\Froxlor\Validate\Validate::validate_ip2($ip, true, 'invalidip', true, true) == false) {
 				unset($ip_list[$idx]);
 			}
 		}
 		$ip_list = array_map('inet_ntop', array_map('inet_pton', $ip_list));
 		$allowed_from = implode(",", array_unique($ip_list));
 	}
 	$ip_list = array_map('inet_ntop', array_map('inet_pton', $ip_list));
 	$allowed_from = implode(",", array_unique($ip_list));
 	if ($valid_until <= 0 || ! is_numeric($valid_until)) {
 		$valid_until = - 1;
--- a/build.xml
+++ b/build.xml
@@ -226,14 +226,29 @@
 		<property name="phpcpd.done" value="true" />
 	</target>
-	<target name="phpunit" unless="phpunit.done" depends="composer"
+	<target name="phpunit-prepare" unless="phpunit-prepare.done" depends="composer"
 		description="prepare xdebug unit tests">
 		<exec executable="${phpunit}" resultproperty="result.phpunit-prepare"
 			taskname="phpunit">
 			<arg value="--configuration" />
 			<arg path="${basedir}/phpunit.xml" />
 			<arg value="--dump-xdebug-filter" />
 			<arg path="${basedir}/tests/xdebug-filter.php" />
 		</exec>
 		<property name="phpunit-prepare.done" value="true" />
 	</target>
 	<target name="phpunit" unless="phpunit.done" depends="phpunit-prepare"
 		description="Run unit tests with PHPUnit">
-		<exec executable="${phpunit}" resultproperty="result.phpunit"
+		<exec executable="${phpunit}" failonerror="true" resultproperty="result.phpunit"
 			taskname="phpunit">
 			<arg value="--configuration" />
 			<arg path="${basedir}/phpunit.xml" />
 			<arg value="--testsuite" />
 			<arg value="froxlor" />
 			<arg value="--prepend" />
 			<arg path="${basedir}/tests/xdebug-filter.php" />
 		</exec>
 		<property name="phpunit.done" value="true" />
--- a/composer.json
+++ b/composer.json
@@ -30,7 +30,7 @@
 		"docs": "https://github.com/Froxlor/Froxlor/wiki"
 	},
 	"require": {
-		"php": ">=5.6",
+		"php": ">=7.0",
 		"ext-session": "*",
 		"ext-ctype": "*",
 		"ext-pdo": "*",
@@ -46,20 +46,19 @@
 		"phpmailer/phpmailer": "~6.0",
 		"monolog/monolog": "^1.24",
 		"robthree/twofactorauth": "^1.6",
-		"algo26-matthias/idna-convert": "^2.1"
+		"froxlor/idna-convert-legacy": "^2.1"
 	},
 	"require-dev": {
-		"phpunit/phpunit": "6.5.13",
+		"phpunit/phpunit": "8.4.1",
-		"pdepend/pdepend": "2.5.0",
+		"php": ">=7.3",
 		"phpmd/phpmd": "2.6.0",
 		"sebastian/phpcpd": "3.0.1",
 		"squizlabs/php_codesniffer": "3.3.2",
 		"phploc/phploc": "3.0.1",
 		"theseer/phpdox": "0.11.2",
 		"phpunit/php-invoker": "1.1.4",
 		"php": ">=7.1",
 		"ext-pcntl": "*",
-		"phpcompatibility/php-compatibility": "*"
+		"phpcompatibility/php-compatibility": "*",
 		"squizlabs/php_codesniffer": "*",
 		"pdepend/pdepend": "^2.5",
 		"sebastian/phpcpd": "^4.1",
 		"theseer/phpdox": "^0.12.0",
 		"phploc/phploc": "^5.0",
 		"phpmd/phpmd": "^2.6"
 	},
 	"suggest": {
 		"ext-bcmath": "*",
--- a/composer.lock
+++ b/composer.lock
--- a/customer_domains.php
+++ b/customer_domains.php
@@ -42,146 +42,65 @@ if ($page == 'overview') {
 	if ($action == '') {
 		$log->logAction(\Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "viewed customer_domains::domains");
 		$fields = array(
-			'd.domain' => $lng['domains']['domainname']
+			'd.domain_ace' => $lng['domains']['domainname'],
 			'd.aliasdomain' => $lng['domains']['aliasdomain']
 		);
-		$paging = new \Froxlor\UI\Paging($userinfo, TABLE_PANEL_DOMAINS, $fields);
+		try {
-		$domains_stmt = Database::prepare("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isbinddomain`, `d`.`isemaildomain`, `d`.`caneditdomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `d`.`letsencrypt`, `d`.`registration_date`, `d`.`termination_date`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`, `da`.`id` AS `domainaliasid`, `da`.`domain` AS `domainalias` FROM `" . TABLE_PANEL_DOMAINS . "` `d`
+			// get total count
-			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id`
+			$json_result = SubDomains::getLocal($userinfo)->listingCount();
-			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `da` ON `da`.`aliasdomain`=`d`.`id`
+			$result = json_decode($json_result, true)['data'];
-			WHERE `d`.`customerid`= :customerid
+			// initialize pagination and filtering
-			AND `d`.`email_only`='0'
+			$paging = new \Froxlor\UI\Pagination($userinfo, $fields, $result);
-			AND `d`.`id` <> :standardsubdomain " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+			// get list
-		Database::pexecute($domains_stmt, array(
+			$json_result = SubDomains::getLocal($userinfo, $paging->getApiCommandParams())->listing();
-			"customerid" => $userinfo['customerid'],
+		} catch (Exception $e) {
-			"standardsubdomain" => $userinfo['standardsubdomain']
+			\Froxlor\UI\Response::dynamic_error($e->getMessage());
-		));
+		}
-		$paging->setEntries(Database::num_rows());
+		$result = json_decode($json_result, true)['data'];
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$domains = '';
 		$parentdomains_count = 0;
-		$domains_count = 0;
+		$domains_count = $paging->getEntries();
 		$domain_array = array();
-		while ($row = $domains_stmt->fetch(PDO::FETCH_ASSOC)) {
+		foreach ($result['list'] as $row) {
-			$row['domain'] = $idna_convert->decode($row['domain']);
+			formatDomainEntry($row, $idna_convert);
 			$row['aliasdomain'] = $idna_convert->decode($row['aliasdomain']);
 			$row['domainalias'] = $idna_convert->decode($row['domainalias']);
 			if ($row['parentdomainid'] == '0' && $row['caneditdomain'] == '1') {
 				$parentdomains_count ++;
 			}
 			$domain_array[$row['parentdomainname']][] = $row;
 		}
-			/**
+		foreach ($domain_array as $parentdomain => $sdomains) {
-			 * check for set ssl-certs to show different state-icons
+			// PARENTDOMAIN
-			 */
+			if (Settings::Get('system.awstats_enabled') == '1') {
-			// nothing (ssl_global)
+				$statsapp = 'awstats';
 			$row['domain_hascert'] = 0;
 			$ssl_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = :domainid");
 			Database::pexecute($ssl_stmt, array(
 				"domainid" => $row['id']
 			));
 			$ssl_result = $ssl_stmt->fetch(PDO::FETCH_ASSOC);
 			if (is_array($ssl_result) && isset($ssl_result['ssl_cert_file']) && $ssl_result['ssl_cert_file'] != '') {
 				// own certificate (ssl_customer_green)
 				$row['domain_hascert'] = 1;
 			} else {
-				// check if it's parent has one set (shared)
+				$statsapp = 'webalizer';
 				if ($row['parentdomainid'] != 0) {
 					$ssl_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = :domainid");
 					Database::pexecute($ssl_stmt, array(
 						"domainid" => $row['parentdomainid']
 					));
 					$ssl_result = $ssl_stmt->fetch(PDO::FETCH_ASSOC);
 					if (is_array($ssl_result) && isset($ssl_result['ssl_cert_file']) && $ssl_result['ssl_cert_file'] != '') {
 						// parent has a certificate (ssl_shared)
 						$row['domain_hascert'] = 2;
 					}
 				}
 			}
 			$row = [
 				'domain' => $idna_convert->decode($parentdomain)
 			];
 			eval("\$domains.=\"" . \Froxlor\UI\Template::getTemplate("domains/domains_delimiter") . "\";");
-			$row['termination_date'] = str_replace("0000-00-00", "", $row['termination_date']);
+			foreach ($sdomains as $domain) {
-			if ($row['termination_date'] != "") {
+				$row = \Froxlor\PhpHelper::htmlentitiesArray($domain);
 				$cdate = strtotime($row['termination_date'] . " 23:59:59");
 				$today = time();
-				if ($cdate < $today) {
+				// show docroot nicely
-					$row['termination_css'] = 'domain-expired';
+				if (strpos($row['documentroot'], $userinfo['documentroot']) === 0) {
-				} else {
+					$row['documentroot'] = \Froxlor\FileDir::makeCorrectDir(str_replace($userinfo['documentroot'], "/", $row['documentroot']));
 					$row['termination_css'] = 'domain-canceled';
 				}
 				// get ssl-ips if activated
 				$show_ssledit = false;
 				if (Settings::Get('system.use_ssl') == '1' && \Froxlor\Domain\Domain::domainHasSslIpPort($row['id']) && $row['caneditdomain'] == '1' && $row['letsencrypt'] == 0) {
 					$show_ssledit = true;
 				}
 				eval("\$domains.=\"" . \Froxlor\UI\Template::getTemplate("domains/domains_domain") . "\";");
 			}
 			$domains_count ++;
 			$domain_array[$row['domain']] = $row;
 		}
 		ksort($domain_array);
 		$domain_id_array = array();
 		foreach ($domain_array as $sortkey => $row) {
 			$domain_id_array[$row['id']] = $sortkey;
 		}
 		$domain_sort_array = array();
 		foreach ($domain_array as $sortkey => $row) {
 			if ($row['parentdomainid'] == 0) {
 				$domain_sort_array[$sortkey][$sortkey] = $row;
 			} else {
 				// when searching and the results are subdomains only, we need to get
 				// the parent domain to this subdomain
 				if (! isset($domain_id_array[$row['parentdomainid']])) {
 					$domain_id_array[$row['parentdomainid']] = "[parent-domain]";
 				}
 				$domain_sort_array[$domain_id_array[$row['parentdomainid']]][$sortkey] = $row;
 			}
 		}
 		$domain_array = array();
 		if ($paging->sortfield == 'd.domain' && $paging->sortorder == 'asc') {
 			ksort($domain_sort_array);
 		} elseif ($paging->sortfield == 'd.domain' && $paging->sortorder == 'desc') {
 			krsort($domain_sort_array);
 		}
 		$i = 0;
 		foreach ($domain_sort_array as $sortkey => $domain_array) {
 			if ($paging->checkDisplay($i)) {
 				if (isset($domain_array[$sortkey])) {
 					$row = \Froxlor\PhpHelper::htmlentitiesArray($domain_array[$sortkey]);
 					if (Settings::Get('system.awstats_enabled') == '1') {
 						$statsapp = 'awstats';
 					} else {
 						$statsapp = 'webalizer';
 					}
 					eval("\$domains.=\"" . \Froxlor\UI\Template::getTemplate("domains/domains_delimiter") . "\";");
 				}
 				if ($paging->sortfield == 'd.domain' && $paging->sortorder == 'asc') {
 					ksort($domain_array);
 				} elseif ($paging->sortfield == 'd.domain' && $paging->sortorder == 'desc') {
 					krsort($domain_array);
 				}
 				foreach ($domain_array as $row) {
 					if (strpos($row['documentroot'], $userinfo['documentroot']) === 0) {
 						$row['documentroot'] = \Froxlor\FileDir::makeCorrectDir(str_replace($userinfo['documentroot'], "/", $row['documentroot']));
 					}
 					// get ssl-ips if activated
 					$show_ssledit = false;
 					if (Settings::Get('system.use_ssl') == '1' && \Froxlor\Domain\Domain::domainHasSslIpPort($row['id']) && $row['caneditdomain'] == '1' && $row['letsencrypt'] == 0) {
 						$show_ssledit = true;
 					}
 					$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
 					eval("\$domains.=\"" . \Froxlor\UI\Template::getTemplate("domains/domains_domain") . "\";");
 				}
 			}
 			$i += count($domain_array);
 		}
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate("domains/domainlist") . "\";");
@@ -369,7 +288,7 @@ if ($page == 'overview') {
 					$domains .= \Froxlor\UI\HTML::makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id'], $result['aliasdomain']);
 				}
-				if (preg_match('/^https?\:\/\//', $result['documentroot']) && \Froxlor\Validate\Form\Data::validateUrl($result['documentroot'])) {
+				if (preg_match('/^https?\:\/\//', $result['documentroot']) && \Froxlor\Validate\Validate::validateUrl($result['documentroot'])) {
 					if (Settings::Get('panel.pathedit') == 'Dropdown') {
 						$urlvalue = $result['documentroot'];
 						$pathSelect = \Froxlor\FileDir::makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);
@@ -459,7 +378,9 @@ if ($page == 'overview') {
 				}
 				$alias_stmt = Database::prepare("SELECT COUNT(`id`) AS count FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `aliasdomain`= :aliasdomain");
-				$alias_check = Database::pexecute_first($alias_stmt, array("aliasdomain" => $result['id']));
+				$alias_check = Database::pexecute_first($alias_stmt, array(
 					"aliasdomain" => $result['id']
 				));
 				$alias_check = $alias_check['count'];
 				$domainip = $result_ipandport['ip'];
@@ -480,6 +401,17 @@ if ($page == 'overview') {
 } elseif ($page == 'domainssleditor') {
 	if ($action == '' || $action == 'view') {
 		// get domain
 		try {
 			$json_result = SubDomains::getLocal($userinfo, array(
 				'id' => $id
 			))->get();
 		} catch (Exception $e) {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result_domain = json_decode($json_result, true)['data'];
 		if (isset($_POST['send']) && $_POST['send'] == 'send') {
 			$do_insert = isset($_POST['do_insert']) ? (($_POST['do_insert'] == 1) ? true : false) : false;
 			try {
@@ -536,3 +468,53 @@ if ($page == 'overview') {
 	require_once __DIR__ . '/logfiles_viewer.php';
 }
 function formatDomainEntry(&$row, &$idna_convert)
 {
 	$row['domain'] = $idna_convert->decode($row['domain']);
 	$row['aliasdomain'] = $idna_convert->decode($row['aliasdomain']);
 	$row['domainalias'] = $idna_convert->decode($row['domainalias']);
 	/**
 	 * check for set ssl-certs to show different state-icons
 	 */
 	// nothing (ssl_global)
 	$row['domain_hascert'] = 0;
 	$ssl_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = :domainid");
 	Database::pexecute($ssl_stmt, array(
 		"domainid" => $row['id']
 	));
 	$ssl_result = $ssl_stmt->fetch(PDO::FETCH_ASSOC);
 	if (is_array($ssl_result) && isset($ssl_result['ssl_cert_file']) && $ssl_result['ssl_cert_file'] != '') {
 		// own certificate (ssl_customer_green)
 		$row['domain_hascert'] = 1;
 	} else {
 		// check if it's parent has one set (shared)
 		if ($row['parentdomainid'] != 0) {
 			$ssl_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = :domainid");
 			Database::pexecute($ssl_stmt, array(
 				"domainid" => $row['parentdomainid']
 			));
 			$ssl_result = $ssl_stmt->fetch(PDO::FETCH_ASSOC);
 			if (is_array($ssl_result) && isset($ssl_result['ssl_cert_file']) && $ssl_result['ssl_cert_file'] != '') {
 				// parent has a certificate (ssl_shared)
 				$row['domain_hascert'] = 2;
 			}
 		}
 	}
 	$row['termination_date'] = str_replace("0000-00-00", "", $row['termination_date']);
 	$row['termination_css'] = "";
 	if ($row['termination_date'] != "") {
 		$cdate = strtotime($row['termination_date'] . " 23:59:59");
 		$today = time();
 		if ($cdate < $today) {
 			$row['termination_css'] = 'domain-expired';
 		} else {
 			$row['termination_css'] = 'domain-canceled';
 		}
 	}
 }
--- a/customer_email.php
+++ b/customer_email.php
@@ -43,27 +43,31 @@ if ($page == 'overview') {
 	if ($action == '') {
 		$log->logAction(\Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "viewed customer_email::emails");
 		$fields = array(
-			'd.domain' => $lng['domains']['domainname'],
+			'd.domain_ace' => $lng['domains']['domainname'],
 			'm.email_full' => $lng['emails']['emailaddress'],
 			'm.destination' => $lng['emails']['forwarders']
 		);
-		$paging = new \Froxlor\UI\Paging($userinfo, TABLE_MAIL_VIRTUAL, $fields);
+		try {
-		$result_stmt = Database::prepare('SELECT `m`.`id`, `m`.`domainid`, `m`.`email`, `m`.`email_full`, `m`.`iscatchall`, `u`.`quota`, `m`.`destination`, `m`.`popaccountid`, `d`.`domain`, `u`.`mboxsize` FROM `' . TABLE_MAIL_VIRTUAL . '` `m`
+			// get total count
-			LEFT JOIN `' . TABLE_PANEL_DOMAINS . '` `d` ON (`m`.`domainid` = `d`.`id`)
+			$json_result = Emails::getLocal($userinfo)->listingCount();
-			LEFT JOIN `' . TABLE_MAIL_USERS . '` `u` ON (`m`.`popaccountid` = `u`.`id`)
+			$result = json_decode($json_result, true)['data'];
-			WHERE `m`.`customerid`= :customerid ' . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+			// initialize pagination and filtering
-		Database::pexecute($result_stmt, array(
+			$paging = new \Froxlor\UI\Pagination($userinfo, $fields, $result);
-			"customerid" => $userinfo['customerid']
+			// get list
-		));
+			$json_result = Emails::getLocal($userinfo, $paging->getApiCommandParams())->listing();
-		$emailscount = Database::num_rows();
+		} catch (Exception $e) {
-		$paging->setEntries($emailscount);
+			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result = json_decode($json_result, true)['data'];
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$emails = array();
 		$emailscount = $paging->getEntries();
-		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+		foreach ($result['list'] as $row) {
 			if (! isset($emails[$row['domain']]) || ! is_array($emails[$row['domain']])) {
 				$emails[$row['domain']] = array();
 			}
@@ -71,13 +75,12 @@ if ($page == 'overview') {
 			$emails[$row['domain']][$row['email_full']] = $row;
 		}
-		if ($paging->sortfield == 'd.domain' && $paging->sortorder == 'desc') {
+		if ($paging->sortfield == 'd.domain_ace' && $paging->sortorder == 'desc') {
 			krsort($emails);
 		} else {
 			ksort($emails);
 		}
 		$i = 0;
 		$count = 0;
 		$accounts = '';
 		$emails_count = 0;
@@ -90,53 +93,50 @@ if ($page == 'overview') {
 			}
 			foreach ($emailaddresses as $row) {
-				if ($paging->checkDisplay($i)) {
+				if ($domainname != $idna_convert->decode($row['domain'])) {
-					if ($domainname != $idna_convert->decode($row['domain'])) {
+					$domainname = $idna_convert->decode($row['domain']);
-						$domainname = $idna_convert->decode($row['domain']);
+					eval("\$accounts.=\"" . \Froxlor\UI\Template::getTemplate("email/emails_domain") . "\";");
 						eval("\$accounts.=\"" . \Froxlor\UI\Template::getTemplate("email/emails_domain") . "\";");
 					}
 					$emails_count ++;
 					$row['email'] = $idna_convert->decode($row['email']);
 					$row['email_full'] = $idna_convert->decode($row['email_full']);
 					$row['destination'] = explode(' ', $row['destination']);
 					uasort($row['destination'], 'strcasecmp');
 					$dest_list = $row['destination'];
 					foreach ($dest_list as $dest_id => $destination) {
 						$row['destination'][$dest_id] = $idna_convert->decode($row['destination'][$dest_id]);
 						if ($row['destination'][$dest_id] == $row['email_full']) {
 							unset($row['destination'][$dest_id]);
 						}
 					}
 					$destinations_count = count($row['destination']);
 					$row['destination'] = implode(', ', $row['destination']);
 					if (strlen($row['destination']) > 35) {
 						$row['destination'] = substr($row['destination'], 0, 32) . '... (' . $destinations_count . ')';
 					}
 					$row['mboxsize'] = \Froxlor\PhpHelper::sizeReadable($row['mboxsize'], 'GiB', 'bi', '%01.' . (int) Settings::Get('panel.decimal_places') . 'f %s');
 					$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
 					eval("\$accounts.=\"" . \Froxlor\UI\Template::getTemplate("email/emails_email") . "\";");
 					$count ++;
 				}
-				$i ++;
+				$emails_count ++;
 				$row['email'] = $idna_convert->decode($row['email']);
 				$row['email_full'] = $idna_convert->decode($row['email_full']);
 				$row['destination'] = explode(' ', $row['destination']);
 				uasort($row['destination'], 'strcasecmp');
 				$dest_list = $row['destination'];
 				foreach ($dest_list as $dest_id => $destination) {
 					$row['destination'][$dest_id] = $idna_convert->decode($row['destination'][$dest_id]);
 					if ($row['destination'][$dest_id] == $row['email_full']) {
 						unset($row['destination'][$dest_id]);
 					}
 				}
 				$destinations_count = count($row['destination']);
 				$row['destination'] = implode(', ', $row['destination']);
 				if (strlen($row['destination']) > 35) {
 					$row['destination'] = substr($row['destination'], 0, 32) . '... (' . $destinations_count . ')';
 				}
 				$row['mboxsize'] = \Froxlor\PhpHelper::sizeReadable($row['mboxsize'], 'GiB', 'bi', '%01.' . (int) Settings::Get('panel.decimal_places') . 'f %s');
 				$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
 				eval("\$accounts.=\"" . \Froxlor\UI\Template::getTemplate("email/emails_email") . "\";");
 				$count ++;
 			}
 		}
-		$emaildomains_count_stmt = Database::prepare("SELECT COUNT(`id`) AS `count` FROM `" . TABLE_PANEL_DOMAINS . "`
+		$result_stmt = Database::prepare("
-			WHERE `customerid`= :customerid
+			SELECT COUNT(`id`) as emaildomains
-			AND `isemaildomain`='1' ORDER BY `domain` ASC");
+			FROM `" . TABLE_PANEL_DOMAINS . "`
-		Database::pexecute($emaildomains_count_stmt, array(
+			WHERE `customerid`= :cid AND `isemaildomain` = '1'
-			"customerid" => $userinfo['customerid']
+		");
 		$result = Database::pexecute_first($result_stmt, array(
 			"cid" => $userinfo['customerid']
 		));
-		$emaildomains_count = $emaildomains_count_stmt->fetch(PDO::FETCH_ASSOC);
+		$emaildomains_count = $result['emaildomains'];
 		$emaildomains_count = $emaildomains_count['count'];
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate("email/emails") . "\";");
 	} elseif ($action == 'delete' && $id != 0) {
@@ -194,7 +194,7 @@ if ($page == 'overview') {
 				$result_stmt = Database::prepare("SELECT `id`, `domain`, `customerid` FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE `customerid`= :cid
 					AND `isemaildomain`='1'
-					ORDER BY `domain` ASC");
+					ORDER BY `domain_ace` ASC");
 				Database::pexecute($result_stmt, array(
 					"cid" => $userinfo['customerid']
 				));
--- a/customer_extras.php
+++ b/customer_extras.php
@@ -19,7 +19,6 @@
 define('AREA', 'customer');
 require './lib/init.php';
 use Froxlor\Database\Database;
 use Froxlor\Settings;
 use Froxlor\Api\Commands\DirOptions as DirOptions;
 use Froxlor\Api\Commands\DirProtections as DirProtections;
@@ -52,33 +51,34 @@ if ($page == 'overview') {
 			'username' => $lng['login']['username'],
 			'path' => $lng['panel']['path']
 		);
-		$paging = new \Froxlor\UI\Paging($userinfo, TABLE_PANEL_HTPASSWDS, $fields);
+		try {
-		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "`
+			// get total count
-			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+			$json_result = DirProtections::getLocal($userinfo)->listingCount();
-		Database::pexecute($result_stmt, array(
+			$result = json_decode($json_result, true)['data'];
-			"customerid" => $userinfo['customerid']
+			// initialize pagination and filtering
-		));
+			$paging = new \Froxlor\UI\Pagination($userinfo, $fields, $result);
-		$paging->setEntries(Database::num_rows());
+			// get list
 			$json_result = DirProtections::getLocal($userinfo, $paging->getApiCommandParams())->listing();
 		} catch (Exception $e) {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result = json_decode($json_result, true)['data'];
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$i = 0;
 		$count = 0;
 		$htpasswds = '';
-		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+		foreach ($result['list'] as $row) {
-			if ($paging->checkDisplay($i)) {
+			if (strpos($row['path'], $userinfo['documentroot']) === 0) {
-				if (strpos($row['path'], $userinfo['documentroot']) === 0) {
+				$row['path'] = str_replace($userinfo['documentroot'], "/", $row['path']);
 					$row['path'] = str_replace($userinfo['documentroot'], "/", $row['path']);
 				}
 				$row['path'] = \Froxlor\FileDir::makeCorrectDir($row['path']);
 				$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
 				eval("\$htpasswds.=\"" . \Froxlor\UI\Template::getTemplate("extras/htpasswds_htpasswd") . "\";");
 				$count ++;
 			}
-
+			$row['path'] = \Froxlor\FileDir::makeCorrectDir($row['path']);
-			$i ++;
+			$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
 			eval("\$htpasswds.=\"" . \Froxlor\UI\Template::getTemplate("extras/htpasswds_htpasswd") . "\";");
 			$count ++;
 		}
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate("extras/htpasswds") . "\";");
@@ -192,39 +192,40 @@ if ($page == 'overview') {
 			'error500path' => $lng['extras']['error500path'],
 			'options_cgi' => $lng['extras']['execute_perl']
 		);
-		$paging = new \Froxlor\UI\Paging($userinfo, TABLE_PANEL_HTACCESS, $fields);
+		try {
-		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "`
+			// get total count
-			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+			$json_result = DirOptions::getLocal($userinfo)->listingCount();
-		Database::pexecute($result_stmt, array(
+			$result = json_decode($json_result, true)['data'];
-			"customerid" => $userinfo['customerid']
+			// initialize pagination and filtering
-		));
+			$paging = new \Froxlor\UI\Pagination($userinfo, $fields, $result);
-		$paging->setEntries(Database::num_rows());
+			// get list
 			$json_result = DirOptions::getLocal($userinfo, $paging->getApiCommandParams())->listing();
 		} catch (Exception $e) {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result = json_decode($json_result, true)['data'];
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$i = 0;
 		$count = 0;
 		$htaccess = '';
 		$cperlenabled = \Froxlor\Customer\Customer::customerHasPerlEnabled($userinfo['customerid']);
-		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+		foreach ($result['list'] as $row) {
-			if ($paging->checkDisplay($i)) {
+			if (strpos($row['path'], $userinfo['documentroot']) === 0) {
-				if (strpos($row['path'], $userinfo['documentroot']) === 0) {
+				$row['path'] = str_replace($userinfo['documentroot'], "/", $row['path']);
 					$row['path'] = str_replace($userinfo['documentroot'], "/", $row['path']);
 				}
 				$row['path'] = \Froxlor\FileDir::makeCorrectDir($row['path']);
 				$row['options_indexes'] = str_replace('1', $lng['panel']['yes'], $row['options_indexes']);
 				$row['options_indexes'] = str_replace('0', $lng['panel']['no'], $row['options_indexes']);
 				$row['options_cgi'] = str_replace('1', $lng['panel']['yes'], $row['options_cgi']);
 				$row['options_cgi'] = str_replace('0', $lng['panel']['no'], $row['options_cgi']);
 				$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
 				eval("\$htaccess.=\"" . \Froxlor\UI\Template::getTemplate("extras/htaccess_htaccess") . "\";");
 				$count ++;
 			}
-
+			$row['path'] = \Froxlor\FileDir::makeCorrectDir($row['path']);
-			$i ++;
+			$row['options_indexes'] = str_replace('1', $lng['panel']['yes'], $row['options_indexes']);
 			$row['options_indexes'] = str_replace('0', $lng['panel']['no'], $row['options_indexes']);
 			$row['options_cgi'] = str_replace('1', $lng['panel']['yes'], $row['options_cgi']);
 			$row['options_cgi'] = str_replace('0', $lng['panel']['no'], $row['options_cgi']);
 			$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
 			eval("\$htaccess.=\"" . \Froxlor\UI\Template::getTemplate("extras/htaccess_htaccess") . "\";");
 			$count ++;
 		}
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate("extras/htaccess") . "\";");
--- a/customer_ftp.php
+++ b/customer_ftp.php
@@ -46,39 +46,36 @@ if ($page == 'overview') {
 			'homedir' => $lng['panel']['path'],
 			'description' => $lng['panel']['ftpdesc']
 		);
-		$paging = new \Froxlor\UI\Paging($userinfo, TABLE_FTP_USERS, $fields);
+		try {
-
+			// get total count
-		$result_stmt = Database::prepare("SELECT `id`, `username`, `description`, `homedir`, `shell` FROM `" . TABLE_FTP_USERS . "`
+			$json_result = Ftps::getLocal($userinfo)->listingCount();
-			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+			$result = json_decode($json_result, true)['data'];
-		Database::pexecute($result_stmt, array(
+			// initialize pagination and filtering
-			"customerid" => $userinfo['customerid']
+			$paging = new \Froxlor\UI\Pagination($userinfo, $fields, $result);
-		));
+			// get list
-		$ftps_count = Database::num_rows();
+			$json_result = Ftps::getLocal($userinfo, $paging->getApiCommandParams())->listing();
-		$paging->setEntries($ftps_count);
+		} catch (Exception $e) {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result = json_decode($json_result, true)['data'];
 		$ftps_count = $paging->getEntries();
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$i = 0;
 		$count = 0;
 		$accounts = '';
-		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+		foreach ($result['list'] as $row) {
-			if ($paging->checkDisplay($i)) {
+			if (strpos($row['homedir'], $userinfo['documentroot']) === 0) {
-				if (strpos($row['homedir'], $userinfo['documentroot']) === 0) {
+				$row['documentroot'] = str_replace($userinfo['documentroot'], "/", $row['homedir']);
-					$row['documentroot'] = str_replace($userinfo['documentroot'], "/", $row['homedir']);
+			} else {
-				} else {
+				$row['documentroot'] = $row['homedir'];
 					$row['documentroot'] = $row['homedir'];
 				}
 				$row['documentroot'] = \Froxlor\FileDir::makeCorrectDir($row['documentroot']);
 				$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
 				eval("\$accounts.=\"" . \Froxlor\UI\Template::getTemplate('ftp/accounts_account') . "\";");
 				$count ++;
 			}
-
+			$row['documentroot'] = \Froxlor\FileDir::makeCorrectDir($row['documentroot']);
-			$i ++;
+			$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
 			eval("\$accounts.=\"" . \Froxlor\UI\Template::getTemplate('ftp/accounts_account') . "\";");
 			$count ++;
 		}
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate('ftp/accounts') . "\";");
--- a/customer_index.php
+++ b/customer_index.php
@@ -93,11 +93,19 @@ if ($page == 'overview') {
 		'cid' => $userinfo['customerid']
 	));
 	if ($usages)
 	{
 		$userinfo['diskspace_used'] = round($usages['webspace'] / 1024, Settings::Get('panel.decimal_places'));
 		$userinfo['mailspace_used'] = round($usages['mail'] / 1024, Settings::Get('panel.decimal_places'));
 		$userinfo['dbspace_used'] = round($usages['mysql'] / 1024, Settings::Get('panel.decimal_places'));
 		$userinfo['total_used'] = round(($usages['webspace'] + $usages['mail'] + $usages['mysql']) / 1024, Settings::Get('panel.decimal_places'));
 	} else {
 		$userinfo['diskspace_used'] = 0;
 		$userinfo['mailspace_used'] = 0;
 		$userinfo['dbspace_used'] = 0;
 		$userinfo['total_used'] = 0;
 	}
 	$userinfo['diskspace'] = round($userinfo['diskspace'] / 1024, Settings::Get('panel.decimal_places'));
 	$userinfo['diskspace_used'] = round($usages['webspace'] / 1024, Settings::Get('panel.decimal_places'));
 	$userinfo['mailspace_used'] = round($usages['mail'] / 1024, Settings::Get('panel.decimal_places'));
 	$userinfo['dbspace_used'] = round($usages['mysql'] / 1024, Settings::Get('panel.decimal_places'));
 	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), Settings::Get('panel.decimal_places'));
 	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), Settings::Get('panel.decimal_places'));
 	$userinfo = \Froxlor\PhpHelper::strReplaceArray('-1', $lng['customer']['unlimited'], $userinfo, 'diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps subdomains');
@@ -114,6 +122,8 @@ if ($page == 'overview') {
 		$se[] = "PHP";
 	if ($userinfo['perlenabled'] == '1')
 		$se[] = "Perl/CGI";
 	if ($userinfo['api_allowed'] == '1')
 		$se[] = '<a href="customer_index.php?s='.$s.'&page=apikeys">API</a>';
 	$services_enabled = implode(", ", $se);
 	eval("echo \"" . \Froxlor\UI\Template::getTemplate('index/index') . "\";");
@@ -353,8 +363,6 @@ if ($page == 'overview') {
 	}
 } elseif ($page == 'apikeys' && Settings::Get('api.enabled') == 1) {
 	require_once __DIR__ . '/api_keys.php';
 } elseif ($page == 'apihelp' && Settings::Get('api.enabled') == 1) {
 	require_once __DIR__ . '/apihelp.php';
 } elseif ($page == '2fa' && Settings::Get('2fa.enabled') == 1) {
 	require_once __DIR__ . '/2fa.php';
 }
--- a/customer_logger.php
+++ b/customer_logger.php
@@ -19,6 +19,7 @@
 define('AREA', 'customer');
 require './lib/init.php';
 use Froxlor\Api\Commands\SysLog;
 use Froxlor\Database\Database;
 use Froxlor\Settings;
@@ -35,26 +36,25 @@ if ($page == 'log') {
 			'user' => $lng['logger']['user'],
 			'text' => $lng['logger']['action']
 		);
-		$paging = new \Froxlor\UI\Paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc', 30);
+		try {
-		$query = 'SELECT * FROM `' . TABLE_PANEL_LOG . '` WHERE `user` = :loginname ' . $paging->getSqlWhere(true) . ' ' . $paging->getSqlOrderBy();
+			// get total count
-		$result_stmt = Database::prepare($query . ' ' . $paging->getSqlLimit());
+			$json_result = SysLog::getLocal($userinfo)->listingCount();
-		Database::pexecute($result_stmt, array(
+			$result = json_decode($json_result, true)['data'];
-			"loginname" => $userinfo['loginname']
+			// initialize pagination and filtering
-		));
+			$paging = new \Froxlor\UI\Pagination($userinfo, $fields, $result);
-		$result_cnt_stmt = Database::prepare($query);
+			// get list
-		Database::pexecute($result_cnt_stmt, array(
+			$json_result = SysLog::getLocal($userinfo, $paging->getApiCommandParams())->listing();
-			"loginname" => $userinfo['loginname']
+		} catch (Exception $e) {
-		));
+			\Froxlor\UI\Response::dynamic_error($e->getMessage());
-		$res_cnt = $result_cnt_stmt->fetch(PDO::FETCH_ASSOC);
+		}
-		$logs_count = $result_cnt_stmt->rowCount();
+		$result = json_decode($json_result, true)['data'];
 		$paging->setEntries($logs_count);
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$clog = array();
-		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+		foreach ($result['list'] as $row) {
 			if (! isset($clog[$row['action']]) || ! is_array($clog[$row['action']])) {
 				$clog[$row['action']] = array();
@@ -68,7 +68,6 @@ if ($page == 'log') {
 			ksort($clog);
 		}
 		$i = 0;
 		$count = 0;
 		$log_count = 0;
 		$log = '';
@@ -96,7 +95,7 @@ if ($page == 'log') {
 						case \Froxlor\FroxlorLogger::LOGIN_ACTION:
 							$_action = $lng['logger']['login'];
 							break;
-						case LOG_ERROR:
+						case \Froxlor\FroxlorLogger::LOG_ERROR:
 							$_action = $lng['logger']['intern'];
 							break;
 						default:
@@ -113,10 +112,7 @@ if ($page == 'log') {
 				eval("\$log.=\"" . \Froxlor\UI\Template::getTemplate('logger/logger_log') . "\";");
 				$count ++;
 				$_action = $action;
 				// }
 				$i ++;
 			}
 			$i ++;
 		}
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate('logger/logger') . "\";");
--- a/customer_mysql.php
+++ b/customer_mysql.php
@@ -53,20 +53,24 @@ if ($page == 'overview') {
 			'databasename' => $lng['mysql']['databasename'],
 			'description' => $lng['mysql']['databasedescription']
 		);
-		$paging = new \Froxlor\UI\Paging($userinfo, TABLE_PANEL_DATABASES, $fields);
+		try {
-		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DATABASES . "`
+			// get total count
-			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+			$json_result = Mysqls::getLocal($userinfo)->listingCount();
-		Database::pexecute($result_stmt, array(
+			$result = json_decode($json_result, true)['data'];
-			"customerid" => $userinfo['customerid']
+			// initialize pagination and filtering
-		));
+			$paging = new \Froxlor\UI\Pagination($userinfo, $fields, $result);
-		$mysqls_count = Database::num_rows();
+			// get list
-		$paging->setEntries($mysqls_count);
+			$json_result = Mysqls::getLocal($userinfo, $paging->getApiCommandParams())->listing();
 		} catch (Exception $e) {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result = json_decode($json_result, true)['data'];
 		$mysqls_count = $paging->getEntries();
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$i = 0;
 		$count = 0;
 		$mysqls = '';
@@ -76,21 +80,18 @@ if ($page == 'overview') {
 		// Begin root-session
 		Database::needRoot(true);
-		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+		foreach ($result['list'] as $row) {
-			if ($paging->checkDisplay($i)) {
+			$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
-				$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
+			$mbdata_stmt = Database::prepare("SELECT SUM(data_length + index_length) as MB FROM information_schema.TABLES
 				$mbdata_stmt = Database::prepare("SELECT SUM(data_length + index_length) as MB FROM information_schema.TABLES
 					WHERE table_schema = :table_schema
 					GROUP BY table_schema");
-				Database::pexecute($mbdata_stmt, array(
+			Database::pexecute($mbdata_stmt, array(
-					"table_schema" => $row['databasename']
+				"table_schema" => $row['databasename']
-				));
+			));
-				$mbdata = $mbdata_stmt->fetch(PDO::FETCH_ASSOC);
+			$mbdata = $mbdata_stmt->fetch(PDO::FETCH_ASSOC);
-				$row['size'] = \Froxlor\PhpHelper::sizeReadable($mbdata['MB'], 'GiB', 'bi', '%01.' . (int) Settings::Get('panel.decimal_places') . 'f %s');
+			$row['size'] = \Froxlor\PhpHelper::sizeReadable($mbdata['MB'], 'GiB', 'bi', '%01.' . (int) Settings::Get('panel.decimal_places') . 'f %s');
-				eval("\$mysqls.=\"" . \Froxlor\UI\Template::getTemplate('mysql/mysqls_database') . "\";");
+			eval("\$mysqls.=\"" . \Froxlor\UI\Template::getTemplate('mysql/mysqls_database') . "\";");
-				$count ++;
+			$count ++;
 			}
 			$i ++;
 		}
 		Database::needRoot(false);
 		// End root-session
--- a/customer_traffic.php
+++ b/customer_traffic.php
@@ -112,11 +112,14 @@ if (! is_null($month) && ! is_null($year)) {
 	eval("echo \"" . \Froxlor\UI\Template::getTemplate('traffic/traffic_details') . "\";");
 } else {
-	$result_stmt = Database::prepare("SELECT `month`, `year`, SUM(`http`) AS http, SUM(`ftp_up`) AS ftp_up, SUM(`ftp_down`) AS ftp_down, SUM(`mail`) AS mail
+	$result_stmt = Database::prepare("
 		SELECT `month`, `year`, SUM(`http`) AS http, SUM(`ftp_up`) AS ftp_up, SUM(`ftp_down`) AS ftp_down, SUM(`mail`) AS mail
 		FROM `" . TABLE_PANEL_TRAFFIC . "`
 		WHERE `customerid` = :customerid
-		GROUP BY `year` DESC, `month` DESC
+		GROUP BY `year`, `month`
-		LIMIT 12");
+		ORDER BY `year` DESC, `month` DESC
 		LIMIT 12
 	");
 	Database::pexecute($result_stmt, array(
 		"customerid" => $userinfo['customerid']
 	));
--- a/dns_editor.php
+++ b/dns_editor.php
@@ -37,11 +37,16 @@ $ttl = isset($_POST['record']['ttl']) ? (int) $_POST['record']['ttl'] : 18000;
 $domain = \Froxlor\Dns\Dns::getAllowedDomainEntry($domain_id, AREA, $userinfo);
 // select all entries
-$sel_stmt = Database::prepare("SELECT * FROM `" . TABLE_DOMAIN_DNS . "` WHERE domain_id = :did");
+try {
-Database::pexecute($sel_stmt, array(
+	// get list
-	'did' => $domain_id
+	$json_result = DomainZones::getLocal($userinfo, [
-));
+		'id' => $domain_id
-$dom_entries = $sel_stmt->fetchAll(PDO::FETCH_ASSOC);
+	])->listing();
 } catch (Exception $e) {
 	\Froxlor\UI\Response::dynamic_error($e->getMessage());
 }
 $result = json_decode($json_result, true)['data'];
 $dom_entries = $result['list'];
 $errors = "";
 $success_message = "";
@@ -108,11 +113,16 @@ if (! empty($dom_entries)) {
 $type_select_values = array(
 	'A',
 	'AAAA',
-	'NS',
+	'CAA',
 	'CNAME',
 	'DNAME',
 	'LOC',
 	'MX',
 	'NS',
 	'RP',
 	'SRV',
-	'TXT',
+	'SSHFP',
-	'CNAME'
+	'TXT'
 );
 asort($type_select_values);
 foreach ($type_select_values as $_type) {
--- a/doc/example/FroxlorAPI.php
+++ b/doc/example/FroxlorAPI.php
@@ -148,6 +148,11 @@ class FroxlorAPI
 	 */
 	public function getLastResponse(): array
 	{
 		if (!empty($this->getLastError())) {
 			// nothing is returned when the last call
 			// was not successful
 			return [];
 		}
 		return $this->last_body;
 	}
--- a/index.php
+++ b/index.php
@@ -393,7 +393,7 @@ if ($action == 'forgotpwd') {
 	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$loginname = \Froxlor\Validate\Validate::validate($_POST['loginname'], 'loginname');
 		$email = \Froxlor\Validate\Validate::validateEmail($_POST['loginemail'], 'email');
-		$result_stmt = Database::prepare("SELECT `adminid`, `customerid`, `firstname`, `name`, `company`, `email`, `loginname`, `def_language`, `deactivated` FROM `" . TABLE_PANEL_CUSTOMERS . "`
+		$result_stmt = Database::prepare("SELECT `adminid`, `customerid`, `customernumber`, `firstname`, `name`, `company`, `email`, `loginname`, `def_language`, `deactivated` FROM `" . TABLE_PANEL_CUSTOMERS . "`
 			WHERE `loginname`= :loginname
 			AND `email`= :email");
 		Database::pexecute($result_stmt, array(
@@ -481,6 +481,10 @@ if ($action == 'forgotpwd') {
 					$replace_arr = array(
 						'SALUTATION' => \Froxlor\User::getCorrectUserSalutation($user),
 						'NAME' => $user['name'],
 						'FIRSTNAME' => $user['firstname'] ?? "",
 						'COMPANY' => $user['company'] ?? "",
 						'CUSTOMER_NO' => $user['customernumber'] ?? 0,
 						'USERNAME' => $loginname,
 						'LINK' => $activationlink
 					);
@@ -598,21 +602,18 @@ if ($action == 'resetpwd') {
 				));
 				if ($result !== false) {
-					if ($result['admin'] == 1) {
+					try {
-						$new_password = \Froxlor\Validate\Validate::validate($_POST['new_password'], 'new password');
+						$new_password = \Froxlor\System\Crypt::validatePassword($_POST['new_password'], true);
-						$new_password_confirm = \Froxlor\Validate\Validate::validate($_POST['new_password_confirm'], 'new password confirm');
+						$new_password_confirm = \Froxlor\System\Crypt::validatePassword($_POST['new_password_confirm'], true);
-					} else {
+					} catch (Exception $e) {
-						$new_password = \Froxlor\System\Crypt::validatePassword($_POST['new_password'], 'new password');
+						$message = $e->getMessage();
 						$new_password_confirm = \Froxlor\System\Crypt::validatePassword($_POST['new_password_confirm'], 'new password confirm');
 					}
-					if ($new_password == '') {
+					if (empty($message) && (empty($new_password) || $new_password != $new_password_confirm)) {
-						$message = $new_password;
+						$message = $lng['error']['newpasswordconfirmerror'];
-					} elseif ($new_password_confirm == '') {
+					}
-						$message = $new_password_confirm;
+
-					} elseif ($new_password != $new_password_confirm) {
+					if (empty($message)) {
 						$message = $new_password . " != " . $new_password_confirm;
 					} else {
 						// Update user password
 						if ($result['admin'] == 1) {
 							$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_ADMINS . "`
--- a/install/froxlor.sql
+++ b/install/froxlor.sql
@@ -84,7 +84,7 @@ CREATE TABLE `panel_activation` (
  `creation` int(11) unsigned NOT NULL default '0',
  `activationcode` varchar(50) default NULL,
  PRIMARY KEY (id)
-) ENGINE=InnoDB  CHARSET=utf8 COLLATE=utf8_general_ci;
+) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci;
 DROP TABLE IF EXISTS `panel_admins`;
@@ -94,7 +94,7 @@ CREATE TABLE `panel_admins` (
  `password` varchar(255) NOT NULL default '',
  `name` varchar(255) NOT NULL default '',
  `email` varchar(255) NOT NULL default '',
-  `def_language` varchar(255) NOT NULL default '',
+  `def_language` varchar(100) NOT NULL default '',
  `ip` varchar(500) NOT NULL default '-1',
  `customers` int(15) NOT NULL default '0',
  `customers_used` int(15) NOT NULL default '0',
@@ -127,11 +127,12 @@ CREATE TABLE `panel_admins` (
  `lastlogin_fail` int(11) unsigned NOT NULL default '0',
  `loginfail_count` int(11) unsigned NOT NULL default '0',
  `reportsent` tinyint(4) unsigned NOT NULL default '0',
-  `theme` varchar(255) NOT NULL default 'Sparkle',
+  `theme` varchar(50) NOT NULL default 'Sparkle',
  `custom_notes` text,
  `custom_notes_show` tinyint(1) NOT NULL default '0',
  `type_2fa` tinyint(1) NOT NULL default '0',
-  `data_2fa` varchar(500) NOT NULL default '',
+  `data_2fa` varchar(25) NOT NULL default '',
  `api_allowed` tinyint(1) NOT NULL default '1',
   PRIMARY KEY  (`adminid`),
   UNIQUE KEY `loginname` (`loginname`)
 ) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -149,13 +150,13 @@ CREATE TABLE `panel_customers` (
  `gender` int(1) NOT NULL DEFAULT '0',
  `company` varchar(255) NOT NULL default '',
  `street` varchar(255) NOT NULL default '',
-  `zipcode` varchar(255) NOT NULL default '',
+  `zipcode` varchar(25) NOT NULL default '',
  `city` varchar(255) NOT NULL default '',
-  `phone` varchar(255) NOT NULL default '',
+  `phone` varchar(50) NOT NULL default '',
-  `fax` varchar(255) NOT NULL default '',
+  `fax` varchar(50) NOT NULL default '',
  `email` varchar(255) NOT NULL default '',
  `customernumber` varchar(255) NOT NULL default '',
-  `def_language` varchar(255) NOT NULL default '',
+  `def_language` varchar(100) NOT NULL default '',
  `diskspace` bigint(30) NOT NULL default '0',
  `diskspace_used` bigint(30) NOT NULL default '0',
  `mysqls` int(15) NOT NULL default '0',
@@ -189,16 +190,16 @@ CREATE TABLE `panel_customers` (
  `imap` tinyint(1) NOT NULL default '1',
  `perlenabled` tinyint(1) NOT NULL default '0',
  `dnsenabled` tinyint(1) NOT NULL default '0',
-  `theme` varchar(255) NOT NULL default 'Sparkle',
+  `theme` varchar(50) NOT NULL default 'Sparkle',
  `custom_notes` text,
  `custom_notes_show` tinyint(1) NOT NULL default '0',
  `lepublickey` mediumtext default NULL,
  `leprivatekey` mediumtext default NULL,
  `leregistered` tinyint(1) NOT NULL default '0',
  `leaccount` varchar(255) default '',
  `allowed_phpconfigs` varchar(500) NOT NULL default '',
  `type_2fa` tinyint(1) NOT NULL default '0',
-  `data_2fa` varchar(500) NOT NULL default '',
+  `data_2fa` varchar(25) NOT NULL default '',
  `api_allowed` tinyint(1) NOT NULL default '1',
  `logviewenabled` tinyint(1) NOT NULL default '0',
   PRIMARY KEY  (`customerid`),
   UNIQUE KEY `loginname` (`loginname`)
@@ -223,6 +224,7 @@ DROP TABLE IF EXISTS `panel_domains`;
 CREATE TABLE `panel_domains` (
  `id` int(11) unsigned NOT NULL auto_increment,
  `domain` varchar(255) NOT NULL default '',
  `domain_ace` varchar(255) NOT NULL default '',
  `adminid` int(11) unsigned NOT NULL default '0',
  `customerid` int(11) unsigned NOT NULL default '0',
  `aliasdomain` int(11) unsigned NULL,
@@ -246,6 +248,8 @@ CREATE TABLE `panel_domains` (
  `speciallogfile` tinyint(1) NOT NULL default '0',
  `ssl_redirect` tinyint(4) NOT NULL default '0',
  `specialsettings` text,
  `ssl_specialsettings` text,
  `include_specialsettings` tinyint(1) NOT NULL default '0',
  `deactivated` tinyint(1) NOT NULL default '0',
  `bindserial` varchar(10) NOT NULL default '2000010100',
  `add_date` int( 11 ) NOT NULL default '0',
@@ -264,6 +268,13 @@ CREATE TABLE `panel_domains` (
  `notryfiles` tinyint(1) DEFAULT '0',
  `writeaccesslog` tinyint(1) DEFAULT '1',
  `writeerrorlog` tinyint(1) DEFAULT '1',
  `override_tls` tinyint(1) DEFAULT '0',
  `ssl_protocols` text,
  `ssl_cipher_list` text,
  `tlsv13_cipher_list` text,
  `ssl_enabled` tinyint(1) DEFAULT '1',
  `ssl_honorcipherorder` tinyint(1) DEFAULT '0',
  `ssl_sessiontickets` tinyint(1) DEFAULT '1',
  PRIMARY KEY  (`id`),
  KEY `customerid` (`customerid`),
  KEY `parentdomain` (`parentdomainid`),
@@ -289,6 +300,10 @@ CREATE TABLE `panel_ipsandports` (
  `default_vhostconf_domain` text,
  `ssl_cert_chainfile` varchar(255) NOT NULL default '',
  `docroot` varchar(255) NOT NULL default '',
  `ssl_specialsettings` text,
  `include_specialsettings` tinyint(1) NOT NULL default '0',
  `ssl_default_vhostconf_domain` text,
  `include_default_vhostconf_domain` tinyint(1) NOT NULL default '0',
  PRIMARY KEY  (`id`),
  UNIQUE KEY `ip_port` (`ip`,`port`)
 ) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -375,6 +390,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('admin', 'show_news_feed', '0'),
 	('admin', 'show_version_login', '0'),
 	('admin', 'show_version_footer', '0'),
 	('caa', 'caa_entry', ''),
 	('spf', 'use_spf', '0'),
 	('spf', 'spf_entry', '"v=spf1 a mx -all"'),
 	('dkim', 'dkim_algorithm', 'all'),
@@ -404,7 +420,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('phpfpm', 'defaultini', '1'),
 	('phpfpm', 'vhost_defaultini', '2'),
 	('phpfpm', 'fastcgi_ipcdir', '/var/lib/apache2/fastcgi/'),
-	('phpfpm', 'use_mod_proxy', '0'),
+	('phpfpm', 'use_mod_proxy', '1'),
 	('phpfpm', 'ini_flags', 'asp_tags
 display_errors
 display_startup_errors
@@ -557,10 +573,12 @@ opcache.interned_strings_buffer'),
 	('system', 'stdsubdomain', ''),
 	('system', 'awstats_path', '/usr/bin/'),
 	('system', 'awstats_conf', '/etc/awstats/'),
 	('system', 'awstats_logformat', '1'),
 	('system', 'defaultttl', '604800'),
 	('system', 'mod_fcgid_defaultini', '1'),
 	('system', 'ftpserver', 'proftpd'),
 	('system', 'dns_createmailentry', '0'),
 	('system', 'dns_createcaaentry', '1'),
 	('system', 'froxlordirectlyviahostname', '0'),
 	('system', 'report_enable', '1'),
 	('system', 'report_webmax', '90'),
@@ -613,7 +631,7 @@ opcache.interned_strings_buffer'),
 	('system', 'letsencryptkeysize', '4096'),
 	('system', 'letsencryptreuseold', 0),
 	('system', 'leenabled', '0'),
-	('system', 'leapiversion', '1'),
+	('system', 'leapiversion', '2'),
 	('system', 'backupenabled', '0'),
 	('system', 'dnsenabled', '0'),
 	('system', 'dns_server', 'Bind'),
@@ -636,8 +654,12 @@ opcache.interned_strings_buffer'),
 	('system', 'leregistered', '0'),
 	('system', 'leaccount', ''),
 	('system', 'nssextrausers', '0'),
-	('system', 'disable_le_selfcheck', '0'),
+	('system', 'le_domain_dnscheck', '1'),
 	('system', 'ssl_protocols', 'TLSv1,TLSv1.2'),
 	('system', 'tlsv13_cipher_list', ''),
 	('system', 'honorcipherorder', '0'),
 	('system', 'sessiontickets', '1'),
 	('system', 'sessionticketsenabled', '1'),
 	('system', 'logfiles_format', ''),
 	('system', 'logfiles_type', '1'),
 	('system', 'logfiles_piped', '0'),
@@ -646,6 +668,8 @@ opcache.interned_strings_buffer'),
 	('system', 'errorlog_level', 'warn'),
 	('system', 'leecc', '0'),
 	('system', 'froxloraliases', ''),
 	('system', 'apply_specialsettings_default', '1'),
 	('system', 'apply_phpconfigs_default', '1'),
 	('api', 'enabled', '0'),
 	('2fa', 'enabled', '1'),
 	('panel', 'decimal_places', '4'),
@@ -680,8 +704,8 @@ opcache.interned_strings_buffer'),
 	('panel', 'password_special_char', '!?<>§$%+#=@'),
 	('panel', 'customer_hide_options', ''),
 	('panel', 'is_configured', '0'),
-	('panel', 'version', '0.10.0-rc2'),
+	('panel', 'version', '0.10.16'),
-	('panel', 'db_version', '201904250');
+	('panel', 'db_version', '202004140');
 DROP TABLE IF EXISTS `panel_tasks`;
@@ -819,14 +843,15 @@ CREATE TABLE `panel_fpmdaemons` (
  `description` varchar(50) NOT NULL,
  `reload_cmd` varchar(255) NOT NULL,
  `config_dir` varchar(255) NOT NULL,
-  `pm` varchar(15) NOT NULL DEFAULT 'static',
+  `pm` varchar(15) NOT NULL DEFAULT 'dynamic',
-  `max_children` int(4) NOT NULL DEFAULT '1',
+  `max_children` int(4) NOT NULL DEFAULT '5',
-  `start_servers` int(4) NOT NULL DEFAULT '20',
+  `start_servers` int(4) NOT NULL DEFAULT '2',
-  `min_spare_servers` int(4) NOT NULL DEFAULT '5',
+  `min_spare_servers` int(4) NOT NULL DEFAULT '1',
-  `max_spare_servers` int(4) NOT NULL DEFAULT '35',
+  `max_spare_servers` int(4) NOT NULL DEFAULT '3',
  `max_requests` int(4) NOT NULL DEFAULT '0',
-  `idle_timeout` int(4) NOT NULL DEFAULT '30',
+  `idle_timeout` int(4) NOT NULL DEFAULT '10',
  `limit_extensions` varchar(255) NOT NULL default '.php',
  `custom_config` text,
  PRIMARY KEY  (`id`),
  UNIQUE KEY `reload` (`reload_cmd`),
  UNIQUE KEY `config` (`config_dir`)
@@ -835,7 +860,7 @@ CREATE TABLE `panel_fpmdaemons` (
 INSERT INTO `panel_fpmdaemons` (`id`, `description`, `reload_cmd`, `config_dir`) VALUES
-(1, 'System default', 'service php7.0-fpm restart', '/etc/php/7.0/fpm/pool.d/');
+(1, 'System default', 'service php7.3-fpm restart', '/etc/php/7.3/fpm/pool.d/');
@@ -855,13 +880,13 @@ CREATE TABLE `panel_phpconfigs` (
  `fpmsettingid` int(11) NOT NULL DEFAULT '1',
  `pass_authorizationheader` tinyint(1) NOT NULL default '0',
  `override_fpmconfig` tinyint(1) NOT NULL DEFAULT '0',
-  `pm` varchar(15) NOT NULL DEFAULT 'static',
+  `pm` varchar(15) NOT NULL DEFAULT 'dynamic',
-  `max_children` int(4) NOT NULL DEFAULT '1',
+  `max_children` int(4) NOT NULL DEFAULT '5',
-  `start_servers` int(4) NOT NULL DEFAULT '20',
+  `start_servers` int(4) NOT NULL DEFAULT '2',
-  `min_spare_servers` int(4) NOT NULL DEFAULT '5',
+  `min_spare_servers` int(4) NOT NULL DEFAULT '1',
-  `max_spare_servers` int(4) NOT NULL DEFAULT '35',
+  `max_spare_servers` int(4) NOT NULL DEFAULT '3',
  `max_requests` int(4) NOT NULL DEFAULT '0',
-  `idle_timeout` int(4) NOT NULL DEFAULT '30',
+  `idle_timeout` int(4) NOT NULL DEFAULT '10',
  `limit_extensions` varchar(255) NOT NULL default '.php',
  PRIMARY KEY  (`id`),
  KEY `fpmsettingid` (`fpmsettingid`)
@@ -870,8 +895,8 @@ CREATE TABLE `panel_phpconfigs` (
 INSERT INTO `panel_phpconfigs` (`id`, `description`, `binary`, `file_extensions`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`, `phpsettings`) VALUES
-(1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = "{DOCUMENT_ROOT}"\r\n'),
+(1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_url_fopen = Off\r\nallow_url_include = Off\r\nauto_append_file =\r\nauto_globals_jit = On\r\nauto_prepend_file =\r\nbcmath.scale = 0\r\ncli_server.color = On\r\ndefault_charset = "UTF-8"\r\ndefault_mimetype = "text/html"\r\ndefault_socket_timeout = 60\r\nasp_tags = Off\r\ndisable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\ndoc_root =\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\nhtml_errors = On\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nimplicit_flush = Off\r\nldap.max_links = -1\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmail.add_x_header = Off\r\nmax_execution_time = 30\r\nmax_file_uploads = 20\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nreport_memleaks = On\r\nrequest_order = "GP"\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nserialize_precision = -1\r\nsession.auto_start = 0\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_httponly =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.cookie_samesite =\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 0\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.sid_bits_per_character = 5\r\nsession.sid_length = 26\r\nsession.trans_sid_tags = "a=href,area=href,frame=src,form="\r\nsession.use_cookies = 1\r\nsession.use_only_cookies = 1\r\nsession.use_strict_mode = 0\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\nopcache.restrict_api = "{DOCUMENT_ROOT}"\r\n'),
-(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = ""\r\n');
