set version to 0.10.21 for maintenance release

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
check for fallback of ssl-certificate in ips/ports correctly of lets encrypt is used
2020-10-02 18:01:53 +02:00 · 2020-09-18 11:49:26 +02:00 · 2020-09-07 21:53:18 +02:00 · 2020-09-07 21:51:24 +02:00 · 2020-09-06 14:12:25 +02:00 · 2020-08-13 09:04:58 +02:00
137 changed files with 10043 additions and 3050 deletions
--- a/.codecov.yml
+++ b/.codecov.yml
@@ -1,4 +0,0 @@
-codecov:
-  notify:
-    require_ci_to_pass: no
-
--- a/.travis.yml
+++ b/.travis.yml
@@ -52,13 +52,10 @@ install:
  - mysql -h 127.0.0.1 --protocol=TCP -u root -pfr0xl0r.TravisCI froxlor010 < install/froxlor.sql

 script:
-  - ant phpunit
-
-after_success:
-  - bash <(curl -s https://codecov.io/bash) -f "build/logs/clover.xml"
+  - ant phpunit-no-coverage

 notifications:
-  irc: "irc.freenode.org#froxlor"
+  irc: "chat.freenode.net#froxlor"
  webhooks:
    urls:
      - https://webhooks.gitter.im/e/bdf91d1c3f745e51f796
--- a/2fa.php
+++ b/2fa.php
@@ -38,7 +38,7 @@ if (AREA == 'admin') {
 }
 $success_message = "";

-$tfa = new \Froxlor\FroxlorTwoFactorAuth('Froxlor');
+$tfa = new \Froxlor\FroxlorTwoFactorAuth('Froxlor ' . Settings::Get('system.hostname'));

 // do the delete and then just show a success-message
 if ($action == 'delete') {
--- a/README.md
+++ b/README.md
@@ -53,14 +53,21 @@ https://files.froxlor.org/releases/froxlor-latest.tar.gz [MD5](https://files.fro

 [HowTo](https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-on-debian)

-/etc/apt/sources.list.d/froxlor.list
-> deb http://debian.froxlor.org {stretch|buster} main
+```
+apt-get -y install apt-transport-https lsb-release ca-certificates
+wget -O - https://deb.froxlor.org/froxlor.gpg | apt-key add -
+echo "deb https://deb.froxlor.org/debian $(lsb_release -sc) main" > /etc/apt/sources.list.d/froxlor.list
+```

-### Gentoo repository
+### Ubuntu repository

-[HowTo](https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-on-gentoo)
+[HowTo](https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-on-ubuntu)

-https://files.froxlor.org/gentoo/repositories.xml
+```
+apt-get -y install apt-transport-https lsb-release ca-certificates
+wget -O - https://deb.froxlor.org/froxlor.gpg | apt-key add -
+echo "deb https://deb.froxlor.org/ubuntu $(lsb_release -sc) main" > /etc/apt/sources.list.d/froxlor.list
+```

 ## Contributing

--- a/actions/admin/settings/120.system.php
+++ b/actions/admin/settings/120.system.php
@@ -253,7 +253,23 @@ return array(
 					'type' => 'hiddenString',
 					'default' => '',
 					'save_method' => 'storeSettingField'
-				)
+				),
+				'system_apply_specialsettings_default' => array(
+					'label' => $lng['serversettings']['apply_specialsettings_default'],
+					'settinggroup' => 'system',
+					'varname' => 'apply_specialsettings_default',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField'
+				),
+				'system_apply_phpconfigs_default' => array(
+					'label' => $lng['serversettings']['apply_phpconfigs_default'],
+					'settinggroup' => 'system',
+					'varname' => 'apply_phpconfigs_default',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField'
+				),
 			)
 		)
 	)
--- a/actions/admin/settings/122.froxlorvhost.php
+++ b/actions/admin/settings/122.froxlorvhost.php
@@ -105,6 +105,30 @@ return array(
 						'hasVhostContainerEnabled'
 					), true)
 				),
+				'system_honorcipherorder' => array(
+					'label' => $lng['admin']['domain_honorcipherorder'],
+					'settinggroup' => 'system',
+					'varname' => 'honorcipherorder',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'visible' => \Froxlor\Settings::Get('system.use_ssl') && call_user_func(array(
+						'\Froxlor\Settings\FroxlorVhostSettings',
+						'hasVhostContainerEnabled'
+					), true)
+				),
+				'system_sessiontickets' => array(
+					'label' => $lng['admin']['domain_sessiontickets'],
+					'settinggroup' => 'system',
+					'varname' => 'sessiontickets',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					'visible' => \Froxlor\Settings::Get('system.use_ssl') && call_user_func(array(
+						'\Froxlor\Settings\FroxlorVhostSettings',
+						'hasVhostContainerEnabled'
+					), true)
+				),
 				/**
 				 * FCGID
 				 */
--- a/actions/admin/settings/130.webserver.php
+++ b/actions/admin/settings/130.webserver.php
@@ -173,7 +173,8 @@ return array(
 					'websrv_avail' => array(
 						'apache2',
 						'nginx'
-					)
+					),
+					'visible' => \Froxlor\Settings::Get('system.awstats_enabled') == 1
 				),
 				'system_logfiles_type' => array(
 					'label' => $lng['serversettings']['logfiles_type'],
--- a/actions/admin/settings/131.ssl.php
+++ b/actions/admin/settings/131.ssl.php
@@ -35,7 +35,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'ssl_protocols',
 					'type' => 'option',
-					'default' => 'TLSv1,TLSv1.2',
+					'default' => 'TLSv1.2',
 					'option_mode' => 'multiple',
 					'option_options' => array(
 						'TLSv1' => 'TLSv1',
@@ -62,7 +62,7 @@ return array(
 					'string_emptyallowed' => true,
 					'default' => '',
 					'visible' => \Froxlor\Settings::Get('system.webserver') == "apache2" && \Froxlor\Settings::Get('system.apache24') == 1,
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'system_ssl_cert_file' => array(
 					'label' => $lng['serversettings']['ssl']['ssl_cert_file'],
@@ -115,6 +115,15 @@ return array(
 					'visible' => \Froxlor\Settings::Get('system.webserver') == "apache2" && \Froxlor\Settings::Get('system.apache24') == 1,
 					'save_method' => 'storeSettingField'
 				),
+				'system_sessionticketsenabled' => array(
+					'label' => $lng['admin']['domain_sessionticketsenabled'],
+					'settinggroup' => 'system',
+					'varname' => 'sessionticketsenabled',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					'visible' => \Froxlor\Settings::Get('system.use_ssl') && (\Froxlor\Settings::Get('system.webserver') == "nginx" || (\Froxlor\Settings::Get('system.webserver') == "apache2" && \Froxlor\Settings::Get('system.apache24') == 1))
+				),
 				'system_leenabled' => array(
 					'label' => $lng['serversettings']['leenabled'],
 					'settinggroup' => 'system',
@@ -150,10 +159,10 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'letsencryptca',
 					'type' => 'option',
-					'default' => 'testing',
+					'default' => 'production',
 					'option_mode' => 'one',
 					'option_options' => array(
-						'testing' => 'https://acme-staging' . (\Froxlor\Settings::Get('system.leapiversion') == '2' ? '-v02' : '') . '.api.letsencrypt.org (Test)',
+						'testing' => 'https://acme-staging-v0' . \Froxlor\Settings::Get('system.leapiversion') . '.api.letsencrypt.org (Test)',
 						'production' => 'https://acme-v0' . \Froxlor\Settings::Get('system.leapiversion') . '.api.letsencrypt.org (Live)'
 					),
 					'save_method' => 'storeSettingField'
@@ -205,11 +214,11 @@ return array(
 					'save_method' => 'storeSettingField'
 				),
 				'system_disable_le_selfcheck' => array(
-					'label' => $lng['serversettings']['disable_le_selfcheck'],
+					'label' => $lng['serversettings']['le_domain_dnscheck'],
 					'settinggroup' => 'system',
-					'varname' => 'disable_le_selfcheck',
+					'varname' => 'le_domain_dnscheck',
 					'type' => 'bool',
-					'default' => false,
+					'default' => true,
 					'save_method' => 'storeSettingField'
 				)
 			)
--- a/actions/admin/settings/140.statistics.php
+++ b/actions/admin/settings/140.statistics.php
@@ -33,7 +33,8 @@ return array(
 						1 => $lng['admin']['webalizer']['quiet'],
 						2 => $lng['admin']['webalizer']['veryquiet']
 					),
-					'save_method' => 'storeSettingField'
+					'save_method' => 'storeSettingField',
+					'visible' => \Froxlor\Settings::Get('system.awstats_enabled') == 0
 				),
 				'system_awstats_enabled' => array(
 					'label' => $lng['serversettings']['awstats_enabled'],
@@ -50,7 +51,8 @@ return array(
 					'type' => 'string',
 					'string_type' => 'dir',
 					'default' => '/usr/bin/',
-					'save_method' => 'storeSettingField'
+					'save_method' => 'storeSettingField',
+					'visible' => \Froxlor\Settings::Get('system.awstats_enabled') == 1
 				),
 				'system_awstats_awstatspath' => array(
 					'label' => $lng['serversettings']['awstats_awstatspath'],
@@ -59,7 +61,8 @@ return array(
 					'type' => 'string',
 					'string_type' => 'dir',
 					'default' => '/usr/bin/',
-					'save_method' => 'storeSettingField'
+					'save_method' => 'storeSettingField',
+					'visible' => \Froxlor\Settings::Get('system.awstats_enabled') == 1
 				),
 				'system_awstats_conf' => array(
 					'label' => $lng['serversettings']['awstats_conf'],
@@ -68,7 +71,8 @@ return array(
 					'type' => 'string',
 					'string_type' => 'dir',
 					'default' => '/etc/awstats/',
-					'save_method' => 'storeSettingField'
+					'save_method' => 'storeSettingField',
+					'visible' => \Froxlor\Settings::Get('system.awstats_enabled') == 1
 				),
 				'system_awstats_icons' => array(
 					'label' => $lng['serversettings']['awstats_icons'],
@@ -77,7 +81,17 @@ return array(
 					'type' => 'string',
 					'string_type' => 'dir',
 					'default' => '/usr/share/awstats/icon/',
-					'save_method' => 'storeSettingField'
+					'save_method' => 'storeSettingField',
+					'visible' => \Froxlor\Settings::Get('system.awstats_enabled') == 1
+				),
+				'system_awstats_logformat' => array(
+					'label' => $lng['serversettings']['awstats']['logformat'],
+					'settinggroup' => 'system',
+					'varname' => 'awstats_logformat',
+					'type' => 'string',
+					'default' => '1',
+					'save_method' => 'storeSettingField',
+					'visible' => \Froxlor\Settings::Get('system.awstats_enabled') == 1
 				)
 			)
 		)
--- a/admin_admins.php
+++ b/admin_admins.php
@@ -107,7 +107,7 @@ if ($page == 'admins' && $userinfo['change_serversettings'] == '1') {
 			$count ++;
 		}

-		$admincount = $paging->getEntries();
+		$admincount = $result['count'] . " / " . $paging->getEntries();
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate("admins/admins") . "\";");
 	} elseif ($action == 'su') {

--- a/admin_customers.php
+++ b/admin_customers.php
@@ -150,7 +150,7 @@ if ($page == 'customers' && $userinfo['customers'] != '0') {
 			$count ++;
 		}

-		$customercount = $paging->getEntries();
+		$customercount = $result['count'] . " / " . $paging->getEntries();
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate("customers/customers") . "\";");
 	} elseif ($action == 'su' && $id != 0) {
 		try {
--- a/admin_domains.php
+++ b/admin_domains.php
@@ -39,7 +39,7 @@ if ($page == 'domains' || $page == 'overview') {

 		$log->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "viewed admin_domains");
 		$fields = array(
-			'd.domain' => $lng['domains']['domainname'],
+			'd.domain_ace' => $lng['domains']['domainname'],
 			'c.name' => $lng['customer']['name'],
 			'c.firstname' => $lng['customer']['firstname'],
 			'c.company' => $lng['customer']['company'],
@@ -64,50 +64,23 @@ if ($page == 'domains' || $page == 'overview') {
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
-		$domain_array = array();
-
-		foreach ($result['list'] as $row) {
-
-			formatDomainEntry($row, $idna_convert);
-
-			if (! isset($domain_array[$row['domain']])) {
-				$domain_array[$row['domain']] = $row;
-			} else {
-				$domain_array[$row['domain']] = array_merge($row, $domain_array[$row['domain']]);
-			}
-
-			if (isset($row['aliasdomainid']) && $row['aliasdomainid'] != null && isset($row['aliasdomain']) && $row['aliasdomain'] != '') {
-				if (! isset($domain_array[$row['aliasdomain']])) {
-					$domain_array[$row['aliasdomain']] = array();
-				}
-				$domain_array[$row['aliasdomain']]['domainaliasid'] = $row['id'];
-				$domain_array[$row['aliasdomain']]['domainalias'] = $row['domain'];
-			}
-		}
-
-		/**
-		 * We need ksort/krsort here to make sure idna-domains are also sorted correctly
-		 */
-		if ($paging->sortfield == 'd.domain' && $paging->sortorder == 'asc') {
-			ksort($domain_array);
-		} elseif ($paging->sortfield == 'd.domain' && $paging->sortorder == 'desc') {
-			krsort($domain_array);
-		}

 		$count = 0;
-		foreach ($domain_array as $row) {
-
-			if (isset($row['domain']) && $row['domain'] != '') {
-				$row['customername'] = \Froxlor\User::getCorrectFullUserDetails($row);
-				$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
-				// display a nice list of IP's
+		foreach ($result['list'] as $row) {
+			formatDomainEntry($row, $idna_convert);
+			$row['customername'] = \Froxlor\User::getCorrectFullUserDetails($row);
+			$row = \Froxlor\PhpHelper::htmlentitiesArray($row);
+			// display a nice list of IP's if it's not an alias for another domain
+			if (isset($row['aliasdomainid']) && $row['aliasdomainid'] != null && isset($row['aliasdomain']) && $row['aliasdomain'] != '') {
+				$row['ipandport'] = sprintf($lng['domains']['isaliasdomainof'], $row['aliasdomain']);
+			} else {
 				$row['ipandport'] = str_replace("\n", "<br />", $row['ipandport']);
-				eval("\$domains.=\"" . \Froxlor\UI\Template::getTemplate("domains/domains_domain") . "\";");
-				$count ++;
 			}
+			eval("\$domains.=\"" . \Froxlor\UI\Template::getTemplate("domains/domains_domain") . "\";");
+			$count++;
 		}

-		$domainscount = $paging->getEntries();
+		$domainscount = $result['count'] . " / " . $paging->getEntries();

 		// Display the list
 		eval("echo \"" . \Froxlor\UI\Template::getTemplate("domains/domains") . "\";");
@@ -409,7 +382,7 @@ if ($page == 'domains' || $page == 'overview') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				try {
 					// remove ssl ip/ports if set is empty
-					if (isset($_POST['ssl_ipandport']) && empty($_POST['ssl_ipandport'])) {
+					if (!isset($_POST['ssl_ipandport']) || empty($_POST['ssl_ipandport'])) {
 						$_POST['remove_ssl_ipandport'] = true;
 					}
 					Domains::getLocal($userinfo, $_POST)->update();
--- a/admin_ipsandports.php
+++ b/admin_ipsandports.php
@@ -160,5 +160,14 @@ if ($page == 'ipsandports' || $page == 'overview') {
 				eval("echo \"" . \Froxlor\UI\Template::getTemplate("ipsandports/ipsandports_edit") . "\";");
 			}
 		}
+	} elseif ($action == 'jqCheckIP') {
+		$ip = $_POST['ip'] ?? "";
+		if ((filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) || filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) && filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE | FILTER_FLAG_NO_PRIV_RANGE) == false) {
+			// returns notice if private network detected so we can display it
+			echo json_encode($lng['admin']['ipsandports']['ipnote']);
+		} else {
+			echo 0;
+		}
+		exit();
 	}
 }
--- a/admin_phpsettings.php
+++ b/admin_phpsettings.php
@@ -81,8 +81,16 @@ if ($page == 'overview') {
 				));
 			} else {

-				$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = 1");
-				$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+				if (file_exists(\Froxlor\Froxlor::getInstallDir() . '/templates/misc/php/default.ini.php')) {
+					require_once \Froxlor\Froxlor::getInstallDir() . '/templates/misc/php/default.ini.php';
+					$result = [
+						'phpsettings' => DEFAULT_PHPINI
+					];
+				} else {
+					// use first php-config as fallback
+					$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = 1");
+					$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+				}

 				$fpmconfigs = '';
 				$configs = Database::query("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` ORDER BY `description` ASC");
@@ -90,9 +98,9 @@ if ($page == 'overview') {
 					$fpmconfigs .= \Froxlor\UI\HTML::makeoption($row['description'], $row['id'], 1, true, true);
 				}

-				$pm_select = \Froxlor\UI\HTML::makeoption('static', 'static', 'static', true, true);
-				$pm_select .= \Froxlor\UI\HTML::makeoption('dynamic', 'dynamic', 'static', true, true);
-				$pm_select .= \Froxlor\UI\HTML::makeoption('ondemand', 'ondemand', 'static', true, true);
+				$pm_select = \Froxlor\UI\HTML::makeoption('static', 'static', 'dynamic', true, true);
+				$pm_select .= \Froxlor\UI\HTML::makeoption('dynamic', 'dynamic', 'dynamic', true, true);
+				$pm_select .= \Froxlor\UI\HTML::makeoption('ondemand', 'ondemand', 'dynamic', true, true);

 				$phpconfig_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php';
 				$phpconfig_add_form = \Froxlor\UI\HtmlForm::genHTMLForm($phpconfig_add_data);
@@ -234,9 +242,9 @@ if ($page == 'overview') {
 				));
 			} else {

-				$pm_select = \Froxlor\UI\HTML::makeoption('static', 'static', 'static', true, true);
-				$pm_select .= \Froxlor\UI\HTML::makeoption('dynamic', 'dynamic', 'static', true, true);
-				$pm_select .= \Froxlor\UI\HTML::makeoption('ondemand', 'ondemand', 'static', true, true);
+				$pm_select = \Froxlor\UI\HTML::makeoption('static', 'static', 'dynamic', true, true);
+				$pm_select .= \Froxlor\UI\HTML::makeoption('dynamic', 'dynamic', 'dynamic', true, true);
+				$pm_select .= \Froxlor\UI\HTML::makeoption('ondemand', 'ondemand', 'dynamic', true, true);

 				$fpmconfig_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php';
 				$fpmconfig_add_form = \Froxlor\UI\HtmlForm::genHTMLForm($fpmconfig_add_data);
--- a/composer.json
+++ b/composer.json
@@ -46,7 +46,7 @@
 		"phpmailer/phpmailer": "~6.0",
 		"monolog/monolog": "^1.24",
 		"robthree/twofactorauth": "^1.6",
-		"algo26-matthias/idna-convert": "^2.1"
+		"froxlor/idna-convert-legacy": "^2.1"
 	},
 	"require-dev": {
 		"phpunit/phpunit": "8.4.1",
--- a/composer.lock
+++ b/composer.lock
@@ -4,20 +4,20 @@
        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
        "This file is @generated automatically"
    ],
-    "content-hash": "5699c65bbdcd2a61a9ced0ac7be84d64",
+    "content-hash": "a7ba15333ffb4a758ea65039b589545b",
    "packages": [
        {
-            "name": "algo26-matthias/idna-convert",
-            "version": "v2.1.0",
+            "name": "froxlor/idna-convert-legacy",
+            "version": "v2.1.2",
            "source": {
                "type": "git",
-                "url": "https://github.com/algo26-matthias/idna-convert.git",
-                "reference": "2717d05713454991936bc581d068c6cea0d84e3b"
+                "url": "https://github.com/Froxlor/idna-convert-legacy.git",
+                "reference": "09c1db623ba19e1ed8f2f9dabc15eeda9dc713b7"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/algo26-matthias/idna-convert/zipball/2717d05713454991936bc581d068c6cea0d84e3b",
-                "reference": "2717d05713454991936bc581d068c6cea0d84e3b",
+                "url": "https://api.github.com/repos/Froxlor/idna-convert-legacy/zipball/09c1db623ba19e1ed8f2f9dabc15eeda9dc713b7",
+                "reference": "09c1db623ba19e1ed8f2f9dabc15eeda9dc713b7",
                "shasum": ""
            },
            "require": {
@@ -43,6 +43,11 @@
                    "name": "Matthias Sommerfeld",
                    "email": "matthias.sommerfeld@algo26.de",
                    "role": "Developer"
+                },
+                {
+                    "name": "Michael Kaufmann (d00p)",
+                    "email": "d00p@froxlor.org",
+                    "role": "Developer"
                }
            ],
            "description": "A library for encoding and decoding internationalized domain names",
@@ -52,20 +57,20 @@
                "idna",
                "php"
            ],
-            "time": "2019-03-04T17:07:46+00:00"
+            "time": "2019-12-31T12:16:30+00:00"
        },
        {
            "name": "monolog/monolog",
-            "version": "1.25.1",
+            "version": "1.25.3",
            "source": {
                "type": "git",
                "url": "https://github.com/Seldaek/monolog.git",
-                "reference": "70e65a5470a42cfec1a7da00d30edb6e617e8dcf"
+                "reference": "fa82921994db851a8becaf3787a9e73c5976b6f1"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/Seldaek/monolog/zipball/70e65a5470a42cfec1a7da00d30edb6e617e8dcf",
-                "reference": "70e65a5470a42cfec1a7da00d30edb6e617e8dcf",
+                "url": "https://api.github.com/repos/Seldaek/monolog/zipball/fa82921994db851a8becaf3787a9e73c5976b6f1",
+                "reference": "fa82921994db851a8becaf3787a9e73c5976b6f1",
                "shasum": ""
            },
            "require": {
@@ -130,20 +135,20 @@
                "logging",
                "psr-3"
            ],
-            "time": "2019-09-06T13:49:17+00:00"
+            "time": "2019-12-20T14:15:16+00:00"
        },
        {
            "name": "phpmailer/phpmailer",
-            "version": "v6.1.1",
+            "version": "v6.1.6",
            "source": {
                "type": "git",
                "url": "https://github.com/PHPMailer/PHPMailer.git",
-                "reference": "26bd96350b0b2fcbf0ef4e6f0f9cf3528302a9d8"
+                "reference": "c2796cb1cb99d7717290b48c4e6f32cb6c60b7b3"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/26bd96350b0b2fcbf0ef4e6f0f9cf3528302a9d8",
-                "reference": "26bd96350b0b2fcbf0ef4e6f0f9cf3528302a9d8",
+                "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/c2796cb1cb99d7717290b48c4e6f32cb6c60b7b3",
+                "reference": "c2796cb1cb99d7717290b48c4e6f32cb6c60b7b3",
                "shasum": ""
            },
            "require": {
@@ -152,13 +157,9 @@
                "php": ">=5.5.0"
            },
            "require-dev": {
-                "doctrine/annotations": "1.2.*",
+                "doctrine/annotations": "^1.2",
                "friendsofphp/php-cs-fixer": "^2.2",
-                "phpdocumentor/phpdocumentor": "2.*",
-                "phpunit/phpunit": "^4.8 || ^5.7",
-                "zendframework/zend-eventmanager": "3.0.*",
-                "zendframework/zend-i18n": "2.7.3",
-                "zendframework/zend-serializer": "2.7.*"
+                "phpunit/phpunit": "^4.8 || ^5.7"
            },
            "suggest": {
                "ext-mbstring": "Needed to send email in multibyte encoding charset",
@@ -196,7 +197,7 @@
                }
            ],
            "description": "PHPMailer is a full-featured email creation and transfer class for PHP",
-            "time": "2019-09-27T21:33:43+00:00"
+            "time": "2020-05-27T12:24:03+00:00"
        },
        {
            "name": "psr/log",
@@ -299,17 +300,61 @@
    ],
    "packages-dev": [
        {
-            "name": "doctrine/instantiator",
-            "version": "1.2.0",
+            "name": "composer/xdebug-handler",
+            "version": "1.4.0",
            "source": {
                "type": "git",
-                "url": "https://github.com/doctrine/instantiator.git",
-                "reference": "a2c590166b2133a4633738648b6b064edae0814a"
+                "url": "https://github.com/composer/xdebug-handler.git",
+                "reference": "cbe23383749496fe0f373345208b79568e4bc248"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/doctrine/instantiator/zipball/a2c590166b2133a4633738648b6b064edae0814a",
-                "reference": "a2c590166b2133a4633738648b6b064edae0814a",
+                "url": "https://api.github.com/repos/composer/xdebug-handler/zipball/cbe23383749496fe0f373345208b79568e4bc248",
+                "reference": "cbe23383749496fe0f373345208b79568e4bc248",
+                "shasum": ""
+            },
+            "require": {
+                "php": "^5.3.2 || ^7.0 || ^8.0",
+                "psr/log": "^1.0"
+            },
+            "require-dev": {
+                "phpunit/phpunit": "^4.8.35 || ^5.7 || 6.5 - 8"
+            },
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "Composer\\XdebugHandler\\": "src"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "John Stevenson",
+                    "email": "john-stevenson@blueyonder.co.uk"
+                }
+            ],
+            "description": "Restarts a process without Xdebug.",
+            "keywords": [
+                "Xdebug",
+                "performance"
+            ],
+            "time": "2019-11-06T16:40:04+00:00"
+        },
+        {
+            "name": "doctrine/instantiator",
+            "version": "1.3.0",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/doctrine/instantiator.git",
+                "reference": "ae466f726242e637cebdd526a7d991b9433bacf1"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/doctrine/instantiator/zipball/ae466f726242e637cebdd526a7d991b9433bacf1",
+                "reference": "ae466f726242e637cebdd526a7d991b9433bacf1",
                "shasum": ""
            },
            "require": {
@@ -352,20 +397,20 @@
                "constructor",
                "instantiate"
            ],
-            "time": "2019-03-17T17:37:11+00:00"
+            "time": "2019-10-21T16:45:58+00:00"
        },
        {
            "name": "myclabs/deep-copy",
-            "version": "1.9.3",
+            "version": "1.9.4",
            "source": {
                "type": "git",
                "url": "https://github.com/myclabs/DeepCopy.git",
-                "reference": "007c053ae6f31bba39dfa19a7726f56e9763bbea"
+                "reference": "579bb7356d91f9456ccd505f24ca8b667966a0a7"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/myclabs/DeepCopy/zipball/007c053ae6f31bba39dfa19a7726f56e9763bbea",
-                "reference": "007c053ae6f31bba39dfa19a7726f56e9763bbea",
+                "url": "https://api.github.com/repos/myclabs/DeepCopy/zipball/579bb7356d91f9456ccd505f24ca8b667966a0a7",
+                "reference": "579bb7356d91f9456ccd505f24ca8b667966a0a7",
                "shasum": ""
            },
            "require": {
@@ -400,20 +445,20 @@
                "object",
                "object graph"
            ],
-            "time": "2019-08-09T12:45:53+00:00"
+            "time": "2019-12-15T19:12:40+00:00"
        },
        {
            "name": "nikic/php-parser",
-            "version": "v4.2.5",
+            "version": "v4.3.0",
            "source": {
                "type": "git",
                "url": "https://github.com/nikic/PHP-Parser.git",
-                "reference": "b76bbc3c51f22c570648de48e8c2d941ed5e2cf2"
+                "reference": "9a9981c347c5c49d6dfe5cf826bb882b824080dc"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/b76bbc3c51f22c570648de48e8c2d941ed5e2cf2",
-                "reference": "b76bbc3c51f22c570648de48e8c2d941ed5e2cf2",
+                "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/9a9981c347c5c49d6dfe5cf826bb882b824080dc",
+                "reference": "9a9981c347c5c49d6dfe5cf826bb882b824080dc",
                "shasum": ""
            },
            "require": {
@@ -421,7 +466,7 @@
                "php": ">=7.0"
            },
            "require-dev": {
-                "ircmaxell/php-yacc": "0.0.4",
+                "ircmaxell/php-yacc": "0.0.5",
                "phpunit/phpunit": "^6.5 || ^7.0 || ^8.0"
            },
            "bin": [
@@ -430,7 +475,7 @@
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "4.2-dev"
+                    "dev-master": "4.3-dev"
                }
            },
            "autoload": {
@@ -452,36 +497,43 @@
                "parser",
                "php"
            ],
-            "time": "2019-10-25T18:33:07+00:00"
+            "time": "2019-11-08T13:50:10+00:00"
        },
        {
            "name": "pdepend/pdepend",
-            "version": "2.5.2",
+            "version": "2.6.1",
            "source": {
                "type": "git",
                "url": "https://github.com/pdepend/pdepend.git",
-                "reference": "9daf26d0368d4a12bed1cacae1a9f3a6f0adf239"
+                "reference": "395b0f356bc0881ef88864bffb4ba1423ca0d111"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/pdepend/pdepend/zipball/9daf26d0368d4a12bed1cacae1a9f3a6f0adf239",
-                "reference": "9daf26d0368d4a12bed1cacae1a9f3a6f0adf239",
+                "url": "https://api.github.com/repos/pdepend/pdepend/zipball/395b0f356bc0881ef88864bffb4ba1423ca0d111",
+                "reference": "395b0f356bc0881ef88864bffb4ba1423ca0d111",
                "shasum": ""
            },
            "require": {
                "php": ">=5.3.7",
-                "symfony/config": "^2.3.0|^3|^4",
-                "symfony/dependency-injection": "^2.3.0|^3|^4",
-                "symfony/filesystem": "^2.3.0|^3|^4"
+                "symfony/config": "^2.3.0|^3|^4|^5",
+                "symfony/dependency-injection": "^2.3.0|^3|^4|^5",
+                "symfony/filesystem": "^2.3.0|^3|^4|^5"
            },
            "require-dev": {
-                "phpunit/phpunit": "^4.8|^5.7",
+                "easy-doc/easy-doc": "0.0.0 || ^1.2.3",
+                "gregwar/rst": "^1.0",
+                "phpunit/phpunit": "^4.8.35|^5.7",
                "squizlabs/php_codesniffer": "^2.0.0"
            },
            "bin": [
                "src/bin/pdepend"
            ],
            "type": "library",
+            "extra": {
+                "branch-alias": {
+                    "dev-master": "2.x-dev"
+                }
+            },
            "autoload": {
                "psr-4": {
                    "PDepend\\": "src/main/php/PDepend"
@@ -492,7 +544,7 @@
                "BSD-3-Clause"
            ],
            "description": "Official version of pdepend to be handled with Composer",
-            "time": "2017-12-13T13:21:38+00:00"
+            "time": "2019-12-21T16:33:56+00:00"
        },
        {
            "name": "phar-io/manifest",
@@ -598,16 +650,16 @@
        },
        {
            "name": "phpcompatibility/php-compatibility",
-            "version": "9.3.2",
+            "version": "9.3.5",
            "source": {
                "type": "git",
                "url": "https://github.com/PHPCompatibility/PHPCompatibility.git",
-                "reference": "bfca2be3992f40e92206e5a7ebe5eaee37280b58"
+                "reference": "9fb324479acf6f39452e0655d2429cc0d3914243"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/PHPCompatibility/PHPCompatibility/zipball/bfca2be3992f40e92206e5a7ebe5eaee37280b58",
-                "reference": "bfca2be3992f40e92206e5a7ebe5eaee37280b58",
+                "url": "https://api.github.com/repos/PHPCompatibility/PHPCompatibility/zipball/9fb324479acf6f39452e0655d2429cc0d3914243",
+                "reference": "9fb324479acf6f39452e0655d2429cc0d3914243",
                "shasum": ""
            },
            "require": {
@@ -652,7 +704,7 @@
                "phpcs",
                "standards"
            ],
-            "time": "2019-10-16T21:24:24+00:00"
+            "time": "2019-12-27T09:44:58+00:00"
        },
        {
            "name": "phpdocumentor/reflection-common",
@@ -708,16 +760,16 @@
        },
        {
            "name": "phpdocumentor/reflection-docblock",
-            "version": "4.3.2",
+            "version": "4.3.4",
            "source": {
                "type": "git",
                "url": "https://github.com/phpDocumentor/ReflectionDocBlock.git",
-                "reference": "b83ff7cfcfee7827e1e78b637a5904fe6a96698e"
+                "reference": "da3fd972d6bafd628114f7e7e036f45944b62e9c"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/b83ff7cfcfee7827e1e78b637a5904fe6a96698e",
-                "reference": "b83ff7cfcfee7827e1e78b637a5904fe6a96698e",
+                "url": "https://api.github.com/repos/phpDocumentor/ReflectionDocBlock/zipball/da3fd972d6bafd628114f7e7e036f45944b62e9c",
+                "reference": "da3fd972d6bafd628114f7e7e036f45944b62e9c",
                "shasum": ""
            },
            "require": {
@@ -729,6 +781,7 @@
            "require-dev": {
                "doctrine/instantiator": "^1.0.5",
                "mockery/mockery": "^1.0",
+                "phpdocumentor/type-resolver": "0.4.*",
                "phpunit/phpunit": "^6.4"
            },
            "type": "library",
@@ -755,7 +808,7 @@
                }
            ],
            "description": "With this component, a library can provide support for annotations via DocBlocks or otherwise retrieve information that is embedded in a DocBlock.",
-            "time": "2019-09-12T14:27:41+00:00"
+            "time": "2019-12-28T18:55:12+00:00"
        },
        {
            "name": "phpdocumentor/type-resolver",
@@ -855,24 +908,26 @@
        },
        {
            "name": "phpmd/phpmd",
-            "version": "2.7.0",
+            "version": "2.8.1",
            "source": {
                "type": "git",
                "url": "https://github.com/phpmd/phpmd.git",
-                "reference": "a05a999c644f4bc9a204846017db7bb7809fbe4c"
+                "reference": "5664b95d484797582f5af9536238deb9ecde58a1"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/phpmd/phpmd/zipball/a05a999c644f4bc9a204846017db7bb7809fbe4c",
-                "reference": "a05a999c644f4bc9a204846017db7bb7809fbe4c",
+                "url": "https://api.github.com/repos/phpmd/phpmd/zipball/5664b95d484797582f5af9536238deb9ecde58a1",
+                "reference": "5664b95d484797582f5af9536238deb9ecde58a1",
                "shasum": ""
            },
            "require": {
+                "composer/xdebug-handler": "^1.0",
                "ext-xml": "*",
-                "pdepend/pdepend": "^2.5",
+                "pdepend/pdepend": "^2.6",
                "php": ">=5.3.9"
            },
            "require-dev": {
+                "easy-doc/easy-doc": "0.0.0 || ^1.3.2",
                "gregwar/rst": "^1.0",
                "mikey179/vfsstream": "^1.6.4",
                "phpunit/phpunit": "^4.8.36 || ^5.7.27",
@@ -919,37 +974,37 @@
                "phpmd",
                "pmd"
            ],
-            "time": "2019-07-30T21:13:32+00:00"
+            "time": "2019-12-27T11:09:06+00:00"
        },
        {
            "name": "phpspec/prophecy",
-            "version": "1.9.0",
+            "version": "1.10.1",
            "source": {
                "type": "git",
                "url": "https://github.com/phpspec/prophecy.git",
-                "reference": "f6811d96d97bdf400077a0cc100ae56aa32b9203"
+                "reference": "cbe1df668b3fe136bcc909126a0f529a78d4cbbc"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/phpspec/prophecy/zipball/f6811d96d97bdf400077a0cc100ae56aa32b9203",
-                "reference": "f6811d96d97bdf400077a0cc100ae56aa32b9203",
+                "url": "https://api.github.com/repos/phpspec/prophecy/zipball/cbe1df668b3fe136bcc909126a0f529a78d4cbbc",
+                "reference": "cbe1df668b3fe136bcc909126a0f529a78d4cbbc",
                "shasum": ""
            },
            "require": {
                "doctrine/instantiator": "^1.0.2",
                "php": "^5.3|^7.0",
                "phpdocumentor/reflection-docblock": "^2.0|^3.0.2|^4.0|^5.0",
-                "sebastian/comparator": "^1.1|^2.0|^3.0",
+                "sebastian/comparator": "^1.2.3|^2.0|^3.0",
                "sebastian/recursion-context": "^1.0|^2.0|^3.0"
            },
            "require-dev": {
-                "phpspec/phpspec": "^2.5|^3.2",
+                "phpspec/phpspec": "^2.5 || ^3.2",
                "phpunit/phpunit": "^4.8.35 || ^5.7 || ^6.5 || ^7.1"
            },
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "1.8.x-dev"
+                    "dev-master": "1.10.x-dev"
                }
            },
            "autoload": {
@@ -982,20 +1037,20 @@
                "spy",
                "stub"
            ],
-            "time": "2019-10-03T11:07:50+00:00"
+            "time": "2019-12-22T21:05:45+00:00"
        },
        {
            "name": "phpunit/php-code-coverage",
-            "version": "7.0.8",
+            "version": "7.0.10",
            "source": {
                "type": "git",
                "url": "https://github.com/sebastianbergmann/php-code-coverage.git",
-                "reference": "aa0d179a13284c7420fc281fc32750e6cc7c9e2f"
+                "reference": "f1884187926fbb755a9aaf0b3836ad3165b478bf"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/aa0d179a13284c7420fc281fc32750e6cc7c9e2f",
-                "reference": "aa0d179a13284c7420fc281fc32750e6cc7c9e2f",
+                "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/f1884187926fbb755a9aaf0b3836ad3165b478bf",
+                "reference": "f1884187926fbb755a9aaf0b3836ad3165b478bf",
                "shasum": ""
            },
            "require": {
@@ -1045,7 +1100,7 @@
                "testing",
                "xunit"
            ],
-            "time": "2019-09-17T06:24:36+00:00"
+            "time": "2019-11-20T13:55:58+00:00"
        },
        {
            "name": "phpunit/php-file-iterator",
@@ -1535,16 +1590,16 @@
        },
        {
            "name": "sebastian/environment",
-            "version": "4.2.2",
+            "version": "4.2.3",
            "source": {
                "type": "git",
                "url": "https://github.com/sebastianbergmann/environment.git",
-                "reference": "f2a2c8e1c97c11ace607a7a667d73d47c19fe404"
+                "reference": "464c90d7bdf5ad4e8a6aea15c091fec0603d4368"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/sebastianbergmann/environment/zipball/f2a2c8e1c97c11ace607a7a667d73d47c19fe404",
-                "reference": "f2a2c8e1c97c11ace607a7a667d73d47c19fe404",
+                "url": "https://api.github.com/repos/sebastianbergmann/environment/zipball/464c90d7bdf5ad4e8a6aea15c091fec0603d4368",
+                "reference": "464c90d7bdf5ad4e8a6aea15c091fec0603d4368",
                "shasum": ""
            },
            "require": {
@@ -1584,7 +1639,7 @@
                "environment",
                "hhvm"
            ],
-            "time": "2019-05-05T09:05:15+00:00"
+            "time": "2019-11-20T08:46:58+00:00"
        },
        {
            "name": "sebastian/exporter",
@@ -2075,16 +2130,16 @@
        },
        {
            "name": "squizlabs/php_codesniffer",
-            "version": "3.5.2",
+            "version": "3.5.3",
            "source": {
                "type": "git",
                "url": "https://github.com/squizlabs/PHP_CodeSniffer.git",
-                "reference": "65b12cdeaaa6cd276d4c3033a95b9b88b12701e7"
+                "reference": "557a1fc7ac702c66b0bbfe16ab3d55839ef724cb"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/65b12cdeaaa6cd276d4c3033a95b9b88b12701e7",
-                "reference": "65b12cdeaaa6cd276d4c3033a95b9b88b12701e7",
+                "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/557a1fc7ac702c66b0bbfe16ab3d55839ef724cb",
+                "reference": "557a1fc7ac702c66b0bbfe16ab3d55839ef724cb",
                "shasum": ""
            },
            "require": {
@@ -2122,36 +2177,36 @@
                "phpcs",
                "standards"
            ],
-            "time": "2019-10-28T04:36:32+00:00"
+            "time": "2019-12-04T04:46:47+00:00"
        },
        {
            "name": "symfony/config",
-            "version": "v4.3.6",
+            "version": "v5.0.2",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/config.git",
-                "reference": "f4ee0ebb91b16ca1ac105aa39f9284f3cac19a15"
+                "reference": "7f930484966350906185ba0a604728f7898b7ba0"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/config/zipball/f4ee0ebb91b16ca1ac105aa39f9284f3cac19a15",
-                "reference": "f4ee0ebb91b16ca1ac105aa39f9284f3cac19a15",
+                "url": "https://api.github.com/repos/symfony/config/zipball/7f930484966350906185ba0a604728f7898b7ba0",
+                "reference": "7f930484966350906185ba0a604728f7898b7ba0",
                "shasum": ""
            },
            "require": {
-                "php": "^7.1.3",
-                "symfony/filesystem": "~3.4|~4.0",
+                "php": "^7.2.5",
+                "symfony/filesystem": "^4.4|^5.0",
                "symfony/polyfill-ctype": "~1.8"
            },
            "conflict": {
-                "symfony/finder": "<3.4"
+                "symfony/finder": "<4.4"
            },
            "require-dev": {
-                "symfony/dependency-injection": "~3.4|~4.0",
-                "symfony/event-dispatcher": "~3.4|~4.0",
-                "symfony/finder": "~3.4|~4.0",
-                "symfony/messenger": "~4.1",
-                "symfony/yaml": "~3.4|~4.0"
+                "symfony/event-dispatcher": "^4.4|^5.0",
+                "symfony/finder": "^4.4|^5.0",
+                "symfony/messenger": "^4.4|^5.0",
+                "symfony/service-contracts": "^1.1|^2",
+                "symfony/yaml": "^4.4|^5.0"
            },
            "suggest": {
                "symfony/yaml": "To use the yaml reference dumper"
@@ -2159,7 +2214,7 @@
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "4.3-dev"
+                    "dev-master": "5.0-dev"
                }
            },
            "autoload": {
@@ -2186,31 +2241,32 @@
            ],
            "description": "Symfony Config Component",
            "homepage": "https://symfony.com",
-            "time": "2019-10-30T13:18:51+00:00"
+            "time": "2019-12-18T13:50:31+00:00"
        },
        {
            "name": "symfony/console",
-            "version": "v4.3.6",
+            "version": "v4.4.2",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/console.git",
-                "reference": "136c4bd62ea871d00843d1bc0316de4c4a84bb78"
+                "reference": "82437719dab1e6bdd28726af14cb345c2ec816d0"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/console/zipball/136c4bd62ea871d00843d1bc0316de4c4a84bb78",
-                "reference": "136c4bd62ea871d00843d1bc0316de4c4a84bb78",
+                "url": "https://api.github.com/repos/symfony/console/zipball/82437719dab1e6bdd28726af14cb345c2ec816d0",
+                "reference": "82437719dab1e6bdd28726af14cb345c2ec816d0",
                "shasum": ""
            },
            "require": {
                "php": "^7.1.3",
                "symfony/polyfill-mbstring": "~1.0",
                "symfony/polyfill-php73": "^1.8",
-                "symfony/service-contracts": "^1.1"
+                "symfony/service-contracts": "^1.1|^2"
            },
            "conflict": {
                "symfony/dependency-injection": "<3.4",
-                "symfony/event-dispatcher": "<4.3",
+                "symfony/event-dispatcher": "<4.3|>=5",
+                "symfony/lock": "<4.4",
                "symfony/process": "<3.3"
            },
            "provide": {
@@ -2218,12 +2274,12 @@
            },
            "require-dev": {
                "psr/log": "~1.0",
-                "symfony/config": "~3.4|~4.0",
-                "symfony/dependency-injection": "~3.4|~4.0",
+                "symfony/config": "^3.4|^4.0|^5.0",
+                "symfony/dependency-injection": "^3.4|^4.0|^5.0",
                "symfony/event-dispatcher": "^4.3",
-                "symfony/lock": "~3.4|~4.0",
-                "symfony/process": "~3.4|~4.0",
-                "symfony/var-dumper": "^4.3"
+                "symfony/lock": "^4.4|^5.0",
+                "symfony/process": "^3.4|^4.0|^5.0",
+                "symfony/var-dumper": "^4.3|^5.0"
            },
            "suggest": {
                "psr/log": "For using the console logger",
@@ -2234,7 +2290,7 @@
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "4.3-dev"
+                    "dev-master": "4.4-dev"
                }
            },
            "autoload": {
@@ -2261,41 +2317,41 @@
            ],
            "description": "Symfony Console Component",
            "homepage": "https://symfony.com",
-            "time": "2019-10-30T12:58:49+00:00"
+            "time": "2019-12-17T10:32:23+00:00"
        },
        {
            "name": "symfony/dependency-injection",
-            "version": "v4.3.6",
+            "version": "v5.0.2",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/dependency-injection.git",
-                "reference": "fc036941dfafa037a7485714b62593c7eaf68edd"
+                "reference": "f9dbfbf487d08f60b1c83220edcd16559d1e40a2"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/dependency-injection/zipball/fc036941dfafa037a7485714b62593c7eaf68edd",
-                "reference": "fc036941dfafa037a7485714b62593c7eaf68edd",
+                "url": "https://api.github.com/repos/symfony/dependency-injection/zipball/f9dbfbf487d08f60b1c83220edcd16559d1e40a2",
+                "reference": "f9dbfbf487d08f60b1c83220edcd16559d1e40a2",
                "shasum": ""
            },
            "require": {
-                "php": "^7.1.3",
+                "php": "^7.2.5",
                "psr/container": "^1.0",
-                "symfony/service-contracts": "^1.1.6"
+                "symfony/service-contracts": "^1.1.6|^2"
            },
            "conflict": {
-                "symfony/config": "<4.3",
-                "symfony/finder": "<3.4",
-                "symfony/proxy-manager-bridge": "<3.4",
-                "symfony/yaml": "<3.4"
+                "symfony/config": "<5.0",
+                "symfony/finder": "<4.4",
+                "symfony/proxy-manager-bridge": "<4.4",
+                "symfony/yaml": "<4.4"
            },
            "provide": {
                "psr/container-implementation": "1.0",
                "symfony/service-implementation": "1.0"
            },
            "require-dev": {
-                "symfony/config": "^4.3",
-                "symfony/expression-language": "~3.4|~4.0",
-                "symfony/yaml": "~3.4|~4.0"
+                "symfony/config": "^5.0",
+                "symfony/expression-language": "^4.4|^5.0",
+                "symfony/yaml": "^4.4|^5.0"
            },
            "suggest": {
                "symfony/config": "",
@@ -2307,7 +2363,7 @@
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "4.3-dev"
+                    "dev-master": "5.0-dev"
                }
            },
            "autoload": {
@@ -2334,30 +2390,30 @@
            ],
            "description": "Symfony DependencyInjection Component",
            "homepage": "https://symfony.com",
-            "time": "2019-10-28T17:07:32+00:00"
+            "time": "2019-12-19T16:01:11+00:00"
        },
        {
            "name": "symfony/filesystem",
-            "version": "v4.3.6",
+            "version": "v5.0.2",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/filesystem.git",
-                "reference": "9abbb7ef96a51f4d7e69627bc6f63307994e4263"
+                "reference": "1d71f670bc5a07b9ccc97dc44f932177a322d4e6"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/filesystem/zipball/9abbb7ef96a51f4d7e69627bc6f63307994e4263",
-                "reference": "9abbb7ef96a51f4d7e69627bc6f63307994e4263",
+                "url": "https://api.github.com/repos/symfony/filesystem/zipball/1d71f670bc5a07b9ccc97dc44f932177a322d4e6",
+                "reference": "1d71f670bc5a07b9ccc97dc44f932177a322d4e6",
                "shasum": ""
            },
            "require": {
-                "php": "^7.1.3",
+                "php": "^7.2.5",
                "symfony/polyfill-ctype": "~1.8"
            },
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "4.3-dev"
+                    "dev-master": "5.0-dev"
                }
            },
            "autoload": {
@@ -2384,20 +2440,20 @@
            ],
            "description": "Symfony Filesystem Component",
            "homepage": "https://symfony.com",
-            "time": "2019-08-20T14:07:54+00:00"
+            "time": "2019-11-26T23:25:11+00:00"
        },
        {
            "name": "symfony/finder",
-            "version": "v4.3.6",
+            "version": "v4.4.2",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/finder.git",
-                "reference": "72a068f77e317ae77c0a0495236ad292cfb5ce6f"
+                "reference": "ce8743441da64c41e2a667b8eb66070444ed911e"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/finder/zipball/72a068f77e317ae77c0a0495236ad292cfb5ce6f",
-                "reference": "72a068f77e317ae77c0a0495236ad292cfb5ce6f",
+                "url": "https://api.github.com/repos/symfony/finder/zipball/ce8743441da64c41e2a667b8eb66070444ed911e",
+                "reference": "ce8743441da64c41e2a667b8eb66070444ed911e",
                "shasum": ""
            },
            "require": {
@@ -2406,7 +2462,7 @@
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "4.3-dev"
+                    "dev-master": "4.4-dev"
                }
            },
            "autoload": {
@@ -2433,20 +2489,20 @@
            ],
            "description": "Symfony Finder Component",
            "homepage": "https://symfony.com",
-            "time": "2019-10-30T12:53:54+00:00"
+            "time": "2019-11-17T21:56:56+00:00"
        },
        {
            "name": "symfony/polyfill-ctype",
-            "version": "v1.12.0",
+            "version": "v1.13.1",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-ctype.git",
-                "reference": "550ebaac289296ce228a706d0867afc34687e3f4"
+                "reference": "f8f0b461be3385e56d6de3dbb5a0df24c0c275e3"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/550ebaac289296ce228a706d0867afc34687e3f4",
-                "reference": "550ebaac289296ce228a706d0867afc34687e3f4",
+                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/f8f0b461be3385e56d6de3dbb5a0df24c0c275e3",
+                "reference": "f8f0b461be3385e56d6de3dbb5a0df24c0c275e3",
                "shasum": ""
            },
            "require": {
@@ -2458,7 +2514,7 @@
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "1.12-dev"
+                    "dev-master": "1.13-dev"
                }
            },
            "autoload": {
@@ -2491,20 +2547,20 @@
                "polyfill",
                "portable"
            ],
-            "time": "2019-08-06T08:03:45+00:00"
+            "time": "2019-11-27T13:56:44+00:00"
        },
        {
            "name": "symfony/polyfill-mbstring",
-            "version": "v1.12.0",
+            "version": "v1.13.1",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-mbstring.git",
-                "reference": "b42a2f66e8f1b15ccf25652c3424265923eb4f17"
+                "reference": "7b4aab9743c30be783b73de055d24a39cf4b954f"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/b42a2f66e8f1b15ccf25652c3424265923eb4f17",
-                "reference": "b42a2f66e8f1b15ccf25652c3424265923eb4f17",
+                "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/7b4aab9743c30be783b73de055d24a39cf4b954f",
+                "reference": "7b4aab9743c30be783b73de055d24a39cf4b954f",
                "shasum": ""
            },
            "require": {
@@ -2516,7 +2572,7 @@
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "1.12-dev"
+                    "dev-master": "1.13-dev"
                }
            },
            "autoload": {
@@ -2550,20 +2606,20 @@
                "portable",
                "shim"
            ],
-            "time": "2019-08-06T08:03:45+00:00"
+            "time": "2019-11-27T14:18:11+00:00"
        },
        {
            "name": "symfony/polyfill-php73",
-            "version": "v1.12.0",
+            "version": "v1.13.1",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-php73.git",
-                "reference": "2ceb49eaccb9352bff54d22570276bb75ba4a188"
+                "reference": "4b0e2222c55a25b4541305a053013d5647d3a25f"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-php73/zipball/2ceb49eaccb9352bff54d22570276bb75ba4a188",
-                "reference": "2ceb49eaccb9352bff54d22570276bb75ba4a188",
+                "url": "https://api.github.com/repos/symfony/polyfill-php73/zipball/4b0e2222c55a25b4541305a053013d5647d3a25f",
+                "reference": "4b0e2222c55a25b4541305a053013d5647d3a25f",
                "shasum": ""
            },
            "require": {
@@ -2572,7 +2628,7 @@
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "1.12-dev"
+                    "dev-master": "1.13-dev"
                }
            },
            "autoload": {
@@ -2608,24 +2664,24 @@
                "portable",
                "shim"
            ],
-            "time": "2019-08-06T08:03:45+00:00"
+            "time": "2019-11-27T16:25:15+00:00"
        },
        {
            "name": "symfony/service-contracts",
-            "version": "v1.1.7",
+            "version": "v2.0.1",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/service-contracts.git",
-                "reference": "ffcde9615dc5bb4825b9f6aed07716f1f57faae0"
+                "reference": "144c5e51266b281231e947b51223ba14acf1a749"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/service-contracts/zipball/ffcde9615dc5bb4825b9f6aed07716f1f57faae0",
-                "reference": "ffcde9615dc5bb4825b9f6aed07716f1f57faae0",
+                "url": "https://api.github.com/repos/symfony/service-contracts/zipball/144c5e51266b281231e947b51223ba14acf1a749",
+                "reference": "144c5e51266b281231e947b51223ba14acf1a749",
                "shasum": ""
            },
            "require": {
-                "php": "^7.1.3",
+                "php": "^7.2.5",
                "psr/container": "^1.0"
            },
            "suggest": {
@@ -2634,7 +2690,7 @@
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "1.1-dev"
+                    "dev-master": "2.0-dev"
                }
            },
            "autoload": {
@@ -2666,7 +2722,7 @@
                "interoperability",
                "standards"
            ],
-            "time": "2019-09-17T11:12:18+00:00"
+            "time": "2019-11-18T17:27:11+00:00"
        },
        {
            "name": "theseer/directoryscanner",
@@ -2793,6 +2849,7 @@
                }
            ],
            "description": "An XSL wrapper / extension to the PHP 5.x XSLTProcessor with Exception and extended Callback support",
+            "abandoned": true,
            "time": "2014-11-27T20:08:52+00:00"
        },
        {
@@ -2888,31 +2945,29 @@
        },
        {
            "name": "webmozart/assert",
-            "version": "1.5.0",
+            "version": "1.6.0",
            "source": {
                "type": "git",
                "url": "https://github.com/webmozart/assert.git",
-                "reference": "88e6d84706d09a236046d686bbea96f07b3a34f4"
+                "reference": "573381c0a64f155a0d9a23f4b0c797194805b925"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/webmozart/assert/zipball/88e6d84706d09a236046d686bbea96f07b3a34f4",
-                "reference": "88e6d84706d09a236046d686bbea96f07b3a34f4",
+                "url": "https://api.github.com/repos/webmozart/assert/zipball/573381c0a64f155a0d9a23f4b0c797194805b925",
+                "reference": "573381c0a64f155a0d9a23f4b0c797194805b925",
                "shasum": ""
            },
            "require": {
                "php": "^5.3.3 || ^7.0",
                "symfony/polyfill-ctype": "^1.8"
            },
+            "conflict": {
+                "vimeo/psalm": "<3.6.0"
+            },
            "require-dev": {
                "phpunit/phpunit": "^4.8.36 || ^7.5.13"
            },
            "type": "library",
-            "extra": {
-                "branch-alias": {
-                    "dev-master": "1.3-dev"
-                }
-            },
            "autoload": {
                "psr-4": {
                    "Webmozart\\Assert\\": "src/"
@@ -2934,7 +2989,7 @@
                "check",
                "validate"
            ],
-            "time": "2019-08-24T08:43:50+00:00"
+            "time": "2019-11-24T13:36:37+00:00"
        }
    ],
    "aliases": [],
--- a/customer_domains.php
+++ b/customer_domains.php
@@ -42,7 +42,8 @@ if ($page == 'overview') {
 	if ($action == '') {
 		$log->logAction(\Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "viewed customer_domains::domains");
 		$fields = array(
-			'd.domain' => $lng['domains']['domainname']
+			'd.domain_ace' => $lng['domains']['domainname'],
+			'd.aliasdomain' => $lng['domains']['aliasdomain']
 		);
 		try {
 			// get total count
@@ -71,19 +72,24 @@ if ($page == 'overview') {
 			if ($row['parentdomainid'] == '0' && $row['caneditdomain'] == '1') {
 				$parentdomains_count ++;
 			}
-			$domain_array[$row['parentdomainid']][] = $row;
+			$domain_array[$row['parentdomainname']][] = $row;
 		}