+(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_url_fopen = On\r\nallow_url_include = Off\r\nauto_append_file =\r\nauto_globals_jit = On\r\nauto_prepend_file =\r\nbcmath.scale = 0\r\ncli_server.color = On\r\ndefault_charset = "UTF-8"\r\ndefault_mimetype = "text/html"\r\ndefault_socket_timeout = 60\r\nasp_tags = Off\r\ndisable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,curl_multi_exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\ndoc_root =\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\nhtml_errors = On\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nimplicit_flush = Off\r\nldap.max_links = -1\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmail.add_x_header = Off\r\nmax_execution_time = 60\r\nmax_file_uploads = 20\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nreport_memleaks = On\r\nrequest_order = "GP"\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nserialize_precision = -1\r\nsession.auto_start = 0\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_httponly =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.cookie_samesite =\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 0\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.sid_bits_per_character = 5\r\nsession.sid_length = 26\r\nsession.trans_sid_tags = "a=href,area=href,frame=src,form="\r\nsession.use_cookies = 1\r\nsession.use_only_cookies = 1\r\nsession.use_strict_mode = 0\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\nopcache.restrict_api = ""\r\n');
 DROP TABLE IF EXISTS `cronjobs_run`;
--- a/install/install.php
+++ b/install/install.php
@@ -15,6 +15,14 @@
 * @package    Install
 *
 */
 if (! file_exists(dirname(__DIR__) . '/vendor/autoload.php')) {
 	// get hint-template
 	$vendor_hint = file_get_contents(dirname(__DIR__) . '/templates/Sparkle/misc/vendormissinghint.tpl');
 	// replace values
 	$vendor_hint = str_replace("<FROXLOR_INSTALL_DIR>", dirname(__DIR__), $vendor_hint);
 	$vendor_hint = str_replace("<CURRENT_YEAR>", date('Y', time()), $vendor_hint);
 	die($vendor_hint);
 }
 require dirname(__DIR__) . '/vendor/autoload.php';
 require __DIR__ . '/lib/class.FroxlorInstall.php';
--- a/install/lib/class.FroxlorInstall.php
+++ b/install/lib/class.FroxlorInstall.php
@@ -104,7 +104,7 @@ class FroxlorInstall
 		// check if we have a valid installation already
 		$this->_checkUserdataFile();
 		// include the MySQL-Table-Definitions
-		require $this->_basepath . '/lib/tables.inc.php';
+		require_once $this->_basepath . '/lib/tables.inc.php';
 		// include language
 		$this->_includeLanguageFile();
 		// show the action
@@ -332,22 +332,29 @@ class FroxlorInstall
 		$userdata .= "?>";
 		// test if we can store the userdata.inc.php in ../lib
 		$umask = @umask(077);
 		$userdata_file = dirname(dirname(dirname(__FILE__))) . '/lib/userdata.inc.php';
-		if ($fp = @fopen($userdata_file, 'w')) {
+		if (@touch($userdata_file) && @is_writable($userdata_file)) {
-			$result = @fputs($fp, $userdata, strlen($userdata));
+			$fp = @fopen($userdata_file, 'w');
 			@fputs($fp, $userdata, strlen($userdata));
 			@fclose($fp);
 			$content .= $this->_status_message('green', 'OK');
 			chmod($userdata_file, 0440);
 		} elseif ($fp = @fopen('/tmp/userdata.inc.php', 'w')) {
 			$result = @fputs($fp, $userdata, strlen($userdata));
 			@fclose($fp);
 			$content .= $this->_status_message('orange', $this->_lng['install']['creating_configfile_temp']);
 			chmod('/tmp/userdata.inc.php', 0440);
 		} else {
-			$content .= $this->_status_message('red', $this->_lng['install']['creating_configfile_failed']);
+			@unlink($userdata_file);
-			$escpduserdata = nl2br(htmlspecialchars($userdata));
+			// try creating it in a temporary file
-			eval("\$content .= \"" . $this->_getTemplate("textarea") . "\";");
+			$temp_file = @tempnam(sys_get_temp_dir(), 'fx');
 			if ($temp_file) {
 				$fp = @fopen($temp_file, 'w');
 				@fputs($fp, $userdata, strlen($userdata));
 				@fclose($fp);
 				$content .= $this->_status_message('orange', sprintf($this->_lng['install']['creating_configfile_temp'], $temp_file));
 			} else {
 				$content .= $this->_status_message('red', $this->_lng['install']['creating_configfile_failed']);
 				$escpduserdata = nl2br(htmlspecialchars($userdata));
 				eval("\$content .= \"" . $this->_getTemplate("textarea") . "\";");
 			}
 		}
 		@umask($umask);
 		return $content;
 	}
@@ -407,6 +414,7 @@ class FroxlorInstall
 				`name` = 'Froxlor-Administrator',
 				`email` = :email,
 				`def_language` = :deflang,
 				`api_allowed` = 1,
 				`customers` = -1,
 				`customers_see_all` = 1,
 				`caneditphpsettings` = 1,
@@ -562,7 +570,7 @@ class FroxlorInstall
 			for ($i = 0; $i < sizeof($sql_query); $i ++) {
 				if (trim($sql_query[$i]) != '') {
 					try {
-						$result = $db->query($sql_query[$i]);
+						$db->query($sql_query[$i]);
 					} catch (\PDOException $e) {
 						$content .= $this->_status_message('red', $e->getMessage());
 						$fatal_fail = true;
@@ -643,21 +651,8 @@ class FroxlorInstall
 		$mysql_access_host_array[] = $this->_data['serverip'];
 		foreach ($mysql_access_host_array as $mysql_access_host) {
-			$_db = str_replace('`', '', $this->_data['mysql_database']);
+			$frox_db = str_replace('`', '', $this->_data['mysql_database']);
-			$stmt = $db_root->prepare("
+			$this->_grantDbPrivilegesTo($db_root, $frox_db, $this->_data['mysql_unpriv_user'], $this->_data['mysql_unpriv_pass'], $mysql_access_host);
 					GRANT ALL PRIVILEGES ON `" . $_db . "`.*
 					TO :username@:host
 					IDENTIFIED BY 'password'");
 			$stmt->execute(array(
 				"username" => $this->_data['mysql_unpriv_user'],
 				"host" => $mysql_access_host
 			));
 			$stmt = $db_root->prepare("SET PASSWORD FOR :username@:host = PASSWORD(:password)");
 			$stmt->execute(array(
 				"username" => $this->_data['mysql_unpriv_user'],
 				"host" => $mysql_access_host,
 				"password" => $this->_data['mysql_unpriv_pass']
 			));
 		}
 		$db_root->query("FLUSH PRIVILEGES;");
@@ -667,6 +662,38 @@ class FroxlorInstall
 		return $content;
 	}
 	private function _grantDbPrivilegesTo(&$db_root, $database, $username, $password, $access_host)
 	{
 		// mysql8 compatibility
 		if (version_compare($db_root->getAttribute(\PDO::ATTR_SERVER_VERSION), '8.0.11', '>=')) {
 			// create user
 			$stmt = $db_root->prepare("
 				CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED BY :password
 			");
 			$stmt->execute(array(
 				"password" => $password
 			));
 			// grant privileges
 			$stmt = $db_root->prepare("
 				GRANT ALL ON `" . $database . "`.* TO :username@:host
 			");
 			$stmt->execute(array(
 				"username" => $username,
 				"host" => $access_host
 			));
 		} else {
 			// grant privileges
 			$stmt = $db_root->prepare("
 				GRANT ALL PRIVILEGES ON `" . $database . "`.* TO :username@:host IDENTIFIED BY :password
 			");
 			$stmt->execute(array(
 				"username" => $username,
 				"host" => $access_host,
 				"password" => $password
 			));
 		}
 	}
 	/**
 	 * Check if an old database exists and back it up if necessary
 	 *
@@ -710,7 +737,7 @@ class FroxlorInstall
 			}
 			if ($do_backup) {
-				$command = $mysql_dump . " " . $this->_data['mysql_database'] . " -u " . $this->_data['mysql_root_user'] . " --password='" . $this->_data['mysql_root_pass'] . "' --result-file=" . $filename;
+				$command = $mysql_dump . " " . escapeshellarg($this->_data['mysql_database']) . " -u " . escapeshellarg($this->_data['mysql_root_user']) . " --password='" . escapeshellarg($this->_data['mysql_root_pass']) . "' --result-file=" . $filename;
 				$output = exec($command);
 				if (stristr($output, "error")) {
 					$content .= $this->_status_message('red', $this->_lng['install']['backup_failed']);
@@ -944,11 +971,11 @@ class FroxlorInstall
 		// check for correct php version
 		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpversion']);
-		if (version_compare("5.6.0", PHP_VERSION, ">=")) {
+		if (version_compare("7.0.0", PHP_VERSION, ">=")) {
 			$content .= $this->_status_message('red', $this->_lng['requirements']['notfound'] . ' (' . PHP_VERSION . ')');
 			$_die = true;
 		} else {
-			if (version_compare("7.0.0", PHP_VERSION, ">=")) {
+			if (version_compare("7.1.0", PHP_VERSION, ">=")) {
 				$content .= $this->_status_message('orange', $this->_lng['requirements']['newerphpprefered'] . ' (' . PHP_VERSION . ')');
 			} else {
 				$content .= $this->_status_message('green', PHP_VERSION);
@@ -1060,12 +1087,13 @@ class FroxlorInstall
 	 */
 	private function _sendHeaders()
 	{
-		// no caching
+		if (@php_sapi_name() !== 'cli') {
-		header("Cache-Control: no-store, no-cache, must-revalidate");
+			// no caching
-		header("Pragma: no-cache");
+			header("Cache-Control: no-store, no-cache, must-revalidate");
-		header('Last-Modified: ' . gmdate('D, d M Y H:i:s \G\M\T', time()));
+			header("Pragma: no-cache");
-		header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time()));
+			header('Last-Modified: ' . gmdate('D, d M Y H:i:s \G\M\T', time()));
-
+			header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time()));
 		}
 		// ensure that default timezone is set
 		if (function_exists("date_default_timezone_set") && function_exists("date_default_timezone_get")) {
 			@date_default_timezone_set(@date_default_timezone_get());
@@ -1082,7 +1110,7 @@ class FroxlorInstall
 		if (file_exists($userdata)) {
 			// includes the usersettings (MySQL-Username/Passwort)
 			// to test if Froxlor is already installed
-			require $this->_basepath . '/lib/userdata.inc.php';
+			require_once $this->_basepath . '/lib/userdata.inc.php';
 			if (isset($sql) && is_array($sql)) {
 				// use sparkle theme for the notice
@@ -1126,7 +1154,7 @@ class FroxlorInstall
 		$lngfile = $this->_basepath . '/install/lng/' . $standardlanguage . '.lng.php';
 		if (file_exists($lngfile)) {
 			// includes file /lng/$language.lng.php if it exists
-			require $lngfile;
+			require_once $lngfile;
 			$this->_lng = $lng;
 		}
@@ -1135,7 +1163,7 @@ class FroxlorInstall
 			$lngfile = $this->_basepath . '/install/lng/' . $this->_activelng . '.lng.php';
 			if (file_exists($lngfile)) {
 				// includes file /lng/$language.lng.php if it exists
-				require $lngfile;
+				require_once $lngfile;
 				$this->_lng = $lng;
 			}
 		}
--- a/install/lng/english.lng.php
+++ b/install/lng/english.lng.php
@@ -22,8 +22,8 @@ $lng['requirements']['not_true'] = 'no';
 $lng['requirements']['notfound'] = 'not found';
 $lng['requirements']['notinstalled'] = 'not installed';
 $lng['requirements']['activated'] = 'enabled';
-$lng['requirements']['phpversion'] = 'PHP version >= 5.6';
+$lng['requirements']['phpversion'] = 'PHP version >= 7.0';
-$lng['requirements']['newerphpprefered'] = 'Good, but php-7.0 is prefered.';
+$lng['requirements']['newerphpprefered'] = 'Good, but php-7.1 is prefered.';
 $lng['requirements']['phppdo'] = 'PHP PDO extension and PDO-MySQL driver...';
 $lng['requirements']['phpsession'] = 'PHP session-extension...';
 $lng['requirements']['phpctype'] = 'PHP ctype-extension...';
@@ -86,7 +86,7 @@ $lng['install']['changing_data'] = 'Adjusting settings...';
 $lng['install']['creating_entries'] = 'Inserting new values...';
 $lng['install']['adding_admin_user'] = 'Creating admin-account...';
 $lng['install']['creating_configfile'] = 'Creating configfile...';
-$lng['install']['creating_configfile_temp'] = 'File was saved in /tmp/userdata.inc.php, please move to ' . dirname(dirname(__DIR__)) . '/lib/.';
+$lng['install']['creating_configfile_temp'] = 'File was saved in %s, please move to ' . dirname(dirname(__DIR__)) . '/lib/userdata.inc.php';
 $lng['install']['creating_configfile_failed'] = 'Could not create ' . dirname(dirname(__DIR__)) . '/lib/userdata.inc.php, please create it manually with the following content:';
 $lng['install']['froxlor_succ_installed'] = 'Froxlor was installed successfully.';
--- a/install/lng/french.lng.php
+++ b/install/lng/french.lng.php
@@ -22,7 +22,7 @@ $lng['requirements']['not_true'] = 'non';
 $lng['requirements']['notfound'] = 'introuvable';
 $lng['requirements']['notinstalled'] = 'non installé';
 $lng['requirements']['activated'] = 'activé';
-$lng['requirements']['phpversion'] = 'PHP version >= 5.6';
+$lng['requirements']['phpversion'] = 'PHP version >= 7.0';
 $lng['requirements']['phppdo'] = 'extension PHP PDO et pilote PDO-MySQL ...';
 $lng['requirements']['phpxml'] = 'extension PHP XML...';
 $lng['requirements']['phpfilter'] = 'extension PHP filter ...';
@@ -76,7 +76,7 @@ $lng['install']['changing_data'] = 'Ajustement des paramètres...';
 $lng['install']['creating_entries'] = 'Insertion des nouvelles valeurs...';
 $lng['install']['adding_admin_user'] = 'Création du compte administrateur...';
 $lng['install']['creating_configfile'] = 'Création du fichier de configuration...';
-$lng['install']['creating_configfile_temp'] = 'Le fichier a été enregistré dans /tmp/userdata.inc.php, merci de le déplacer dans ' . dirname(dirname(__DIR__)) . '/lib/.';
+$lng['install']['creating_configfile_temp'] = 'Le fichier a été enregistré dans %s, merci de le déplacer dans ' . dirname(dirname(__DIR__)) . '/lib/userdata.inc.php';
 $lng['install']['creating_configfile_failed'] = 'Impossible de créer ' . dirname(dirname(__DIR__)) . '/lib/userdata.inc.php, merci de le créer manuellement avec le contenu suivant:';
 $lng['install']['froxlor_succ_installed'] = 'Froxlor a été installé avec succès.';
--- a/install/lng/german.lng.php
+++ b/install/lng/german.lng.php
@@ -22,8 +22,8 @@ $lng['requirements']['not_true'] = 'nein';
 $lng['requirements']['notfound'] = 'nicht gefunden';
 $lng['requirements']['notinstalled'] = 'nicht installiert';
 $lng['requirements']['activated'] = 'ist aktiviert.';
-$lng['requirements']['phpversion'] = 'PHP Version >= 5.6';
+$lng['requirements']['phpversion'] = 'PHP Version >= 7.0';
-$lng['requirements']['newerphpprefered'] = 'Passt, aber php-7.0 wird bevorzugt.';
+$lng['requirements']['newerphpprefered'] = 'Passt, aber php-7.1 wird bevorzugt.';
 $lng['requirements']['phppdo'] = 'PHP PDO Erweiterung und PDO-MySQL Treiber...';
 $lng['requirements']['phpsession'] = 'PHP session-Erweiterung...';
 $lng['requirements']['phpctype'] = 'PHP ctype-Erweiterung...';
@@ -86,7 +86,7 @@ $lng['install']['changing_data'] = 'Einstellungen anpassen...';
 $lng['install']['creating_entries'] = 'Trage neue Werte ein...';
 $lng['install']['adding_admin_user'] = 'Erstelle Admin-Benutzer...';
 $lng['install']['creating_configfile'] = 'Erstelle Konfigurationsdatei...';
-$lng['install']['creating_configfile_temp'] = 'Datei wurde in /tmp/userdata.inc.php gespeichert, bitte nach ' . dirname(dirname(__DIR__)) . '/lib/ verschieben.';
+$lng['install']['creating_configfile_temp'] = 'Datei wurde in %s gespeichert, bitte nach ' . dirname(dirname(__DIR__)) . '/lib/userdata.inc.php verschieben.';
 $lng['install']['creating_configfile_failed'] = 'Konnte ' . dirname(dirname(__DIR__)) . '/lib/userdata.inc.php nicht erstellen, bitte manuell mit folgendem Inhalt anlegen:';
 $lng['install']['froxlor_succ_installed'] = 'Froxlor wurde erfolgreich installiert.';
--- a/install/updates/froxlor/0.10/update_0.10.inc.php
+++ b/install/updates/froxlor/0.10/update_0.10.inc.php
@@ -220,6 +220,14 @@ if (\Froxlor\Froxlor::isDatabaseVersion('201902120')) {
 		$domain_in = substr($domain_in, 0, - 1);
 		Database::query("DELETE FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` IN (" . $domain_in . ")");
 	}
 	// check for froxlor domain using let's encrypt
 	if (Settings::Get('system.le_froxlor_enabled') == 1) {
 		Database::query("DELETE FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = '0'");
 	}
 	lastStepStatus(0);
 	showUpdateStep("Inserting job to regenerate configfiles");
 	\Froxlor\System\Cronjob::inserttask('1');
 	lastStepStatus(0);
 	\Froxlor\Froxlor::updateToDbVersion('201902170');
@@ -257,5 +265,355 @@ if (\Froxlor\Froxlor::isDatabaseVersion('201904100')) {
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.0-rc1')) {
 	showUpdateStep("Updating from 0.10.0-rc1 to 0.10.0-rc2", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.0-rc2');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('201904250')) {
 	showUpdateStep("Adding new settings for CAA");
 	Settings::AddNew('caa.caa_entry', '', true);
 	Settings::AddNew('system.dns_createcaaentry', 1, true);
 	lastStepStatus(0);
 	\Froxlor\Froxlor::updateToDbVersion('201907270');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('201907270')) {
 	showUpdateStep("Cleaning up old files");
 	$to_clean = array(
 		"actions/admin/settings/000.version.php",
 		"actions/admin/settings/190.ticket.php",
 		"admin_tickets.php",
 		"customer_tickets.php",
 		"install/scripts/language-check.php",
 		"install/updates/froxlor/upgrade_syscp.inc.php",
 		"lib/classes",
 		"lib/configfiles/precise.xml",
 		"lib/cron_init.php",
 		"lib/cron_shutdown.php",
 		"lib/formfields/admin/tickets",
 		"lib/formfields/customer/tickets",
 		"lib/functions.php",
 		"lib/functions",
 		"lib/navigation/10.tickets.php",
 		"scripts/classes",
 		"scripts/jobs",
 		"templates/Sparkle/admin/tickets",
 		"templates/Sparkle/customer/tickets"
 	);
 	$disabled = explode(',', ini_get('disable_functions'));
 	$exec_allowed = ! in_array('exec', $disabled);
 	$del_list = "";
 	foreach ($to_clean as $filedir) {
 		$complete_filedir = \Froxlor\Froxlor::getInstallDir() . $filedir;
 		if (file_exists($complete_filedir)) {
 			if ($exec_allowed) {
 				Froxlor\FileDir::safe_exec("rm -rf " . escapeshellarg($complete_filedir));
 			} else {
 				$del_list .= "rm -rf " . escapeshellarg($complete_filedir) . PHP_EOL;
 			}
 		}
 	}
 	if ($exec_allowed) {
 		lastStepStatus(0);
 	} else {
 		if (empty($del_list)) {
 			// none of the files existed
 			lastStepStatus(0);
 		} else {
 			lastStepStatus(1, 'manual commands needed');
 			echo '<span class="update-step update-step-err">Please run the following commands manually:</span><br><pre>' . $del_list . '</pre><br>';
 		}
 	}
 	\Froxlor\Froxlor::updateToDbVersion('201909150');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.0-rc2')) {
 	showUpdateStep("Updating from 0.10.0-rc2 to 0.10.0 final", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.0');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('201909150')) {
 	showUpdateStep("Adding TLSv1.3-cipherlist setting");
 	Settings::AddNew("system.tlsv13_cipher_list", '');
 	lastStepStatus(0);
 	\Froxlor\Froxlor::updateToDbVersion('201910030');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('201910030')) {
 	showUpdateStep("Adding field api_allowed to admins and customers");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_ADMINS . "` ADD `api_allowed` tinyint(1) NOT NULL default '1';");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` ADD `api_allowed` tinyint(1) NOT NULL default '1';");
 	lastStepStatus(0);
 	\Froxlor\Froxlor::updateToDbVersion('201910090');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.0')) {
 	showUpdateStep("Updating from 0.10.0 to 0.10.1 final", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.1');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('201910090')) {
 	showUpdateStep("Adjusting Let's Encrypt API setting");
 	Settings::Set("system.leapiversion", '2');
 	lastStepStatus(0);
 	\Froxlor\Froxlor::updateToDbVersion('201910110');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('201910110')) {
 	showUpdateStep("Adding new settings for ssl-vhost default content");
 	Settings::AddNew("system.default_sslvhostconf", '');
 	Settings::AddNew("system.include_default_vhostconf", '0');
 	lastStepStatus(0);
 	showUpdateStep("Adding new fields to ips and ports-table");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_IPSANDPORTS . "` ADD `ssl_specialsettings` text AFTER `docroot`;");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_IPSANDPORTS . "` ADD `include_specialsettings` tinyint(1) NOT NULL default '0' AFTER `ssl_specialsettings`;");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_IPSANDPORTS . "` ADD `ssl_default_vhostconf_domain` text AFTER `include_specialsettings`;");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_IPSANDPORTS . "` ADD `include_default_vhostconf_domain` tinyint(1) NOT NULL default '0' AFTER `ssl_default_vhostconf_domain`;");
 	lastStepStatus(0);
 	showUpdateStep("Adding new fields to domains-table");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `ssl_specialsettings` text AFTER `specialsettings`;");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `include_specialsettings` tinyint(1) NOT NULL default '0' AFTER `ssl_specialsettings`;");
 	lastStepStatus(0);
 	// select all ips/ports with specialsettings and SSL enabled to include the specialsettings in the ssl-vhost
 	// because the former implementation included it and users might rely on that, see https://github.com/Froxlor/Froxlor/issues/727
 	$sel_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `specialsettings` <> '' AND `ssl` = '1'");
 	Database::pexecute($sel_stmt);
 	$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_IPSANDPORTS . "` SET `include_specialsettings` = '1' WHERE `id` = :id");
 	if ($sel_stmt->columnCount() > 0) {
 		showUpdateStep("Adjusting IP/port settings for downward compatibility");
 		while ($row = $sel_stmt->fetch(PDO::FETCH_ASSOC)) {
 			Database::pexecute($upd_stmt, [
 				'id' => $row['id']
 			]);
 		}
 		lastStepStatus(0);
 	}
 	// select all domains with an ssl IP connected and specialsettings content to include these in the ssl-vhost
 	// to maintain former behavior
 	$sel_stmt = Database::prepare("
 		SELECT d.id FROM `" . TABLE_PANEL_DOMAINS . "` d
 		LEFT JOIN `" . TABLE_DOMAINTOIP . "` d2i ON d2i.id_domain = d.id
 		LEFT JOIN `" . TABLE_PANEL_IPSANDPORTS . "` i ON i.id = d2i.id_ipandports
 		WHERE d.specialsettings <> '' AND i.ssl = '1'
 	");
 	Database::pexecute($sel_stmt);
 	$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `include_specialsettings` = '1' WHERE `id` = :id");
 	if ($sel_stmt->columnCount() > 0) {
 		showUpdateStep("Adjusting domain settings for downward compatibility");
 		while ($row = $sel_stmt->fetch(PDO::FETCH_ASSOC)) {
 			Database::pexecute($upd_stmt, [
 				'id' => $row['id']
 			]);
 		}
 		lastStepStatus(0);
 	}
 	\Froxlor\Froxlor::updateToDbVersion('201910120');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.1')) {
 	showUpdateStep("Updating from 0.10.1 to 0.10.2", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.2');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('201910120')) {
 	showUpdateStep("Adding new TLS options to domains-table");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `override_tls` tinyint(1) DEFAULT '0' AFTER `writeerrorlog`;");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `ssl_protocols` text AFTER `override_tls`;");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `ssl_cipher_list` text AFTER `ssl_protocols`;");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `tlsv13_cipher_list` text AFTER `ssl_cipher_list`;");
 	lastStepStatus(0);
 	\Froxlor\Froxlor::updateToDbVersion('201910200');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.2')) {
 	showUpdateStep("Updating from 0.10.2 to 0.10.3", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.3');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.3')) {
 	showUpdateStep("Updating from 0.10.3 to 0.10.4", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.4');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.4')) {
 	showUpdateStep("Updating from 0.10.4 to 0.10.5", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.5');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('201910200')) {
 	showUpdateStep("Optimizing customer and admin table for size");
 	// ALTER TABLE `panel_customers` CHANGE `name` `name` VARCHAR(250) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT '';
 	Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` CHANGE `zipcode` `zipcode` varchar(25) NOT NULL default '';");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` CHANGE `phone` `phone` varchar(50) NOT NULL default '';");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` CHANGE `fax` `fax` varchar(50) NOT NULL default '';");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` CHANGE `def_language` `def_language` varchar(100) NOT NULL default '';");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` CHANGE `theme` `theme` varchar(50) NOT NULL default 'Sparkle';");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` CHANGE `data_2fa` `data_2fa` varchar(25) NOT NULL default '';");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` CHANGE `def_language` `def_language` varchar(100) NOT NULL default '';");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` DROP `leaccount`;");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_ADMINS . "` CHANGE `def_language` `def_language` varchar(100) NOT NULL default '';");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_ADMINS . "` CHANGE `theme` `theme` varchar(50) NOT NULL default 'Sparkle';");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_ADMINS . "` CHANGE `data_2fa` `data_2fa` varchar(25) NOT NULL default '';");
 	lastStepStatus(0);
 	\Froxlor\Froxlor::updateToDbVersion('201911130');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.5')) {
 	showUpdateStep("Updating from 0.10.5 to 0.10.6", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.6');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('201911130')) {
 	showUpdateStep("Adding new settings for domain edit form default values");
 	Settings::AddNew("system.apply_specialsettings_default", '1');
 	Settings::AddNew("system.apply_phpconfigs_default", '1');
 	lastStepStatus(0);
 	\Froxlor\Froxlor::updateToDbVersion('201911220');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.6')) {
 	showUpdateStep("Updating from 0.10.6 to 0.10.7", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.7');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.7')) {
 	showUpdateStep("Updating from 0.10.7 to 0.10.8", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.8');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.8')) {
 	showUpdateStep("Updating from 0.10.8 to 0.10.9", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.9');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('201911220')) {
 	showUpdateStep("Adding enhanced SSL control over domains");
 	// customer domains
 	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `ssl_enabled` tinyint(1) DEFAULT '1';");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `ssl_honorcipherorder` tinyint(1) DEFAULT '0' AFTER `ssl_enabled`;");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `ssl_sessiontickets` tinyint(1) DEFAULT '1' AFTER `ssl_honorcipherorder`;");
 	// as setting for froxlor vhost
 	Settings::AddNew("system.honorcipherorder", '0');
 	Settings::AddNew("system.sessiontickets", '1');
 	lastStepStatus(0);
 	\Froxlor\Froxlor::updateToDbVersion('201912100');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.9')) {
 	showUpdateStep("Updating from 0.10.9 to 0.10.10", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.10');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('201912100')) {
 	showUpdateStep("Adding option to disable SSL sessiontickets for older systems");
 	Settings::AddNew("system.sessionticketsenabled", '1');
 	lastStepStatus(0);
 	\Froxlor\Froxlor::updateToDbVersion('201912310');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('201912310')) {
 	showUpdateStep("Adding custom phpfpm pool configuration field");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_FPMDAEMONS . "` ADD `custom_config` text AFTER `limit_extensions`;");
 	lastStepStatus(0);
 	\Froxlor\Froxlor::updateToDbVersion('201912311');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.10')) {
 	showUpdateStep("Updating from 0.10.10 to 0.10.11", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.11');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('201912311')) {
 	showUpdateStep("Migrate logfiles_format setting");
 	$current_format = Settings::Set('system.logfiles_format');
 	if (! empty($current_format)) {
 		Settings::Set('system.logfiles_format', '"' . Settings::Get('system.logfiles_format') . '"');
 		lastStepStatus(0);
 	} else {
 		lastStepStatus(0, 'not needed');
 	}
 	\Froxlor\Froxlor::updateToDbVersion('201912312');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('201912312')) {
 	showUpdateStep("Adding option change awstats LogFormat");
 	Settings::AddNew("system.awstats_logformat", '1');
 	lastStepStatus(0);
 	\Froxlor\Froxlor::updateToDbVersion('201912313');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.11')) {
 	showUpdateStep("Updating from 0.10.11 to 0.10.12", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.12');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.12')) {
 	showUpdateStep("Updating from 0.10.12 to 0.10.13", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.13');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('201912313')) {
 	showUpdateStep("Adding new field to domains table");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `domain_ace` varchar(255) NOT NULL default '' AFTER `domain`;");
 	lastStepStatus(0);
 	showUpdateStep("Updating domain entries");
 	$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `domain_ace` = :ace WHERE `id` = :domainid");
 	$sel_stmt = Database::prepare("SELECT id, domain FROM `" . TABLE_PANEL_DOMAINS . "` ORDER BY id ASC");
 	Database::pexecute($sel_stmt);
 	$idna_convert = new \Froxlor\Idna\IdnaWrapper();
 	while ($domain = $sel_stmt->fetch(\PDO::FETCH_ASSOC)) {
 		Database::pexecute($upd_stmt, [
 			'ace' => $idna_convert->decode($domain['domain']),
 			'domainid' => $domain['id']
 		]);
 	}
 	lastStepStatus(0);
 	\Froxlor\Froxlor::updateToDbVersion('202002290');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.13')) {
 	showUpdateStep("Updating from 0.10.13 to 0.10.14", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.14');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.14')) {
 	showUpdateStep("Updating from 0.10.14 to 0.10.15", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.15');
 }
 if (\Froxlor\Froxlor::isDatabaseVersion('202002290')) {
 	showUpdateStep("Adding new setting to validate DNS when using Let's Encrypt");
 	Database::query("DELETE FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'system' AND `varname` = 'disable_le_selfcheck'");
 	$le_domain_dnscheck = isset($_POST['system_le_domain_dnscheck']) ? (int) $_POST['system_le_domain_dnscheck'] : '1';
 	Settings::AddNew("system.le_domain_dnscheck", $le_domain_dnscheck);
 	lastStepStatus(0);
 	\Froxlor\Froxlor::updateToDbVersion('202004140');
 }
 if (\Froxlor\Froxlor::isFroxlorVersion('0.10.15')) {
 	showUpdateStep("Updating from 0.10.15 to 0.10.16", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.16');
 }
--- a/install/updates/preconfig.php
+++ b/install/updates/preconfig.php
@@ -34,6 +34,9 @@ function getPreConfig($current_version, $current_db_version)
 	include_once \Froxlor\FileDir::makeCorrectFile(dirname(__FILE__) . '/preconfig/0.9/preconfig_0.9.inc.php');
 	parseAndOutputPreconfig($has_preconfig, $return, $current_version, $current_db_version);
 	include_once \Froxlor\FileDir::makeCorrectFile(dirname(__FILE__) . '/preconfig/0.10/preconfig_0.10.inc.php');
 	parseAndOutputPreconfig2($has_preconfig, $return, $current_version, $current_db_version);
 	$return .= '<br /><br />' . \Froxlor\UI\HTML::makecheckbox('update_changesagreed', '<strong>I have read the update notifications above and I am aware of the changes made to my system.</strong>', '1', true, '0', true);
 	$return .= '</div>';
 	$return .= '<input type="hidden" name="update_preconfig" value="1" />';
--- a/install/updates/preconfig/0.10/preconfig_0.10.inc.php
+++ b/install/updates/preconfig/0.10/preconfig_0.10.inc.php
@@ -0,0 +1,42 @@
 <?php
 /**
 * This file is part of the Froxlor project.
 * Copyright (c) 2010 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
 * file that was distributed with this source code. You can also view the
 * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright  (c) the authors
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Updater
 *
 */
 /**
 * checks if the new-version has some updating to do
 *
 * @param boolean $has_preconfig
 *        	pointer to check if any preconfig has to be output
 * @param string $return
 *        	pointer to output string
 * @param string $current_version
 *        	current froxlor version
 *        	
 * @return null
 */
 function parseAndOutputPreconfig2(&$has_preconfig, &$return, $current_version, $current_db_version)
 {
 	global $lng;
 	if (versionInUpdate($current_db_version, '202004140')) {
 		$has_preconfig = true;
 		$description = 'Froxlor can now optionally validate the dns entries of domains that request Lets Encrypt certificates to reduce dns-related problems (e.g. freshly registered domain or updated a-record).<br />';
 		$question = '<strong>Validate DNS of domains when using Lets Encrypt&nbsp;';
 		$question .= \Froxlor\UI\HTML::makeyesno('system_le_domain_dnscheck', '1', '0', '1');
 		eval("\$return.=\"" . \Froxlor\UI\Template::getTemplate("update/preconfigitem") . "\";");
 	}
 }
--- a/lib/Froxlor/Api/ApiCommand.php
+++ b/lib/Froxlor/Api/ApiCommand.php
@@ -232,6 +232,166 @@ abstract class ApiCommand extends ApiParameter
 		return $this->user_data;
 	}
 	/**
 	 * return SQL when parameter $sql_search is given via API
 	 *
 	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param array $query_fields
 	 *        	optional array of placeholders mapped to the actual value which is used in the API commands when executing the statement [internal]
 	 * @param boolean $append
 	 *        	optional append to WHERE clause rather then create new one, default false [internal]
 	 *
 	 * @return string
 	 */
 	protected function getSearchWhere(&$query_fields = array(), $append = false)
 	{
 		$search = $this->getParam('sql_search', true, array());
 		$condition = '';
 		if (! empty($search)) {
 			if ($append == true) {
 				$condition = ' AND ';
 			} else {
 				$condition = ' WHERE ';
 			}
 			$ops = array(
 				'<',
 				'>',
 				'='
 			);
 			$first = true;
 			foreach ($search as $field => $valoper) {
 				$cleanfield = str_replace(".", "", $field);
 				$sortfield = explode('.', $field);
 				foreach ($sortfield as $id => $sfield) {
 					if (substr($sfield, - 1, 1) != '`') {
 						$sfield .= '`';
 					}
 					if ($sfield[0] != '`') {
 						$sfield = '`' . $sfield;
 					}
 					$sortfield[$id] = $sfield;
 				}
 				$field = implode('.', $sortfield);
 				if (! $first) {
 					$condition .= ' AND ';
 				}
 				if (! is_array($valoper) || ! isset($valoper['op']) || empty($valoper['op'])) {
 					$condition .= $field . ' LIKE :' . $cleanfield;
 					if (! is_array($valoper)) {
 						$query_fields[':' . $cleanfield] = '%' . $valoper . '%';
 					} else {
 						$query_fields[':' . $cleanfield] = '%' . $valoper['value'] . '%';
 					}
 				} elseif (in_array($valoper['op'], $ops)) {
 					$condition .= $field . ' ' . $valoper['op'] . ':' . $cleanfield;
 					$query_fields[':' . $cleanfield] = $valoper['value'] ?? '';
 				} else {
 					continue;
 				}
 				if ($first) {
 					$first = false;
 				}
 			}
 		}
 		return $condition;
 	}
 	/**
 	 * return LIMIT clause when at least $sql_limit parameter is given via API
 	 *
 	 * @param int $sql_limit
 	 *        	optional, limit resultset, default 0
 	 * @param int $sql_offset
 	 *        	optional, offset for limitation, default 0
 	 *
 	 * @return string
 	 */
 	protected function getLimit()
 	{
 		$limit = $this->getParam('sql_limit', true, 0);
 		$offset = $this->getParam('sql_offset', true, 0);
 		if (! is_numeric($limit)) {
 			$limit = 0;
 		}
 		if (! is_numeric($offset)) {
 			$offset = 0;
 		}
 		if ($limit > 0) {
 			return ' LIMIT ' . $offset . ',' . $limit;
 		}
 		return '';
 	}
 	/**
 	 * return ORDER BY clause if parameter $sql_orderby parameter is given via API
 	 *
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC
 	 * @param boolean $append
 	 *        	optional append to ORDER BY clause rather then create new one, default false [internal]
 	 *
 	 * @return string
 	 */
 	protected function getOrderBy($append = false)
 	{
 		$orderby = $this->getParam('sql_orderby', true, array());
 		$order = "";
 		if (! empty($orderby)) {
 			if ($append) {
 				$order .= ", ";
 			} else {
 				$order .= " ORDER BY ";
 			}
 			$nat_fields = [
 				'`c`.`loginname`',
 				'`a`.`loginname`',
 				'`adminname`',
 				'`databasename`',
 				'`username`'
 			];
 			foreach ($orderby as $field => $by) {
 				$sortfield = explode('.', $field);
 				foreach ($sortfield as $id => $sfield) {
 					if (substr($sfield, - 1, 1) != '`') {
 						$sfield .= '`';
 					}
 					if ($sfield[0] != '`') {
 						$sfield = '`' . $sfield;
 					}
 					$sortfield[$id] = $sfield;
 				}
 				$field = implode('.', $sortfield);
 				$by = strtoupper($by);
 				if (! in_array($by, [
 					'ASC',
 					'DESC'
 				])) {
 					$by = 'ASC';
 				}
 				if (\Froxlor\Settings::Get('panel.natsorting') == 1 && in_array($field, $nat_fields)) {
 					// Acts similar to php's natsort(), found in one comment at http://my.opera.com/cpr/blog/show.dml/160556
 					$order .= "CONCAT( IF( ASCII( LEFT( " . $field . ", 5 ) ) > 57,
 					LEFT( " . $field . ", 1 ), 0 ),
 					IF( ASCII( RIGHT( " . $field . ", 1 ) ) > 57,
 						LPAD( " . $field . ", 255, '0' ),
 						LPAD( CONCAT( " . $field . ", '-' ), 255, '0' )
 					)) " . $by . ", ";
 				} else {
 					$order .= $field . " " . $by . ", ";
 				}
 			}
 			$order = substr($order, 0, - 2);
 		}
 		return $order;
 	}
 	/**
 	 * return logger instance
 	 *
@@ -423,8 +583,12 @@ abstract class ApiCommand extends ApiParameter
 			"group" => $group,
 			"var" => $varname
 		), true, true);
 		$content = $default;
 		if ($result) {
 			$content = $result['value'] ?? $default;
 		}
 		// @fixme html_entity_decode
-		$content = html_entity_decode(\Froxlor\PhpHelper::replaceVariables((($result['value'] != '') ? $result['value'] : $default), $replace_arr));
+		$content = html_entity_decode(\Froxlor\PhpHelper::replaceVariables($content, $replace_arr));
 		return $content;
 	}
--- a/lib/Froxlor/Api/Commands/Admins.php
+++ b/lib/Froxlor/Api/Commands/Admins.php
@@ -25,6 +25,15 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 	/**
 	 * lists all admin entries
 	 *
 	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *        	
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
@@ -33,12 +42,11 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 	{
 		if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) {
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list admins");
 			$query_fields = array();
 			$result_stmt = Database::prepare("
 				SELECT *
-				FROM `" . TABLE_PANEL_ADMINS . "`
+				FROM `" . TABLE_PANEL_ADMINS . "`" . $this->getSearchWhere($query_fields) . $this->getOrderBy() . $this->getLimit());
-				ORDER BY `loginname` ASC
+			Database::pexecute($result_stmt, $query_fields, true, true);
 			");
 			Database::pexecute($result_stmt, null, true, true);
 			$result = array();
 			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				$result[] = $row;
@@ -51,6 +59,28 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * returns the total number of admins for the given admin
 	 *
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function listingCount()
 	{
 		if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) {
 			$result_stmt = Database::prepare("
 				SELECT COUNT(*) as num_admins
 				FROM `" . TABLE_PANEL_ADMINS . "`
 			");
 			$result = Database::pexecute_first($result_stmt, null, true, true);
 			if ($result) {
 				return $this->response(200, "successfull", $result['num_admins']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * return an admin entry by either id or loginname
 	 *
@@ -97,6 +127,8 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 	 *        	optional, default auto-generated
 	 * @param string $def_language
 	 *        	optional, default is system-default language
 	 * @param bool $api_allowed
 	 *        	optional, default is true if system setting api.enabled is true, else false
 	 * @param string $custom_notes
 	 *        	optional, default empty
 	 * @param bool $custom_notes_show
@@ -171,6 +203,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			// parameters
 			$def_language = $this->getParam('def_language', true, Settings::Get('panel.standardlanguage'));
 			$api_allowed = $this->getBoolParam('api_allowed', true, Settings::Get('api.enabled'));
 			$custom_notes = $this->getParam('custom_notes', true, '');
 			$custom_notes_show = $this->getBoolParam('custom_notes_show', true, 0);
 			$password = $this->getParam('admin_password', true, '');
@@ -232,7 +265,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 				'login' => $loginname
 			), true, true);
-			if (strtolower($loginname_check['loginname']) == strtolower($loginname) || strtolower($loginname_check_admin['loginname']) == strtolower($loginname)) {
+			if (($loginname_check && strtolower($loginname_check['loginname']) == strtolower($loginname)) || ($loginname_check_admin && strtolower($loginname_check_admin['loginname']) == strtolower($loginname))) {
 				\Froxlor\UI\Response::standard_error('loginnameexists', $loginname, true);
 			} elseif (preg_match('/^' . preg_quote(Settings::Get('customer.accountprefix'), '/') . '([0-9]+)/', $loginname)) {
 				// Accounts which match systemaccounts are not allowed, filtering them
@@ -271,6 +304,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 					'name' => $name,
 					'email' => $email,
 					'lang' => $def_language,
 					'api_allowed' => $api_allowed,
 					'change_serversettings' => $change_serversettings,
 					'customers' => $customers,
 					'customers_see_all' => $customers_see_all,
@@ -299,6 +333,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 					`name` = :name,
 					`email` = :email,
 					`def_language` = :lang,
 					`api_allowed` = :api_allowed,
 					`change_serversettings` = :change_serversettings,
 					`customers` = :customers,
 					`customers_see_all` = :customers_see_all,
@@ -350,6 +385,8 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 	 *        	optional, default auto-generated
 	 * @param string $def_language
 	 *        	optional, default is system-default language
 	 * @param bool $api_allowed
 	 *        	optional, default is true if system setting api.enabled is true, else false
 	 * @param string $custom_notes
 	 *        	optional, default empty
 	 * @param string $theme
@@ -444,6 +481,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 				// you cannot edit some of the details of yourself
 				if ($result['adminid'] == $this->getUserDetail('adminid')) {
 					$api_allowed = $result['api_allowed'];
 					$deactivated = $result['deactivated'];
 					$customers = $result['customers'];
 					$domains = $result['domains'];
@@ -462,6 +500,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 					$traffic = $result['traffic'];
 					$ipaddress = ($result['ip'] != - 1 ? json_decode($result['ip'], true) : - 1);
 				} else {
 					$api_allowed = $this->getBoolParam('api_allowed', true, $result['api_allowed']);
 					$deactivated = $this->getBoolParam('deactivated', true, $result['deactivated']);
 					$dec_places = Settings::Get('panel.decimal_places');
@@ -578,6 +617,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 						'name' => $name,
 						'email' => $email,
 						'lang' => $def_language,
 						'api_allowed' => $api_allowed,
 						'change_serversettings' => $change_serversettings,
 						'customers' => $customers,
 						'customers_see_all' => $customers_see_all,
@@ -607,6 +647,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 						`name` = :name,
 						`email` = :email,
 						`def_language` = :lang,
 						`api_allowed` = :api_allowed,
 						`change_serversettings` = :change_serversettings,
 						`customers` = :customers,
 						`customers_see_all` = :customers_see_all,
@@ -793,7 +834,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 	 * @param string $extra
 	 *        	optional, default empty
 	 * @param int $increase_by
-	 *              optional, default 1
+	 *        	optional, default 1
 	 */
 	public static function increaseUsage($adminid = 0, $resource = null, $extra = '', $increase_by = 1)
 	{
@@ -808,7 +849,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 	 * @param string $extra
 	 *        	optional, default empty
 	 * @param int $decrease_by
-	 *              optional, default 1
+	 *        	optional, default 1
 	 */
 	public static function decreaseUsage($adminid = 0, $resource = null, $extra = '', $decrease_by = 1)
 	{
--- a/lib/Froxlor/Api/Commands/Certificates.php
+++ b/lib/Froxlor/Api/Commands/Certificates.php
@@ -63,10 +63,19 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 		$ssl_cert_chainfile = $this->getParam('ssl_cert_chainfile', true, '');
 		// validate whether the domain does not already have an entry
-		$result = $this->apiCall('Certificates.get', array(
+		$has_cert = true;
-			'id' => $domainid
+		try {
-		));
+			$this->apiCall('Certificates.get', array(
-		if (empty($result)) {
+				'id' => $domainid
 			));
 		} catch (\Exception $e) {
 			if ($e->getCode() == 412) {
 				$has_cert = false;
 			} else {
 				throw $e;
 			}
 		}
 		if (! $has_cert) {
 			$this->addOrUpdateCertificate($domain['id'], $ssl_cert_file, $ssl_key_file, $ssl_ca_file, $ssl_cert_chainfile, true);
 			$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_INFO, "[API] added ssl-certificate for '" . $domain['domain'] . "'");
 			$result = $this->apiCall('Certificates.get', array(
@@ -110,6 +119,9 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 		$result = Database::pexecute_first($stmt, array(
 			"domainid" => $domainid
 		));
 		if (! $result) {
 			throw new \Exception("Domain '" . $domain['domain'] . "' does not have a certificate.", 412);
 		}
 		return $this->response(200, "successfull", $result);
 	}
@@ -162,6 +174,15 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 	/**
 	 * lists all certificate entries
 	 *
 	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
@@ -176,7 +197,7 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 			WHERE ";
 		$qry_params = array();
-
+		$query_fields = array();
 		if ($this->isAdmin() && $this->getUserDetail('customers_see_all') == '0') {
 			// admin with only customer-specific permissions
 			$certs_stmt_query .= "d.adminid = :adminid ";
@@ -188,7 +209,8 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 		} else {
 			$certs_stmt_query .= "1 ";
 		}
-		$certs_stmt = Database::prepare($certs_stmt_query);
+		$certs_stmt = Database::prepare($certs_stmt_query . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
 		$qry_params = array_merge($qry_params, $query_fields);
 		Database::pexecute($certs_stmt, $qry_params, true, true);
 		$result = array();
 		while ($cert = $certs_stmt->fetch(\PDO::FETCH_ASSOC)) {
@@ -206,6 +228,40 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 		));
 	}
 	/**
 	 * returns the total number of certificates for the given user
 	 *
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function listingCount()
 	{
 		// select all my (accessable) certificates
 		$certs_stmt_query = "SELECT COUNT(*) as num_certs
 			FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` s
 			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` d ON `d`.`id` = `s`.`domainid`
 			LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` c ON `c`.`customerid` = `d`.`customerid`
 			WHERE ";
 		$qry_params = array();
 		if ($this->isAdmin() && $this->getUserDetail('customers_see_all') == '0') {
 			// admin with only customer-specific permissions
 			$certs_stmt_query .= "d.adminid = :adminid ";
 			$qry_params['adminid'] = $this->getUserDetail('adminid');
 		} elseif ($this->isAdmin() == false) {
 			// customer-area
 			$certs_stmt_query .= "d.customerid = :cid ";
 			$qry_params['cid'] = $this->getUserDetail('customerid');
 		} else {
 			$certs_stmt_query .= "1 ";
 		}
 		$certs_stmt = Database::prepare($certs_stmt_query);
 		$result = Database::pexecute_first($certs_stmt, $qry_params, true, true);
 		if ($result) {
 			return $this->response(200, "successfull", $result['num_certs']);
 		}
 	}
 	/**
 	 * delete certificates entry by id
 	 *
@@ -220,7 +276,7 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 		if ($this->isAdmin() == false) {
 			$chk_stmt = Database::prepare("
-				SELECT d.domain FROM `" . TABLE_PANEL_DOMAINS . "` d
+				SELECT d.domain, d.letsencrypt FROM `" . TABLE_PANEL_DOMAINS . "` d
 				LEFT JOIN `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` s ON s.domainid = d.id
 				WHERE s.`id` = :id AND d.`customerid` = :cid
 			");
@@ -230,7 +286,7 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 			));
 		} elseif ($this->isAdmin()) {
 			$chk_stmt = Database::prepare("
-				SELECT d.domain FROM `" . TABLE_PANEL_DOMAINS . "` d
+				SELECT d.domain, d.letsencrypt FROM `" . TABLE_PANEL_DOMAINS . "` d
 				LEFT JOIN `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` s ON s.domainid = d.id
 				WHERE s.`id` = :id" . ($this->getUserDetail('customers_see_all') == '0' ? " AND d.`adminid` = :aid" : ""));
 			$params = array(
@@ -243,7 +299,7 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 			if ($chk == false && $this->getUserDetail('change_serversettings')) {
 				// check whether it might be the froxlor-vhost certificate
 				$chk_stmt = Database::prepare("
-				SELECT \"" . Settings::Get('system.hostname') . "\" as domain FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` 
+				SELECT \"" . Settings::Get('system.hostname') . "\" as domain, \"" . Settings::Get('system.le_froxlor_enabled') . "\" as letsencrypt FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
 				WHERE `id` = :id AND `domainid` = '0'");
 				$params = array(
 					'id' => $id
@@ -265,6 +321,10 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 			Database::pexecute($del_stmt, array(
 				'id' => $id
 			));
 			// trigger removing of certificate from acme.sh if let's encrypt
 			if ($chk['letsencrypt'] == '1') {
 				\Froxlor\System\Cronjob::inserttask('12', $chk['domain']);
 			}
 			$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_INFO, "[API] removed ssl-certificate for '" . $chk['domain'] . "'");
 			return $this->response(200, "successfull", $result);
 		}
@@ -292,6 +352,7 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 		}
 		$do_verify = true;
 		$expirationdate = null;
 		// no cert-file given -> forget everything
 		if ($ssl_cert_file == '') {
 			$ssl_key_file = '';
@@ -332,6 +393,7 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 			} else {
 				\Froxlor\UI\Response::standard_error('sslcertificateinvalidcert', '', true);
 			}
 			$expirationdate = empty($cert_content['validTo_time_t']) ? null : date("Y-m-d H:i:s", $cert_content['validTo_time_t']);
 		}
 		// Add/Update database entry
@@ -345,7 +407,8 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 			`ssl_cert_file` = :ssl_cert_file,
 			`ssl_key_file` = :ssl_key_file,
 			`ssl_ca_file` = :ssl_ca_file,
-			`ssl_cert_chainfile` = :ssl_cert_chainfile
+			`ssl_cert_chainfile` = :ssl_cert_chainfile,
 			`expirationdate` = :expirationdate
 			" . $qrywhere . " `domainid`= :domainid
 		");
 		$params = array(
@@ -353,6 +416,7 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 			"ssl_key_file" => $ssl_key_file,
 			"ssl_ca_file" => $ssl_ca_file,
 			"ssl_cert_chainfile" => $ssl_cert_chainfile,
 			"expirationdate" => $expirationdate,
 			"domainid" => $domainid
 		);
 		Database::pexecute($stmt, $params, true, true);
--- a/lib/Froxlor/Api/Commands/Cronjobs.php
+++ b/lib/Froxlor/Api/Commands/Cronjobs.php
@@ -127,6 +127,15 @@ class Cronjobs extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceE
 	/**
 	 * lists all cronjob entries
 	 *
 	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
@@ -135,10 +144,10 @@ class Cronjobs extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceE
 	{
 		if ($this->isAdmin()) {
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list cronjobs");
 			$query_fields = array();
 			$result_stmt = Database::prepare("
-				SELECT `c`.* FROM `" . TABLE_PANEL_CRONRUNS . "` `c` ORDER BY `module` ASC, `cronfile` ASC
+				SELECT `c`.* FROM `" . TABLE_PANEL_CRONRUNS . "` `c` " . $this->getSearchWhere($query_fields) . $this->getOrderBy() . $this->getLimit());
-			");
+			Database::pexecute($result_stmt, $query_fields, true, true);
 			Database::pexecute($result_stmt);
 			$result = array();
 			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				$result[] = $row;
@@ -151,6 +160,27 @@ class Cronjobs extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceE
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * returns the total number of cronjobs
 	 *
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function listingCount()
 	{
 		if ($this->isAdmin()) {
 			$result_stmt = Database::prepare("
 				SELECT COUNT(*) as num_crons FROM `" . TABLE_PANEL_CRONRUNS . "` `c`
 			");
 			$result = Database::pexecute_first($result_stmt, null, true, true);
 			if ($result) {
 				return $this->response(200, "successfull", $result['num_crons']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * You cannot delete system cronjobs.
 	 */
--- a/lib/Froxlor/Api/Commands/CustomerBackups.php
+++ b/lib/Froxlor/Api/Commands/CustomerBackups.php
@@ -137,7 +137,15 @@ class CustomerBackups extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Re
 	 *        	optional, admin-only, select backup-jobs of a specific customer by id
 	 * @param string $loginname
 	 *        	optional, admin-only, select backup-jobs of a specific customer by loginname
-	 *        	
+	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
@@ -149,8 +157,9 @@ class CustomerBackups extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Re
 		$customer_ids = $this->getAllowedCustomerIds('extras.backup');
 		// check whether there is a backup-job for this customer
-		$sel_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '20'");
+		$query_fields = array();
-		Database::pexecute($sel_stmt);
+		$sel_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '20'" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
 		Database::pexecute($sel_stmt, $query_fields, true, true);
 		$result = array();
 		while ($entry = $sel_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			$entry['data'] = json_decode($entry['data'], true);
@@ -165,6 +174,37 @@ class CustomerBackups extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Re
 		));
 	}
 	/**
 	 * returns the total number of planned backups
 	 *
 	 * @param int $customerid
 	 *        	optional, admin-only, select backup-jobs of a specific customer by id
 	 * @param string $loginname
 	 *        	optional, admin-only, select backup-jobs of a specific customer by loginname
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function listingCount()
 	{
 		$this->validateAccess();
 		$customer_ids = $this->getAllowedCustomerIds('extras.backup');
 		// check whether there is a backup-job for this customer
 		$result_count = 0;
 		$sel_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '20'");
 		Database::pexecute($sel_stmt, null, true, true);
 		while ($entry = $sel_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			$entry['data'] = json_decode($entry['data'], true);
 			if (in_array($entry['data']['customerid'], $customer_ids)) {
 				$result_count ++;
 			}
 		}
 		return $this->response(200, "successfull", $result_count);
 	}
 	/**
 	 * delete a planned backup-jobs by id, if called from an admin you need to specify the customerid/loginname
 	 *
@@ -195,7 +235,7 @@ class CustomerBackups extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Re
 				if ($backupjob['id'] == $entry && in_array($backupjob['data']['customerid'], $customer_ids)) {
 					Database::pexecute($del_stmt, array(
 						'tid' => $entry
-					));
+					), true, true);
 					$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] deleted planned customer-backup #" . $entry);
 					return $this->response(200, "successfull", true);
 				}
--- a/lib/Froxlor/Api/Commands/Customers.php
+++ b/lib/Froxlor/Api/Commands/Customers.php
@@ -25,6 +25,15 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 	/**
 	 * lists all customer entries
 	 *
 	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
@@ -33,19 +42,19 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 	{
 		if ($this->isAdmin()) {
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list customers");
 			$query_fields = array();
 			$result_stmt = Database::prepare("
 				SELECT `c`.*, `a`.`loginname` AS `adminname`
 				FROM `" . TABLE_PANEL_CUSTOMERS . "` `c`, `" . TABLE_PANEL_ADMINS . "` `a`
 				WHERE " . ($this->getUserDetail('customers_see_all') ? '' : " `c`.`adminid` = :adminid AND ") . "
-				`c`.`adminid` = `a`.`adminid`
+				`c`.`adminid` = `a`.`adminid`" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
 				ORDER BY `c`.`loginname` ASC
 			");
 			$params = array();
 			if ($this->getUserDetail('customers_see_all') == '0') {
 				$params = array(
 					'adminid' => $this->getUserDetail('adminid')
 				);
 			}
 			$params = array_merge($params, $query_fields);
 			Database::pexecute($result_stmt, $params, true, true);
 			$result = array();
 			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
@@ -59,6 +68,34 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * returns the total number of customers for the given admin
 	 *
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function listingCount()
 	{
 		if ($this->isAdmin()) {
 			$result_stmt = Database::prepare("
 				SELECT COUNT(*) as num_customers
 				FROM `" . TABLE_PANEL_CUSTOMERS . "`
 				WHERE " . ($this->getUserDetail('customers_see_all') ? "1" : " `adminid` = :adminid "));
 			$params = array();
 			if ($this->getUserDetail('customers_see_all') == '0') {
 				$params = array(
 					'adminid' => $this->getUserDetail('adminid')
 				);
 			}
 			$result = Database::pexecute_first($result_stmt, $params, true, true);
 			if ($result) {
 				return $this->response(200, "successfull", $result['num_customers']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * return a customer entry by either id or loginname
 	 *
@@ -136,6 +173,8 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 	 *        	optional
 	 * @param string $def_language,
 	 *        	optional, default is system-default language
 	 * @param bool $api_allowed
 	 *        	optional, default is true if system setting api.enabled is true, else false
 	 * @param int $gender
 	 *        	optional, 0 = no-gender, 1 = male, 2 = female
 	 * @param string $custom_notes
@@ -197,11 +236,13 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 	 * @param bool $perlenabled
 	 *        	optional, whether to allow usage of Perl/CGI, default 0 (false)
 	 * @param bool $dnsenabled
-	 *        	optional, ether to allow usage of the DNS editor (requires activated nameserver in settings), default 0 (false)
+	 *        	optional, wether to allow usage of the DNS editor (requires activated nameserver in settings), default 0 (false)
 	 * @param bool $logviewenabled
-	 *        	optional, ether to allow acccess to webserver access/error-logs, default 0 (false)
+	 *        	optional, wether to allow acccess to webserver access/error-logs, default 0 (false)
 	 * @param bool $store_defaultindex
 	 *        	optional, whether to store the default index file to customers homedir
 	 * @param int $hosting_plan_id
 	 *        	optional, specify a hosting-plan to set certain resource-values from the plan instead of specifying them
 	 *        	
 	 * @access admin
 	 * @throws \Exception
@@ -227,32 +268,61 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 				$fax = $this->getParam('fax', true, '');
 				$customernumber = $this->getParam('customernumber', true, '');
 				$def_language = $this->getParam('def_language', true, Settings::Get('panel.standardlanguage'));
 				$api_allowed = $this->getBoolParam('api_allowed', true, Settings::Get('api.enabled'));
 				$gender = (int) $this->getParam('gender', true, 0);
 				$custom_notes = $this->getParam('custom_notes', true, '');
 				$custom_notes_show = $this->getBoolParam('custom_notes_show', true, 0);
 				$diskspace = $this->getUlParam('diskspace', 'diskspace_ul', true, 0);
 				$traffic = $this->getUlParam('traffic', 'traffic_ul', true, 0);
 				$subdomains = $this->getUlParam('subdomains', 'subdomains_ul', true, 0);
 				$emails = $this->getUlParam('emails', 'emails_ul', true, 0);
 				$email_accounts = $this->getUlParam('email_accounts', 'email_accounts_ul', true, 0);
 				$email_forwarders = $this->getUlParam('email_forwarders', 'email_forwarders_ul', true, 0);
 				$email_quota = $this->getUlParam('email_quota', 'email_quota_ul', true, Settings::Get('system.mail_quota'));
 				$email_imap = $this->getBoolParam('email_imap', true, 0);
 				$email_pop3 = $this->getBoolParam('email_pop3', true, 0);
 				$ftps = $this->getUlParam('ftps', 'ftps_ul', true, 0);
 				$mysqls = $this->getUlParam('mysqls', 'mysqls_ul', true, 0);
 				$createstdsubdomain = $this->getBoolParam('createstdsubdomain', true, 0);
 				$password = $this->getParam('new_customer_password', true, '');
 				$sendpassword = $this->getBoolParam('sendpassword', true, 0);
 				$phpenabled = $this->getBoolParam('phpenabled', true, 0);
 				$p_allowed_phpconfigs = $this->getParam('allowed_phpconfigs', true, array());
 				$perlenabled = $this->getBoolParam('perlenabled', true, 0);
 				$dnsenabled = $this->getBoolParam('dnsenabled', true, 0);
 				$logviewenabled = $this->getBoolParam('logviewenabled', true, 0);
 				$store_defaultindex = $this->getBoolParam('store_defaultindex', true, 0);
 				$loginname = $this->getParam('new_loginname', true, '');
 				// hosting-plan values
 				$hosting_plan_id = $this->getParam('hosting_plan_id', true, 0);
 				if ($hosting_plan_id > 0) {
 					$hp_result = $this->apiCall('HostingPlans.get', array(
 						'id' => $hosting_plan_id
 					));
 					$hp_result['value'] = json_decode($hp_result['value'], true);
 					foreach ($hp_result['value'] as $index => $value) {
 						$hp_result[$index] = $value;
 					}
 					$diskspace = $hp_result['diskspace'] ?? 0;
 					$traffic = $hp_result['traffic'] ?? 0;
 					$subdomains = $hp_result['subdomains'] ?? 0;
 					$emails = $hp_result['emails'] ?? 0;
 					$email_accounts = $hp_result['email_accounts'] ?? 0;
 					$email_forwarders = $hp_result['email_forwarders'] ?? 0;
 					$email_quota = $hp_result['email_quota'] ?? Settings::Get('system.mail_quota');
 					$email_imap = $hp_result['email_imap'] ?? 0;
 					$email_pop3 = $hp_result['email_pop3'] ?? 0;
 					$ftps = $hp_result['ftps'] ?? 0;
 					$mysqls = $hp_result['mysqls'] ?? 0;
 					$phpenabled = $hp_result['phpenabled'] ?? 0;
 					$p_allowed_phpconfigs = $hp_result['allowed_phpconfigs'] ?? 0;
 					$perlenabled = $hp_result['perlenabled'] ?? 0;
 					$dnsenabled = $hp_result['dnsenabled'] ?? 0;
 					$logviewenabled = $hp_result['logviewenabled'] ?? 0;
 				} else {
 					$diskspace = $this->getUlParam('diskspace', 'diskspace_ul', true, 0);
 					$traffic = $this->getUlParam('traffic', 'traffic_ul', true, 0);
 					$subdomains = $this->getUlParam('subdomains', 'subdomains_ul', true, 0);
 					$emails = $this->getUlParam('emails', 'emails_ul', true, 0);
 					$email_accounts = $this->getUlParam('email_accounts', 'email_accounts_ul', true, 0);
 					$email_forwarders = $this->getUlParam('email_forwarders', 'email_forwarders_ul', true, 0);
 					$email_quota = $this->getUlParam('email_quota', 'email_quota_ul', true, Settings::Get('system.mail_quota'));
 					$email_imap = $this->getBoolParam('email_imap', true, 0);
 					$email_pop3 = $this->getBoolParam('email_pop3', true, 0);
 					$ftps = $this->getUlParam('ftps', 'ftps_ul', true, 0);
 					$mysqls = $this->getUlParam('mysqls', 'mysqls_ul', true, 0);
 					$phpenabled = $this->getBoolParam('phpenabled', true, 0);
 					$p_allowed_phpconfigs = $this->getParam('allowed_phpconfigs', true, array());
 					$perlenabled = $this->getBoolParam('perlenabled', true, 0);
 					$dnsenabled = $this->getBoolParam('dnsenabled', true, 0);
 					$logviewenabled = $this->getBoolParam('logviewenabled', true, 0);
 				}
 				// validation
 				$name = \Froxlor\Validate\Validate::validate($name, 'name', '', '', array(), true);
 				$firstname = \Froxlor\Validate\Validate::validate($firstname, 'first name', '', '', array(), true);
@@ -340,11 +410,12 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 						'login' => $loginname
 					), true, true);
-					if (strtolower($loginname_check['loginname']) == strtolower($loginname) || strtolower($loginname_check_admin['loginname']) == strtolower($loginname)) {
+					$mysql_maxlen = \Froxlor\Database\Database::getSqlUsernameLength() - strlen(Settings::Get('customer.mysqlprefix'));
 					if (($loginname_check && strtolower($loginname_check['loginname']) == strtolower($loginname)) || ($loginname_check_admin && strtolower($loginname_check_admin['loginname']) == strtolower($loginname))) {
 						\Froxlor\UI\Response::standard_error('loginnameexists', $loginname, true);
-					} elseif (! \Froxlor\Validate\Validate::validateUsername($loginname, Settings::Get('panel.unix_names'), 14 - strlen(Settings::Get('customer.mysqlprefix')))) {
+					} elseif (! \Froxlor\Validate\Validate::validateUsername($loginname, Settings::Get('panel.unix_names'), $mysql_maxlen)) {
-						if (strlen($loginname) > 14 - strlen(Settings::Get('customer.mysqlprefix'))) {
+						if (strlen($loginname) > $mysql_maxlen) {
-							\Froxlor\UI\Response::standard_error('loginnameiswrong2', 14 - strlen(Settings::Get('customer.mysqlprefix')), true);
+							\Froxlor\UI\Response::standard_error('loginnameiswrong2', $mysql_maxlen, true);
 						} else {
 							\Froxlor\UI\Response::standard_error('loginnameiswrong', $loginname, true);
 						}
@@ -357,26 +428,6 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 						\Froxlor\UI\Response::standard_error('documentrootexists', $documentroot, true);
 					}
 					if ($createstdsubdomain != '1') {
 						$createstdsubdomain = '0';
 					}
 					if ($phpenabled != '0') {
 						$phpenabled = '1';
 					}
 					if ($perlenabled != '0') {
 						$perlenabled = '1';
 					}
 					if ($dnsenabled != '0') {
 						$dnsenabled = '1';
 					}
 					if ($logviewenabled != '0') {
 						$logviewenabled = '1';
 					}
 					if ($password == '') {
 						$password = \Froxlor\System\Crypt::generatePassword();
 					}
@@ -399,6 +450,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 						'email' => $email,
 						'customerno' => $customernumber,
 						'lang' => $def_language,
 						'api_allowed' => $api_allowed,
 						'docroot' => $documentroot,
 						'guid' => $guid,
 						'diskspace' => $diskspace,
@@ -439,6 +491,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 						`email` = :email,
 						`customernumber` = :customerno,
 						`def_language` = :lang,
 						`api_allowed` = :api_allowed,
 						`documentroot` = :docroot,
 						`guid` = :guid,
 						`diskspace` = :diskspace,
@@ -542,37 +595,14 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 					Database::pexecute($ins_stmt, $ins_data, true, true);
 					\Froxlor\System\Cronjob::inserttask('1');
 					$cryptPassword = \Froxlor\System\Crypt::makeCryptPassword($password);
 					// add FTP-User
 					// @fixme use Ftp-ApiCommand later
 					$ins_stmt = Database::prepare("
 						INSERT INTO `" . TABLE_FTP_USERS . "` SET `customerid` = :customerid, `username` = :username, `description` = :desc,
 						`password` = :passwd, `homedir` = :homedir, `login_enabled` = 'y', `uid` = :guid, `gid` = :guid
 					");
 					$ins_data = array(
 						'customerid' => $customerid,
 						'username' => $loginname,
 						'passwd' => $cryptPassword,
 						'homedir' => $documentroot,
 						'guid' => $guid,
 						'desc' => "Default"
 					);
 					Database::pexecute($ins_stmt, $ins_data, true, true);
 					// add FTP-Group
 					// @fixme use Ftp-ApiCommand later
 					$ins_stmt = Database::prepare("
 						INSERT INTO `" . TABLE_FTP_GROUPS . "` SET `customerid` = :customerid, `groupname` = :groupname, `gid` = :guid, `members` = :members
 					");
 					$ins_data = array(
 						'customerid' => $customerid,
 						'groupname' => $loginname,
 						'guid' => $guid,
 						'members' => $loginname . ',' . Settings::Get('system.httpuser')
 					);
 					// add default FTP-User
 					// also, add froxlor-local user to ftp-group (if exists!) to
 					// allow access to customer-directories from within the panel, which
 					// is necessary when pathedit = Dropdown
 					$local_users = array(
 						Settings::Get('system.httpuser')
 					);
 					if ((int) Settings::Get('system.mod_fcgid_ownvhost') == 1 || (int) Settings::Get('phpfpm.enabled_ownvhost') == 1) {
 						if ((int) Settings::Get('system.mod_fcgid') == 1) {
 							$local_user = Settings::Get('system.mod_fcgid_httpuser');
@@ -581,22 +611,20 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 						}
 						// check froxlor-local user membership in ftp-group
 						// without this check addition may duplicate user in list if httpuser == local_user
-						if (strpos($ins_data['members'], $local_user) == false) {
+						if (in_array($local_user, $local_users) == false) {
-							$ins_data['members'] .= ',' . $local_user;
+							$local_users[] = $local_user;
 						}
 					}
-					Database::pexecute($ins_stmt, $ins_data, true, true);
+					$this->apiCall('Ftps.add', array(
-
+						'customerid' => $customerid,
-					// FTP-Quotatallies
+						'path' => '/',
-					// @fixme use Ftp-ApiCommand later
+						'ftp_password' => $password,
-					$ins_stmt = Database::prepare("
+						'ftp_description' => "Default",
-						INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` SET `name` = :name, `quota_type` = 'user', `bytes_in_used` = '0',
+						'sendinfomail' => 0,
-						`bytes_out_used` = '0', `bytes_xfer_used` = '0', `files_in_used` = '0', `files_out_used` = '0', `files_xfer_used` = '0'
+						'ftp_username' => $loginname,
-					");
+						'additional_members' => $local_users,
-					Database::pexecute($ins_stmt, array(
+						'is_defaultuser' => 1
-						'name' => $loginname
+					));
 					), true, true);
 					$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] automatically added ftp-account for user '" . $loginname . "'");
 					$_stdsubdomain = '';
 					if ($createstdsubdomain == '1') {
@@ -661,6 +689,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 								'name' => $name,
 								'company' => $company
 							)),
 							'CUSTOMER_NO' => $customernumber,
 							'USERNAME' => $loginname,
 							'PASSWORD' => $password,
 							'SERVER_HOSTNAME' => $srv_hostname,
@@ -749,6 +778,8 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 	 *        	optional
 	 * @param string $def_language,
 	 *        	optional, default is system-default language
 	 * @param bool $api_allowed
 	 *        	optional, default is true if system setting api.enabled is true, else false
 	 * @param int $gender
 	 *        	optional, 0 = no-gender, 1 = male, 2 = female
 	 * @param string $custom_notes
@@ -851,6 +882,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 			$fax = $this->getParam('fax', true, $result['fax']);
 			$customernumber = $this->getParam('customernumber', true, $result['customernumber']);
 			$def_language = $this->getParam('def_language', true, $result['def_language']);
 			$api_allowed = $this->getBoolParam('api_allowed', true, $result['api_allowed']);
 			$gender = (int) $this->getParam('gender', true, $result['gender']);
 			$custom_notes = $this->getParam('custom_notes', true, $result['custom_notes']);
 			$custom_notes_show = $this->getBoolParam('custom_notes_show', true, $result['custom_notes_show']);
@@ -897,7 +929,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 			$email = $idna_convert->encode(\Froxlor\Validate\Validate::validate($email, 'email', '', '', array(), true));
 			$customernumber = \Froxlor\Validate\Validate::validate($customernumber, 'customer number', '/^[A-Za-z0-9 \-]*$/Di', '', array(), true);
 			$custom_notes = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $custom_notes), 'custom_notes', '/^[^\0]*$/', '', array(), true);
-			if (!empty($allowed_phpconfigs)) {
+			if (! empty($allowed_phpconfigs)) {
 				$allowed_phpconfigs = array_map('intval', $allowed_phpconfigs);
 			}
 		}
@@ -993,30 +1025,10 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 				\Froxlor\System\Cronjob::inserttask('1');
 			}
 			if ($deactivated != '1') {
 				$deactivated = '0';
 			}
 			if ($phpenabled != '0') {
 				$phpenabled = '1';
 			}
 			if ($perlenabled != '0') {
 				$perlenabled = '1';
 			}
 			if ($dnsenabled != '0') {
 				$dnsenabled = '1';
 			}
 			if ($phpenabled != $result['phpenabled'] || $perlenabled != $result['perlenabled']) {
 				\Froxlor\System\Cronjob::inserttask('1');
 			}
 			if ($logviewenabled != '0') {
 				$logviewenabled = '1';
 			}
 			// activate/deactivate customer services
 			if ($deactivated != $result['deactivated']) {
@@ -1061,6 +1073,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 				$dbm = new \Froxlor\Database\DbManager($this->logger());
 				// For each of them
 				$priv_changed = false;
 				while ($row_database = $databases_stmt->fetch(\PDO::FETCH_ASSOC)) {
 					if ($last_dbserver != $row_database['dbserver']) {
@@ -1081,10 +1094,13 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 							$dbm->getManager()->enableUser($row_database['databasename'], $mysql_access_host);
 						}
 					}
 					$priv_changed = true;
 				}
 				// At last flush the new privileges
-				$dbm->getManager()->flushPrivileges();
+				if ($priv_changed) {
 					$dbm->getManager()->flushPrivileges();
 				}
 				Database::needRoot(false);
 				// reactivate/deactivate api-keys
@@ -1156,7 +1172,8 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 				'dnsenabled' => $dnsenabled,
 				'logviewenabled' => $logviewenabled,
 				'custom_notes' => $custom_notes,
-				'custom_notes_show' => $custom_notes_show
+				'custom_notes_show' => $custom_notes_show,
 				'api_allowed' => $api_allowed
 			);
 			$upd_data = $upd_data + $admin_upd_data;
 		}
@@ -1197,7 +1214,8 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 				`dnsenabled` = :dnsenabled,
 				`logviewenabled` = :logviewenabled,
 				`custom_notes` = :custom_notes,
-				`custom_notes_show` = :custom_notes_show";
+				`custom_notes_show` = :custom_notes_show,
 				`api_allowed` = :api_allowed";
 			$upd_query .= $admin_upd_query;
 		}
 		$upd_query .= " WHERE `customerid` = :customerid";
@@ -1365,6 +1383,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 			$dbm = new \Froxlor\Database\DbManager($this->logger());
 			$priv_changed = false;
 			while ($row_database = $databases_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				if ($last_dbserver != $row_database['dbserver']) {
 					Database::needRoot(true, $row_database['dbserver']);
@@ -1372,8 +1391,11 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 					$last_dbserver = $row_database['dbserver'];
 				}
 				$dbm->getManager()->deleteDatabase($row_database['databasename']);
 				$priv_changed = true;
 			}
 			if ($priv_changed) {
 				$dbm->getManager()->flushPrivileges();
 			}
 			$dbm->getManager()->flushPrivileges();
 			Database::needRoot(false);
 			// delete customer itself
@@ -1388,7 +1410,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 				'id' => $id
 			), true, true);
-			// first gather all domain-id's to clean up panel_domaintoip and dns-entries accordingly
+			// first gather all domain-id's to clean up panel_domaintoip, dns-entries and certificates accordingly
 			$did_stmt = Database::prepare("SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid` = :id");
 			Database::pexecute($did_stmt, array(
 				'id' => $id
@@ -1404,6 +1426,11 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 				Database::pexecute($stmt, array(
 					'did' => $row['id']
 				), true, true);
 				// remove domain->certificates entries
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = :did");
 				Database::pexecute($stmt, array(
 					'did' => $row['id']
 				), true, true);
 			}
 			// remove customer domains
 			$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid` = :id");
--- a/lib/Froxlor/Api/Commands/DirOptions.php
+++ b/lib/Froxlor/Api/Commands/DirOptions.php
@@ -96,7 +96,7 @@ class DirOptions extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		), true, true);
 		// duplicate check
-		if ($path_dupe_check['path'] == $path) {
+		if ($path_dupe_check && $path_dupe_check['path'] == $path) {
 			\Froxlor\UI\Response::standard_error('errordocpathdupe', $userpath, true);
 		}
@@ -285,7 +285,15 @@ class DirOptions extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	 *        	optional, admin-only, select directory-protections of a specific customer by id
 	 * @param string $loginname
 	 *        	optional, admin-only, select directory-protections of a specific customer by loginname
-	 *        	
+	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
@@ -298,11 +306,11 @@ class DirOptions extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		$customer_ids = $this->getAllowedCustomerIds('extras.pathoptions');
 		$result = array();
 		$query_fields = array();
 		$result_stmt = Database::prepare("
 			SELECT * FROM `" . TABLE_PANEL_HTACCESS . "`
-			WHERE `customerid` IN (" . implode(', ', $customer_ids) . ")
+			WHERE `customerid` IN (" . implode(', ', $customer_ids) . ")" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
-		");
+		Database::pexecute($result_stmt, $query_fields, true, true);
 		Database::pexecute($result_stmt, null, true, true);
 		while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
@@ -313,6 +321,36 @@ class DirOptions extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		));
 	}
 	/**
 	 * returns the total number of accessable directory options
 	 *
 	 * @param int $customerid
 	 *        	optional, admin-only, select directory-protections of a specific customer by id
 	 * @param string $loginname
 	 *        	optional, admin-only, select directory-protections of a specific customer by loginname
 	 *
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
 	 */
 	public function listingCount()
 	{
 		if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'extras')) {
 			throw new \Exception("You cannot access this resource", 405);
 		}
 		$customer_ids = $this->getAllowedCustomerIds('extras.pathoptions');
 		$result = array();
 		$result_stmt = Database::prepare("
 			SELECT COUNT(*) as num_htaccess FROM `" . TABLE_PANEL_HTACCESS . "`
 			WHERE `customerid` IN (" . implode(', ', $customer_ids) . ")
 		");
 		$result = Database::pexecute_first($result_stmt, null, true, true);
 		if ($result) {
 			return $this->response(200, "successfull", $result['num_htaccess']);
 		}
 	}
 	/**
 	 * delete a directory-options by id
 	 *
@@ -373,7 +411,7 @@ class DirOptions extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		Database::pexecute($stmt, array(
 			"customerid" => $customer_data['customerid'],
 			"id" => $id
-		));
+		), true, true);
 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_INFO, "[API] deleted directory-option for '" . str_replace($customer_data['documentroot'], '/', $result['path']) . "'");
 		\Froxlor\System\Cronjob::inserttask('1');
 		return $this->response(200, "successfull", $result);
@@ -394,7 +432,7 @@ class DirOptions extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	{
 		if ($errdoc !== null && $errdoc != '') {
 			// not a URL
-			if ((strtoupper(substr($errdoc, 0, 5)) != 'HTTP:' && strtoupper(substr($errdoc, 0, 6)) != 'HTTPS:') || ! \Froxlor\Validate\Form\Data::validateUrl($errdoc)) {
+			if ((strtoupper(substr($errdoc, 0, 5)) != 'HTTP:' && strtoupper(substr($errdoc, 0, 6)) != 'HTTPS:') || ! \Froxlor\Validate\Validate::validateUrl($errdoc)) {
 				// a file
 				if (substr($errdoc, 0, 1) != '"') {
 					$errdoc = \Froxlor\FileDir::makeCorrectFile($errdoc);
--- a/lib/Froxlor/Api/Commands/DirProtections.php
+++ b/lib/Froxlor/Api/Commands/DirProtections.php
@@ -81,7 +81,7 @@ class DirProtections extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Res
 		$password_enc = \Froxlor\System\Crypt::makeCryptPassword($password, true);
 		// duplicate check
-		if ($username_path_check['username'] == $username && $username_path_check['path'] == $path) {
+		if ($username_path_check && $username_path_check['username'] == $username && $username_path_check['path'] == $path) {
 			\Froxlor\UI\Response::standard_error('userpathcombinationdupe', '', true);
 		} elseif ($password == $username) {
 			\Froxlor\UI\Response::standard_error('passwordshouldnotbeusername', '', true);
@@ -268,7 +268,15 @@ class DirProtections extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Res
 	 *        	optional, admin-only, select directory-protections of a specific customer by id
 	 * @param string $loginname
 	 *        	optional, admin-only, select directory-protections of a specific customer by loginname
-	 *        	
+	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
@@ -281,11 +289,11 @@ class DirProtections extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Res
 		$customer_ids = $this->getAllowedCustomerIds('extras.directoryprotection');
 		$result = array();
 		$query_fields = array();
 		$result_stmt = Database::prepare("
 			SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "`
-			WHERE `customerid` IN (" . implode(', ', $customer_ids) . ")
+			WHERE `customerid` IN (" . implode(', ', $customer_ids) . ")" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
-		");
+		Database::pexecute($result_stmt, $query_fields, true, true);
 		Database::pexecute($result_stmt, null, true, true);
 		while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
@@ -296,6 +304,36 @@ class DirProtections extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Res
 		));
 	}
 	/**
 	 * returns the total number of accessable directory protections
 	 *
 	 * @param int $customerid
 	 *        	optional, admin-only, select directory-protections of a specific customer by id
 	 * @param string $loginname
 	 *        	optional, admin-only, select directory-protections of a specific customer by loginname
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
 	 */
 	public function listingCount()
 	{
 		if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'extras')) {
 			throw new \Exception("You cannot access this resource", 405);
 		}
 		$customer_ids = $this->getAllowedCustomerIds('extras.directoryprotection');
 		$result = array();
 		$result_stmt = Database::prepare("
 			SELECT COUNT(*) as num_htpasswd FROM `" . TABLE_PANEL_HTPASSWDS . "`
 			WHERE `customerid` IN (" . implode(', ', $customer_ids) . ")
 		");
 		$result = Database::pexecute_first($result_stmt, null, true, true);
 		if ($result) {
 			return $this->response(200, "successfull", $result['num_htpasswd']);
 		}
 	}
 	/**
 	 * delete a directory-protection by either id or username
 	 *
--- a/lib/Froxlor/Api/Commands/DomainZones.php
+++ b/lib/Froxlor/Api/Commands/DomainZones.php
@@ -138,6 +138,43 @@ class DomainZones extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			$errors[] = $this->lng['error']['dns_arec_noipv4'];
 		} elseif ($type == 'AAAA' && filter_var($content, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false) {
 			$errors[] = $this->lng['error']['dns_aaaarec_noipv6'];
 		} elseif ($type == 'CAA' && ! empty($content)) {
 			$re = '/(?\'critical\'\d)\h*(?\'type\'iodef|issue|issuewild)\h*(?\'value\'(?\'issuevalue\'"(?\'domain\'(?=.{3,128}$)(?>(?>[a-zA-Z0-9]+[a-zA-Z0-9-]*[a-zA-Z0-9]+|[a-zA-Z0-9]+)\.)*(?>[a-zA-Z]{2,}|[a-zA-Z0-9]{2,}\.[a-zA-Z]{2,}))[;\h]*(?\'parameters\'(?>[a-zA-Z0-9]{1,60}=[a-zA-Z0-9]{1,60}\h*)+)?")|(?\'iodefvalue\'"(?\'url\'(mailto:.*|http:\/\/.*|https:\/\/.*))"))/';
 			preg_match($re, $content, $matches);
 			if (empty($matches)) {
 				$errors[] = $this->lng['error']['dns_content_invalid'];
 			} elseif (($matches['type'] == 'issue' || $matches['type'] == 'issuewild') && ! \Froxlor\Validate\Validate::validateDomain($matches['domain'])) {
 				$errors[] = $this->lng['error']['dns_content_invalid'];
 			} elseif ($matches['type'] == 'iodef' && ! \Froxlor\Validate\Validate::validateUrl($matches['url'])) {
 				$errors[] = $this->lng['error']['dns_content_invalid'];
 			} else {
 				$content = $matches[0];
 			}
 		} elseif ($type == 'CNAME' || $type == 'DNAME') {
 			// check for trailing dot
 			if (substr($content, - 1) == '.') {
 				// remove it for checks
 				$content = substr($content, 0, - 1);
 			} else {
 				// add domain name
 				$content .= '.' . $domain;
 			}
 			if (! \Froxlor\Validate\Validate::validateDomain($content, true)) {
 				$errors[] = $this->lng['error']['dns_cname_invaliddom'];
 			} else {
 				// check whether there are RR-records for the same resource
 				foreach ($dom_entries as $existing_entries) {
 					if (($existing_entries['type'] == 'A' || $existing_entries['type'] == 'AAAA' || $existing_entries['type'] == 'MX' || $existing_entries['type'] == 'NS') && $existing_entries['record'] == $record) {
 						$errors[] = $this->lng['error']['dns_cname_nomorerr'];
 						break;
 					}
 				}
 			}
 			// append trailing dot (again)
 			$content .= '.';
 		} elseif ($type == 'LOC' && ! empty($content)) {
 			$content = $content;
 		} elseif ($type == 'MX') {
 			if ($prio === null || $prio < 0) {
 				$errors[] = $this->lng['error']['dns_mx_prioempty'];
@@ -161,28 +198,6 @@ class DomainZones extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			}
 			// append trailing dot (again)
 			$content .= '.';
 		} elseif ($type == 'CNAME') {
 			// check for trailing dot
 			if (substr($content, - 1) == '.') {
 				// remove it for checks
 				$content = substr($content, 0, - 1);
 			} else {
 				// add domain name
 				$content .= '.' . $domain;
 			}
 			if (! \Froxlor\Validate\Validate::validateDomain($content, true)) {
 				$errors[] = $this->lng['error']['dns_cname_invaliddom'];
 			} else {
 				// check whether there are RR-records for the same resource
 				foreach ($dom_entries as $existing_entries) {
 					if (($existing_entries['type'] == 'A' || $existing_entries['type'] == 'AAAA' || $existing_entries['type'] == 'MX' || $existing_entries['type'] == 'NS') && $existing_entries['record'] == $record) {
 						$errors[] = $this->lng['error']['dns_cname_nomorerr'];
 						break;
 					}
 				}
 			}
 			// append trailing dot (again)
 			$content .= '.';
 		} elseif ($type == 'NS') {
 			// check for trailing dot
 			if (substr($content, - 1) == '.') {
@@ -194,9 +209,8 @@ class DomainZones extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			}
 			// append trailing dot (again)
 			$content .= '.';
-		} elseif ($type == 'TXT' && ! empty($content)) {
+		} elseif ($type == 'RP' && ! empty($content)) {
-			// check that TXT content is enclosed in " "
+			$content = $content;
 			$content = \Froxlor\Dns\Dns::encloseTXTContent($content);
 		} elseif ($type == 'SRV') {
 			if ($prio === null || $prio < 0) {
 				$errors[] = $this->lng['error']['dns_srv_prioempty'];
@@ -232,6 +246,11 @@ class DomainZones extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			if (substr($content, - 1) != '.') {
 				$content .= '.';
 			}
 		} elseif ($type == 'SSHFP' && ! empty($content)) {
 			$content = $content;
 		} elseif ($type == 'TXT' && ! empty($content)) {
 			// check that TXT content is enclosed in " "
 			$content = \Froxlor\Dns\Dns::encloseTXTContent($content);
 		}
 		$new_entry = array(
@@ -354,12 +373,99 @@ class DomainZones extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 	}
 	/**
-	 * You cannot list dns zones.