-		if (isset($domain_array[0])) {
-			foreach ($domain_array[0] as $pdomain) {
-				// PARENTDOMAIN
-				$row = \Froxlor\PhpHelper::htmlentitiesArray($pdomain);
-				if (Settings::Get('system.awstats_enabled') == '1') {
-					$statsapp = 'awstats';
-				} else {
-					$statsapp = 'webalizer';
-				}
-				eval("\$domains.=\"" . \Froxlor\UI\Template::getTemplate("domains/domains_delimiter") . "\";");
+		foreach ($domain_array as $parentdomain => $sdomains) {
+			// PARENTDOMAIN
+			if (Settings::Get('system.awstats_enabled') == '1') {
+				$statsapp = 'awstats';
+			} else {
+				$statsapp = 'webalizer';
+			}
+			$row = [
+				'domain' => $idna_convert->decode($parentdomain)
+			];
+			eval("\$domains.=\"" . \Froxlor\UI\Template::getTemplate("domains/domains_delimiter") . "\";");
+
+			foreach ($sdomains as $domain) {
+				$row = \Froxlor\PhpHelper::htmlentitiesArray($domain);
+
 				// show docroot nicely
 				if (strpos($row['documentroot'], $userinfo['documentroot']) === 0) {
 					$row['documentroot'] = \Froxlor\FileDir::makeCorrectDir(str_replace($userinfo['documentroot'], "/", $row['documentroot']));
@@ -94,23 +100,6 @@ if ($page == 'overview') {
 					$show_ssledit = true;
 				}
 				eval("\$domains.=\"" . \Froxlor\UI\Template::getTemplate("domains/domains_domain") . "\";");
-
-				// every domain below the parentdomain
-				if (isset($domain_array[$pdomain['id']])) {
-					$mydomains = $domain_array[$pdomain['id']];
-					foreach ($mydomains as $row) {
-						// show docroot nicely
-						if (strpos($row['documentroot'], $userinfo['documentroot']) === 0) {
-							$row['documentroot'] = \Froxlor\FileDir::makeCorrectDir(str_replace($userinfo['documentroot'], "/", $row['documentroot']));
-						}
-						// get ssl-ips if activated
-						$show_ssledit = false;
-						if (Settings::Get('system.use_ssl') == '1' && \Froxlor\Domain\Domain::domainHasSslIpPort($row['id']) && $row['caneditdomain'] == '1' && $row['letsencrypt'] == 0) {
-							$show_ssledit = true;
-						}
-						eval("\$domains.=\"" . \Froxlor\UI\Template::getTemplate("domains/domains_domain") . "\";");
-					}
-				}
 			}
 		}

--- a/customer_email.php
+++ b/customer_email.php
@@ -19,7 +19,6 @@
 define('AREA', 'customer');
 require './lib/init.php';

-use Froxlor\Api\Commands\SubDomains;
 use Froxlor\Database\Database;
 use Froxlor\Settings;
 use Froxlor\Api\Commands\Emails as Emails;
@@ -44,7 +43,7 @@ if ($page == 'overview') {
 	if ($action == '') {
 		$log->logAction(\Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "viewed customer_email::emails");
 		$fields = array(
-			'd.domain' => $lng['domains']['domainname'],
+			'd.domain_ace' => $lng['domains']['domainname'],
 			'm.email_full' => $lng['emails']['emailaddress'],
 			'm.destination' => $lng['emails']['forwarders']
 		);
@@ -76,7 +75,7 @@ if ($page == 'overview') {
 			$emails[$row['domain']][$row['email_full']] = $row;
 		}

-		if ($paging->sortfield == 'd.domain' && $paging->sortorder == 'desc') {
+		if ($paging->sortfield == 'd.domain_ace' && $paging->sortorder == 'desc') {
 			krsort($emails);
 		} else {
 			ksort($emails);
@@ -129,16 +128,15 @@ if ($page == 'overview') {
 			}
 		}

-		$json_result = SubDomains::getLocal($userinfo, [
-			'sql_search' => [
-				'd.isemaildomain' => [
-					'value' => 1,
-					'op' => '='
-				]
-			]
-		])->listing();
-		$result = json_decode($json_result, true)['data'];
-		$emaildomains_count = $result['count'];
+		$result_stmt = Database::prepare("
+			SELECT COUNT(`id`) as emaildomains
+			FROM `" . TABLE_PANEL_DOMAINS . "`
+			WHERE `customerid`= :cid AND `isemaildomain` = '1'
+		");
+		$result2 = Database::pexecute_first($result_stmt, array(
+			"cid" => $userinfo['customerid']
+		));
+		$emaildomains_count = $result2['emaildomains'];

 		eval("echo \"" . \Froxlor\UI\Template::getTemplate("email/emails") . "\";");
 	} elseif ($action == 'delete' && $id != 0) {
@@ -196,7 +194,7 @@ if ($page == 'overview') {
 				$result_stmt = Database::prepare("SELECT `id`, `domain`, `customerid` FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE `customerid`= :cid
 					AND `isemaildomain`='1'
-					ORDER BY `domain` ASC");
+					ORDER BY `domain_ace` ASC");
 				Database::pexecute($result_stmt, array(
 					"cid" => $userinfo['customerid']
 				));
--- a/customer_mysql.php
+++ b/customer_mysql.php
@@ -85,10 +85,12 @@ if ($page == 'overview') {
 			$mbdata_stmt = Database::prepare("SELECT SUM(data_length + index_length) as MB FROM information_schema.TABLES
 					WHERE table_schema = :table_schema
 					GROUP BY table_schema");
-			Database::pexecute($mbdata_stmt, array(
+			$mbdata = Database::pexecute_first($mbdata_stmt, array(
 				"table_schema" => $row['databasename']
 			));
-			$mbdata = $mbdata_stmt->fetch(PDO::FETCH_ASSOC);
+			if (!$mbdata) {
+				$mbdata = array('MB' => 0);
+			}
 			$row['size'] = \Froxlor\PhpHelper::sizeReadable($mbdata['MB'], 'GiB', 'bi', '%01.' . (int) Settings::Get('panel.decimal_places') . 'f %s');
 			eval("\$mysqls.=\"" . \Froxlor\UI\Template::getTemplate('mysql/mysqls_database') . "\";");
 			$count ++;
--- a/customer_traffic.php
+++ b/customer_traffic.php
@@ -86,22 +86,18 @@ if (! is_null($month) && ! is_null($year)) {

 		if (extension_loaded('bcmath')) {
 			$traf['ftptext'] = bcdiv($row['ftp_up'], 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . bcdiv($row['ftp_down'], 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
-			$traf['httptext'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
-			$traf['mailtext'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
 			$traf['ftp'] = bcdiv($ftp, 1024, Settings::Get('panel.decimal_places'));
-			$traf['http'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places'));
-			$traf['mail'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places'));
-			$traf['byte'] = bcdiv($traf['byte'], 1024, Settings::Get('panel.decimal_places'));
 		} else {
 			$traf['ftptext'] = round($row['ftp_up'] / 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . round($row['ftp_down'] / 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
-			$traf['httptext'] = round($http / 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
-			$traf['mailtext'] = round($mail / 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
-			$traf['http'] = round($http, Settings::Get('panel.decimal_places'));
-			$traf['ftp'] = round($ftp, Settings::Get('panel.decimal_places'));
-			$traf['mail'] = round($mail, Settings::Get('panel.decimal_places'));
-			$traf['byte'] = round($traf['byte'] / 1024, Settings::Get('panel.decimal_places'));
+			$traf['ftp'] = round($ftp / 1024, Settings::Get('panel.decimal_places'));
 		}

+		getReadableTraffic($traf,'httptext', $http, 1024, "MiB (HTTP)");
+		getReadableTraffic($traf,'http', $http, 1024);
+		getReadableTraffic($traf,'mailtext', $mail, 1024, "MiB (Mail)");
+		getReadableTraffic($traf,'mail', $mail, 1024);
+		getReadableTraffic($traf,'byte', $traf['byte'], (1024 * 1024));
+
 		eval("\$traffic.=\"" . \Froxlor\UI\Template::getTemplate('traffic/traffic_month') . "\";");
 		$show = $lng['traffic']['months'][intval($row['month'])] . ' ' . $row['year'];
 	}
@@ -112,11 +108,14 @@ if (! is_null($month) && ! is_null($year)) {

 	eval("echo \"" . \Froxlor\UI\Template::getTemplate('traffic/traffic_details') . "\";");
 } else {
-	$result_stmt = Database::prepare("SELECT `month`, `year`, SUM(`http`) AS http, SUM(`ftp_up`) AS ftp_up, SUM(`ftp_down`) AS ftp_down, SUM(`mail`) AS mail
+	$result_stmt = Database::prepare("
+		SELECT `month`, `year`, SUM(`http`) AS http, SUM(`ftp_up`) AS ftp_up, SUM(`ftp_down`) AS ftp_down, SUM(`mail`) AS mail
 		FROM `" . TABLE_PANEL_TRAFFIC . "`
 		WHERE `customerid` = :customerid
-		GROUP BY `year` DESC, `month` DESC
-		LIMIT 12");
+		GROUP BY `year`, `month`
+		ORDER BY `year` DESC, `month` DESC
+		LIMIT 12
+	");
 	Database::pexecute($result_stmt, array(
 		"customerid" => $userinfo['customerid']
 	));
@@ -139,22 +138,18 @@ if (! is_null($month) && ! is_null($year)) {

 		if (extension_loaded('bcmath')) {
 			$traf['ftptext'] = bcdiv($ftp_up, 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . bcdiv($ftp_down, 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
-			$traf['httptext'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
-			$traf['mailtext'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
 			$traf['ftp'] = bcdiv(($ftp_up + $ftp_down), 1024, Settings::Get('panel.decimal_places'));
-			$traf['http'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places'));
-			$traf['mail'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places'));
-			$traf['byte'] = bcdiv($traf['byte'], 1024 * 1024, Settings::Get('panel.decimal_places'));
 		} else {
 			$traf['ftptext'] = round($ftp_up / 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . round($ftp_down / 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
-			$traf['httptext'] = round($http / 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
-			$traf['mailtext'] = round($mail / 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
 			$traf['ftp'] = round(($ftp_up + $ftp_down) / 1024, Settings::Get('panel.decimal_places'));
-			$traf['http'] = round($http / 1024, Settings::Get('panel.decimal_places'));
-			$traf['mail'] = round($mail / 1024, Settings::Get('panel.decimal_places'));
-			$traf['byte'] = round($traf['byte'] / (1024 * 1024), Settings::Get('panel.decimal_places'));
 		}

+		getReadableTraffic($traf,'httptext', $http, 1024, "MiB (HTTP)");
+		getReadableTraffic($traf,'http', $http, 1024);
+		getReadableTraffic($traf,'mailtext', $mail, 1024, "MiB (Mail)");
+		getReadableTraffic($traf,'mail', $mail, 1024);
+		getReadableTraffic($traf,'byte', $traf['byte'], (1024 * 1024));
+
 		eval("\$traffic.=\"" . \Froxlor\UI\Template::getTemplate('traffic/traffic_traffic') . "\";");
 	}

@@ -164,3 +159,12 @@ if (! is_null($month) && ! is_null($year)) {

 	eval("echo \"" . \Froxlor\UI\Template::getTemplate('traffic/traffic') . "\";");
 }
+
+function getReadableTraffic(&$traf, $index, $value, $divisor, $desc = "")
+{
+	if (extension_loaded('bcmath')) {
+		$traf[$index] = bcdiv($value, $divisor,Settings::Get('panel.decimal_places')).(!empty($desc) ? " ".$desc : "");
+	} else {
+		$traf[$index] = round($value / $divisor, Settings::Get('panel.decimal_places')).(!empty($desc) ? " ".$desc : "");
+	}
+}
--- a/index.php
+++ b/index.php
@@ -393,7 +393,7 @@ if ($action == 'forgotpwd') {
 	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$loginname = \Froxlor\Validate\Validate::validate($_POST['loginname'], 'loginname');
 		$email = \Froxlor\Validate\Validate::validateEmail($_POST['loginemail'], 'email');
-		$result_stmt = Database::prepare("SELECT `adminid`, `customerid`, `firstname`, `name`, `company`, `email`, `loginname`, `def_language`, `deactivated` FROM `" . TABLE_PANEL_CUSTOMERS . "`
+		$result_stmt = Database::prepare("SELECT `adminid`, `customerid`, `customernumber`, `firstname`, `name`, `company`, `email`, `loginname`, `def_language`, `deactivated` FROM `" . TABLE_PANEL_CUSTOMERS . "`
 			WHERE `loginname`= :loginname
 			AND `email`= :email");
 		Database::pexecute($result_stmt, array(
@@ -481,6 +481,10 @@ if ($action == 'forgotpwd') {

 					$replace_arr = array(
 						'SALUTATION' => \Froxlor\User::getCorrectUserSalutation($user),
+						'NAME' => $user['name'],
+						'FIRSTNAME' => $user['firstname'] ?? "",
+						'COMPANY' => $user['company'] ?? "",
+						'CUSTOMER_NO' => $user['customernumber'] ?? 0,
 						'USERNAME' => $loginname,
 						'LINK' => $activationlink
 					);
@@ -598,21 +602,18 @@ if ($action == 'resetpwd') {
 				));

 				if ($result !== false) {
-					if ($result['admin'] == 1) {
-						$new_password = \Froxlor\Validate\Validate::validate($_POST['new_password'], 'new password');
-						$new_password_confirm = \Froxlor\Validate\Validate::validate($_POST['new_password_confirm'], 'new password confirm');
-					} else {
-						$new_password = \Froxlor\System\Crypt::validatePassword($_POST['new_password'], 'new password');
-						$new_password_confirm = \Froxlor\System\Crypt::validatePassword($_POST['new_password_confirm'], 'new password confirm');
+					try {
+						$new_password = \Froxlor\System\Crypt::validatePassword($_POST['new_password'], true);
+						$new_password_confirm = \Froxlor\System\Crypt::validatePassword($_POST['new_password_confirm'], true);
+					} catch (Exception $e) {
+						$message = $e->getMessage();
 					}

-					if ($new_password == '') {
-						$message = $new_password;
-					} elseif ($new_password_confirm == '') {
-						$message = $new_password_confirm;
-					} elseif ($new_password != $new_password_confirm) {
-						$message = $new_password . " != " . $new_password_confirm;
-					} else {
+					if (empty($message) && (empty($new_password) || $new_password != $new_password_confirm)) {
+						$message = $lng['error']['newpasswordconfirmerror'];
+					}
+
+					if (empty($message)) {
 						// Update user password
 						if ($result['admin'] == 1) {
 							$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_ADMINS . "`
--- a/install/froxlor.sql
+++ b/install/froxlor.sql
@@ -84,7 +84,7 @@ CREATE TABLE `panel_activation` (
  `creation` int(11) unsigned NOT NULL default '0',
  `activationcode` varchar(50) default NULL,
  PRIMARY KEY (id)
-) ENGINE=InnoDB  CHARSET=utf8 COLLATE=utf8_general_ci;
+) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci;


 DROP TABLE IF EXISTS `panel_admins`;
@@ -224,6 +224,7 @@ DROP TABLE IF EXISTS `panel_domains`;
 CREATE TABLE `panel_domains` (
  `id` int(11) unsigned NOT NULL auto_increment,
  `domain` varchar(255) NOT NULL default '',
+  `domain_ace` varchar(255) NOT NULL default '',
  `adminid` int(11) unsigned NOT NULL default '0',
  `customerid` int(11) unsigned NOT NULL default '0',
  `aliasdomain` int(11) unsigned NULL,
@@ -271,6 +272,9 @@ CREATE TABLE `panel_domains` (
  `ssl_protocols` text,
  `ssl_cipher_list` text,
  `tlsv13_cipher_list` text,
+  `ssl_enabled` tinyint(1) DEFAULT '1',
+  `ssl_honorcipherorder` tinyint(1) DEFAULT '0',
+  `ssl_sessiontickets` tinyint(1) DEFAULT '1',
  PRIMARY KEY  (`id`),
  KEY `customerid` (`customerid`),
  KEY `parentdomain` (`parentdomainid`),
@@ -569,6 +573,7 @@ opcache.interned_strings_buffer'),
 	('system', 'stdsubdomain', ''),
 	('system', 'awstats_path', '/usr/bin/'),
 	('system', 'awstats_conf', '/etc/awstats/'),
+	('system', 'awstats_logformat', '1'),
 	('system', 'defaultttl', '604800'),
 	('system', 'mod_fcgid_defaultini', '1'),
 	('system', 'ftpserver', 'proftpd'),
@@ -649,9 +654,12 @@ opcache.interned_strings_buffer'),
 	('system', 'leregistered', '0'),
 	('system', 'leaccount', ''),
 	('system', 'nssextrausers', '0'),
-	('system', 'disable_le_selfcheck', '0'),
-	('system', 'ssl_protocols', 'TLSv1,TLSv1.2'),
+	('system', 'le_domain_dnscheck', '1'),
+	('system', 'ssl_protocols', 'TLSv1.2'),
 	('system', 'tlsv13_cipher_list', ''),
+	('system', 'honorcipherorder', '0'),
+	('system', 'sessiontickets', '1'),
+	('system', 'sessionticketsenabled', '1'),
 	('system', 'logfiles_format', ''),
 	('system', 'logfiles_type', '1'),
 	('system', 'logfiles_piped', '0'),
@@ -660,6 +668,8 @@ opcache.interned_strings_buffer'),
 	('system', 'errorlog_level', 'warn'),
 	('system', 'leecc', '0'),
 	('system', 'froxloraliases', ''),
+	('system', 'apply_specialsettings_default', '1'),
+	('system', 'apply_phpconfigs_default', '1'),
 	('api', 'enabled', '0'),
 	('2fa', 'enabled', '1'),
 	('panel', 'decimal_places', '4'),
@@ -694,8 +704,8 @@ opcache.interned_strings_buffer'),
 	('panel', 'password_special_char', '!?<>§$%+#=@'),
 	('panel', 'customer_hide_options', ''),
 	('panel', 'is_configured', '0'),
-	('panel', 'version', '0.10.6'),
-	('panel', 'db_version', '201911130');
+	('panel', 'version', '0.10.21'),
+	('panel', 'db_version', '202009070');


 DROP TABLE IF EXISTS `panel_tasks`;
@@ -776,23 +786,6 @@ CREATE TABLE `panel_diskspace` (



-DROP TABLE IF EXISTS `panel_diskspace_admins`;
-CREATE TABLE `panel_diskspace_admins` (
-  `id` int(11) unsigned NOT NULL auto_increment,
-  `adminid` int(11) unsigned NOT NULL default '0',
-  `year` int(4) unsigned zerofill NOT NULL default '0000',
-  `month` int(2) unsigned zerofill NOT NULL default '00',
-  `day` int(2) unsigned zerofill NOT NULL default '00',
-  `stamp` int(11) unsigned NOT NULL default '0',
-  `webspace` bigint(30) unsigned NOT NULL default '0',
-  `mail` bigint(30) unsigned NOT NULL default '0',
-  `mysql` bigint(30) unsigned NOT NULL default '0',
-  PRIMARY KEY  (`id`),
-  KEY `adminid` (`adminid`)
-) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
 DROP TABLE IF EXISTS `panel_languages`;
 CREATE TABLE `panel_languages` (
  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
@@ -833,14 +826,15 @@ CREATE TABLE `panel_fpmdaemons` (
  `description` varchar(50) NOT NULL,
  `reload_cmd` varchar(255) NOT NULL,
  `config_dir` varchar(255) NOT NULL,
-  `pm` varchar(15) NOT NULL DEFAULT 'static',
-  `max_children` int(4) NOT NULL DEFAULT '1',
-  `start_servers` int(4) NOT NULL DEFAULT '20',
-  `min_spare_servers` int(4) NOT NULL DEFAULT '5',
-  `max_spare_servers` int(4) NOT NULL DEFAULT '35',
+  `pm` varchar(15) NOT NULL DEFAULT 'dynamic',
+  `max_children` int(4) NOT NULL DEFAULT '5',
+  `start_servers` int(4) NOT NULL DEFAULT '2',
+  `min_spare_servers` int(4) NOT NULL DEFAULT '1',
+  `max_spare_servers` int(4) NOT NULL DEFAULT '3',
  `max_requests` int(4) NOT NULL DEFAULT '0',
-  `idle_timeout` int(4) NOT NULL DEFAULT '30',
+  `idle_timeout` int(4) NOT NULL DEFAULT '10',
  `limit_extensions` varchar(255) NOT NULL default '.php',
+  `custom_config` text,
  PRIMARY KEY  (`id`),
  UNIQUE KEY `reload` (`reload_cmd`),
  UNIQUE KEY `config` (`config_dir`)
@@ -849,7 +843,7 @@ CREATE TABLE `panel_fpmdaemons` (