+	 * List all entry records of a given domain by either id or domainname
-	 * To get all domains use Domains.listing() or SubDomains.listing()
+	 *
 	 * @param int $id
 	 *        	optional, the domain id
 	 * @param string $domainname
 	 *        	optional, the domain name
 	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return bool
 	 */
 	public function listing()
 	{
-		throw new \Exception('You cannot list dns zones. To get all domains use Domains.listing() or SubDomains.listing()', 303);
+		if (Settings::Get('system.dnsenabled') != '1') {
 			throw new \Exception("DNS service not enabled on this system", 405);
 		}
 		if ($this->isAdmin() == false && $this->getUserDetail('dnsenabled') != '1') {
 			throw new \Exception("You cannot access this resource", 405);
 		}
 		$id = $this->getParam('id', true, 0);
 		$dn_optional = ($id <= 0 ? false : true);
 		$domainname = $this->getParam('domainname', $dn_optional, '');
 		// get requested domain
 		$result = $this->apiCall('SubDomains.get', array(
 			'id' => $id,
 			'domainname' => $domainname
 		));
 		$id = $result['id'];
 		$query_fields = array();
 		$sel_stmt = Database::prepare("SELECT * FROM `" . TABLE_DOMAIN_DNS . "` WHERE `domain_id` = :did" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
 		$query_fields['did'] = $id;
 		Database::pexecute($sel_stmt, $query_fields, true, true);
 		$result = [];
 		while ($row = $sel_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
 		return $this->response(200, "successfull", array(
 			'count' => count($result),
 			'list' => $result
 		));
 	}
 	/**
 	 * returns the total number of domainzone-entries for given domain
 	 *
 	 * @param int $id
 	 *        	optional, the domain id
 	 * @param string $domainname
 	 *        	optional, the domain name
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return bool
 	 */
 	public function listingCount()
 	{
 		if (Settings::Get('system.dnsenabled') != '1') {
 			throw new \Exception("DNS service not enabled on this system", 405);
 		}
 		if ($this->isAdmin() == false && $this->getUserDetail('dnsenabled') != '1') {
 			throw new \Exception("You cannot access this resource", 405);
 		}
 		$id = $this->getParam('id', true, 0);
 		$dn_optional = ($id <= 0 ? false : true);
 		$domainname = $this->getParam('domainname', $dn_optional, '');
 		// get requested domain
 		$result = $this->apiCall('SubDomains.get', array(
 			'id' => $id,
 			'domainname' => $domainname
 		));
 		$id = $result['id'];
 		$sel_stmt = Database::prepare("SELECT COUNT(*) as num_dns FROM `" . TABLE_DOMAIN_DNS . "` WHERE `domain_id` = :did");
 		$result = Database::pexecute_first($sel_stmt, array(
 			'did' => $id
 		), true, true);
 		if ($result) {
 			return $this->response(200, "successfull", $result['num_dns']);
 		}
 	}
 	/**
--- a/lib/Froxlor/Api/Commands/Domains.php
+++ b/lib/Froxlor/Api/Commands/Domains.php
@@ -25,6 +25,17 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	/**
 	 * lists all domain entries
 	 *
 	 * @param bool $with_ips
 	 *        	optional, default true
 	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *        	
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
@@ -32,7 +43,9 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	public function listing()
 	{
 		if ($this->isAdmin()) {
 			$with_ips = $this->getParam('with_ips', true, true);
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list domains");
 			$query_fields = array();
 			$result_stmt = Database::prepare("
 				SELECT
 				`d`.*, `c`.`loginname`, `c`.`deactivated`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`standardsubdomain`,
@@ -40,14 +53,19 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				FROM `" . TABLE_PANEL_DOMAINS . "` `d`
 				LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`)
 				LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id`
-				WHERE `d`.`parentdomainid`='0' " . ($this->getUserDetail('customers_see_all') ? '' : " AND `d`.`adminid` = :adminid "));
+				WHERE `d`.`parentdomainid`='0' " . ($this->getUserDetail('customers_see_all') ? '' : " AND `d`.`adminid` = :adminid ") . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
 			$params = array();
 			if ($this->getUserDetail('customers_see_all') == '0') {
 				$params['adminid'] = $this->getUserDetail('adminid');
 			}
-			Database::pexecute($result_stmt, $params);
+			$params = array_merge($params, $query_fields);
 			Database::pexecute($result_stmt, $params, true, true);
 			$result = array();
 			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				$row['ipsandports'] = array();
 				if ($with_ips) {
 					$row['ipsandports'] = $this->getIpsForDomain($row['id']);
 				}
 				$result[] = $row;
 			}
 			return $this->response(200, "successfull", array(
@@ -58,6 +76,36 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * returns the total number of accessable domains
 	 *
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
 	 */
 	public function listingCount()
 	{
 		if ($this->isAdmin()) {
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list domains");
 			$result_stmt = Database::prepare("
 				SELECT
 				COUNT(*) as num_domains
 				FROM `" . TABLE_PANEL_DOMAINS . "` `d`
 				LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`)
 				LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id`
 				WHERE `d`.`parentdomainid`='0' " . ($this->getUserDetail('customers_see_all') ? '' : " AND `d`.`adminid` = :adminid "));
 			$params = array();
 			if ($this->getUserDetail('customers_see_all') == '0') {
 				$params['adminid'] = $this->getUserDetail('adminid');
 			}
 			$result = Database::pexecute_first($result_stmt, $params, true, true);
 			if ($result) {
 				return $this->response(200, "successfull", $result['num_domains']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * return a domain entry by either id or domainname
 	 *
@@ -65,6 +113,8 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 *        	optional, the domain-id
 	 * @param string $domainname
 	 *        	optional, the domainname
 	 * @param bool $with_ips
 	 *        	optional, default true
 	 * @param bool $no_std_subdomain
 	 *        	optional, default false
 	 *        	
@@ -78,6 +128,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			$id = $this->getParam('id', true, 0);
 			$dn_optional = ($id <= 0 ? false : true);
 			$domainname = $this->getParam('domainname', $dn_optional, '');
 			$with_ips = $this->getParam('with_ips', true, true);
 			$no_std_subdomain = $this->getParam('no_std_subdomain', true, false);
 			// convert possible idn domain to punycode
@@ -100,6 +151,10 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			}
 			$result = Database::pexecute_first($result_stmt, $params, true, true);
 			if ($result) {
 				$result['ipsandports'] = array();
 				if ($with_ips) {
 					$result['ipsandports'] = $this->getIpsForDomain($result['id']);
 				}
 				$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] get domain '" . $result['domain'] . "'");
 				return $this->response(200, "successfull", $result);
 			}
@@ -109,6 +164,35 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * get ips connected to given domain as array
 	 *
 	 * @param number $domain_id
 	 * @param bool $ssl_only
 	 *        	optional, return only ssl enabled ip's, default false
 	 * @return array
 	 */
 	private function getIpsForDomain($domain_id = 0, $ssl_only = false)
 	{
 		$resultips_stmt = Database::prepare("
 			SELECT `ips`.* FROM `" . TABLE_DOMAINTOIP . "` AS `dti`, `" . TABLE_PANEL_IPSANDPORTS . "` AS `ips`
 			WHERE `dti`.`id_ipandports` = `ips`.`id` AND `dti`.`id_domain` = :domainid " . ($ssl_only ? " AND `ips`.`ssl` = '1'" : ""));
 		Database::pexecute($resultips_stmt, array(
 			'domainid' => $domain_id
 		));
 		$ipandports = array();
 		while ($rowip = $resultips_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			if (filter_var($rowip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
 				$rowip['is_ipv6'] = true;
 			}
 			$ipandports[] = $rowip;
 		}
 		return $ipandports;
 	}
 	/**
 	 * add new domain entry
 	 *
@@ -119,8 +203,8 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 *        	optional, default is the calling admin's ID
 	 * @param array $ipandport
 	 *        	optional list of ip/ports to assign to domain, default is system-default-ips
-	 * @param bool $subcanemaildomain
+	 * @param int $subcanemaildomain
-	 *        	optional, allow subdomains of this domain as email domains, default 0 (false)
+	 *        	optional, allow subdomains of this domain as email domains, 1 = choosable (default no), 2 = choosable (default yes), 3 = always, default 0 (never)
 	 * @param bool $isemaildomain
 	 *        	optional, allow email usage with this domain, default 0 (false)
 	 * @param bool $email_only
@@ -147,6 +231,10 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 *        	optional, currently not in use, default 0 (false)
 	 * @param string $specialsettings
 	 *        	optional, custom webserver vhost-content which is added to the generated vhost, default empty
 	 * @param string $ssl_specialsettings
 	 *        	optional, custom webserver vhost-content which is added to the generated ssl-vhost, default empty
 	 * @param bool $include_specialsettings
 	 *        	optional, whether or not to include non-ssl specialsettings in the generated ssl-vhost, default false
 	 * @param bool $notryfiles
 	 *        	optional, [nginx only] do not generate the default try-files directive, default 0 (false)
 	 * @param bool $writeaccesslog
@@ -170,7 +258,11 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 * @param bool $letsencrypt
 	 *        	optional, whether to generate a Let's Encrypt certificate for this domain, default false; requires SSL to be enabled
 	 * @param array $ssl_ipandport
-	 *        	optional, list of ssl-enabled ip/port id's to assign to this domain
+	 *        	optional, list of ssl-enabled ip/port id's to assign to this domain, default empty
 	 * @param bool $dont_use_default_ssl_ipandport_if_empty
 	 *        	optional, do NOT set the systems default ssl ip addresses if none are given via $ssl_ipandport parameter
 	 * @param bool $sslenabled
 	 *        	optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default 1 (true)
 	 * @param bool $http2
 	 *        	optional, whether to enable http/2 for this domain (requires to be enabled in the settings), default 0 (false)
 	 * @param int $hsts_maxage
@@ -181,6 +273,18 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 *        	optional whether or not to preload HSTS header value
 	 * @param bool $ocsp_stapling
 	 *        	optional whether to enable ocsp-stapling for this domain. default 0 (false), requires SSL
 	 * @param bool $honorcipherorder
 	 *        	optional whether to honor the (server) cipher order for this domain. default 0 (false), requires SSL
 	 * @param bool $sessiontickets
 	 *        	optional whether to enable or disable TLS sessiontickets (RFC 5077) for this domain. default 1 (true), requires SSL
 	 * @param bool $override_tls
 	 *        	optional whether or not to override system-tls settings like protocol, ssl-ciphers and if applicable tls-1.3 ciphers, requires change_serversettings flag for the admin, default false
 	 * @param array $ssl_protocols
 	 *        	optional list of allowed/used ssl/tls protocols, see system.ssl_protocols setting, only used/required if $override_tls is true, default empty or system.ssl_protocols setting if $override_tls is true
 	 * @param string $ssl_cipher_list
 	 *        	optional list of allowed/used ssl/tls ciphers, see system.ssl_cipher_list setting, only used/required if $override_tls is true, default empty or system.ssl_cipher_list setting if $override_tls is true
 	 * @param string $tlsv13_cipher_list
 	 *        	optional list of allowed/used tls-1.3 specific ciphers, see system.tlsv13_cipher_list setting, only used/required if $override_tls is true, default empty or system.tlsv13_cipher_list setting if $override_tls is true
 	 *        	
 	 * @access admin
 	 * @throws \Exception
@@ -212,6 +316,8 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				$zonefile = $this->getParam('zonefile', true, '');
 				$dkim = $this->getBoolParam('dkim', true, 0);
 				$specialsettings = $this->getParam('specialsettings', true, '');
 				$ssl_specialsettings = $this->getParam('ssl_specialsettings', true, '');
 				$include_specialsettings = $this->getBoolParam('include_specialsettings', true, 0);
 				$notryfiles = $this->getBoolParam('notryfiles', true, 0);
 				$writeaccesslog = $this->getBoolParam('writeaccesslog', true, 1);
 				$writeerrorlog = $this->getBoolParam('writeerrorlog', true, 1);
@@ -223,15 +329,33 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				$mod_fcgid_maxrequests = $this->getParam('mod_fcgid_maxrequests', true, - 1);
 				$ssl_redirect = $this->getBoolParam('ssl_redirect', true, 0);
 				$letsencrypt = $this->getBoolParam('letsencrypt', true, 0);
-				$p_ssl_ipandports = $this->getParam('ssl_ipandport', true, explode(',', Settings::Get('system.defaultsslip')));
+				$dont_use_default_ssl_ipandport_if_empty = $this->getBoolParam('dont_use_default_ssl_ipandport_if_empty', true, 0);
 				$p_ssl_ipandports = $this->getParam('ssl_ipandport', true, $dont_use_default_ssl_ipandport_if_empty ? array() : explode(',', Settings::Get('system.defaultsslip')));
 				$sslenabled = $this->getBoolParam('sslenabled', true, 1);
 				$http2 = $this->getBoolParam('http2', true, 0);
 				$hsts_maxage = $this->getParam('hsts_maxage', true, 0);
 				$hsts_sub = $this->getBoolParam('hsts_sub', true, 0);
 				$hsts_preload = $this->getBoolParam('hsts_preload', true, 0);
 				$ocsp_stapling = $this->getBoolParam('ocsp_stapling', true, 0);
 				$honorcipherorder = $this->getBoolParam('honorcipherorder', true, 0);
 				$sessiontickets = $this->getBoolParam('sessiontickets', true, 1);
 				$override_tls = $this->getBoolParam('override_tls', true, 0);
 				$p_ssl_protocols = array();
 				$ssl_cipher_list = "";
 				$tlsv13_cipher_list = "";
 				if ($this->getUserDetail('change_serversettings') == '1') {
 					if ($override_tls) {
 						$p_ssl_protocols = $this->getParam('ssl_protocols', true, explode(',', Settings::Get('system.ssl_protocols')));
 						$ssl_cipher_list = $this->getParam('ssl_cipher_list', true, Settings::Get('system.ssl_cipher_list'));
 						$tlsv13_cipher_list = $this->getParam('tlsv13_cipher_list', true, Settings::Get('system.tlsv13_cipher_list'));
 					}
 				}
 				// validation
-				if ($p_domain == Settings::Get('system.hostname')) {
+				$p_domain = strtolower($p_domain);
 				if ($p_domain == strtolower(Settings::Get('system.hostname'))) {
 					\Froxlor\UI\Response::standard_error('admin_domain_emailsystemhostname', '', true);
 				}
@@ -283,7 +407,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 					'0',
 					''
 				), true);
-				if ($registration_date == '0000-00-00') {
+				if ($registration_date == '0000-00-00' || empty($registration_date)) {
 					$registration_date = null;
 				}
@@ -292,7 +416,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 					'0',
 					''
 				), true);
-				if ($termination_date == '0000-00-00') {
+				if ($termination_date == '0000-00-00' || empty($termination_date)) {
 					$termination_date = null;
 				}
@@ -316,6 +440,34 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 					} else {
 						$documentroot = $_documentroot;
 					}
 					$ssl_protocols = array();
 					if (! empty($p_ssl_protocols) && is_numeric($p_ssl_protocols)) {
 						$p_ssl_protocols = array(
 							$p_ssl_protocols
 						);
 					}
 					if (! empty($p_ssl_protocols) && ! is_array($p_ssl_protocols)) {
 						$p_ssl_protocols = json_decode($p_ssl_protocols, true);
 					}
 					if (! empty($p_ssl_protocols) && is_array($p_ssl_protocols)) {
 						$protocols_available = array(
 							'TLSv1',
 							'TLSv1.1',
 							'TLSv1.2',
 							'TLSv1.3'
 						);
 						foreach ($p_ssl_protocols as $ssl_protocol) {
 							if (! in_array(trim($ssl_protocol), $protocols_available)) {
 								$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_DEBUG, "[API] unknown SSL protocol '" . trim($ssl_protocol) . "'");
 								continue;
 							}
 							$ssl_protocols[] = $ssl_protocol;
 						}
 					}
 					if (empty($ssl_protocols)) {
 						$override_tls = '0';
 					}
 				} else {
 					$isbinddomain = '0';
 					if (Settings::Get('system.bind_enable') == '1') {
@@ -325,10 +477,14 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 					$zonefile = '';
 					$dkim = '0';
 					$specialsettings = '';
 					$ssl_specialsettings = '';
 					$include_specialsettings = 0;
 					$notryfiles = '0';
 					$writeaccesslog = '1';
 					$writeerrorlog = '1';
 					$documentroot = $_documentroot;
 					$override_tls = '0';
 					$ssl_protocols = array();
 				}
 				if ($this->getUserDetail('caneditphpsettings') == '1' || $this->getUserDetail('change_serversettings') == '1') {
@@ -388,6 +544,10 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				$ssl_ipandports = array();
 				if (Settings::Get('system.use_ssl') == "1" && ! empty($p_ssl_ipandports)) {
 					$ssl_ipandports = $this->validateIpAddresses($p_ssl_ipandports, true);
 					if ($this->getUserDetail('change_serversettings') == '1') {
 						$ssl_specialsettings = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $ssl_specialsettings), 'ssl_specialsettings', '/^[^\0]*$/', '', array(), true);
 					}
 				}
 				if (Settings::Get('system.use_ssl') == "0" || empty($ssl_ipandports)) {
 					$ssl_redirect = 0;
@@ -404,17 +564,16 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 					// OCSP stapling
 					$ocsp_stapling = 0;
 					// vhost container settings
 					$ssl_specialsettings = '';
 					$include_specialsettings = 0;
 				}
-				// We can't enable let's encrypt for wildcard - domains if using acme-v1
+				// We can't enable let's encrypt for wildcard-domains
-				if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') {
+				if ($serveraliasoption == '0' && $letsencrypt == '1') {
 					\Froxlor\UI\Response::standard_error('nowildcardwithletsencrypt', '', true);
 				}
 				// if using acme-v2 we cannot issue wildcard-certificates
 				// because they currently only support the dns-01 challenge
 				if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') {
 					\Froxlor\UI\Response::standard_error('nowildcardwithletsencryptv2', '', true);
 				}
 				// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
 				if ($ssl_redirect > 0 && $letsencrypt == 1) {
@@ -515,9 +674,9 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 					), '', true);
 				} elseif ($customerid == 0) {
 					\Froxlor\UI\Response::standard_error('adduserfirst', '', true);
-				} elseif (strtolower($domain_check['domain']) == strtolower($domain)) {
+				} elseif ($domain_check && strtolower($domain_check['domain']) == strtolower($domain)) {
 					\Froxlor\UI\Response::standard_error('domainalreadyexists', $idna_convert->decode($domain), true);
-				} elseif ($aliasdomain_check['id'] != $aliasdomain) {
+				} elseif ($aliasdomain_check && $aliasdomain_check['id'] != $aliasdomain) {
 					\Froxlor\UI\Response::standard_error('domainisaliasorothercustomer', '', true);
 				} else {
 					$wwwserveralias = ($serveraliasoption == '1') ? '1' : '0';
@@ -525,6 +684,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 					$ins_data = array(
 						'domain' => $domain,
 						'domain_ace' => $idna_convert->decode($domain),
 						'customerid' => $customerid,
 						'adminid' => $adminid,
 						'documentroot' => $documentroot,
@@ -542,6 +702,8 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 						'openbasedir' => $openbasedir,
 						'speciallogfile' => $speciallogfile,
 						'specialsettings' => $specialsettings,
 						'ssl_specialsettings' => $ssl_specialsettings,
 						'include_specialsettings' => $include_specialsettings,
 						'notryfiles' => $notryfiles,
 						'writeaccesslog' => $writeaccesslog,
 						'writeerrorlog' => $writeerrorlog,
@@ -558,12 +720,20 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 						'hsts' => $hsts_maxage,
 						'hsts_sub' => $hsts_sub,
 						'hsts_preload' => $hsts_preload,
-						'ocsp_stapling' => $ocsp_stapling
+						'ocsp_stapling' => $ocsp_stapling,
 						'override_tls' => $override_tls,
 						'ssl_protocols' => implode(",", $ssl_protocols),
 						'ssl_cipher_list' => $ssl_cipher_list,
 						'tlsv13_cipher_list' => $tlsv13_cipher_list,
 						'sslenabled' => $sslenabled,
 						'honorcipherorder' => $honorcipherorder,
 						'sessiontickets' => $sessiontickets
 					);
 					$ins_stmt = Database::prepare("
 						INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
 						`domain` = :domain,
 						`domain_ace` = :domain_ace,
 						`customerid` = :customerid,
 						`adminid` = :adminid,
 						`documentroot` = :documentroot,
@@ -584,6 +754,8 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 						`openbasedir` = :openbasedir,
 						`speciallogfile` = :speciallogfile,
 						`specialsettings` = :specialsettings,
 						`ssl_specialsettings` = :ssl_specialsettings,
 						`include_specialsettings` = :include_specialsettings,
 						`notryfiles` = :notryfiles,
 						`writeaccesslog` = :writeaccesslog,
 						`writeerrorlog` = :writeerrorlog,
@@ -600,7 +772,14 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 						`hsts` = :hsts,
 						`hsts_sub` = :hsts_sub,
 						`hsts_preload` = :hsts_preload,
-						`ocsp_stapling` = :ocsp_stapling
+						`ocsp_stapling` = :ocsp_stapling,
 						`override_tls` = :override_tls,
 						`ssl_protocols` = :ssl_protocols,
 						`ssl_cipher_list` = :ssl_cipher_list,
 						`tlsv13_cipher_list` = :tlsv13_cipher_list,
 						`ssl_enabled` = :sslenabled,
 						`ssl_honorcipherorder` = :honorcipherorder,
 						`ssl_sessiontickets`= :sessiontickets
 					");
 					Database::pexecute($ins_stmt, $ins_data, true, true);
 					$domainid = Database::lastInsertId();
@@ -670,8 +849,8 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 *        	optional, default is the calling admin's ID
 	 * @param array $ipandport
 	 *        	optional list of ip/ports to assign to domain, default is system-default-ips
-	 * @param bool $subcanemaildomain
+	 * @param int $subcanemaildomain
-	 *        	optional, allow subdomains of this domain as email domains, default 0 (false)
+	 *        	optional, allow subdomains of this domain as email domains, 1 = choosable (default no), 2 = choosable (default yes), 3 = always, default 0 (never)
 	 * @param bool $isemaildomain
 	 *        	optional, allow email usage with this domain, default 0 (false)
 	 * @param bool $email_only
@@ -700,8 +879,12 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 *        	optional, currently not in use, default 0 (false)
 	 * @param string $specialsettings
 	 *        	optional, custom webserver vhost-content which is added to the generated vhost, default empty
 	 * @param string $ssl_specialsettings
 	 *        	optional, custom webserver vhost-content which is added to the generated ssl-vhost, default empty
 	 * @param bool $include_specialsettings
 	 *        	optional, whether or not to include non-ssl specialsettings in the generated ssl-vhost, default false
 	 * @param bool $specialsettingsforsubdomains
-	 *        	optional, whether to apply specialsettings to all subdomains of this domain, default 0 (false)
+	 *        	optional, whether to apply specialsettings to all subdomains of this domain, default is read from setting system.apply_specialsettings_default
 	 * @param bool $notryfiles
 	 *        	optional, [nginx only] do not generate the default try-files directive, default 0 (false)
 	 * @param bool $writeaccesslog
@@ -713,7 +896,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 * @param bool $phpenabled
 	 *        	optional, whether php is enabled for this domain, default 0 (false)
 	 * @param bool $phpsettingsforsubdomains
-	 *        	optional, whether to apply php-setting to apply to all subdomains of this domain, default 0 (false)
+	 *        	optional, whether to apply php-setting to apply to all subdomains of this domain, default is read from setting system.apply_phpconfigs_default
 	 * @param bool $openbasedir
 	 *        	optional, whether to activate openbasedir restriction for this domain, default 0 (false)
 	 * @param int $phpsettingid
@@ -727,7 +910,11 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 * @param bool $letsencrypt
 	 *        	optional, whether to generate a Let's Encrypt certificate for this domain, default false; requires SSL to be enabled
 	 * @param array $ssl_ipandport
-	 *        	optional, list of ssl-enabled ip/port id's to assign to this domain
+	 *        	optional, list of ssl-enabled ip/port id's to assign to this domain, if left empty, the current set value is being used, to remove all ssl ips use $remove_ssl_ipandport
 	 * @param bool $remove_ssl_ipandport
 	 *        	optional, if set to true and no $ssl_ipandport value is given, the ip's get removed, otherwise, the currently set value is used, default false
 	 * @param bool $sslenabled
 	 *        	optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default 1 (true)
 	 * @param bool $http2
 	 *        	optional, whether to enable http/2 for this domain (requires to be enabled in the settings), default 0 (false)
 	 * @param int $hsts_maxage
@@ -738,6 +925,10 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 *        	optional whether or not to preload HSTS header value
 	 * @param bool $ocsp_stapling
 	 *        	optional whether to enable ocsp-stapling for this domain. default 0 (false), requires SSL
 	 * @param bool $honorcipherorder
 	 *        	optional whether to honor the (server) cipher order for this domain. default 0 (false), requires SSL
 	 * @param bool $sessiontickets
 	 *        	optional whether to enable or disable TLS sessiontickets (RFC 5077) for this domain. default 1 (true), requires SSL
 	 *        	
 	 * @access admin
 	 * @throws \Exception
@@ -764,7 +955,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			$customerid = intval($this->getParam('customerid', true, $result['customerid']));
 			$adminid = intval($this->getParam('adminid', true, $result['adminid']));
-			$subcanemaildomain = $this->getBoolParam('subcanemaildomain', true, $result['subcanemaildomain']);
+			$subcanemaildomain = $this->getParam('subcanemaildomain', true, $result['subcanemaildomain']);
 			$isemaildomain = $this->getBoolParam('isemaildomain', true, $result['isemaildomain']);
 			$email_only = $this->getBoolParam('email_only', true, $result['email_only']);
 			$p_serveraliasoption = $this->getParam('selectserveralias', true, - 1);
@@ -779,25 +970,51 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			$zonefile = $this->getParam('zonefile', true, $result['zonefile']);
 			$dkim = $this->getBoolParam('dkim', true, $result['dkim']);
 			$specialsettings = $this->getParam('specialsettings', true, $result['specialsettings']);
-			$ssfs = $this->getBoolParam('specialsettingsforsubdomains', true, 0);
+			$ssl_specialsettings = $this->getParam('ssl_specialsettings', true, $result['ssl_specialsettings']);
 			$include_specialsettings = $this->getBoolParam('include_specialsettings', true, $result['include_specialsettings']);
 			$ssfs = $this->getBoolParam('specialsettingsforsubdomains', true, \Froxlor\Settings::Get('system.apply_specialsettings_default'));
 			$notryfiles = $this->getBoolParam('notryfiles', true, $result['notryfiles']);
 			$writeaccesslog = $this->getBoolParam('writeaccesslog', true, $result['writeaccesslog']);
 			$writeerrorlog = $this->getBoolParam('writeerrorlog', true, $result['writeerrorlog']);
 			$documentroot = $this->getParam('documentroot', true, $result['documentroot']);
 			$phpenabled = $this->getBoolParam('phpenabled', true, $result['phpenabled']);
-			$phpfs = $this->getBoolParam('phpsettingsforsubdomains', true, 0);
+			$phpfs = $this->getBoolParam('phpsettingsforsubdomains', true, \Froxlor\Settings::Get('system.apply_phpconfigs_default'));
 			$openbasedir = $this->getBoolParam('openbasedir', true, $result['openbasedir']);
 			$phpsettingid = $this->getParam('phpsettingid', true, $result['phpsettingid']);
 			$mod_fcgid_starter = $this->getParam('mod_fcgid_starter', true, $result['mod_fcgid_starter']);
 			$mod_fcgid_maxrequests = $this->getParam('mod_fcgid_maxrequests', true, $result['mod_fcgid_maxrequests']);
 			$ssl_redirect = $this->getBoolParam('ssl_redirect', true, $result['ssl_redirect']);
 			$letsencrypt = $this->getBoolParam('letsencrypt', true, $result['letsencrypt']);
-			$p_ssl_ipandports = $this->getParam('ssl_ipandport', true, array());
+			$remove_ssl_ipandport = $this->getBoolParam('remove_ssl_ipandport', true, 0);
 			$p_ssl_ipandports = $this->getParam('ssl_ipandport', true, $remove_ssl_ipandport ? array(
 				- 1
 			) : null);
 			$sslenabled = $this->getBoolParam('sslenabled', true, $result['ssl_enabled']);
 			$http2 = $this->getBoolParam('http2', true, $result['http2']);
 			$hsts_maxage = $this->getParam('hsts_maxage', true, $result['hsts']);
 			$hsts_sub = $this->getBoolParam('hsts_sub', true, $result['hsts_sub']);
 			$hsts_preload = $this->getBoolParam('hsts_preload', true, $result['hsts_preload']);
 			$ocsp_stapling = $this->getBoolParam('ocsp_stapling', true, $result['ocsp_stapling']);
 			$honorcipherorder = $this->getBoolParam('honorcipherorder', true, $result['ssl_honorcipherorder']);
 			$sessiontickets = $this->getBoolParam('sessiontickets', true, $result['ssl_sessiontickets']);
 			$override_tls = $this->getBoolParam('override_tls', true, $result['override_tls']);
 			if ($this->getUserDetail('change_serversettings') == '1') {
 				if ($override_tls) {
 					$p_ssl_protocols = $this->getParam('ssl_protocols', true, explode(',', $result['ssl_protocols']));
 					$ssl_cipher_list = $this->getParam('ssl_cipher_list', true, $result['ssl_cipher_list']);
 					$tlsv13_cipher_list = $this->getParam('tlsv13_cipher_list', true, $result['tlsv13_cipher_list']);
 				} else {
 					$p_ssl_protocols = array();
 					$ssl_cipher_list = "";
 					$tlsv13_cipher_list = "";
 				}
 			} else {
 				$p_ssl_protocols = explode(',', $result['ssl_protocols']);
 				$ssl_cipher_list = $result['ssl_cipher_list'];
 				$tlsv13_cipher_list = $result['tlsv13_cipher_list'];
 			}
 			// count subdomain usage of source-domain
 			$subdomains_stmt = Database::prepare("
@@ -905,7 +1122,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				'0',
 				''
 			), true);
-			if ($registration_date == '0000-00-00') {
+			if ($registration_date == '0000-00-00' || empty($registration_date)) {
 				$registration_date = null;
 			}
 			$termination_date = \Froxlor\Validate\Validate::validate($termination_date, 'termination_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array(
@@ -913,7 +1130,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				'0',
 				''
 			), true);
-			if ($termination_date == '0000-00-00') {
+			if ($termination_date == '0000-00-00' || empty($termination_date)) {
 				$termination_date = null;
 			}
@@ -968,16 +1185,48 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				if (! preg_match('/^https?\:\/\//', $documentroot) && strstr($documentroot, ":") !== false) {
 					\Froxlor\UI\Response::standard_error('pathmaynotcontaincolon', '', true);
 				}
 				$ssl_protocols = array();
 				if (! empty($p_ssl_protocols) && is_numeric($p_ssl_protocols)) {
 					$p_ssl_protocols = array(
 						$p_ssl_protocols
 					);
 				}
 				if (! empty($p_ssl_protocols) && ! is_array($p_ssl_protocols)) {
 					$p_ssl_protocols = json_decode($p_ssl_protocols, true);
 				}
 				if (! empty($p_ssl_protocols) && is_array($p_ssl_protocols)) {
 					$protocols_available = array(
 						'TLSv1',
 						'TLSv1.1',
 						'TLSv1.2',
 						'TLSv1.3'
 					);
 					foreach ($p_ssl_protocols as $ssl_protocol) {
 						if (! in_array(trim($ssl_protocol), $protocols_available)) {
 							$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_DEBUG, "[API] unknown SSL protocol '" . trim($ssl_protocol) . "'");
 							continue;
 						}
 						$ssl_protocols[] = $ssl_protocol;
 					}
 				}
 				if (empty($ssl_protocols)) {
 					$override_tls = '0';
 				}
 			} else {
 				$isbinddomain = $result['isbinddomain'];
 				$zonefile = $result['zonefile'];
 				$dkim = $result['dkim'];
 				$specialsettings = $result['specialsettings'];
 				$ssl_specialsettings = $result['ssl_specialsettings'];
 				$include_specialsettings = $result['include_specialsettings'];
 				$ssfs = (empty($specialsettings) ? 0 : 1);
 				$notryfiles = $result['notryfiles'];
 				$writeaccesslog = $result['writeaccesslog'];
 				$writeerrorlog = $result['writeerrorlog'];
 				$documentroot = $result['documentroot'];
 				$ssl_protocols = $p_ssl_protocols;
 				$override_tls = $result['override_tls'];
 			}
 			if ($this->getUserDetail('caneditphpsettings') == '1' || $this->getUserDetail('change_serversettings') == '1') {
@@ -1025,9 +1274,23 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			// check non-ssl IP
 			$ipandports = $this->validateIpAddresses($p_ipandports, false, $result['id']);
 			// check ssl IP
 			if (empty($p_ssl_ipandports) || (! is_array($p_ssl_ipandports) && is_null($p_ssl_ipandports))) {
 				foreach ($result['ipsandports'] as $ip) {
 					if ($ip['ssl'] == 1) {
 						$p_ssl_ipandports[] = $ip['id'];
 					}
 				}
 			}
 			$ssl_ipandports = array();
-			if (Settings::Get('system.use_ssl') == "1" && ! empty($p_ssl_ipandports)) {
+			if (Settings::Get('system.use_ssl') == "1" && ! empty($p_ssl_ipandports) && $p_ssl_ipandports[0] != - 1) {
 				$ssl_ipandports = $this->validateIpAddresses($p_ssl_ipandports, true, $result['id']);
 				if ($this->getUserDetail('change_serversettings') == '1') {
 					$ssl_specialsettings = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $ssl_specialsettings), 'ssl_specialsettings', '/^[^\0]*$/', '', array(), true);
 				}
 			}
 			if ($remove_ssl_ipandport || (! empty($p_ssl_ipandports) && $p_ssl_ipandports[0] == - 1)) {
 				$ssl_ipandports = array();
 			}
 			if (Settings::Get('system.use_ssl') == "0" || empty($ssl_ipandports)) {
 				$ssl_redirect = 0;
@@ -1044,17 +1307,16 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				// OCSP stapling
 				$ocsp_stapling = 0;
 				// vhost container settings
 				$ssl_specialsettings = '';
 				$include_specialsettings = 0;
 			}
-			// We can't enable let's encrypt for wildcard domains when using acme-v1
+			// We can't enable let's encrypt for wildcard-domains
-			if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') {
+			if ($serveraliasoption == '0' && $letsencrypt == '1') {
 				\Froxlor\UI\Response::standard_error('nowildcardwithletsencrypt', '', true);
 			}
 			// if using acme-v2 we cannot issue wildcard-certificates
 			// because they currently only support the dns-01 challenge
 			if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') {
 				\Froxlor\UI\Response::standard_error('nowildcardwithletsencryptv2', '', true);
 			}
 			// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
 			if ($ssl_redirect > 0 && $letsencrypt == 1 && $result['letsencrypt'] != $letsencrypt) {
@@ -1252,12 +1514,16 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			if ($ssfs == 1) {
 				$_update_data['specialsettings'] = $specialsettings;
-				$upd_specialsettings = ", `specialsettings` = :specialsettings ";
+				$_update_data['ssl_specialsettings'] = $ssl_specialsettings;
 				$_update_data['include_specialsettings'] = $include_specialsettings;
 				$upd_specialsettings = ", `specialsettings` = :specialsettings, `ssl_specialsettings` = :ssl_specialsettings, `include_specialsettings` = :include_specialsettings ";
 			} else {
 				$upd_specialsettings = '';
 				unset($_update_data['specialsettings']);
 				unset($_update_data['ssl_specialsettings']);
 				unset($_update_data['include_specialsettings']);
 				$upd_stmt = Database::prepare("
-					UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `specialsettings`='' WHERE `parentdomainid` = :id
+					UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `specialsettings`='', `ssl_specialsettings`='', `include_specialsettings`='0' WHERE `parentdomainid` = :id
 				");
 				Database::pexecute($upd_stmt, array(
 					'id' => $id
@@ -1290,6 +1556,8 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			$update_data['mod_fcgid_starter'] = $mod_fcgid_starter;
 			$update_data['mod_fcgid_maxrequests'] = $mod_fcgid_maxrequests;
 			$update_data['specialsettings'] = $specialsettings;
 			$update_data['ssl_specialsettings'] = $ssl_specialsettings;
 			$update_data['include_specialsettings'] = $include_specialsettings;
 			$update_data['notryfiles'] = $notryfiles;
 			$update_data['writeaccesslog'] = $writeaccesslog;
 			$update_data['writeerrorlog'] = $writeerrorlog;
@@ -1302,6 +1570,13 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			$update_data['hsts_sub'] = $hsts_sub;
 			$update_data['hsts_preload'] = $hsts_preload;
 			$update_data['ocsp_stapling'] = $ocsp_stapling;
 			$update_data['override_tls'] = $override_tls;
 			$update_data['ssl_protocols'] = implode(",", $ssl_protocols);
 			$update_data['ssl_cipher_list'] = $ssl_cipher_list;
 			$update_data['tlsv13_cipher_list'] = $tlsv13_cipher_list;
 			$update_data['sslenabled'] = $sslenabled;
 			$update_data['honorcipherorder'] = $honorcipherorder;
 			$update_data['sessiontickets'] = $sessiontickets;
 			$update_data['id'] = $id;
 			$update_stmt = Database::prepare("
@@ -1327,6 +1602,8 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				`mod_fcgid_starter` = :mod_fcgid_starter,
 				`mod_fcgid_maxrequests` = :mod_fcgid_maxrequests,
 				`specialsettings` = :specialsettings,
 				`ssl_specialsettings` = :ssl_specialsettings,
 				`include_specialsettings` = :include_specialsettings,
 				`notryfiles` = :notryfiles,
 				`writeaccesslog` = :writeaccesslog,
 				`writeerrorlog` = :writeerrorlog,
@@ -1338,7 +1615,14 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				`hsts` = :hsts,
 				`hsts_sub` = :hsts_sub,
 				`hsts_preload` = :hsts_preload,
-				`ocsp_stapling` = :ocsp_stapling
+				`ocsp_stapling` = :ocsp_stapling,
 				`override_tls` = :override_tls,
 				`ssl_protocols` = :ssl_protocols,
 				`ssl_cipher_list` = :ssl_cipher_list,
 				`tlsv13_cipher_list` = :tlsv13_cipher_list,
 				`ssl_enabled` = :sslenabled,
 				`ssl_honorcipherorder` = :honorcipherorder,
 				`ssl_sessiontickets` = :sessiontickets
 				WHERE `id` = :id
 			");
 			Database::pexecute($update_stmt, $update_data, true, true);
@@ -1349,6 +1633,15 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			$_update_data['openbasedir'] = $openbasedir;
 			$_update_data['mod_fcgid_starter'] = $mod_fcgid_starter;
 			$_update_data['mod_fcgid_maxrequests'] = $mod_fcgid_maxrequests;
 			$_update_data['notryfiles'] = $notryfiles;
 			$_update_data['writeaccesslog'] = $writeaccesslog;
 			$_update_data['writeerrorlog'] = $writeerrorlog;
 			$_update_data['override_tls'] = $override_tls;
 			$_update_data['ssl_protocols'] = implode(",", $ssl_protocols);
 			$_update_data['ssl_cipher_list'] = $ssl_cipher_list;
 			$_update_data['tlsv13_cipher_list'] = $tlsv13_cipher_list;
 			$_update_data['honorcipherorder'] = $honorcipherorder;
 			$_update_data['sessiontickets'] = $sessiontickets;
 			$_update_data['parentdomainid'] = $id;
 			// if php config is to be set for all subdomains, check here
@@ -1357,7 +1650,6 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				$_update_data['phpsettingid'] = $phpsettingid;
 				$update_phpconfig = ", `phpsettingid` = :phpsettingid";
 			}
 			// if we have no more ssl-ip's for this domain,
 			// all its subdomains must have "ssl-redirect = 0"
 			// and disable let's encrypt
@@ -1373,7 +1665,16 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				`phpenabled` = :phpenabled,
 				`openbasedir` = :openbasedir,
 				`mod_fcgid_starter` = :mod_fcgid_starter,
-				`mod_fcgid_maxrequests` = :mod_fcgid_maxrequests
+				`mod_fcgid_maxrequests` = :mod_fcgid_maxrequests,
 				`notryfiles` = :notryfiles,
 				`writeaccesslog` = :writeaccesslog,
 				`writeerrorlog` = :writeerrorlog,
 				`override_tls` = :override_tls,
 				`ssl_protocols` = :ssl_protocols,
 				`ssl_cipher_list` = :ssl_cipher_list,
 				`tlsv13_cipher_list` = :tlsv13_cipher_list,
 				`ssl_honorcipherorder` = :honorcipherorder,
 				`ssl_sessiontickets` = :sessiontickets
 				" . $update_phpconfig . $upd_specialsettings . $updatechildren . $update_sslredirect . "
 				WHERE `parentdomainid` = :parentdomainid
 			");
@@ -1447,14 +1748,15 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 					}
 				}
 			}
-			if ($result['aliasdomain'] != $aliasdomain) {
+			if ($result['aliasdomain'] != $aliasdomain && is_numeric($result['aliasdomain'])) {
 				// trigger when domain id for alias destination has changed: both for old and new destination
 				\Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($result['aliasdomain'], $this->logger());
 				\Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $this->logger());
-			} elseif ($result['wwwserveralias'] != $wwwserveralias || $result['letsencrypt'] != $letsencrypt) {
+			}
 			if ($result['wwwserveralias'] != $wwwserveralias || $result['letsencrypt'] != $letsencrypt) {
 				// or when wwwserveralias or letsencrypt was changed
 				\Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $this->logger());
-				if ($aliasdomain === 0) {
+				if ((int) $aliasdomain === 0) {
 					// in case the wwwserveralias is set on a main domain, $aliasdomain is 0
 					// --> the call just above to triggerLetsEncryptCSRForAliasDestinationDomain
 					// is a noop...let's repeat it with the domain id of the main domain
@@ -1462,7 +1764,8 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				}
 			}
-			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] updated domain '" . $result['domain'] . "'");
+			$idna_convert = new \Froxlor\Idna\IdnaWrapper();
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] updated domain '" . $idna_convert->decode($result['domain']) . "'");
 			return $this->response(200, "successfull", $update_data);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
@@ -1616,6 +1919,9 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			// remove domains DNS from powerDNS if used, #581
 			\Froxlor\System\Cronjob::inserttask('11', $result['domain']);
 			// remove domain from acme.sh / lets encrypt if used
 			\Froxlor\System\Cronjob::inserttask('12', $result['domain']);
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] deleted domain/subdomains (#" . $result['id'] . ")");
 			\Froxlor\User::updateCounters();
 			\Froxlor\System\Cronjob::inserttask('1');
@@ -1633,7 +1939,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 * @param boolean $ssl
 	 *        	default false
 	 * @param int $edit_id
-	 *          default 0
+	 *        	default 0
 	 *        	
 	 * @throws \Exception
 	 * @return array
@@ -1693,8 +1999,10 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 		} elseif ($edit_id > 0) {
 			// set currently used ip's
 			$ipsresult_stmt = Database::prepare("
-				SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = :id
+				SELECT d2i.`id_ipandports`
-			");
+				FROM `" . TABLE_DOMAINTOIP . "` d2i
 				LEFT JOIN `" . TABLE_PANEL_IPSANDPORTS . "` i ON i.id = d2i.id_ipandports
 				WHERE d2i.`id_domain` = :id AND i.`ssl` = " . ($ssl ? "'1'" : "'0'"));
 			Database::pexecute($ipsresult_stmt, array(
 				'id' => $edit_id
 			), true, true);
--- a/lib/Froxlor/Api/Commands/EmailAccounts.php
+++ b/lib/Froxlor/Api/Commands/EmailAccounts.php
@@ -81,9 +81,9 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
 			));
 			$id = $result['id'];
 			$email_full = $result['email_full'];
 			$idna_convert = new \Froxlor\Idna\IdnaWrapper();
-			$username = $idna_convert->decode($email_full);
+			$email_full = $result['email_full'];
 			$username = $email_full;
 			$password = \Froxlor\Validate\Validate::validate($email_password, 'password', '', '', array(), true);
 			$password = \Froxlor\System\Crypt::validatePassword($password, true);
@@ -100,8 +100,8 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
 			// alternative email address to send info to
 			if (Settings::Get('panel.sendalternativemail') == 1) {
 				$alternative_email = $idna_convert->encode(\Froxlor\Validate\Validate::validate($alternative_email, 'alternative_email', '', '', array(), true));
-				if (! \Froxlor\Validate\Validate::validateEmail($alternative_email)) {
+				if (!empty($alternative_email) && ! \Froxlor\Validate\Validate::validateEmail($alternative_email)) {
-					\Froxlor\UI\Response::standard_error('emailiswrong', $alternative_email, true);
+					\Froxlor\UI\Response::standard_error('alternativeemailiswrong', $alternative_email, true);
 				}
 			} else {
 				$alternative_email = '';
@@ -192,7 +192,12 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
 				$replace_arr = array(
 					'EMAIL' => $email_full,
 					'USERNAME' => $username,
-					'PASSWORD' => $password
+					'PASSWORD' => $password,
 					'SALUTATION' => \Froxlor\User::getCorrectUserSalutation($customer),
 					'NAME' => $customer['name'],
 					'FIRSTNAME' => $customer['firstname'],
 					'COMPANY' => $customer['company'],
 					'CUSTOMER_NO' => $customer['customernumber']
 				);
 				// get the customers admin
@@ -231,7 +236,7 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
 				$this->mailer()->clearAddresses();
 				// customer wants to send the e-mail to an alternative email address too
-				if (Settings::Get('panel.sendalternativemail') == 1) {
+				if (Settings::Get('panel.sendalternativemail') == 1 && !empty($alternative_email)) {
 					// get template for mail subject
 					$mail_subject = $this->getMailTemplate($customer, 'mails', 'pop_success_alternative_subject', $replace_arr, $this->lng['mails']['pop_success_alternative']['subject']);
 					// get template for mail body
@@ -388,12 +393,21 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
 	}
 	/**
-	 * You cannot directly list email forwarders.
+	 * You cannot directly list email accounts.
 	 * You need to call Emails.listing()
 	 */
 	public function listing()
 	{
-		throw new \Exception('You cannot directly list email forwarders. You need to call Emails.listing()', 303);
+		throw new \Exception('You cannot directly list email accounts. You need to call Emails.listing()', 303);
 	}
 	/**
 	 * You cannot directly count email accounts.
 	 * You need to call Emails.listingCount()
 	 */
 	public function listingCount()
 	{
 		throw new \Exception('You cannot directly count email accounts. You need to call Emails.listingCount()', 303);
 	}
 	/**
--- a/lib/Froxlor/Api/Commands/EmailForwarders.php
+++ b/lib/Froxlor/Api/Commands/EmailForwarders.php
@@ -109,11 +109,11 @@ class EmailForwarders extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Re
 	/**
 	 * You cannot directly get an email forwarder.
-	 * You need to call Emails.get()
+	 * Try EmailForwarders.listing()
 	 */
 	public function get()
 	{
-		throw new \Exception('You cannot directly get an email forwarder. You need to call Emails.get()', 303);
+		throw new \Exception('You cannot directly get an email forwarder. Try EmailForwarders.listing()', 303);
 	}
 	/**
@@ -126,12 +126,91 @@ class EmailForwarders extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Re
 	}
 	/**
-	 * You cannot directly list email forwarders.
+	 * List email forwarders for a given email address
-	 * You need to call Emails.listing()
+	 *
 	 * @param int $id
 	 *        	optional, the email-address-id
 	 * @param string $emailaddr
 	 *        	optional, the email-address to delete the forwarder from
 	 * @param int $customerid
 	 *        	optional, admin-only, the customer-id
 	 * @param string $loginname
 	 *        	optional, admin-only, the loginname
 	 *        	
 	 * @access admin,customer
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
 	 */
 	public function listing()
 	{
-		throw new \Exception('You cannot directly list email forwarders. You need to call Emails.listing()', 303);
+		if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'email')) {
 			throw new \Exception("You cannot access this resource", 405);
 		}
 		// parameter
 		$id = $this->getParam('id', true, 0);
 		$ea_optional = ($id <= 0 ? false : true);
 		$emailaddr = $this->getParam('emailaddr', $ea_optional, '');
 		// validation
 		$result = $this->apiCall('Emails.get', array(
 			'id' => $id,
 			'emailaddr' => $emailaddr
 		));
 		$id = $result['id'];
 		$result['destination'] = explode(' ', $result['destination']);
 		$destination = array();
 		foreach ($result['destination'] as $index => $address) {
 			$destination[] = [
 				'id' => $index,
 				'address' => $address
 			];
 		}
 		return $this->response(200, "successfull", [
 			'count' => count($destination),
 			'list' => $destination
 		]);
 	}
 	/**
 	 * count email forwarders for a given email address
 	 *
 	 * @param int $id
 	 *        	optional, the email-address-id
 	 * @param string $emailaddr
 	 *        	optional, the email-address to delete the forwarder from
 	 * @param int $customerid
 	 *        	optional, admin-only, the customer-id
 	 * @param string $loginname
 	 *        	optional, admin-only, the loginname
 	 *        	
 	 * @access admin,customer
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function listingCount()
 	{
 		if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'email')) {
 			throw new \Exception("You cannot access this resource", 405);
 		}
 		// parameter
 		$id = $this->getParam('id', true, 0);
 		$ea_optional = ($id <= 0 ? false : true);
 		$emailaddr = $this->getParam('emailaddr', $ea_optional, '');
 		// validation
 		$result = $this->apiCall('Emails.get', array(
 			'id' => $id,
 			'emailaddr' => $emailaddr
 		));
 		$id = $result['id'];
 		$result['destination'] = explode(' ', $result['destination']);
 		return $this->response(200, "successfull", count($result['destination']));
 	}
 	/**
--- a/lib/Froxlor/Api/Commands/Emails.php
+++ b/lib/Froxlor/Api/Commands/Emails.php
@@ -106,10 +106,12 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			);
 			$email_check = Database::pexecute_first($stmt, $params, true, true);
-			if (strtolower($email_check['email_full']) == strtolower($email_full)) {
+			if ($email_check) {
-				\Froxlor\UI\Response::standard_error('emailexistalready', $email_full, true);
+				if (strtolower($email_check['email_full']) == strtolower($email_full)) {
-			} elseif ($email_check['email'] == $email) {
+					\Froxlor\UI\Response::standard_error('emailexistalready', $email_full, true);
-				\Froxlor\UI\Response::standard_error('youhavealreadyacatchallforthisdomain', '', true);
+				} elseif ($email_check['email'] == $email) {
 					\Froxlor\UI\Response::standard_error('youhavealreadyacatchallforthisdomain', '', true);
 				}
 			}
 			$stmt = Database::prepare("
@@ -233,6 +235,19 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			$iscatchall = '1';
 			$email_parts = explode('@', $result['email_full']);
 			$email = '@' . $email_parts[1];
 			// catchall check
 			$stmt = Database::prepare("
 				SELECT `email_full` FROM `" . TABLE_MAIL_VIRTUAL . "`
 				WHERE `email` = :email AND `customerid` = :cid AND `iscatchall` = '1'
 			");
 			$params = array(
 				"email" => $email,
 				"cid" => $customer['customerid']
 			);
 			$email_check = Database::pexecute_first($stmt, $params, true, true);
 			if ($email_check) {
 				\Froxlor\UI\Response::standard_error('youhavealreadyacatchallforthisdomain', '', true);
 			}
 		} else {
 			$iscatchall = '0';
 			$email = $result['email_full'];
@@ -265,6 +280,14 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 	 *        	optional, admin-only, select email addresses of a specific customer by id
 	 * @param string $loginname
 	 *        	optional, admin-only, select email addresses of a specific customer by loginname
 	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
@@ -274,14 +297,14 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 	{
 		$customer_ids = $this->getAllowedCustomerIds('email');
 		$result = array();
 		$query_fields = array();
 		$result_stmt = Database::prepare("
 			SELECT m.`id`, m.`domainid`, m.`email`, m.`email_full`, m.`iscatchall`, u.`quota`, m.`destination`, m.`popaccountid`, d.`domain`, u.`mboxsize`
 			FROM `" . TABLE_MAIL_VIRTUAL . "` m
 			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` d ON (m.`domainid` = d.`id`)
 			LEFT JOIN `" . TABLE_MAIL_USERS . "` u ON (m.`popaccountid` = u.`id`)
-			WHERE m.`customerid` IN (" . implode(", ", $customer_ids) . ")
+			WHERE m.`customerid` IN (" . implode(", ", $customer_ids) . ")" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
-		");
+		Database::pexecute($result_stmt, $query_fields, true, true);
 		Database::pexecute($result_stmt, null, true, true);
 		while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
@@ -292,6 +315,34 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		));
 	}
 	/**
 	 * returns the total number of accessable email addresses
 	 *
 	 * @param int $customerid
 	 *        	optional, admin-only, select email addresses of a specific customer by id
 	 * @param string $loginname
 	 *        	optional, admin-only, select email addresses of a specific customer by loginname
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function listingCount()
 	{
 		$customer_ids = $this->getAllowedCustomerIds('email');
 		$result_stmt = Database::prepare("
 			SELECT COUNT(*) as num_emails
 			FROM `" . TABLE_MAIL_VIRTUAL . "` m
 			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` d ON (m.`domainid` = d.`id`)
 			LEFT JOIN `" . TABLE_MAIL_USERS . "` u ON (m.`popaccountid` = u.`id`)
 			WHERE m.`customerid` IN (" . implode(", ", $customer_ids) . ")
 		");
 		$result = Database::pexecute_first($result_stmt, null, true, true);
 		if ($result) {
 			return $this->response(200, "successfull", $result['num_emails']);
 		}
 	}
 	/**
 	 * delete an email address by either id or username
 	 *
@@ -340,26 +391,12 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		}
 		// check whether this address is an account
 		if ($result['popaccountid'] != 0) {
-			// Free the Quota used by the email account
+			// use EmailAccounts.delete
-			if (Settings::Get('system.mail_quota_enabled') == 1) {
+			$this->apiCall('EmailAccounts.delete', array(
-				$stmt = Database::prepare("SELECT `quota` FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid`= :customerid AND `id`= :id");
+				'id' => $result['id'],
-				$res_quota = Database::pexecute_first($stmt, array(
+				'customerid' => $customer['customerid'],
-					"customerid" => $customer['customerid'],
+				'delete_userfiles' => $delete_userfiles
-					"id" => $result['popaccountid']
+			));
 				), true, true);
 				Customers::decreaseUsage($customer['customerid'], 'email_quota_used', '', $res_quota['quota']);
 				Admins::decreaseUsage($customer['customerid'], 'email_quota_used', '', $res_quota['quota']);
 				$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_INFO, "[API] deleted quota entries for email address '" . $result['email_full'] . "'");
 			}
 			// delete account
 			$stmt = Database::prepare("DELETE FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid`= :customerid AND `id`= :id");
 			Database::pexecute($stmt, array(
 				"customerid" => $customer['customerid'],
 				"id" => $result['popaccountid']
 			), true, true);
 			Customers::decreaseUsage($customer['customerid'], 'email_accounts_used');
 			Admins::decreaseUsage($customer['customerid'], 'email_accounts_used');
 			$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_INFO, "[API] deleted email account '" . $result['email_full'] . "'");
 			$number_forwarders --;
 		}
--- a/lib/Froxlor/Api/Commands/FpmDaemons.php
+++ b/lib/Froxlor/Api/Commands/FpmDaemons.php
@@ -24,6 +24,15 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	/**
 	 * lists all fpm-daemon entries
 	 *
 	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *        	
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
@@ -32,21 +41,18 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	{
 		if ($this->isAdmin()) {
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list fpm-daemons");
-
+			$query_fields = array();
-			$result = Database::query("
+			$result_stmt = Database::prepare("
-				SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` ORDER BY `description` ASC
+				SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "`" . $this->getSearchWhere($query_fields) . $this->getOrderBy() . $this->getLimit());
-			");
+			Database::pexecute($result_stmt, $query_fields, true, true);
 			$fpmdaemons = array();
-			while ($row = $result->fetch(\PDO::FETCH_ASSOC)) {
+			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				$query_params = array(
 					'id' => $row['id']
 				);
-				$query = "SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `fpmsettingid` = :id";
+				$configresult_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `fpmsettingid` = :id");
 				$configresult_stmt = Database::prepare($query);
 				Database::pexecute($configresult_stmt, $query_params, true, true);
 				$configs = array();
@@ -72,6 +78,27 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * returns the total number of accessable fpm daemons
 	 *
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function listingCount()
 	{
 		if ($this->isAdmin()) {
 			$result_stmt = Database::prepare("
 				SELECT COUNT(*) as num_fpms FROM `" . TABLE_PANEL_FPMDAEMONS . "`
 			");
 			$result = Database::pexecute_first($result_stmt, null, true, true);
 			if ($result) {
 				return $this->response(200, "successfull", $result['num_fpms']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * return a fpm-daemon entry by id
 	 *
@@ -108,21 +135,23 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	 * @param string $reload_cmd
 	 * @param string $config_dir
 	 * @param string $pm
-	 *        	optional, process-manager, one of 'static', 'dynamic' or 'ondemand', default 'static'
+	 *        	optional, process-manager, one of 'static', 'dynamic' or 'ondemand', default 'dynamic'
 	 * @param int $max_children
-	 *        	optional, default 0
+	 *        	optional, default 5
 	 * @param int $start_servers
-	 *        	optional, default 0
+	 *        	optional, default 2
 	 * @param int $min_spare_servers
-	 *        	optional, default 0
+	 *        	optional, default 1
 	 * @param int $max_spare_servers
-	 *        	optional, default 0
+	 *        	optional, default 3
 	 * @param int $max_requests
 	 *        	optional, default 0
 	 * @param int $idle_timeout
-	 *        	optional, default 0
+	 *        	optional, default 10
 	 * @param string $limit_extensions
 	 *        	optional, limit execution to the following extensions, default '.php'
 	 * @param string $custom_config
 	 *        	optional, custom settings appended to phpfpm pool configuration
 	 *        	
 	 * @access admin
 	 * @throws \Exception
@@ -138,14 +167,15 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			$config_dir = $this->getParam('config_dir');
 			// parameters
-			$pmanager = $this->getParam('pm', true, 'static');
+			$pmanager = $this->getParam('pm', true, 'dynamic');
-			$max_children = $this->getParam('max_children', true, 0);
+			$max_children = $this->getParam('max_children', true, 5);
-			$start_servers = $this->getParam('start_servers', true, 0);
+			$start_servers = $this->getParam('start_servers', true, 2);
-			$min_spare_servers = $this->getParam('min_spare_servers', true, 0);
+			$min_spare_servers = $this->getParam('min_spare_servers', true, 1);
-			$max_spare_servers = $this->getParam('max_spare_servers', true, 0);
+			$max_spare_servers = $this->getParam('max_spare_servers', true, 3);
 			$max_requests = $this->getParam('max_requests', true, 0);
-			$idle_timeout = $this->getParam('idle_timeout', true, 0);
+			$idle_timeout = $this->getParam('idle_timeout', true, 10);
 			$limit_extensions = $this->getParam('limit_extensions', true, '.php');
 			$custom_config = $this->getParam('custom_config', true, '');
 			// validation
 			$description = \Froxlor\Validate\Validate::validate($description, 'description', '', '', array(), true);
@@ -179,7 +209,8 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				`max_spare_servers` = :max_spare_servers,
 				`max_requests` = :max_requests,
 				`idle_timeout` = :idle_timeout,
-				`limit_extensions` = :limit_extensions
+				`limit_extensions` = :limit_extensions,
 				`custom_config` = :custom_config
 			");
 			$ins_data = array(
 				'desc' => $description,
@@ -192,7 +223,8 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				'max_spare_servers' => $max_spare_servers,
 				'max_requests' => $max_requests,
 				'idle_timeout' => $idle_timeout,
-				'limit_extensions' => $limit_extensions
+				'limit_extensions' => $limit_extensions,
 				'custom_config' => $custom_config
 			);
 			Database::pexecute($ins_stmt, $ins_data);
 			$id = Database::lastInsertId();
@@ -219,21 +251,23 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	 * @param string $config_dir
 	 *        	optional
 	 * @param string $pm
-	 *        	optional, process-manager, one of 'static', 'dynamic' or 'ondemand', default 'static'
+	 *        	optional, process-manager, one of 'static', 'dynamic' or 'ondemand', default 'dynamic'
 	 * @param int $max_children
-	 *        	optional, default 0
+	 *        	optional, default 5
 	 * @param int $start_servers
-	 *        	optional, default 0
+	 *        	optional, default 2
 	 * @param int $min_spare_servers
-	 *        	optional, default 0
+	 *        	optional, default 1
 	 * @param int $max_spare_servers
-	 *        	optional, default 0
+	 *        	optional, default 3
 	 * @param int $max_requests
 	 *        	optional, default 0
 	 * @param int $idle_timeout
-	 *        	optional, default 0
+	 *        	optional, default 10
 	 * @param string $limit_extensions
 	 *        	optional, limit execution to the following extensions, default '.php'
 	 * @param string $custom_config
 	 *        	optional, custom settings appended to phpfpm pool configuration
 	 *        	
 	 * @access admin
 	 * @throws \Exception
@@ -262,6 +296,7 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			$max_requests = $this->getParam('max_requests', true, $result['max_requests']);
 			$idle_timeout = $this->getParam('idle_timeout', true, $result['idle_timeout']);
 			$limit_extensions = $this->getParam('limit_extensions', true, $result['limit_extensions']);
 			$custom_config = $this->getParam('custom_config', true, $result['custom_config']);
 			// validation
 			$description = \Froxlor\Validate\Validate::validate($description, 'description', '', '', array(), true);
@@ -295,7 +330,8 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				`max_spare_servers` = :max_spare_servers,
 				`max_requests` = :max_requests,
 				`idle_timeout` = :idle_timeout,
-				`limit_extensions` = :limit_extensions
+				`limit_extensions` = :limit_extensions,
 				`custom_config` = :custom_config
 				WHERE `id` = :id
 			");
 			$upd_data = array(
@@ -310,6 +346,7 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				'max_requests' => $max_requests,
 				'idle_timeout' => $idle_timeout,
 				'limit_extensions' => $limit_extensions,
 				'custom_config' => $custom_config,
 				'id' => $id
 			);
 			Database::pexecute($upd_stmt, $upd_data, true, true);
--- a/lib/Froxlor/Api/Commands/Froxlor.php
+++ b/lib/Froxlor/Api/Commands/Froxlor.php
@@ -39,7 +39,11 @@ class Froxlor extends \Froxlor\Api\ApiCommand
 				$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] checking for updates");
 				// check for new version
-				$latestversion = \Froxlor\Http\HttpClient::urlGet(UPDATE_URI);
+				try {
 					$latestversion = \Froxlor\Http\HttpClient::urlGet(UPDATE_URI, true, 3);
 				} catch (\Exception $e) {
 					$latestversion = \Froxlor\Froxlor::getVersion() . "|Version-check currently unavailable, please try again later";
 				}
 				$latestversion = explode('|', $latestversion);
 				if (is_array($latestversion) && count($latestversion) >= 1) {
@@ -212,7 +216,7 @@ class Froxlor extends \Froxlor\Api\ApiCommand
 	 */
 	public function updateSetting()
 	{
-		// currently not implemented as it required validation too so no wrong settings are being stored via API
+		// currently not implemented as it requires validation too so no wrong settings are being stored via API
 		throw new \Exception("Not available yet.", 501);
 		if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) {
@@ -228,6 +232,37 @@ class Froxlor extends \Froxlor\Api\ApiCommand
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * returns a random password based on froxlor settings for min-length, included characters, etc.