 INSERT INTO `panel_fpmdaemons` (`id`, `description`, `reload_cmd`, `config_dir`) VALUES
-(1, 'System default', 'service php7.0-fpm restart', '/etc/php/7.0/fpm/pool.d/');
+(1, 'System default', 'service php7.3-fpm restart', '/etc/php/7.3/fpm/pool.d/');



@@ -869,13 +863,13 @@ CREATE TABLE `panel_phpconfigs` (
  `fpmsettingid` int(11) NOT NULL DEFAULT '1',
  `pass_authorizationheader` tinyint(1) NOT NULL default '0',
  `override_fpmconfig` tinyint(1) NOT NULL DEFAULT '0',
-  `pm` varchar(15) NOT NULL DEFAULT 'static',
-  `max_children` int(4) NOT NULL DEFAULT '1',
-  `start_servers` int(4) NOT NULL DEFAULT '20',
-  `min_spare_servers` int(4) NOT NULL DEFAULT '5',
-  `max_spare_servers` int(4) NOT NULL DEFAULT '35',
+  `pm` varchar(15) NOT NULL DEFAULT 'dynamic',
+  `max_children` int(4) NOT NULL DEFAULT '5',
+  `start_servers` int(4) NOT NULL DEFAULT '2',
+  `min_spare_servers` int(4) NOT NULL DEFAULT '1',
+  `max_spare_servers` int(4) NOT NULL DEFAULT '3',
  `max_requests` int(4) NOT NULL DEFAULT '0',
-  `idle_timeout` int(4) NOT NULL DEFAULT '30',
+  `idle_timeout` int(4) NOT NULL DEFAULT '10',
  `limit_extensions` varchar(255) NOT NULL default '.php',
  PRIMARY KEY  (`id`),
  KEY `fpmsettingid` (`fpmsettingid`)
@@ -884,8 +878,8 @@ CREATE TABLE `panel_phpconfigs` (


 INSERT INTO `panel_phpconfigs` (`id`, `description`, `binary`, `file_extensions`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`, `phpsettings`) VALUES
-(1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = "{DOCUMENT_ROOT}"\r\n'),
-(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = ""\r\n');
+(1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_url_fopen = Off\r\nallow_url_include = Off\r\nauto_append_file =\r\nauto_globals_jit = On\r\nauto_prepend_file =\r\nbcmath.scale = 0\r\ncli_server.color = On\r\ndefault_charset = "UTF-8"\r\ndefault_mimetype = "text/html"\r\ndefault_socket_timeout = 60\r\nasp_tags = Off\r\ndisable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\ndoc_root =\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\nhtml_errors = On\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nimplicit_flush = Off\r\nldap.max_links = -1\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmail.add_x_header = Off\r\nmax_execution_time = 30\r\nmax_file_uploads = 20\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nreport_memleaks = On\r\nrequest_order = "GP"\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nserialize_precision = -1\r\nsession.auto_start = 0\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_httponly =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.cookie_samesite =\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 0\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.sid_bits_per_character = 5\r\nsession.sid_length = 26\r\nsession.trans_sid_tags = "a=href,area=href,frame=src,form="\r\nsession.use_cookies = 1\r\nsession.use_only_cookies = 1\r\nsession.use_strict_mode = 0\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\nopcache.restrict_api = "{DOCUMENT_ROOT}"\r\n'),
+(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_url_fopen = On\r\nallow_url_include = Off\r\nauto_append_file =\r\nauto_globals_jit = On\r\nauto_prepend_file =\r\nbcmath.scale = 0\r\ncli_server.color = On\r\ndefault_charset = "UTF-8"\r\ndefault_mimetype = "text/html"\r\ndefault_socket_timeout = 60\r\nasp_tags = Off\r\ndisable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,curl_multi_exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\ndoc_root =\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\nhtml_errors = On\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nimplicit_flush = Off\r\nldap.max_links = -1\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmail.add_x_header = Off\r\nmax_execution_time = 60\r\nmax_file_uploads = 20\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nreport_memleaks = On\r\nrequest_order = "GP"\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nserialize_precision = -1\r\nsession.auto_start = 0\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_httponly =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.cookie_samesite =\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 0\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.sid_bits_per_character = 5\r\nsession.sid_length = 26\r\nsession.trans_sid_tags = "a=href,area=href,frame=src,form="\r\nsession.use_cookies = 1\r\nsession.use_only_cookies = 1\r\nsession.use_strict_mode = 0\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\nopcache.restrict_api = ""\r\n');


 DROP TABLE IF EXISTS `cronjobs_run`;
@@ -986,7 +980,8 @@ CREATE TABLE IF NOT EXISTS `domain_ssl_settings` (
  `ssl_csr_file` mediumtext,
  `ssl_fullchain_file` mediumtext,
  `expirationdate` datetime DEFAULT NULL,
-  PRIMARY KEY  (`id`)
+  PRIMARY KEY  (`id`),
+  UNIQUE KEY (`domainid`)
 ) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci;


--- a/install/lib/class.FroxlorInstall.php
+++ b/install/lib/class.FroxlorInstall.php
@@ -159,6 +159,7 @@ class FroxlorInstall
 		$this->_guessServerName();
 		$this->_guessServerIP();
 		$this->_guessWebserver();
+		$this->_guessDistribution();

 		$this->_getPostField('mysql_host', '127.0.0.1');
 		$this->_getPostField('mysql_database', 'froxlor');
@@ -332,22 +333,29 @@ class FroxlorInstall
 		$userdata .= "?>";

 		// test if we can store the userdata.inc.php in ../lib
+		$umask = @umask(077);
 		$userdata_file = dirname(dirname(dirname(__FILE__))) . '/lib/userdata.inc.php';
-		if ($fp = @fopen($userdata_file, 'w')) {
-			$result = @fputs($fp, $userdata, strlen($userdata));
+		if (@touch($userdata_file) && @is_writable($userdata_file)) {
+			$fp = @fopen($userdata_file, 'w');
+			@fputs($fp, $userdata, strlen($userdata));
 			@fclose($fp);
 			$content .= $this->_status_message('green', 'OK');
-			chmod($userdata_file, 0440);
-		} elseif ($fp = @fopen('/tmp/userdata.inc.php', 'w')) {
-			$result = @fputs($fp, $userdata, strlen($userdata));
-			@fclose($fp);
-			$content .= $this->_status_message('orange', $this->_lng['install']['creating_configfile_temp']);
-			chmod('/tmp/userdata.inc.php', 0440);
 		} else {
-			$content .= $this->_status_message('red', $this->_lng['install']['creating_configfile_failed']);
-			$escpduserdata = nl2br(htmlspecialchars($userdata));
-			eval("\$content .= \"" . $this->_getTemplate("textarea") . "\";");
+			@unlink($userdata_file);
+			// try creating it in a temporary file
+			$temp_file = @tempnam(sys_get_temp_dir(), 'fx');
+			if ($temp_file) {
+				$fp = @fopen($temp_file, 'w');
+				@fputs($fp, $userdata, strlen($userdata));
+				@fclose($fp);
+				$content .= $this->_status_message('orange', sprintf($this->_lng['install']['creating_configfile_temp'], $temp_file));
+			} else {
+				$content .= $this->_status_message('red', $this->_lng['install']['creating_configfile_failed']);
+				$escpduserdata = nl2br(htmlspecialchars($userdata));
+				eval("\$content .= \"" . $this->_getTemplate("textarea") . "\";");
+			}
 		}
+		@umask($umask);

 		return $content;
 	}
@@ -497,6 +505,17 @@ class FroxlorInstall
 			$this->_updateSetting($upd_stmt, 'error', 'system', 'errorlog_level');
 		}

+		$distros = glob(\Froxlor\FileDir::makeCorrectDir(\Froxlor\Froxlor::getInstallDir() . '/lib/configfiles/') . '*.xml');
+		foreach ($distros as $_distribution) {
+			if($this->_data['distribution'] == str_replace(".xml", "", strtolower(basename($_distribution)))) {
+				$dist = new \Froxlor\Config\ConfigParser($_distribution);
+				$defaults = $dist->getDefaults();
+				foreach ($defaults->property as $property) {
+					$this->_updateSetting($upd_stmt, $property->value, $property->settinggroup, $property->varname);
+				}
+			}
+		}
+
 		$this->_updateSetting($upd_stmt, $this->_data['activate_newsfeed'], 'admin', 'show_news_feed');
 		$this->_updateSetting($upd_stmt, dirname(dirname(dirname(__FILE__))), 'system', 'letsencryptchallengepath');

@@ -563,7 +582,7 @@ class FroxlorInstall
 			for ($i = 0; $i < sizeof($sql_query); $i ++) {
 				if (trim($sql_query[$i]) != '') {
 					try {
-						$result = $db->query($sql_query[$i]);
+						$db->query($sql_query[$i]);
 					} catch (\PDOException $e) {
 						$content .= $this->_status_message('red', $e->getMessage());
 						$fatal_fail = true;
@@ -730,7 +749,7 @@ class FroxlorInstall
 			}

 			if ($do_backup) {
-				$command = $mysql_dump . " " . $this->_data['mysql_database'] . " -u " . $this->_data['mysql_root_user'] . " --password='" . $this->_data['mysql_root_pass'] . "' --result-file=" . $filename;
+				$command = $mysql_dump . " " . escapeshellarg($this->_data['mysql_database']) . " -u " . escapeshellarg($this->_data['mysql_root_user']) . " --password='" . escapeshellarg($this->_data['mysql_root_pass']) . "' --result-file=" . $filename;
 				$output = exec($command);
 				if (stristr($output, "error")) {
 					$content .= $this->_status_message('red', $this->_lng['install']['backup_failed']);
@@ -833,6 +852,32 @@ class FroxlorInstall
 		 */
 		$section = $this->_lng['install']['serversettings'];
 		eval("\$formdata .= \"" . $this->_getTemplate("datasection") . "\";");
+		// distribution
+		if (! empty($_POST['installstep']) && $this->_data['distribution'] == '') {
+			$diststyle = 'color:red;';
+		} else {
+			$diststyle = '';
+		}
+
+		// show list of available distro's
+		$distros = glob(\Froxlor\FileDir::makeCorrectDir(\Froxlor\Froxlor::getInstallDir() . '/lib/configfiles/') . '*.xml');
+		foreach ($distros as $_distribution) {
+			$dist = new \Froxlor\Config\ConfigParser($_distribution);
+			$dist_display = $dist->distributionName." ".$dist->distributionCodename." (" . $dist->distributionVersion . ")";
+			$distributions_select_data[$dist_display] .= str_replace(".xml", "", strtolower(basename($_distribution)));
+		}
+
+		// sort by distribution name
+		ksort($distributions_select_data);
+
+		foreach ($distributions_select_data as $dist_display => $dist_index) {
+			// create select-box-option
+			$distributions_select .= \Froxlor\UI\HTML::makeoption($dist_display, $dist_index, $this->_data['distribution']);
+			//$this->_data['distribution']
+		}
+
+		$formdata .= $this->_getSectionItemSelectbox('distribution', $distributions_select, $diststyle);
+
 		// servername
 		if (! empty($_POST['installstep']) && $this->_data['servername'] == '') {
 			$style = 'color:red;';
@@ -854,12 +899,12 @@ class FroxlorInstall
 			$websrvstyle = '';
 		}
 		// apache
-		$formdata .= $this->_getSectionItemCheckbox('apache2', ($this->_data['webserver'] == 'apache2'), $websrvstyle);
-		$formdata .= $this->_getSectionItemCheckbox('apache24', ($this->_data['webserver'] == 'apache24'), $websrvstyle);
+		$formdata .= $this->_getSectionItemCheckbox('webserver', 'apache2', ($this->_data['webserver'] == 'apache2'), $websrvstyle);
+		$formdata .= $this->_getSectionItemCheckbox('webserver', 'apache24', ($this->_data['webserver'] == 'apache24'), $websrvstyle);
 		// lighttpd
-		$formdata .= $this->_getSectionItemCheckbox('lighttpd', ($this->_data['webserver'] == 'lighttpd'), $websrvstyle);
+		$formdata .= $this->_getSectionItemCheckbox('webserver', 'lighttpd', ($this->_data['webserver'] == 'lighttpd'), $websrvstyle);
 		// nginx
-		$formdata .= $this->_getSectionItemCheckbox('nginx', ($this->_data['webserver'] == 'nginx'), $websrvstyle);
+		$formdata .= $this->_getSectionItemCheckbox('webserver', 'nginx', ($this->_data['webserver'] == 'nginx'), $websrvstyle);
 		// webserver-user
 		if (! empty($_POST['installstep']) && $this->_data['httpuser'] == '') {
 			$style = 'color:red;';
@@ -911,7 +956,7 @@ class FroxlorInstall
 	}

 	/**
-	 * generate form radio field for webserver-selection
+	 * generate form radio field 
 	 *
 	 * @param string $fieldname
 	 * @param boolean $checked
@@ -919,8 +964,9 @@ class FroxlorInstall
 	 *
 	 * @return string
 	 */
-	private function _getSectionItemCheckbox($fieldname = null, $checked = false, $style = "")
+	private function _getSectionItemCheckbox($groupname = null, $fieldname = null, $checked = false, $style = "")
 	{
+		$groupname = $this->_lng['install'][$groupname];
 		$fieldlabel = $this->_lng['install'][$fieldname];
 		if ($checked) {
 			$checked = 'checked="checked"';
@@ -930,6 +976,25 @@ class FroxlorInstall
 		return $sectionitem;
 	}

+	/**
+	 * generate form selectbox
+	 *
+	 * @param string $fieldname
+	 * @param boolean $options
+	 * @param string $style
+	 *
+	 * @return string
+	 */
+	private function _getSectionItemSelectbox($fieldname = null, $options = null, $style = "")
+	{
+		$groupname = $this->_lng['install'][$groupname];
+		$fieldlabel = $this->_lng['install'][$fieldname];
+
+		$sectionitem = "";
+		eval("\$sectionitem .= \"" . $this->_getTemplate("dataitemselect") . "\";");
+		return $sectionitem;
+	}
+
 	/**
 	 * generate form checkbox field
 	 *
@@ -1266,6 +1331,39 @@ class FroxlorInstall
 		}
 	}

+
+	/**
+	 * get/guess linux distribution
+	 */
+	private function _guessDistribution()
+	{
+		// post
+		if (! empty($_POST['distribution'])) {
+			$this->_data['distribution'] = $_POST['distribution'];
+		} else {
+			//set default os.
+			$os_dist = array('ID' => 'buster');
+			$os_version = array('0' => '10');
+
+			//read os-release
+			if(file_exists('/etc/os-release')) {
+				$os_dist = parse_ini_file('/etc/os-release', false);
+				if(is_array($os_dist) && array_key_exists('ID', $os_dist) && array_key_exists('VERSION_ID', $os_dist)) {
+					$os_version = explode('.',$os_dist['VERSION_ID'])[0];
+				}
+			}
+
+			$distros = glob(\Froxlor\FileDir::makeCorrectDir(\Froxlor\Froxlor::getInstallDir() . '/lib/configfiles/') . '*.xml');
+			foreach ($distros as $_distribution) {
+				$dist = new \Froxlor\Config\ConfigParser($_distribution);
+				$ver = explode('.', $dist->distributionVersion)[0];
+				if (strtolower($os_dist['ID']) == strtolower($dist->distributionName) && $os_version == $ver) {
+					$this->_data['distribution'] = str_replace(".xml", "", strtolower(basename($_distribution)));
+				}
+			}
+		}
+	}
+
 	/**
 	 * check if POST field is set and get value for the
 	 * internal data array, if not set use either '' or $default if != null
--- a/install/lng/english.lng.php
+++ b/install/lng/english.lng.php
@@ -63,6 +63,7 @@ $lng['install']['admin_pass1'] = 'Administrator Password';
 $lng['install']['admin_pass2'] = 'Administrator-Password (confirm)';
 $lng['install']['activate_newsfeed'] = 'Enable the official newsfeed<br><small>(https://inside.froxlor.org/news/)</small>';
 $lng['install']['serversettings'] = 'Server settings';
+$lng['install']['distribution'] = 'Distribution';
 $lng['install']['servername'] = 'Server name (FQDN, no ip-address)';
 $lng['install']['serverip'] = 'Server IP';
 $lng['install']['webserver'] = 'Webserver';
@@ -86,7 +87,7 @@ $lng['install']['changing_data'] = 'Adjusting settings...';
 $lng['install']['creating_entries'] = 'Inserting new values...';
 $lng['install']['adding_admin_user'] = 'Creating admin-account...';
 $lng['install']['creating_configfile'] = 'Creating configfile...';
-$lng['install']['creating_configfile_temp'] = 'File was saved in /tmp/userdata.inc.php, please move to ' . dirname(dirname(__DIR__)) . '/lib/.';
+$lng['install']['creating_configfile_temp'] = 'File was saved in %s, please move to ' . dirname(dirname(__DIR__)) . '/lib/userdata.inc.php';
 $lng['install']['creating_configfile_failed'] = 'Could not create ' . dirname(dirname(__DIR__)) . '/lib/userdata.inc.php, please create it manually with the following content:';
 $lng['install']['froxlor_succ_installed'] = 'Froxlor was installed successfully.';

--- a/install/lng/french.lng.php
+++ b/install/lng/french.lng.php
@@ -53,6 +53,7 @@ $lng['install']['admin_user'] = 'Nom d\'utilisateur administrateur';
 $lng['install']['admin_pass1'] = 'Mot de passe administrateur';
 $lng['install']['admin_pass2'] = 'Mot de passe administrateur (confirmez)';
 $lng['install']['serversettings'] = 'Réglages serveur';
+$lng['install']['distribution'] = 'Distribution';
 $lng['install']['servername'] = 'Nom du serveur (FQDN, pas d\'adresse IP)';
 $lng['install']['serverip'] = 'Adresse IP du serveur';
 $lng['install']['webserver'] = 'Serveur Web';
@@ -76,7 +77,7 @@ $lng['install']['changing_data'] = 'Ajustement des paramètres...';
 $lng['install']['creating_entries'] = 'Insertion des nouvelles valeurs...';
 $lng['install']['adding_admin_user'] = 'Création du compte administrateur...';
 $lng['install']['creating_configfile'] = 'Création du fichier de configuration...';
-$lng['install']['creating_configfile_temp'] = 'Le fichier a été enregistré dans /tmp/userdata.inc.php, merci de le déplacer dans ' . dirname(dirname(__DIR__)) . '/lib/.';
+$lng['install']['creating_configfile_temp'] = 'Le fichier a été enregistré dans %s, merci de le déplacer dans ' . dirname(dirname(__DIR__)) . '/lib/userdata.inc.php';
 $lng['install']['creating_configfile_failed'] = 'Impossible de créer ' . dirname(dirname(__DIR__)) . '/lib/userdata.inc.php, merci de le créer manuellement avec le contenu suivant:';
 $lng['install']['froxlor_succ_installed'] = 'Froxlor a été installé avec succès.';

--- a/install/lng/german.lng.php
+++ b/install/lng/german.lng.php
@@ -63,6 +63,7 @@ $lng['install']['admin_pass1'] = 'Administrator-Passwort';
 $lng['install']['admin_pass2'] = 'Administrator-Passwort (Bestätigung)';
 $lng['install']['activate_newsfeed'] = 'Aktiviere das offizielle Newsfeed<br><small>(https://inside.froxlor.org/news/)</small>';
 $lng['install']['serversettings'] = 'Servereinstellungen';
+$lng['install']['distribution'] = 'Distribution';
 $lng['install']['servername'] = 'Servername (FQDN, keine IP-Adresse)';
 $lng['install']['serverip'] = 'Server-IP';
 $lng['install']['webserver'] = 'Webserver';
@@ -86,7 +87,7 @@ $lng['install']['changing_data'] = 'Einstellungen anpassen...';
 $lng['install']['creating_entries'] = 'Trage neue Werte ein...';
 $lng['install']['adding_admin_user'] = 'Erstelle Admin-Benutzer...';
 $lng['install']['creating_configfile'] = 'Erstelle Konfigurationsdatei...';
-$lng['install']['creating_configfile_temp'] = 'Datei wurde in /tmp/userdata.inc.php gespeichert, bitte nach ' . dirname(dirname(__DIR__)) . '/lib/ verschieben.';
+$lng['install']['creating_configfile_temp'] = 'Datei wurde in %s gespeichert, bitte nach ' . dirname(dirname(__DIR__)) . '/lib/userdata.inc.php verschieben.';
 $lng['install']['creating_configfile_failed'] = 'Konnte ' . dirname(dirname(__DIR__)) . '/lib/userdata.inc.php nicht erstellen, bitte manuell mit folgendem Inhalt anlegen:';
 $lng['install']['froxlor_succ_installed'] = 'Froxlor wurde erfolgreich installiert.';

--- a/install/templates/dataitemchk.tpl
+++ b/install/templates/dataitemchk.tpl
@@ -1,4 +1,4 @@
 <p>
-	<label for="{$fieldname}" class="install-block {$style}">{$this->_lng['install']['webserver']} {$fieldlabel}:</label>
-	<input type="radio" name="webserver" id="{$fieldname}" value="{$fieldname}" {$checked} /><span>{$fieldlabel}</span>
+	<label for="{$fieldname}" class="install-block {$style}">{$groupname} {$fieldlabel}:</label>
+	<input type="radio" name="{$groupname}" id="{$fieldname}" value="{$fieldname}" {$checked} /><span>{$fieldlabel}</span>
 </p>
--- a/install/templates/dataitemselect.tpl
+++ b/install/templates/dataitemselect.tpl
@@ -0,0 +1,6 @@
+<p>
+	<label for="{$fieldname}" class="install-block {$style}">{$fieldlabel}:</label>
+	<select name="{$fieldname}" id="{$fieldname}" class="dropdown">
+		{$options}
+	</select>
+</p>
--- a/install/updates/froxlor/0.10/update_0.10.inc.php
+++ b/install/updates/froxlor/0.10/update_0.10.inc.php
@@ -482,3 +482,203 @@ if (\Froxlor\Froxlor::isFroxlorVersion('0.10.5')) {
 	showUpdateStep("Updating from 0.10.5 to 0.10.6", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.6');
 }
+
+if (\Froxlor\Froxlor::isDatabaseVersion('201911130')) {
+	showUpdateStep("Adding new settings for domain edit form default values");
+	Settings::AddNew("system.apply_specialsettings_default", '1');
+	Settings::AddNew("system.apply_phpconfigs_default", '1');
+	lastStepStatus(0);
+	\Froxlor\Froxlor::updateToDbVersion('201911220');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.6')) {
+	showUpdateStep("Updating from 0.10.6 to 0.10.7", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.7');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.7')) {
+	showUpdateStep("Updating from 0.10.7 to 0.10.8", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.8');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.8')) {
+	showUpdateStep("Updating from 0.10.8 to 0.10.9", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.9');
+}
+
+if (\Froxlor\Froxlor::isDatabaseVersion('201911220')) {
+	showUpdateStep("Adding enhanced SSL control over domains");
+	// customer domains
+	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `ssl_enabled` tinyint(1) DEFAULT '1';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `ssl_honorcipherorder` tinyint(1) DEFAULT '0' AFTER `ssl_enabled`;");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `ssl_sessiontickets` tinyint(1) DEFAULT '1' AFTER `ssl_honorcipherorder`;");
+	// as setting for froxlor vhost
+	Settings::AddNew("system.honorcipherorder", '0');
+	Settings::AddNew("system.sessiontickets", '1');
+	lastStepStatus(0);
+	\Froxlor\Froxlor::updateToDbVersion('201912100');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.9')) {
+	showUpdateStep("Updating from 0.10.9 to 0.10.10", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.10');
+}
+
+if (\Froxlor\Froxlor::isDatabaseVersion('201912100')) {
+	showUpdateStep("Adding option to disable SSL sessiontickets for older systems");
+	Settings::AddNew("system.sessionticketsenabled", '1');
+	lastStepStatus(0);
+	\Froxlor\Froxlor::updateToDbVersion('201912310');
+}
+
+if (\Froxlor\Froxlor::isDatabaseVersion('201912310')) {
+	showUpdateStep("Adding custom phpfpm pool configuration field");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_FPMDAEMONS . "` ADD `custom_config` text AFTER `limit_extensions`;");
+	lastStepStatus(0);
+	\Froxlor\Froxlor::updateToDbVersion('201912311');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.10')) {
+	showUpdateStep("Updating from 0.10.10 to 0.10.11", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.11');
+}
+
+if (\Froxlor\Froxlor::isDatabaseVersion('201912311')) {
+	showUpdateStep("Migrate logfiles_format setting");
+	$current_format = Settings::Set('system.logfiles_format');
+	if (! empty($current_format)) {
+		Settings::Set('system.logfiles_format', '"' . Settings::Get('system.logfiles_format') . '"');
+		lastStepStatus(0);
+	} else {
+		lastStepStatus(0, 'not needed');
+	}
+	\Froxlor\Froxlor::updateToDbVersion('201912312');
+}
+
+if (\Froxlor\Froxlor::isDatabaseVersion('201912312')) {
+	showUpdateStep("Adding option change awstats LogFormat");
+	Settings::AddNew("system.awstats_logformat", '1');
+	lastStepStatus(0);
+	\Froxlor\Froxlor::updateToDbVersion('201912313');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.11')) {
+	showUpdateStep("Updating from 0.10.11 to 0.10.12", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.12');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.12')) {
+	showUpdateStep("Updating from 0.10.12 to 0.10.13", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.13');
+}
+
+if (\Froxlor\Froxlor::isDatabaseVersion('201912313')) {
+	showUpdateStep("Adding new field to domains table");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `domain_ace` varchar(255) NOT NULL default '' AFTER `domain`;");
+	lastStepStatus(0);
+
+	showUpdateStep("Updating domain entries");
+	$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `domain_ace` = :ace WHERE `id` = :domainid");
+	$sel_stmt = Database::prepare("SELECT id, domain FROM `" . TABLE_PANEL_DOMAINS . "` ORDER BY id ASC");
+	Database::pexecute($sel_stmt);
+	$idna_convert = new \Froxlor\Idna\IdnaWrapper();
+	while ($domain = $sel_stmt->fetch(\PDO::FETCH_ASSOC)) {
+		Database::pexecute($upd_stmt, [
+			'ace' => $idna_convert->decode($domain['domain']),
+			'domainid' => $domain['id']
+		]);
+	}
+	lastStepStatus(0);
+
+	\Froxlor\Froxlor::updateToDbVersion('202002290');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.13')) {
+	showUpdateStep("Updating from 0.10.13 to 0.10.14", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.14');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.14')) {
+	showUpdateStep("Updating from 0.10.14 to 0.10.15", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.15');
+}
+
+if (\Froxlor\Froxlor::isDatabaseVersion('202002290')) {
+	showUpdateStep("Adding new setting to validate DNS when using Let's Encrypt");
+	Database::query("DELETE FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'system' AND `varname` = 'disable_le_selfcheck'");
+	$le_domain_dnscheck = isset($_POST['system_le_domain_dnscheck']) ? (int) $_POST['system_le_domain_dnscheck'] : '1';
+	Settings::AddNew("system.le_domain_dnscheck", $le_domain_dnscheck);
+	lastStepStatus(0);
+
+	\Froxlor\Froxlor::updateToDbVersion('202004140');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.15')) {
+	showUpdateStep("Updating from 0.10.15 to 0.10.16", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.16');
+}
+
+if (\Froxlor\Froxlor::isDatabaseVersion('202004140')) {
+
+	showUpdateStep("Adding unique key on domainid field in domain ssl table");
+	// check for duplicate entries prior to set a unique key to avoid errors on update
+	Database::query("
+		DELETE a.* FROM domain_ssl_settings AS a
+		LEFT JOIN domain_ssl_settings AS b ON
+		((b.`domainid`=a.`domainid` AND UNIX_TIMESTAMP(b.`expirationdate`) > UNIX_TIMESTAMP(a.`expirationdate`))
+		OR (UNIX_TIMESTAMP(b.`expirationdate`) = UNIX_TIMESTAMP(a.`expirationdate`) AND b.`id`>a.`id`))
+		WHERE b.`id` IS NOT NULL
+	");
+	Database::query("ALTER TABLE `domain_ssl_settings` ADD UNIQUE(`domainid`)");
+	lastStepStatus(0);
+
+	\Froxlor\Froxlor::updateToDbVersion('202005150');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.16')) {
+	showUpdateStep("Updating from 0.10.16 to 0.10.17", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.17');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.17')) {
+	showUpdateStep("Updating from 0.10.17 to 0.10.18", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.18');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.18')) {
+	showUpdateStep("Updating from 0.10.18 to 0.10.19", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.19');
+}
+
+if (\Froxlor\Froxlor::isDatabaseVersion('202005150')) {
+
+	showUpdateStep("Add new performance indexes", true);
+	Database::query("ALTER TABLE panel_customers ADD INDEX guid (guid);");
+	Database::query("ALTER TABLE panel_tasks ADD INDEX type (type);");
+	Database::query("ALTER TABLE mail_users ADD INDEX username (username);");
+	Database::query("ALTER TABLE mail_users ADD INDEX imap (imap);");
+	Database::query("ALTER TABLE mail_users ADD INDEX pop3 (pop3);");
+	Database::query("ALTER TABLE ftp_groups ADD INDEX gid (gid);");
+	lastStepStatus(0);
+
+	\Froxlor\Froxlor::updateToDbVersion('202007240');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.19')) {
+	showUpdateStep("Updating from 0.10.19 to 0.10.20", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.20');
+}
+
+if (\Froxlor\Froxlor::isDatabaseVersion('202007240')) {
+
+	showUpdateStep("Removing old unused table", true);
+	Database::query("DROP TABLE IF EXISTS `panel_diskspace_admins`;");
+	lastStepStatus(0);
+
+	\Froxlor\Froxlor::updateToDbVersion('202009070');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.20')) {
+	showUpdateStep("Updating from 0.10.20 to 0.10.21", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.21');
+}
--- a/install/updates/preconfig.php
+++ b/install/updates/preconfig.php
@@ -34,6 +34,9 @@ function getPreConfig($current_version, $current_db_version)
 	include_once \Froxlor\FileDir::makeCorrectFile(dirname(__FILE__) . '/preconfig/0.9/preconfig_0.9.inc.php');
 	parseAndOutputPreconfig($has_preconfig, $return, $current_version, $current_db_version);

+	include_once \Froxlor\FileDir::makeCorrectFile(dirname(__FILE__) . '/preconfig/0.10/preconfig_0.10.inc.php');
+	parseAndOutputPreconfig2($has_preconfig, $return, $current_version, $current_db_version);
+
 	$return .= '<br /><br />' . \Froxlor\UI\HTML::makecheckbox('update_changesagreed', '<strong>I have read the update notifications above and I am aware of the changes made to my system.</strong>', '1', true, '0', true);
 	$return .= '</div>';
 	$return .= '<input type="hidden" name="update_preconfig" value="1" />';
--- a/install/updates/preconfig/0.10/preconfig_0.10.inc.php
+++ b/install/updates/preconfig/0.10/preconfig_0.10.inc.php
@@ -0,0 +1,42 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Updater
+ *
+ */
+
+/**
+ * checks if the new-version has some updating to do
+ *
+ * @param boolean $has_preconfig
+ *        	pointer to check if any preconfig has to be output
+ * @param string $return
+ *        	pointer to output string
+ * @param string $current_version
+ *        	current froxlor version
+ *        	
+ * @return null
+ */
+function parseAndOutputPreconfig2(&$has_preconfig, &$return, $current_version, $current_db_version)
+{
+	global $lng;
+
+	if (versionInUpdate($current_db_version, '202004140')) {
+		$has_preconfig = true;
+		$description = 'Froxlor can now optionally validate the dns entries of domains that request Lets Encrypt certificates to reduce dns-related problems (e.g. freshly registered domain or updated a-record).<br />';
+		$question = '<strong>Validate DNS of domains when using Lets Encrypt&nbsp;';
+		$question .= \Froxlor\UI\HTML::makeyesno('system_le_domain_dnscheck', '1', '0', '1');
+
+		eval("\$return.=\"" . \Froxlor\UI\Template::getTemplate("update/preconfigitem") . "\";");
+	}
+}
--- a/install/updates/preconfig/0.9/preconfig_0.9.inc.php
+++ b/install/updates/preconfig/0.9/preconfig_0.9.inc.php
@@ -600,8 +600,8 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
 	if (versionInUpdate($current_version, '0.9.32-rc2')) {
 		$has_preconfig = true;
 		$description = 'To customize the command which executes the cronjob (php - basically) change the path below according to your system.<br /><br />';
-		$question = '<strong>Please specify the command to execute cronscripts</strong> (default: "/usr/bin/nice -n 5 /usr/bin/php5 -q")<br />';
-		$question .= '<input type="text" class="text" name="croncmdline" value="/usr/bin/nice -n 5 /usr/bin/php5 -q" /><br />';
+		$question = '<strong>Please specify the command to execute cronscripts</strong> (default: "/usr/bin/nice -n 5 /usr/bin/php -q")<br />';
+		$question .= '<input type="text" class="text" name="croncmdline" value="/usr/bin/nice -n 5 /usr/bin/php -q" /><br />';
 		eval("\$return.=\"" . \Froxlor\UI\Template::getTemplate("update/preconfigitem") . "\";");
 	}

--- a/js/html5shiv.min.js
+++ b/js/html5shiv.min.js
@@ -1,4 +1,4 @@
 /**
-* @preserve HTML5 Shiv 3.7.2 | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed
+* @preserve HTML5 Shiv 3.7.3 | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed
 */
-!function(a,b){function c(a,b){var c=a.createElement("p"),d=a.getElementsByTagName("head")[0]||a.documentElement;return c.innerHTML="x<style>"+b+"</style>",d.insertBefore(c.lastChild,d.firstChild)}function d(){var a=t.elements;return"string"==typeof a?a.split(" "):a}function e(a,b){var c=t.elements;"string"!=typeof c&&(c=c.join(" ")),"string"!=typeof a&&(a=a.join(" ")),t.elements=c+" "+a,j(b)}function f(a){var b=s[a[q]];return b||(b={},r++,a[q]=r,s[r]=b),b}function g(a,c,d){if(c||(c=b),l)return c.createElement(a);d||(d=f(c));var e;return e=d.cache[a]?d.cache[a].cloneNode():p.test(a)?(d.cache[a]=d.createElem(a)).cloneNode():d.createElem(a),!e.canHaveChildren||o.test(a)||e.tagUrn?e:d.frag.appendChild(e)}function h(a,c){if(a||(a=b),l)return a.createDocumentFragment();c=c||f(a);for(var e=c.frag.cloneNode(),g=0,h=d(),i=h.length;i>g;g++)e.createElement(h[g]);return e}function i(a,b){b.cache||(b.cache={},b.createElem=a.createElement,b.createFrag=a.createDocumentFragment,b.frag=b.createFrag()),a.createElement=function(c){return t.shivMethods?g(c,a,b):b.createElem(c)},a.createDocumentFragment=Function("h,f","return function(){var n=f.cloneNode(),c=n.createElement;h.shivMethods&&("+d().join().replace(/[\w\-:]+/g,function(a){return b.createElem(a),b.frag.createElement(a),'c("'+a+'")'})+");return n}")(t,b.frag)}function j(a){a||(a=b);var d=f(a);return!t.shivCSS||k||d.hasCSS||(d.hasCSS=!!c(a,"article,aside,dialog,figcaption,figure,footer,header,hgroup,main,nav,section{display:block}mark{background:#FF0;color:#000}template{display:none}")),l||i(a,d),a}var k,l,m="3.7.2",n=a.html5||{},o=/^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i,p=/^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i,q="_html5shiv",r=0,s={};!function(){try{var a=b.createElement("a");a.innerHTML="<xyz></xyz>",k="hidden"in a,l=1==a.childNodes.length||function(){b.createElement("a");var a=b.createDocumentFragment();return"undefined"==typeof a.cloneNode||"undefined"==typeof a.createDocumentFragment||"undefined"==typeof a.createElement}()}catch(c){k=!0,l=!0}}();var t={elements:n.elements||"abbr article aside audio bdi canvas data datalist details dialog figcaption figure footer header hgroup main mark meter nav output picture progress section summary template time video",version:m,shivCSS:n.shivCSS!==!1,supportsUnknownElements:l,shivMethods:n.shivMethods!==!1,type:"default",shivDocument:j,createElement:g,createDocumentFragment:h,addElements:e};a.html5=t,j(b)}(this,document);
+!function(a,b){function c(a,b){var c=a.createElement("p"),d=a.getElementsByTagName("head")[0]||a.documentElement;return c.innerHTML="x<style>"+b+"</style>",d.insertBefore(c.lastChild,d.firstChild)}function d(){var a=t.elements;return"string"==typeof a?a.split(" "):a}function e(a,b){var c=t.elements;"string"!=typeof c&&(c=c.join(" ")),"string"!=typeof a&&(a=a.join(" ")),t.elements=c+" "+a,j(b)}function f(a){var b=s[a[q]];return b||(b={},r++,a[q]=r,s[r]=b),b}function g(a,c,d){if(c||(c=b),l)return c.createElement(a);d||(d=f(c));var e;return e=d.cache[a]?d.cache[a].cloneNode():p.test(a)?(d.cache[a]=d.createElem(a)).cloneNode():d.createElem(a),!e.canHaveChildren||o.test(a)||e.tagUrn?e:d.frag.appendChild(e)}function h(a,c){if(a||(a=b),l)return a.createDocumentFragment();c=c||f(a);for(var e=c.frag.cloneNode(),g=0,h=d(),i=h.length;i>g;g++)e.createElement(h[g]);return e}function i(a,b){b.cache||(b.cache={},b.createElem=a.createElement,b.createFrag=a.createDocumentFragment,b.frag=b.createFrag()),a.createElement=function(c){return t.shivMethods?g(c,a,b):b.createElem(c)},a.createDocumentFragment=Function("h,f","return function(){var n=f.cloneNode(),c=n.createElement;h.shivMethods&&("+d().join().replace(/[\w\-:]+/g,function(a){return b.createElem(a),b.frag.createElement(a),'c("'+a+'")'})+");return n}")(t,b.frag)}function j(a){a||(a=b);var d=f(a);return!t.shivCSS||k||d.hasCSS||(d.hasCSS=!!c(a,"article,aside,dialog,figcaption,figure,footer,header,hgroup,main,nav,section{display:block}mark{background:#FF0;color:#000}template{display:none}")),l||i(a,d),a}var k,l,m="3.7.3",n=a.html5||{},o=/^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i,p=/^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i,q="_html5shiv",r=0,s={};!function(){try{var a=b.createElement("a");a.innerHTML="<xyz></xyz>",k="hidden"in a,l=1==a.childNodes.length||function(){b.createElement("a");var a=b.createDocumentFragment();return"undefined"==typeof a.cloneNode||"undefined"==typeof a.createDocumentFragment||"undefined"==typeof a.createElement}()}catch(c){k=!0,l=!0}}();var t={elements:n.elements||"abbr article aside audio bdi canvas data datalist details dialog figcaption figure footer header hgroup main mark meter nav output picture progress section summary template time video",version:m,shivCSS:n.shivCSS!==!1,supportsUnknownElements:l,shivMethods:n.shivMethods!==!1,type:"default",shivDocument:j,createElement:g,createDocumentFragment:h,addElements:e};a.html5=t,j(b),"object"==typeof module&&module.exports&&(module.exports=t)}("undefined"!=typeof window?window:this,document);
--- a/js/jquery.min.js
+++ b/js/jquery.min.js
--- a/lib/Froxlor/Api/ApiCommand.php
+++ b/lib/Froxlor/Api/ApiCommand.php
@@ -54,6 +54,13 @@ abstract class ApiCommand extends ApiParameter
 	 */
 	private $mail = null;