 	 *
 	 * @access admin, customer
 	 * @return string
 	 */
 	public function generatePassword()
 	{
 		return $this->response(200, "successfull", \Froxlor\System\Crypt::generatePassword());
 	}
 	/**
 	 * can be used to remotely run the integritiy checks froxlor implements
 	 *
 	 * @access admin
 	 * @throws \Exception
 	 * @return string
 	 */
 	public function integrityCheck()
 	{
 		if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) {
 			$integrity = new \Froxlor\Database\IntegrityCheck();
 			$result = $integrity->checkAll();
 			if ($result) {
 				return $this->response(200, "successfull", "OK");
 			}
 			throw new \Exception("Some checks failed.", 406);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * returns a list of all available api functions
 	 *
--- a/lib/Froxlor/Api/Commands/Ftps.php
+++ b/lib/Froxlor/Api/Commands/Ftps.php
@@ -41,6 +41,10 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 	 *        	optional if customer.ftpatdomain is allowed, specify a domain (customer must be owner)
 	 * @param int $customerid
 	 *        	required when called as admin, not needed when called as customer
 	 * @param array $additional_members
 	 *        	optional whether to add additional usernames to the group
 	 * @param bool $is_defaultuser
 	 *        	optional whether this is the standard default ftp user which is being added so no usage is decreased
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
@@ -52,7 +56,9 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 			throw new \Exception("You cannot access this resource", 405);
 		}
-		if ($this->getUserDetail('ftps_used') < $this->getUserDetail('ftps') || $this->getUserDetail('ftps') == '-1') {
+		$is_defaultuser = $this->getBoolParam('is_defaultuser', true, 0);
 		if (($this->getUserDetail('ftps_used') < $this->getUserDetail('ftps') || $this->getUserDetail('ftps') == '-1') || $this->isAdmin() && $is_defaultuser == 1) {
 			// required paramters
 			$path = $this->getParam('path');
@@ -66,6 +72,8 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 			$ftpusername = $this->getParam('ftp_username', true, '');
 			$ftpdomain = $this->getParam('ftp_domain', true, '');
 			$additional_members = $this->getParam('additional_members', true, array());
 			// validation
 			$password = \Froxlor\Validate\Validate::validate($password, 'password', '', '', array(), true);
 			$password = \Froxlor\System\Crypt::validatePassword($password, true);
@@ -87,13 +95,18 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 			$params = array();
 			// get needed customer info to reduce the ftp-user-counter by one
-			$customer = $this->getCustomerData('ftps');
+			if ($is_defaultuser) {
 				// no resource check for default user
 				$customer = $this->getCustomerData();
 			} else {
 				$customer = $this->getCustomerData('ftps');
 			}
 			if ($sendinfomail != 1) {
 				$sendinfomail = 0;
 			}
-			if (Settings::Get('customer.ftpatdomain') == '1') {
+			if (Settings::Get('customer.ftpatdomain') == '1' && ! $is_defaultuser) {
 				if ($ftpusername == '') {
 					\Froxlor\UI\Response::standard_error(array(
 						'stringisempty',
@@ -113,7 +126,11 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 				}
 				$username = $ftpusername . "@" . $ftpdomain;
 			} else {
-				$username = $customer['loginname'] . Settings::Get('customer.ftpprefix') . (intval($customer['ftp_lastaccountnumber']) + 1);
+				if ($is_defaultuser) {
 					$username = $customer['loginname'];
 				} else {
 					$username = $customer['loginname'] . Settings::Get('customer.ftpprefix') . (intval($customer['ftp_lastaccountnumber']) + 1);
 				}
 			}
 			$username_check_stmt = Database::prepare("
@@ -163,7 +180,7 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 					), true, true);
 				}
-				$stmt = Database::prepare("
+				$group_upd_stmt = Database::prepare("
 					UPDATE `" . TABLE_FTP_GROUPS . "`
 					SET `members` = CONCAT_WS(',',`members`, :username)
 					WHERE `customerid`= :customerid AND `gid`= :guid
@@ -173,12 +190,35 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 					"customerid" => $customer['customerid'],
 					"guid" => $customer['guid']
 				);
 				Database::pexecute($stmt, $params, true, true);
-				// update customer usage
+				if ($is_defaultuser) {
-				Customers::increaseUsage($customer['customerid'], 'ftps_used');
+					// add the new group
-				Customers::increaseUsage($customer['customerid'], 'ftp_lastaccountnumber');
+					$group_ins_stmt = Database::prepare("
 						INSERT INTO `" . TABLE_FTP_GROUPS . "`
 						SET `customerid`= :customerid, `gid`= :guid, `groupname` = :username, `members` = :username
 					");
 					Database::pexecute($group_ins_stmt, $params, true, true);
 				} else {
 					// just update
 					Database::pexecute($group_upd_stmt, $params, true, true);
 				}
 				if (count($additional_members) > 0) {
 					foreach ($additional_members as $add_member) {
 						$params = array(
 							"username" => $add_member,
 							"customerid" => $customer['customerid'],
 							"guid" => $customer['guid']
 						);
 						Database::pexecute($group_upd_stmt, $params, true, true);
 					}
 				}
 				if (! $is_defaultuser) {
 					// update customer usage
 					Customers::increaseUsage($customer['customerid'], 'ftps_used');
 					Customers::increaseUsage($customer['customerid'], 'ftp_lastaccountnumber');
 				}
 				$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_INFO, "[API] added ftp-account '" . $username . " (" . $path . ")'");
 				\Froxlor\System\Cronjob::inserttask(5);
@@ -187,6 +227,10 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 					$replace_arr = array(
 						'SALUTATION' => \Froxlor\User::getCorrectUserSalutation($customer),
 						'CUST_NAME' => \Froxlor\User::getCorrectUserSalutation($customer), // < keep this for compatibility
 						'NAME' => $customer['name'],
 						'FIRSTNAME' => $customer['firstname'],
 						'COMPANY' => $customer['company'],
 						'CUSTOMER_NO' => $customer['customernumber'],
 						'USR_NAME' => $username,
 						'USR_PASS' => $password,
 						'USR_PATH' => \Froxlor\FileDir::makeCorrectDir(str_replace($customer['documentroot'], "/", $path))
@@ -420,7 +464,15 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 	 *        	optional, admin-only, select ftp-users of a specific customer by id
 	 * @param string $loginname
 	 *        	optional, admin-only, select ftp-users of a specific customer by loginname
-	 *        	
+	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
@@ -429,11 +481,11 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 	{
 		$customer_ids = $this->getAllowedCustomerIds('ftp');
 		$result = array();
 		$query_fields = array();
 		$result_stmt = Database::prepare("
 			SELECT * FROM `" . TABLE_FTP_USERS . "`
-			WHERE `customerid` IN (" . implode(", ", $customer_ids) . ")
+			WHERE `customerid` IN (" . implode(", ", $customer_ids) . ")" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
-		");
+		Database::pexecute($result_stmt, $query_fields, true, true);
 		Database::pexecute($result_stmt, null, true, true);
 		while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
@@ -444,6 +496,32 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 		));
 	}
 	/**
 	 * returns the total number of accessable ftp accounts
 	 *
 	 * @param int $customerid
 	 *        	optional, admin-only, select ftp-users of a specific customer by id
 	 * @param string $loginname
 	 *        	optional, admin-only, select ftp-users of a specific customer by loginname
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function listingCount()
 	{
 		$customer_ids = $this->getAllowedCustomerIds('ftp');
 		$result = array();
 		$result_stmt = Database::prepare("
 			SELECT COUNT(*) as num_ftps FROM `" . TABLE_FTP_USERS . "`
 			WHERE `customerid` IN (" . implode(", ", $customer_ids) . ")
 		");
 		$result = Database::pexecute_first($result_stmt, null, true, true);
 		if ($result) {
 			return $this->response(200, "successfull", $result['num_ftps']);
 		}
 	}
 	/**
 	 * delete a ftp-user by either id or username
 	 *
@@ -502,6 +580,9 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 				"username" => $customer_data['loginname']
 			);
 			Database::pexecute($stmt, $params, true, true);
 		} else {
 			// do not allow removing default ftp-account
 			\Froxlor\UI\Response::standard_error('ftp_cantdeletemainaccount', '', true);
 		}
 		// remove all quotatallies
--- a/lib/Froxlor/Api/Commands/HostingPlans.php
+++ b/lib/Froxlor/Api/Commands/HostingPlans.php
@@ -1,6 +1,9 @@
 <?php
 namespace Froxlor\Api\Commands;
 use Froxlor\Settings;
 use Froxlor\Database\Database;
 /**
 * This file is part of the Froxlor project.
 * Copyright (c) 2010 the Froxlor Team (see authors).
@@ -19,28 +22,417 @@ namespace Froxlor\Api\Commands;
 class HostingPlans extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntity
 {
-	public function add()
+	/**
-	{
+	 * list all available hosting plans
-		throw new \Exception('noop', 303);
+	 *
-	}
+	 * @param array $sql_search
-
+	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
-	public function get()
+	 * @param int $sql_limit
-	{
+	 *        	optional specify number of results to be returned
-		throw new \Exception('noop', 303);
+	 * @param int $sql_offset
-	}
+	 *        	optional specify offset for resultset
-
+	 * @param array $sql_orderby
-	public function update()
+	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
-	{
+	 *        	
-		throw new \Exception('noop', 303);
+	 * @access admin
-	}
+	 * @throws \Exception
-
+	 * @return string json-encoded array count|list
 	 */
 	public function listing()
 	{
-		throw new \Exception('noop', 303);
+		if ($this->isAdmin()) {
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list hosting-plans");
 			$query_fields = array();
 			$result_stmt = Database::prepare("
 				SELECT p.*, a.loginname as adminname
 				FROM `" . TABLE_PANEL_PLANS . "` p, `" . TABLE_PANEL_ADMINS . "` a
 				WHERE `p`.`adminid` = `a`.`adminid`" . ($this->getUserDetail('customers_see_all') ? '' : " AND `p`.`adminid` = :adminid ") . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
 			$params = array();
 			if ($this->getUserDetail('customers_see_all') == '0') {
 				$params['adminid'] = $this->getUserDetail('adminid');
 			}
 			$params = array_merge($params, $query_fields);
 			Database::pexecute($result_stmt, $params, true, true);
 			$result = array();
 			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				$result[] = $row;
 			}
 			return $this->response(200, "successfull", array(
 				'count' => count($result),
 				'list' => $result
 			));
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * returns the total number of accessable hosting plans
 	 *
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function listingCount()
 	{
 		if ($this->isAdmin()) {
 			$result_stmt = Database::prepare("
 				SELECT COUNT(*) as num_plans
 				FROM `" . TABLE_PANEL_PLANS . "` p, `" . TABLE_PANEL_ADMINS . "` a
 				WHERE `p`.`adminid` = `a`.`adminid`" . ($this->getUserDetail('customers_see_all') ? '' : " AND `p`.`adminid` = :adminid "));
 			$params = array();
 			if ($this->getUserDetail('customers_see_all') == '0') {
 				$params['adminid'] = $this->getUserDetail('adminid');
 			}
 			$result = Database::pexecute_first($result_stmt, $params, true, true);
 			if ($result) {
 				return $this->response(200, "successfull", $result['num_plans']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * return a hosting-plan entry by either id or plan-name
 	 *
 	 * @param int $id
 	 *        	optional, the hosting-plan-id
 	 * @param string $planname
 	 *        	optional, the hosting-plan-name
 	 *        	
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function get()
 	{
 		if ($this->isAdmin()) {
 			$id = $this->getParam('id', true, 0);
 			$dn_optional = ($id <= 0 ? false : true);
 			$planname = $this->getParam('planname', $dn_optional, '');
 			$result_stmt = Database::prepare("
 				SELECT * FROM `" . TABLE_PANEL_PLANS . "` WHERE " . ($id > 0 ? "`id` = :iddn" : "`name` = :iddn") . ($this->getUserDetail('customers_see_all') ? '' : " AND `adminid` = :adminid"));
 			$params = array(
 				'iddn' => ($id <= 0 ? $planname : $id)
 			);
 			if ($this->getUserDetail('customers_see_all') == '0') {
 				$params['adminid'] = $this->getUserDetail('adminid');
 			}
 			$result = Database::pexecute_first($result_stmt, $params, true, true);
 			if ($result) {
 				$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] get hosting-plan '" . $result['name'] . "'");
 				return $this->response(200, "successfull", $result);
 			}
 			$key = ($id > 0 ? "id #" . $id : "planname '" . $planname . "'");
 			throw new \Exception("Hosting-plan with " . $key . " could not be found", 404);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * add new hosting-plan
 	 *
 	 * @param string $name
 	 *        	name of the plan
 	 * @param string $description
 	 *        	optional, description for hosting-plan
 	 * @param int $diskspace
 	 *        	optional disk-space available for customer in MB, default 0
 	 * @param bool $diskspace_ul
 	 *        	optional, whether customer should have unlimited diskspace, default 0 (false)
 	 * @param int $traffic
 	 *        	optional traffic available for customer in GB, default 0
 	 * @param bool $traffic_ul
 	 *        	optional, whether customer should have unlimited traffic, default 0 (false)
 	 * @param int $subdomains
 	 *        	optional amount of subdomains available for customer, default 0
 	 * @param bool $subdomains_ul
 	 *        	optional, whether customer should have unlimited subdomains, default 0 (false)
 	 * @param int $emails
 	 *        	optional amount of emails available for customer, default 0
 	 * @param bool $emails_ul
 	 *        	optional, whether customer should have unlimited emails, default 0 (false)
 	 * @param int $email_accounts
 	 *        	optional amount of email-accounts available for customer, default 0
 	 * @param bool $email_accounts_ul
 	 *        	optional, whether customer should have unlimited email-accounts, default 0 (false)
 	 * @param int $email_forwarders
 	 *        	optional amount of email-forwarders available for customer, default 0
 	 * @param bool $email_forwarders_ul
 	 *        	optional, whether customer should have unlimited email-forwarders, default 0 (false)
 	 * @param int $email_quota
 	 *        	optional size of email-quota available for customer in MB, default is system-setting mail_quota
 	 * @param bool $email_quota_ul
 	 *        	optional, whether customer should have unlimited email-quota, default 0 (false)
 	 * @param bool $email_imap
 	 *        	optional, whether to allow IMAP access, default 0 (false)
 	 * @param bool $email_pop3
 	 *        	optional, whether to allow POP3 access, default 0 (false)
 	 * @param int $ftps
 	 *        	optional amount of ftp-accounts available for customer, default 0
 	 * @param bool $ftps_ul
 	 *        	optional, whether customer should have unlimited ftp-accounts, default 0 (false)
 	 * @param int $mysqls
 	 *        	optional amount of mysql-databases available for customer, default 0
 	 * @param bool $mysqls_ul
 	 *        	optional, whether customer should have unlimited mysql-databases, default 0 (false)
 	 * @param bool $phpenabled
 	 *        	optional, whether to allow usage of PHP, default 0 (false)
 	 * @param array $allowed_phpconfigs
 	 *        	optional, array of IDs of php-config that the customer is allowed to use, default empty (none)
 	 * @param bool $perlenabled
 	 *        	optional, whether to allow usage of Perl/CGI, default 0 (false)
 	 * @param bool $dnsenabled
 	 *        	optional, ether to allow usage of the DNS editor (requires activated nameserver in settings), default 0 (false)
 	 * @param bool $logviewenabled
 	 *        	optional, ether to allow acccess to webserver access/error-logs, default 0 (false)
 	 *        	
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function add()
 	{
 		if ($this->isAdmin()) {
 			$name = $this->getParam('name');
 			$description = $this->getParam('description', true, '');
 			$value_arr = array();
 			$value_arr['diskspace'] = $this->getUlParam('diskspace', 'diskspace_ul', true, 0);
 			$value_arr['traffic'] = $this->getUlParam('traffic', 'traffic_ul', true, 0);
 			$value_arr['subdomains'] = $this->getUlParam('subdomains', 'subdomains_ul', true, 0);
 			$value_arr['emails'] = $this->getUlParam('emails', 'emails_ul', true, 0);
 			$value_arr['email_accounts'] = $this->getUlParam('email_accounts', 'email_accounts_ul', true, 0);
 			$value_arr['email_forwarders'] = $this->getUlParam('email_forwarders', 'email_forwarders_ul', true, 0);
 			$value_arr['email_quota'] = $this->getUlParam('email_quota', 'email_quota_ul', true, Settings::Get('system.mail_quota'));
 			$value_arr['email_imap'] = $this->getBoolParam('email_imap', true, 0);
 			$value_arr['email_pop3'] = $this->getBoolParam('email_pop3', true, 0);
 			$value_arr['ftps'] = $this->getUlParam('ftps', 'ftps_ul', true, 0);
 			$value_arr['mysqls'] = $this->getUlParam('mysqls', 'mysqls_ul', true, 0);
 			$value_arr['phpenabled'] = $this->getBoolParam('phpenabled', true, 0);
 			$p_allowed_phpconfigs = $this->getParam('allowed_phpconfigs', true, array());
 			$value_arr['perlenabled'] = $this->getBoolParam('perlenabled', true, 0);
 			$value_arr['dnsenabled'] = $this->getBoolParam('dnsenabled', true, 0);
 			$value_arr['logviewenabled'] = $this->getBoolParam('logviewenabled', true, 0);
 			// validation
 			$name = \Froxlor\Validate\Validate::validate(trim($name), 'name', '', '', array(), true);
 			$description = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $description), 'description', '/^[^\0]*$/');
 			if (Settings::Get('system.mail_quota_enabled') != '1') {
 				$value_arr['email_quota'] = - 1;
 			}
 			$value_arr['allowed_phpconfigs'] = array();
 			if (! empty($p_allowed_phpconfigs) && is_array($p_allowed_phpconfigs)) {
 				foreach ($p_allowed_phpconfigs as $allowed_phpconfig) {
 					$allowed_phpconfig = intval($allowed_phpconfig);
 					$value_arr['allowed_phpconfigs'][] = $allowed_phpconfig;
 				}
 			}
 			$value_arr['allowed_phpconfigs'] = array_map('intval', $value_arr['allowed_phpconfigs']);
 			$ins_stmt = Database::prepare("
 				INSERT INTO `" . TABLE_PANEL_PLANS . "`
 				SET `adminid` = :adminid, `name` = :name, `description` = :desc, `value` = :valuearr, `ts` = UNIX_TIMESTAMP();
 			");
 			$ins_data = array(
 				'adminid' => $this->getUserDetail('adminid'),
 				'name' => $name,
 				'desc' => $description,
 				'valuearr' => json_encode($value_arr)
 			);
 			Database::pexecute($ins_stmt, $ins_data, true, true);
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] added hosting-plan '" . $name . "'");
 			$result = $this->apiCall('HostingPlans.get', array(
 				'planname' => $name
 			));
 			return $this->response(200, "successfull", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * update hosting-plan by either id or plan-name
 	 *
 	 * @param int $id
 	 *        	optional the hosting-plan-id
 	 * @param string $planname
 	 *        	optional the hosting-plan-name
 	 * @param string $name
 	 *        	optional name of the plan
 	 * @param string $description
 	 *        	optional description for hosting-plan
 	 * @param int $diskspace
 	 *        	optional disk-space available for customer in MB, default 0
 	 * @param bool $diskspace_ul
 	 *        	optional, whether customer should have unlimited diskspace, default 0 (false)
 	 * @param int $traffic
 	 *        	optional traffic available for customer in GB, default 0
 	 * @param bool $traffic_ul
 	 *        	optional, whether customer should have unlimited traffic, default 0 (false)
 	 * @param int $subdomains
 	 *        	optional amount of subdomains available for customer, default 0
 	 * @param bool $subdomains_ul
 	 *        	optional, whether customer should have unlimited subdomains, default 0 (false)
 	 * @param int $emails
 	 *        	optional amount of emails available for customer, default 0
 	 * @param bool $emails_ul
 	 *        	optional, whether customer should have unlimited emails, default 0 (false)
 	 * @param int $email_accounts
 	 *        	optional amount of email-accounts available for customer, default 0
 	 * @param bool $email_accounts_ul
 	 *        	optional, whether customer should have unlimited email-accounts, default 0 (false)
 	 * @param int $email_forwarders
 	 *        	optional amount of email-forwarders available for customer, default 0
 	 * @param bool $email_forwarders_ul
 	 *        	optional, whether customer should have unlimited email-forwarders, default 0 (false)
 	 * @param int $email_quota
 	 *        	optional size of email-quota available for customer in MB, default is system-setting mail_quota
 	 * @param bool $email_quota_ul
 	 *        	optional, whether customer should have unlimited email-quota, default 0 (false)
 	 * @param bool $email_imap
 	 *        	optional, whether to allow IMAP access, default 0 (false)
 	 * @param bool $email_pop3
 	 *        	optional, whether to allow POP3 access, default 0 (false)
 	 * @param int $ftps
 	 *        	optional amount of ftp-accounts available for customer, default 0
 	 * @param bool $ftps_ul
 	 *        	optional, whether customer should have unlimited ftp-accounts, default 0 (false)
 	 * @param int $mysqls
 	 *        	optional amount of mysql-databases available for customer, default 0
 	 * @param bool $mysqls_ul
 	 *        	optional, whether customer should have unlimited mysql-databases, default 0 (false)
 	 * @param bool $phpenabled
 	 *        	optional, whether to allow usage of PHP, default 0 (false)
 	 * @param array $allowed_phpconfigs
 	 *        	optional, array of IDs of php-config that the customer is allowed to use, default empty (none)
 	 * @param bool $perlenabled
 	 *        	optional, whether to allow usage of Perl/CGI, default 0 (false)
 	 * @param bool $dnsenabled
 	 *        	optional, ether to allow usage of the DNS editor (requires activated nameserver in settings), default 0 (false)
 	 * @param bool $logviewenabled
 	 *        	optional, ether to allow acccess to webserver access/error-logs, default 0 (false)
 	 *        	
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function update()
 	{
 		if ($this->isAdmin()) {
 			// parameters
 			$id = $this->getParam('id', true, 0);
 			$dn_optional = ($id <= 0 ? false : true);
 			$planname = $this->getParam('planname', $dn_optional, '');
 			// get requested hosting-plan
 			$result = $this->apiCall('HostingPlans.get', array(
 				'id' => $id,
 				'planname' => $planname
 			));
 			$id = $result['id'];
 			$result['value'] = json_decode($result['value'], true);
 			foreach ($result['value'] as $index => $value) {
 				$result[$index] = $value;
 			}
 			$name = $this->getParam('name', true, $result['name']);
 			$description = $this->getParam('description', true, $result['description']);
 			$value_arr = array();
 			$value_arr['diskspace'] = $this->getUlParam('diskspace', 'diskspace_ul', true, $result['diskspace']);
 			$value_arr['traffic'] = $this->getUlParam('traffic', 'traffic_ul', true, $result['traffic']);
 			$value_arr['subdomains'] = $this->getUlParam('subdomains', 'subdomains_ul', true, $result['subdomains']);
 			$value_arr['emails'] = $this->getUlParam('emails', 'emails_ul', true, $result['emails']);
 			$value_arr['email_accounts'] = $this->getUlParam('email_accounts', 'email_accounts_ul', true, $result['email_accounts']);
 			$value_arr['email_forwarders'] = $this->getUlParam('email_forwarders', 'email_forwarders_ul', true, $result['email_forwarders']);
 			$value_arr['email_quota'] = $this->getUlParam('email_quota', 'email_quota_ul', true, $result['email_quota']);
 			$value_arr['email_imap'] = $this->getParam('email_imap', true, $result['email_imap']);
 			$value_arr['email_pop3'] = $this->getParam('email_pop3', true, $result['email_pop3']);
 			$value_arr['ftps'] = $this->getUlParam('ftps', 'ftps_ul', true, $result['ftps']);
 			$value_arr['mysqls'] = $this->getUlParam('mysqls', 'mysqls_ul', true, $result['mysqls']);
 			$value_arr['phpenabled'] = $this->getBoolParam('phpenabled', true, $result['phpenabled']);
 			$p_allowed_phpconfigs = $this->getParam('allowed_phpconfigs', true, $result['allowed_phpconfigs']);
 			$value_arr['perlenabled'] = $this->getBoolParam('perlenabled', true, $result['perlenabled']);
 			$value_arr['dnsenabled'] = $this->getBoolParam('dnsenabled', true, $result['dnsenabled']);
 			$value_arr['logviewenabled'] = $this->getBoolParam('logviewenabled', true, $result['logviewenabled']);
 			// validation
 			$name = \Froxlor\Validate\Validate::validate(trim($name), 'name', '', '', array(), true);
 			$description = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $description), 'description', '/^[^\0]*$/');
 			if (Settings::Get('system.mail_quota_enabled') != '1') {
 				$value_arr['email_quota'] = - 1;
 			}
 			if (empty($name)) {
 				$name = $result['name'];
 			}
 			$value_arr['allowed_phpconfigs'] = array();
 			if (! empty($p_allowed_phpconfigs) && is_array($p_allowed_phpconfigs)) {
 				foreach ($p_allowed_phpconfigs as $allowed_phpconfig) {
 					$allowed_phpconfig = intval($allowed_phpconfig);
 					$value_arr['allowed_phpconfigs'][] = $allowed_phpconfig;
 				}
 			}
 			$value_arr['allowed_phpconfigs'] = array_map('intval', $value_arr['allowed_phpconfigs']);
 			$upd_stmt = Database::prepare("
 				UPDATE `" . TABLE_PANEL_PLANS . "`
 				SET `name` = :name, `description` = :desc, `value` = :valuearr, `ts` = UNIX_TIMESTAMP()
 				WHERE `id` = :id
 			");
 			$update_data = array(
 				'name' => $name,
 				'desc' => $description,
 				'valuearr' => json_encode($value_arr),
 				'id' => $id
 			);
 			Database::pexecute($upd_stmt, $update_data, true, true);
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] updated hosting-plan '" . $result['name'] . "'");
 			return $this->response(200, "successfull", $update_data);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * delete hosting-plan by either id or plan-name
 	 *
 	 * @param int $id
 	 *        	optional the hosting-plan-id
 	 * @param string $planname
 	 *        	optional the hosting-plan-name
 	 *        	
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function delete()
 	{
-		throw new \Exception('noop', 303);
+		if ($this->isAdmin()) {
 			$id = $this->getParam('id', true, 0);
 			$dn_optional = ($id <= 0 ? false : true);
 			$planname = $this->getParam('planname', $dn_optional, '');
 			// get requested hosting-plan
 			$result = $this->apiCall('HostingPlans.get', array(
 				'id' => $id,
 				'planname' => $planname
 			));
 			$id = $result['id'];
 			$del_stmt = Database::prepare("
 				DELETE FROM `" . TABLE_PANEL_PLANS . "` WHERE `id` = :id
 			");
 			Database::pexecute($del_stmt, array(
 				'id' => $id
 			), true, true);
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] deleted hosting-plan '" . $result['name'] . "'");
 			return $this->response(200, "successfull", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 }
--- a/lib/Froxlor/Api/Commands/IpsAndPorts.php
+++ b/lib/Froxlor/Api/Commands/IpsAndPorts.php
@@ -25,6 +25,15 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 	/**
 	 * lists all ip/port entries
 	 *
 	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
@@ -34,12 +43,14 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 		if ($this->isAdmin() && ($this->getUserDetail('change_serversettings') || ! empty($this->getUserDetail('ip')))) {
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list ips and ports");
 			$ip_where = "";
 			$append_where = false;
 			if (! empty($this->getUserDetail('ip')) && $this->getUserDetail('ip') != - 1) {
 				$ip_where = "WHERE `id` IN (" . implode(", ", json_decode($this->getUserDetail('ip'), true)) . ")";
 				$append_where = true;
 			}
 			$query_fields = array();
 			$result_stmt = Database::prepare("
-				SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` " . $ip_where . " ORDER BY `ip` ASC, `port` ASC
+				SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` " . $ip_where . $this->getSearchWhere($query_fields, $append_where) . $this->getOrderBy() . $this->getLimit());
 			");
 			Database::pexecute($result_stmt, null, true, true);
 			$result = array();
 			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
@@ -53,6 +64,30 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * returns the total number of accessable ip/port entries
 	 *
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function listingCount()
 	{
 		if ($this->isAdmin() && ($this->getUserDetail('change_serversettings') || ! empty($this->getUserDetail('ip')))) {
 			$ip_where = "";
 			if (! empty($this->getUserDetail('ip')) && $this->getUserDetail('ip') != - 1) {
 				$ip_where = "WHERE `id` IN (" . implode(", ", json_decode($this->getUserDetail('ip'), true)) . ")";
 			}
 			$result_stmt = Database::prepare("
 				SELECT COUNT(*) as num_ips FROM `" . TABLE_PANEL_IPSANDPORTS . "` " . $ip_where);
 			$result = Database::pexecute_first($result_stmt, null, true, true);
 			if ($result) {
 				return $this->response(200, "successfull", $result['num_ips']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * return an ip/port entry by id
 	 *
@@ -118,6 +153,14 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 	 *        	optional, requires $ssl = 1, default empty
 	 * @param string $ssl_cert_chainfile
 	 *        	optional, requires $ssl = 1, default empty
 	 * @param string $ssl_specialsettings
 	 *        	optional, requires $ssl = 1, default empty
 	 * @param bool $include_specialsettings
 	 *        	optional, requires $ssl = 1, whether or not to include non-ssl specialsettings, default false
 	 * @param string $ssl_default_vhostconf_domain
 	 *        	optional, requires $ssl = 1, defatul empty
 	 * @param bool $include_default_vhostconf_domain
 	 *        	optional, requires $ssl = 1, whether or not to include non-ssl default_vhostconf_domain, default false
 	 *        	
 	 * @access admin
 	 * @throws \Exception
@@ -127,7 +170,7 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 	{
 		if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) {
-			$ip = \Froxlor\Validate\Validate::validate_ip2($this->getParam('ip'), false, 'invalidip', false, false, false, true);
+			$ip = \Froxlor\Validate\Validate::validate_ip2($this->getParam('ip'), false, 'invalidip', false, true, false, false, true);
 			$port = \Froxlor\Validate\Validate::validate($this->getParam('port', true, 80), 'port', '/^(([1-9])|([1-9][0-9])|([1-9][0-9][0-9])|([1-9][0-9][0-9][0-9])|([1-5][0-9][0-9][0-9][0-9])|(6[0-4][0-9][0-9][0-9])|(65[0-4][0-9][0-9])|(655[0-2][0-9])|(6553[0-5]))$/Di', array(
 				'stringisempty',
 				'myport'
@@ -146,12 +189,20 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				$ssl_key_file = \Froxlor\Validate\Validate::validate($this->getParam('ssl_key_file', $ssl, ''), 'ssl_key_file', '', '', array(), true);
 				$ssl_ca_file = \Froxlor\Validate\Validate::validate($this->getParam('ssl_ca_file', true, ''), 'ssl_ca_file', '', '', array(), true);
 				$ssl_cert_chainfile = \Froxlor\Validate\Validate::validate($this->getParam('ssl_cert_chainfile', true, ''), 'ssl_cert_chainfile', '', '', array(), true);
 				$ssl_specialsettings = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $this->getParam('ssl_specialsettings', true, '')), 'ssl_specialsettings', '/^[^\0]*$/', '', array(), true);
 				$include_specialsettings = ! empty($this->getBoolParam('include_specialsettings', true, 0)) ? 1 : 0;
 				$ssl_default_vhostconf_domain = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $this->getParam('ssl_default_vhostconf_domain', true, '')), 'ssl_default_vhostconf_domain', '/^[^\0]*$/', '', array(), true);
 				$include_default_vhostconf_domain = ! empty($this->getBoolParam('include_default_vhostconf_domain', true, 0)) ? 1 : 0;
 			} else {
 				$ssl = 0;
 				$ssl_cert_file = '';
 				$ssl_key_file = '';
 				$ssl_ca_file = '';
 				$ssl_cert_chainfile = '';
 				$ssl_specialsettings = '';
 				$include_specialsettings = 0;
 				$ssl_default_vhostconf_domain = '';
 				$include_default_vhostconf_domain = 0;
 			}
 			if ($listen_statement != '1') {
@@ -204,7 +255,7 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				'port' => $port
 			));
-			if ($result_checkfordouble['id'] != '') {
+			if ($result_checkfordouble && $result_checkfordouble['id'] != '') {
 				\Froxlor\UI\Response::standard_error('myipnotdouble', '', true);
 			}
@@ -217,7 +268,9 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				`specialsettings` = :ss, `ssl` = :ssl,
 				`ssl_cert_file` = :ssl_cert, `ssl_key_file` = :ssl_key,
 				`ssl_ca_file` = :ssl_ca, `ssl_cert_chainfile` = :ssl_chain,
-				`default_vhostconf_domain` = :dvhd, `docroot` = :docroot;
+				`default_vhostconf_domain` = :dvhd, `docroot` = :docroot,
 				`ssl_specialsettings` = :ssl_ss, `include_specialsettings` = :incss,
 				`ssl_default_vhostconf_domain` = :ssl_dvhd, `include_default_vhostconf_domain` = :incdvhd;
 			");
 			$ins_data = array(
 				'ip' => $ip,
@@ -233,7 +286,11 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				'ssl_ca' => $ssl_ca_file,
 				'ssl_chain' => $ssl_cert_chainfile,
 				'dvhd' => $default_vhostconf_domain,
-				'docroot' => $docroot
+				'docroot' => $docroot,
 				'ssl_ss' => $ssl_specialsettings,
 				'incss' => $include_specialsettings,
 				'ssl_dvhd' => $ssl_default_vhostconf_domain,
 				'incdvhd' => $include_default_vhostconf_domain
 			);
 			Database::pexecute($ins_stmt, $ins_data);
 			$ins_data['id'] = Database::lastInsertId();
@@ -287,6 +344,14 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 	 *        	optional, requires $ssl = 1, default empty
 	 * @param string $ssl_cert_chainfile
 	 *        	optional, requires $ssl = 1, default empty
 	 * @param string $ssl_specialsettings
 	 *        	optional, requires $ssl = 1, default empty
 	 * @param bool $include_specialsettings
 	 *        	optional, requires $ssl = 1, whether or not to include non-ssl specialsettings, default false
 	 * @param string $ssl_default_vhostconf_domain
 	 *        	optional, requires $ssl = 1, defatul empty
 	 * @param bool $include_default_vhostconf_domain
 	 *        	optional, requires $ssl = 1, whether or not to include non-ssl default_vhostconf_domain, default false
 	 *        	
 	 *        	
 	 * @access admin
@@ -302,7 +367,7 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				'id' => $id
 			));
-			$ip = \Froxlor\Validate\Validate::validate_ip2($this->getParam('ip', true, $result['ip']), false, 'invalidip', false, false, false, true);
+			$ip = \Froxlor\Validate\Validate::validate_ip2($this->getParam('ip', true, $result['ip']), false, 'invalidip', false, true, false, false, true);
 			$port = \Froxlor\Validate\Validate::validate($this->getParam('port', true, $result['port']), 'port', '/^(([1-9])|([1-9][0-9])|([1-9][0-9][0-9])|([1-9][0-9][0-9][0-9])|([1-5][0-9][0-9][0-9][0-9])|(6[0-4][0-9][0-9][0-9])|(65[0-4][0-9][0-9])|(655[0-2][0-9])|(6553[0-5]))$/Di', array(
 				'stringisempty',
 				'myport'
@@ -321,12 +386,20 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				$ssl_key_file = \Froxlor\Validate\Validate::validate($this->getParam('ssl_key_file', $ssl, $result['ssl_key_file']), 'ssl_key_file', '', '', array(), true);
 				$ssl_ca_file = \Froxlor\Validate\Validate::validate($this->getParam('ssl_ca_file', true, $result['ssl_ca_file']), 'ssl_ca_file', '', '', array(), true);
 				$ssl_cert_chainfile = \Froxlor\Validate\Validate::validate($this->getParam('ssl_cert_chainfile', true, $result['ssl_cert_chainfile']), 'ssl_cert_chainfile', '', '', array(), true);
 				$ssl_specialsettings = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $this->getParam('ssl_specialsettings', true, $result['ssl_specialsettings'])), 'ssl_specialsettings', '/^[^\0]*$/', '', array(), true);
 				$include_specialsettings = $this->getBoolParam('include_specialsettings', true, $result['include_specialsettings']);
 				$ssl_default_vhostconf_domain = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $this->getParam('ssl_default_vhostconf_domain', true, $result['ssl_default_vhostconf_domain'])), 'ssl_default_vhostconf_domain', '/^[^\0]*$/', '', array(), true);
 				$include_default_vhostconf_domain = $this->getBoolParam('include_default_vhostconf_domain', true, $result['include_default_vhostconf_domain']);
 			} else {
 				$ssl = 0;
 				$ssl_cert_file = '';
 				$ssl_key_file = '';
 				$ssl_ca_file = '';
 				$ssl_cert_chainfile = '';
 				$ssl_specialsettings = '';
 				$include_specialsettings = 0;
 				$ssl_default_vhostconf_domain = '';
 				$include_default_vhostconf_domain = 0;
 			}
 			$result_checkfordouble_stmt = Database::prepare("
@@ -389,9 +462,9 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				$docroot = '';
 			}
-			if ($result['ip'] != $ip && $result['ip'] == Settings::Get('system.ipaddress') && $result_sameipotherport['id'] == '') {
+			if ($result['ip'] != $ip && $result['ip'] == Settings::Get('system.ipaddress') && $result_sameipotherport == false) {
 				\Froxlor\UI\Response::standard_error('cantchangesystemip', '', true);
-			} elseif ($result_checkfordouble['id'] != '' && $result_checkfordouble['id'] != $id) {
+			} elseif ($result_checkfordouble && $result_checkfordouble['id'] != '' && $result_checkfordouble['id'] != $id) {
 				\Froxlor\UI\Response::standard_error('myipnotdouble', '', true);
 			} else {
@@ -404,7 +477,9 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 					`specialsettings` = :ss, `ssl` = :ssl,
 					`ssl_cert_file` = :ssl_cert, `ssl_key_file` = :ssl_key,
 					`ssl_ca_file` = :ssl_ca, `ssl_cert_chainfile` = :ssl_chain,
-					`default_vhostconf_domain` = :dvhd, `docroot` = :docroot
+					`default_vhostconf_domain` = :dvhd, `docroot` = :docroot,
 					`ssl_specialsettings` = :ssl_ss, `include_specialsettings` = :incss,
 					`ssl_default_vhostconf_domain` = :ssl_dvhd, `include_default_vhostconf_domain` = :incdvhd
 					WHERE `id` = :id;
 				");
 				$upd_data = array(
@@ -422,6 +497,10 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 					'ssl_chain' => $ssl_cert_chainfile,
 					'dvhd' => $default_vhostconf_domain,
 					'docroot' => $docroot,
 					'ssl_ss' => $ssl_specialsettings,
 					'incss' => $include_specialsettings,
 					'ssl_dvhd' => $ssl_default_vhostconf_domain,
 					'incdvhd' => $include_default_vhostconf_domain,
 					'id' => $id
 				);
 				Database::pexecute($upd_stmt, $upd_data);
@@ -461,7 +540,7 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			));
 			$result_checkdomain_stmt = Database::prepare("
-				SELECT `id_domain` as `id` FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_ipandports` = :id
+				SELECT `id_domain` FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_ipandports` = :id
 			");
 			$result_checkdomain = Database::pexecute_first($result_checkdomain_stmt, array(
 				'id' => $id
@@ -481,7 +560,7 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 						'ip' => $result['ip']
 					));
-					if (($result['ip'] != Settings::Get('system.ipaddress')) || ($result['ip'] == Settings::Get('system.ipaddress') && $result_sameipotherport['id'] != '')) {
+					if (($result['ip'] != Settings::Get('system.ipaddress')) || ($result['ip'] == Settings::Get('system.ipaddress') && $result_sameipotherport != false)) {
 						$del_stmt = Database::prepare("
 							DELETE FROM `" . TABLE_PANEL_IPSANDPORTS . "`
--- a/lib/Froxlor/Api/Commands/Mysqls.php
+++ b/lib/Froxlor/Api/Commands/Mysqls.php
@@ -33,8 +33,10 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 	 *        	optional, description for database
 	 * @param bool $sendinfomail
 	 *        	optional, send created resource-information to customer, default: false
-	 * @param int $customer_id
+	 * @param int $customerid
-	 *        	required when called as admin, not needed when called as customer
+	 *        	optional, admin-only, the customer-id
 	 * @param string $loginname
 	 *        	optional, admin-only, the loginname
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
@@ -42,53 +44,50 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 	 */
 	public function add()
 	{
-		if ($this->getUserDetail('mysqls_used') < $this->getUserDetail('mysqls') || $this->getUserDetail('mysqls') == '-1') {
+		// required paramters
 		$password = $this->getParam('mysql_password');
-			// required paramters
+		// parameters
-			$password = $this->getParam('mysql_password');
+		$dbserver = $this->getParam('mysql_server', true, 0);
 		$databasedescription = $this->getParam('description', true, '');
 		$sendinfomail = $this->getBoolParam('sendinfomail', true, 0);
 		// get needed customer info to reduce the mysql-usage-counter by one
 		$customer = $this->getCustomerData('mysqls');
-			// parameters
+		// validation
-			$dbserver = $this->getParam('mysql_server', true, 0);
+		$password = \Froxlor\Validate\Validate::validate($password, 'password', '', '', array(), true);
-			$databasedescription = $this->getParam('description', true, '');
+		$password = \Froxlor\System\Crypt::validatePassword($password, true);
-			$sendinfomail = $this->getBoolParam('sendinfomail', true, 0);
+		$databasedescription = \Froxlor\Validate\Validate::validate(trim($databasedescription), 'description', '', '', array(), true);
-			// validation
+		// validate whether the dbserver exists
-			$password = \Froxlor\Validate\Validate::validate($password, 'password', '', '', array(), true);
+		$dbserver = \Froxlor\Validate\Validate::validate($dbserver, html_entity_decode($this->lng['mysql']['mysql_server']), '', '', 0, true);
-			$password = \Froxlor\System\Crypt::validatePassword($password, true);
+		Database::needRoot(true, $dbserver);
-			$databasedescription = \Froxlor\Validate\Validate::validate(trim($databasedescription), 'description', '', '', array(), true);
+		Database::needSqlData();
 		$sql_root = Database::getSqlData();
 		Database::needRoot(false);
 		if (! isset($sql_root) || ! is_array($sql_root)) {
 			throw new \Exception("Database server with index #" . $dbserver . " is unknown", 404);
 		}
-			// validate whether the dbserver exists
+		if ($sendinfomail != 1) {
-			$dbserver = \Froxlor\Validate\Validate::validate($dbserver, html_entity_decode($this->lng['mysql']['mysql_server']), '', '', 0, true);
+			$sendinfomail = 0;
-			Database::needRoot(true, $dbserver);
+		}
 			Database::needSqlData();
 			$sql_root = Database::getSqlData();
 			Database::needRoot(false);
 			if (! isset($sql_root) || ! is_array($sql_root)) {
 				throw new \Exception("Database server with index #" . $dbserver . " is unknown", 404);
 			}
-			if ($sendinfomail != 1) {
+		$newdb_params = array(
-				$sendinfomail = 0;
+			'loginname' => ($this->isAdmin() ? $customer['loginname'] : $this->getUserDetail('loginname')),
-			}
+			'mysql_lastaccountnumber' => ($this->isAdmin() ? $customer['mysql_lastaccountnumber'] : $this->getUserDetail('mysql_lastaccountnumber'))
 		);
 		// create database, user, set permissions, etc.pp.
 		$dbm = new \Froxlor\Database\DbManager($this->logger());
 		$username = $dbm->createDatabase($newdb_params['loginname'], $password, $newdb_params['mysql_lastaccountnumber']);
-			// get needed customer info to reduce the mysql-usage-counter by one
+		// we've checked against the password in dbm->createDatabase
-			$customer = $this->getCustomerData('mysqls');
+		if ($username == false) {
 			\Froxlor\UI\Response::standard_error('passwordshouldnotbeusername', '', true);
 		}
-			$newdb_params = array(
+		// add database info to froxlor
-				'loginname' => ($this->isAdmin() ? $customer['loginname'] : $this->getUserDetail('loginname')),
+		$stmt = Database::prepare("
 				'mysql_lastaccountnumber' => ($this->isAdmin() ? $customer['mysql_lastaccountnumber'] : $this->getUserDetail('mysql_lastaccountnumber'))
 			);
 			// create database, user, set permissions, etc.pp.
 			$dbm = new \Froxlor\Database\DbManager($this->logger());
 			$username = $dbm->createDatabase($newdb_params['loginname'], $password, $newdb_params['mysql_lastaccountnumber']);
 			// we've checked against the password in dbm->createDatabase
 			if ($username == false) {
 				\Froxlor\UI\Response::standard_error('passwordshouldnotbeusername', '', true);
 			}
 			// add database info to froxlor
 			$stmt = Database::prepare("
 				INSERT INTO `" . TABLE_PANEL_DATABASES . "`
 				SET
 				`customerid` = :customerid,
@@ -96,79 +95,81 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 				`description` = :description,
 				`dbserver` = :dbserver
 			");
-			$params = array(
+		$params = array(
-				"customerid" => $customer['customerid'],
+			"customerid" => $customer['customerid'],
-				"databasename" => $username,
+			"databasename" => $username,
-				"description" => $databasedescription,
+			"description" => $databasedescription,
-				"dbserver" => $dbserver
+			"dbserver" => $dbserver
-			);
+		);
-			Database::pexecute($stmt, $params, true, true);
+		Database::pexecute($stmt, $params, true, true);
-			$databaseid = Database::lastInsertId();
+		$databaseid = Database::lastInsertId();
-			$params['id'] = $databaseid;
+		$params['id'] = $databaseid;
-			// update customer usage
+		// update customer usage
-			Customers::increaseUsage($customer['customerid'], 'mysqls_used');
+		Customers::increaseUsage($customer['customerid'], 'mysqls_used');
-			Customers::increaseUsage($customer['customerid'], 'mysql_lastaccountnumber');
+		Customers::increaseUsage($customer['customerid'], 'mysql_lastaccountnumber');
-			// send info-mail?
+		// send info-mail?
-			if ($sendinfomail == 1) {
+		if ($sendinfomail == 1) {
-				$pma = $this->lng['admin']['notgiven'];
+			$pma = $this->lng['admin']['notgiven'];
-				if (Settings::Get('panel.phpmyadmin_url') != '') {
+			if (Settings::Get('panel.phpmyadmin_url') != '') {
-					$pma = Settings::Get('panel.phpmyadmin_url');
+				$pma = Settings::Get('panel.phpmyadmin_url');
 				}
 				Database::needRoot(true, $dbserver);
 				Database::needSqlData();
 				$sql_root = Database::getSqlData();
 				Database::needRoot(false);
 				$userinfo = $customer;
 				$replace_arr = array(
 					'SALUTATION' => \Froxlor\User::getCorrectUserSalutation($userinfo),
 					'CUST_NAME' => \Froxlor\User::getCorrectUserSalutation($userinfo), // < keep this for compatibility
 					'DB_NAME' => $username,
 					'DB_PASS' => $password,
 					'DB_DESC' => $databasedescription,
 					'DB_SRV' => $sql_root['host'],
 					'PMA_URI' => $pma
 				);
 				// get template for mail subject
 				$mail_subject = $this->getMailTemplate($userinfo, 'mails', 'new_database_by_customer_subject', $replace_arr, $this->lng['mails']['new_database_by_customer']['subject']);
 				// get template for mail body
 				$mail_body = $this->getMailTemplate($userinfo, 'mails', 'new_database_by_customer_mailbody', $replace_arr, $this->lng['mails']['new_database_by_customer']['mailbody']);
 				$_mailerror = false;
 				$mailerr_msg = "";
 				try {
 					$this->mailer()->Subject = $mail_subject;
 					$this->mailer()->AltBody = $mail_body;
 					$this->mailer()->msgHTML(str_replace("\n", "<br />", $mail_body));
 					$this->mailer()->addAddress($userinfo['email'], \Froxlor\User::getCorrectUserSalutation($userinfo));
 					$this->mailer()->send();
 				} catch (\PHPMailer\PHPMailer\Exception $e) {
 					$mailerr_msg = $e->errorMessage();
 					$_mailerror = true;
 				} catch (\Exception $e) {
 					$mailerr_msg = $e->getMessage();
 					$_mailerror = true;
 				}
 				if ($_mailerror) {
 					$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_ERR, "[API] Error sending mail: " . $mailerr_msg);
 					\Froxlor\UI\Response::standard_error('errorsendingmail', $userinfo['email'], true);
 				}
 				$this->mailer()->clearAddresses();
 			}
 			$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_WARNING, "[API] added mysql-database '" . $username . "'");
-			$result = $this->apiCall('Mysqls.get', array(
+			Database::needRoot(true, $dbserver);
-				'dbname' => $username
+			Database::needSqlData();
-			));
+			$sql_root = Database::getSqlData();
-			return $this->response(200, "successfull", $result);
+			Database::needRoot(false);
 			$userinfo = $customer;
 			$replace_arr = array(
 				'SALUTATION' => \Froxlor\User::getCorrectUserSalutation($userinfo),
 				'CUST_NAME' => \Froxlor\User::getCorrectUserSalutation($userinfo), // < keep this for compatibility
 				'NAME' => $userinfo['name'],
 				'FIRSTNAME' => $userinfo['firstname'],
 				'COMPANY' => $userinfo['company'],
 				'CUSTOMER_NO' => $userinfo['customernumber'],
 				'DB_NAME' => $username,
 				'DB_PASS' => $password,
 				'DB_DESC' => $databasedescription,
 				'DB_SRV' => $sql_root['host'],
 				'PMA_URI' => $pma
 			);
 			// get template for mail subject
 			$mail_subject = $this->getMailTemplate($userinfo, 'mails', 'new_database_by_customer_subject', $replace_arr, $this->lng['mails']['new_database_by_customer']['subject']);
 			// get template for mail body
 			$mail_body = $this->getMailTemplate($userinfo, 'mails', 'new_database_by_customer_mailbody', $replace_arr, $this->lng['mails']['new_database_by_customer']['mailbody']);
 			$_mailerror = false;
 			$mailerr_msg = "";
 			try {
 				$this->mailer()->Subject = $mail_subject;
 				$this->mailer()->AltBody = $mail_body;
 				$this->mailer()->msgHTML(str_replace("\n", "<br />", $mail_body));
 				$this->mailer()->addAddress($userinfo['email'], \Froxlor\User::getCorrectUserSalutation($userinfo));
 				$this->mailer()->send();
 			} catch (\PHPMailer\PHPMailer\Exception $e) {
 				$mailerr_msg = $e->errorMessage();
 				$_mailerror = true;
 			} catch (\Exception $e) {
 				$mailerr_msg = $e->getMessage();
 				$_mailerror = true;
 			}
 			if ($_mailerror) {
 				$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_ERR, "[API] Error sending mail: " . $mailerr_msg);
 				\Froxlor\UI\Response::standard_error('errorsendingmail', $userinfo['email'], true);
 			}
 			$this->mailer()->clearAddresses();
 		}
-		throw new \Exception("No more resources available", 406);
+		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_WARNING, "[API] added mysql-database '" . $username . "'");
 		$result = $this->apiCall('Mysqls.get', array(
 			'dbname' => $username
 		));
 		return $this->response(200, "successfull", $result);
 	}
 	/**
@@ -255,7 +256,7 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			), true, true);
 			$mbdata = $mbdata_stmt->fetch(\PDO::FETCH_ASSOC);
 			Database::needRoot(false);
-			$result['size'] = $mbdata['MB'];
+			$result['size'] = $mbdata['MB'] ?? 0;
 			$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get database '" . $result['databasename'] . "'");
 			return $this->response(200, "successfull", $result);
 		}
@@ -276,6 +277,10 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 	 *        	optional, update password for the database
 	 * @param string $description
 	 *        	optional, description for database
 	 * @param int $customerid
 	 *        	optional, admin-only, the customer-id
 	 * @param string $loginname
 	 *        	optional, admin-only, the loginname
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
@@ -287,6 +292,7 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		$dn_optional = ($id <= 0 ? false : true);
 		$dbname = $this->getParam('dbname', $dn_optional, '');
 		$dbserver = $this->getParam('mysql_server', true, - 1);
 		$customer = $this->getCustomerData();
 		if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'mysql')) {
 			throw new \Exception("You cannot access this resource", 405);
@@ -307,9 +313,6 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		$password = \Froxlor\Validate\Validate::validate($password, 'password', '', '', array(), true);
 		$databasedescription = \Froxlor\Validate\Validate::validate(trim($databasedescription), 'description', '', '', array(), true);
 		// get needed customer info to reduce the mysql-usage-counter by one
 		$customer = $this->getCustomerData();
 		if ($password != '') {
 			// validate password
 			$password = \Froxlor\System\Crypt::validatePassword($password, true);
@@ -359,6 +362,14 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 	 *        	optional, admin-only, select dbs of a specific customer by id
 	 * @param string $loginname
 	 *        	optional, admin-only, select dbs of a specific customer by loginname
 	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
@@ -369,10 +380,10 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		$result = array();
 		$dbserver = $this->getParam('mysql_server', true, - 1);
 		$customer_ids = $this->getAllowedCustomerIds('mysql');
 		$query_fields = array();
 		$result_stmt = Database::prepare("
 			SELECT * FROM `" . TABLE_PANEL_DATABASES . "`
-			WHERE `customerid`= :customerid AND `dbserver` = :dbserver
+			WHERE `customerid`= :customerid AND `dbserver` = :dbserver" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
 		");
 		if ($dbserver < 0) {
 			// use all dbservers
 			$dbservers_stmt = Database::query("SELECT DISTINCT `dbserver` FROM `" . TABLE_PANEL_DATABASES . "`");
@@ -388,10 +399,10 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		foreach ($customer_ids as $customer_id) {
 			foreach ($dbservers as $_dbserver) {
-				Database::pexecute($result_stmt, array(
+				Database::pexecute($result_stmt, array_merge(array(
 					'customerid' => $customer_id,
 					'dbserver' => $_dbserver['dbserver']
-				), true, true);
+				), $query_fields), true, true);
 				// Begin root-session
 				Database::needRoot(true, $_dbserver['dbserver']);
 				while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
@@ -404,7 +415,7 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 						"table_schema" => $row['databasename']
 					), true, true);
 					$mbdata = $mbdata_stmt->fetch(\PDO::FETCH_ASSOC);
-					$row['size'] = $mbdata['MB'];
+					$row['size'] = $mbdata['MB'] ?? 0;
 					$result[] = $row;
 				}
 				Database::needRoot(false);
@@ -416,6 +427,31 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		));
 	}
 	/**
 	 * returns the total number of accessable databases
 	 *
 	 * @param int $customerid
 	 *        	optional, admin-only, select dbs of a specific customer by id
 	 * @param string $loginname
 	 *        	optional, admin-only, select dbs of a specific customer by loginname
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function listingCount()
 	{
 		$customer_ids = $this->getAllowedCustomerIds('mysql');
 		$result_stmt = Database::prepare("
 			SELECT COUNT(*) as num_dbs FROM `" . TABLE_PANEL_DATABASES . "`
 			WHERE `customerid` IN (" . implode(", ", $customer_ids) . ")
 		");
 		$result = Database::pexecute_first($result_stmt, null, true, true);
 		if ($result) {
 			return $this->response(200, "successfull", $result['num_dbs']);
 		}
 	}
 	/**
 	 * delete a mysql database by either id or dbname
 	 *
@@ -425,6 +461,10 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 	 *        	optional, the databasename
 	 * @param int $mysql_server
 	 *        	optional, specify database-server, default is none
 	 * @param int $customerid
 	 *        	optional, admin-only, the customer-id
 	 * @param string $loginname
 	 *        	optional, admin-only, the loginname
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
@@ -436,6 +476,7 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		$dn_optional = ($id <= 0 ? false : true);
 		$dbname = $this->getParam('dbname', $dn_optional, '');
 		$dbserver = $this->getParam('mysql_server', true, - 1);
 		$customer = $this->getCustomerData();
 		if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'mysql')) {
 			throw new \Exception("You cannot access this resource", 405);
@@ -462,7 +503,6 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		), true, true);
 		// get needed customer info to reduce the mysql-usage-counter by one
 		$customer = $this->getCustomerData();
 		$mysql_used = $customer['mysqls_used'];
 		// reduce mysql-usage-counter
--- a/lib/Froxlor/Api/Commands/PhpSettings.php
+++ b/lib/Froxlor/Api/Commands/PhpSettings.php
@@ -27,7 +27,15 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 	 *
 	 * @param bool $with_subdomains
 	 *        	optional, also include subdomains to the list domains that use the config, default 0 (false)
-	 *        	
+	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
@@ -38,16 +46,14 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list php-configs");
 			$with_subdomains = $this->getBoolParam('with_subdomains', true, false);
-
+			$query_fields = array();
-			$result = Database::query("
+			$result_stmt = Database::prepare("
 				SELECT c.*, fd.description as fpmdesc
 				FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
-				LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fd ON fd.id = c.fpmsettingid
+				LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fd ON fd.id = c.fpmsettingid" . $this->getSearchWhere($query_fields) . $this->getOrderBy() . $this->getLimit());
-				ORDER BY c.description ASC
+			Database::pexecute($result_stmt, $query_fields, true, true);
 			");
 			$phpconfigs = array();
-			while ($row = $result->fetch(\PDO::FETCH_ASSOC)) {
+			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				$query_params = array(
 					'id' => $row['id']
 				);
@@ -115,6 +121,28 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * returns the total number of accessable php-setting entries
 	 *
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function listingCount()
 	{
 		if ($this->isAdmin()) {
 			$result_stmt = Database::prepare("
 				SELECT COUNT(*) as num_phps
 				FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
 			");
 			$result = Database::pexecute_first($result_stmt, null, true, true);
 			if ($result) {
 				return $this->response(200, "successfull", $result['num_phps']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 	/**
 	 * return a php-setting entry by id
 	 *
--- a/lib/Froxlor/Api/Commands/SubDomains.php
+++ b/lib/Froxlor/Api/Commands/SubDomains.php
@@ -41,10 +41,14 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	 *        	optional, php-settings-id, if empty the $domain value is used
 	 * @param int $redirectcode
 	 *        	optional, redirect-code-id from TABLE_PANEL_REDIRECTCODES
 	 * @param bool $sslenabled
 	 *        	optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default 1 (true)
 	 * @param bool $ssl_redirect
 	 *        	optional, whether to generate a https-redirect or not, default false; requires SSL to be enabled
 	 * @param bool $letsencrypt
 	 *        	optional, whether to generate a Let's Encrypt certificate for this domain, default false; requires SSL to be enabled
 	 * @param bool $http2
 	 *        	optional, whether to enable http/2 for this subdomain (requires to be enabled in the settings), default 0 (false)
 	 * @param int $hsts_maxage
 	 *        	optional max-age value for HSTS header, default 0
 	 * @param bool $hsts_sub
@@ -74,14 +78,18 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			$redirectcode = $this->getParam('redirectcode', true, Settings::Get('customredirect.default'));
 			$isemaildomain = $this->getParam('isemaildomain', true, 0);
 			if (Settings::Get('system.use_ssl')) {
 				$sslenabled = $this->getBoolParam('sslenabled', true, 1);
 				$ssl_redirect = $this->getBoolParam('ssl_redirect', true, 0);
 				$letsencrypt = $this->getBoolParam('letsencrypt', true, 0);
 				$http2 = $this->getBoolParam('http2', true, 0);
 				$hsts_maxage = $this->getParam('hsts_maxage', true, 0);
 				$hsts_sub = $this->getBoolParam('hsts_sub', true, 0);
 				$hsts_preload = $this->getBoolParam('hsts_preload', true, 0);
 			} else {
 				$sslenabled = 0;
 				$ssl_redirect = 0;
 				$letsencrypt = 0;
 				$http2 = 0;
 				$hsts_maxage = 0;
 				$hsts_sub = 0;
 				$hsts_preload = 0;
@@ -91,6 +99,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			$customer = $this->getCustomerData('subdomains');
 			// validation
 			$subdomain = strtolower($subdomain);
 			if (substr($subdomain, 0, 4) == 'xn--') {
 				\Froxlor\UI\Response::standard_error('domain_nopunycode', '', true);
 			}
@@ -110,7 +119,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 					'mydomain'
 				), '', true);
 			}
-			if ($completedomain == Settings::Get('system.hostname')) {
+			if ($completedomain == strtolower(Settings::Get('system.hostname'))) {
 				\Froxlor\UI\Response::standard_error('admin_domain_emailsystemhostname', '', true);
 			}
@@ -186,7 +195,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			} elseif ($subdomain == 'www' && $domain_check['wwwserveralias'] == '1') {
 				// you cannot add 'www' as subdomain when the maindomain generates a www-alias
 				\Froxlor\UI\Response::standard_error('wwwnotallowed', '', true);
-			} elseif (strtolower($completedomain_check['domain']) == strtolower($completedomain)) {
+			} elseif ($completedomain_check && strtolower($completedomain_check['domain']) == strtolower($completedomain)) {
 				// the domain does already exist as main-domain
 				\Froxlor\UI\Response::standard_error('domainexistalready', $completedomain, true);
 			}
@@ -241,12 +250,13 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				$phpsid_result['phpsettingid'] = intval($phpsettingid);
 			}
-			// acutall insert domain
+			// actually insert domain
 			$stmt = Database::prepare("
 				INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
 				`customerid` = :customerid,
 				`adminid` = :adminid,
 				`domain` = :domain,
 				`domain_ace` = :domain_ace,
 				`documentroot` = :documentroot,
 				`aliasdomain` = :aliasdomain,
 				`parentdomainid` = :parentdomainid,
@@ -258,17 +268,27 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				`openbasedir_path` = :openbasedir_path,
 				`speciallogfile` = :speciallogfile,
 				`specialsettings` = :specialsettings,
 				`ssl_specialsettings` = :ssl_specialsettings,
 				`include_specialsettings` = :include_specialsettings,
 				`ssl_redirect` = :ssl_redirect,
 				`phpsettingid` = :phpsettingid,
 				`letsencrypt` = :letsencrypt,
 				`http2` = :http2,
 				`hsts` = :hsts,
 				`hsts_sub` = :hsts_sub,
-				`hsts_preload` = :hsts_preload
+				`hsts_preload` = :hsts_preload,
 				`ocsp_stapling` = :ocsp_stapling,
 				`override_tls` = :override_tls,
 				`ssl_protocols` = :ssl_protocols,
 				`ssl_cipher_list` = :ssl_cipher_list,
 				`tlsv13_cipher_list` = :tlsv13_cipher_list,
 				`ssl_enabled` = :sslenabled
 			");
 			$params = array(
 				"customerid" => $customer['customerid'],
 				"adminid" => $customer['adminid'],
 				"domain" => $completedomain,
 				"domain_ace" => $idna_convert->decode($completedomain),
 				"documentroot" => $path,
 				"aliasdomain" => $aliasdomain != 0 ? $aliasdomain : null,
 				"parentdomainid" => $domain_check['id'],
@@ -280,12 +300,21 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				"phpenabled" => $domain_check['phpenabled'],
 				"speciallogfile" => $domain_check['speciallogfile'],
 				"specialsettings" => $domain_check['specialsettings'],
 				"ssl_specialsettings" => $domain_check['ssl_specialsettings'],
 				"include_specialsettings" => $domain_check['include_specialsettings'],
 				"ssl_redirect" => $ssl_redirect,
 				"phpsettingid" => $phpsid_result['phpsettingid'],
 				"letsencrypt" => $letsencrypt,
 				"http2" => $http2,
 				"hsts" => $hsts_maxage,
 				"hsts_sub" => $hsts_sub,
-				"hsts_preload" => $hsts_preload
+				"hsts_preload" => $hsts_preload,
 				"ocsp_stapling" => $domain_check['ocsp_stapling'],
 				"override_tls" => $domain_check['override_tls'],
 				"ssl_protocols" => $domain_check['ssl_protocols'],
 				"ssl_cipher_list" => $domain_check['ssl_cipher_list'],
 				"tlsv13_cipher_list" => $domain_check['tlsv13_cipher_list'],
 				"sslenabled" => $sslenabled
 			);
 			Database::pexecute($stmt, $params, true, true);
 			$subdomain_id = Database::lastInsertId();
@@ -426,10 +455,14 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	 *        	optional, php-settings-id, if empty the $domain value is used
 	 * @param int $redirectcode
 	 *        	optional, redirect-code-id from TABLE_PANEL_REDIRECTCODES
 	 * @param bool $sslenabled
 	 *        	optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default 1 (true)
 	 * @param bool $ssl_redirect
 	 *        	optional, whether to generate a https-redirect or not, default false; requires SSL to be enabled
 	 * @param bool $letsencrypt
 	 *        	optional, whether to generate a Let's Encrypt certificate for this domain, default false; requires SSL to be enabled
 	 * @param bool $http2
 	 *        	optional, whether to enable http/2 for this domain (requires to be enabled in the settings), default 0 (false)
 	 * @param int $hsts_maxage
 	 *        	optional max-age value for HSTS header
 	 * @param bool $hsts_sub
@@ -471,14 +504,18 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		$phpsettingid = $this->getParam('phpsettingid', true, $result['phpsettingid']);
 		$redirectcode = $this->getParam('redirectcode', true, \Froxlor\Domain\Domain::getDomainRedirectId($id));
 		if (Settings::Get('system.use_ssl')) {
 			$sslenabled = $this->getBoolParam('sslenabled', true, $result['ssl_enabled']);
 			$ssl_redirect = $this->getBoolParam('ssl_redirect', true, $result['ssl_redirect']);
 			$letsencrypt = $this->getBoolParam('letsencrypt', true, $result['letsencrypt']);
 			$http2 = $this->getBoolParam('http2', true, $result['http2']);
 			$hsts_maxage = $this->getParam('hsts_maxage', true, $result['hsts']);
 			$hsts_sub = $this->getBoolParam('hsts_sub', true, $result['hsts_sub']);
 			$hsts_preload = $this->getBoolParam('hsts_preload', true, $result['hsts_preload']);
 		} else {
 			$sslenabled = 0;
 			$ssl_redirect = 0;
 			$letsencrypt = 0;
 			$http2 = 0;
 			$hsts_maxage = 0;
 			$hsts_sub = 0;
 			$hsts_preload = 0;
@@ -554,15 +591,10 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			}
 		}
-		// We can't enable let's encrypt for wildcard - domains when using acme-v1
+		// We can't enable let's encrypt for wildcard-domains
-		if ($iswildcarddomain == '1' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') {
+		if ($iswildcarddomain == '1' && $letsencrypt == '1') {
 			\Froxlor\UI\Response::standard_error('nowildcardwithletsencrypt');
 		}
 		// if using acme-v2 we cannot issue wildcard-certificates
 		// because they currently only support the dns-01 challenge
 		if ($iswildcarddomain == '1' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') {
 			\Froxlor\UI\Response::standard_error('nowildcardwithletsencryptv2');
 		}
 		// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
 		if ($ssl_redirect > 0 && $letsencrypt == 1 && $result['letsencrypt'] != $letsencrypt) {
@@ -591,14 +623,16 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		if ($path != $result['documentroot'] || $isemaildomain != $result['isemaildomain'] || $wwwserveralias != $result['wwwserveralias'] || $iswildcarddomain != $result['iswildcarddomain'] || $aliasdomain != $result['aliasdomain'] || $openbasedir_path != $result['openbasedir_path'] || $ssl_redirect != $result['ssl_redirect'] || $letsencrypt != $result['letsencrypt'] || $hsts_maxage != $result['hsts'] || $hsts_sub != $result['hsts_sub'] || $hsts_preload != $result['hsts_preload'] || $phpsettingid != $result['phpsettingid']) {
 			$stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
-					`documentroot`= :documentroot,
+					`documentroot` = :documentroot,
-					`isemaildomain`= :isemaildomain,
+					`isemaildomain` = :isemaildomain,
-					`wwwserveralias`= :wwwserveralias,
+					`wwwserveralias` = :wwwserveralias,
-					`iswildcarddomain`= :iswildcarddomain,
+					`iswildcarddomain` = :iswildcarddomain,
-					`aliasdomain`= :aliasdomain,
+					`aliasdomain` = :aliasdomain,
-					`openbasedir_path`= :openbasedir_path,
+					`openbasedir_path` = :openbasedir_path,
-					`ssl_redirect`= :ssl_redirect,
+					`ssl_enabled` = :sslenabled,
-					`letsencrypt`= :letsencrypt,
+					`ssl_redirect` = :ssl_redirect,
 					`letsencrypt` = :letsencrypt,
 					`http2` = :http2,
 					`hsts` = :hsts,
 					`hsts_sub` = :hsts_sub,
 					`hsts_preload` = :hsts_preload,
@@ -612,8 +646,10 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				"iswildcarddomain" => $iswildcarddomain,
 				"aliasdomain" => ($aliasdomain != 0 && $alias_check == 0) ? $aliasdomain : null,
 				"openbasedir_path" => $openbasedir_path,
 				"sslenabled" => $sslenabled,
 				"ssl_redirect" => $ssl_redirect,
 				"letsencrypt" => $letsencrypt,
 				"http2" => $http2,
 				"hsts" => $hsts_maxage,
 				"hsts_sub" => $hsts_sub,
 				"hsts_preload" => $hsts_preload,
@@ -623,13 +659,20 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			);
 			Database::pexecute($stmt, $params, true, true);
-			if ($result['aliasdomain'] != $aliasdomain) {
+			if ($result['aliasdomain'] != $aliasdomain && is_numeric($result['aliasdomain'])) {
 				// trigger when domain id for alias destination has changed: both for old and new destination
 				\Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($result['aliasdomain'], $this->logger());
 				\Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $this->logger());
-			} elseif ($result['wwwserveralias'] != $wwwserveralias || $result['letsencrypt'] != $letsencrypt) {
+			}
 			if ($result['wwwserveralias'] != $wwwserveralias || $result['letsencrypt'] != $letsencrypt) {
 				// or when wwwserveralias or letsencrypt was changed
 				\Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $this->logger());
 				if ((int) $aliasdomain === 0) {
 					// in case the wwwserveralias is set on a main domain, $aliasdomain is 0
 					// --> the call just above to triggerLetsEncryptCSRForAliasDestinationDomain
 					// is a noop...let's repeat it with the domain id of the main domain
 					\Froxlor\Domain\Domain::triggerLetsEncryptCSRForAliasDestinationDomain($id, $this->logger());
 				}
 			}
 			// check whether LE has been disabled, so we remove the certificate
@@ -656,6 +699,19 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	/**
 	 * lists all subdomain entries
 	 *
 	 * @param int $customerid
 	 *        	optional, admin-only, select (sub)domains of a specific customer by id
 	 * @param string $loginname
 	 *        	optional, admin-only, select (sub)domains of a specific customer by loginname
 	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
@@ -668,6 +724,105 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			$customerid = $this->getParam('customerid', true, 0);
 			$loginname = $this->getParam('loginname', true, '');
 			if (! empty($customerid) || ! empty($loginname)) {
 				$result = $this->apiCall('Customers.get', array(
 					'id' => $customerid,
 					'loginname' => $loginname
 				));
 				$custom_list_result = array(
 					$result
 				);
 			} else {
 				$_custom_list_result = $this->apiCall('Customers.listing');
 				$custom_list_result = $_custom_list_result['list'];
 			}
 			$customer_ids = array();
 			$customer_stdsubs = array();
 			foreach ($custom_list_result as $customer) {
 				$customer_ids[] = $customer['customerid'];
 				$customer_stdsubs[$customer['customerid']] = $customer['standardsubdomain'];
 			}
 			if (empty($customer_ids)) {
 				throw new \Exception("Required resource unsatisfied.", 405);
 			}
 			if (empty($customer_stdsubs)) {
 				throw new \Exception("Required resource unsatisfied.", 405);
 			}
 			$select_fields = [
 				'`d`.*'
 			];
 		} else {
 			if (Settings::IsInList('panel.customer_hide_options', 'domains')) {
 				throw new \Exception("You cannot access this resource", 405);
 			}
 			$customer_ids = array(
 				$this->getUserDetail('customerid')
 			);
 			$customer_stdsubs = array(
 				$this->getUserDetail('customerid') => $this->getUserDetail('standardsubdomain')
 			);
 			$select_fields = [
 				'`d`.`id`',
 				'`d`.`customerid`',
 				'`d`.`domain`',
 				'`d`.`domain_ace`',
 				'`d`.`documentroot`',
 				'`d`.`isbinddomain`',
 				'`d`.`isemaildomain`',
 				'`d`.`caneditdomain`',
 				'`d`.`iswildcarddomain`',
 				'`d`.`parentdomainid`',
 				'`d`.`letsencrypt`',
 				'`d`.`registration_date`',
 				'`d`.`termination_date`'
 			];
 		}
 		$query_fields = array();
 		// prepare select statement
 		$domains_stmt = Database::prepare("
 			SELECT " . implode(",", $select_fields) . ", IF(`d`.`parentdomainid` > 0, `pd`.`domain_ace`, `d`.`domain_ace`) AS `parentdomainname`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`, `da`.`id` AS `domainaliasid`, `da`.`domain` AS `domainalias`
 			FROM `" . TABLE_PANEL_DOMAINS . "` `d`
 			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id`
 			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `da` ON `da`.`aliasdomain`=`d`.`id`
 			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `pd` ON `pd`.`id`=`d`.`parentdomainid`
 			WHERE `d`.`customerid` IN (" . implode(', ', $customer_ids) . ")
 			AND `d`.`email_only` = '0'
 			AND `d`.`id` NOT IN (" . implode(', ', $customer_stdsubs) . ")" . $this->getSearchWhere($query_fields, true) . " GROUP BY `d`.`id` ORDER BY `parentdomainname` " . $this->getOrderBy(true) . $this->getLimit());
 		$result = array();
 		Database::pexecute($domains_stmt, $query_fields, true, true);
 		while ($row = $domains_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
 		return $this->response(200, "successfull", array(
 			'count' => count($result),
 			'list' => $result
 		));
 	}
 	/**
 	 * returns the total number of accessable subdomain entries
 	 *
 	 * @param int $customerid
 	 *        	optional, admin-only, select (sub)domains of a specific customer by id
 	 * @param string $loginname
 	 *        	optional, admin-only, select (sub)domains of a specific customer by loginname
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function listingCount()
 	{
 		if ($this->isAdmin()) {
 			// if we're an admin, list all databases of all the admins customers
 			// or optionally for one specific customer identified by id or loginname
 			$customerid = $this->getParam('customerid', true, 0);
 			$loginname = $this->getParam('loginname', true, '');
 			if (! empty($customerid) || ! empty($loginname)) {
 				$result = $this->apiCall('Customers.get', array(
 					'id' => $customerid,
@@ -697,32 +852,18 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				$this->getUserDetail('customerid') => $this->getUserDetail('standardsubdomain')
 			);
 		}
 		// prepare select statement
 		$domains_stmt = Database::prepare("
-			SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isbinddomain`, `d`.`isemaildomain`, `d`.`caneditdomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `d`.`letsencrypt`, `d`.`termination_date`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`, `da`.`id` AS `domainaliasid`, `da`.`domain` AS `domainalias`
+			SELECT COUNT(*) as num_subdom
 			FROM `" . TABLE_PANEL_DOMAINS . "` `d`
-			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id`
+			WHERE `d`.`customerid` IN (" . implode(', ', $customer_ids) . ")
-			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `da` ON `da`.`aliasdomain`=`d`.`id`
+			AND `d`.`email_only` = '0'
-			WHERE `d`.`customerid`= :customerid
+			AND `d`.`id` NOT IN (" . implode(', ', $customer_stdsubs) . ")
 			AND `d`.`email_only`='0'
 			AND `d`.`id` <> :standardsubdomain
 		");
-
+		$result = Database::pexecute_first($domains_stmt, null, true, true);
-		$result = array();
+		if ($result) {
-		foreach ($customer_ids as $customer_id) {
+			return $this->response(200, "successfull", $result['num_subdom']);
 			Database::pexecute($domains_stmt, array(
 				"customerid" => $customer_id,
 				"standardsubdomain" => $customer_stdsubs[$customer_id]
 			), true, true);
 			while ($row = $domains_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				$result[] = $row;
 			}
 		}
 		return $this->response(200, "successfull", array(
 			'count' => count($result),
 			'list' => $result
 		));
 	}
 	/**
@@ -828,6 +969,8 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		\Froxlor\System\Cronjob::inserttask('4');
 		// remove domains DNS from powerDNS if used, #581
 		\Froxlor\System\Cronjob::inserttask('11', $result['domain']);
 		// remove domain from acme.sh / lets encrypt if used
 		\Froxlor\System\Cronjob::inserttask('12', $result['domain']);
 		// reduce subdomain-usage-counter
 		Customers::decreaseUsage($customer['customerid'], 'subdomains_used');
@@ -852,7 +995,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	{
 		// check whether an URL was specified
 		$_doredirect = false;
-		if (! empty($url) && \Froxlor\Validate\Form\Data::validateUrl($url)) {
+		if (! empty($url) && \Froxlor\Validate\Validate::validateUrl($url)) {
 			$path = $url;
 			$_doredirect = true;
 		} else {
@@ -860,7 +1003,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		}
 		// check whether path is a real path
-		if (! preg_match('/^https?\:\/\//', $path) || ! \Froxlor\Validate\Form\Data::validateUrl($path)) {
+		if (! preg_match('/^https?\:\/\//', $path) || ! \Froxlor\Validate\Validate::validateUrl($path)) {
 			if (strstr($path, ":") !== false) {
 				\Froxlor\UI\Response::standard_error('pathmaynotcontaincolon', '', true);
 			}
--- a/lib/Froxlor/Api/Commands/SysLog.php
+++ b/lib/Froxlor/Api/Commands/SysLog.php
@@ -0,0 +1,211 @@
 <?php
 namespace Froxlor\Api\Commands;
 use Froxlor\Database\Database;
 /**
 * This file is part of the Froxlor project.
 * Copyright (c) 2010 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
 * file that was distributed with this source code. You can also view the
 * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright (c) the authors
 * @author Froxlor team <team@froxlor.org> (2010-)
 * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package API
 * @since 0.10.6
 *       
 */
 class SysLog extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntity
 {
 	/**
 	 * list all log-entries
 	 *
 	 * @param array $sql_search
 	 *        	optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), LIKE is used if left empty and 'value' => searchvalue
 	 * @param int $sql_limit
 	 *        	optional specify number of results to be returned
 	 * @param int $sql_offset
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
 	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
 	 */
 	public function listing()
 	{
 		$result = array();
 		$query_fields = array();
 		if ($this->isAdmin() && $this->getUserDetail('customers_see_all') == '1') {
 			$result_stmt = Database::prepare("
 			SELECT * FROM `" . TABLE_PANEL_LOG . "` " . $this->getSearchWhere($query_fields) . $this->getOrderBy() . $this->getLimit());
 		} elseif ($this->isAdmin()) {
 			// get all admin customers
 			$_custom_list_result = $this->apiCall('Customers.listing');
 			$custom_list_result = $_custom_list_result['list'];
 			$customer_names = array();
 			foreach ($custom_list_result as $customer) {
 				$customer_names[] = $customer['loginname'];
 			}
 			if (count($customer_names) > 0) {
 				$result_stmt = Database::prepare("
 				SELECT * FROM `" . TABLE_PANEL_LOG . "`
 				WHERE `user` = :loginname OR `user` IN ('" . implode("', '", $customer_names) . "')" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
 			} else {
 				$result_stmt = Database::prepare("
 				SELECT * FROM `" . TABLE_PANEL_LOG . "`
 				WHERE `user` = :loginname" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
 			}
 			$query_fields['loginname'] = $this->getUserDetail('loginname');
 		} else {
 			// every one else just sees their logs
 			$result_stmt = Database::prepare("
 			SELECT * FROM `" . TABLE_PANEL_LOG . "`
 			WHERE `user` = :loginname AND `action` <> 99 " . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
 			$query_fields['loginname'] = $this->getUserDetail('loginname');
 		}
 		Database::pexecute($result_stmt, $query_fields, true, true);
 		while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] list log-entries");
 		return $this->response(200, "successfull", array(
 			'count' => count($result),
 			'list' => $result
 		));
 	}
 	/**
 	 * returns the total number of log-entries
 	 *
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function listingCount()
 	{
 		$params = null;
 		if ($this->isAdmin() && $this->getUserDetail('customers_see_all') == '1') {
 			$result_stmt = Database::prepare("
 				SELECT COUNT(*) as num_logs FROM `" . TABLE_PANEL_LOG . "`
 			");
 		} elseif ($this->isAdmin()) {
 			// get all admin customers
 			$_custom_list_result = $this->apiCall('Customers.listing');
 			$custom_list_result = $_custom_list_result['list'];
 			$customer_names = array();
 			foreach ($custom_list_result as $customer) {
 				$customer_names[] = $customer['loginname'];
 			}
 			if (count($customer_names) > 0) {
 				$result_stmt = Database::prepare("
 					SELECT COUNT(*) as num_logs FROM `" . TABLE_PANEL_LOG . "`
 					WHERE `user` = :loginname OR `user` IN ('" . implode("', '", $customer_names) . "')
 				");
 			} else {
 				$result_stmt = Database::prepare("
 					SELECT COUNT(*) as num_logs FROM `" . TABLE_PANEL_LOG . "`
 					WHERE `user` = :loginname
 				");
 			}
 			$params = [
 				'loginname' => $this->getUserDetail('loginname')
 			];
 		} else {
 			// every one else just sees their logs
 			$result_stmt = Database::prepare("
 				SELECT COUNT(*) as num_logs FROM `" . TABLE_PANEL_LOG . "`
 				WHERE `user` = :loginname AND `action` <> 99
 			");
 			$params = [
 				'loginname' => $this->getUserDetail('loginname')
 			];
 		}
 		$result = Database::pexecute_first($result_stmt, $params, true, true);
 		if ($result) {
 			return $this->response(200, "successfull", $result['num_logs']);
 		}
 	}
 	/**
 	 * You cannot get log entries
 	 */
 	public function get()
 	{
 		throw new \Exception('You cannot get log entries', 303);
 	}
 	/**
 	 * You cannot add log entries
 	 */
 	public function add()
 	{
 		throw new \Exception('You cannot add log entries', 303);
 	}
 	/**
 	 * You cannot update log entries
 	 */
 	public function update()
 	{
 		throw new \Exception('You cannot update log entries', 303);
 	}
 	/**
 	 * delete log entries
 	 *
 	 * @param int $min_to_keep
 	 *        	optional minutes to keep, default is 10
 	 *        	
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array
 	 */
 	public function delete()
 	{
 		if ($this->isAdmin()) {
 			$min_to_keep = self::getParam('min_to_keep', true, 10);
 			if ($min_to_keep < 0) {
 				$min_to_keep = 0;
 			}
 			$truncatedate = time() - (60 * $min_to_keep);
 			$params = array();
 			if ($this->getUserDetail('customers_see_all') == '1') {
 				$result_stmt = Database::prepare("
 					DELETE FROM `" . TABLE_PANEL_LOG . "` WHERE `date` < :trunc
 				");
 			} else {
 				// get all admin customers
 				$_custom_list_result = $this->apiCall('Customers.listing');
 				$custom_list_result = $_custom_list_result['list'];
 				$customer_names = array();
 				foreach ($custom_list_result as $customer) {
 					$customer_names[] = $customer['loginname'];
 				}
 				if (count($customer_names) > 0) {
 					$result_stmt = Database::prepare("
 						DELETE FROM `" . TABLE_PANEL_LOG . "` WHERE `date` < :trunc AND `user` = :loginname OR `user` IN ('" . implode("', '", $customer_names) . "')
 					");
 				} else {
 					$result_stmt = Database::prepare("
 						DELETE FROM `" . TABLE_PANEL_LOG . "` WHERE `date` < :trunc AND `user` = :loginname
 					");
 				}
 				$params = [
 					'loginname' => $this->getUserDetail('loginname')
 				];
 			}
 			$params['trunc'] = $truncatedate;
 			Database::pexecute($result_stmt, $params, true, true);
 			$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_WARNING, "[API] truncated the froxlor syslog");
 			return $this->response(200, "successfull", true);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
 }
--- a/lib/Froxlor/Api/Commands/Traffic.php
+++ b/lib/Froxlor/Api/Commands/Traffic.php
@@ -116,6 +116,16 @@ class Traffic extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 		));
 	}
 	/**
 	 * You cannot count the traffic data list
 	 *
 	 * @throws \Exception
 	 */
 	public function listingCount()
 	{
 		throw new \Exception('You cannot count the traffic data list', 303);
 	}
 	/**
 	 * You cannot delete traffic data
 	 *
--- a/lib/Froxlor/Api/FroxlorRPC.php
+++ b/lib/Froxlor/Api/FroxlorRPC.php
@@ -55,13 +55,20 @@ class FroxlorRPC
 	 */
 	private static function validateAuth($key, $secret)
 	{
-		$sel_stmt = \Froxlor\Database\Database::prepare("SELECT * FROM `api_keys` WHERE `apikey` = :ak AND `secret` = :as");
+		$sel_stmt = \Froxlor\Database\Database::prepare("
 			SELECT ak.*, a.api_allowed as admin_api_allowed, c.api_allowed as cust_api_allowed, c.deactivated
 			FROM `api_keys` ak
 			LEFT JOIN `panel_admins` a ON a.adminid = ak.adminid
 			LEFT JOIN `panel_customers` c ON c.customerid = ak.customerid
 			WHERE `apikey` = :ak AND `secret` = :as
 		");
 		$result = \Froxlor\Database\Database::pexecute_first($sel_stmt, array(
 			'ak' => $key,
 			'as' => $secret
 		), true, true);
 		if ($result) {
-			if ($result['apikey'] == $key && $result['secret'] == $secret && ($result['valid_until'] == - 1 || $result['valid_until'] >= time())) {
+			if ($result['apikey'] == $key && $result['secret'] == $secret && ($result['valid_until'] == - 1 || $result['valid_until'] >= time()) && (($result['customerid'] == 0 && $result['admin_api_allowed'] == 1) || ($result['customerid'] > 0 && $result['cust_api_allowed'] == 1 && $result['deactivated'] == 0))) {
 				// get user to check whether api call is allowed
 				if (! empty($result['allowed_from'])) {
 					// @todo allow specification and validating of whole subnets later
 					$ip_list = explode(",", $result['allowed_from']);
--- a/lib/Froxlor/Api/ResourceEntity.php
+++ b/lib/Froxlor/Api/ResourceEntity.php
@@ -21,6 +21,8 @@ interface ResourceEntity
 	public function listing();
 	public function listingCount();
 	public function get();
 	public function add();
--- a/lib/Froxlor/Cli/Action/ConfigServicesAction.php
+++ b/lib/Froxlor/Cli/Action/ConfigServicesAction.php
@@ -103,7 +103,7 @@ class ConfigServicesAction extends \Froxlor\Cli\Action
 		echo PHP_EOL;
 		while (! in_array($_daemons_config['distro'], $distributions_select_data)) {
-			$_daemons_config['distro'] = ConfigServicesCmd::getInput("choose distribution", "stretch");
+			$_daemons_config['distro'] = ConfigServicesCmd::getInput("choose distribution", "buster");
 		}
 		// go through all services and let user check whether to include it or not
--- a/lib/Froxlor/Cli/ConfigServicesCmd.php
+++ b/lib/Froxlor/Cli/ConfigServicesCmd.php
--- a/lib/Froxlor/Cli/SwitchServerIpCmd.php
+++ b/lib/Froxlor/Cli/SwitchServerIpCmd.php
--- a/lib/Froxlor/Config/ConfigDaemon.php
+++ b/lib/Froxlor/Config/ConfigDaemon.php
@@ -435,11 +435,7 @@ class ConfigDaemon
 				}
 				return '';
 			} elseif (preg_match('/^const\.(.*)$/', $matches[1], $match)) {
-				if (defined($match[1])) {
+				return $this->returnDynamic($match[1]);
 					return constant($match[1]);
 				} else {
 					return '';
 				}
 			} elseif (preg_match('/^sql\.(.*)$/', $matches[1], $match)) {
 				if (is_null($this->sqldata_cache)) {
 					// read in sql-data (if exists)
@@ -455,6 +451,14 @@ class ConfigDaemon
 		return $content;
 	}
 	private function returnDynamic($key = null)
 	{
 		$dynamics = [
 			'install_dir' => \Froxlor\Froxlor::getInstallDir()
 		];
 		return $dynamics[$key] ?? '';
 	}
 	/**
 	 * Check if visibility should be changed
 	 *
--- a/lib/Froxlor/Cron/CronConfig.php
+++ b/lib/Froxlor/Cron/CronConfig.php
@@ -61,6 +61,7 @@ class CronConfig
 			$month_delay = 7;
 			while ($row_cronentry = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				// create cron.d-entry
 				$matches = array();
 				if (preg_match("/(\d+) (MINUTE|HOUR|DAY|WEEK|MONTH)/", $row_cronentry['interval'], $matches)) {
 					if ($matches[1] == 1) {
 						$minvalue = "*";
@@ -98,10 +99,10 @@ class CronConfig
 					$binpath = Settings::Get("system.croncmdline");
 					// fallback as it is important
 					if ($binpath === null) {
-						$binpath = "/usr/bin/nice -n 5 /usr/bin/php5 -q";
+						$binpath = "/usr/bin/nice -n 5 /usr/bin/php -q";
 					}
-					$cronfile .= "root " . $binpath . " " . \Froxlor\Froxlor::getInstallDir() . "/scripts/froxlor_master_cronjob.php --" . $row_cronentry['cronfile'] . " 1> /dev/null\n";
+					$cronfile .= "root " . $binpath . " " . \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . "/scripts/froxlor_master_cronjob.php") . " --" . $row_cronentry['cronfile'] . " 1> /dev/null\n";
 				}
 			}
--- a/lib/Froxlor/Cron/Dns/Bind.php
+++ b/lib/Froxlor/Cron/Dns/Bind.php
@@ -112,7 +112,10 @@ class Bind extends DnsBase
 			if (count($this->ns) > 0) {
 				foreach ($this->ns as $ns) {
 					foreach ($ns["ips"] as $ip) {
-						$bindconf_file .= '		' . $ip . ";\n";
+						$ip = \Froxlor\Validate\Validate::validate_ip2($ip, true, 'invalidip', true, true, true);
 						if ($ip) {
 							$bindconf_file .= '		' . $ip . ";\n";
 						}
 					}
 				}
 			}
--- a/lib/Froxlor/Cron/Dns/PowerDNS.php
+++ b/lib/Froxlor/Cron/Dns/PowerDNS.php
@@ -111,7 +111,7 @@ class PowerDNS extends DnsBase
 	private function insertZone($domainname, $serial = 0)
 	{
-		$ins_stmt = PowerDNS::getDB()->prepare("
+		$ins_stmt = \Froxlor\Dns\PowerDNS::getDB()->prepare("
 			INSERT INTO domains set `name` = :domainname, `notified_serial` = :serial, `type` = 'NATIVE'
 		");
 		$ins_stmt->execute(array(
@@ -124,7 +124,7 @@ class PowerDNS extends DnsBase
 	private function insertRecords($domainid = 0, $records = array(), $origin = "")
 	{
-		$ins_stmt = PowerDNS::getDB()->prepare("
+		$ins_stmt = \Froxlor\Dns\PowerDNS::getDB()->prepare("
 			INSERT INTO records set
 			`domain_id` = :did,
 			`name` = :rec,
@@ -161,7 +161,7 @@ class PowerDNS extends DnsBase
 	private function insertAllowedTransfers($domainid)
 	{
-		$ins_stmt = PowerDNS::getDB()->prepare("
+		$ins_stmt = \Froxlor\Dns\PowerDNS::getDB()->prepare("
 			INSERT INTO domainmetadata set `domain_id` = :did, `kind` = 'ALLOW-AXFR-FROM', `content` = :value
 		");
--- a/lib/Froxlor/Cron/Http/Apache.php
+++ b/lib/Froxlor/Cron/Http/Apache.php
@@ -3,7 +3,6 @@ namespace Froxlor\Cron\Http;
 use Froxlor\Database\Database;
 use Froxlor\Settings;
 use Froxlor\Cron\Http\Php\Fpm;
 use Froxlor\Cron\Http\Php\PhpInterface;
 /**
@@ -46,30 +45,6 @@ class Apache extends HttpConfigBase
 	 */
 	private $deactivated = false;
 	public function reload()
 	{
 		if ((int) Settings::Get('phpfpm.enabled') == 1) {
 			// get all start/stop commands
 			$startstop_sel = Database::prepare("SELECT reload_cmd, config_dir FROM `" . TABLE_PANEL_FPMDAEMONS . "`");
 			Database::pexecute($startstop_sel);
 			$restart_cmds = $startstop_sel->fetchAll(\PDO::FETCH_ASSOC);
 			// restart all php-fpm instances
 			foreach ($restart_cmds as $restart_cmd) {
 				// check whether the config dir is empty (no domains uses this daemon)
 				// so we need to create a dummy
 				$_conffiles = glob(\Froxlor\FileDir::makeCorrectFile($restart_cmd['config_dir'] . "/*.conf"));
 				if ($_conffiles === false || empty($_conffiles)) {
 					\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, 'apache::reload: fpm config directory "' . $restart_cmd['config_dir'] . '" is empty. Creating dummy.');
 					Fpm::createDummyPool($restart_cmd['config_dir']);
 				}
 				\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, 'apache::reload: running ' . $restart_cmd['reload_cmd']);
 				\Froxlor\FileDir::safe_exec(escapeshellcmd($restart_cmd['reload_cmd']));
 			}
 		}
 		\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, 'apache::reload: reloading apache');
 		\Froxlor\FileDir::safe_exec(escapeshellcmd(Settings::Get('system.apachereload_command')));
 	}
 	/**
 	 * define a standard <Directory>-statement, bug #32
 	 */
@@ -144,7 +119,7 @@ class Apache extends HttpConfigBase
 			foreach ($statusCodes as $statusCode) {
 				if (Settings::Get('defaultwebsrverrhandler.err' . $statusCode) != '') {
 					$defhandler = Settings::Get('defaultwebsrverrhandler.err' . $statusCode);
-					if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
+					if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
 						if (substr($defhandler, 0, 1) != '"' && substr($defhandler, - 1, 1) != '"') {
 							$defhandler = '"' . \Froxlor\FileDir::makeCorrectFile($defhandler) . '"';
 						}
@@ -197,13 +172,13 @@ class Apache extends HttpConfigBase
 				$mypath = $this->getMyPath($row_ipsandports);
-				$this->virtualhosts_data[$vhosts_filename] .= 'DocumentRoot "' . $mypath . '"' . "\n";
+				$this->virtualhosts_data[$vhosts_filename] .= 'DocumentRoot "' . rtrim($mypath, "/") . '"' . "\n";
 				if ($row_ipsandports['vhostcontainer_servername_statement'] == '1') {
 					$this->virtualhosts_data[$vhosts_filename] .= ' ServerName ' . Settings::Get('system.hostname') . "\n";
 					$froxlor_aliases = Settings::Get('system.froxloraliases');
-					if (!empty($froxlor_aliases)) {
+					if (! empty($froxlor_aliases)) {
 						$froxlor_aliases = explode(",", $froxlor_aliases);
 						$aliases = "";
 						foreach ($froxlor_aliases as $falias) {
@@ -212,7 +187,7 @@ class Apache extends HttpConfigBase
 							}
 						}
 						$aliases = trim($aliases);
-						if (!empty($aliases)) {
+						if (! empty($aliases)) {
 							$this->virtualhosts_data[$vhosts_filename] .= ' ServerAlias ' . $aliases . "\n";
 						}
 					}
@@ -428,11 +403,16 @@ class Apache extends HttpConfigBase
 				 *       end of dirprotection
 				 */
-				if ($row_ipsandports['specialsettings'] != '') {
+				if ($row_ipsandports['specialsettings'] != '' && ($row_ipsandports['ssl'] == '0' || ($row_ipsandports['ssl'] == '1' && Settings::Get('system.use_ssl') == '1' && $row_ipsandports['include_specialsettings'] == '1'))) {
 					$this->virtualhosts_data[$vhosts_filename] .= $this->processSpecialConfigTemplate($row_ipsandports['specialsettings'], $domain, $row_ipsandports['ip'], $row_ipsandports['port'], $row_ipsandports['ssl'] == '1') . "\n";
 				}
 				if ($row_ipsandports['ssl'] == '1' && Settings::Get('system.use_ssl') == '1') {
 					if ($row_ipsandports['ssl_specialsettings'] != '') {
 						$this->virtualhosts_data[$vhosts_filename] .= $this->processSpecialConfigTemplate($row_ipsandports['ssl_specialsettings'], $domain, $row_ipsandports['ip'], $row_ipsandports['port'], $row_ipsandports['ssl'] == '1') . "\n";
 					}
 					if ($row_ipsandports['ssl_cert_file'] == '') {
 						$row_ipsandports['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
 						if (! file_exists($row_ipsandports['ssl_cert_file'])) {
@@ -462,7 +442,9 @@ class Apache extends HttpConfigBase
 						'loginname' => 'froxlor.panel',
 						'documentroot' => $mypath,
 						'customerroot' => $mypath,
-						'parentdomainid' => 0
+						'parentdomainid' => 0,
 						'ssl_honorcipherorder' => Settings::Get('system.honorcipherorder'),
 						'ssl_sessiontickets' => Settings::Get('system.sessiontickets')
 					);
 					// override corresponding array values
@@ -498,10 +480,17 @@ class Apache extends HttpConfigBase
 									$this->virtualhosts_data[$vhosts_filename] .= ' SSLOpenSSLConfCmd DHParameters "' . $dhparams . '"' . "\n";
 								}
 								$this->virtualhosts_data[$vhosts_filename] .= ' SSLCompression Off' . "\n";
 								if (Settings::Get('system.sessionticketsenabled') == '1') {
 									$this->virtualhosts_data[$vhosts_filename] .= ' SSLSessionTickets ' .  ($domain['ssl_sessiontickets'] == '1' ? 'on' : 'off') . "\n";
 								}
 							}
-							// this makes it more secure, thx to Marcel (08/2013)
+
-							$this->virtualhosts_data[$vhosts_filename] .= ' SSLHonorCipherOrder On' . "\n";
+							$this->virtualhosts_data[$vhosts_filename] .= ' SSLHonorCipherOrder ' .  ($domain['ssl_honorcipherorder'] == '1' ? 'on' : 'off') . "\n";
 							$this->virtualhosts_data[$vhosts_filename] .= ' SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n";
 							$protocols = array_map('trim', explode(",", Settings::Get('system.ssl_protocols')));
 							if (in_array("TLSv1.3", $protocols) && ! empty(Settings::Get('system.tlsv13_cipher_list')) && Settings::Get('system.apache24') == 1) {
 								$this->virtualhosts_data[$vhosts_filename] .= ' SSLCipherSuite TLSv1.3 ' . Settings::Get('system.tlsv13_cipher_list') . "\n";
 							}
 							$this->virtualhosts_data[$vhosts_filename] .= ' SSLVerifyDepth 10' . "\n";
 							$this->virtualhosts_data[$vhosts_filename] .= ' SSLCertificateFile ' . \Froxlor\FileDir::makeCorrectFile($domain['ssl_cert_file']) . "\n";
@@ -672,7 +661,7 @@ class Apache extends HttpConfigBase
 		if ($domain['deactivated'] == '1' && Settings::Get('system.deactivateddocroot') != '') {
 			$webroot_text .= '  # Using docroot for deactivated users...' . "\n";
-			$webroot_text .= '  DocumentRoot "' . \Froxlor\FileDir::makeCorrectDir(Settings::Get('system.deactivateddocroot')) . "\"\n";
+			$webroot_text .= '  DocumentRoot "' . rtrim(\Froxlor\FileDir::makeCorrectDir(Settings::Get('system.deactivateddocroot')), "/") . "\"\n";
 			$webroot_text .= '  <Directory "' . \Froxlor\FileDir::makeCorrectDir(Settings::Get('system.deactivateddocroot')) . '">' . "\n";
 			// >=apache-2.4 enabled?