+	/**
+	 * whether the call is an internal one or not
+	 *
+	 * @var boolean
+	 */
+	private $internal_call = false;
+
 	/**
 	 * language strings array
 	 *
@@ -90,10 +97,12 @@ abstract class ApiCommand extends ApiParameter
 	 *        	optional, array of parameters (var=>value) for the command
 	 * @param array $userinfo
 	 *        	optional, passed via WebInterface (instead of $header)
+	 * @param boolean $internal
+	 *        	optional whether called internally, default false
 	 *        	
 	 * @throws \Exception
 	 */
-	public function __construct($header = null, $params = null, $userinfo = null)
+	public function __construct($header = null, $params = null, $userinfo = null, $internal = false)
 	{
 		parent::__construct($params);

@@ -127,6 +136,9 @@ abstract class ApiCommand extends ApiParameter
 		if ($this->debug) {
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::LOG_ERROR, LOG_DEBUG, "[API] " . get_called_class() . ": " . json_encode($params, JSON_UNESCAPED_SLASHES));
 		}
+
+		// set internal call flag
+		$this->internal_call = $internal;
 	}

 	/**
@@ -191,13 +203,15 @@ abstract class ApiCommand extends ApiParameter
 	 *        	array of user-data
 	 * @param array $params
 	 *        	array of parameters for the command
+	 * @param boolean $internal
+	 *        	optional whether called internally, default false
 	 *        	
 	 * @return ApiCommand
 	 * @throws \Exception
 	 */
-	public static function getLocal($userinfo = null, $params = null)
+	public static function getLocal($userinfo = null, $params = null, $internal = false)
 	{
-		return new static(null, $params, $userinfo);
+		return new static(null, $params, $userinfo, $internal);
 	}

 	/**
@@ -210,6 +224,16 @@ abstract class ApiCommand extends ApiParameter
 		return $this->is_admin;
 	}

+	/**
+	 * internal call flag
+	 *
+	 * @return boolean
+	 */
+	protected function isInternal()
+	{
+		return $this->internal_call;
+	}
+
 	/**
 	 * return field from user-table
 	 *
@@ -241,7 +265,7 @@ abstract class ApiCommand extends ApiParameter
 	 *        	optional array of placeholders mapped to the actual value which is used in the API commands when executing the statement [internal]
 	 * @param boolean $append
 	 *        	optional append to WHERE clause rather then create new one, default false [internal]
-	 *
+	 *        	
 	 * @return string
 	 */
 	protected function getSearchWhere(&$query_fields = array(), $append = false)
@@ -304,7 +328,7 @@ abstract class ApiCommand extends ApiParameter
 	 *        	optional, limit resultset, default 0
 	 * @param int $sql_offset
 	 *        	optional, offset for limitation, default 0
-	 *
+	 *        	
 	 * @return string
 	 */
 	protected function getLimit()
@@ -331,15 +355,30 @@ abstract class ApiCommand extends ApiParameter
 	 *
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC
-	 *
+	 * @param boolean $append
+	 *        	optional append to ORDER BY clause rather then create new one, default false [internal]
+	 *        	
 	 * @return string
 	 */
-	protected function getOrderBy()
+	protected function getOrderBy($append = false)
 	{
 		$orderby = $this->getParam('sql_orderby', true, array());
 		$order = "";
 		if (! empty($orderby)) {
-			$order .= " ORDER BY ";
+			if ($append) {
+				$order .= ", ";
+			} else {
+				$order .= " ORDER BY ";
+			}
+
+			$nat_fields = [
+				'`c`.`loginname`',
+				'`a`.`loginname`',
+				'`adminname`',
+				'`databasename`',
+				'`username`'
+			];
+
 			foreach ($orderby as $field => $by) {
 				$sortfield = explode('.', $field);
 				foreach ($sortfield as $id => $sfield) {
@@ -359,7 +398,7 @@ abstract class ApiCommand extends ApiParameter
 				])) {
 					$by = 'ASC';
 				}
-				if (\Froxlor\Settings::Get('panel.natsorting') == 1) {
+				if (\Froxlor\Settings::Get('panel.natsorting') == 1 && in_array($field, $nat_fields)) {
 					// Acts similar to php's natsort(), found in one comment at http://my.opera.com/cpr/blog/show.dml/160556
 					$order .= "CONCAT( IF( ASCII( LEFT( " . $field . ", 5 ) ) > 57,
 					LEFT( " . $field . ", 1 ), 0 ),
@@ -402,15 +441,18 @@ abstract class ApiCommand extends ApiParameter
 	 *
 	 * @param string $command
 	 * @param array|null $params
-	 *
+	 * @param boolean $internal
+	 *        	optional whether called internally, default false
+	 *        	
+	 *        	
 	 * @return array
 	 */
-	protected function apiCall($command = null, $params = null)
+	protected function apiCall($command = null, $params = null, $internal = false)
 	{
 		$_command = explode(".", $command);
 		$module = __NAMESPACE__ . "\Commands\\" . $_command[0];
 		$function = $_command[1];
-		$json_result = $module::getLocal($this->getUserData(), $params)->{$function}();
+		$json_result = $module::getLocal($this->getUserData(), $params, $internal)->{$function}();
 		return json_decode($json_result, true)['data'];
 	}

@@ -476,7 +518,7 @@ abstract class ApiCommand extends ApiParameter
 				$customer_ids[] = $customer['customerid'];
 			}
 		} else {
-			if (! empty($customer_hide_option) && \Froxlor\Settings::IsInList('panel.customer_hide_options', $customer_hide_option)) {
+			if (!$this->isInternal() && ! empty($customer_hide_option) && \Froxlor\Settings::IsInList('panel.customer_hide_options', $customer_hide_option)) {
 				throw new \Exception("You cannot access this resource", 405);
 			}
 			$customer_ids = array(
@@ -568,8 +610,12 @@ abstract class ApiCommand extends ApiParameter
 			"group" => $group,
 			"var" => $varname
 		), true, true);
+		$content = $default;
+		if ($result) {
+			$content = $result['value'] ?? $default;
+		}
 		// @fixme html_entity_decode
-		$content = html_entity_decode(\Froxlor\PhpHelper::replaceVariables((($result['value'] != '') ? $result['value'] : $default), $replace_arr));
+		$content = html_entity_decode(\Froxlor\PhpHelper::replaceVariables($content, $replace_arr));
 		return $content;
 	}

--- a/lib/Froxlor/Api/Commands/Admins.php
+++ b/lib/Froxlor/Api/Commands/Admins.php
@@ -51,7 +51,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				$result[] = $row;
 			}
-			return $this->response(200, "successfull", array(
+			return $this->response(200, "successful", array(
 				'count' => count($result),
 				'list' => $result
 			));
@@ -75,7 +75,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			");
 			$result = Database::pexecute_first($result_stmt, null, true, true);
 			if ($result) {
-				return $this->response(200, "successfull", $result['num_admins']);
+				return $this->response(200, "successful", $result['num_admins']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
@@ -109,7 +109,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			$result = Database::pexecute_first($result_stmt, $params, true, true);
 			if ($result) {
 				$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] get admin '" . $result['loginname'] . "'");
-				return $this->response(200, "successfull", $result);
+				return $this->response(200, "successful", $result);
 			}
 			$key = ($id > 0 ? "id #" . $id : "loginname '" . $loginname . "'");
 			throw new \Exception("Admin with " . $key . " could not be found", 404);
@@ -265,7 +265,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 				'login' => $loginname
 			), true, true);

-			if (strtolower($loginname_check['loginname']) == strtolower($loginname) || strtolower($loginname_check_admin['loginname']) == strtolower($loginname)) {
+			if (($loginname_check && strtolower($loginname_check['loginname']) == strtolower($loginname)) || ($loginname_check_admin && strtolower($loginname_check_admin['loginname']) == strtolower($loginname))) {
 				\Froxlor\UI\Response::standard_error('loginnameexists', $loginname, true);
 			} elseif (preg_match('/^' . preg_quote(Settings::Get('customer.accountprefix'), '/') . '([0-9]+)/', $loginname)) {
 				// Accounts which match systemaccounts are not allowed, filtering them
@@ -364,7 +364,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 				$result = $this->apiCall('Admins.get', array(
 					'id' => $adminid
 				));
-				return $this->response(200, "successfull", $result);
+				return $this->response(200, "successful", $result);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
@@ -677,7 +677,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 					$result = $this->apiCall('Admins.get', array(
 						'id' => $result['adminid']
 					));
-					return $this->response(200, "successfull", $result);
+					return $this->response(200, "successful", $result);
 				}
 			}
 		}
@@ -730,14 +730,6 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 				'adminid' => $id
 			), true, true);

-			// delete the diskspace usage
-			$del_stmt = Database::prepare("
-				DELETE FROM `" . TABLE_PANEL_DISKSPACE_ADMINS . "` WHERE `adminid` = :adminid
-			");
-			Database::pexecute($del_stmt, array(
-				'adminid' => $id
-			), true, true);
-
 			// set admin-id of the old admin's customer to current admins
 			$upd_stmt = Database::prepare("
 				UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
@@ -779,7 +771,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt

 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] deleted admin '" . $result['loginname'] . "'");
 			\Froxlor\User::updateCounters();
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
@@ -821,7 +813,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			$result['loginfail_count'] = 0;

 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] unlocked admin '" . $result['loginname'] . "'");
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
--- a/lib/Froxlor/Api/Commands/ApiKeys.php
+++ b/lib/Froxlor/Api/Commands/ApiKeys.php
@@ -0,0 +1,30 @@
+<?php
+namespace Froxlor\Api\Commands;
+
+use Froxlor\Database\Database;
+use Froxlor\Settings;
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright (c) the authors
+ * @author Froxlor team <team@froxlor.org> (2010-)
+ * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package API
+ * @since 0.10.0
+ *       
+ */
+class ApiKeys extends \Froxlor\Api\ApiCommand
+{
+
+	public function listing()
+	{}
+
+	public function listingCount()
+	{}
+}
--- a/lib/Froxlor/Api/Commands/Certificates.php
+++ b/lib/Froxlor/Api/Commands/Certificates.php
@@ -81,7 +81,7 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 			$result = $this->apiCall('Certificates.get', array(
 				'id' => $domain['id']
 			));
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Domain '" . $domain['domain'] . "' already has a certificate. Did you mean to call update?", 406);
 	}
@@ -122,7 +122,7 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 		if (! $result) {
 			throw new \Exception("Domain '" . $domain['domain'] . "' does not have a certificate.", 412);
 		}
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}

 	/**
@@ -168,7 +168,7 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 		$result = $this->apiCall('Certificates.get', array(
 			'id' => $domain['id']
 		));
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}

 	/**
@@ -209,7 +209,7 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 		} else {
 			$certs_stmt_query .= "1 ";
 		}
-		$certs_stmt = Database::prepare($certs_stmt_query . $this->getSearchWhere($query_fields) . $this->getOrderBy() . $this->getLimit());
+		$certs_stmt = Database::prepare($certs_stmt_query . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
 		$qry_params = array_merge($qry_params, $query_fields);
 		Database::pexecute($certs_stmt, $qry_params, true, true);
 		$result = array();
@@ -222,7 +222,7 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 			}
 			$result[] = $cert;
 		}
-		return $this->response(200, "successfull", array(
+		return $this->response(200, "successful", array(
 			'count' => count($result),
 			'list' => $result
 		));
@@ -258,7 +258,7 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 		$certs_stmt = Database::prepare($certs_stmt_query);
 		$result = Database::pexecute_first($certs_stmt, $qry_params, true, true);
 		if ($result) {
-			return $this->response(200, "successfull", $result['num_certs']);
+			return $this->response(200, "successful", $result['num_certs']);
 		}
 	}

@@ -326,7 +326,7 @@ class Certificates extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 				\Froxlor\System\Cronjob::inserttask('12', $chk['domain']);
 			}
 			$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_INFO, "[API] removed ssl-certificate for '" . $chk['domain'] . "'");
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Unable to determine SSL certificate. Maybe no access?", 406);
 	}
--- a/lib/Froxlor/Api/Commands/Cronjobs.php
+++ b/lib/Froxlor/Api/Commands/Cronjobs.php
@@ -51,7 +51,7 @@ class Cronjobs extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceE
 				'id' => $id
 			), true, true);
 			if ($result) {
-				return $this->response(200, "successfull", $result);
+				return $this->response(200, "successful", $result);
 			}
 			throw new \Exception("cronjob with id #" . $id . " could not be found", 404);
 		}
@@ -119,7 +119,7 @@ class Cronjobs extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceE
 			$result = $this->apiCall('Cronjobs.get', array(
 				'id' => $id
 			));
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
@@ -152,7 +152,7 @@ class Cronjobs extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceE
 			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				$result[] = $row;
 			}
-			return $this->response(200, "successfull", array(
+			return $this->response(200, "successful", array(
 				'count' => count($result),
 				'list' => $result
 			));
@@ -175,7 +175,7 @@ class Cronjobs extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceE
 			");
 			$result = Database::pexecute_first($result_stmt, null, true, true);
 			if ($result) {
-				return $this->response(200, "successfull", $result['num_crons']);
+				return $this->response(200, "successful", $result['num_crons']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
--- a/lib/Froxlor/Api/Commands/CustomerBackups.php
+++ b/lib/Froxlor/Api/Commands/CustomerBackups.php
@@ -109,7 +109,7 @@ class CustomerBackups extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Re
 		\Froxlor\System\Cronjob::inserttask('20', $task_data);

 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added customer-backup job for '" . $customer['loginname'] . "'. Target directory: " . $userpath);
-		return $this->response(200, "successfull", $task_data);
+		return $this->response(200, "successful", $task_data);
 	}

 	/**
@@ -168,7 +168,7 @@ class CustomerBackups extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Re
 			}
 		}
 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] list customer-backups");
-		return $this->response(200, "successfull", array(
+		return $this->response(200, "successful", array(
 			'count' => count($result),
 			'list' => $result
 		));
@@ -202,7 +202,7 @@ class CustomerBackups extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Re
 				$result_count ++;
 			}
 		}
-		return $this->response(200, "successfull", $result_count);
+		return $this->response(200, "successful", $result_count);
 	}

 	/**
@@ -237,7 +237,7 @@ class CustomerBackups extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Re
 						'tid' => $entry
 					), true, true);
 					$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] deleted planned customer-backup #" . $entry);
-					return $this->response(200, "successfull", true);
+					return $this->response(200, "successful", true);
 				}
 			}
 		}
--- a/lib/Froxlor/Api/Commands/Customers.php
+++ b/lib/Froxlor/Api/Commands/Customers.php
@@ -60,7 +60,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				$result[] = $row;
 			}
-			return $this->response(200, "successfull", array(
+			return $this->response(200, "successful", array(
 				'count' => count($result),
 				'list' => $result
 			));
@@ -90,7 +90,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 			}
 			$result = Database::pexecute_first($result_stmt, $params, true, true);
 			if ($result) {
-				return $this->response(200, "successfull", $result['num_customers']);
+				return $this->response(200, "successful", $result['num_customers']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
@@ -143,7 +143,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 				$result['custom_notes'] = "";
 			}
 			$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get customer '" . $result['loginname'] . "'");
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		$key = ($id > 0 ? "id #" . $id : "loginname '" . $loginname . "'");
 		throw new \Exception("Customer with " . $key . " could not be found", 404);
@@ -183,7 +183,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 	 *        	optional, whether to show the content of custom_notes to the customer, default 0 (false)
 	 * @param string $new_loginname
 	 *        	optional, if empty generated automatically using customer-prefix and increasing number
-	 * @param string $password
+	 * @param string $new_customer_password
 	 *        	optional, if empty generated automatically and send to the customer's email if $sendpassword is 1
 	 * @param bool $sendpassword
 	 *        	optional, whether to send the password to the customer after creation, default 0 (false)
@@ -411,7 +411,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 					), true, true);

 					$mysql_maxlen = \Froxlor\Database\Database::getSqlUsernameLength() - strlen(Settings::Get('customer.mysqlprefix'));
-					if (strtolower($loginname_check['loginname']) == strtolower($loginname) || strtolower($loginname_check_admin['loginname']) == strtolower($loginname)) {
+					if (($loginname_check && strtolower($loginname_check['loginname']) == strtolower($loginname)) || ($loginname_check_admin && strtolower($loginname_check_admin['loginname']) == strtolower($loginname))) {
 						\Froxlor\UI\Response::standard_error('loginnameexists', $loginname, true);
 					} elseif (! \Froxlor\Validate\Validate::validateUsername($loginname, Settings::Get('panel.unix_names'), $mysql_maxlen)) {
 						if (strlen($loginname) > $mysql_maxlen) {
@@ -689,6 +689,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 								'name' => $name,
 								'company' => $company
 							)),
+							'CUSTOMER_NO' => $customernumber,
 							'USERNAME' => $loginname,
 							'PASSWORD' => $password,
 							'SERVER_HOSTNAME' => $srv_hostname,
@@ -742,7 +743,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 				$result = $this->apiCall('Customers.get', array(
 					'loginname' => $loginname
 				));
-				return $this->response(200, "successfull", $result);
+				return $this->response(200, "successful", $result);
 			}
 			throw new \Exception("No more resources available", 406);
 		}
@@ -1339,7 +1340,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 		$result = $this->apiCall('Customers.get', array(
 			'id' => $result['customerid']
 		));
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}

 	/**
@@ -1409,7 +1410,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 				'id' => $id
 			), true, true);

-			// first gather all domain-id's to clean up panel_domaintoip and dns-entries accordingly
+			// first gather all domain-id's to clean up panel_domaintoip, dns-entries and certificates accordingly
 			$did_stmt = Database::prepare("SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid` = :id");
 			Database::pexecute($did_stmt, array(
 				'id' => $id
@@ -1425,6 +1426,11 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 				Database::pexecute($stmt, array(
 					'did' => $row['id']
 				), true, true);
+				// remove domain->certificates entries
+				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = :did");
+				Database::pexecute($stmt, array(
+					'did' => $row['id']
+				), true, true);
 			}
 			// remove customer domains
 			$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid` = :id");
@@ -1567,7 +1573,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 			\Froxlor\System\Cronjob::inserttask('10');

 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] deleted customer '" . $result['loginname'] . "'");
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
@@ -1609,7 +1615,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 			$result['loginfail_count'] = 0;

 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] unlocked customer '" . $result['loginname'] . "'");
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
@@ -1679,7 +1685,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 			$result = $this->apiCall('Customers.get', array(
 				'id' => $c_result['customerid']
 			));
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
--- a/lib/Froxlor/Api/Commands/DirOptions.php
+++ b/lib/Froxlor/Api/Commands/DirOptions.php
@@ -96,7 +96,7 @@ class DirOptions extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		), true, true);

 		// duplicate check
-		if ($path_dupe_check['path'] == $path) {
+		if ($path_dupe_check && $path_dupe_check['path'] == $path) {
 			\Froxlor\UI\Response::standard_error('errordocpathdupe', $userpath, true);
 		}

@@ -128,7 +128,7 @@ class DirOptions extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		$result = $this->apiCall('DirOptions.get', array(
 			'id' => $id
 		));
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}

 	/**
@@ -186,7 +186,7 @@ class DirOptions extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		$result = Database::pexecute_first($result_stmt, $params, true, true);
 		if ($result) {
 			$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get directory options for '" . $result['path'] . "'");
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		$key = "id #" . $id;
 		throw new \Exception("Directory option with " . $key . " could not be found", 404);
@@ -275,7 +275,7 @@ class DirOptions extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		$result = $this->apiCall('DirOptions.get', array(
 			'id' => $id
 		));
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}

 	/**
@@ -309,14 +309,13 @@ class DirOptions extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		$query_fields = array();
 		$result_stmt = Database::prepare("
 			SELECT * FROM `" . TABLE_PANEL_HTACCESS . "`
-			WHERE `customerid` IN (" . implode(', ', $customer_ids) . ")" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit()
-		);
+			WHERE `customerid` IN (" . implode(', ', $customer_ids) . ")" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
 		Database::pexecute($result_stmt, $query_fields, true, true);
 		while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] list directory-options");
-		return $this->response(200, "successfull", array(
+		return $this->response(200, "successful", array(
 			'count' => count($result),
 			'list' => $result
 		));
@@ -348,7 +347,7 @@ class DirOptions extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		");
 		$result = Database::pexecute_first($result_stmt, null, true, true);
 		if ($result) {
-			return $this->response(200, "successfull", $result['num_htaccess']);
+			return $this->response(200, "successful", $result['num_htaccess']);
 		}
 	}

@@ -415,7 +414,7 @@ class DirOptions extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		), true, true);
 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_INFO, "[API] deleted directory-option for '" . str_replace($customer_data['documentroot'], '/', $result['path']) . "'");
 		\Froxlor\System\Cronjob::inserttask('1');
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}

 	/**
--- a/lib/Froxlor/Api/Commands/DirProtections.php
+++ b/lib/Froxlor/Api/Commands/DirProtections.php
@@ -81,7 +81,7 @@ class DirProtections extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Res
 		$password_enc = \Froxlor\System\Crypt::makeCryptPassword($password, true);

 		// duplicate check
-		if ($username_path_check['username'] == $username && $username_path_check['path'] == $path) {
+		if ($username_path_check && $username_path_check['username'] == $username && $username_path_check['path'] == $path) {
 			\Froxlor\UI\Response::standard_error('userpathcombinationdupe', '', true);
 		} elseif ($password == $username) {
 			\Froxlor\UI\Response::standard_error('passwordshouldnotbeusername', '', true);
@@ -111,7 +111,7 @@ class DirProtections extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Res
 		$result = $this->apiCall('DirProtections.get', array(
 			'id' => $id
 		));
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}

 	/**
@@ -173,7 +173,7 @@ class DirProtections extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Res
 		$result = Database::pexecute_first($result_stmt, $params, true, true);
 		if ($result) {
 			$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get directory protection for '" . $result['path'] . "'");
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		$key = ($id > 0 ? "id #" . $id : "username '" . $username . "'");
 		throw new \Exception("Directory protection with " . $key . " could not be found", 404);
@@ -258,7 +258,7 @@ class DirProtections extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Res
 		$result = $this->apiCall('DirProtections.get', array(
 			'id' => $result['id']
 		));
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}

 	/**
@@ -298,7 +298,7 @@ class DirProtections extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Res
 			$result[] = $row;
 		}
 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] list directory-protections");
-		return $this->response(200, "successfull", array(
+		return $this->response(200, "successful", array(
 			'count' => count($result),
 			'list' => $result
 		));
@@ -330,7 +330,7 @@ class DirProtections extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Res
 		");
 		$result = Database::pexecute_first($result_stmt, null, true, true);
 		if ($result) {
-			return $this->response(200, "successfull", $result['num_htpasswd']);
+			return $this->response(200, "successful", $result['num_htpasswd']);
 		}
 	}

@@ -386,6 +386,6 @@ class DirProtections extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Res

 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_INFO, "[API] deleted htpasswd for '" . $result['username'] . " (" . $result['path'] . ")'");
 		\Froxlor\System\Cronjob::inserttask('1');
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}
 }
--- a/lib/Froxlor/Api/Commands/DomainZones.php
+++ b/lib/Froxlor/Api/Commands/DomainZones.php
@@ -309,7 +309,7 @@ class DomainZones extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			$result = $this->apiCall('DomainZones.get', array(
 				'id' => $id
 			));
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		// return $errors
 		throw new \Exception(implode("\n", $errors));
@@ -360,7 +360,7 @@ class DomainZones extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 		$zonefile = (string) $zone;

 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get dns-zone for '" . $result['domain'] . "'");
-		return $this->response(200, "successfull", explode("\n", $zonefile));
+		return $this->response(200, "successful", explode("\n", $zonefile));
 	}

 	/**
@@ -420,7 +420,7 @@ class DomainZones extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 		while ($row = $sel_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
-		return $this->response(200, "successfull", array(
+		return $this->response(200, "successful", array(
 			'count' => count($result),
 			'list' => $result
 		));
@@ -464,7 +464,7 @@ class DomainZones extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			'did' => $id
 		), true, true);
 		if ($result) {
-			return $this->response(200, "successfull", $result['num_dns']);
+			return $this->response(200, "successful", $result['num_dns']);
 		}
 	}

@@ -511,8 +511,8 @@ class DomainZones extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 		if ($del_stmt->rowCount() > 0) {
 			// re-generate bind configs
 			\Froxlor\System\Cronjob::inserttask('4');
-			return $this->response(200, "successfull", true);
+			return $this->response(200, "successful", true);
 		}
-		return $this->response(304, "successfull", true);
+		return $this->response(304, "successful", true);
 	}
 }
--- a/lib/Froxlor/Api/Commands/Domains.php
+++ b/lib/Froxlor/Api/Commands/Domains.php
@@ -68,7 +68,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				}
 				$result[] = $row;
 			}
-			return $this->response(200, "successfull", array(
+			return $this->response(200, "successful", array(
 				'count' => count($result),
 				'list' => $result
 			));
@@ -100,7 +100,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			}
 			$result = Database::pexecute_first($result_stmt, $params, true, true);
 			if ($result) {
-				return $this->response(200, "successfull", $result['num_domains']);
+				return $this->response(200, "successful", $result['num_domains']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
@@ -156,7 +156,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 					$result['ipsandports'] = $this->getIpsForDomain($result['id']);
 				}
 				$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] get domain '" . $result['domain'] . "'");
-				return $this->response(200, "successfull", $result);
+				return $this->response(200, "successful", $result);
 			}
 			$key = ($id > 0 ? "id #" . $id : "domainname '" . $domainname . "'");
 			throw new \Exception("Domain with " . $key . " could not be found", 404);
@@ -168,14 +168,15 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 * get ips connected to given domain as array
 	 *
 	 * @param number $domain_id
+	 * @param bool $ssl_only
+	 *        	optional, return only ssl enabled ip's, default false
 	 * @return array
 	 */
-	private function getIpsForDomain($domain_id = 0)
+	private function getIpsForDomain($domain_id = 0, $ssl_only = false)
 	{
 		$resultips_stmt = Database::prepare("
 			SELECT `ips`.* FROM `" . TABLE_DOMAINTOIP . "` AS `dti`, `" . TABLE_PANEL_IPSANDPORTS . "` AS `ips`
-			WHERE `dti`.`id_ipandports` = `ips`.`id` AND `dti`.`id_domain` = :domainid
-		");
+			WHERE `dti`.`id_ipandports` = `ips`.`id` AND `dti`.`id_domain` = :domainid " . ($ssl_only ? " AND `ips`.`ssl` = '1'" : ""));

 		Database::pexecute($resultips_stmt, array(
 			'domainid' => $domain_id
@@ -260,6 +261,8 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 *        	optional, list of ssl-enabled ip/port id's to assign to this domain, default empty
 	 * @param bool $dont_use_default_ssl_ipandport_if_empty
 	 *        	optional, do NOT set the systems default ssl ip addresses if none are given via $ssl_ipandport parameter
+	 * @param bool $sslenabled
+	 *        	optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default 1 (true)
 	 * @param bool $http2
 	 *        	optional, whether to enable http/2 for this domain (requires to be enabled in the settings), default 0 (false)
 	 * @param int $hsts_maxage
@@ -270,6 +273,10 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 *        	optional whether or not to preload HSTS header value
 	 * @param bool $ocsp_stapling
 	 *        	optional whether to enable ocsp-stapling for this domain. default 0 (false), requires SSL
+	 * @param bool $honorcipherorder
+	 *        	optional whether to honor the (server) cipher order for this domain. default 0 (false), requires SSL
+	 * @param bool $sessiontickets
+	 *        	optional whether to enable or disable TLS sessiontickets (RFC 5077) for this domain. default 1 (true), requires SSL
 	 * @param bool $override_tls
 	 *        	optional whether or not to override system-tls settings like protocol, ssl-ciphers and if applicable tls-1.3 ciphers, requires change_serversettings flag for the admin, default false
 	 * @param array $ssl_protocols
@@ -324,11 +331,14 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				$letsencrypt = $this->getBoolParam('letsencrypt', true, 0);
 				$dont_use_default_ssl_ipandport_if_empty = $this->getBoolParam('dont_use_default_ssl_ipandport_if_empty', true, 0);
 				$p_ssl_ipandports = $this->getParam('ssl_ipandport', true, $dont_use_default_ssl_ipandport_if_empty ? array() : explode(',', Settings::Get('system.defaultsslip')));
+				$sslenabled = $this->getBoolParam('sslenabled', true, 1);
 				$http2 = $this->getBoolParam('http2', true, 0);
 				$hsts_maxage = $this->getParam('hsts_maxage', true, 0);
 				$hsts_sub = $this->getBoolParam('hsts_sub', true, 0);
 				$hsts_preload = $this->getBoolParam('hsts_preload', true, 0);
 				$ocsp_stapling = $this->getBoolParam('ocsp_stapling', true, 0);
+				$honorcipherorder = $this->getBoolParam('honorcipherorder', true, 0);
+				$sessiontickets = $this->getBoolParam('sessiontickets', true, 1);

 				$override_tls = $this->getBoolParam('override_tls', true, 0);
 				$p_ssl_protocols = array();
@@ -344,7 +354,8 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				}

 				// validation
-				if ($p_domain == Settings::Get('system.hostname')) {
+				$p_domain = strtolower($p_domain);
+				if ($p_domain == strtolower(Settings::Get('system.hostname'))) {
 					\Froxlor\UI\Response::standard_error('admin_domain_emailsystemhostname', '', true);
 				}

@@ -663,9 +674,9 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 					), '', true);
 				} elseif ($customerid == 0) {
 					\Froxlor\UI\Response::standard_error('adduserfirst', '', true);
-				} elseif (strtolower($domain_check['domain']) == strtolower($domain)) {
+				} elseif ($domain_check && strtolower($domain_check['domain']) == strtolower($domain)) {
 					\Froxlor\UI\Response::standard_error('domainalreadyexists', $idna_convert->decode($domain), true);
-				} elseif ($aliasdomain_check['id'] != $aliasdomain) {
+				} elseif ($aliasdomain_check && $aliasdomain_check['id'] != $aliasdomain) {
 					\Froxlor\UI\Response::standard_error('domainisaliasorothercustomer', '', true);
 				} else {
 					$wwwserveralias = ($serveraliasoption == '1') ? '1' : '0';
@@ -673,6 +684,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn

 					$ins_data = array(
 						'domain' => $domain,
+						'domain_ace' => $idna_convert->decode($domain),
 						'customerid' => $customerid,
 						'adminid' => $adminid,
 						'documentroot' => $documentroot,
@@ -712,12 +724,16 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 						'override_tls' => $override_tls,
 						'ssl_protocols' => implode(",", $ssl_protocols),
 						'ssl_cipher_list' => $ssl_cipher_list,
-						'tlsv13_cipher_list' => $tlsv13_cipher_list
+						'tlsv13_cipher_list' => $tlsv13_cipher_list,
+						'sslenabled' => $sslenabled,
+						'honorcipherorder' => $honorcipherorder,
+						'sessiontickets' => $sessiontickets
 					);

 					$ins_stmt = Database::prepare("
 						INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
 						`domain` = :domain,
+						`domain_ace` = :domain_ace,
 						`customerid` = :customerid,
 						`adminid` = :adminid,
 						`documentroot` = :documentroot,
@@ -760,7 +776,10 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 						`override_tls` = :override_tls,
 						`ssl_protocols` = :ssl_protocols,
 						`ssl_cipher_list` = :ssl_cipher_list,
-						`tlsv13_cipher_list` = :tlsv13_cipher_list
+						`tlsv13_cipher_list` = :tlsv13_cipher_list,
+						`ssl_enabled` = :sslenabled,
+						`ssl_honorcipherorder` = :honorcipherorder,
+						`ssl_sessiontickets`= :sessiontickets
 					");
 					Database::pexecute($ins_stmt, $ins_data, true, true);
 					$domainid = Database::lastInsertId();
@@ -809,7 +828,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 					$result = $this->apiCall('Domains.get', array(
 						'domainname' => $domain
 					));
-					return $this->response(200, "successfull", $result);
+					return $this->response(200, "successful", $result);
 				}
 			}
 			throw new \Exception("No more resources available", 406);
@@ -865,7 +884,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 * @param bool $include_specialsettings
 	 *        	optional, whether or not to include non-ssl specialsettings in the generated ssl-vhost, default false
 	 * @param bool $specialsettingsforsubdomains
-	 *        	optional, whether to apply specialsettings to all subdomains of this domain, default 0 (false)
+	 *        	optional, whether to apply specialsettings to all subdomains of this domain, default is read from setting system.apply_specialsettings_default
 	 * @param bool $notryfiles
 	 *        	optional, [nginx only] do not generate the default try-files directive, default 0 (false)
 	 * @param bool $writeaccesslog
@@ -877,7 +896,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 * @param bool $phpenabled
 	 *        	optional, whether php is enabled for this domain, default 0 (false)
 	 * @param bool $phpsettingsforsubdomains
-	 *        	optional, whether to apply php-setting to apply to all subdomains of this domain, default 0 (false)
+	 *        	optional, whether to apply php-setting to apply to all subdomains of this domain, default is read from setting system.apply_phpconfigs_default
 	 * @param bool $openbasedir
 	 *        	optional, whether to activate openbasedir restriction for this domain, default 0 (false)
 	 * @param int $phpsettingid
@@ -894,6 +913,8 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 *        	optional, list of ssl-enabled ip/port id's to assign to this domain, if left empty, the current set value is being used, to remove all ssl ips use $remove_ssl_ipandport
 	 * @param bool $remove_ssl_ipandport
 	 *        	optional, if set to true and no $ssl_ipandport value is given, the ip's get removed, otherwise, the currently set value is used, default false
+	 * @param bool $sslenabled
+	 *        	optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default 1 (true)
 	 * @param bool $http2
 	 *        	optional, whether to enable http/2 for this domain (requires to be enabled in the settings), default 0 (false)
 	 * @param int $hsts_maxage
@@ -904,6 +925,10 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 	 *        	optional whether or not to preload HSTS header value
 	 * @param bool $ocsp_stapling
 	 *        	optional whether to enable ocsp-stapling for this domain. default 0 (false), requires SSL
+	 * @param bool $honorcipherorder
+	 *        	optional whether to honor the (server) cipher order for this domain. default 0 (false), requires SSL
+	 * @param bool $sessiontickets
+	 *        	optional whether to enable or disable TLS sessiontickets (RFC 5077) for this domain. default 1 (true), requires SSL
 	 *        	
 	 * @access admin
 	 * @throws \Exception
@@ -947,13 +972,13 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			$specialsettings = $this->getParam('specialsettings', true, $result['specialsettings']);
 			$ssl_specialsettings = $this->getParam('ssl_specialsettings', true, $result['ssl_specialsettings']);
 			$include_specialsettings = $this->getBoolParam('include_specialsettings', true, $result['include_specialsettings']);
-			$ssfs = $this->getBoolParam('specialsettingsforsubdomains', true, 0);
+			$ssfs = $this->getBoolParam('specialsettingsforsubdomains', true, \Froxlor\Settings::Get('system.apply_specialsettings_default'));
 			$notryfiles = $this->getBoolParam('notryfiles', true, $result['notryfiles']);
 			$writeaccesslog = $this->getBoolParam('writeaccesslog', true, $result['writeaccesslog']);
 			$writeerrorlog = $this->getBoolParam('writeerrorlog', true, $result['writeerrorlog']);
 			$documentroot = $this->getParam('documentroot', true, $result['documentroot']);
 			$phpenabled = $this->getBoolParam('phpenabled', true, $result['phpenabled']);
-			$phpfs = $this->getBoolParam('phpsettingsforsubdomains', true, 0);
+			$phpfs = $this->getBoolParam('phpsettingsforsubdomains', true, \Froxlor\Settings::Get('system.apply_phpconfigs_default'));
 			$openbasedir = $this->getBoolParam('openbasedir', true, $result['openbasedir']);
 			$phpsettingid = $this->getParam('phpsettingid', true, $result['phpsettingid']);
 			$mod_fcgid_starter = $this->getParam('mod_fcgid_starter', true, $result['mod_fcgid_starter']);
@@ -964,11 +989,14 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			$p_ssl_ipandports = $this->getParam('ssl_ipandport', true, $remove_ssl_ipandport ? array(
 				- 1
 			) : null);
+			$sslenabled = $this->getBoolParam('sslenabled', true, $result['ssl_enabled']);
 			$http2 = $this->getBoolParam('http2', true, $result['http2']);
 			$hsts_maxage = $this->getParam('hsts_maxage', true, $result['hsts']);
 			$hsts_sub = $this->getBoolParam('hsts_sub', true, $result['hsts_sub']);
 			$hsts_preload = $this->getBoolParam('hsts_preload', true, $result['hsts_preload']);
 			$ocsp_stapling = $this->getBoolParam('ocsp_stapling', true, $result['ocsp_stapling']);
+			$honorcipherorder = $this->getBoolParam('honorcipherorder', true, $result['ssl_honorcipherorder']);
+			$sessiontickets = $this->getBoolParam('sessiontickets', true, $result['ssl_sessiontickets']);