 			if (Settings::Get('system.apache24') == '1') {
@@ -685,7 +674,7 @@ class Apache extends HttpConfigBase
 			$webroot_text .= '  </Directory>' . "\n";
 			$this->deactivated = true;
 		} else {
-			$webroot_text .= '  DocumentRoot "' . $domain['documentroot'] . "\"\n";
+			$webroot_text .= '  DocumentRoot "' . rtrim($domain['documentroot'], "/") . "\"\n";
 			$this->deactivated = false;
 		}
@@ -771,7 +760,7 @@ class Apache extends HttpConfigBase
 		$logtype = 'combined';
 		if (Settings::Get('system.logfiles_format') != '') {
 			$logtype = 'frx_custom';
-			$logfiles_text .= '  LogFormat "' . Settings::Get('system.logfiles_format') . '" ' . $logtype . "\n";
+			$logfiles_text .= '  LogFormat ' . Settings::Get('system.logfiles_format') . ' ' . $logtype . "\n";
 		}
 		if (Settings::Get('system.logfiles_type') == '2' && Settings::Get('system.logfiles_format') == '') {
 			$logtype = 'vhost_combined';
@@ -921,9 +910,12 @@ class Apache extends HttpConfigBase
 				$ipport = $domain['ip'] . ':' . $domain['port'] . ' ';
 			}
-			if ($ipandport['default_vhostconf_domain'] != '') {
+			if ($ipandport['default_vhostconf_domain'] != '' && ($ssl_vhost == false || ($ssl_vhost == true && $ipandport['include_default_vhostconf_domain'] == '1'))) {
 				$_vhost_content .= $this->processSpecialConfigTemplate($ipandport['default_vhostconf_domain'], $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
 			}
 			if ($ipandport['ssl_default_vhostconf_domain'] != '' && $ssl_vhost == true) {
 				$_vhost_content .= $this->processSpecialConfigTemplate($ipandport['ssl_default_vhostconf_domain'], $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
 			}
 			$ipportlist .= $ipport;
 		}
@@ -949,7 +941,7 @@ class Apache extends HttpConfigBase
 				'domainid' => $domain['id']
 			));
-			if ($ssldestport['port'] != '') {
+			if ($ssldestport && $ssldestport['port'] != '') {
 				$_sslport = ":" . $ssldestport['port'];
 			}
@@ -980,11 +972,16 @@ class Apache extends HttpConfigBase
 			}
 			if ($domain['ssl_cert_file'] != '') {
 				$ssl_protocols = ($domain['override_tls'] == '1' && ! empty($domain['ssl_protocols'])) ? $domain['ssl_protocols'] : Settings::Get('system.ssl_protocols');
 				$ssl_cipher_list = ($domain['override_tls'] == '1' && ! empty($domain['ssl_cipher_list'])) ? $domain['ssl_cipher_list'] : Settings::Get('system.ssl_cipher_list');
 				$tlsv13_cipher_list = ($domain['override_tls'] == '1' && ! empty($domain['tlsv13_cipher_list'])) ? $domain['tlsv13_cipher_list'] : Settings::Get('system.tlsv13_cipher_list');
 				$vhost_content .= '  SSLEngine On' . "\n";
-				$vhost_content .= '  SSLProtocol -ALL +' . str_replace(",", " +", Settings::Get('system.ssl_protocols')) . "\n";
+				$vhost_content .= '  SSLProtocol -ALL +' . str_replace(",", " +", $ssl_protocols) . "\n";
 				if (Settings::Get('system.apache24') == '1') {
 					if (isset($domain['http2']) && $domain['http2'] == '1' && Settings::Get('system.http2_support') == '1') {
-						$vhost_content .= ' Protocols h2 http/1.1' . "\n";
+						$vhost_content .= '  Protocols h2 http/1.1' . "\n";
 					}
 					if (! empty(Settings::Get('system.dhparams_file'))) {
 						$dhparams = \Froxlor\FileDir::makeCorrectFile(Settings::Get('system.dhparams_file'));
@@ -994,10 +991,16 @@ class Apache extends HttpConfigBase
 						$vhost_content .= '  SSLOpenSSLConfCmd DHParameters "' . $dhparams . '"' . "\n";
 					}
 					$vhost_content .= '  SSLCompression Off' . "\n";
 					if (Settings::Get('system.sessionticketsenabled') == '1') {
 						$vhost_content .= '  SSLSessionTickets ' .  ($domain['ssl_sessiontickets'] == '1' ? 'on' : 'off') . "\n";
 					}
 				}
 				$vhost_content .= '  SSLHonorCipherOrder ' .  ($domain['ssl_honorcipherorder'] == '1' ? 'on' : 'off') . "\n";
 				$vhost_content .= '  SSLCipherSuite ' . $ssl_cipher_list . "\n";
 				$protocols = array_map('trim', explode(",", $ssl_protocols));
 				if (in_array("TLSv1.3", $protocols) && ! empty($tlsv13_cipher_list) && Settings::Get('system.apache24') == 1) {
 					$vhost_content .= '  SSLCipherSuite TLSv1.3 ' . $tlsv13_cipher_list . "\n";
 				}
 				// this makes it more secure, thx to Marcel (08/2013)
 				$vhost_content .= '  SSLHonorCipherOrder On' . "\n";
 				$vhost_content .= '  SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n";
 				$vhost_content .= '  SSLVerifyDepth 10' . "\n";
 				$vhost_content .= '  SSLCertificateFile ' . \Froxlor\FileDir::makeCorrectFile($domain['ssl_cert_file']) . "\n";
@@ -1074,17 +1077,25 @@ class Apache extends HttpConfigBase
 			}
 			$vhost_content .= $this->getLogfiles($domain);
-			if ($domain['specialsettings'] != '') {
+			if ($domain['specialsettings'] != '' && ($ssl_vhost == false || ($ssl_vhost == true && $domain['include_specialsettings'] == 1))) {
 				$vhost_content .= $this->processSpecialConfigTemplate($domain['specialsettings'], $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
 			}
 			if ($domain['ssl_specialsettings'] != '' && $ssl_vhost == true) {
 				$vhost_content .= $this->processSpecialConfigTemplate($domain['ssl_specialsettings'], $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
 			}
 			if ($_vhost_content != '') {
 				$vhost_content .= $_vhost_content;
 			}
-			if (Settings::Get('system.default_vhostconf') != '') {
+			if (Settings::Get('system.default_vhostconf') != '' && ($ssl_vhost == false || ($ssl_vhost == true && Settings::Get('system.include_default_vhostconf') == 1))) {
 				$vhost_content .= $this->processSpecialConfigTemplate(Settings::Get('system.default_vhostconf'), $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
 			}
 			if (Settings::Get('system.default_sslvhostconf') != '' && $ssl_vhost == true) {
 				$vhost_content .= $this->processSpecialConfigTemplate(Settings::Get('system.default_sslvhostconf'), $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
 			}
 		}
 		$vhost_content .= '</VirtualHost>' . "\n";
@@ -1110,7 +1121,7 @@ class Apache extends HttpConfigBase
 				// Create vhost without ssl
 				$this->virtualhosts_data[$vhosts_filename] .= $this->getVhostContent($domain, false);
-				if ($domain['ssl'] == '1' || $domain['ssl_redirect'] == '1') {
+				if ($domain['ssl_enabled'] == '1' && ($domain['ssl'] == '1' || $domain['ssl_redirect'] == '1')) {
 					// Adding ssl stuff if enabled
 					$vhosts_filename_ssl = $this->getVhostFilename($domain, true);
 					$this->virtualhosts_data[$vhosts_filename_ssl] = '# Domain ID: ' . $domain['id'] . ' (SSL) - CustomerID: ' . $domain['customerid'] . ' - CustomerLogin: ' . $domain['loginname'] . "\n";
@@ -1209,7 +1220,7 @@ class Apache extends HttpConfigBase
 				foreach ($statusCodes as $statusCode) {
 					if (isset($row_diroptions['error' . $statusCode . 'path']) && $row_diroptions['error' . $statusCode . 'path'] != '') {
 						$defhandler = $row_diroptions['error' . $statusCode . 'path'];
-						if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
+						if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
 							if (substr($defhandler, 0, 1) != '"' && substr($defhandler, - 1, 1) != '"') {
 								$defhandler = '"' . \Froxlor\FileDir::makeCorrectFile($defhandler) . '"';
 							}
--- a/lib/Froxlor/Cron/Http/ConfigIO.php
+++ b/lib/Froxlor/Cron/Http/ConfigIO.php
@@ -128,7 +128,7 @@ class ConfigIO
 				// iterate through all subdirs,
 				// look for vhost/diroption files
 				// and delete them
-				foreach ($its as $fullFileName => $it) {
+				foreach ($its as $it) {
 					if ($it->isFile() && preg_match($pattern, $it->getFilename())) {
 						// remove file
 						\Froxlor\FileDir::safe_exec('rm -f ' . escapeshellarg(\Froxlor\FileDir::makeCorrectFile($its->getPathname())));
@@ -191,7 +191,7 @@ class ConfigIO
 				/**
 				 * don't do anything if the file does not exist
 				 */
-				if (@file_exists($awstatsclean['fullentry'])) {
+				if (@file_exists($awstatsclean['fullentry']) && $awstatsclean['entry'] != '.' && $awstatsclean['entry'] != '..') {
 					$awstatsclean['fh'] = fopen($awstatsclean['fullentry'], 'r');
 					$awstatsclean['headerRead'] = fgets($awstatsclean['fh'], strlen($awstatsclean['header']) + 1);
 					fclose($awstatsclean['fh']);
@@ -232,7 +232,7 @@ class ConfigIO
 				// look for php-fcgi-starter files
 				// and take immutable-flag away from them
 				// so we can delete them :)
-				foreach ($its as $fullFileName => $it) {
+				foreach ($its as $it) {
 					if ($it->isFile() && $it->getFilename() == 'php-fcgi-starter') {
 						// set chattr -i
 						\Froxlor\FileDir::removeImmutable($its->getPathname());
--- a/lib/Froxlor/Cron/Http/DomainSSL.php
+++ b/lib/Froxlor/Cron/Http/DomainSSL.php
@@ -68,6 +68,11 @@ class DomainSSL
 				'ssl_key_file' => \Froxlor\FileDir::makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '.key')
 			);
 			if (! $this->validateCertificate($dom_certs)) {
 				\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_ERR, 'Given SSL private key for ' . $domain['domain'] . ' does not seem to match the certificate. Cannot create ssl-directives');
 				return;
 			}
 			if (Settings::Get('system.webserver') == 'lighttpd') {
 				// put my.crt and my.key together for lighty.
 				$dom_certs['ssl_cert_file'] = trim($dom_certs['ssl_cert_file']) . "\n" . trim($dom_certs['ssl_key_file']) . "\n";
@@ -112,4 +117,9 @@ class DomainSSL
 		return;
 	}
 	private function validateCertificate($dom_certs = array())
 	{
 		return openssl_x509_check_private_key($dom_certs['ssl_cert_file'], $dom_certs['ssl_key_file']);
 	}
 }
--- a/lib/Froxlor/Cron/Http/HttpConfigBase.php
+++ b/lib/Froxlor/Cron/Http/HttpConfigBase.php
@@ -3,6 +3,7 @@ namespace Froxlor\Cron\Http;
 use Froxlor\Database\Database;
 use Froxlor\Settings;
 use Froxlor\Cron\Http\Php\Fpm;
 /**
 * This file is part of the Froxlor project.
@@ -27,6 +28,51 @@ use Froxlor\Settings;
 class HttpConfigBase
 {
 	public function init()
 	{
 		// if Let's Encrypt is activated, run it before regeneration of webserver configfiles
 		if (Settings::Get('system.leenabled') == 1) {
 			\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, 'Running Let\'s Encrypt cronjob prior to regenerating webserver config files');
 			\Froxlor\Cron\Http\LetsEncrypt\AcmeSh::$no_inserttask = true;
 			\Froxlor\Cron\Http\LetsEncrypt\AcmeSh::run(true);
 			// set last run timestamp of cronjob
 			\Froxlor\System\Cronjob::updateLastRunOfCron('letsencrypt');
 		}
 	}
 	public function reload()
 	{
 		$called_class = get_called_class();
 		if ((int) Settings::Get('phpfpm.enabled') == 1) {
 			// get all start/stop commands
 			$startstop_sel = Database::prepare("SELECT reload_cmd, config_dir FROM `" . TABLE_PANEL_FPMDAEMONS . "`");
 			Database::pexecute($startstop_sel);
 			$restart_cmds = $startstop_sel->fetchAll(\PDO::FETCH_ASSOC);
 			// restart all php-fpm instances
 			foreach ($restart_cmds as $restart_cmd) {
 				// check whether the config dir is empty (no domains uses this daemon)
 				// so we need to create a dummy
 				$_conffiles = glob(\Froxlor\FileDir::makeCorrectFile($restart_cmd['config_dir'] . "/*.conf"));
 				if ($_conffiles === false || empty($_conffiles)) {
 					\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, $called_class . '::reload: fpm config directory "' . $restart_cmd['config_dir'] . '" is empty. Creating dummy.');
 					Fpm::createDummyPool($restart_cmd['config_dir']);
 				}
 				\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, $called_class . '::reload: running ' . $restart_cmd['reload_cmd']);
 				\Froxlor\FileDir::safe_exec(escapeshellcmd($restart_cmd['reload_cmd']));
 			}
 		}
 		\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, $called_class . '::reload: reloading ' . $called_class);
 		\Froxlor\FileDir::safe_exec(escapeshellcmd(Settings::Get('system.apachereload_command')));
 		/**
 		 * nginx does not auto-spawn fcgi-processes
 		 */
 		if (Settings::Get('system.webserver') == "nginx" && Settings::Get('system.phpreload_command') != '' && (int) Settings::Get('phpfpm.enabled') == 0) {
 			\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, $called_class . '::reload: restarting php processes');
 			\Froxlor\FileDir::safe_exec(Settings::Get('system.phpreload_command'));
 		}
 	}
 	/**
 	 * process special config as template, by substituting {VARIABLE} with the
 	 * respective value.
@@ -87,7 +133,7 @@ class HttpConfigBase
 		");
 		$ssldestport = Database::pexecute_first($ssldestport_stmt);
-		if ($ssldestport['port'] != '') {
+		if ($ssldestport && $ssldestport['port'] != '') {
 			$_sslport = ":" . $ssldestport['port'];
 		}
--- a/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php
+++ b/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php
@@ -4,6 +4,8 @@ namespace Froxlor\Cron\Http\LetsEncrypt;
 use Froxlor\FroxlorLogger;
 use Froxlor\Settings;
 use Froxlor\Database\Database;
 use Froxlor\PhpHelper;
 use Froxlor\Domain\Domain;
 /**
 * This file is part of the Froxlor project.
@@ -43,19 +45,417 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
 	private static $do_update = true;
-	public static function run()
+	public static $no_inserttask = false;
 	/**
 	 * run the task
 	 *
 	 * @param boolean $internal
 	 * @return number
 	 */
 	public static function run($internal = false)
 	{
-		self::checkInstall();
+		// usually, this is action is called from within the tasks-jobs
 		if (! defined('CRON_IS_FORCED') && ! defined('CRON_DEBUG_FLAG') && $internal == false) {
 			// Let's Encrypt cronjob is combined with regeneration of webserver configuration files.
 			// For debugging purposes you can use the --debug switch and the --force switch to run the cron manually.
 			// check whether we MIGHT need to run although there is no task to regenerate config-files
 			$needRenew = self::issueDomains();
 			if ($needRenew || self::issueFroxlorVhost()) {
 				// insert task to generate certificates and vhost-configs
 				\Froxlor\System\Cronjob::inserttask(1);
 			}
 			return 0;
 		}
-		self::$apiserver = 'https://acme-v0' . \Froxlor\Settings::Get('system.leapiversion') . '.api.letsencrypt.org/directory';
+		// set server according to settings
 		self::$apiserver = 'https://acme-' . (Settings::Get('system.letsencryptca') == 'testing' ? 'staging-' : '') . 'v0' . \Froxlor\Settings::Get('system.leapiversion') . '.api.letsencrypt.org/directory';
-		FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Updating Let's Encrypt certificates");
+		// validate acme.sh installation
 		if (! self::checkInstall()) {
 			return - 1;
 		}
 		// flag for re-generation of vhost files
 		$changedetected = 0;
 		// prepare update sql
 		self::$updcert_stmt = Database::prepare("
 			REPLACE INTO
 				`" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
 			SET
 				`id` = :id,
 				`domainid` = :domainid,
 				`ssl_cert_file` = :crt,
 				`ssl_key_file` = :key,
 				`ssl_ca_file` = :ca,
 				`ssl_cert_chainfile` = :chain,
 				`ssl_csr_file` = :csr,
 				`ssl_fullchain_file` = :fullchain,
 				`expirationdate` = :expirationdate
 		");
 		// prepare domain update sql
 		self::$upddom_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `ssl_redirect` = '1' WHERE `id` = :domainid");
 		// check whether there are certificates to issue
 		$issue_froxlor = self::issueFroxlorVhost();
 		$issue_domains = self::issueDomains();
 		// first - generate LE for system-vhost if enabled
 		if ($issue_froxlor) {
 			// build row
 			$certrow = array(
 				'loginname' => 'froxlor.panel',
 				'domain' => Settings::Get('system.hostname'),
 				'domainid' => 0,
 				'documentroot' => \Froxlor\Froxlor::getInstallDir(),
 				'leprivatekey' => Settings::Get('system.leprivatekey'),
 				'lepublickey' => Settings::Get('system.lepublickey'),
 				'leregistered' => Settings::Get('system.leregistered'),
 				'ssl_redirect' => Settings::Get('system.le_froxlor_redirect'),
 				'expirationdate' => null,
 				'ssl_cert_file' => null,
 				'ssl_key_file' => null,
 				'ssl_ca_file' => null,
 				'ssl_csr_file' => null,
 				'id' => null
 			);
 			// add to queue
 			$issue_domains[] = $certrow;
 		}
 		if (count($issue_domains)) {
 			FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Requesting " . count($issue_domains) . " new Let's Encrypt certificates");
 			self::runIssueFor($issue_domains);
 			$changedetected = 1;
 		}
 		// compare file-system certificates with the ones in our database
 		// and update if needed
 		$renew_froxlor = self::renewFroxlorVhost();
 		$renew_domains = self::renewDomains();
 		if ($renew_froxlor) {
 			// build row
 			$certrow = array(
 				'loginname' => 'froxlor.panel',
 				'domain' => Settings::Get('system.hostname'),
 				'domainid' => 0,
 				'documentroot' => \Froxlor\Froxlor::getInstallDir(),
 				'leprivatekey' => Settings::Get('system.leprivatekey'),
 				'lepublickey' => Settings::Get('system.lepublickey'),
 				'leregistered' => Settings::Get('system.leregistered'),
 				'ssl_redirect' => Settings::Get('system.le_froxlor_redirect'),
 				'expirationdate' => is_array($renew_froxlor) ? $renew_froxlor['expirationdate'] : date('Y-m-d H:i:s', 0),
 				'ssl_cert_file' => is_array($renew_froxlor) ? $renew_froxlor['ssl_cert_file'] : null,
 				'ssl_key_file' => is_array($renew_froxlor) ? $renew_froxlor['ssl_key_file'] : null,
 				'ssl_ca_file' => is_array($renew_froxlor) ? $renew_froxlor['ssl_ca_file'] : null,
 				'ssl_csr_file' => is_array($renew_froxlor) ? $renew_froxlor['ssl_csr_file'] : null,
 				'id' => is_array($renew_froxlor) ? $renew_froxlor['id'] : null
 			);
 			$renew_domains[] = $certrow;
 		}
 		foreach ($renew_domains as $domain) {
 			$cronlog = FroxlorLogger::getInstanceOf(array(
 				'loginname' => $domain['loginname'],
 				'adminsession' => 0
 			));
 			if (defined('CRON_IS_FORCED') || self::checkFsFilesAreNewer($domain['domain'], $domain['expirationdate'])) {
 				self::certToDb($domain, $cronlog, array());
 				$changedetected = 1;
 			}
 		}
 		// If we have a change in a certificate, we need to update the webserver - configs
 		// This is easiest done by just creating a new task ;)
 		if ($changedetected) {
 			if (self::$no_inserttask == false) {
 				\Froxlor\System\Cronjob::inserttask(1);
 			}
 			FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Let's Encrypt certificates have been updated");
 		} else {
 			FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "No new certificates or certificate updates found");
 		}
 	}
 	/**
 	 * issue certificates for a list of domains
 	 */
 	private static function runIssueFor($certrows = array())
 	{
 		// prepare aliasdomain-check
 		$aliasdomains_stmt = Database::prepare("
 			SELECT
 				dom.`id` as domainid,
 				dom.`domain`,
 				dom.`wwwserveralias`
 			FROM `" . TABLE_PANEL_DOMAINS . "` AS dom
 			WHERE
 				dom.`aliasdomain` = :id
 				AND dom.`letsencrypt` = 1
 				AND dom.`iswildcarddomain` = 0
 		");
 		// iterate through all domains
 		foreach ($certrows as $certrow) {
 			// set logger to corresponding loginname for the log to appear in the users system-log
 			$cronlog = FroxlorLogger::getInstanceOf(array(
 				'loginname' => $certrow['loginname'],
 				'adminsession' => 0
 			));
 			// Only issue let's encrypt certificate if no broken ssl_redirect is enabled
 			if ($certrow['ssl_redirect'] != 2) {
 				$do_force = false;
 				if (! empty($certrow['ssl_cert_file']) && empty($certrow['expirationdate'])) {
 					// domain changed (SAN or similar)
 					$do_force = true;
 					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Re-creating certificate for " . $certrow['domain']);
 				} else {
 					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Creating certificate for " . $certrow['domain']);
 				}
 				$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding common-name: " . $certrow['domain']);
 				$domains = array(
 					strtolower($certrow['domain'])
 				);
 				// add www.<domain> to SAN list
 				if ($certrow['wwwserveralias'] == 1) {
 					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: www." . $certrow['domain']);
 					$domains[] = strtolower('www.' . $certrow['domain']);
 				}
 				if ($certrow['domainid'] == 0) {
 					$froxlor_aliases = Settings::Get('system.froxloraliases');
 					if (! empty($froxlor_aliases)) {
 						$froxlor_aliases = explode(",", $froxlor_aliases);
 						foreach ($froxlor_aliases as $falias) {
 							if (\Froxlor\Validate\Validate::validateDomain(trim($falias))) {
 								$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: " . strtolower(trim($falias)));
 								$domains[] = strtolower(trim($falias));
 							}
 						}
 					}
 				} else {
 					// add alias domains (and possibly www.<aliasdomain>) to SAN list
 					Database::pexecute($aliasdomains_stmt, array(
 						'id' => $certrow['domainid']
 					));
 					$aliasdomains = $aliasdomains_stmt->fetchAll(\PDO::FETCH_ASSOC);
 					foreach ($aliasdomains as $aliasdomain) {
 						$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: " . $aliasdomain['domain']);
 						$domains[] = strtolower($aliasdomain['domain']);
 						if ($aliasdomain['wwwserveralias'] == 1) {
 							$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: www." . $aliasdomain['domain']);
 							$domains[] = strtolower('www.' . $aliasdomain['domain']);
 						}
 					}
 				}
 				self::validateDns($domains, $certrow['domainid'], $cronlog);
 				self::runAcmeSh($certrow, $domains, $cronlog, $do_force);
 			} else {
 				$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, "Skipping Let's Encrypt generation for " . $certrow['domain'] . " due to an enabled ssl_redirect");
 			}
 		}
 	}
 	/**
 	 * validate dns (A / AAAA record) of domain against known system ips
 	 *
 	 * @param array $domains
 	 * @param int $domain_id
 	 * @param FroxlorLogger $cronlog
 	 */
 	private static function validateDns(&$domains = array(), $domain_id, &$cronlog)
 	{
 		if (Settings::Get('system.le_domain_dnscheck') == '1' && ! empty($domains)) {
 			$loop_domains = $domains;
 			// ips according to our system
 			$our_ips = Domain::getIpsOfDomain($domain_id);
 			foreach ($loop_domains as $idx => $domain) {
 				$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Validating DNS of " . $domain);
 				// ips accordint to NS
 				$domain_ips = PhpHelper::gethostbynamel6($domain);
 				if (count(array_intersect($our_ips, $domain_ips)) <= 0) {
 					// no common ips...
 					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, "Skipping Let's Encrypt generation for " . $domain . " due to no system known IP address via DNS check");
 					unset($domains[$idx]);
 				}
 			}
 		}
 	}
 	private static function runAcmeSh($certrow = array(), $domains = array(), &$cronlog = null, $force = false)
 	{
 		if (! empty($domains)) {
 			if (self::$do_update) {
 				self::checkUpgrade();
 				self::$do_update = false;
 			}
 			$acmesh_cmd = self::$acmesh . " --auto-upgrade 0 --server " . self::$apiserver . " --issue -d " . implode(" -d ", $domains);
 			// challenge path
 			$acmesh_cmd .= " -w " . Settings::Get('system.letsencryptchallengepath');
 			if (Settings::Get('system.leecc') > 0) {
 				// ecc certificate
 				$acmesh_cmd .= " --keylength ec-" . Settings::Get('system.leecc');
 			} else {
 				$acmesh_cmd .= " --keylength " . Settings::Get('system.letsencryptkeysize');
 			}
 			if (Settings::Get('system.letsencryptreuseold') != '1') {
 				$acmesh_cmd .= " --always-force-new-domain-key";
 			}
 			if (Settings::Get('system.letsencryptca') == 'testing') {
 				$acmesh_cmd .= " --staging";
 			}
 			if ($force) {
 				$acmesh_cmd .= " --force";
 			}
 			if (defined('CRON_DEBUG_FLAG')) {
 				$acmesh_cmd .= " --debug";
 			}
 			$acme_result = \Froxlor\FileDir::safe_exec($acmesh_cmd);
 			// debug output of acme.sh run
 			$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, implode("\n", $acme_result));
 			self::certToDb($certrow, $cronlog, $acme_result);
 		}
 	}
 	private static function certToDb($certrow, &$cronlog, $acme_result)
 	{
 		$return = array();
 		self::readCertificateToVar($certrow['domain'], $return, $cronlog);
 		if (! empty($return['crt'])) {
 			$newcert = openssl_x509_parse($return['crt']);
 			if ($newcert) {
 				// Store the new data
 				Database::pexecute(self::$updcert_stmt, array(
 					'id' => $certrow['id'],
 					'domainid' => $certrow['domainid'],
 					'crt' => $return['crt'],
 					'key' => $return['key'],
 					'ca' => $return['chain'],
 					'chain' => $return['chain'],
 					'csr' => $return['csr'],
 					'fullchain' => $return['fullchain'],
 					'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t'])
 				));
 				if ($certrow['ssl_redirect'] == 3) {
 					Database::pexecute(self::$upddom_stmt, array(
 						'domainid' => $certrow['domainid']
 					));
 				}
 				$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Updated Let's Encrypt certificate for " . $certrow['domain']);
 			} else {
 				$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Got non-successful Let's Encrypt response for " . $certrow['domain'] . ":\n" . implode("\n", $acme_result));
 			}
 		} else {
 			$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not get Let's Encrypt certificate for " . $certrow['domain'] . ":\n" . implode("\n", $acme_result));
 		}
 	}
 	/**
 	 * check whether we need to issue a new certificate for froxlor itself
 	 *
 	 * @return boolean
 	 */
 	private static function issueFroxlorVhost()
 	{
 		if (Settings::Get('system.le_froxlor_enabled') == '1') {
 			// let's encrypt is enabled, now check whether we have a certificate
 			$froxlor_ssl_settings_stmt = Database::prepare("
 				SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
 				WHERE `domainid` = '0'
 			");
 			$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
 			// also check for possible existing certificate
 			if (! $froxlor_ssl && ! self::checkFsFilesAreNewer(Settings::Get('system.hostname'), date('Y-m-d H:i:s'))) {
 				return true;
 			}
 		}
 		return false;
 	}
 	/**
 	 * check whether we need to renew-check the certificate for froxlor itself
 	 *
 	 * @return boolean
 	 */
 	private static function renewFroxlorVhost()
 	{
 		if (Settings::Get('system.le_froxlor_enabled') == '1') {
 			// let's encrypt is enabled, now check whether we have a certificate
 			$froxlor_ssl_settings_stmt = Database::prepare("
 				SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
 				WHERE `domainid` = '0'
 			");
 			$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
 			// also check for possible existing certificate
 			if ($froxlor_ssl || (! $froxlor_ssl && ! self::checkFsFilesAreNewer(Settings::Get('system.hostname'), date('Y-m-d H:i:s', 0)))) {
 				return ($froxlor_ssl ? $froxlor_ssl : true);
 			}
 		}
 		return false;
 	}
 	/**
 	 * get a list of domains that have a lets encrypt certificate (possible renew)
 	 */
 	private static function renewDomains()
 	{
 		$certificates_stmt = Database::query("
 			SELECT
 				domssl.`id`,
 				domssl.`domainid`,
-				domssl.expirationdate,
+				domssl.`expirationdate`,
 				domssl.`ssl_cert_file`,
 				domssl.`ssl_key_file`,
 				dom.`domain`,
 				dom.`id` AS 'domainid',
 				dom.`ssl_redirect`,
 				cust.`loginname`
 			FROM
 				`" . TABLE_PANEL_CUSTOMERS . "` AS cust,
 				`" . TABLE_PANEL_DOMAINS . "` AS dom
 			LEFT JOIN
 				`" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` AS domssl ON
 					dom.`id` = domssl.`domainid`
 			WHERE
 				dom.`customerid` = cust.`customerid`
 				AND cust.deactivated = 0
 				AND dom.`letsencrypt` = 1
 				AND dom.`aliasdomain` IS NULL
 				AND dom.`iswildcarddomain` = 0
 		");
 		$renew_certs = $certificates_stmt->fetchAll(\PDO::FETCH_ASSOC);
 		if (self::renewFroxlorVhost()) {
 			// add froxlor to the list of renews
 		}
 		if ($renew_certs) {
 			return $renew_certs;
 		}
 		return array();
 	}
 	/**
 	 * get a list of domains that require a new certificate (issue)
 	 */
 	private static function issueDomains()
 	{
 		$certificates_stmt = Database::query("
 			SELECT
 				domssl.`id`,
 				domssl.`domainid`,
 				domssl.`expirationdate`,
 				domssl.`ssl_cert_file`,
 				domssl.`ssl_key_file`,
 				domssl.`ssl_ca_file`,
@@ -82,274 +482,108 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
 				AND dom.`letsencrypt` = 1
 				AND dom.`aliasdomain` IS NULL
 				AND dom.`iswildcarddomain` = 0
-				AND (
+				AND domssl.`expirationdate` IS NULL
 					domssl.`expirationdate` < DATE_ADD(NOW(), INTERVAL 30 DAY)
 					OR domssl.`expirationdate` IS NULL
 				)
 		");
-
+		$customer_ssl = $certificates_stmt->fetchAll(\PDO::FETCH_ASSOC);
-		$aliasdomains_stmt = Database::prepare("
+		if ($customer_ssl) {
-			SELECT
+			return $customer_ssl;
 				dom.`id` as domainid,
 				dom.`domain`,
 				dom.`wwwserveralias`
 			FROM `" . TABLE_PANEL_DOMAINS . "` AS dom
 			WHERE
 				dom.`aliasdomain` = :id
 				AND dom.`letsencrypt` = 1
 				AND dom.`iswildcarddomain` = 0
 		");
 		self::$updcert_stmt = Database::prepare("
 			REPLACE INTO
 				`" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
 			SET
 				`id` = :id,
 				`domainid` = :domainid,
 				`ssl_cert_file` = :crt,
 				`ssl_key_file` = :key,
 				`ssl_ca_file` = :ca,
 				`ssl_cert_chainfile` = :chain,
 				`ssl_csr_file` = :csr,
 				`ssl_fullchain_file` = :fullchain,
 				`expirationdate` = :expirationdate
 		");
 		self::$upddom_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `ssl_redirect` = '1' WHERE `id` = :domainid");
 		// flag for re-generation of vhost files
 		$changedetected = 0;
 		// first - generate LE for system-vhost if enabled
 		if (Settings::Get('system.le_froxlor_enabled') == '1') {
 			$certrow = array(
 				'loginname' => 'froxlor.panel',
 				'domain' => Settings::Get('system.hostname'),
 				'domainid' => 0,
 				'documentroot' => \Froxlor\Froxlor::getInstallDir(),
 				'leprivatekey' => Settings::Get('system.leprivatekey'),
 				'lepublickey' => Settings::Get('system.lepublickey'),
 				'leregistered' => Settings::Get('system.leregistered'),
 				'ssl_redirect' => Settings::Get('system.le_froxlor_redirect'),
 				'expirationdate' => null,
 				'ssl_cert_file' => null,
 				'ssl_key_file' => null,
 				'ssl_ca_file' => null,
 				'ssl_csr_file' => null,
 				'id' => null
 			);
 			$froxlor_ssl_settings_stmt = Database::prepare("
 				SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
 				WHERE `domainid` = '0' AND
 				(`expirationdate` < DATE_ADD(NOW(), INTERVAL 30 DAY) OR `expirationdate` IS NULL)
 			");
 			$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
 			$cert_mode = 'issue';
 			if ($froxlor_ssl) {
 				$cert_mode = 'renew';
 				$certrow['id'] = $froxlor_ssl['id'];
 				$certrow['expirationdate'] = $froxlor_ssl['expirationdate'];
 				$certrow['ssl_cert_file'] = $froxlor_ssl['ssl_cert_file'];
 				$certrow['ssl_key_file'] = $froxlor_ssl['ssl_key_file'];
 				$certrow['ssl_ca_file'] = $froxlor_ssl['ssl_ca_file'];
 				$certrow['ssl_csr_file'] = $froxlor_ssl['ssl_csr_file'];
 			} else {
 				// check whether we have an entry with valid certificates which just does not need
 				// updating yet, so we need to skip this here
 				$froxlor_ssl_settings_stmt = Database::prepare("
 					SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = '0'
 				");
 				$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
 				if ($froxlor_ssl && ! empty($froxlor_ssl['ssl_cert_file'])) {
 					$cert_mode = false;
 				}
 			}
 			if ($cert_mode) {
 				$domains = array(
 					$certrow['domain']
 				);
 				$froxlor_aliases = Settings::Get('system.froxloraliases');
 				if (!empty($froxlor_aliases)) {
 					$froxlor_aliases = explode(",", $froxlor_aliases);
 					foreach ($froxlor_aliases as $falias) {
 						if (\Froxlor\Validate\Validate::validateDomain(trim($falias))) {
 							$domains[] = trim($falias);
 						}
 					}
 				}
 				// Only renew let's encrypt certificate if no broken ssl_redirect is enabled
 				// - this temp. deactivation of the ssl-redirect is handled by the webserver-cronjob
 				if ($cert_mode == 'renew') {
 					FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Creating certificate for " . $certrow['domain']);
 				} else {
 					FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Updating certificate for " . $certrow['domain']);
 				}
 				$cronlog = FroxlorLogger::getInstanceOf(array(
 					'loginname' => $certrow['loginname'],
 					'adminsession' => 0
 				));
 				self::runAcmeSh($certrow, $domains, $cert_mode, $cronlog, $changedetected);
 			}
 		}
-
+		return array();
 		// customer domains
 		$certrows = $certificates_stmt->fetchAll(\PDO::FETCH_ASSOC);
 		$cert_mode = 'issue';
 		foreach ($certrows as $certrow) {
 			// set logger to corresponding loginname for the log to appear in the users system-log
 			$cronlog = FroxlorLogger::getInstanceOf(array(
 				'loginname' => $certrow['loginname'],
 				'adminsession' => 0
 			));
 			// Only renew let's encrypt certificate if no broken ssl_redirect is enabled
 			if ($certrow['ssl_redirect'] != 2) {
 				if (! empty($certrow['ssl_cert_file'])) {
 					$cert_mode = 'renew';
 					$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Updating certificate for " . $certrow['domain']);
 				} else {
 					$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Creating certificate for " . $certrow['domain']);
 				}
 				$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: " . $certrow['domain']);
 				$domains = array(
 					$certrow['domain']
 				);
 				// add www.<domain> to SAN list
 				if ($certrow['wwwserveralias'] == 1) {
 					$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: www." . $certrow['domain']);
 					$domains[] = 'www.' . $certrow['domain'];
 				}
 				// add alias domains (and possibly www.<aliasdomain>) to SAN list
 				Database::pexecute($aliasdomains_stmt, array(
 					'id' => $certrow['domainid']
 				));
 				$aliasdomains = $aliasdomains_stmt->fetchAll(\PDO::FETCH_ASSOC);
 				foreach ($aliasdomains as $aliasdomain) {
 					$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: " . $aliasdomain['domain']);
 					$domains[] = $aliasdomain['domain'];
 					if ($aliasdomain['wwwserveralias'] == 1) {
 						$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: www." . $aliasdomain['domain']);
 						$domains[] = 'www.' . $aliasdomain['domain'];
 					}
 				}
 				self::runAcmeSh($certrow, $domains, $cert_mode, $cronlog, $changedetected);
 			} else {
 				$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_WARNING, "Skipping Let's Encrypt generation for " . $certrow['domain'] . " due to an enabled ssl_redirect");
 			}
 		}
 		// If we have a change in a certificate, we need to update the webserver - configs
 		// This is easiest done by just creating a new task ;)
 		if ($changedetected) {
 			\Froxlor\System\Cronjob::inserttask(1);
 		}
 		FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Let's Encrypt certificates have been updated");
 	}
-	private static function runAcmeSh($certrow = array(), $domains = array(), $cert_mode = 'issue', &$cronlog = null, &$changedetected = 0)
+	private static function checkFsFilesAreNewer($domain, $cert_date = 0)
 	{
 		if (! empty($domains)) {
 			if (self::$do_update) {
 				self::checkUpgrade();
 				self::$do_update = false;
 			}
 			$acmesh_cmd = self::$acmesh . " --auto-upgrade 0 --server " . self::$apiserver . " --" . $cert_mode . " -d " . implode(" -d ", $domains);
 			if ($cert_mode == 'issue') {
 				$acmesh_cmd .= " -w " . \Froxlor\Froxlor::getInstallDir();
 			}
 			if (Settings::Get('system.leecc') > 0) {
 				$acmesh_cmd .= " --keylength ec-" . Settings::Get('system.leecc');
 			} else {
 				$acmesh_cmd .= " --keylength " . Settings::Get('system.letsencryptkeysize');
 			}
 			if (Settings::Get('system.letsencryptreuseold') != '1') {
 				$acmesh_cmd .= " --always-force-new-domain-key";
 			}
 			$acme_result = \Froxlor\FileDir::safe_exec($acmesh_cmd);
 			$return = array();
 			self::readCertificateToVar($certrow['domain'], $return);
 			if (! empty($return['crt'])) {
 				$newcert = openssl_x509_parse($return['crt']);
 				// Store the new data
 				Database::pexecute(self::$updcert_stmt, array(
 					'id' => $certrow['id'],
 					'domainid' => $certrow['domainid'],
 					'crt' => $return['crt'],
 					'key' => $return['key'],
 					'ca' => $return['chain'],
 					'chain' => $return['chain'],
 					'csr' => $return['csr'],
 					'fullchain' => $return['fullchain'],
 					'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t'])
 				));
 				if ($certrow['ssl_redirect'] == 3) {
 					Database::pexecute(self::$upddom_stmt, array(
 						'domainid' => $certrow['domainid']
 					));
 				}
 				$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Updated Let's Encrypt certificate for " . $certrow['domain']);
 				$changedetected = 1;
 			} else {
 				$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not get Let's Encrypt certificate for " . $certrow['domain'] . ":\n" . implode("\n", $acme_result));
 			}
 		}
 	}
 	private static function readCertificateToVar($domain, &$return)
 	{
 		$certificate_folder = dirname(self::$acmesh) . "/" . $domain;
 		if (Settings::Get('system.leecc') > 0) {
 			$certificate_folder .= "_ecc";
 		}
 		$certificate_folder = \Froxlor\FileDir::makeCorrectDir($certificate_folder);
 		$ssl_file = \Froxlor\FileDir::makeCorrectFile($certificate_folder . '/' . $domain . '.cer');
-		if (is_dir($certificate_folder)) {
+		if (is_dir($certificate_folder) && file_exists($ssl_file) && is_readable($ssl_file)) {
-			$return['crt'] = file_get_contents(\Froxlor\FileDir::makeCorrectFile($certificate_folder . '/' . $domain . '.cer'));
+			$cert_data = openssl_x509_parse(file_get_contents($ssl_file));
-			$return['key'] = file_get_contents(\Froxlor\FileDir::makeCorrectFile($certificate_folder . '/' . $domain . '.key'));
+			if (strtotime($cert_data['validTo_time_t']) > strtotime($cert_date)) {
-			$return['chain'] = file_get_contents(\Froxlor\FileDir::makeCorrectFile($certificate_folder . '/ca.cer'));
+				return true;
-			$return['fullchain'] = file_get_contents(\Froxlor\FileDir::makeCorrectFile($certificate_folder . '/fullchain.cer'));
+			}
-			$return['csr'] = file_get_contents(\Froxlor\FileDir::makeCorrectFile($certificate_folder . '/' . $domain . '.csr'));
+		}
 		return false;
 	}
 	/**
 	 * get certificate files from filesystem and store in $return array
 	 *
 	 * @param string $domain
 	 * @param array $return
 	 * @param object $cronlog
 	 */
 	private static function readCertificateToVar($domain, &$return, &$cronlog)
 	{
 		$certificate_folder = dirname(self::$acmesh) . "/" . $domain;
 		$certificate_folder_noecc = null;
 		if (Settings::Get('system.leecc') > 0) {
 			$certificate_folder_noecc = \Froxlor\FileDir::makeCorrectDir($certificate_folder);
 			$certificate_folder .= "_ecc";
 		}
 		$certificate_folder = \Froxlor\FileDir::makeCorrectDir($certificate_folder);
 		if (is_dir($certificate_folder) || is_dir($certificate_folder_noecc)) {
 			foreach ([
 				'crt' => $domain . '.cer',
 				'key' => $domain . '.key',
 				'chain' => 'ca.cer',
 				'fullchain' => 'fullchain.cer',
 				'csr' => $domain . '.csr'
 			] as $index => $sslfile) {
 				$ssl_file = \Froxlor\FileDir::makeCorrectFile($certificate_folder . '/' . $sslfile);
 				if (file_exists($ssl_file)) {
 					$return[$index] = file_get_contents($ssl_file);
 				} else {
 					if (! empty($certificate_folder_noecc)) {
 						$ssl_file_fb = \Froxlor\FileDir::makeCorrectFile($certificate_folder_noecc . '/' . $sslfile);
 						if (file_exists($ssl_file_fb)) {
 							$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, "ECC certificates activated but found only non-ecc file");
 							$return[$index] = file_get_contents($ssl_file_fb);
 							continue;
 						}
 					}
 					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not find file '" . $sslfile . "' in '" . $certificate_folder . "'");
 					$return[$index] = null;
 				}
 			}
 		} else {
 			$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not find certificate-folder '" . $certificate_folder . "'");
 		}
 	}
-	private static function checkInstall()
+	/**
 	 * install acme.sh if not found yet
 	 */
 	private static function checkInstall($tries = 0)
 	{
-		if (! file_exists(self::$acmesh)) {
+		if (! file_exists(self::$acmesh) && $tries > 0) {
-			FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Could not find acme.sh - installing it to /root/.acme.sh/");
+			FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Download/installation of acme.sh seems to have failed. Re-run cronjob to try again or install manually to '" . self::$acmesh . "'");
 			echo PHP_EOL . "Download/installation of acme.sh seems to have failed. Re-run cronjob to try again or install manually to '" . self::$acmesh . "'" . PHP_EOL;
 			return false;
 		} else if (! file_exists(self::$acmesh)) {
 			FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Could not find acme.sh - installing it to /root/.acme.sh/");
 			$return = false;
 			\Froxlor\FileDir::safe_exec("wget -O - https://get.acme.sh | sh", $return, array(
 				'|'
 			));
 			// check whether the installation worked
 			return self::checkInstall(++ $tries);
 		}
 		return true;
 	}
 	/**
 	 * run upgrade
 	 */
 	private static function checkUpgrade()
 	{
 		$acmesh_result = \Froxlor\FileDir::safe_exec(self::$acmesh . " --upgrade");
-		FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "Checking for LetsEncrypt client upgrades before renewing certificates:\n" . implode("\n", $acmesh_result));
+		// check for activated cron
 		$acmesh_result2 = \Froxlor\FileDir::safe_exec(self::$acmesh . " --install-cronjob");
 		FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Checking for LetsEncrypt client upgrades before renewing certificates:\n" . implode("\n", $acmesh_result) . "\n" . implode("\n", $acmesh_result2));
 	}
 }
--- a/lib/Froxlor/Cron/Http/Lighttpd.php
+++ b/lib/Froxlor/Cron/Http/Lighttpd.php
@@ -3,7 +3,6 @@ namespace Froxlor\Cron\Http;
 use Froxlor\Database\Database;
 use Froxlor\Settings;
 use Froxlor\Cron\Http\Php\Fpm;
 use Froxlor\Cron\Http\Php\PhpInterface;
 /**
@@ -45,30 +44,6 @@ class Lighttpd extends HttpConfigBase
 	 */
 	private $deactivated = false;
 	public function reload()
 	{
 		if ((int) Settings::Get('phpfpm.enabled') == 1) {
 			// get all start/stop commands
 			$startstop_sel = Database::prepare("SELECT reload_cmd, config_dir FROM `" . TABLE_PANEL_FPMDAEMONS . "`");
 			Database::pexecute($startstop_sel);
 			$restart_cmds = $startstop_sel->fetchAll(\PDO::FETCH_ASSOC);
 			// restart all php-fpm instances
 			foreach ($restart_cmds as $restart_cmd) {
 				// check whether the config dir is empty (no domains uses this daemon)
 				// so we need to create a dummy
 				$_conffiles = glob(\Froxlor\FileDir::makeCorrectFile($restart_cmd['config_dir'] . "/*.conf"));
 				if ($_conffiles === false || empty($_conffiles)) {
 					$this->logger->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, 'lighttpd::reload: fpm config directory "' . $restart_cmd['config_dir'] . '" is empty. Creating dummy.');
 					Fpm::createDummyPool($restart_cmd['config_dir']);
 				}
 				$this->logger->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, 'lighttpd::reload: running ' . $restart_cmd['reload_cmd']);
 				\Froxlor\FileDir::safe_exec(escapeshellcmd($restart_cmd['reload_cmd']));
 			}
 		}
 		$this->logger->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, 'lighttpd::reload: reloading lighttpd');
 		\Froxlor\FileDir::safe_exec(escapeshellcmd(Settings::Get('system.apachereload_command')));
 	}
 	public function createIpPort()
 	{
 		$result_ipsandports_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` ORDER BY `ip` ASC, `port` ASC");
@@ -200,7 +175,7 @@ class Lighttpd extends HttpConfigBase
 					);
 				}
-				if ($row_ipsandports['specialsettings'] != '') {
+				if ($row_ipsandports['specialsettings'] != '' && ($row_ipsandports['ssl'] == '0' || ($row_ipsandports['ssl'] == '1' && Settings::Get('system.use_ssl') == '1' && $row_ipsandports['include_specialsettings'] == '1'))) {
 					$this->lighttpd_data[$vhost_filename] .= $this->processSpecialConfigTemplate($row_ipsandports['specialsettings'], $domain, $row_ipsandports['ip'], $row_ipsandports['port'], $row_ipsandports['ssl'] == '1') . "\n";
 				}
@@ -208,6 +183,11 @@ class Lighttpd extends HttpConfigBase
 			}
 			if ($row_ipsandports['ssl'] == '1') {
 				if ($row_ipsandports['ssl_specialsettings'] != '') {
 					$this->lighttpd_data[$vhost_filename] .= $this->processSpecialConfigTemplate($row_ipsandports['ssl_specialsettings'], $domain, $row_ipsandports['ip'], $row_ipsandports['port'], $row_ipsandports['ssl'] == '1') . "\n";
 				}
 				if ($row_ipsandports['ssl_cert_file'] == '') {
 					$row_ipsandports['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
 					if (! file_exists($row_ipsandports['ssl_cert_file'])) {
@@ -316,7 +296,7 @@ class Lighttpd extends HttpConfigBase
 			}
 			$defhandler = Settings::Get('defaultwebsrverrhandler.err404');
-			if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
+			if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
 				$defhandler = \Froxlor\FileDir::makeCorrectFile($defhandler);
 			}
 			$this->lighttpd_data[$vhost_filename] = 'server.error-handler-404 = "' . $defhandler . '"';
@@ -396,6 +376,7 @@ class Lighttpd extends HttpConfigBase
 	protected function createLighttpdHosts($ipid, $ssl, $vhost_filename)
 	{
 		$domains = WebserverBase::getVhostsToCreate();
 		$included_vhosts = array();
 		foreach ($domains as $domain) {
 			if (is_dir(Settings::Get('system.apacheconf_vhost'))) {
@@ -451,7 +432,7 @@ class Lighttpd extends HttpConfigBase
 	protected function getVhostContent($domain, $ssl_vhost = false, $ipid = 0)
 	{
-		if ($ssl_vhost === true && $domain['ssl'] != '1' && $domain['ssl_redirect'] != '1') {