 			$override_tls = $this->getBoolParam('override_tls', true, $result['override_tls']);

@@ -1197,7 +1225,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				$writeaccesslog = $result['writeaccesslog'];
 				$writeerrorlog = $result['writeerrorlog'];
 				$documentroot = $result['documentroot'];
-
+				$ssl_protocols = $p_ssl_protocols;
 				$override_tls = $result['override_tls'];
 			}

@@ -1414,6 +1442,8 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				Database::pexecute($del_stmt, array(
 					'id' => $id
 				), true, true);
+				// remove domain from acme.sh / lets encrypt if used
+				\Froxlor\System\Cronjob::inserttask('12', $result['domain']);
 			}

 			$updatechildren = '';
@@ -1546,6 +1576,9 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			$update_data['ssl_protocols'] = implode(",", $ssl_protocols);
 			$update_data['ssl_cipher_list'] = $ssl_cipher_list;
 			$update_data['tlsv13_cipher_list'] = $tlsv13_cipher_list;
+			$update_data['sslenabled'] = $sslenabled;
+			$update_data['honorcipherorder'] = $honorcipherorder;
+			$update_data['sessiontickets'] = $sessiontickets;
 			$update_data['id'] = $id;

 			$update_stmt = Database::prepare("
@@ -1588,7 +1621,10 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				`override_tls` = :override_tls,
 				`ssl_protocols` = :ssl_protocols,
 				`ssl_cipher_list` = :ssl_cipher_list,
-				`tlsv13_cipher_list` = :tlsv13_cipher_list
+				`tlsv13_cipher_list` = :tlsv13_cipher_list,
+				`ssl_enabled` = :sslenabled,
+				`ssl_honorcipherorder` = :honorcipherorder,
+				`ssl_sessiontickets` = :sessiontickets
 				WHERE `id` = :id
 			");
 			Database::pexecute($update_stmt, $update_data, true, true);
@@ -1599,10 +1635,15 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			$_update_data['openbasedir'] = $openbasedir;
 			$_update_data['mod_fcgid_starter'] = $mod_fcgid_starter;
 			$_update_data['mod_fcgid_maxrequests'] = $mod_fcgid_maxrequests;
+			$_update_data['notryfiles'] = $notryfiles;
+			$_update_data['writeaccesslog'] = $writeaccesslog;
+			$_update_data['writeerrorlog'] = $writeerrorlog;
 			$_update_data['override_tls'] = $override_tls;
 			$_update_data['ssl_protocols'] = implode(",", $ssl_protocols);
 			$_update_data['ssl_cipher_list'] = $ssl_cipher_list;
 			$_update_data['tlsv13_cipher_list'] = $tlsv13_cipher_list;
+			$_update_data['honorcipherorder'] = $honorcipherorder;
+			$_update_data['sessiontickets'] = $sessiontickets;
 			$_update_data['parentdomainid'] = $id;

 			// if php config is to be set for all subdomains, check here
@@ -1627,10 +1668,15 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 				`openbasedir` = :openbasedir,
 				`mod_fcgid_starter` = :mod_fcgid_starter,
 				`mod_fcgid_maxrequests` = :mod_fcgid_maxrequests,
+				`notryfiles` = :notryfiles,
+				`writeaccesslog` = :writeaccesslog,
+				`writeerrorlog` = :writeerrorlog,
 				`override_tls` = :override_tls,
 				`ssl_protocols` = :ssl_protocols,
 				`ssl_cipher_list` = :ssl_cipher_list,
-				`tlsv13_cipher_list` = :tlsv13_cipher_list
+				`tlsv13_cipher_list` = :tlsv13_cipher_list,
+				`ssl_honorcipherorder` = :honorcipherorder,
+				`ssl_sessiontickets` = :sessiontickets
 				" . $update_phpconfig . $upd_specialsettings . $updatechildren . $update_sslredirect . "
 				WHERE `parentdomainid` = :parentdomainid
 			");
@@ -1722,7 +1768,10 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn

 			$idna_convert = new \Froxlor\Idna\IdnaWrapper();
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] updated domain '" . $idna_convert->decode($result['domain']) . "'");
-			return $this->response(200, "successfull", $update_data);
+			$result = $this->apiCall('Domains.get', array(
+				'domainname' => $result['domain']
+			));
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
@@ -1883,7 +1932,7 @@ class Domains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			\Froxlor\System\Cronjob::inserttask('1');
 			// Using nameserver, insert a task which rebuilds the server config
 			\Froxlor\System\Cronjob::inserttask('4');
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
--- a/lib/Froxlor/Api/Commands/EmailAccounts.php
+++ b/lib/Froxlor/Api/Commands/EmailAccounts.php
@@ -100,8 +100,8 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
 			// alternative email address to send info to
 			if (Settings::Get('panel.sendalternativemail') == 1) {
 				$alternative_email = $idna_convert->encode(\Froxlor\Validate\Validate::validate($alternative_email, 'alternative_email', '', '', array(), true));
-				if (! \Froxlor\Validate\Validate::validateEmail($alternative_email)) {
-					\Froxlor\UI\Response::standard_error('emailiswrong', $alternative_email, true);
+				if (!empty($alternative_email) && ! \Froxlor\Validate\Validate::validateEmail($alternative_email)) {
+					\Froxlor\UI\Response::standard_error('alternativeemailiswrong', $alternative_email, true);
 				}
 			} else {
 				$alternative_email = '';
@@ -192,7 +192,12 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
 				$replace_arr = array(
 					'EMAIL' => $email_full,
 					'USERNAME' => $username,
-					'PASSWORD' => $password
+					'PASSWORD' => $password,
+					'SALUTATION' => \Froxlor\User::getCorrectUserSalutation($customer),
+					'NAME' => $customer['name'],
+					'FIRSTNAME' => $customer['firstname'],
+					'COMPANY' => $customer['company'],
+					'CUSTOMER_NO' => $customer['customernumber']
 				);

 				// get the customers admin
@@ -231,7 +236,7 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
 				$this->mailer()->clearAddresses();

 				// customer wants to send the e-mail to an alternative email address too
-				if (Settings::Get('panel.sendalternativemail') == 1) {
+				if (Settings::Get('panel.sendalternativemail') == 1 && !empty($alternative_email)) {
 					// get template for mail subject
 					$mail_subject = $this->getMailTemplate($customer, 'mails', 'pop_success_alternative_subject', $replace_arr, $this->lng['mails']['pop_success_alternative']['subject']);
 					// get template for mail body
@@ -268,7 +273,7 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
 			$result = $this->apiCall('Emails.get', array(
 				'emailaddr' => $result['email_full']
 			));
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("No more resources available", 406);
 	}
@@ -384,7 +389,7 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
 		$result = $this->apiCall('Emails.get', array(
 			'emailaddr' => $result['email_full']
 		));
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}

 	/**
@@ -487,6 +492,6 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
 		Customers::decreaseUsage($customer['customerid'], 'email_quota_used', '', $quota);

 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_INFO, "[API] deleted email account for '" . $result['email_full'] . "'");
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}
 }
--- a/lib/Froxlor/Api/Commands/EmailForwarders.php
+++ b/lib/Froxlor/Api/Commands/EmailForwarders.php
@@ -102,7 +102,7 @@ class EmailForwarders extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Re
 			$result = $this->apiCall('Emails.get', array(
 				'emailaddr' => $result['email_full']
 			));
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("No more resources available", 406);
 	}
@@ -168,7 +168,7 @@ class EmailForwarders extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Re
 			];
 		}

-		return $this->response(200, "successfull", [
+		return $this->response(200, "successful", [
 			'count' => count($destination),
 			'list' => $destination
 		]);
@@ -210,7 +210,7 @@ class EmailForwarders extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Re

 		$result['destination'] = explode(' ', $result['destination']);

-		return $this->response(200, "successfull", count($result['destination']));
+		return $this->response(200, "successful", count($result['destination']));
 	}

 	/**
@@ -280,7 +280,7 @@ class EmailForwarders extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Re
 			$result = $this->apiCall('Emails.get', array(
 				'emailaddr' => $result['email_full']
 			));
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Unknown forwarder id", 404);
 	}
--- a/lib/Froxlor/Api/Commands/Emails.php
+++ b/lib/Froxlor/Api/Commands/Emails.php
@@ -62,9 +62,10 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			}

 			// check domain and whether it's an email-enabled domain
+			// use internal call because the customer might have 'domains' in customer_hide_options
 			$domain_check = $this->apiCall('SubDomains.get', array(
 				'domainname' => $domain
-			));
+			), true);
 			if ($domain_check['isemaildomain'] == 0) {
 				\Froxlor\UI\Response::standard_error('maindomainnonexist', $domain, true);
 			}
@@ -106,10 +107,12 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			);
 			$email_check = Database::pexecute_first($stmt, $params, true, true);

-			if (strtolower($email_check['email_full']) == strtolower($email_full)) {
-				\Froxlor\UI\Response::standard_error('emailexistalready', $email_full, true);
-			} elseif ($email_check['email'] == $email) {
-				\Froxlor\UI\Response::standard_error('youhavealreadyacatchallforthisdomain', '', true);
+			if ($email_check) {
+				if (strtolower($email_check['email_full']) == strtolower($email_full)) {
+					\Froxlor\UI\Response::standard_error('emailexistalready', $email_full, true);
+				} elseif ($email_check['email'] == $email) {
+					\Froxlor\UI\Response::standard_error('youhavealreadyacatchallforthisdomain', '', true);
+				}
 			}

 			$stmt = Database::prepare("
@@ -137,7 +140,7 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			$result = $this->apiCall('Emails.get', array(
 				'emailaddr' => $email_full
 			));
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("No more resources available", 406);
 	}
@@ -173,7 +176,7 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		$result = Database::pexecute_first($result_stmt, $params, true, true);
 		if ($result) {
 			$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get email address '" . $result['email_full'] . "'");
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		$key = ($id > 0 ? "id #" . $id : "emailaddr '" . $emailaddr . "'");
 		throw new \Exception("Email address with " . $key . " could not be found", 404);
@@ -233,6 +236,19 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			$iscatchall = '1';
 			$email_parts = explode('@', $result['email_full']);
 			$email = '@' . $email_parts[1];
+			// catchall check
+			$stmt = Database::prepare("
+				SELECT `email_full` FROM `" . TABLE_MAIL_VIRTUAL . "`
+				WHERE `email` = :email AND `customerid` = :cid AND `iscatchall` = '1'
+			");
+			$params = array(
+				"email" => $email,
+				"cid" => $customer['customerid']
+			);
+			$email_check = Database::pexecute_first($stmt, $params, true, true);
+			if ($email_check) {
+				\Froxlor\UI\Response::standard_error('youhavealreadyacatchallforthisdomain', '', true);
+			}
 		} else {
 			$iscatchall = '0';
 			$email = $result['email_full'];
@@ -255,7 +271,7 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		$result = $this->apiCall('Emails.get', array(
 			'emailaddr' => $result['email_full']
 		));
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}

 	/**
@@ -273,7 +289,7 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
-	 *
+	 *        	
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
@@ -294,7 +310,7 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			$result[] = $row;
 		}
 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] list email-addresses");
-		return $this->response(200, "successfull", array(
+		return $this->response(200, "successful", array(
 			'count' => count($result),
 			'list' => $result
 		));
@@ -324,7 +340,7 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		");
 		$result = Database::pexecute_first($result_stmt, null, true, true);
 		if ($result) {
-			return $this->response(200, "successfull", $result['num_emails']);
+			return $this->response(200, "successful", $result['num_emails']);
 		}
 	}

@@ -402,6 +418,6 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		Customers::decreaseUsage($customer['customerid'], 'emails_used');

 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_INFO, "[API] deleted email address '" . $result['email_full'] . "'");
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}
 }
--- a/lib/Froxlor/Api/Commands/FpmDaemons.php
+++ b/lib/Froxlor/Api/Commands/FpmDaemons.php
@@ -32,7 +32,7 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	 *        	optional specify offset for resultset
 	 * @param array $sql_orderby
 	 *        	optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more fields
-	 *
+	 *        	
 	 * @access admin
 	 * @throws \Exception
 	 * @return string json-encoded array count|list
@@ -70,7 +70,7 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				$fpmdaemons[] = $row;
 			}

-			return $this->response(200, "successfull", array(
+			return $this->response(200, "successful", array(
 				'count' => count($fpmdaemons),
 				'list' => $fpmdaemons
 			));
@@ -93,7 +93,7 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			");
 			$result = Database::pexecute_first($result_stmt, null, true, true);
 			if ($result) {
-				return $this->response(200, "successfull", $result['num_fpms']);
+				return $this->response(200, "successful", $result['num_fpms']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
@@ -121,7 +121,7 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				'id' => $id
 			), true, true);
 			if ($result) {
-				return $this->response(200, "successfull", $result);
+				return $this->response(200, "successful", $result);
 			}
 			throw new \Exception("fpm-daemon with id #" . $id . " could not be found", 404);
 		}
@@ -135,21 +135,23 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	 * @param string $reload_cmd
 	 * @param string $config_dir
 	 * @param string $pm
-	 *        	optional, process-manager, one of 'static', 'dynamic' or 'ondemand', default 'static'
+	 *        	optional, process-manager, one of 'static', 'dynamic' or 'ondemand', default 'dynamic'
 	 * @param int $max_children
-	 *        	optional, default 0
+	 *        	optional, default 5
 	 * @param int $start_servers
-	 *        	optional, default 0
+	 *        	optional, default 2
 	 * @param int $min_spare_servers
-	 *        	optional, default 0
+	 *        	optional, default 1
 	 * @param int $max_spare_servers
-	 *        	optional, default 0
+	 *        	optional, default 3
 	 * @param int $max_requests
 	 *        	optional, default 0
 	 * @param int $idle_timeout
-	 *        	optional, default 0
+	 *        	optional, default 10
 	 * @param string $limit_extensions
 	 *        	optional, limit execution to the following extensions, default '.php'
+	 * @param string $custom_config
+	 *        	optional, custom settings appended to phpfpm pool configuration
 	 *        	
 	 * @access admin
 	 * @throws \Exception
@@ -165,14 +167,15 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			$config_dir = $this->getParam('config_dir');

 			// parameters
-			$pmanager = $this->getParam('pm', true, 'static');
-			$max_children = $this->getParam('max_children', true, 0);
-			$start_servers = $this->getParam('start_servers', true, 0);
-			$min_spare_servers = $this->getParam('min_spare_servers', true, 0);
-			$max_spare_servers = $this->getParam('max_spare_servers', true, 0);
+			$pmanager = $this->getParam('pm', true, 'dynamic');
+			$max_children = $this->getParam('max_children', true, 5);
+			$start_servers = $this->getParam('start_servers', true, 2);
+			$min_spare_servers = $this->getParam('min_spare_servers', true, 1);
+			$max_spare_servers = $this->getParam('max_spare_servers', true, 3);
 			$max_requests = $this->getParam('max_requests', true, 0);
-			$idle_timeout = $this->getParam('idle_timeout', true, 0);
+			$idle_timeout = $this->getParam('idle_timeout', true, 10);
 			$limit_extensions = $this->getParam('limit_extensions', true, '.php');
+			$custom_config = $this->getParam('custom_config', true, '');

 			// validation
 			$description = \Froxlor\Validate\Validate::validate($description, 'description', '', '', array(), true);
@@ -206,7 +209,8 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				`max_spare_servers` = :max_spare_servers,
 				`max_requests` = :max_requests,
 				`idle_timeout` = :idle_timeout,
-				`limit_extensions` = :limit_extensions
+				`limit_extensions` = :limit_extensions,
+				`custom_config` = :custom_config
 			");
 			$ins_data = array(
 				'desc' => $description,
@@ -219,7 +223,8 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				'max_spare_servers' => $max_spare_servers,
 				'max_requests' => $max_requests,
 				'idle_timeout' => $idle_timeout,
-				'limit_extensions' => $limit_extensions
+				'limit_extensions' => $limit_extensions,
+				'custom_config' => $custom_config
 			);
 			Database::pexecute($ins_stmt, $ins_data);
 			$id = Database::lastInsertId();
@@ -229,7 +234,7 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			$result = $this->apiCall('FpmDaemons.get', array(
 				'id' => $id
 			));
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
@@ -246,21 +251,23 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	 * @param string $config_dir
 	 *        	optional
 	 * @param string $pm
-	 *        	optional, process-manager, one of 'static', 'dynamic' or 'ondemand', default 'static'
+	 *        	optional, process-manager, one of 'static', 'dynamic' or 'ondemand', default 'dynamic'
 	 * @param int $max_children
-	 *        	optional, default 0
+	 *        	optional, default 5
 	 * @param int $start_servers
-	 *        	optional, default 0
+	 *        	optional, default 2
 	 * @param int $min_spare_servers
-	 *        	optional, default 0
+	 *        	optional, default 1
 	 * @param int $max_spare_servers
-	 *        	optional, default 0
+	 *        	optional, default 3
 	 * @param int $max_requests
 	 *        	optional, default 0
 	 * @param int $idle_timeout
-	 *        	optional, default 0
+	 *        	optional, default 10
 	 * @param string $limit_extensions
 	 *        	optional, limit execution to the following extensions, default '.php'
+	 * @param string $custom_config
+	 *        	optional, custom settings appended to phpfpm pool configuration
 	 *        	
 	 * @access admin
 	 * @throws \Exception
@@ -289,6 +296,7 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			$max_requests = $this->getParam('max_requests', true, $result['max_requests']);
 			$idle_timeout = $this->getParam('idle_timeout', true, $result['idle_timeout']);
 			$limit_extensions = $this->getParam('limit_extensions', true, $result['limit_extensions']);
+			$custom_config = $this->getParam('custom_config', true, $result['custom_config']);

 			// validation
 			$description = \Froxlor\Validate\Validate::validate($description, 'description', '', '', array(), true);
@@ -322,7 +330,8 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				`max_spare_servers` = :max_spare_servers,
 				`max_requests` = :max_requests,
 				`idle_timeout` = :idle_timeout,
-				`limit_extensions` = :limit_extensions
+				`limit_extensions` = :limit_extensions,
+				`custom_config` = :custom_config
 				WHERE `id` = :id
 			");
 			$upd_data = array(
@@ -337,6 +346,7 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				'max_requests' => $max_requests,
 				'idle_timeout' => $idle_timeout,
 				'limit_extensions' => $limit_extensions,
+				'custom_config' => $custom_config,
 				'id' => $id
 			);
 			Database::pexecute($upd_stmt, $upd_data, true, true);
@@ -346,7 +356,7 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			$result = $this->apiCall('FpmDaemons.get', array(
 				'id' => $id
 			));
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
@@ -392,7 +402,7 @@ class FpmDaemons extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc

 			\Froxlor\System\Cronjob::inserttask('1');
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] fpm-daemon setting '" . $result['description'] . "' has been deleted by '" . $this->getUserDetail('loginname') . "'");
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
--- a/lib/Froxlor/Api/Commands/Froxlor.php
+++ b/lib/Froxlor/Api/Commands/Froxlor.php
@@ -42,7 +42,7 @@ class Froxlor extends \Froxlor\Api\ApiCommand
 				try {
 					$latestversion = \Froxlor\Http\HttpClient::urlGet(UPDATE_URI, true, 3);
 				} catch (\Exception $e) {
-					$latestversion = \Froxlor\Froxlor::getVersion()."|Version-check currently unavailable, please try again later";
+					$latestversion = \Froxlor\Froxlor::getVersion() . "|Version-check currently unavailable, please try again later";
 				}
 				$latestversion = explode('|', $latestversion);

@@ -74,7 +74,7 @@ class Froxlor extends \Froxlor\Api\ApiCommand
 					// zum update schritt #1 -> download
 					if ($isnewerversion == 1) {
 						$text = 'There is a newer version available: "' . $_version . '" (Your current version is: ' . $this->version . ')';
-						return $this->response(200, "successfull", array(
+						return $this->response(200, "successful", array(
 							'isnewerversion' => $isnewerversion,
 							'version' => $_version,
 							'message' => $text,
@@ -83,7 +83,7 @@ class Froxlor extends \Froxlor\Api\ApiCommand
 						));
 					} elseif ($isnewerversion == 0) {
 						// all good
-						return $this->response(200, "successfull", array(
+						return $this->response(200, "successful", array(
 							'isnewerversion' => $isnewerversion,
 							'version' => $version_label,
 							'message' => "",
@@ -95,7 +95,7 @@ class Froxlor extends \Froxlor\Api\ApiCommand
 					}
 				}
 			}
-			return $this->response(300, "successfull", array(
+			return $this->response(300, "successful", array(
 				'isnewerversion' => 0,
 				'version' => $this->version . $this->branding,
 				'message' => 'Version-check not available due to missing php-curl extension',
@@ -129,7 +129,7 @@ class Froxlor extends \Froxlor\Api\ApiCommand
 				\Froxlor\System\Cronjob::inserttask('4');
 				// cron.d file
 				\Froxlor\System\Cronjob::inserttask('99');
-				return $this->response(200, "successfull", true);
+				return $this->response(200, "successful", true);
 			} catch (\Exception $e) {
 				throw new \Exception($e->getMessage(), 406);
 			}
@@ -149,7 +149,7 @@ class Froxlor extends \Froxlor\Api\ApiCommand
 		if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) {
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "User " . $this->getUserDetail('loginname') . " exported settings");
 			$json_export = \Froxlor\SImExporter::export();
-			return $this->response(200, "successfull", $json_export);
+			return $this->response(200, "successful", $json_export);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
@@ -175,7 +175,7 @@ class Froxlor extends \Froxlor\Api\ApiCommand
 					'value' => $row['value']
 				);
 			}
-			return $this->response(200, "successfull", array(
+			return $this->response(200, "successful", array(
 				'count' => count($result),
 				'list' => $result
 			));
@@ -197,7 +197,7 @@ class Froxlor extends \Froxlor\Api\ApiCommand
 	{
 		if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) {
 			$setting = $this->getParam('key');
-			return $this->response(200, "successfull", Settings::Get($setting));
+			return $this->response(200, "successful", Settings::Get($setting));
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
@@ -216,7 +216,7 @@ class Froxlor extends \Froxlor\Api\ApiCommand
 	 */
 	public function updateSetting()
 	{
-		// currently not implemented as it required validation too so no wrong settings are being stored via API
+		// currently not implemented as it requires validation too so no wrong settings are being stored via API
 		throw new \Exception("Not available yet.", 501);

 		if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) {
@@ -227,7 +227,38 @@ class Froxlor extends \Froxlor\Api\ApiCommand
 				throw new \Exception("Setting '" . $setting . "' could not be found");
 			}
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] Changing setting '" . $setting . "' from '" . $oldvalue . "' to '" . $value . "'");
-			return $this->response(200, "successfull", Settings::Set($setting, $value, true));
+			return $this->response(200, "successful", Settings::Set($setting, $value, true));
+		}
+		throw new \Exception("Not allowed to execute given command.", 403);
+	}
+
+	/**
+	 * returns a random password based on froxlor settings for min-length, included characters, etc.
+	 *
+	 * @access admin, customer
+	 * @return string
+	 */
+	public function generatePassword()
+	{
+		return $this->response(200, "successful", \Froxlor\System\Crypt::generatePassword());
+	}
+
+	/**
+	 * can be used to remotely run the integritiy checks froxlor implements
+	 *
+	 * @access admin
+	 * @throws \Exception
+	 * @return string
+	 */
+	public function integrityCheck()
+	{
+		if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) {
+			$integrity = new \Froxlor\Database\IntegrityCheck();
+			$result = $integrity->checkAll();
+			if ($result) {
+				return $this->response(200, "successful", "OK");
+			}
+			throw new \Exception("Some checks failed.", 406);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
@@ -302,7 +333,7 @@ class Froxlor extends \Froxlor\Api\ApiCommand
 		}

 		// return the list
-		return $this->response(200, "successfull", $functions);
+		return $this->response(200, "successful", $functions);
 	}

 	/**
--- a/lib/Froxlor/Api/Commands/Ftps.php
+++ b/lib/Froxlor/Api/Commands/Ftps.php
@@ -227,6 +227,10 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 					$replace_arr = array(
 						'SALUTATION' => \Froxlor\User::getCorrectUserSalutation($customer),
 						'CUST_NAME' => \Froxlor\User::getCorrectUserSalutation($customer), // < keep this for compatibility
+						'NAME' => $customer['name'],
+						'FIRSTNAME' => $customer['firstname'],
+						'COMPANY' => $customer['company'],
+						'CUSTOMER_NO' => $customer['customernumber'],
 						'USR_NAME' => $username,
 						'USR_PASS' => $password,
 						'USR_PATH' => \Froxlor\FileDir::makeCorrectDir(str_replace($customer['documentroot'], "/", $path))
@@ -264,7 +268,7 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 				$result = $this->apiCall('Ftps.get', array(
 					'username' => $username
 				));
-				return $this->response(200, "successfull", $result);
+				return $this->response(200, "successful", $result);
 			}
 		}
 		throw new \Exception("No more resources available", 406);
@@ -325,7 +329,7 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 		$result = Database::pexecute_first($result_stmt, $params, true, true);
 		if ($result) {
 			$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get ftp-user '" . $result['username'] . "'");
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		$key = ($id > 0 ? "id #" . $id : "username '" . $username . "'");
 		throw new \Exception("FTP user with " . $key . " could not be found", 404);
@@ -335,7 +339,7 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 	 * update a given ftp-user by id or username
 	 *
 	 * @param int $id
-	 *        	optional, the customer-id
+	 *        	optional, the ftp-user-id
 	 * @param string $username
 	 *        	optional, the username
 	 * @param string $ftp_password
@@ -450,7 +454,7 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 			'username' => $result['username']
 		));
 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] updated ftp-user '" . $result['username'] . "'");
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}

 	/**
@@ -486,7 +490,7 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 			$result[] = $row;
 		}
 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] list ftp-users");
-		return $this->response(200, "successfull", array(
+		return $this->response(200, "successful", array(
 			'count' => count($result),
 			'list' => $result
 		));
@@ -514,7 +518,7 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 		");
 		$result = Database::pexecute_first($result_stmt, null, true, true);
 		if ($result) {
-			return $this->response(200, "successfull", $result['num_ftps']);
+			return $this->response(200, "successful", $result['num_ftps']);
 		}
 	}

@@ -622,6 +626,6 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 		Customers::decreaseUsage($customer_data['customerid'], 'ftps_used', $resetaccnumber);

 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_WARNING, "[API] deleted ftp-user '" . $result['username'] . "'");
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}
 }
--- a/lib/Froxlor/Api/Commands/HostingPlans.php
+++ b/lib/Froxlor/Api/Commands/HostingPlans.php
@@ -57,7 +57,7 @@ class HostingPlans extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				$result[] = $row;
 			}
-			return $this->response(200, "successfull", array(
+			return $this->response(200, "successful", array(
 				'count' => count($result),
 				'list' => $result
 			));
@@ -85,7 +85,7 @@ class HostingPlans extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 			}
 			$result = Database::pexecute_first($result_stmt, $params, true, true);
 			if ($result) {
-				return $this->response(200, "successfull", $result['num_plans']);
+				return $this->response(200, "successful", $result['num_plans']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
@@ -120,7 +120,7 @@ class HostingPlans extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 			$result = Database::pexecute_first($result_stmt, $params, true, true);
 			if ($result) {
 				$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] get hosting-plan '" . $result['name'] . "'");
-				return $this->response(200, "successfull", $result);
+				return $this->response(200, "successful", $result);
 			}
 			$key = ($id > 0 ? "id #" . $id : "planname '" . $planname . "'");
 			throw new \Exception("Hosting-plan with " . $key . " could not be found", 404);
@@ -246,7 +246,7 @@ class HostingPlans extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 			$result = $this->apiCall('HostingPlans.get', array(
 				'planname' => $name
 			));
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
@@ -393,7 +393,7 @@ class HostingPlans extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 			);
 			Database::pexecute($upd_stmt, $update_data, true, true);
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] updated hosting-plan '" . $result['name'] . "'");
-			return $this->response(200, "successfull", $update_data);
+			return $this->response(200, "successful", $update_data);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
@@ -431,7 +431,7 @@ class HostingPlans extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resou
 				'id' => $id
 			), true, true);
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] deleted hosting-plan '" . $result['name'] . "'");
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
--- a/lib/Froxlor/Api/Commands/IpsAndPorts.php
+++ b/lib/Froxlor/Api/Commands/IpsAndPorts.php
@@ -51,12 +51,12 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			$query_fields = array();
 			$result_stmt = Database::prepare("
 				SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` " . $ip_where . $this->getSearchWhere($query_fields, $append_where) . $this->getOrderBy() . $this->getLimit());
-			Database::pexecute($result_stmt, null, true, true);
+			Database::pexecute($result_stmt, $query_fields, true, true);
 			$result = array();
 			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 				$result[] = $row;
 			}
-			return $this->response(200, "successfull", array(
+			return $this->response(200, "successful", array(
 				'count' => count($result),
 				'list' => $result
 			));
@@ -82,7 +82,7 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				SELECT COUNT(*) as num_ips FROM `" . TABLE_PANEL_IPSANDPORTS . "` " . $ip_where);
 			$result = Database::pexecute_first($result_stmt, null, true, true);
 			if ($result) {
-				return $this->response(200, "successfull", $result['num_ips']);
+				return $this->response(200, "successful", $result['num_ips']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
@@ -116,7 +116,7 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			), true, true);
 			if ($result) {
 				$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] get ip " . $result['ip'] . " " . $result['port']);
-				return $this->response(200, "successfull", $result);
+				return $this->response(200, "successful", $result);
 			}
 			throw new \Exception("IP/port with id #" . $id . " could not be found", 404);
 		}
@@ -170,7 +170,7 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 	{
 		if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) {

-			$ip = \Froxlor\Validate\Validate::validate_ip2($this->getParam('ip'), false, 'invalidip', false, false, false, false, true);
+			$ip = \Froxlor\Validate\Validate::validate_ip2($this->getParam('ip'), false, 'invalidip', false, true, false, false, true);
 			$port = \Froxlor\Validate\Validate::validate($this->getParam('port', true, 80), 'port', '/^(([1-9])|([1-9][0-9])|([1-9][0-9][0-9])|([1-9][0-9][0-9][0-9])|([1-5][0-9][0-9][0-9][0-9])|(6[0-4][0-9][0-9][0-9])|(65[0-4][0-9][0-9])|(655[0-2][0-9])|(6553[0-5]))$/Di', array(
 				'stringisempty',
 				'myport'
@@ -255,7 +255,7 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				'port' => $port
 			));

-			if ($result_checkfordouble['id'] != '') {
+			if ($result_checkfordouble && $result_checkfordouble['id'] != '') {
 				\Froxlor\UI\Response::standard_error('myipnotdouble', '', true);
 			}

@@ -307,7 +307,7 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			$result = $this->apiCall('IpsAndPorts.get', array(
 				'id' => $ins_data['id']
 			));
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
@@ -367,7 +367,7 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				'id' => $id
 			));

-			$ip = \Froxlor\Validate\Validate::validate_ip2($this->getParam('ip', true, $result['ip']), false, 'invalidip', false, false, false, false, true);
+			$ip = \Froxlor\Validate\Validate::validate_ip2($this->getParam('ip', true, $result['ip']), false, 'invalidip', false, true, false, false, true);
 			$port = \Froxlor\Validate\Validate::validate($this->getParam('port', true, $result['port']), 'port', '/^(([1-9])|([1-9][0-9])|([1-9][0-9][0-9])|([1-9][0-9][0-9][0-9])|([1-5][0-9][0-9][0-9][0-9])|(6[0-4][0-9][0-9][0-9])|(65[0-4][0-9][0-9])|(655[0-2][0-9])|(6553[0-5]))$/Di', array(
 				'stringisempty',
 				'myport'
@@ -462,9 +462,9 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				$docroot = '';
 			}

-			if ($result['ip'] != $ip && $result['ip'] == Settings::Get('system.ipaddress') && $result_sameipotherport['id'] == '') {
+			if ($result['ip'] != $ip && $result['ip'] == Settings::Get('system.ipaddress') && $result_sameipotherport == false) {
 				\Froxlor\UI\Response::standard_error('cantchangesystemip', '', true);
-			} elseif ($result_checkfordouble['id'] != '' && $result_checkfordouble['id'] != $id) {
+			} elseif ($result_checkfordouble && $result_checkfordouble['id'] != '' && $result_checkfordouble['id'] != $id) {
 				\Froxlor\UI\Response::standard_error('myipnotdouble', '', true);
 			} else {

@@ -514,7 +514,7 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				$result = $this->apiCall('IpsAndPorts.get', array(
 					'id' => $result['id']
 				));
-				return $this->response(200, "successfull", $result);
+				return $this->response(200, "successful", $result);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
@@ -540,7 +540,7 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			));

 			$result_checkdomain_stmt = Database::prepare("
-				SELECT `id_domain` as `id` FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_ipandports` = :id
+				SELECT `id_domain` FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_ipandports` = :id
 			");
 			$result_checkdomain = Database::pexecute_first($result_checkdomain_stmt, array(
 				'id' => $id
@@ -560,7 +560,7 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 						'ip' => $result['ip']
 					));

-					if (($result['ip'] != Settings::Get('system.ipaddress')) || ($result['ip'] == Settings::Get('system.ipaddress') && $result_sameipotherport['id'] != '')) {
+					if (($result['ip'] != Settings::Get('system.ipaddress')) || ($result['ip'] == Settings::Get('system.ipaddress') && $result_sameipotherport != false)) {

 						$del_stmt = Database::prepare("
 							DELETE FROM `" . TABLE_PANEL_IPSANDPORTS . "`
@@ -583,7 +583,7 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 						\Froxlor\System\Cronjob::inserttask('4');

 						$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] deleted IP/port '" . $result['ip'] . ":" . $result['port'] . "'");
-						return $this->response(200, "successfull", $result);
+						return $this->response(200, "successful", $result);
 					} else {
 						\Froxlor\UI\Response::standard_error('cantdeletesystemip', '', true);
 					}
--- a/lib/Froxlor/Api/Commands/Mysqls.php
+++ b/lib/Froxlor/Api/Commands/Mysqls.php
@@ -125,6 +125,10 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			$replace_arr = array(
 				'SALUTATION' => \Froxlor\User::getCorrectUserSalutation($userinfo),
 				'CUST_NAME' => \Froxlor\User::getCorrectUserSalutation($userinfo), // < keep this for compatibility
+				'NAME' => $userinfo['name'],
+				'FIRSTNAME' => $userinfo['firstname'],
+				'COMPANY' => $userinfo['company'],
+				'CUSTOMER_NO' => $userinfo['customernumber'],
 				'DB_NAME' => $username,
 				'DB_PASS' => $password,
 				'DB_DESC' => $databasedescription,
@@ -165,7 +169,7 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		$result = $this->apiCall('Mysqls.get', array(
 			'dbname' => $username
 		));
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}

 	/**
@@ -252,9 +256,9 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			), true, true);
 			$mbdata = $mbdata_stmt->fetch(\PDO::FETCH_ASSOC);
 			Database::needRoot(false);
-			$result['size'] = $mbdata['MB'];
+			$result['size'] = $mbdata['MB'] ?? 0;
 			$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get database '" . $result['databasename'] . "'");
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		$key = ($id > 0 ? "id #" . $id : "dbname '" . $dbname . "'");
 		throw new \Exception("MySQL database with " . $key . " could not be found", 404);
@@ -346,7 +350,7 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		$result = $this->apiCall('Mysqls.get', array(
 			'dbname' => $result['databasename']
 		));
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}

 	/**
@@ -411,13 +415,13 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 						"table_schema" => $row['databasename']
 					), true, true);
 					$mbdata = $mbdata_stmt->fetch(\PDO::FETCH_ASSOC);
-					$row['size'] = $mbdata['MB'];
+					$row['size'] = $mbdata['MB'] ?? 0;
 					$result[] = $row;
 				}
 				Database::needRoot(false);
 			}
 		}
-		return $this->response(200, "successfull", array(
+		return $this->response(200, "successful", array(
 			'count' => count($result),
 			'list' => $result
 		));
@@ -444,7 +448,7 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		");
 		$result = Database::pexecute_first($result_stmt, null, true, true);
 		if ($result) {
-			return $this->response(200, "successfull", $result['num_dbs']);
+			return $this->response(200, "successful", $result['num_dbs']);
 		}
 	}

@@ -506,6 +510,6 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		Customers::decreaseUsage($customer['customerid'], 'mysqls_used', $resetaccnumber);

 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_WARNING, "[API] deleted database '" . $result['databasename'] . "'");
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}
 }
--- a/lib/Froxlor/Api/Commands/PhpSettings.php
+++ b/lib/Froxlor/Api/Commands/PhpSettings.php
@@ -50,8 +50,7 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			$result_stmt = Database::prepare("
 				SELECT c.*, fd.description as fpmdesc
 				FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
-				LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fd ON fd.id = c.fpmsettingid" . $this->getSearchWhere($query_fields) . $this->getOrderBy() . $this->getLimit()
-			);
+				LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fd ON fd.id = c.fpmsettingid" . $this->getSearchWhere($query_fields) . $this->getOrderBy() . $this->getLimit());
 			Database::pexecute($result_stmt, $query_fields, true, true);
 			$phpconfigs = array();
 			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
@@ -114,7 +113,7 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				$phpconfigs[] = $row;
 			}

-			return $this->response(200, "successfull", array(
+			return $this->response(200, "successful", array(
 				'count' => count($phpconfigs),
 				'list' => $phpconfigs
 			));
@@ -138,7 +137,7 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			");
 			$result = Database::pexecute_first($result_stmt, null, true, true);
 			if ($result) {
-				return $this->response(200, "successfull", $result['num_phps']);
+				return $this->response(200, "successful", $result['num_phps']);
 			}
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
@@ -166,7 +165,7 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				'id' => $id
 			), true, true);
 			if ($result) {
-				return $this->response(200, "successfull", $result);
+				return $this->response(200, "successful", $result);
 			}
 			throw new \Exception("php-config with id #" . $id . " could not be found", 404);
 		}
@@ -368,7 +367,7 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			$result = $this->apiCall('PhpSettings.get', array(
 				'id' => $ins_data['id']
 			));
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
@@ -564,7 +563,7 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			$result = $this->apiCall('PhpSettings.get', array(
 				'id' => $id
 			));
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
@@ -615,7 +614,7 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour

 			\Froxlor\System\Cronjob::inserttask('1');
 			$this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] php setting '" . $result['description'] . "' has been deleted by '" . $this->getUserDetail('loginname') . "'");
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
--- a/lib/Froxlor/Api/Commands/SubDomains.php
+++ b/lib/Froxlor/Api/Commands/SubDomains.php
@@ -36,11 +36,13 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	 * @param string $url
 	 *        	optional, overwrites path value with an URL to generate a redirect, alternatively use the path parameter also for URLs
 	 * @param int $openbasedir_path
-	 *        	optional, either 0 for customers-homedir or 1 for domains-docroot
+	 *        	optional, either 0 for domains-docroot or 1 for customers-homedir
 	 * @param int $phpsettingid
 	 *        	optional, php-settings-id, if empty the $domain value is used
 	 * @param int $redirectcode
 	 *        	optional, redirect-code-id from TABLE_PANEL_REDIRECTCODES
+	 * @param bool $sslenabled
+	 *        	optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default 1 (true)
 	 * @param bool $ssl_redirect
 	 *        	optional, whether to generate a https-redirect or not, default false; requires SSL to be enabled
 	 * @param bool $letsencrypt
@@ -76,6 +78,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			$redirectcode = $this->getParam('redirectcode', true, Settings::Get('customredirect.default'));
 			$isemaildomain = $this->getParam('isemaildomain', true, 0);
 			if (Settings::Get('system.use_ssl')) {
+				$sslenabled = $this->getBoolParam('sslenabled', true, 1);
 				$ssl_redirect = $this->getBoolParam('ssl_redirect', true, 0);
 				$letsencrypt = $this->getBoolParam('letsencrypt', true, 0);
 				$http2 = $this->getBoolParam('http2', true, 0);
@@ -83,6 +86,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				$hsts_sub = $this->getBoolParam('hsts_sub', true, 0);
 				$hsts_preload = $this->getBoolParam('hsts_preload', true, 0);
 			} else {
+				$sslenabled = 0;
 				$ssl_redirect = 0;
 				$letsencrypt = 0;
 				$http2 = 0;
@@ -95,6 +99,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			$customer = $this->getCustomerData('subdomains');

 			// validation
+			$subdomain = strtolower($subdomain);
 			if (substr($subdomain, 0, 4) == 'xn--') {
 				\Froxlor\UI\Response::standard_error('domain_nopunycode', '', true);
 			}
@@ -114,7 +119,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 					'mydomain'
 				), '', true);
 			}
-			if ($completedomain == Settings::Get('system.hostname')) {
+			if ($completedomain == strtolower(Settings::Get('system.hostname'))) {
 				\Froxlor\UI\Response::standard_error('admin_domain_emailsystemhostname', '', true);
 			}

@@ -190,7 +195,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			} elseif ($subdomain == 'www' && $domain_check['wwwserveralias'] == '1') {
 				// you cannot add 'www' as subdomain when the maindomain generates a www-alias
 				\Froxlor\UI\Response::standard_error('wwwnotallowed', '', true);
-			} elseif (strtolower($completedomain_check['domain']) == strtolower($completedomain)) {
+			} elseif ($completedomain_check && strtolower($completedomain_check['domain']) == strtolower($completedomain)) {
 				// the domain does already exist as main-domain
 				\Froxlor\UI\Response::standard_error('domainexistalready', $completedomain, true);
 			}
@@ -251,6 +256,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				`customerid` = :customerid,
 				`adminid` = :adminid,
 				`domain` = :domain,
+				`domain_ace` = :domain_ace,
 				`documentroot` = :documentroot,
 				`aliasdomain` = :aliasdomain,
 				`parentdomainid` = :parentdomainid,
@@ -275,12 +281,14 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				`override_tls` = :override_tls,
 				`ssl_protocols` = :ssl_protocols,
 				`ssl_cipher_list` = :ssl_cipher_list,
-				`tlsv13_cipher_list` = :tlsv13_cipher_list
+				`tlsv13_cipher_list` = :tlsv13_cipher_list,
+				`ssl_enabled` = :sslenabled
 			");
 			$params = array(
 				"customerid" => $customer['customerid'],
 				"adminid" => $customer['adminid'],
 				"domain" => $completedomain,
+				"domain_ace" => $idna_convert->decode($completedomain),
 				"documentroot" => $path,
 				"aliasdomain" => $aliasdomain != 0 ? $aliasdomain : null,
 				"parentdomainid" => $domain_check['id'],
@@ -305,7 +313,8 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				"override_tls" => $domain_check['override_tls'],
 				"ssl_protocols" => $domain_check['ssl_protocols'],
 				"ssl_cipher_list" => $domain_check['ssl_cipher_list'],
-				"tlsv13_cipher_list" => $domain_check['tlsv13_cipher_list']
+				"tlsv13_cipher_list" => $domain_check['tlsv13_cipher_list'],
+				"sslenabled" => $sslenabled
 			);
 			Database::pexecute($stmt, $params, true, true);
 			$subdomain_id = Database::lastInsertId();
@@ -336,7 +345,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			$result = $this->apiCall('SubDomains.get', array(
 				'id' => $subdomain_id
 			));
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		throw new \Exception("No more resources available", 406);
 	}
@@ -400,7 +409,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				);
 			}
 		} else {
-			if (Settings::IsInList('panel.customer_hide_options', 'domains')) {
+			if (! $this->isInternal() && Settings::IsInList('panel.customer_hide_options', 'domains')) {
 				throw new \Exception("You cannot access this resource", 405);
 			}
 			$result_stmt = Database::prepare("
@@ -417,7 +426,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		$result = Database::pexecute_first($result_stmt, $params, true, true);
 		if ($result) {
 			$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get subdomain '" . $result['domain'] . "'");
-			return $this->response(200, "successfull", $result);
+			return $this->response(200, "successful", $result);
 		}
 		$key = ($id > 0 ? "id #" . $id : "domainname '" . $domainname . "'");
 		throw new \Exception("Subdomain with " . $key . " could not be found", 404);
@@ -441,11 +450,13 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	 * @param bool $isemaildomain
 	 *        	optional
 	 * @param int $openbasedir_path
-	 *        	optional, either 0 for customers-homedir or 1 for domains-docroot
+	 *        	optional, either 0 for domains-docroot or 1 for customers-homedir
 	 * @param int $phpsettingid
 	 *        	optional, php-settings-id, if empty the $domain value is used
 	 * @param int $redirectcode
 	 *        	optional, redirect-code-id from TABLE_PANEL_REDIRECTCODES
+	 * @param bool $sslenabled
+	 *        	optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default 1 (true)
 	 * @param bool $ssl_redirect
 	 *        	optional, whether to generate a https-redirect or not, default false; requires SSL to be enabled
 	 * @param bool $letsencrypt
@@ -493,6 +504,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		$phpsettingid = $this->getParam('phpsettingid', true, $result['phpsettingid']);
 		$redirectcode = $this->getParam('redirectcode', true, \Froxlor\Domain\Domain::getDomainRedirectId($id));
 		if (Settings::Get('system.use_ssl')) {
+			$sslenabled = $this->getBoolParam('sslenabled', true, $result['ssl_enabled']);
 			$ssl_redirect = $this->getBoolParam('ssl_redirect', true, $result['ssl_redirect']);
 			$letsencrypt = $this->getBoolParam('letsencrypt', true, $result['letsencrypt']);
 			$http2 = $this->getBoolParam('http2', true, $result['http2']);
@@ -500,6 +512,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 			$hsts_sub = $this->getBoolParam('hsts_sub', true, $result['hsts_sub']);
 			$hsts_preload = $this->getBoolParam('hsts_preload', true, $result['hsts_preload']);
 		} else {
+			$sslenabled = 0;
 			$ssl_redirect = 0;
 			$letsencrypt = 0;
 			$http2 = 0;
@@ -610,14 +623,15 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		if ($path != $result['documentroot'] || $isemaildomain != $result['isemaildomain'] || $wwwserveralias != $result['wwwserveralias'] || $iswildcarddomain != $result['iswildcarddomain'] || $aliasdomain != $result['aliasdomain'] || $openbasedir_path != $result['openbasedir_path'] || $ssl_redirect != $result['ssl_redirect'] || $letsencrypt != $result['letsencrypt'] || $hsts_maxage != $result['hsts'] || $hsts_sub != $result['hsts_sub'] || $hsts_preload != $result['hsts_preload'] || $phpsettingid != $result['phpsettingid']) {
 			$stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
-					`documentroot`= :documentroot,
-					`isemaildomain`= :isemaildomain,
-					`wwwserveralias`= :wwwserveralias,
-					`iswildcarddomain`= :iswildcarddomain,
-					`aliasdomain`= :aliasdomain,
-					`openbasedir_path`= :openbasedir_path,
-					`ssl_redirect`= :ssl_redirect,
-					`letsencrypt`= :letsencrypt,
+					`documentroot` = :documentroot,
+					`isemaildomain` = :isemaildomain,
+					`wwwserveralias` = :wwwserveralias,
+					`iswildcarddomain` = :iswildcarddomain,
+					`aliasdomain` = :aliasdomain,
+					`openbasedir_path` = :openbasedir_path,
+					`ssl_enabled` = :sslenabled,
+					`ssl_redirect` = :ssl_redirect,
+					`letsencrypt` = :letsencrypt,
 					`http2` = :http2,
 					`hsts` = :hsts,
 					`hsts_sub` = :hsts_sub,
@@ -632,6 +646,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				"iswildcarddomain" => $iswildcarddomain,
 				"aliasdomain" => ($aliasdomain != 0 && $alias_check == 0) ? $aliasdomain : null,
 				"openbasedir_path" => $openbasedir_path,
+				"sslenabled" => $sslenabled,
 				"ssl_redirect" => $ssl_redirect,
 				"letsencrypt" => $letsencrypt,
 				"http2" => $http2,
@@ -668,6 +683,8 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				Database::pexecute($del_stmt, array(
 					'id' => $id
 				), true, true);
+				// remove domain from acme.sh / lets encrypt if used
+				\Froxlor\System\Cronjob::inserttask('12', $result['domain']);
 			}

 			\Froxlor\System\Cronjob::inserttask('1');
@@ -678,7 +695,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		$result = $this->apiCall('SubDomains.get', array(
 			'id' => $id
 		));
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}

 	/**
@@ -752,6 +769,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 				'`d`.`id`',
 				'`d`.`customerid`',
 				'`d`.`domain`',
+				'`d`.`domain_ace`',
 				'`d`.`documentroot`',
 				'`d`.`isbinddomain`',
 				'`d`.`isemaildomain`',
@@ -767,20 +785,21 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc

 		// prepare select statement
 		$domains_stmt = Database::prepare("
-			SELECT " . implode(",", $select_fields) . ", `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`, `da`.`id` AS `domainaliasid`, `da`.`domain` AS `domainalias`
+			SELECT " . implode(",", $select_fields) . ", IF(`d`.`parentdomainid` > 0, `pd`.`domain_ace`, `d`.`domain_ace`) AS `parentdomainname`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`, `da`.`id` AS `domainaliasid`, `da`.`domain` AS `domainalias`
 			FROM `" . TABLE_PANEL_DOMAINS . "` `d`
 			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id`
 			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `da` ON `da`.`aliasdomain`=`d`.`id`
+			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `pd` ON `pd`.`id`=`d`.`parentdomainid`
 			WHERE `d`.`customerid` IN (" . implode(', ', $customer_ids) . ")
 			AND `d`.`email_only` = '0'
-			AND `d`.`id` NOT IN (" . implode(', ', $customer_stdsubs) . ")" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
+			AND `d`.`id` NOT IN (" . implode(', ', $customer_stdsubs) . ")" . $this->getSearchWhere($query_fields, true) . " GROUP BY `d`.`id` ORDER BY `parentdomainname` " . $this->getOrderBy(true) . $this->getLimit());

 		$result = array();
 		Database::pexecute($domains_stmt, $query_fields, true, true);
 		while ($row = $domains_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
-		return $this->response(200, "successfull", array(
+		return $this->response(200, "successful", array(
 			'count' => count($result),
 			'list' => $result
 		));
@@ -839,15 +858,13 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		$domains_stmt = Database::prepare("
 			SELECT COUNT(*) as num_subdom
 			FROM `" . TABLE_PANEL_DOMAINS . "` `d`
-			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id`
-			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `da` ON `da`.`aliasdomain`=`d`.`id`
 			WHERE `d`.`customerid` IN (" . implode(', ', $customer_ids) . ")
 			AND `d`.`email_only` = '0'
 			AND `d`.`id` NOT IN (" . implode(', ', $customer_stdsubs) . ")
 		");
 		$result = Database::pexecute_first($domains_stmt, null, true, true);
 		if ($result) {
-			return $this->response(200, "successfull", $result['num_subdom']);
+			return $this->response(200, "successful", $result['num_subdom']);
 		}
 	}

@@ -858,7 +875,9 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 	 *        	optional, the domain-id
 	 * @param string $domainname
 	 *        	optional, the domainname
-	 *        	
+	 * @param int $customerid
+	 *        	required when called as admin, not needed when called as customer
+	 *
 	 * @access admin, customer
 	 * @throws \Exception
 	 * @return string json-encoded array
@@ -961,7 +980,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
 		Customers::decreaseUsage($customer['customerid'], 'subdomains_used');

 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_WARNING, "[API] deleted subdomain '" . $result['domain'] . "'");
-		return $this->response(200, "successfull", $result);
+		return $this->response(200, "successful", $result);
 	}

 	/**
--- a/lib/Froxlor/Api/Commands/SysLog.php
+++ b/lib/Froxlor/Api/Commands/SysLog.php
@@ -55,7 +55,7 @@ class SysLog extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			if (count($customer_names) > 0) {
 				$result_stmt = Database::prepare("
 				SELECT * FROM `" . TABLE_PANEL_LOG . "`
-				WHERE `user` = :loginname OR `user` IN (" . implode(', ', $customer_names) . ")" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
+				WHERE `user` = :loginname OR `user` IN ('" . implode("', '", $customer_names) . "')" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
 			} else {
 				$result_stmt = Database::prepare("
 				SELECT * FROM `" . TABLE_PANEL_LOG . "`
@@ -74,7 +74,7 @@ class SysLog extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			$result[] = $row;
 		}
 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] list log-entries");
-		return $this->response(200, "successfull", array(
+		return $this->response(200, "successful", array(
 			'count' => count($result),
 			'list' => $result
 		));
@@ -105,7 +105,7 @@ class SysLog extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			if (count($customer_names) > 0) {
 				$result_stmt = Database::prepare("
 					SELECT COUNT(*) as num_logs FROM `" . TABLE_PANEL_LOG . "`
-					WHERE `user` = :loginname OR `user` IN (" . implode(', ', $customer_names) . ")
+					WHERE `user` = :loginname OR `user` IN ('" . implode("', '", $customer_names) . "')
 				");
 			} else {
 				$result_stmt = Database::prepare("
@@ -129,7 +129,7 @@ class SysLog extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt

 		$result = Database::pexecute_first($result_stmt, $params, true, true);
 		if ($result) {
-			return $this->response(200, "successfull", $result['num_logs']);
+			return $this->response(200, "successful", $result['num_logs']);
 		}
 	}

@@ -190,22 +190,21 @@ class SysLog extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 				}
 				if (count($customer_names) > 0) {
 					$result_stmt = Database::prepare("
-					DELETE FROM `" . TABLE_PANEL_LOG . "` WHERE `date` < :trunc AND `user` = :loginname OR `user` IN (" . implode(', ', $customer_names) . ")
-				");
+						DELETE FROM `" . TABLE_PANEL_LOG . "` WHERE `date` < :trunc AND `user` = :loginname OR `user` IN ('" . implode("', '", $customer_names) . "')
+					");
 				} else {
 					$result_stmt = Database::prepare("
-					SELECT COUNT(*) as num_logs FROM `" . TABLE_PANEL_LOG . "`
-					DELETE FROM `" . TABLE_PANEL_LOG . "` WHERE `date` < :trunc AND `user` = :loginname
-				");
+						DELETE FROM `" . TABLE_PANEL_LOG . "` WHERE `date` < :trunc AND `user` = :loginname
+					");
 				}
 				$params = [
 					'loginname' => $this->getUserDetail('loginname')
 				];
 			}
 			$params['trunc'] = $truncatedate;
-			Database::execute($result_stmt, $params, true, true);
+			Database::pexecute($result_stmt, $params, true, true);
 			$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_WARNING, "[API] truncated the froxlor syslog");
-			return $this->response(200, "successfull", true);
+			return $this->response(200, "successful", true);
 		}
 		throw new \Exception("Not allowed to execute given command.", 403);
 	}
--- a/lib/Froxlor/Api/Commands/Traffic.php
+++ b/lib/Froxlor/Api/Commands/Traffic.php
@@ -110,7 +110,7 @@ class Traffic extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEn
 			$result[] = $row;
 		}
 		$this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] list traffic");
-		return $this->response(200, "successfull", array(
+		return $this->response(200, "successful", array(
 			'count' => count($result),
 			'list' => $result
 		));
--- a/lib/Froxlor/Api/FroxlorRPC.php
+++ b/lib/Froxlor/Api/FroxlorRPC.php
@@ -56,7 +56,7 @@ class FroxlorRPC
 	private static function validateAuth($key, $secret)
 	{
 		$sel_stmt = \Froxlor\Database\Database::prepare("
-			SELECT ak.*, a.api_allowed as admin_api_allowed, c.api_allowed as cust_api_allowed
+			SELECT ak.*, a.api_allowed as admin_api_allowed, c.api_allowed as cust_api_allowed, c.deactivated
 			FROM `api_keys` ak
 			LEFT JOIN `panel_admins` a ON a.adminid = ak.adminid
 			LEFT JOIN `panel_customers` c ON c.customerid = ak.customerid
@@ -67,7 +67,7 @@ class FroxlorRPC
 			'as' => $secret
 		), true, true);
 		if ($result) {
-			if ($result['apikey'] == $key && $result['secret'] == $secret && ($result['valid_until'] == - 1 || $result['valid_until'] >= time()) && (($result['customerid'] == 0 && $result['admin_api_allowed'] == 1) || ($result['customerid'] > 0 && $result['cust_api_allowed'] == 1))) {
+			if ($result['apikey'] == $key && $result['secret'] == $secret && ($result['valid_until'] == - 1 || $result['valid_until'] >= time()) && (($result['customerid'] == 0 && $result['admin_api_allowed'] == 1) || ($result['customerid'] > 0 && $result['cust_api_allowed'] == 1 && $result['deactivated'] == 0))) {
 				// get user to check whether api call is allowed
 				if (! empty($result['allowed_from'])) {
 					// @todo allow specification and validating of whole subnets later
--- a/lib/Froxlor/Cli/Action/ConfigServicesAction.php
+++ b/lib/Froxlor/Cli/Action/ConfigServicesAction.php
@@ -26,11 +26,16 @@ class ConfigServicesAction extends \Froxlor\Cli\Action
 	 */
 	private function validate()
 	{
+		global $lng;
+
 		$this->checkConfigParam(true);
 		$this->parseConfig();

 		require FROXLOR_INSTALL_DIR . '/lib/tables.inc.php';

+		include_once FROXLOR_INSTALL_DIR . '/lng/english.lng.php';
+		include_once FROXLOR_INSTALL_DIR . '/lng/lng_references.php';
+
 		if (array_key_exists("import-settings", $this->_args)) {
 			$this->importSettings();
 		}
@@ -78,6 +83,20 @@ class ConfigServicesAction extends \Froxlor\Cli\Action
 		$distros = glob($config_dir . '*.xml');
 		// tmp array
 		$distributions_select_data = array();
+
+		//set default os.
+		$os_dist = array('ID' => 'buster');
+		$os_version = array('0' => '10');
+		$os_default = $os_dist['ID'];
+
+		//read os-release
+		if(file_exists('/etc/os-release')) {
+			$os_dist = parse_ini_file('/etc/os-release', false);
+			if(is_array($os_dist) && array_key_exists('ID', $os_dist) && array_key_exists('VERSION_ID', $os_dist)) {
+				$os_version = explode('.',$os_dist['VERSION_ID'])[0];
+			}
+		}
+
 		// read in all the distros
 		foreach ($distros as $_distribution) {
 			// get configparser object
@@ -86,6 +105,12 @@ class ConfigServicesAction extends \Froxlor\Cli\Action
 			$dist_display = $this->getCompleteDistroName($dist);
 			// store in tmp array
 			$distributions_select_data[$dist_display] = str_replace(".xml", "", strtolower(basename($_distribution)));
+			
+			//guess if this is the current distro.
+			$ver = explode('.', $dist->distributionVersion)[0];
+			if (strtolower($os_dist['ID']) == strtolower($dist->distributionName) && $os_version == $ver) {
+				$os_default = str_replace(".xml", "", strtolower(basename($_distribution)));
+			}
 		}

 		// sort by distribution name
@@ -103,7 +128,7 @@ class ConfigServicesAction extends \Froxlor\Cli\Action
 		echo PHP_EOL;

 		while (! in_array($_daemons_config['distro'], $distributions_select_data)) {
-			$_daemons_config['distro'] = ConfigServicesCmd::getInput("choose distribution", "buster");
+			$_daemons_config['distro'] = ConfigServicesCmd::getInput("choose distribution", $os_default);
 		}

 		// go through all services and let user check whether to include it or not
--- a/lib/Froxlor/Config/ConfigParser.php
+++ b/lib/Froxlor/Config/ConfigParser.php
@@ -39,6 +39,13 @@ class ConfigParser
 	 */
 	private $services = array();

+	/**
+	 * Holding the available defaults in the XML
+	 *
+	 * @var array
+	 */
+	private $defaults = array();
+
 	/**
 	 * Store the parsed SimpleXMLElement for usage
 	 *
@@ -147,7 +154,7 @@ class ConfigParser
 	 *
 	 * @return bool
 	 */
-	private function parse()
+	private function parseServices()
 	{
 		// We only want to parse the stuff one time
 		if ($this->isparsed == true) {
@@ -174,6 +181,29 @@ class ConfigParser
 		return true;
 	}

+	/**
+	 * Parse the XML and populate $this->services
+	 *
+	 * @return bool
+	 */
+	private function parseDefaults()
+	{
+		// We only want to parse the stuff one time
+		if ($this->isparsed == true) {
+			return true;
+		}
+
+		// Get all defaults
+		$defaults = $this->xml->xpath('//defaults');
+		foreach ($defaults as $default) {
+			$this->defaults = $default;
+		}
+
+		// Switch flag to indicate we parsed our data
+		$this->isparsed = true;
+		return true;
+	}
+
 	/**
 	 * Return all services defined by the XML
 	 *
@@ -184,9 +214,25 @@ class ConfigParser
 	public function getServices()
 	{
 		// Let's parse this shit(!)
-		$this->parse();
+		$this->parseServices();

 		// Return our carefully searched for services
 		return $this->services;
 	}
+
+	/**
+	 * Return all defaults defined by the XML
+	 *
+	 * The array will hold ConfigDefaults - Objects for further handling
+	 *
+	 * @return array
+	 */
+	public function getDefaults()
+	{
+		// Let's parse this shit(!)
+		$this->parseDefaults();
+
+		// Return our carefully searched for defaults
+		return $this->defaults;
+	}
 }
--- a/lib/Froxlor/Cron/CronConfig.php
+++ b/lib/Froxlor/Cron/CronConfig.php
@@ -99,7 +99,7 @@ class CronConfig
 					$binpath = Settings::Get("system.croncmdline");
 					// fallback as it is important
 					if ($binpath === null) {
-						$binpath = "/usr/bin/nice -n 5 /usr/bin/php5 -q";
+						$binpath = "/usr/bin/nice -n 5 /usr/bin/php -q";
 					}

 					$cronfile .= "root " . $binpath . " " . \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . "/scripts/froxlor_master_cronjob.php") . " --" . $row_cronentry['cronfile'] . " 1> /dev/null\n";
--- a/lib/Froxlor/Cron/Dns/Bind.php
+++ b/lib/Froxlor/Cron/Dns/Bind.php
@@ -112,7 +112,10 @@ class Bind extends DnsBase
 			if (count($this->ns) > 0) {
 				foreach ($this->ns as $ns) {
 					foreach ($ns["ips"] as $ip) {
-						$bindconf_file .= '		' . $ip . ";\n";
+						$ip = \Froxlor\Validate\Validate::validate_ip2($ip, true, 'invalidip', true, true, true);
+						if ($ip) {
+							$bindconf_file .= '		' . $ip . ";\n";
+						}
 					}
 				}
 			}
--- a/lib/Froxlor/Cron/Dns/DnsBase.php
+++ b/lib/Froxlor/Cron/Dns/DnsBase.php
@@ -195,18 +195,18 @@ abstract class DnsBase

 			while ($domain = $result_domains_stmt->fetch(\PDO::FETCH_ASSOC)) {

-				$privkey_filename = \Froxlor\FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim_' . $domain['dkim_id']);
-				$pubkey_filename = \Froxlor\FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim_' . $domain['dkim_id'] . '.public');
+				$privkey_filename = \Froxlor\FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim' . $domain['dkim_id']);
+				$pubkey_filename = \Froxlor\FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim' . $domain['dkim_id'] . '.public');

 				if ($domain['dkim_privkey'] == '' || $domain['dkim_pubkey'] == '') {
 					$max_dkim_id_stmt = Database::query("SELECT MAX(`dkim_id`) as `max_dkim_id` FROM `" . TABLE_PANEL_DOMAINS . "`");
 					$max_dkim_id = $max_dkim_id_stmt->fetch(\PDO::FETCH_ASSOC);
 					$domain['dkim_id'] = (int) $max_dkim_id['max_dkim_id'] + 1;
-					$privkey_filename = \Froxlor\FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim_' . $domain['dkim_id']);
+					$privkey_filename = \Froxlor\FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim' . $domain['dkim_id']);
 					\Froxlor\FileDir::safe_exec('openssl genrsa -out ' . escapeshellarg($privkey_filename) . ' ' . Settings::Get('dkim.dkim_keylength'));
 					$domain['dkim_privkey'] = file_get_contents($privkey_filename);
 					\Froxlor\FileDir::safe_exec("chmod 0640 " . escapeshellarg($privkey_filename));
-					$pubkey_filename = \Froxlor\FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim_' . $domain['dkim_id'] . '.public');
+					$pubkey_filename = \Froxlor\FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim' . $domain['dkim_id'] . '.public');
 					\Froxlor\FileDir::safe_exec('openssl rsa -in ' . escapeshellarg($privkey_filename) . ' -pubout -outform pem -out ' . escapeshellarg($pubkey_filename));
 					$domain['dkim_pubkey'] = file_get_contents($pubkey_filename);
 					\Froxlor\FileDir::safe_exec("chmod 0664 " . escapeshellarg($pubkey_filename));
--- a/lib/Froxlor/Cron/Http/Apache.php
+++ b/lib/Froxlor/Cron/Http/Apache.php
@@ -172,7 +172,7 @@ class Apache extends HttpConfigBase

 				$mypath = $this->getMyPath($row_ipsandports);

-				$this->virtualhosts_data[$vhosts_filename] .= 'DocumentRoot "' . $mypath . '"' . "\n";
+				$this->virtualhosts_data[$vhosts_filename] .= 'DocumentRoot "' . rtrim($mypath, "/") . '"' . "\n";

 				if ($row_ipsandports['vhostcontainer_servername_statement'] == '1') {
 					$this->virtualhosts_data[$vhosts_filename] .= ' ServerName ' . Settings::Get('system.hostname') . "\n";
@@ -413,7 +413,8 @@ class Apache extends HttpConfigBase
 						$this->virtualhosts_data[$vhosts_filename] .= $this->processSpecialConfigTemplate($row_ipsandports['ssl_specialsettings'], $domain, $row_ipsandports['ip'], $row_ipsandports['port'], $row_ipsandports['ssl'] == '1') . "\n";
 					}

-					if ($row_ipsandports['ssl_cert_file'] == '') {
+					// check for required fallback
+					if (($row_ipsandports['ssl_cert_file'] == '' || ! file_exists($row_ipsandports['ssl_cert_file'])) && (Settings::Get('system.le_froxlor_enabled') == '0' || $this->froxlorVhostHasLetsEncryptCert() == false)) {
 						$row_ipsandports['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
 						if (! file_exists($row_ipsandports['ssl_cert_file'])) {
 							// explicitly disable ssl for this vhost
@@ -442,7 +443,9 @@ class Apache extends HttpConfigBase
 						'loginname' => 'froxlor.panel',
 						'documentroot' => $mypath,
 						'customerroot' => $mypath,
-						'parentdomainid' => 0
+						'parentdomainid' => 0,
+						'ssl_honorcipherorder' => Settings::Get('system.honorcipherorder'),
+						'ssl_sessiontickets' => Settings::Get('system.sessiontickets')
 					);

 					// override corresponding array values
@@ -478,9 +481,12 @@ class Apache extends HttpConfigBase
 									$this->virtualhosts_data[$vhosts_filename] .= ' SSLOpenSSLConfCmd DHParameters "' . $dhparams . '"' . "\n";
 								}
 								$this->virtualhosts_data[$vhosts_filename] .= ' SSLCompression Off' . "\n";
+								if (Settings::Get('system.sessionticketsenabled') == '1') {
+									$this->virtualhosts_data[$vhosts_filename] .= ' SSLSessionTickets ' .  ($domain['ssl_sessiontickets'] == '1' ? 'on' : 'off') . "\n";
+								}
 							}
-							// this makes it more secure, thx to Marcel (08/2013)
-							$this->virtualhosts_data[$vhosts_filename] .= ' SSLHonorCipherOrder On' . "\n";
+
+							$this->virtualhosts_data[$vhosts_filename] .= ' SSLHonorCipherOrder ' .  ($domain['ssl_honorcipherorder'] == '1' ? 'on' : 'off') . "\n";
 							$this->virtualhosts_data[$vhosts_filename] .= ' SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n";
 							$protocols = array_map('trim', explode(",", Settings::Get('system.ssl_protocols')));
 							if (in_array("TLSv1.3", $protocols) && ! empty(Settings::Get('system.tlsv13_cipher_list')) && Settings::Get('system.apache24') == 1) {
@@ -656,7 +662,7 @@ class Apache extends HttpConfigBase

 		if ($domain['deactivated'] == '1' && Settings::Get('system.deactivateddocroot') != '') {
 			$webroot_text .= '  # Using docroot for deactivated users...' . "\n";
-			$webroot_text .= '  DocumentRoot "' . \Froxlor\FileDir::makeCorrectDir(Settings::Get('system.deactivateddocroot')) . "\"\n";
+			$webroot_text .= '  DocumentRoot "' . rtrim(\Froxlor\FileDir::makeCorrectDir(Settings::Get('system.deactivateddocroot')), "/") . "\"\n";
 			$webroot_text .= '  <Directory "' . \Froxlor\FileDir::makeCorrectDir(Settings::Get('system.deactivateddocroot')) . '">' . "\n";
 			// >=apache-2.4 enabled?
 			if (Settings::Get('system.apache24') == '1') {
@@ -669,7 +675,7 @@ class Apache extends HttpConfigBase
 			$webroot_text .= '  </Directory>' . "\n";
 			$this->deactivated = true;
 		} else {
-			$webroot_text .= '  DocumentRoot "' . $domain['documentroot'] . "\"\n";
+			$webroot_text .= '  DocumentRoot "' . rtrim($domain['documentroot'], "/") . "\"\n";
 			$this->deactivated = false;
 		}

@@ -755,7 +761,7 @@ class Apache extends HttpConfigBase
 		$logtype = 'combined';
 		if (Settings::Get('system.logfiles_format') != '') {
 			$logtype = 'frx_custom';
-			$logfiles_text .= '  LogFormat "' . Settings::Get('system.logfiles_format') . '" ' . $logtype . "\n";
+			$logfiles_text .= '  LogFormat ' . Settings::Get('system.logfiles_format') . ' ' . $logtype . "\n";
 		}
 		if (Settings::Get('system.logfiles_type') == '2' && Settings::Get('system.logfiles_format') == '') {
 			$logtype = 'vhost_combined';
@@ -945,7 +951,7 @@ class Apache extends HttpConfigBase
 		}

 		if ($ssl_vhost === true && $domain['ssl'] == '1' && Settings::Get('system.use_ssl') == '1') {
-			if ($domain['ssl_cert_file'] == '') {
+			if ($domain['ssl_cert_file'] == '' || ! file_exists($domain['ssl_cert_file'])) {
 				$domain['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
 				if (! file_exists($domain['ssl_cert_file'])) {
 					// explicitly disable ssl for this vhost
@@ -986,9 +992,11 @@ class Apache extends HttpConfigBase
 						$vhost_content .= '  SSLOpenSSLConfCmd DHParameters "' . $dhparams . '"' . "\n";
 					}
 					$vhost_content .= '  SSLCompression Off' . "\n";
+					if (Settings::Get('system.sessionticketsenabled') == '1') {
+						$vhost_content .= '  SSLSessionTickets ' .  ($domain['ssl_sessiontickets'] == '1' ? 'on' : 'off') . "\n";
+					}
 				}
-				// this makes it more secure, thx to Marcel (08/2013)
-				$vhost_content .= '  SSLHonorCipherOrder On' . "\n";
+				$vhost_content .= '  SSLHonorCipherOrder ' .  ($domain['ssl_honorcipherorder'] == '1' ? 'on' : 'off') . "\n";
 				$vhost_content .= '  SSLCipherSuite ' . $ssl_cipher_list . "\n";
 				$protocols = array_map('trim', explode(",", $ssl_protocols));
 				if (in_array("TLSv1.3", $protocols) && ! empty($tlsv13_cipher_list) && Settings::Get('system.apache24') == 1) {
@@ -1114,7 +1122,7 @@ class Apache extends HttpConfigBase
 				// Create vhost without ssl
 				$this->virtualhosts_data[$vhosts_filename] .= $this->getVhostContent($domain, false);

-				if ($domain['ssl'] == '1' || $domain['ssl_redirect'] == '1') {
+				if ($domain['ssl_enabled'] == '1' && ($domain['ssl'] == '1' || $domain['ssl_redirect'] == '1')) {
 					// Adding ssl stuff if enabled
 					$vhosts_filename_ssl = $this->getVhostFilename($domain, true);
 					$this->virtualhosts_data[$vhosts_filename_ssl] = '# Domain ID: ' . $domain['id'] . ' (SSL) - CustomerID: ' . $domain['customerid'] . ' - CustomerLogin: ' . $domain['loginname'] . "\n";
--- a/lib/Froxlor/Cron/Http/DomainSSL.php
+++ b/lib/Froxlor/Cron/Http/DomainSSL.php
@@ -68,6 +68,11 @@ class DomainSSL
 				'ssl_key_file' => \Froxlor\FileDir::makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '.key')
 			);

+			if (! $this->validateCertificate($dom_certs)) {
+				\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_ERR, 'Given SSL private key for ' . $domain['domain'] . ' does not seem to match the certificate. Cannot create ssl-directives');
+				return;
+			}
+
 			if (Settings::Get('system.webserver') == 'lighttpd') {
 				// put my.crt and my.key together for lighty.
 				$dom_certs['ssl_cert_file'] = trim($dom_certs['ssl_cert_file']) . "\n" . trim($dom_certs['ssl_key_file']) . "\n";
@@ -112,4 +117,9 @@ class DomainSSL

 		return;
 	}
+
+	private function validateCertificate($dom_certs = array())
+	{
+		return openssl_x509_check_private_key($dom_certs['ssl_cert_file'], $dom_certs['ssl_key_file']);
+	}
 }
--- a/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php
+++ b/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php
@@ -4,6 +4,9 @@ namespace Froxlor\Cron\Http\LetsEncrypt;
 use Froxlor\FroxlorLogger;
 use Froxlor\Settings;
 use Froxlor\Database\Database;
+use Froxlor\PhpHelper;
+use Froxlor\Domain\Domain;
+use Froxlor\FileDir;

 /**
 * This file is part of the Froxlor project.
@@ -18,9 +21,9 @@ use Froxlor\Database\Database;
 * @author Froxlor team <team@froxlor.org> (2016-)
 * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package Cron
- *         
+ *
 * @since 0.9.35
- *       
+ *
 */
 class AcmeSh extends \Froxlor\Cron\FroxlorCron
 {
@@ -41,11 +44,416 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
 	 */
 	private static $upddom_stmt = null;

-	private static $do_update = true;
-
 	public static $no_inserttask = false;