+		if ($ssl_vhost === true && $domain['ssl'] != '1' && $domain['ssl_enabled'] != '1'  && $domain['ssl_redirect'] != '1') {
 			return '';
 		}
@@ -475,7 +456,7 @@ class Lighttpd extends HttpConfigBase
 				'domainid' => $domain['id']
 			));
-			if ($ssldestport['port'] != '') {
+			if ($ssldestport && $ssldestport['port'] != '') {
 				$_sslport = ":" . $ssldestport['port'];
 			}
@@ -536,17 +517,29 @@ class Lighttpd extends HttpConfigBase
 					$vhost_content .= $this->getSslSettings($domain, $ssl_vhost);
-					if ($domain['specialsettings'] != "") {
+					if ($domain['specialsettings'] != '' && ($ssl_vhost == false || ($ssl_vhost == true && $domain['include_specialsettings'] == 1))) {
 						$vhost_content .= $this->processSpecialConfigTemplate($domain['specialsettings'], $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
 					}
-					if ($ipandport['default_vhostconf_domain'] != '') {
+					if ($domain['ssl_specialsettings'] != '' && $ssl_vhost == true) {
 						$vhost_content .= $this->processSpecialConfigTemplate($domain['ssl_specialsettings'], $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
 					}
 					if ($ipandport['default_vhostconf_domain'] != '' && ($ssl_vhost == false || ($ssl_vhost == true && $ipandport['include_default_vhostconf_domain'] == '1'))) {
 						$vhost_content .= $this->processSpecialConfigTemplate($ipandport['default_vhostconf_domain'], $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
 					}
-					if (Settings::Get('system.default_vhostconf') != '') {
+					if ($ipandport['ssl_default_vhostconf_domain'] != '' && $ssl_vhost == true) {
 						$vhost_content .= $this->processSpecialConfigTemplate($ipandport['ssl_default_vhostconf_domain'], $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
 					}
 					if (Settings::Get('system.default_vhostconf') != '' && ($ssl_vhost == false || ($ssl_vhost == true && Settings::Get('system.include_default_vhostconf') == 1))) {
 						$vhost_content .= $this->processSpecialConfigTemplate(Settings::Get('system.default_vhostconf'), $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
 					}
 					if (Settings::Get('system.default_sslvhostconf') != '' && $ssl_vhost == true) {
 						$vhost_content .= $this->processSpecialConfigTemplate(Settings::Get('system.default_sslvhostconf'), $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
 					}
 				}
 				$vhost_content .= $this->getLogFiles($domain);
 			}
@@ -577,6 +570,8 @@ class Lighttpd extends HttpConfigBase
 			if ($domain['ssl_cert_file'] != '') {
 				$ssl_cipher_list = ($domain['override_tls'] == '1' && ! empty($domain['ssl_cipher_list'])) ? $domain['ssl_cipher_list'] : Settings::Get('system.ssl_cipher_list');
 				// ssl.engine only necessary once in the ip/port vhost (SERVER['socket'] condition)
 				// $ssl_settings .= 'ssl.engine = "enable"' . "\n";
 				$ssl_settings .= 'ssl.use-compression = "disable"' . "\n";
@@ -590,8 +585,8 @@ class Lighttpd extends HttpConfigBase
 				}
 				$ssl_settings .= 'ssl.use-sslv2 = "disable"' . "\n";
 				$ssl_settings .= 'ssl.use-sslv3 = "disable"' . "\n";
-				$ssl_settings .= 'ssl.cipher-list = "' . Settings::Get('system.ssl_cipher_list') . '"' . "\n";
+				$ssl_settings .= 'ssl.cipher-list = "' . $ssl_cipher_list . '"' . "\n";
-				$ssl_settings .= 'ssl.honor-cipher-order = "enable"' . "\n";
+				$ssl_settings .= 'ssl.honor-cipher-order = ' . ($domain['ssl_honorcipherorder'] == '1' ? '"enable"' : '"disable"') . "\n";
 				$ssl_settings .= 'ssl.pemfile = "' . \Froxlor\FileDir::makeCorrectFile($domain['ssl_cert_file']) . '"' . "\n";
 				if ($domain['ssl_ca_file'] != '') {
@@ -707,7 +702,7 @@ class Lighttpd extends HttpConfigBase
 			if (! empty($row['error404path'])) {
 				$defhandler = $row['error404path'];
-				if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
+				if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
 					$defhandler = \Froxlor\FileDir::makeCorrectFile($domain['documentroot'] . '/' . $defhandler);
 				}
 				$error_string .= '  server.error-handler-404 = "' . $defhandler . '"' . "\n\n";
@@ -765,23 +760,21 @@ class Lighttpd extends HttpConfigBase
 		));
 		while ($row_htpasswds = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
-			if ($auth_backend_loaded[$domain['ipandport']] != 'yes' && $auth_backend_loaded[$domain['ssl_ipandport']] != 'yes') {
+			if ($this->auth_backend_loaded[$domain['ipandport']] != 'yes' && $this->auth_backend_loaded[$domain['ssl_ipandport']] != 'yes') {
 				$filename = $domain['customerid'] . '.htpasswd';
 				if ($this->auth_backend_loaded[$domain['ipandport']] != 'yes') {
-					$auth_backend_loaded[$domain['ipandport']] = 'yes';
+					$this->auth_backend_loaded[$domain['ipandport']] = 'yes';
 					$diroption_text .= 'auth.backend = "htpasswd"' . "\n";
 					$diroption_text .= 'auth.backend.htpasswd.userfile = "' . \Froxlor\FileDir::makeCorrectFile(Settings::Get('system.apacheconf_htpasswddir') . '/' . $filename) . '"' . "\n";
 					$this->needed_htpasswds[$filename] = $row_htpasswds['username'] . ':' . $row_htpasswds['password'] . "\n";
 					$diroption_text .= 'auth.require = ( ' . "\n";
 					$previous_domain_id = '1';
 				} elseif ($this->auth_backend_loaded[$domain['ssl_ipandport']] != 'yes') {
-					$auth_backend_loaded[$domain['ssl_ipandport']] = 'yes';
+					$this->auth_backend_loaded[$domain['ssl_ipandport']] = 'yes';
 					$diroption_text .= 'auth.backend= "htpasswd"' . "\n";
 					$diroption_text .= 'auth.backend.htpasswd.userfile = "' . \Froxlor\FileDir::makeCorrectFile(Settings::Get('system.apacheconf_htpasswddir') . '/' . $filename) . '"' . "\n";
 					$this->needed_htpasswds[$filename] = $row_htpasswds['username'] . ':' . $row_htpasswds['password'] . "\n";
 					$diroption_text .= 'auth.require = ( ' . "\n";
 					$previous_domain_id = '1';
 				}
 			}
--- a/lib/Froxlor/Cron/Http/Nginx.php
+++ b/lib/Froxlor/Cron/Http/Nginx.php
@@ -3,7 +3,6 @@ namespace Froxlor\Cron\Http;
 use Froxlor\Database\Database;
 use Froxlor\Settings;
 use Froxlor\Cron\Http\Php\Fpm;
 use Froxlor\Cron\Http\Php\PhpInterface;
 /**
@@ -55,39 +54,6 @@ class Nginx extends HttpConfigBase
 		$this->nginx_server = $nginx_server;
 	}
 	public function reload()
 	{
 		if ((int) Settings::Get('phpfpm.enabled') == 1) {
 			// get all start/stop commands
 			$startstop_sel = Database::prepare("SELECT reload_cmd, config_dir FROM `" . TABLE_PANEL_FPMDAEMONS . "`");
 			Database::pexecute($startstop_sel);
 			$restart_cmds = $startstop_sel->fetchAll(\PDO::FETCH_ASSOC);
 			// restart all php-fpm instances
 			foreach ($restart_cmds as $restart_cmd) {
 				// check whether the config dir is empty (no domains uses this daemon)
 				// so we need to create a dummy
 				$_conffiles = glob(\Froxlor\FileDir::makeCorrectFile($restart_cmd['config_dir'] . "/*.conf"));
 				if ($_conffiles === false || empty($_conffiles)) {
 					\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, 'nginx::reload: fpm config directory "' . $restart_cmd['config_dir'] . '" is empty. Creating dummy.');
 					Fpm::createDummyPool($restart_cmd['config_dir']);
 				}
 				\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, 'nginx::reload: running ' . $restart_cmd['reload_cmd']);
 				\Froxlor\FileDir::safe_exec(escapeshellcmd($restart_cmd['reload_cmd']));
 			}
 		}
 		\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, 'nginx::reload: reloading nginx');
 		\Froxlor\FileDir::safe_exec(Settings::Get('system.apachereload_command'));
 		/**
 		 * nginx does not auto-spawn fcgi-processes
 		 */
 		if (Settings::Get('system.phpreload_command') != '' && (int) Settings::Get('phpfpm.enabled') == 0) {
 			\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, 'nginx::reload: restarting php processes');
 			\Froxlor\FileDir::safe_exec(Settings::Get('system.phpreload_command'));
 		}
 	}
 	private function createLogformatEntry()
 	{
 		if (Settings::Get('system.logfiles_format') != '') {
@@ -105,7 +71,7 @@ class Nginx extends HttpConfigBase
 			}
 			$logtype = 'frx_custom';
-			$this->nginx_data[$vhosts_filename] = 'log_format ' . $logtype . ' "' . Settings::Get('system.logfiles_format') . '";' . "\n";
+			$this->nginx_data[$vhosts_filename] = 'log_format ' . $logtype . ' ' . Settings::Get('system.logfiles_format') . ';' . "\n";
 		}
 	}
@@ -137,7 +103,7 @@ class Nginx extends HttpConfigBase
 			foreach ($statusCodes as $statusCode) {
 				if (Settings::Get('defaultwebsrverrhandler.err' . $statusCode) != '') {
 					$defhandler = Settings::Get('defaultwebsrverrhandler.err' . $statusCode);
-					if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
+					if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
 						$defhandler = \Froxlor\FileDir::makeCorrectFile($defhandler);
 					}
 					$this->nginx_data[$vhosts_filename] .= 'error_page ' . $statusCode . ' ' . $defhandler . ';' . "\n";
@@ -250,7 +216,7 @@ class Nginx extends HttpConfigBase
 				$aliases = "";
 				$froxlor_aliases = Settings::Get('system.froxloraliases');
-				if (!empty($froxlor_aliases)) {
+				if (! empty($froxlor_aliases)) {
 					$froxlor_aliases = explode(",", $froxlor_aliases);
 					foreach ($froxlor_aliases as $falias) {
 						if (\Froxlor\Validate\Validate::validateDomain(trim($falias))) {
@@ -260,7 +226,12 @@ class Nginx extends HttpConfigBase
 					$aliases = " " . trim($aliases);
 				}
 				$this->nginx_data[$vhost_filename] .= "\t" . 'server_name    ' . Settings::Get('system.hostname') . $aliases . ';' . "\n";
-				$this->nginx_data[$vhost_filename] .= "\t" . 'access_log      /var/log/nginx/access.log;' . "\n";
+
 				$logtype = 'combined';
 				if (Settings::Get('system.logfiles_format') != '') {
 					$logtype = 'frx_custom';
 				}
 				$this->nginx_data[$vhost_filename] .= "\t" . 'access_log     /var/log/nginx/access.log ' . $logtype . ';' . "\n";
 				if (Settings::Get('system.use_ssl') == '1' && Settings::Get('system.leenabled') == '1' && Settings::Get('system.le_froxlor_enabled') == '1') {
 					$acmeConfFilename = Settings::Get('system.letsencryptacmeconf');
@@ -278,7 +249,7 @@ class Nginx extends HttpConfigBase
 						$is_redirect = false;
 					} else {
 						$_sslport = $this->checkAlternativeSslPort();
-						$mypath = 'https://' . Settings::Get('system.hostname') . $_sslport . '/';
+						$mypath = 'https://' . Settings::Get('system.hostname') . $_sslport;
 						$this->nginx_data[$vhost_filename] .= "\t" . 'location / {' . "\n";
 						$this->nginx_data[$vhost_filename] .= "\t\t" . 'return 301 ' . $mypath . '$request_uri;' . "\n";
 						$this->nginx_data[$vhost_filename] .= "\t" . '}' . "\n";
@@ -292,7 +263,7 @@ class Nginx extends HttpConfigBase
 					$this->nginx_data[$vhost_filename] .= "\t" . '}' . "\n";
 				}
-				if ($row_ipsandports['specialsettings'] != '') {
+				if ($row_ipsandports['specialsettings'] != '' && ($row_ipsandports['ssl'] == '0' || ($row_ipsandports['ssl'] == '1' && Settings::Get('system.use_ssl') == '1' && $row_ipsandports['include_specialsettings'] == '1'))) {
 					$this->nginx_data[$vhost_filename] .= $this->processSpecialConfigTemplate($row_ipsandports['specialsettings'], array(
 						'domain' => Settings::Get('system.hostname'),
 						'loginname' => Settings::Get('phpfpm.vhost_httpuser'),
@@ -306,14 +277,24 @@ class Nginx extends HttpConfigBase
 				 */
 				if ($row_ipsandports['ssl'] == '1') {
 					$row_ipsandports['domain'] = Settings::Get('system.hostname');
 					$row_ipsandports['ssl_honorcipherorder'] = Settings::Get('system.honorcipherorder');
 					$row_ipsandports['ssl_sessiontickets'] = Settings::Get('system.sessiontickets');
 					$this->nginx_data[$vhost_filename] .= $this->composeSslSettings($row_ipsandports);
 					if ($row_ipsandports['ssl_specialsettings'] != '') {
 						$this->nginx_data[$vhost_filename] .= $this->processSpecialConfigTemplate($row_ipsandports['ssl_specialsettings'], array(
 							'domain' => Settings::Get('system.hostname'),
 							'loginname' => Settings::Get('phpfpm.vhost_httpuser'),
 							'documentroot' => $mypath,
 							'customerroot' => $mypath
 						), $row_ipsandports['ip'], $row_ipsandports['port'], $row_ipsandports['ssl'] == '1') . "\n";
 					}
 				}
 				if (! $is_redirect) {
 					$this->nginx_data[$vhost_filename] .= "\tlocation ~ \.php {\n";
-					$this->nginx_data[$vhost_filename] .= "\t\tfastcgi_split_path_info ^(.+\.php)(/.+)\$;\n";
+					$this->nginx_data[$vhost_filename] .= "\t\tfastcgi_split_path_info ^(.+?\.php)(/.*)$;\n";
 					$this->nginx_data[$vhost_filename] .= "\t\tinclude " . Settings::Get('nginx.fastcgiparams') . ";\n";
-					$this->nginx_data[$vhost_filename] .= "\t\tfastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;\n";
+					$this->nginx_data[$vhost_filename] .= "\t\tfastcgi_param SCRIPT_FILENAME \$request_filename;\n";
 					$this->nginx_data[$vhost_filename] .= "\t\tfastcgi_param PATH_INFO \$fastcgi_path_info;\n";
 					$this->nginx_data[$vhost_filename] .= "\t\ttry_files \$fastcgi_script_name =404;\n";
@@ -481,10 +462,12 @@ class Nginx extends HttpConfigBase
 				$ipport = $domain['ip'] . ':' . $domain['port'];
 			}
-			if ($ipandport['default_vhostconf_domain'] != '') {
+			if ($ipandport['default_vhostconf_domain'] != '' && ($ssl_vhost == false || ($ssl_vhost == true && $ipandport['include_default_vhostconf_domain'] == '1'))) {
 				$_vhost_content .= $this->processSpecialConfigTemplate($ipandport['default_vhostconf_domain'], $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
 			}
-
+			if ($ipandport['ssl_default_vhostconf_domain'] != '' && $ssl_vhost == true) {
 				$_vhost_content .= $this->processSpecialConfigTemplate($ipandport['ssl_default_vhostconf_domain'], $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
 			}
 			$http2 = $ssl_vhost == true && (isset($domain['http2']) && $domain['http2'] == '1' && Settings::Get('system.http2_support') == '1');
 			$vhost_content .= "\t" . 'listen ' . $ipport . ($ssl_vhost == true ? ' ssl' : '') . ($http2 == true ? ' http2' : '') . ';' . "\n";
@@ -510,7 +493,7 @@ class Nginx extends HttpConfigBase
 				'domainid' => $domain['id']
 			));
-			if ($ssldestport['port'] != '') {
+			if ($ssldestport && $ssldestport['port'] != '') {
 				$_sslport = ":" . $ssldestport['port'];
 			}
@@ -556,17 +539,25 @@ class Nginx extends HttpConfigBase
 				$vhost_content .= isset($this->needed_htpasswds[$domain['id']]) ? $this->needed_htpasswds[$domain['id']] . "\n" : '';
-				if ($domain['specialsettings'] != "") {
+				if ($domain['specialsettings'] != '' && ($ssl_vhost == false || ($ssl_vhost == true && $domain['include_specialsettings'] == 1))) {
 					$vhost_content = $this->mergeVhostCustom($vhost_content, $this->processSpecialConfigTemplate($domain['specialsettings'], $domain, $domain['ip'], $domain['port'], $ssl_vhost));
 				}
 				if ($domain['ssl_specialsettings'] != '' && $ssl_vhost == true) {
 					$vhost_content = $this->mergeVhostCustom($vhost_content, $this->processSpecialConfigTemplate($domain['ssl_specialsettings'], $domain, $domain['ip'], $domain['port'], $ssl_vhost));
 				}
 				if ($_vhost_content != '') {
 					$vhost_content = $this->mergeVhostCustom($vhost_content, $_vhost_content);
 				}
-				if (Settings::Get('system.default_vhostconf') != '') {
+				if (Settings::Get('system.default_vhostconf') != '' && ($ssl_vhost == false || ($ssl_vhost == true && Settings::Get('system.include_default_vhostconf') == 1))) {
 					$vhost_content = $this->mergeVhostCustom($vhost_content, $this->processSpecialConfigTemplate(Settings::Get('system.default_vhostconf'), $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n");
 				}
 				if (Settings::Get('system.default_sslvhostconf') != '' && $ssl_vhost == true) {
 					$vhost_content = $this->mergeVhostCustom($vhost_content, $this->processSpecialConfigTemplate(Settings::Get('system.default_sslvhostconf'), $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n");
 				}
 			}
 		}
 		$vhost_content .= "\n}\n\n";
@@ -574,26 +565,40 @@ class Nginx extends HttpConfigBase
 		return $vhost_content;
 	}
 	private function cleanVhostStruct($vhost = null)
 	{
 		// Remove windows linebreaks
 		$vhost = str_replace("\r", "\n", $vhost);
 		// remove comments
 		$vhost = implode("\n", preg_replace('/^(\s+)?#(.*)$/', '', explode("\n", $vhost)));
 		// Break blocks into lines
 		$vhost = str_replace(array(
 			"{",
 			"}"
 		), array(
 			" {\n",
 			"\n}"
 		), $vhost);
 		// Break into array items
 		$vhost = explode("\n", preg_replace('/[ \t]+/', ' ', trim(preg_replace('/\t+/', '', $vhost))));
 		// Remove empty lines
 		$vhost = array_filter($vhost, function ($a) {
 			return preg_match("#\S#", $a);
 		});
 		// remove unnecessary whitespaces
 		$vhost = array_map("trim", $vhost);
 		// re-number array keys
 		$vhost = array_values($vhost);
 		return $vhost;
 	}
 	protected function mergeVhostCustom($vhost_frx, $vhost_usr)
 	{
 		// Clean froxlor defined settings
-		$vhost_frx = explode("\n", preg_replace('/[ \t]+/', ' ', trim(preg_replace('/\t+/', '', $vhost_frx)))); // Break into array items
+		$vhost_frx = $this->cleanVhostStruct($vhost_frx);
 		$vhost_frx = array_map("trim", $vhost_frx); // remove unnecessary whitespaces
 		// Clean user defined settings
-		$vhost_usr = str_replace("\r", "\n", $vhost_usr); // Remove windows linebreaks
+		$vhost_usr = $this->cleanVhostStruct($vhost_usr);
 		$vhost_usr = str_replace(array(
 			"{ ",
 			" }"
 		), array(
 			"{\n",
 			"\n}"
 		), $vhost_usr); // Break blocks into lines
 		$vhost_usr = explode("\n", preg_replace('/[ \t]+/', ' ', trim(preg_replace('/\t+/', '', $vhost_usr)))); // Break into array items
 		// Remove empty lines
 		$vhost_usr = array_filter($vhost_usr, function ($a) {
 			return preg_match("#\S#", $a);
 		});
 		// Cycle through the user defined settings
 		$currentBlock = array();
@@ -682,19 +687,31 @@ class Nginx extends HttpConfigBase
 			if (! file_exists($domain_or_ip['ssl_cert_file'])) {
 				\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_ERR, $domain_or_ip['domain'] . ' :: certificate file "' . $domain_or_ip['ssl_cert_file'] . '" does not exist! Cannot create ssl-directives');
 			} else {
 				$ssl_protocols = (isset($domain_or_ip['override_tls']) && $domain_or_ip['override_tls'] == '1' && ! empty($domain_or_ip['ssl_protocols'])) ? $domain_or_ip['ssl_protocols'] : Settings::Get('system.ssl_protocols');
 				$ssl_cipher_list = (isset($domain_or_ip['override_tls']) && $domain_or_ip['override_tls'] == '1' && ! empty($domain_or_ip['ssl_cipher_list'])) ? $domain_or_ip['ssl_cipher_list'] : Settings::Get('system.ssl_cipher_list');
 				// obsolete: ssl on now belongs to the listen block as 'ssl' at the end
 				// $sslsettings .= "\t" . 'ssl on;' . "\n";
-				$sslsettings .= "\t" . 'ssl_protocols ' . str_replace(",", " ", Settings::Get('system.ssl_protocols')) . ';' . "\n";
+				$sslsettings .= "\t" . 'ssl_protocols ' . str_replace(",", " ", $ssl_protocols) . ';' . "\n";
-				$sslsettings .= "\t" . 'ssl_ciphers ' . Settings::Get('system.ssl_cipher_list') . ';' . "\n";
+				$sslsettings .= "\t" . 'ssl_ciphers ' . $ssl_cipher_list . ';' . "\n";
 				if (! empty(Settings::Get('system.dhparams_file'))) {
 					$dhparams = \Froxlor\FileDir::makeCorrectFile(Settings::Get('system.dhparams_file'));
 					if (! file_exists($dhparams)) {
 						\Froxlor\FileDir::safe_exec('openssl dhparam -out ' . escapeshellarg($dhparams) . ' 4096');
 					}
-					$sslsettings .= 'ssl_dhparam ' . $dhparams . ';' . "\n";
+					$sslsettings .= "\t" . 'ssl_dhparam ' . $dhparams . ';' . "\n";
 				}
-				$sslsettings .= "\t" . 'ssl_ecdh_curve secp384r1;' . "\n";
+				// When <1.11.0: Defaults to prime256v1, similar to first curve recommendation by Mozilla.
-				$sslsettings .= "\t" . 'ssl_prefer_server_ciphers on;' . "\n";
+				// (When specifyng just one, there's no fallback when specific curve is not supported by client.)
 				// When >1.11.0: Defaults to auto, using recommended curves provided by OpenSSL.
 				// see https://github.com/Froxlor/Froxlor/issues/652
 				// $sslsettings .= "\t" . 'ssl_ecdh_curve secp384r1;' . "\n";
 				$sslsettings .= "\t" . 'ssl_prefer_server_ciphers ' .  (isset($domain_or_ip['ssl_honorcipherorder']) && $domain_or_ip['ssl_honorcipherorder'] == '1' ? 'on' : 'off') . ';' . "\n";
 				if (Settings::Get('system.sessionticketsenabled') == '1') {
 					$sslsettings .= "\t" . 'ssl_session_tickets ' .  (isset($domain_or_ip['ssl_sessiontickets']) && $domain_or_ip['ssl_sessiontickets'] == '1' ? 'on' : 'off') . ';' . "\n";
 				}
 				$sslsettings .= "\t" . 'ssl_session_cache shared:SSL:10m;' . "\n";
 				$sslsettings .= "\t" . 'ssl_certificate ' . \Froxlor\FileDir::makeCorrectFile($domain_or_ip['ssl_cert_file']) . ';' . "\n";
 				if ($domain_or_ip['ssl_key_file'] != '') {
@@ -745,7 +762,7 @@ class Nginx extends HttpConfigBase
 		while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			if (! empty($row['error404path'])) {
 				$defhandler = $row['error404path'];
-				if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
+				if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
 					$defhandler = \Froxlor\FileDir::makeCorrectFile($defhandler);
 				}
 				$path_options .= "\t" . 'error_page   404    ' . $defhandler . ';' . "\n";
@@ -753,7 +770,7 @@ class Nginx extends HttpConfigBase
 			if (! empty($row['error403path'])) {
 				$defhandler = $row['error403path'];
-				if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
+				if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
 					$defhandler = \Froxlor\FileDir::makeCorrectFile($defhandler);
 				}
 				$path_options .= "\t" . 'error_page   403    ' . $defhandler . ';' . "\n";
@@ -761,7 +778,7 @@ class Nginx extends HttpConfigBase
 			if (! empty($row['error500path'])) {
 				$defhandler = $row['error500path'];
-				if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
+				if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
 					$defhandler = \Froxlor\FileDir::makeCorrectFile($defhandler);
 				}
 				$path_options .= "\t" . 'error_page   500 502 503 504    ' . $defhandler . ';' . "\n";
@@ -911,6 +928,7 @@ class Nginx extends HttpConfigBase
 					$path = \Froxlor\FileDir::makeCorrectDir(substr($row_htpasswds['path'], strlen($domain['documentroot']) - 1));
 				} else {
 					// if the website contents is located in a subdirectory of the user
 					$matches = array();
 					preg_match('/^([\/[:print:]]*\/)([[:print:]\/]+){1}$/i', $row_htpasswds['path'], $matches);
 					$path = \Froxlor\FileDir::makeCorrectDir(substr($row_htpasswds['path'], strlen($matches[1]) - 1));
 				}
@@ -949,9 +967,9 @@ class Nginx extends HttpConfigBase
 			$phpopts .= "\t" . '}' . "\n\n";
 			$phpopts .= "\tlocation @php {\n";
-			$phpopts .= "\t\tfastcgi_split_path_info ^(.+\.php)(/.+)\$;\n";
+			$phpopts .= "\t\tfastcgi_split_path_info ^(.+?\.php)(/.*)$;\n";
 			$phpopts .= "\t\tinclude " . Settings::Get('nginx.fastcgiparams') . ";\n";
-			$phpopts .= "\t\tfastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;\n";
+			$phpopts .= "\t\tfastcgi_param SCRIPT_FILENAME \$request_filename;\n";
 			$phpopts .= "\t\tfastcgi_param PATH_INFO \$fastcgi_path_info;\n";
 			$phpopts .= "\t\ttry_files \$fastcgi_script_name =404;\n";
 			$phpopts .= "\t\tfastcgi_pass " . Settings::Get('system.nginx_php_backend') . ";\n";
--- a/lib/Froxlor/Cron/Http/NginxFcgi.php
+++ b/lib/Froxlor/Cron/Http/NginxFcgi.php
@@ -35,10 +35,10 @@ class NginxFcgi extends Nginx
 			$php_options_text .= "\t" . '}' . "\n\n";
 			$php_options_text .= "\t" . 'location @php {' . "\n";
-			$php_options_text .= "\t\t" . 'try_files $1 = 404;' . "\n\n";
+			$php_options_text .= "\t\t" . 'try_files $1 =404;' . "\n\n";
 			$php_options_text .= "\t\t" . 'include ' . Settings::Get('nginx.fastcgiparams') . ";\n";
-			$php_options_text .= "\t\t" . 'fastcgi_split_path_info ^(.+\.php)(/.+)\$;' . "\n";
+			$php_options_text .= "\t\t" . 'fastcgi_split_path_info ^(.+?\.php)(/.*)$;' . "\n";
-			$php_options_text .= "\t\t" . 'fastcgi_param SCRIPT_FILENAME $document_root$1;' . "\n";
+			$php_options_text .= "\t\t" . 'fastcgi_param SCRIPT_FILENAME $request_filename;' . "\n";
 			$php_options_text .= "\t\t" . 'fastcgi_param PATH_INFO $2;' . "\n";
 			if ($domain['ssl'] == '1' && $ssl_vhost) {
 				$php_options_text .= "\t\t" . 'fastcgi_param HTTPS on;' . "\n";
--- a/lib/Froxlor/Cron/Http/Php/Fpm.php
+++ b/lib/Froxlor/Cron/Http/Php/Fpm.php
@@ -115,6 +115,7 @@ class Fpm
 			$fpm_requests = (int) $this->fpm_cfg['max_requests'];
 			$fpm_process_idle_timeout = (int) $this->fpm_cfg['idle_timeout'];
 			$fpm_limit_extensions = $this->fpm_cfg['limit_extensions'];
 			$fpm_custom_config = $this->fpm_cfg['custom_config'];
 			if ($fpm_children == 0) {
 				$fpm_children = 1;
@@ -260,6 +261,12 @@ class Fpm
 				$fpm_config .= 'php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f ' . $this->domain['email'] . "\n";
 			}
 			// append custom phpfpm configuration
 			if (! empty($fpm_custom_config)) {
 				$fpm_config .= "\n; Custom Configuration\n";
 				$fpm_config .= \Froxlor\PhpHelper::replaceVariables($fpm_custom_config, $php_ini_variables);
 			}
 			fwrite($fh, $fpm_config, strlen($fpm_config));
 			fclose($fh);
 		}
--- a/lib/Froxlor/Cron/Http/WebserverBase.php
+++ b/lib/Froxlor/Cron/Http/WebserverBase.php
@@ -36,9 +36,7 @@ class WebserverBase
 				`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`,
 				`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
 				`c`.`phpenabled` AS `phpenabled_customer`,
-				`d`.`phpenabled` AS `phpenabled_vhost`,
+				`d`.`phpenabled` AS `phpenabled_vhost`
 				`d`.`mod_fcgid_starter`,`d`.`mod_fcgid_maxrequests`,
 				`d`.`ocsp_stapling`
 				FROM `" . TABLE_PANEL_DOMAINS . "` `d`
 				LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`)
--- a/lib/Froxlor/Cron/MasterCron.php
+++ b/lib/Froxlor/Cron/MasterCron.php
@@ -44,8 +44,9 @@ class MasterCron extends \Froxlor\Cron\FroxlorCron
 			echo "Below are possible parameters for this file\n\n";
 			echo "--[cronname]\t\tincludes the given cron-file\n";
 			echo "--force\t\t\tforces re-generating of config-files (webserver, nameserver, etc.)\n";
 			echo "--run-task\t\trun a specific task [1 = re-generate configs, 4 = re-generate dns zones, 10 = re-set quotas, 99 = re-create cron.d-file]\n";
 			echo "--debug\t\t\toutput debug information about what is going on to STDOUT.\n";
-			echo "--no-fork\t\t\tdo not fork to backkground (traffic cron only).\n\n";
+			echo "--no-fork\t\tdo not fork to backkground (traffic cron only).\n\n";
 		}
 		/**
@@ -70,10 +71,19 @@ class MasterCron extends \Froxlor\Cron\FroxlorCron
 					// also regenerate cron.d-file
 					\Froxlor\System\Cronjob::inserttask('99');
 					array_push($jobs_to_run, 'tasks');
 					define('CRON_IS_FORCED', 1);
 				} elseif (strtolower($argv[$x]) == '--debug') {
 					define('CRON_DEBUG_FLAG', 1);
 				} elseif (strtolower($argv[$x]) == '--no-fork') {
 					define('CRON_NOFORK_FLAG', 1);
 				} elseif (strtolower($argv[$x]) == '--run-task') {
 					if (isset($argv[$x+1]) && in_array($argv[$x+1], [1,4,10,99])) {
 						\Froxlor\System\Cronjob::inserttask($argv[$x+1]);
 						array_push($jobs_to_run, 'tasks');
 					} else {
 						echo "Invalid argument for --run-task\n";
 						exit;
 					}
 				} elseif (substr(strtolower($argv[$x]), 0, 2) == '--') {
 					// --[cronname]
 					if (strlen($argv[$x]) > 3) {
@@ -90,34 +100,18 @@ class MasterCron extends \Froxlor\Cron\FroxlorCron
 		$tasks_cnt_stmt = \Froxlor\Database\Database::query("SELECT COUNT(*) as jobcnt FROM `panel_tasks`");
 		$tasks_cnt = $tasks_cnt_stmt->fetch(\PDO::FETCH_ASSOC);
-		
+
 		// do we have anything to include?
 		if (count($jobs_to_run) > 0) {
 			// include all jobs we want to execute
 			foreach ($jobs_to_run as $cron) {
-				self::updateLastRunOfCron($cron);
+				\Froxlor\System\Cronjob::updateLastRunOfCron($cron);
 				$cronfile = self::getCronModule($cron);
 				if ($cronfile && class_exists($cronfile)) {
 					$cronfile::run();
 				}
 			}
-
+			self::refreshUsers($tasks_cnt['jobcnt']);
 			if ($tasks_cnt['jobcnt'] > 0) {
 				if (\Froxlor\Settings::Get('system.nssextrausers') == 1) {
 					\Froxlor\Cron\System\Extrausers::generateFiles(self::$cronlog);
 				}
 				// clear NSCD cache if using fcgid or fpm, #1570
 				if (\Froxlor\Settings::Get('system.mod_fcgid') == 1 || (int) \Froxlor\Settings::Get('phpfpm.enabled') == 1) {
 					$false_val = false;
 					\Froxlor\FileDir::safe_exec('nscd -i passwd 1> /dev/null', $false_val, array(
 						'>'
 					));
 					\Froxlor\FileDir::safe_exec('nscd -i group 1> /dev/null', $false_val, array(
 						'>'
 					));
 				}
 			}
 		}
 		/**
@@ -132,6 +126,26 @@ class MasterCron extends \Froxlor\Cron\FroxlorCron
 		self::shutdown();
 	}
 	private static function refreshUsers($jobcount = 0)
 	{
 		if ($jobcount > 0) {
 			if (\Froxlor\Settings::Get('system.nssextrausers') == 1) {
 				\Froxlor\Cron\System\Extrausers::generateFiles(self::$cronlog);
 			}
 			// clear NSCD cache if using fcgid or fpm, #1570 - not needed for nss-extrausers
 			if ((\Froxlor\Settings::Get('system.mod_fcgid') == 1 || (int) \Froxlor\Settings::Get('phpfpm.enabled') == 1) && \Froxlor\Settings::Get('system.nssextrausers') == 0) {
 				$false_val = false;
 				\Froxlor\FileDir::safe_exec('nscd -i passwd 1> /dev/null', $false_val, array(
 					'>'
 				));
 				\Froxlor\FileDir::safe_exec('nscd -i group 1> /dev/null', $false_val, array(
 					'>'
 				));
 			}
 		}
 	}
 	private static function init()
 	{
 		if (@php_sapi_name() != 'cli' && @php_sapi_name() != 'cgi' && @php_sapi_name() != 'cgi-fcgi') {
@@ -335,16 +349,6 @@ class MasterCron extends \Froxlor\Cron\FroxlorCron
 		}
 	}
 	private static function updateLastRunOfCron($cronname)
 	{
 		$upd_stmt = Database::prepare("
 			UPDATE `" . TABLE_PANEL_CRONRUNS . "` SET `lastrun` = UNIX_TIMESTAMP() WHERE `cronfile` = :cron;
 		");
 		Database::pexecute($upd_stmt, array(
 			'cron' => $cronname
 		));
 	}
 	private static function getCronModule($cronname)
 	{
 		$upd_stmt = Database::prepare("
--- a/lib/Froxlor/Cron/System/BackupCron.php
+++ b/lib/Froxlor/Cron/System/BackupCron.php
@@ -77,6 +77,7 @@ class BackupCron extends \Froxlor\Cron\FroxlorCron
 		$del_stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE `id` = :id");
 		$cronlog = FroxlorLogger::getInstanceOf();
 		$all_jobs = $result_tasks_stmt->fetchAll();
 		foreach ($all_jobs as $row) {
@@ -96,7 +97,7 @@ class BackupCron extends \Froxlor\Cron\FroxlorCron
 						\Froxlor\FileDir::safe_exec('mkdir -p ' . escapeshellarg($row['data']['destdir']));
 					}
-					self::createCustomerBackup($row['data'], $customerdocroot, FroxlorLogger::getInstanceOf());
+					self::createCustomerBackup($row['data'], $customerdocroot, $cronlog);
 				}
 			}
--- a/lib/Froxlor/Cron/System/Extrausers.php
+++ b/lib/Froxlor/Cron/System/Extrausers.php
@@ -67,7 +67,7 @@ class Extrausers
 						'name' => \Froxlor\Customer\Customer::getCustomerDetail($u['customerid'], 'name'),
 						'company' => \Froxlor\Customer\Customer::getCustomerDetail($u['customerid'], 'company')
 					);
-					$u['comment'] = \Froxlor\User::getCorrectUserSalutation($salutation_array);
+					$u['comment'] = self::cleanString(\Froxlor\User::getCorrectUserSalutation($salutation_array));
 					if ($u['login_enabled'] != 'Y') {
 						$u['password'] = '*';
 						$u['shell'] = '/bin/false';
@@ -90,4 +90,10 @@ class Extrausers
 			$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_NOTICE, 'Error when writing ' . $type . ' file entries');
 		}
 	}
 	private static function cleanString($string = null)
 	{
 		$allowed = "/[^a-z0-9\\.\\-\\_\\ ]/i";
 		return preg_replace($allowed, "", $string);
 	}
 }
--- a/lib/Froxlor/Cron/System/MailboxsizeCron.php
+++ b/lib/Froxlor/Cron/System/MailboxsizeCron.php
@@ -38,26 +38,45 @@ class MailboxsizeCron extends \Froxlor\Cron\FroxlorCron
 			$_maildir = \Froxlor\FileDir::makeCorrectDir($maildir['maildirpath']);
 			if (file_exists($_maildir) && is_dir($_maildir)) {
-				// mail-address allows many special characters, see http://en.wikipedia.org/wiki/Email_address#Local_part
+				$maildirsize = \Froxlor\FileDir::makeCorrectFile($_maildir . '/maildirsize');
-				$return = false;
+				
-				$back = \Froxlor\FileDir::safe_exec('du -sk ' . escapeshellarg($_maildir), $return, array(
+				// When quota is enabled and maildirsize file exists, use that to calculate size
-					'|',
+				if (\Froxlor\Settings::Get('system.mail_quota_enabled') == 1 && file_exists($maildirsize)) {
-					'&',
+					\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_NOTICE, 'found maildirsize file in ' . $_maildir);
-					'`',
+					$file = file($maildirsize, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
-					'$',
+					// Remove header
-					'~',
+					array_shift($file);
-					'?'
+					$emailusage = 0;
-				));
+					// Sum up all the changes (line 2 -> end)
-				foreach ($back as $backrow) {
+					foreach ($file as $line) {
-					$emailusage = explode(' ', $backrow);
+						$parts = explode(' ', $line);
 						if (!empty($parts[0])) {
 							$emailusage += floatval($parts[0]);
 						}
 					}
 				} else {
 					// if quota is disabled or maildirsize file does not exist, compute with du
 					// mail-address allows many special characters, see http://en.wikipedia.org/wiki/Email_address#Local_part
 					$return = false;
 					$back = \Froxlor\FileDir::safe_exec('du -sk ' . escapeshellarg($_maildir), $return, array(
 						'|',
 						'&',
 						'`',
 						'$',
 						'~',
 						'?'
 					));
 					foreach ($back as $backrow) {
 						$emailusage = explode(' ', $backrow);
 					}
 					$emailusage = floatval($emailusage['0']);
 					// as freebsd does not have the -b flag for 'du' which gives
 					// the size in bytes, we use "-sk" for all and calculate from KiB
 					$emailusage *= 1024;
 					unset($back);
 				}
 				$emailusage = floatval($emailusage['0']);
 				// as freebsd does not have the -b flag for 'du' which gives
 				// the size in bytes, we use "-sk" for all and calculate from KiB
 				$emailusage *= 1024;
 				unset($back);
 				\Froxlor\Database\Database::pexecute($upd_stmt, array(
 					'size' => $emailusage,
 					'id' => $maildir['id']
--- a/lib/Froxlor/Cron/System/TasksCron.php
+++ b/lib/Froxlor/Cron/System/TasksCron.php
@@ -30,8 +30,9 @@ class TasksCron extends \Froxlor\Cron\FroxlorCron
 		 */
 		self::$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_INFO, "TasksCron: Searching for tasks to do");
 		// no type 99 (regenerate cron.d-file) and no type 20 (customer backup)
 		// order by type descending to re-create bind and then webserver at the end
 		$result_tasks_stmt = Database::query("
-			SELECT `id`, `type`, `data` FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` <> '99' AND `type` <> '20' ORDER BY `id` ASC
+			SELECT `id`, `type`, `data` FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` <> '99' AND `type` <> '20' ORDER BY `type` DESC, `id` ASC
 		");
 		$num_results = Database::num_rows();
 		$resultIDs = array();
@@ -92,6 +93,12 @@ class TasksCron extends \Froxlor\Cron\FroxlorCron
 				 */
 				\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_NOTICE, "Removing PowerDNS entries for domain " . $row['data']['domain']);
 				\Froxlor\Dns\PowerDNS::cleanDomainZone($row['data']['domain']);
 			} elseif ($row['type'] == '12') {
 				/**
 				 * TYPE=12 domain has been deleted, remove from acme.sh/let's encrypt directory if used
 				 */
 				\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_NOTICE, "Removing Let's Encrypt entries for domain " . $row['data']['domain']);
 				\Froxlor\Domain\Domain::doLetsEncryptCleanUp($row['data']['domain']);
 			}
 		}
@@ -102,7 +109,7 @@ class TasksCron extends \Froxlor\Cron\FroxlorCron
 				$where[] = "`id` = :id_" . (int) $id;
 				$where_data['id_' . $id] = $id;
 			}
-			$where = implode($where, ' OR ');
+			$where = implode(' OR ', $where);
 			$del_stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE " . $where);
 			Database::pexecute($del_stmt, $where_data);
 			unset($resultIDs);
@@ -114,10 +121,6 @@ class TasksCron extends \Froxlor\Cron\FroxlorCron
 	private static function rebuildWebserverConfigs()
 	{
 		// get configuration-I/O object
 		$configio = new \Froxlor\Cron\Http\ConfigIO();
 		// clean up old configs
 		$configio->cleanUp();
 		if (Settings::Get('system.webserver') == "apache2") {
 			$websrv = '\\Froxlor\\Cron\\Http\\Apache';
@@ -136,9 +139,15 @@ class TasksCron extends \Froxlor\Cron\FroxlorCron
 			}
 		}
 		// get configuration-I/O object
 		$configio = new \Froxlor\Cron\Http\ConfigIO();
 		// get webserver object
 		$webserver = new $websrv();
 		if (isset($webserver)) {
 			$webserver->init();
 			// clean up old configs
 			$configio->cleanUp();
 			$webserver->createIpPort();
 			$webserver->createVirtualHosts();
 			$webserver->createFileDirOptions();
@@ -231,8 +240,8 @@ class TasksCron extends \Froxlor\Cron\FroxlorCron
 				Extrausers::generateFiles($extrausers_log);
 			}
-			// clear NSCD cache if using fcgid or fpm, #1570
+			// clear NSCD cache if using fcgid or fpm, #1570 - not needed for nss-extrausers
-			if (Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) {
+			if ((Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) && Settings::Get('system.nssextrausers') == 0) {
 				$false_val = false;
 				\Froxlor\FileDir::safe_exec('nscd -i passwd 1> /dev/null', $false_val, array(
 					'>'
@@ -409,17 +418,18 @@ class TasksCron extends \Froxlor\Cron\FroxlorCron
 			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				// We do not want to set a quota for root by accident
 				if ($row['guid'] != 0) {
 					$used_quota = isset($usedquota[$row['guid']]) ? $usedquota[$row['guid']]['block']['hard'] : 0;
 					// The user has no quota in Froxlor, but on the filesystem
-					if (($row['diskspace'] == 0 || $row['diskspace'] == - 1024) && $usedquota[$row['guid']]['block']['hard'] != 0) {
+					if (($row['diskspace'] == 0 || $row['diskspace'] == - 1024) && $used_quota != 0) {
 						\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_NOTICE, "Disabling quota for " . $row['loginname']);
 						if (\Froxlor\FileDir::isFreeBSD()) {
 							\Froxlor\FileDir::safe_exec(Settings::Get('system.diskquota_quotatool_path') . " -e " . escapeshellarg(Settings::Get('system.diskquota_customer_partition')) . ":0:0 " . $row['guid']);
 						} else {
 							\Froxlor\FileDir::safe_exec(Settings::Get('system.diskquota_quotatool_path') . " -u " . $row['guid'] . " -bl 0 -q 0 " . escapeshellarg(Settings::Get('system.diskquota_customer_partition')));
 						}
-					} elseif ($row['diskspace'] != $usedquota[$row['guid']]['block']['hard'] && $row['diskspace'] != - 1024) {
+					} elseif ($row['diskspace'] != $used_quota && $row['diskspace'] != - 1024) {
 						// The user quota in Froxlor is different than on the filesystem
-						\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_NOTICE, "Setting quota for " . $row['loginname'] . " from " . $usedquota[$row['guid']]['block']['hard'] . " to " . $row['diskspace']);
+						\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_NOTICE, "Setting quota for " . $row['loginname'] . " from " . $used_quota . " to " . $row['diskspace']);
 						if (\Froxlor\FileDir::isFreeBSD()) {
 							\Froxlor\FileDir::safe_exec(Settings::Get('system.diskquota_quotatool_path') . " -e " . escapeshellarg(Settings::Get('system.diskquota_customer_partition')) . ":" . $row['diskspace'] . ":" . $row['diskspace'] . " " . $row['guid']);
 						} else {
--- a/lib/Froxlor/Cron/Traffic/ReportsCron.php
+++ b/lib/Froxlor/Cron/Traffic/ReportsCron.php
@@ -36,7 +36,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 		if ((int) Settings::Get('system.report_trafficmax') > 0) {
 			// Warn the customers at xx% traffic-usage
 			$result_stmt = Database::prepare("
-				SELECT `c`.`customerid`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
+				SELECT `c`.`customerid`, `c`.`customernumber`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
 				`c`.`company`, `c`.`traffic`, `c`.`email`, `c`.`def_language`,
 				`a`.`name` AS `adminname`, `a`.`email` AS `adminmail`,
 				(SELECT SUM(`t`.`http` + `t`.`ftp_up` + `t`.`ftp_down` + `t`.`mail`)
@@ -60,11 +60,15 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 					$rep_userinfo = array(
 						'name' => $row['name'],
 						'firstname' => $row['firstname'],
-						'company' => $row['company']
+						'company' => $row['company'],
 						'customernumber' => $row['customernumber']
 					);
 					$replace_arr = array(
 						'SALUTATION' => \Froxlor\User::getCorrectUserSalutation($rep_userinfo),
-						'NAME' => $row['name'], // < keep this for compatibility
+						'NAME' => $rep_userinfo['name'],
 						'FIRSTNAME' => $rep_userinfo['firstname'],
 						'COMPANY' => $rep_userinfo['company'],
 						'CUSTOMER_NO' => $rep_userinfo['customernumber'],
 						'TRAFFIC' => round(($row['traffic'] / 1024), 2), /* traffic is stored in KB, template uses MB */
 						'TRAFFICUSED' => round(($row['traffic_used'] / 1024), 2), /* traffic is stored in KB, template uses MB */
 						'USAGE_PERCENT' => round(($row['traffic_used'] * 100) / $row['traffic'], 2),
@@ -168,8 +172,8 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 					$replace_arr = array(
 						'NAME' => $row['name'],
 						'TRAFFIC' => round(($row['traffic'] / 1024), 2), /* traffic is stored in KB, template uses MB */
-							'TRAFFICUSED' => round(($row['traffic_used_total'] / 1024), 2), /* traffic is stored in KB, template uses MB */
+						'TRAFFICUSED' => round(($row['traffic_used_total'] / 1024), 2), /* traffic is stored in KB, template uses MB */
-							'USAGE_PERCENT' => round(($row['traffic_used_total'] * 100) / $row['traffic'], 2),
+						'USAGE_PERCENT' => round(($row['traffic_used_total'] * 100) / $row['traffic'], 2),
 						'MAX_PERCENT' => Settings::Get('system.report_trafficmax')
 					);
@@ -343,7 +347,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 			 * report about diskusage for customers
 			 */
 			$result_stmt = Database::query("
-				SELECT `c`.`customerid`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
+				SELECT `c`.`customerid`, `c`.`customernumber`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
 				`c`.`company`, `c`.`diskspace`, `c`.`diskspace_used`, `c`.`email`, `c`.`def_language`,
 				`a`.`name` AS `adminname`, `a`.`email` AS `adminmail`
 				FROM `" . TABLE_PANEL_CUSTOMERS . "` AS `c`
@@ -361,11 +365,15 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 					$rep_userinfo = array(
 						'name' => $row['name'],
 						'firstname' => $row['firstname'],
-						'company' => $row['company']
+						'company' => $row['company'],
 						'customernumber' => $row['customernumber']
 					);
 					$replace_arr = array(
 						'SALUTATION' => \Froxlor\User::getCorrectUserSalutation($rep_userinfo),
-						'NAME' => $row['name'], // < keep this for compatibility
+						'NAME' => $rep_userinfo['name'],
 						'FIRSTNAME' => $rep_userinfo['firstname'],
 						'COMPANY' => $rep_userinfo['company'],
 						'CUSTOMER_NO' => $rep_userinfo['customernumber'],
 						'DISKAVAILABLE' => round(($row['diskspace'] / 1024), 2), /* traffic is stored in KB, template uses MB */
 						'DISKUSED' => round($row['diskspace_used'] / 1024, 2), /* traffic is stored in KB, template uses MB */
 						'USAGE_PERCENT' => round(($row['diskspace_used'] * 100) / $row['diskspace'], 2),
@@ -386,13 +394,15 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 						$lngfile = Database::pexecute_first($lngfile_stmt, array(
 							'deflang' => Settings::Get('panel.standardlanguage')
 						));
-						$langfile = $lngfile['file'];
+						$langfile = $lngfile['file'] ?? 'lng/english.lng.php';
 					}
 					// include english language file (fallback)
 					include_once \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/lng/english.lng.php');
 					// include admin/customer language file
-					include_once \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/' . $langfile);
+					if ($lngfile != 'lng/english.lng.php') {
 						include_once \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/' . $langfile);
 					}
 					// Get mail templates from database; the ones from 'admin' are fetched for fallback
 					$result2_stmt = Database::prepare("
--- a/lib/Froxlor/Cron/Traffic/TrafficCron.php
+++ b/lib/Froxlor/Cron/Traffic/TrafficCron.php
@@ -137,7 +137,11 @@ class TrafficCron extends \Froxlor\Cron\FroxlorCron
 					$mysqlusage_all[$row_database['customerid']] = 0;
 				}
 				// sum up result
-				$mysqlusage_all[$row_database['customerid']] += floatval($mysql_usage_row['customerusage']);
+				if ($mysql_usage_row) {
 					$mysqlusage_all[$row_database['customerid']] += floatval($mysql_usage_row['customerusage']);
 				} else {
 					\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_WARNING, "Cannot get usage for database " . $row_database['databasename'] . ".");
 				}
 			} else {
 				\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_WARNING, "Seems like the database " . $row_database['databasename'] . " had been removed manually.");
 			}
--- a/lib/Froxlor/Database/Database.php
+++ b/lib/Froxlor/Database/Database.php
@@ -183,6 +183,21 @@ class Database
 		return $return;
 	}
 	/**
 	 * return number of characters that are allowed to use as username
 	 *
 	 * @return int
 	 */
 	public static function getSqlUsernameLength()
 	{
 		// MySQL user names can be up to 32 characters long (16 characters before MySQL 5.7.8).
 		$mysql_max = 32;
 		if (version_compare(Database::getAttribute(\PDO::ATTR_SERVER_VERSION), '5.7.8', '<')) {
 			$mysql_max = 16;
 		}
 		return $mysql_max;
 	}
 	/**
 	 * let's us interact with the PDO-Object by using static
 	 * call like "Database::function()"
--- a/Show More
+++ b/Show More