-	private static function needRenew()
+	/**
+	 * run the task
+	 *
+	 * @param boolean $internal
+	 * @return number
+	 */
+	public static function run($internal = false)
+	{
+		// usually, this is action is called from within the tasks-jobs
+		if (! defined('CRON_IS_FORCED') && ! defined('CRON_DEBUG_FLAG') && $internal == false) {
+			// Let's Encrypt cronjob is combined with regeneration of webserver configuration files.
+			// For debugging purposes you can use the --debug switch and the --force switch to run the cron manually.
+			// check whether we MIGHT need to run although there is no task to regenerate config-files
+			$issue_froxlor = self::issueFroxlorVhost();
+			$issue_domains = self::issueDomains();
+			$renew_froxlor = self::renewFroxlorVhost();
+			$renew_domains = self::renewDomains(true);
+			if ($issue_froxlor || !empty($issue_domains) || !empty($renew_froxlor) || $renew_domains) {
+				// insert task to generate certificates and vhost-configs
+				\Froxlor\System\Cronjob::inserttask(1);
+			}
+			return 0;
+		}
+
+		// set server according to settings
+		self::$apiserver = 'https://acme-' . (Settings::Get('system.letsencryptca') == 'testing' ? 'staging-' : '') . 'v0' . \Froxlor\Settings::Get('system.leapiversion') . '.api.letsencrypt.org/directory';
+
+		// validate acme.sh installation
+		if (! self::checkInstall()) {
+			return - 1;
+		}
+
+		self::checkUpgrade();
+
+		// flag for re-generation of vhost files
+		$changedetected = 0;
+
+		// prepare update sql
+		self::$updcert_stmt = Database::prepare("
+			REPLACE INTO
+				`" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
+			SET
+				`id` = :id,
+				`domainid` = :domainid,
+				`ssl_cert_file` = :crt,
+				`ssl_key_file` = :key,
+				`ssl_ca_file` = :ca,
+				`ssl_cert_chainfile` = :chain,
+				`ssl_csr_file` = :csr,
+				`ssl_fullchain_file` = :fullchain,
+				`expirationdate` = :expirationdate
+		");
+
+		// prepare domain update sql
+		self::$upddom_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `ssl_redirect` = '1' WHERE `id` = :domainid");
+
+		// check whether there are certificates to issue
+		$issue_froxlor = self::issueFroxlorVhost();
+		$issue_domains = self::issueDomains();
+
+		// first - generate LE for system-vhost if enabled
+		if ($issue_froxlor) {
+			// build row
+			$certrow = array(
+				'loginname' => 'froxlor.panel',
+				'domain' => Settings::Get('system.hostname'),
+				'domainid' => 0,
+				'documentroot' => \Froxlor\Froxlor::getInstallDir(),
+				'leprivatekey' => Settings::Get('system.leprivatekey'),
+				'lepublickey' => Settings::Get('system.lepublickey'),
+				'leregistered' => Settings::Get('system.leregistered'),
+				'ssl_redirect' => Settings::Get('system.le_froxlor_redirect'),
+				'expirationdate' => null,
+				'ssl_cert_file' => null,
+				'ssl_key_file' => null,
+				'ssl_ca_file' => null,
+				'ssl_csr_file' => null,
+				'id' => null
+			);
+
+			// add to queue
+			$issue_domains[] = $certrow;
+		}
+
+		if (count($issue_domains)) {
+			FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Requesting " . count($issue_domains) . " new Let's Encrypt certificates");
+			self::runIssueFor($issue_domains);
+			$changedetected = 1;
+		}
+
+		// compare file-system certificates with the ones in our database
+		// and update if needed
+		$renew_froxlor = self::renewFroxlorVhost();
+		$renew_domains = self::renewDomains();
+
+		if ($renew_froxlor) {
+			// build row
+			$certrow = array(
+				'loginname' => 'froxlor.panel',
+				'domain' => Settings::Get('system.hostname'),
+				'domainid' => 0,
+				'documentroot' => \Froxlor\Froxlor::getInstallDir(),
+				'leprivatekey' => Settings::Get('system.leprivatekey'),
+				'lepublickey' => Settings::Get('system.lepublickey'),
+				'leregistered' => Settings::Get('system.leregistered'),
+				'ssl_redirect' => Settings::Get('system.le_froxlor_redirect'),
+				'expirationdate' => is_array($renew_froxlor) ? $renew_froxlor['expirationdate'] : date('Y-m-d H:i:s', 0),
+				'ssl_cert_file' => is_array($renew_froxlor) ? $renew_froxlor['ssl_cert_file'] : null,
+				'ssl_key_file' => is_array($renew_froxlor) ? $renew_froxlor['ssl_key_file'] : null,
+				'ssl_ca_file' => is_array($renew_froxlor) ? $renew_froxlor['ssl_ca_file'] : null,
+				'ssl_csr_file' => is_array($renew_froxlor) ? $renew_froxlor['ssl_csr_file'] : null,
+				'id' => is_array($renew_froxlor) ? $renew_froxlor['id'] : null
+			);
+			$renew_domains[] = $certrow;
+		}
+
+		foreach ($renew_domains as $domain) {
+			$cronlog = FroxlorLogger::getInstanceOf(array(
+				'loginname' => $domain['loginname'],
+				'adminsession' => 0
+			));
+			if (defined('CRON_IS_FORCED') || self::checkFsFilesAreNewer($domain['domain'], $domain['expirationdate'])) {
+				self::certToDb($domain, $cronlog, array());
+				$changedetected = 1;
+			}
+		}
+
+		// If we have a change in a certificate, we need to update the webserver - configs
+		// This is easiest done by just creating a new task ;)
+		if ($changedetected) {
+			if (self::$no_inserttask == false) {
+				\Froxlor\System\Cronjob::inserttask(1);
+			}
+			FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Let's Encrypt certificates have been updated");
+		} else {
+			FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "No new certificates or certificate updates found");
+		}
+	}
+
+	/**
+	 * issue certificates for a list of domains
+	 */
+	private static function runIssueFor($certrows = array())
+	{
+		// prepare aliasdomain-check
+		$aliasdomains_stmt = Database::prepare("
+			SELECT
+				dom.`id` as domainid,
+				dom.`domain`,
+				dom.`wwwserveralias`
+			FROM `" . TABLE_PANEL_DOMAINS . "` AS dom
+			WHERE
+				dom.`aliasdomain` = :id
+				AND dom.`letsencrypt` = 1
+				AND dom.`iswildcarddomain` = 0
+		");
+		// iterate through all domains
+		foreach ($certrows as $certrow) {
+			// set logger to corresponding loginname for the log to appear in the users system-log
+			$cronlog = FroxlorLogger::getInstanceOf(array(
+				'loginname' => $certrow['loginname'],
+				'adminsession' => 0
+			));
+			// Only issue let's encrypt certificate if no broken ssl_redirect is enabled
+			if ($certrow['ssl_redirect'] != 2) {
+				$do_force = false;
+				if (! empty($certrow['ssl_cert_file']) && empty($certrow['expirationdate'])) {
+					// domain changed (SAN or similar)
+					$do_force = true;
+					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Re-creating certificate for " . $certrow['domain']);
+				} else {
+					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Creating certificate for " . $certrow['domain']);
+				}
+				$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding common-name: " . $certrow['domain']);
+				$domains = array(
+					strtolower($certrow['domain'])
+				);
+				// add www.<domain> to SAN list
+				if ($certrow['wwwserveralias'] == 1) {
+					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: www." . $certrow['domain']);
+					$domains[] = strtolower('www.' . $certrow['domain']);
+				}
+				if ($certrow['domainid'] == 0) {
+					$froxlor_aliases = Settings::Get('system.froxloraliases');
+					if (! empty($froxlor_aliases)) {
+						$froxlor_aliases = explode(",", $froxlor_aliases);
+						foreach ($froxlor_aliases as $falias) {
+							if (\Froxlor\Validate\Validate::validateDomain(trim($falias))) {
+								$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: " . strtolower(trim($falias)));
+								$domains[] = strtolower(trim($falias));
+							}
+						}
+					}
+				} else {
+					// add alias domains (and possibly www.<aliasdomain>) to SAN list
+					Database::pexecute($aliasdomains_stmt, array(
+						'id' => $certrow['domainid']
+					));
+					$aliasdomains = $aliasdomains_stmt->fetchAll(\PDO::FETCH_ASSOC);
+					foreach ($aliasdomains as $aliasdomain) {
+						$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: " . $aliasdomain['domain']);
+						$domains[] = strtolower($aliasdomain['domain']);
+						if ($aliasdomain['wwwserveralias'] == 1) {
+							$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: www." . $aliasdomain['domain']);
+							$domains[] = strtolower('www.' . $aliasdomain['domain']);
+						}
+					}
+				}
+
+				self::validateDns($domains, $certrow['domainid'], $cronlog);
+
+				self::runAcmeSh($certrow, $domains, $cronlog, $do_force);
+			} else {
+				$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, "Skipping Let's Encrypt generation for " . $certrow['domain'] . " due to an enabled ssl_redirect");
+			}
+		}
+	}
+
+	/**
+	 * validate dns (A / AAAA record) of domain against known system ips
+	 *
+	 * @param array $domains
+	 * @param int $domain_id
+	 * @param FroxlorLogger $cronlog
+	 */
+	private static function validateDns(&$domains = array(), $domain_id, &$cronlog)
+	{
+		if (Settings::Get('system.le_domain_dnscheck') == '1' && ! empty($domains)) {
+			$loop_domains = $domains;
+			// ips according to our system
+			$our_ips = Domain::getIpsOfDomain($domain_id);
+			foreach ($loop_domains as $idx => $domain) {
+				$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Validating DNS of " . $domain);
+				// ips accordint to NS
+				$domain_ips = PhpHelper::gethostbynamel6($domain);
+				if ($domain_ips == false || count(array_intersect($our_ips, $domain_ips)) <= 0) {
+					// no common ips...
+					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, "Skipping Let's Encrypt generation for " . $domain . " due to no system known IP address via DNS check");
+					unset($domains[$idx]);
+				}
+			}
+		}
+	}
+
+	private static function runAcmeSh($certrow = array(), $domains = array(), &$cronlog = null, $force = false)
+	{
+		if (! empty($domains)) {
+
+			$acmesh_cmd = self::$acmesh . " --server " . self::$apiserver . " --issue -d " . implode(" -d ", $domains);
+			// challenge path
+			$acmesh_cmd .= " -w " . Settings::Get('system.letsencryptchallengepath');
+			if (Settings::Get('system.leecc') > 0) {
+				// ecc certificate
+				$acmesh_cmd .= " --keylength ec-" . Settings::Get('system.leecc');
+			} else {
+				$acmesh_cmd .= " --keylength " . Settings::Get('system.letsencryptkeysize');
+			}
+			if (Settings::Get('system.letsencryptreuseold') != '1') {
+				$acmesh_cmd .= " --always-force-new-domain-key";
+			}
+			if (Settings::Get('system.letsencryptca') == 'testing') {
+				$acmesh_cmd .= " --staging";
+			}
+			if ($force) {
+				$acmesh_cmd .= " --force";
+			}
+			if (defined('CRON_DEBUG_FLAG')) {
+				$acmesh_cmd .= " --debug";
+			}
+
+			$acme_result = \Froxlor\FileDir::safe_exec($acmesh_cmd);
+			// debug output of acme.sh run
+			$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, implode("\n", $acme_result));
+
+			self::certToDb($certrow, $cronlog, $acme_result);
+		}
+	}
+
+	private static function certToDb($certrow, &$cronlog, $acme_result)
+	{
+		$return = array();
+		self::readCertificateToVar(strtolower($certrow['domain']), $return, $cronlog);
+
+		if (! empty($return['crt'])) {
+
+			$newcert = openssl_x509_parse($return['crt']);
+
+			if ($newcert) {
+				// Store the new data
+				Database::pexecute(self::$updcert_stmt, array(
+					'id' => $certrow['id'],
+					'domainid' => $certrow['domainid'],
+					'crt' => $return['crt'],
+					'key' => $return['key'],
+					'ca' => $return['chain'],
+					'chain' => $return['chain'],
+					'csr' => $return['csr'],
+					'fullchain' => $return['fullchain'],
+					'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t'])
+				));
+
+				if ($certrow['ssl_redirect'] == 3) {
+					Database::pexecute(self::$upddom_stmt, array(
+						'domainid' => $certrow['domainid']
+					));
+				}
+
+				$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Updated Let's Encrypt certificate for " . $certrow['domain']);
+			} else {
+				$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Got non-successful Let's Encrypt response for " . $certrow['domain'] . ":\n" . implode("\n", $acme_result));
+			}
+		} else {
+			$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not get Let's Encrypt certificate for " . $certrow['domain'] . ":\n" . implode("\n", $acme_result));
+		}
+	}
+
+	/**
+	 * check whether we need to issue a new certificate for froxlor itself
+	 *
+	 * @return boolean
+	 */
+	private static function issueFroxlorVhost()
+	{
+		if (Settings::Get('system.le_froxlor_enabled') == '1') {
+			// let's encrypt is enabled, now check whether we have a certificate
+			$froxlor_ssl_settings_stmt = Database::prepare("
+				SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
+				WHERE `domainid` = '0'
+			");
+			$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
+			// also check for possible existing certificate
+			if (! $froxlor_ssl && ! self::checkFsFilesAreNewer(Settings::Get('system.hostname'), date('Y-m-d H:i:s'))) {
+				return true;
+			}
+		}
+		return false;
+	}
+
+	/**
+	 * check whether we need to renew-check the certificate for froxlor itself
+	 *
+	 * @return boolean
+	 */
+	private static function renewFroxlorVhost()
+	{
+		if (Settings::Get('system.le_froxlor_enabled') == '1') {
+			// let's encrypt is enabled, now check whether we have a certificate
+			$froxlor_ssl_settings_stmt = Database::prepare("
+				SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
+				WHERE `domainid` = '0'
+			");
+			$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
+			// also check for possible existing certificate
+			if ($froxlor_ssl && self::checkFsFilesAreNewer(Settings::Get('system.hostname'), $froxlor_ssl['expirationdate'])) {
+				return $froxlor_ssl;
+			}
+		}
+		return false;
+	}
+
+	/**
+	 * get a list of domains that have a lets encrypt certificate (possible renew)
+	 */
+	private static function renewDomains($check = false)
+	{
+		$certificates_stmt = Database::query("
+			SELECT
+				domssl.`id`,
+				domssl.`domainid`,
+				domssl.`expirationdate`,
+				domssl.`ssl_cert_file`,
+				domssl.`ssl_key_file`,
+				dom.`domain`,
+				dom.`id` AS 'domainid',
+				dom.`ssl_redirect`,
+				cust.`loginname`
+			FROM
+				`" . TABLE_PANEL_CUSTOMERS . "` AS cust,
+				`" . TABLE_PANEL_DOMAINS . "` AS dom
+			LEFT JOIN
+				`" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` AS domssl ON
+					dom.`id` = domssl.`domainid`
+			WHERE
+				dom.`customerid` = cust.`customerid`
+				AND cust.deactivated = 0
+				AND dom.`letsencrypt` = 1
+				AND dom.`aliasdomain` IS NULL
+				AND dom.`iswildcarddomain` = 0
+		");
+		$renew_certs = $certificates_stmt->fetchAll(\PDO::FETCH_ASSOC);
+		if ($renew_certs) {
+			if ($check) {
+				foreach ($renew_certs as $cert) {
+					if (self::checkFsFilesAreNewer($cert['domain'], $cert['expirationdate'])) {
+						return true;
+					}
+				}
+				return false;
+			}
+			return $renew_certs;
+		}
+		return array();
+	}
+
+	/**
+	 * get a list of domains that require a new certificate (issue)
+	 */
+	private static function issueDomains()
 	{
 		$certificates_stmt = Database::query("
 			SELECT
@@ -78,319 +486,70 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
 				AND dom.`letsencrypt` = 1
 				AND dom.`aliasdomain` IS NULL
 				AND dom.`iswildcarddomain` = 0
-				AND (
-					domssl.`expirationdate` < DATE_ADD(NOW(), INTERVAL 30 DAY)
-					OR domssl.`expirationdate` IS NULL
-				)
+				AND domssl.`expirationdate` IS NULL
 		");
 		$customer_ssl = $certificates_stmt->fetchAll(\PDO::FETCH_ASSOC);
-		if (!$customer_ssl) {
-			$customer_ssl = array();
+		if ($customer_ssl) {
+			return $customer_ssl;
 		}
+		return array();
+	}

-		$froxlor_ssl = array();
-		if (Settings::Get('system.le_froxlor_enabled') == '1') {
-			$froxlor_ssl_settings_stmt = Database::prepare("
-				SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
-				WHERE `domainid` = '0' AND
-				(`expirationdate` < DATE_ADD(NOW(), INTERVAL 30 DAY) OR `expirationdate` IS NULL)
-			");
-			$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
-			if (!$froxlor_ssl) {
-				$froxlor_ssl = array();
+	private static function checkFsFilesAreNewer($domain, $cert_date = 0)
+	{
+		$certificate_folder = self::getWorkingDirFromEnv($domain);
+		$ssl_file = \Froxlor\FileDir::makeCorrectFile($certificate_folder . '/' . $domain . '.cer');
+
+		if (is_dir($certificate_folder) && file_exists($ssl_file) && is_readable($ssl_file)) {
+			$cert_data = openssl_x509_parse(file_get_contents($ssl_file));
+			if ($cert_data && $cert_data['validTo_time_t'] > strtotime($cert_date)) {
+				return true;
 			}
 		}
-
-		if (count($customer_ssl) > 0 || count($froxlor_ssl) > 0) {
-			return array(
-				'customer_ssl' => $customer_ssl,
-				'froxlor_ssl' => $froxlor_ssl
-			);
-		}
 		return false;
 	}

-	public static function run($internal = false)
+	public static function getWorkingDirFromEnv($domain = "", $forced_noecc = false)
 	{
-		if (! defined('CRON_IS_FORCED') && ! defined('CRON_DEBUG_FLAG') && $internal == false) {
-			// Let's Encrypt cronjob is combined with regeneration of webserver configuration files.
-			// For debugging purposes you can use the --debug switch and the --force switch to run the cron manually.
-			// check whether we MIGHT need to run although there is no task to regenerate config-files
-			$needRenew = self::needRenew();
-			if ($needRenew) {
-				// insert task to generate certificates and vhost-configs
-				\Froxlor\System\Cronjob::inserttask(1);
-			}
-			return 0;
+		if (Settings::Get('system.leecc') > 0 && ! $forced_noecc) {
+			$domain .= "_ecc";
 		}
-
-		self::checkInstall();
-
-		self::$apiserver = 'https://acme-v0' . \Froxlor\Settings::Get('system.leapiversion') . '.api.letsencrypt.org/directory';
-
-		FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Requesting/renewing Let's Encrypt certificates");
-
-		$aliasdomains_stmt = Database::prepare("
-			SELECT
-				dom.`id` as domainid,
-				dom.`domain`,
-				dom.`wwwserveralias`
-			FROM `" . TABLE_PANEL_DOMAINS . "` AS dom
-			WHERE
-				dom.`aliasdomain` = :id
-				AND dom.`letsencrypt` = 1
-				AND dom.`iswildcarddomain` = 0
-		");
-
-		self::$updcert_stmt = Database::prepare("
-			REPLACE INTO
-				`" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
-			SET
-				`id` = :id,
-				`domainid` = :domainid,
-				`ssl_cert_file` = :crt,
-				`ssl_key_file` = :key,
-				`ssl_ca_file` = :ca,
-				`ssl_cert_chainfile` = :chain,
-				`ssl_csr_file` = :csr,
-				`ssl_fullchain_file` = :fullchain,
-				`expirationdate` = :expirationdate
-		");
-
-		self::$upddom_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `ssl_redirect` = '1' WHERE `id` = :domainid");
-
-		// flag for re-generation of vhost files
-		$changedetected = 0;
-
-		$needRenew = self::needRenew();
-
-		// first - generate LE for system-vhost if enabled
-		if (Settings::Get('system.le_froxlor_enabled') == '1') {
-
-			$certrow = array(
-				'loginname' => 'froxlor.panel',
-				'domain' => Settings::Get('system.hostname'),
-				'domainid' => 0,
-				'documentroot' => \Froxlor\Froxlor::getInstallDir(),
-				'leprivatekey' => Settings::Get('system.leprivatekey'),
-				'lepublickey' => Settings::Get('system.lepublickey'),
-				'leregistered' => Settings::Get('system.leregistered'),
-				'ssl_redirect' => Settings::Get('system.le_froxlor_redirect'),
-				'expirationdate' => null,
-				'ssl_cert_file' => null,
-				'ssl_key_file' => null,
-				'ssl_ca_file' => null,
-				'ssl_csr_file' => null,
-				'id' => null
-			);
-
-			$froxlor_ssl = $needRenew ? $needRenew['froxlor_ssl'] : array();
-
-			$cert_mode = 'issue';
-			if (count($froxlor_ssl) > 0) {
-				$cert_mode = 'renew';
-				$certrow['id'] = $froxlor_ssl['id'];
-				$certrow['expirationdate'] = $froxlor_ssl['expirationdate'];
-				$certrow['ssl_cert_file'] = $froxlor_ssl['ssl_cert_file'];
-				$certrow['ssl_key_file'] = $froxlor_ssl['ssl_key_file'];
-				$certrow['ssl_ca_file'] = $froxlor_ssl['ssl_ca_file'];
-				$certrow['ssl_csr_file'] = $froxlor_ssl['ssl_csr_file'];
-			} else {
-				// check whether we have an entry with valid certificates which just does not need
-				// updating yet, so we need to skip this here
-				$froxlor_ssl_settings_stmt = Database::prepare("
-					SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = '0'
-				");
-				$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
-				if ($froxlor_ssl && ! empty($froxlor_ssl['ssl_cert_file'])) {
-					$cert_mode = false;
-				}
-			}
-
-			if ($cert_mode) {
-				$domains = array(
-					strtolower($certrow['domain'])
-				);
-
-				$froxlor_aliases = Settings::Get('system.froxloraliases');
-				if (! empty($froxlor_aliases)) {
-					$froxlor_aliases = explode(",", $froxlor_aliases);
-					foreach ($froxlor_aliases as $falias) {
-						if (\Froxlor\Validate\Validate::validateDomain(trim($falias))) {
-							$domains[] = strtolower(trim($falias));
-						}
-					}
-				}
-
-				// Only renew let's encrypt certificate if no broken ssl_redirect is enabled
-				// - this temp. deactivation of the ssl-redirect is handled by the webserver-cronjob
-				$do_force = false;
-				if ($cert_mode == 'renew') {
-					FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Updating certificate for " . $certrow['domain']);
-				} else {
-					$do_force = true;
-					FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Creating certificate for " . $certrow['domain']);
-				}
-
-				$cronlog = FroxlorLogger::getInstanceOf(array(
-					'loginname' => $certrow['loginname'],
-					'adminsession' => 0
-				));
-
-				self::runAcmeSh($certrow, $domains, $cert_mode, $cronlog, $changedetected, $do_force);
+		$env_file = FileDir::makeCorrectFile(dirname(self::$acmesh) . '/acme.sh.env');
+		if (file_exists($env_file)) {
+			$output = [];
+			$cut = <<<EOC
+cut -d'"' -f2
+EOC;
+			exec('grep "LE_WORKING_DIR" ' . escapeshellarg($env_file) . ' | ' . $cut, $output);
+			if (is_array($output) && ! empty($output) && isset($output[0]) && ! empty($output[0])) {
+				return FileDir::makeCorrectDir($output[0] . "/" . $domain);
 			}
 		}
-
-		// customer domains
-		$certrows = $needRenew ? $needRenew['customer_ssl'] : array();
-		foreach ($certrows as $certrow) {
-
-			// initialize mode to 'issue'
-			$cert_mode = 'issue';
-
-			// set logger to corresponding loginname for the log to appear in the users system-log
-			$cronlog = FroxlorLogger::getInstanceOf(array(
-				'loginname' => $certrow['loginname'],
-				'adminsession' => 0
-			));
-
-			// Only renew let's encrypt certificate if no broken ssl_redirect is enabled
-			if ($certrow['ssl_redirect'] != 2) {
-
-				$do_force = false;
-				if (! empty($certrow['ssl_cert_file']) && ! empty($certrow['expirationdate'])) {
-					$cert_mode = 'renew';
-					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Updating certificate for " . $certrow['domain']);
-				} else if (! empty($certrow['ssl_cert_file']) && empty($certrow['expirationdate'])) {
-					// domain changed (SAN or similar)
-					$do_force = true;
-					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Re-creating certificate for " . $certrow['domain']);
-				} else {
-					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Creating certificate for " . $certrow['domain']);
-				}
-
-				$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: " . $certrow['domain']);
-				$domains = array(
-					strtolower($certrow['domain'])
-				);
-				// add www.<domain> to SAN list
-				if ($certrow['wwwserveralias'] == 1) {
-					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: www." . $certrow['domain']);
-					$domains[] = strtolower('www.' . $certrow['domain']);
-				}
-
-				// add alias domains (and possibly www.<aliasdomain>) to SAN list
-				Database::pexecute($aliasdomains_stmt, array(
-					'id' => $certrow['domainid']
-				));
-				$aliasdomains = $aliasdomains_stmt->fetchAll(\PDO::FETCH_ASSOC);
-				foreach ($aliasdomains as $aliasdomain) {
-					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: " . $aliasdomain['domain']);
-					$domains[] = strtolower($aliasdomain['domain']);
-					if ($aliasdomain['wwwserveralias'] == 1) {
-						$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Adding SAN entry: www." . $aliasdomain['domain']);
-						$domains[] = strtolower('www.' . $aliasdomain['domain']);
-					}
-				}
-
-				self::runAcmeSh($certrow, $domains, $cert_mode, $cronlog, $changedetected, $do_force);
-			} else {
-				$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, "Skipping Let's Encrypt generation for " . $certrow['domain'] . " due to an enabled ssl_redirect");
-			}
-		}
-
-		// If we have a change in a certificate, we need to update the webserver - configs
-		// This is easiest done by just creating a new task ;)
-		if ($changedetected) {
-			if (self::$no_inserttask == false) {
-				\Froxlor\System\Cronjob::inserttask(1);
-			}
-			FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Let's Encrypt certificates have been updated");
-		} else {
-			FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "No new certificates or certificates due for renewal found");
-		}
+		return FileDir::makeCorrectDir(dirname(self::$acmesh) . "/" . $domain);
 	}

-	private static function runAcmeSh($certrow = array(), $domains = array(), $cert_mode = 'issue', &$cronlog = null, &$changedetected = 0, $force = false)
+	public static function getAcmeSh()
 	{
-		if (! empty($domains)) {
-
-			if (self::$do_update) {
-				self::checkUpgrade();
-				self::$do_update = false;
-			}
-
-			$acmesh_cmd = self::$acmesh . " --auto-upgrade 0 --server " . self::$apiserver . " --" . $cert_mode . " -d " . implode(" -d ", $domains);
-
-			if ($cert_mode == 'issue') {
-				$acmesh_cmd .= " -w " . Settings::Get('system.letsencryptchallengepath');
-			}
-			if (Settings::Get('system.leecc') > 0) {
-				$acmesh_cmd .= " --keylength ec-" . Settings::Get('system.leecc');
-			} else {
-				$acmesh_cmd .= " --keylength " . Settings::Get('system.letsencryptkeysize');
-			}
-			if (Settings::Get('system.letsencryptreuseold') != '1') {
-				$acmesh_cmd .= " --always-force-new-domain-key";
-			}
-			if (Settings::Get('system.letsencryptca') == 'testing') {
-				$acmesh_cmd .= " --staging";
-			}
-			if ($force) {
-				$acmesh_cmd .= " --force";
-			}
-
-			$acme_result = \Froxlor\FileDir::safe_exec($acmesh_cmd);
-			// debug output of acme.sh run
-			$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, implode("\n", $acme_result));
-
-			$return = array();
-			self::readCertificateToVar($certrow['domain'], $return);
-
-			if (! empty($return['crt'])) {
-
-				$newcert = openssl_x509_parse($return['crt']);
-
-				if ($newcert) {
-					// Store the new data
-					Database::pexecute(self::$updcert_stmt, array(
-						'id' => $certrow['id'],
-						'domainid' => $certrow['domainid'],
-						'crt' => $return['crt'],
-						'key' => $return['key'],
-						'ca' => $return['chain'],
-						'chain' => $return['chain'],
-						'csr' => $return['csr'],
-						'fullchain' => $return['fullchain'],
-						'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t'])
-					));
-
-					if ($certrow['ssl_redirect'] == 3) {
-						Database::pexecute(self::$upddom_stmt, array(
-							'domainid' => $certrow['domainid']
-						));
-					}
-
-					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Updated Let's Encrypt certificate for " . $certrow['domain']);
-					$changedetected = 1;
-				} else {
-					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Got non-successful Let's Encrypt response for " . $certrow['domain'] . ":\n" . implode("\n", $acme_result));
-				}
-			} else {
-				$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not get Let's Encrypt certificate for " . $certrow['domain'] . ":\n" . implode("\n", $acme_result));
-			}
-		}
+		return self::$acmesh;
 	}

-	private static function readCertificateToVar($domain, &$return)
+	/**
+	 * get certificate files from filesystem and store in $return array
+	 *
+	 * @param string $domain
+	 * @param array $return
+	 * @param object $cronlog
+	 */
+	private static function readCertificateToVar($domain, &$return, &$cronlog)
 	{
-		$certificate_folder = dirname(self::$acmesh) . "/" . $domain;
+		$certificate_folder = self::getWorkingDirFromEnv($domain);
+		$certificate_folder_noecc = null;
 		if (Settings::Get('system.leecc') > 0) {
-			$certificate_folder .= "_ecc";
+			$certificate_folder_noecc = self::getWorkingDirFromEnv($domain, true);
 		}
 		$certificate_folder = \Froxlor\FileDir::makeCorrectDir($certificate_folder);

-		if (is_dir($certificate_folder)) {
+		if (is_dir($certificate_folder) || is_dir($certificate_folder_noecc)) {
 			foreach ([
 				'crt' => $domain . '.cer',
 				'key' => $domain . '.key',
@@ -402,28 +561,52 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
 				if (file_exists($ssl_file)) {
 					$return[$index] = file_get_contents($ssl_file);
 				} else {
+					if (! empty($certificate_folder_noecc)) {
+						$ssl_file_fb = \Froxlor\FileDir::makeCorrectFile($certificate_folder_noecc . '/' . $sslfile);
+						if (file_exists($ssl_file_fb)) {
+							$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, "ECC certificates activated but found only non-ecc file");
+							$return[$index] = file_get_contents($ssl_file_fb);
+							continue;
+						}
+					}
+					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not find file '" . $sslfile . "' in '" . $certificate_folder . "'");
 					$return[$index] = null;
 				}
 			}
+		} else {
+			$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not find certificate-folder '" . $certificate_folder . "'");
 		}
 	}

-	private static function checkInstall()
+	/**
+	 * install acme.sh if not found yet
+	 */
+	private static function checkInstall($tries = 0)
 	{
-		if (! file_exists(self::$acmesh)) {
+		if (! file_exists(self::$acmesh) && $tries > 0) {
+			FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Download/installation of acme.sh seems to have failed. Re-run cronjob to try again or install manually to '" . self::$acmesh . "'");
+			echo PHP_EOL . "Download/installation of acme.sh seems to have failed. Re-run cronjob to try again or install manually to '" . self::$acmesh . "'" . PHP_EOL;
+			return false;
+		} else if (! file_exists(self::$acmesh)) {
 			FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Could not find acme.sh - installing it to /root/.acme.sh/");
 			$return = false;
 			\Froxlor\FileDir::safe_exec("wget -O - https://get.acme.sh | sh", $return, array(
 				'|'
 			));
+			// check whether the installation worked
+			return self::checkInstall(++ $tries);
 		}
+		return true;
 	}

+	/**
+	 * run upgrade
+	 */
 	private static function checkUpgrade()
 	{
-		$acmesh_result = \Froxlor\FileDir::safe_exec(self::$acmesh . " --upgrade");
-		// check for activated cron (which is installed automatically) but we don't need it
-		$acmesh_result2 = \Froxlor\FileDir::safe_exec(self::$acmesh . " --uninstall-cronjob");
+		$acmesh_result = \Froxlor\FileDir::safe_exec(self::$acmesh . " --upgrade --auto-upgrade 0");
+		// check for activated cron
+		$acmesh_result2 = \Froxlor\FileDir::safe_exec(self::$acmesh . " --install-cronjob");
 		FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Checking for LetsEncrypt client upgrades before renewing certificates:\n" . implode("\n", $acmesh_result) . "\n" . implode("\n", $acmesh_result2));
 	}
 }
--- a/lib/Froxlor/Cron/Http/Lighttpd.php
+++ b/lib/Froxlor/Cron/Http/Lighttpd.php
@@ -188,7 +188,8 @@ class Lighttpd extends HttpConfigBase
 					$this->lighttpd_data[$vhost_filename] .= $this->processSpecialConfigTemplate($row_ipsandports['ssl_specialsettings'], $domain, $row_ipsandports['ip'], $row_ipsandports['port'], $row_ipsandports['ssl'] == '1') . "\n";
 				}

-				if ($row_ipsandports['ssl_cert_file'] == '') {
+				// check for required fallback
+				if (($row_ipsandports['ssl_cert_file'] == '' || ! file_exists($row_ipsandports['ssl_cert_file'])) && (Settings::Get('system.le_froxlor_enabled') == '0' || $this->froxlorVhostHasLetsEncryptCert() == false)) {
 					$row_ipsandports['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
 					if (! file_exists($row_ipsandports['ssl_cert_file'])) {
 						// explicitly disable ssl for this vhost
@@ -432,7 +433,7 @@ class Lighttpd extends HttpConfigBase

 	protected function getVhostContent($domain, $ssl_vhost = false, $ipid = 0)
 	{
-		if ($ssl_vhost === true && $domain['ssl'] != '1' && $domain['ssl_redirect'] != '1') {
+		if ($ssl_vhost === true && $domain['ssl'] != '1' && $domain['ssl_enabled'] != '1'  && $domain['ssl_redirect'] != '1') {
 			return '';
 		}

@@ -555,7 +556,7 @@ class Lighttpd extends HttpConfigBase
 		$ssl_settings = '';

 		if ($ssl_vhost === true && $domain['ssl'] == '1' && (int) Settings::Get('system.use_ssl') == 1) {
-			if ($domain['ssl_cert_file'] == '') {
+			if ($domain['ssl_cert_file'] == '' || ! file_exists($domain['ssl_cert_file'])) {
 				$domain['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
 				if (! file_exists($domain['ssl_cert_file'])) {
 					// explicitly disable ssl for this vhost
@@ -586,7 +587,7 @@ class Lighttpd extends HttpConfigBase
 				$ssl_settings .= 'ssl.use-sslv2 = "disable"' . "\n";
 				$ssl_settings .= 'ssl.use-sslv3 = "disable"' . "\n";
 				$ssl_settings .= 'ssl.cipher-list = "' . $ssl_cipher_list . '"' . "\n";
-				$ssl_settings .= 'ssl.honor-cipher-order = "enable"' . "\n";
+				$ssl_settings .= 'ssl.honor-cipher-order = ' . ($domain['ssl_honorcipherorder'] == '1' ? '"enable"' : '"disable"') . "\n";
 				$ssl_settings .= 'ssl.pemfile = "' . \Froxlor\FileDir::makeCorrectFile($domain['ssl_cert_file']) . '"' . "\n";

 				if ($domain['ssl_ca_file'] != '') {
--- a/lib/Froxlor/Cron/Http/Nginx.php
+++ b/lib/Froxlor/Cron/Http/Nginx.php
@@ -71,7 +71,7 @@ class Nginx extends HttpConfigBase
 			}

 			$logtype = 'frx_custom';
-			$this->nginx_data[$vhosts_filename] = 'log_format ' . $logtype . ' "' . Settings::Get('system.logfiles_format') . '";' . "\n";
+			$this->nginx_data[$vhosts_filename] = 'log_format ' . $logtype . ' ' . Settings::Get('system.logfiles_format') . ';' . "\n";
 		}
 	}

@@ -155,7 +155,8 @@ class Nginx extends HttpConfigBase
 				// we know whether it's an ssl vhost or not
 				$ssl_vhost = false;
 				if ($row_ipsandports['ssl'] == '1') {
-					if ($row_ipsandports['ssl_cert_file'] == '') {
+					// check for required fallback
+					if (($row_ipsandports['ssl_cert_file'] == '' || ! file_exists($row_ipsandports['ssl_cert_file'])) && (Settings::Get('system.le_froxlor_enabled') == '0' || $this->froxlorVhostHasLetsEncryptCert() == false)) {
 						$row_ipsandports['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
 						if (! file_exists($row_ipsandports['ssl_cert_file'])) {
 							// explicitly disable ssl for this vhost
@@ -226,7 +227,12 @@ class Nginx extends HttpConfigBase
 					$aliases = " " . trim($aliases);
 				}
 				$this->nginx_data[$vhost_filename] .= "\t" . 'server_name    ' . Settings::Get('system.hostname') . $aliases . ';' . "\n";
-				$this->nginx_data[$vhost_filename] .= "\t" . 'access_log      /var/log/nginx/access.log;' . "\n";
+
+				$logtype = 'combined';
+				if (Settings::Get('system.logfiles_format') != '') {
+					$logtype = 'frx_custom';
+				}
+				$this->nginx_data[$vhost_filename] .= "\t" . 'access_log     /var/log/nginx/access.log ' . $logtype . ';' . "\n";

 				if (Settings::Get('system.use_ssl') == '1' && Settings::Get('system.leenabled') == '1' && Settings::Get('system.le_froxlor_enabled') == '1') {
 					$acmeConfFilename = Settings::Get('system.letsencryptacmeconf');
@@ -272,6 +278,8 @@ class Nginx extends HttpConfigBase
 				 */
 				if ($row_ipsandports['ssl'] == '1') {
 					$row_ipsandports['domain'] = Settings::Get('system.hostname');
+					$row_ipsandports['ssl_honorcipherorder'] = Settings::Get('system.honorcipherorder');
+					$row_ipsandports['ssl_sessiontickets'] = Settings::Get('system.sessiontickets');
 					$this->nginx_data[$vhost_filename] .= $this->composeSslSettings($row_ipsandports);
 					if ($row_ipsandports['ssl_specialsettings'] != '') {
 						$this->nginx_data[$vhost_filename] .= $this->processSpecialConfigTemplate($row_ipsandports['ssl_specialsettings'], array(
@@ -537,7 +545,7 @@ class Nginx extends HttpConfigBase
 				}

 				if ($domain['ssl_specialsettings'] != '' && $ssl_vhost == true) {
-					$vhost_content .= $this->processSpecialConfigTemplate($domain['ssl_specialsettings'], $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
+					$vhost_content = $this->mergeVhostCustom($vhost_content, $this->processSpecialConfigTemplate($domain['ssl_specialsettings'], $domain, $domain['ip'], $domain['port'], $ssl_vhost));
 				}

 				if ($_vhost_content != '') {
@@ -549,7 +557,7 @@ class Nginx extends HttpConfigBase
 				}

 				if (Settings::Get('system.default_sslvhostconf') != '' && $ssl_vhost == true) {
-					$vhost_content .= $this->processSpecialConfigTemplate(Settings::Get('system.default_sslvhostconf'), $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
+					$vhost_content = $this->mergeVhostCustom($vhost_content, $this->processSpecialConfigTemplate(Settings::Get('system.default_sslvhostconf'), $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n");
 				}
 			}
 		}
@@ -562,6 +570,8 @@ class Nginx extends HttpConfigBase
 	{
 		// Remove windows linebreaks
 		$vhost = str_replace("\r", "\n", $vhost);
+		// remove comments
+		$vhost = implode("\n", preg_replace('/^(\s+)?#(.*)$/', '', explode("\n", $vhost)));
 		// Break blocks into lines
 		$vhost = str_replace(array(
 			"{",
@@ -650,7 +660,7 @@ class Nginx extends HttpConfigBase
 	{
 		$sslsettings = '';

-		if ($domain_or_ip['ssl_cert_file'] == '') {
+		if ($domain_or_ip['ssl_cert_file'] == '' || ! file_exists($domain_or_ip['ssl_cert_file'])) {
 			$domain_or_ip['ssl_cert_file'] = Settings::Get('system.ssl_cert_file');
 			if (! file_exists($domain_or_ip['ssl_cert_file'])) {
 				// explicitly disable ssl for this vhost
@@ -691,14 +701,17 @@ class Nginx extends HttpConfigBase
 					if (! file_exists($dhparams)) {
 						\Froxlor\FileDir::safe_exec('openssl dhparam -out ' . escapeshellarg($dhparams) . ' 4096');
 					}
-					$sslsettings .= 'ssl_dhparam ' . $dhparams . ';' . "\n";
+					$sslsettings .= "\t" . 'ssl_dhparam ' . $dhparams . ';' . "\n";
 				}
 				// When <1.11.0: Defaults to prime256v1, similar to first curve recommendation by Mozilla.
 				// (When specifyng just one, there's no fallback when specific curve is not supported by client.)
 				// When >1.11.0: Defaults to auto, using recommended curves provided by OpenSSL.
 				// see https://github.com/Froxlor/Froxlor/issues/652
 				// $sslsettings .= "\t" . 'ssl_ecdh_curve secp384r1;' . "\n";
-				$sslsettings .= "\t" . 'ssl_prefer_server_ciphers on;' . "\n";
+				$sslsettings .= "\t" . 'ssl_prefer_server_ciphers ' .  (isset($domain_or_ip['ssl_honorcipherorder']) && $domain_or_ip['ssl_honorcipherorder'] == '1' ? 'on' : 'off') . ';' . "\n";
+				if (Settings::Get('system.sessionticketsenabled') == '1') {
+					$sslsettings .= "\t" . 'ssl_session_tickets ' .  (isset($domain_or_ip['ssl_sessiontickets']) && $domain_or_ip['ssl_sessiontickets'] == '1' ? 'on' : 'off') . ';' . "\n";
+				}
 				$sslsettings .= "\t" . 'ssl_session_cache shared:SSL:10m;' . "\n";
 				$sslsettings .= "\t" . 'ssl_certificate ' . \Froxlor\FileDir::makeCorrectFile($domain_or_ip['ssl_cert_file']) . ';' . "\n";

--- a/lib/Froxlor/Cron/Http/Php/Fpm.php
+++ b/lib/Froxlor/Cron/Http/Php/Fpm.php
@@ -115,6 +115,7 @@ class Fpm
 			$fpm_requests = (int) $this->fpm_cfg['max_requests'];
 			$fpm_process_idle_timeout = (int) $this->fpm_cfg['idle_timeout'];
 			$fpm_limit_extensions = $this->fpm_cfg['limit_extensions'];
+			$fpm_custom_config = $this->fpm_cfg['custom_config'];

 			if ($fpm_children == 0) {
 				$fpm_children = 1;
@@ -260,6 +261,12 @@ class Fpm
 				$fpm_config .= 'php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f ' . $this->domain['email'] . "\n";
 			}

+			// append custom phpfpm configuration
+			if (! empty($fpm_custom_config)) {
+				$fpm_config .= "\n; Custom Configuration\n";
+				$fpm_config .= \Froxlor\PhpHelper::replaceVariables($fpm_custom_config, $php_ini_variables);
+			}
+
 			fwrite($fh, $fpm_config, strlen($fpm_config));
 			fclose($fh);
 		}
--- a/lib/Froxlor/Cron/Http/Php/PhpInterface.php
+++ b/lib/Froxlor/Cron/Http/Php/PhpInterface.php
@@ -108,6 +108,11 @@ class PhpInterface
 				$this->_php_configs_cache[$php_config_id]['fpm_settings'] = Database::pexecute_first($stmt, array(
 					'id' => $this->_php_configs_cache[$php_config_id]['fpmsettingid']
 				));
+				// override fpm daemon settings if set in php-config
+				if ($this->_php_configs_cache[$php_config_id]['override_fpmconfig'] == 1) {
+					$this->_php_configs_cache[$php_config_id]['fpm_settings']['limit_extensions'] = $this->_php_configs_cache[$php_config_id]['limit_extensions'];
+					$this->_php_configs_cache[$php_config_id]['fpm_settings']['idle_timeout'] = $this->_php_configs_cache[$php_config_id]['idle_timeout'];
+				}
 			}
 		}

--- a/lib/Froxlor/Cron/System/BackupCron.php
+++ b/lib/Froxlor/Cron/System/BackupCron.php
@@ -77,6 +77,7 @@ class BackupCron extends \Froxlor\Cron\FroxlorCron

 		$del_stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE `id` = :id");

+		$cronlog = FroxlorLogger::getInstanceOf();
 		$all_jobs = $result_tasks_stmt->fetchAll();
 		foreach ($all_jobs as $row) {

@@ -96,7 +97,7 @@ class BackupCron extends \Froxlor\Cron\FroxlorCron
 						\Froxlor\FileDir::safe_exec('mkdir -p ' . escapeshellarg($row['data']['destdir']));
 					}

-					self::createCustomerBackup($row['data'], $customerdocroot, FroxlorLogger::getInstanceOf());
+					self::createCustomerBackup($row['data'], $customerdocroot, $cronlog);
 				}
 			}

--- a/lib/Froxlor/Cron/System/Extrausers.php
+++ b/lib/Froxlor/Cron/System/Extrausers.php
@@ -67,7 +67,7 @@ class Extrausers
 						'name' => \Froxlor\Customer\Customer::getCustomerDetail($u['customerid'], 'name'),
 						'company' => \Froxlor\Customer\Customer::getCustomerDetail($u['customerid'], 'company')
 					);
-					$u['comment'] = \Froxlor\User::getCorrectUserSalutation($salutation_array);
+					$u['comment'] = self::cleanString(\Froxlor\User::getCorrectUserSalutation($salutation_array));
 					if ($u['login_enabled'] != 'Y') {
 						$u['password'] = '*';
 						$u['shell'] = '/bin/false';
@@ -90,4 +90,10 @@ class Extrausers
 			$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_NOTICE, 'Error when writing ' . $type . ' file entries');
 		}
 	}
+
+	private static function cleanString($string = null)
+	{
+		$allowed = "/[^a-z0-9\\.\\-\\_\\ ]/i";
+		return preg_replace($allowed, "", $string);
+	}
 }
--- a/lib/Froxlor/Cron/Traffic/ReportsCron.php
+++ b/lib/Froxlor/Cron/Traffic/ReportsCron.php
@@ -36,7 +36,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 		if ((int) Settings::Get('system.report_trafficmax') > 0) {
 			// Warn the customers at xx% traffic-usage
 			$result_stmt = Database::prepare("
-				SELECT `c`.`customerid`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
+				SELECT `c`.`customerid`, `c`.`customernumber`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
 				`c`.`company`, `c`.`traffic`, `c`.`email`, `c`.`def_language`,
 				`a`.`name` AS `adminname`, `a`.`email` AS `adminmail`,
 				(SELECT SUM(`t`.`http` + `t`.`ftp_up` + `t`.`ftp_down` + `t`.`mail`)
@@ -55,16 +55,19 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 			Database::pexecute($result_stmt, $result_data);

 			while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
-
 				if (isset($row['traffic']) && $row['traffic'] > 0 && $row['traffic_used'] != null && (($row['traffic_used'] * 100) / $row['traffic']) >= (int) Settings::Get('system.report_trafficmax')) {
 					$rep_userinfo = array(
 						'name' => $row['name'],
 						'firstname' => $row['firstname'],
-						'company' => $row['company']
+						'company' => $row['company'],
+						'customernumber' => $row['customernumber']
 					);
 					$replace_arr = array(
 						'SALUTATION' => \Froxlor\User::getCorrectUserSalutation($rep_userinfo),
-						'NAME' => $row['name'], // < keep this for compatibility
+						'NAME' => $rep_userinfo['name'],
+						'FIRSTNAME' => $rep_userinfo['firstname'],
+						'COMPANY' => $rep_userinfo['company'],
+						'CUSTOMER_NO' => $rep_userinfo['customernumber'],
 						'TRAFFIC' => round(($row['traffic'] / 1024), 2), /* traffic is stored in KB, template uses MB */
 						'TRAFFICUSED' => round(($row['traffic_used'] / 1024), 2), /* traffic is stored in KB, template uses MB */
 						'USAGE_PERCENT' => round(($row['traffic_used'] * 100) / $row['traffic'], 2),
@@ -89,9 +92,11 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 					}

 					// include english language file (fallback)
-					include_once \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/lng/english.lng.php');
+					include \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/lng/english.lng.php');
 					// include admin/customer language file
-					include_once \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/' . $langfile);
+					if ($lngfile != 'lng/english.lng.php') {
+						include \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/' . $langfile);
+					}

 					// Get mail templates from database; the ones from 'admin' are fetched for fallback
 					$result2_stmt = Database::prepare("
@@ -142,6 +147,8 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 					Database::pexecute($upd_stmt, array(
 						'customerid' => $row['customerid']
 					));
+
+					unset($lng);
 				}
 			}

@@ -168,8 +175,8 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 					$replace_arr = array(
 						'NAME' => $row['name'],
 						'TRAFFIC' => round(($row['traffic'] / 1024), 2), /* traffic is stored in KB, template uses MB */
-							'TRAFFICUSED' => round(($row['traffic_used_total'] / 1024), 2), /* traffic is stored in KB, template uses MB */
-							'USAGE_PERCENT' => round(($row['traffic_used_total'] * 100) / $row['traffic'], 2),
+						'TRAFFICUSED' => round(($row['traffic_used_total'] / 1024), 2), /* traffic is stored in KB, template uses MB */
+						'USAGE_PERCENT' => round(($row['traffic_used_total'] * 100) / $row['traffic'], 2),
 						'MAX_PERCENT' => Settings::Get('system.report_trafficmax')
 					);

@@ -191,9 +198,11 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 					}

 					// include english language file (fallback)
-					include_once \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/lng/english.lng.php');
+					include \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/lng/english.lng.php');
 					// include admin/customer language file
-					include_once \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/' . $langfile);
+					if ($lngfile != 'lng/english.lng.php') {
+						include \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/' . $langfile);
+					}

 					// Get mail templates from database; the ones from 'admin' are fetched for fallback
 					$result2_stmt = Database::prepare("
@@ -322,6 +331,8 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 					}

 					$mail->ClearAddresses();
+
+					unset($lng);
 				}
 			}
 		} // trafficmax > 0
@@ -343,7 +354,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 			 * report about diskusage for customers
 			 */
 			$result_stmt = Database::query("
-				SELECT `c`.`customerid`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
+				SELECT `c`.`customerid`, `c`.`customernumber`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
 				`c`.`company`, `c`.`diskspace`, `c`.`diskspace_used`, `c`.`email`, `c`.`def_language`,
 				`a`.`name` AS `adminname`, `a`.`email` AS `adminmail`
 				FROM `" . TABLE_PANEL_CUSTOMERS . "` AS `c`
@@ -361,11 +372,15 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 					$rep_userinfo = array(
 						'name' => $row['name'],
 						'firstname' => $row['firstname'],
-						'company' => $row['company']
+						'company' => $row['company'],
+						'customernumber' => $row['customernumber']
 					);
 					$replace_arr = array(
 						'SALUTATION' => \Froxlor\User::getCorrectUserSalutation($rep_userinfo),
-						'NAME' => $row['name'], // < keep this for compatibility
+						'NAME' => $rep_userinfo['name'],
+						'FIRSTNAME' => $rep_userinfo['firstname'],
+						'COMPANY' => $rep_userinfo['company'],
+						'CUSTOMER_NO' => $rep_userinfo['customernumber'],
 						'DISKAVAILABLE' => round(($row['diskspace'] / 1024), 2), /* traffic is stored in KB, template uses MB */
 						'DISKUSED' => round($row['diskspace_used'] / 1024, 2), /* traffic is stored in KB, template uses MB */
 						'USAGE_PERCENT' => round(($row['diskspace_used'] * 100) / $row['diskspace'], 2),
@@ -386,13 +401,15 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 						$lngfile = Database::pexecute_first($lngfile_stmt, array(
 							'deflang' => Settings::Get('panel.standardlanguage')
 						));
-						$langfile = $lngfile['file'];
+						$langfile = $lngfile['file'] ?? 'lng/english.lng.php';
 					}

 					// include english language file (fallback)
-					include_once \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/lng/english.lng.php');
+					include \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/lng/english.lng.php');
 					// include admin/customer language file
-					include_once \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/' . $langfile);
+					if ($lngfile != 'lng/english.lng.php') {
+						include \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/' . $langfile);
+					}

 					// Get mail templates from database; the ones from 'admin' are fetched for fallback
 					$result2_stmt = Database::prepare("
@@ -443,6 +460,8 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 					Database::pexecute($upd_stmt, array(
 						'customerid' => $row['customerid']
 					));
+
+					unset($lng);
 				}
 			}

@@ -483,9 +502,11 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 					}

 					// include english language file (fallback)
-					include_once \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/lng/english.lng.php');
+					include \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/lng/english.lng.php');
 					// include admin/customer language file
-					include_once \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/' . $langfile);
+					if ($lngfile != 'lng/english.lng.php') {
+						include \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . '/' . $langfile);
+					}

 					// Get mail templates from database; the ones from 'admin' are fetched for fallback
 					$result2_stmt = Database::prepare("
@@ -536,6 +557,8 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 					Database::pexecute($upd_stmt, array(
 						'adminid' => $row['adminid']
 					));
+
+					unset($lng);
 				}
 			}
 		} // webmax > 0
--- a/lib/Froxlor/Cron/Traffic/TrafficCron.php
+++ b/lib/Froxlor/Cron/Traffic/TrafficCron.php
@@ -137,7 +137,11 @@ class TrafficCron extends \Froxlor\Cron\FroxlorCron
 					$mysqlusage_all[$row_database['customerid']] = 0;
 				}
 				// sum up result
-				$mysqlusage_all[$row_database['customerid']] += floatval($mysql_usage_row['customerusage']);
+				if ($mysql_usage_row) {
+					$mysqlusage_all[$row_database['customerid']] += floatval($mysql_usage_row['customerusage']);
+				} else {
+					\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_WARNING, "Cannot get usage for database " . $row_database['databasename'] . ".");
+				}
 			} else {
 				\Froxlor\FroxlorLogger::getInstanceOf()->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_WARNING, "Seems like the database " . $row_database['databasename'] . " had been removed manually.");
 			}
@@ -566,29 +570,6 @@ class TrafficCron extends \Froxlor\Cron\FroxlorCron
 			}

 			if (isset($admin_diskspace[$row['adminid']])) {
-
-				$ins_data = array(
-					'adminid' => $row['adminid'],
-					'year' => date('Y', time()),
-					'month' => date('m', time()),
-					'day' => date('d', time()),
-					'stamp' => time(),
-					'webspace' => $admin_diskspace[$row['adminid']]['webspace'],
-					'mail' => $admin_diskspace[$row['adminid']]['mail'],
-					'mysql' => $admin_diskspace[$row['adminid']]['mysql']
-				);
-				$ins_stmt = Database::prepare("
-					INSERT INTO `" . TABLE_PANEL_DISKSPACE_ADMINS . "` SET
-					`adminid` = :adminid,
-					`year` = :year,
-					`month` = :month,
-					`day` = :day,
-					`stamp` = :stamp,
-					`webspace` = :webspace,
-					`mail` = :mail,
-					`mysql` = :mysql
-				");
-
 				$upd_data = array(
 					'diskspace' => $admin_diskspace[$row['adminid']]['all'],
 					'adminid' => $row['adminid']
--- a/lib/Froxlor/Customer/Customer.php
+++ b/lib/Froxlor/Customer/Customer.php
@@ -30,7 +30,7 @@ class Customer
 	 *        	
 	 * @return string customers loginname
 	 */
-	public function getLoginNameByUid($uid = null)
+	public static function getLoginNameByUid($uid = null)
 	{
 		$result_stmt = Database::prepare("
 			SELECT `loginname` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `guid` = :guid
--- a/lib/Froxlor/Database/Manager/DbManagerMySQL.php
+++ b/lib/Froxlor/Database/Manager/DbManagerMySQL.php
@@ -78,36 +78,35 @@ class DbManagerMySQL
 	public function grantPrivilegesTo($username = null, $password = null, $access_host = null, $p_encrypted = false, $update = false)
 	{
 		if (! $update) {
-			// mysql8 compatibility
-			if (version_compare(Database::getAttribute(\PDO::ATTR_SERVER_VERSION), '8.0.11', '>=')) {
-				// create user
+			// create user
+			if ($p_encrypted) {
+				if (version_compare(Database::getAttribute(\PDO::ATTR_SERVER_VERSION), '5.7.0', '<')) {
+					$stmt = Database::prepare("
+						CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED BY PASSWORD :password
+					");
+				} else {
+					$stmt = Database::prepare("
+						CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED WITH mysql_native_password AS :password
+					");
+				}
+			} else {
 				$stmt = Database::prepare("
 					CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED BY :password
 				");
-				Database::pexecute($stmt, array(
-					"password" => $password
-				));
-				// grant privileges
-				$stmt = Database::prepare("
-					GRANT ALL ON `" . $username . "`.* TO :username@:host
-				");
-				Database::pexecute($stmt, array(
-					"username" => $username,
-					"host" => $access_host
-				));
-			} else {
-				// grant privileges
-				$stmt = Database::prepare("
-					GRANT ALL PRIVILEGES ON `" . $username . "`.* TO :username@:host IDENTIFIED BY :password
-				");
-				Database::pexecute($stmt, array(
-					"username" => $username,
-					"host" => $access_host,
-					"password" => $password
-				));
 			}
+			Database::pexecute($stmt, array(
+				"password" => $password
+			));
+			// grant privileges
+			$stmt = Database::prepare("
+				GRANT ALL ON `" . $username . "`.* TO :username@:host
+			");
+			Database::pexecute($stmt, array(
+				"username" => $username,
+				"host" => $access_host
+			));
 		} else {
-			// set passoword
+			// set password
 			if (version_compare(Database::getAttribute(\PDO::ATTR_SERVER_VERSION), '5.7.6', '<')) {
 				if ($p_encrypted) {
 					$stmt = Database::prepare("SET PASSWORD FOR :username@:host = :password");
@@ -115,7 +114,11 @@ class DbManagerMySQL
 					$stmt = Database::prepare("SET PASSWORD FOR :username@:host = PASSWORD(:password)");
 				}
 			} else {
-				$stmt = Database::prepare("ALTER USER :username@:host IDENTIFIED BY :password");
+				if ($p_encrypted) {
+					$stmt = Database::prepare("ALTER USER :username@:host IDENTIFIED WITH mysql_native_password AS :password");
+				} else {
+					$stmt = Database::prepare("ALTER USER :username@:host IDENTIFIED BY :password");
+				}
 			}
 			Database::pexecute($stmt, array(
 				"username" => $username,
@@ -158,7 +161,6 @@ class DbManagerMySQL
 			), false);
 		}

-		
 		$drop_stmt = Database::prepare("DROP DATABASE IF EXISTS `" . $dbname . "`");
 		Database::pexecute($drop_stmt);
 	}
@@ -247,7 +249,7 @@ class DbManagerMySQL
 			if ($user_only == false) {
 				if (! isset($allsqlusers[$row['User']]) || ! is_array($allsqlusers[$row['User']])) {
 					$allsqlusers[$row['User']] = array(
-						'password' => $row['Password'],
+						'password' => $row['Password'] ?? $row['authentication_string'],
 						'hosts' => array()
 					);
 				}
--- a/lib/Froxlor/Dns/Dns.php
+++ b/lib/Froxlor/Dns/Dns.php
@@ -144,7 +144,7 @@ class Dns
 			}
 			if (Settings::Get('dkim.use_dkim') == '1') {
 				// check for DKIM content later
-				self::addRequiredEntry('dkim_' . $domain['dkim_id'] . '._domainkey', 'TXT', $required_entries);
+				self::addRequiredEntry('dkim' . $domain['dkim_id'] . '._domainkey', 'TXT', $required_entries);
 			}
 		}

@@ -160,7 +160,7 @@ class Dns
 				// unset special CAA required-entry
 				unset($required_entries[$entry['type']][md5("@CAA@")]);
 			}
-			if (Settings::Get('spf.use_spf') == '1' && $entry['type'] == 'TXT' && $entry['record'] == '@' && strtolower(substr($entry['content'], 0, 7)) == '"v=spf1') {
+			if (Settings::Get('spf.use_spf') == '1' && $entry['type'] == 'TXT' && $entry['record'] == '@' && (strtolower(substr($entry['content'], 0, 7)) == '"v=spf1' || strtolower(substr($entry['content'], 0, 6)) == 'v=spf1') ) {
 				// unset special spf required-entry
 				unset($required_entries[$entry['type']][md5("@SPF@")]);
 			}
@@ -168,6 +168,13 @@ class Dns
 				// use the first NS entry as primary ns
 				$primary_ns = $entry['content'];
 			}
+			// check for CNAME on @, www- or wildcard-Alias and remove A/AAAA record accordingly
+			foreach (['@', 'www', '*'] as $crceord) {
+				if ($entry['type'] == 'CNAME' && $entry['record'] == '@' && (array_key_exists(md5($crceord), $required_entries['A']) || array_key_exists(md5($crceord), $required_entries['AAAA']))) {
+					unset($required_entries['A'][md5($crceord)]);
+					unset($required_entries['AAAA'][md5($crceord)]);
+				}
+			}
 			$zonerecords[] = new DnsEntry($entry['record'], $entry['type'], $entry['content'], $entry['prio'], $entry['ttl']);
 		}

@@ -276,7 +283,7 @@ class Dns
 							if ($record == '@SPF@') {
 								$txt_content = Settings::Get('spf.spf_entry');
 								$zonerecords[] = new DnsEntry('@', 'TXT', self::encloseTXTContent($txt_content));
-							} elseif ($record == 'dkim_' . $domain['dkim_id'] . '._domainkey' && ! empty($dkim_entries)) {
+							} elseif ($record == 'dkim' . $domain['dkim_id'] . '._domainkey' && ! empty($dkim_entries)) {
 								// check for multiline entry
 								$multiline = false;
 								if (substr($dkim_entries[0], 0, 1) == '(') {
--- a/lib/Froxlor/Domain/Domain.php
+++ b/lib/Froxlor/Domain/Domain.php
@@ -6,6 +6,41 @@ use Froxlor\Database\Database;
 class Domain
 {

+	/**
+	 * return all ip addresses associated with given domain,
+	 * returns all ips if domain-id = 0 (froxlor.vhost)
+	 *
+	 * @param int $domain_id
+	 * @return array
+	 */
+	public static function getIpsOfDomain($domain_id)
+	{
+		if ($domain_id > 0) {
+			$sel_stmt = Database::prepare("
+				SELECT i.ip FROM `" . TABLE_PANEL_IPSANDPORTS . "` `i`
+				LEFT JOIN `" . TABLE_DOMAINTOIP . "` `dip` ON dip.id_ipandports = i.id
+				AND dip.id_domain = :domainid
+				GROUP BY i.ip
+			");
+			$sel_param = array(
+				'domainid' => $domain_id
+			);
+		} else {
+			// assuming froxlor.vhost (id = 0)
+			$sel_stmt = Database::prepare("
+				SELECT ip FROM `" . TABLE_PANEL_IPSANDPORTS . "`
+				GROUP BY ip
+			");
+			$sel_param = array();
+		}
+		Database::pexecute($sel_stmt, $sel_param);
+		$result = array();
+		while ($ip = $sel_stmt->fetch(\PDO::FETCH_ASSOC)) {
+			$result[] = $ip['ip'];
+		}
+		return $result;
+	}
+
 	/**
 	 * return an array of all enabled redirect-codes
 	 *
@@ -294,13 +329,9 @@ class Domain
 	public static function doLetsEncryptCleanUp($domainname = null)
 	{
 		// @ see \Froxlor\Cron\Http\LetsEncrypt\AcmeSh.php
-		$acmesh = "/root/.acme.sh/acme.sh";
+		$acmesh = \Froxlor\Cron\Http\LetsEncrypt\AcmeSh::getAcmeSh();
 		if (file_exists($acmesh)) {
-			$certificate_folder = dirname($acmesh) . "/" . $domainname;
-			if (\Froxlor\Settings::Get('system.leecc') > 0) {
-				$certificate_folder .= "_ecc";
-			}
-			$certificate_folder = \Froxlor\FileDir::makeCorrectDir($certificate_folder);
+			$certificate_folder = \Froxlor\Cron\Http\LetsEncrypt\AcmeSh::getWorkingDirFromEnv($domainname);
 			if (file_exists($certificate_folder)) {
 				$params = " --remove -d " . $domainname;
 				if (\Froxlor\Settings::Get('system.leecc') > 0) {
--- a/lib/Froxlor/Froxlor.php
+++ b/lib/Froxlor/Froxlor.php
@@ -7,17 +7,17 @@ final class Froxlor
 {

 	// Main version variable
-	const VERSION = '0.10.6';
+	const VERSION = '0.10.21';

 	// Database version (YYYYMMDDC where C is a daily counter)
-	const DBVERSION = '201911130';
+	const DBVERSION = '202009070';

 	// Distribution branding-tag (used for Debian etc.)
 	const BRANDING = '';

 	/**
 	 * return path to where froxlor is installed, e.g.
-	 * /var/www/froxlor
+	 * /var/www/froxlor/
 	 *
 	 * @return string
 	 */
--- a/lib/Froxlor/FroxlorLogger.php
+++ b/lib/Froxlor/FroxlorLogger.php
@@ -87,10 +87,13 @@ class FroxlorLogger
 						self::$ml->pushHandler(new SyslogHandler('froxlor', LOG_USER, Logger::DEBUG));
 						break;
 					case 'file':
-						if (empty(Settings::Get('logger.logfile')) || ! is_writeable(Settings::Get('logger.logfile'))) {
+						$logger_logfile = Settings::Get('logger.logfile');
+						// is_writable needs an existing file to check if it's actually writable
+						@touch($logger_logfile);
+						if (empty($logger_logfile) || ! is_writable($logger_logfile)) {
 							Settings::Set('logger.logfile', '/tmp/froxlor.log');
 						}
-						self::$ml->pushHandler(new StreamHandler(Settings::Get('logger.logfile'), Logger::DEBUG));
+						self::$ml->pushHandler(new StreamHandler($logger_logfile, Logger::DEBUG));
 						break;
 					case 'mysql':
 						self::$ml->pushHandler(new MysqlHandler(Logger::DEBUG));
--- a/lib/Froxlor/Http/Statistics.php
+++ b/lib/Froxlor/Http/Statistics.php
@@ -37,20 +37,31 @@ class Statistics
 			\Froxlor\FileDir::safe_exec('mkdir -p ' . escapeshellarg(Settings::Get('system.awstats_conf')));
 		}

+		$logformat = Settings::Get('system.awstats_logformat');
+		if (! is_numeric($logformat)) {
+			// if LogFormat is NOT numeric (e.g. 1,2,3,4), we quote it.
+			// 1-4 are pre-defined formats by awstats which must not be quoted to work properly. So if
+			// it is not a integer, it is something customized and we simply quote it.
+			// Only escaping double-quote should be fine, as we only put the whole string under double-quote.
+			$logformat = '"' . str_replace('"', '\"', Settings::Get('system.awstats_logformat')) . '"';
+		}
+
 		// These are the variables we will replace
 		$regex = array(
 			'/\{LOG_FILE\}/',
 			'/\{SITE_DOMAIN\}/',
 			'/\{HOST_ALIASES\}/',
 			'/\{CUSTOMER_DOCROOT\}/',
-			'/\{AWSTATS_CONF\}/'
+			'/\{AWSTATS_CONF\}/',
+			'/\{AWSTATS_LOGFORMAT\}/'
 		);
 		$replace = array(
 			\Froxlor\FileDir::makeCorrectFile($logFile),
 			$siteDomain,
 			$hostAliases,
 			$awstats_dir,
-			\Froxlor\FileDir::makeCorrectDir(Settings::Get('system.awstats_conf'))
+			\Froxlor\FileDir::makeCorrectDir(Settings::Get('system.awstats_conf')),
+			$logformat
 		);

 		// File names
--- a/lib/Froxlor/MailLogParser.php
+++ b/lib/Froxlor/MailLogParser.php
@@ -209,12 +209,12 @@ class MailLogParser

 			$timestamp = $this->getLogTimestamp($line);
 			if ($this->startTime < $timestamp) {
-				if (preg_match("/dovecot.*(?::|\]) imap\(.*@([a-z0-9\.\-]+)\):.*(?:in=(\d+) out=(\d+)|bytes=(\d+)\/(\d+))/i", $line, $matches)) {
+				if (preg_match("/dovecot.*(?::|\]) imap\(.*@([a-z0-9\.\-]+)\)(<\d+><[a-z0-9+\/=]+>)?:.*(?:in=(\d+) out=(\d+)|bytes=(\d+)\/(\d+))/i", $line, $matches)) {
 					// Dovecot IMAP
-					$this->addDomainTraffic($matches[1], (int) $matches[2] + (int) $matches[3], $timestamp);
-				} elseif (preg_match("/dovecot.*(?::|\]) pop3\(.*@([a-z0-9\.\-]+)\):.*in=(\d+).*out=(\d+)/i", $line, $matches)) {
+					$this->addDomainTraffic($matches[1], (int) $matches[3] + (int) $matches[4], $timestamp);
+				} elseif (preg_match("/dovecot.*(?::|\]) pop3\(.*@([a-z0-9\.\-]+)\)(<\d+><[a-z0-9+\/=]+>)?:.*in=(\d+).*out=(\d+)/i", $line, $matches)) {
 					// Dovecot POP3
-					$this->addDomainTraffic($matches[1], (int) $matches[2] + (int) $matches[3], $timestamp);
+					$this->addDomainTraffic($matches[1], (int) $matches[3] + (int) $matches[4], $timestamp);
 				}
 			}
 		}
--- a/lib/Froxlor/PhpHelper.php
+++ b/lib/Froxlor/PhpHelper.php
@@ -374,7 +374,7 @@ class PhpHelper
 		$returnval = array();
 		if (is_array($source)) {
 			$source = array_map('trim', $source);
-			$source = array_filter($source, function ($value) {
+			$returnval = array_filter($source, function ($value) {
 				return $value !== '';
 			});
 		} else {
--- a/lib/Froxlor/Settings/FroxlorVhostSettings.php
+++ b/lib/Froxlor/Settings/FroxlorVhostSettings.php
@@ -12,5 +12,4 @@ class FroxlorVhostSettings
 		$result = Database::pexecute_first($sel_stmt);
 		return $result['vcentries'] > 0 ? true : false;
 	}
-
 }
--- a/lib/Froxlor/Settings/Store.php
+++ b/lib/Froxlor/Settings/Store.php
@@ -242,8 +242,8 @@ class Store
 			$mysql_access_host_array = array_map('trim', explode(',', Settings::Get('system.mysql_access_host')));
 			$mysql_access_host_array[] = $newfieldvalue;
 			$mysql_access_host_array = array_unique(\Froxlor\PhpHelper::arrayTrim($mysql_access_host_array));
-			$mysql_access_host = implode(',', $mysql_access_host_array);
 			\Froxlor\Database\DbManager::correctMysqlUsers($mysql_access_host_array);
+			$mysql_access_host = implode(',', $mysql_access_host_array);
 			Settings::Set('system.mysql_access_host', $mysql_access_host);
 		}

@@ -293,9 +293,11 @@ class Store
 				'cleanMySQLAccessHost'
 			), $mysql_access_host_array);

-			$mysql_access_host_array = array_unique($mysql_access_host_array);
+			$mysql_access_host_array = array_unique(\Froxlor\PhpHelper::arrayTrim($mysql_access_host_array));
 			$newfieldvalue = implode(',', $mysql_access_host_array);
 			\Froxlor\Database\DbManager::correctMysqlUsers($mysql_access_host_array);
+			$mysql_access_host = implode(',', $mysql_access_host_array);
+			Settings::Set('system.mysql_access_host', $mysql_access_host);
 		}

 		return $returnvalue;
--- a/lib/Froxlor/UI/Pagination.php
+++ b/lib/Froxlor/UI/Pagination.php
@@ -82,7 +82,8 @@ class Pagination
 			// add default ordering by given fields
 			if (count($fields) > 0) {
 				$orderfields = array_keys($fields);
-				$this->addOrderBy($orderfields[0]);
+				$this->sortfield = $orderfields[0];
+				$this->addOrderBy($orderfields[0], $this->sortorder);
 			}
 		}

@@ -163,6 +164,9 @@ class Pagination
 		// if a search is performed, the result-entries-count is irrelevant
 		// we do not want pagination
 		$this->is_search = true;
+		// unset any limit as we do not have pagination when showing search-results
+		unset($this->data['sql_limit']);
+		unset($this->data['sql_offset']);
 		return $this;
 	}

@@ -285,15 +289,22 @@ class Pagination
 				$stop = $pages;
 			}

-			$pagingcode = '<a href="' . htmlspecialchars($baseurl) . '&amp;pageno=1">&laquo;</a> <a href="' . htmlspecialchars($baseurl) . '&amp;pageno=' . ((intval($this->pageno) - 1) == 0 ? '1' : intval($this->pageno) - 1) . '">&lt;</a>&nbsp;';
+			// check for possible sorting values and keep it
+			$orderstr = '';
+			if (!empty($this->sortfield)) {
+				$fieldname = htmlspecialchars($this->sortfield);
+				$orderstr .= '&amp;sortfield=' . $fieldname . '&amp;sortorder=' . $this->sortorder;
+			}
+
+			$pagingcode = '<a href="' . htmlspecialchars($baseurl) . '&amp;pageno=1' . $orderstr . '">&laquo;</a> <a href="' . htmlspecialchars($baseurl) . '&amp;pageno=' . ((intval($this->pageno) - 1) == 0 ? '1' : intval($this->pageno) - 1) . $orderstr . '">&lt;</a>&nbsp;';
 			for ($i = $start; $i <= $stop; $i ++) {
 				if ($i != $this->pageno) {
-					$pagingcode .= ' <a href="' . htmlspecialchars($baseurl) . '&amp;pageno=' . $i . '">' . $i . '</a>&nbsp;';
+					$pagingcode .= ' <a href="' . htmlspecialchars($baseurl) . '&amp;pageno=' . $i . $orderstr . '">' . $i . '</a>&nbsp;';
 				} else {
 					$pagingcode .= ' <strong>' . $i . '</strong>&nbsp;';
 				}
 			}
-			$pagingcode .= ' <a href="' . htmlspecialchars($baseurl) . '&amp;pageno=' . ((intval($this->pageno) + 1) > $pages ? $pages : intval($this->pageno) + 1) . '">&gt;</a> <a href="' . $baseurl . '&amp;pageno=' . $pages . '">&raquo;</a>';
+			$pagingcode .= ' <a href="' . htmlspecialchars($baseurl) . '&amp;pageno=' . ((intval($this->pageno) + 1) > $pages ? $pages : intval($this->pageno) + 1) . $orderstr . '">&gt;</a> <a href="' . $baseurl . '&amp;pageno=' . $pages . $orderstr . '">&raquo;</a>';
 		} else {
 			$pagingcode = '';
 		}
--- a/lib/Froxlor/UI/Paging.php
+++ b/lib/Froxlor/UI/Paging.php
@@ -0,0 +1,520 @@
+<?php
+namespace Froxlor\UI;
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright (c) the authors
+ * @author Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author Froxlor team <team@froxlor.org> (2010-)
+ * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package Classes
+ *         
+ */
+
+/**
+ * Class to manage paging system
+ *
+ * @package Functions
+ */
+class Paging
+{
+
+	/**
+	 * Userinfo
+	 *
+	 * @var array
+	 */
+	private $userinfo = array();
+
+	/**
+	 * MySQL-Table
+	 *
+	 * @var string
+	 */
+	private $table = '';
+
+	/**
+	 * Fields with description which should be selectable
+	 *
+	 * @var array
+	 */
+	private $fields = array();
+
+	/**
+	 * Entries per page
+	 *
+	 * @var int
+	 */
+	private $entriesperpage = 0;
+
+	/**
+	 * Number of entries of table
+	 *
+	 * @var int
+	 */
+	private $entries = 0;
+
+	/**
+	 * Sortorder, asc or desc
+	 *
+	 * @var string
+	 */
+	public $sortorder = 'asc';
+
+	/**
+	 * Sortfield
+	 *
+	 * @var string
+	 */
+	public $sortfield = '';
+
+	/**
+	 * Searchfield
+	 *
+	 * @var string
+	 */
+	private $searchfield = '';
+
+	/**
+	 * Searchtext
+	 *
+	 * @var string
+	 */
+	private $searchtext = '';
+
+	/**
+	 * Pagenumber
+	 *
+	 * @var int
+	 */
+	private $pageno = 0;
+
+	/**
+	 * Switch natsorting on/off
+	 *
+	 * @var bool
+	 */
+	private $natSorting = false;
+
+	private $limit = 0;
+
+	/**
+	 * Class constructor.
+	 * Loads settings from request or from userdata and saves them to session.
+	 *
+	 * @param
+	 *        	array userinfo
+	 * @param
+	 *        	string Name of Table
+	 * @param
+	 *        	array Fields, in format array( 'fieldname_in_mysql' => 'field_caption' )
+	 * @param
+	 *        	int *deprecated* entries per page
+	 * @param
+	 *        	bool *deprecated* Switch natsorting on/off (global, affects all calls of sort)
+	 * @param int $default_field
+	 *        	default sorting-field-index
+	 * @param string $default_order
+	 *        	default sorting order 'asc' or 'desc'
+	 *        	
+	 */
+	public function __construct($userinfo, $table, $fields, $entriesperpage = 0, $natSorting = false, $default_field = 0, $default_order = 'asc', $limit = 0)
+	{
+
+		// entries per page and natsorting-flag are not
+		// passed as parameter anymore, because these are
+		// from the settings anyway
+		$entriesperpage = \Froxlor\Settings::Get('panel.paging');
+		$natSorting = \Froxlor\Settings::Get('panel.natsorting');
+
+		$this->userinfo = $userinfo;
+
+		if (! is_array($this->userinfo['lastpaging'])) {
+			$this->userinfo['lastpaging'] = json_decode($this->userinfo['lastpaging'], true);
+		}
+
+		$this->table = $table;
+		$this->fields = $fields;
+		$this->entriesperpage = $entriesperpage;
+		$this->natSorting = $natSorting;
+		$checklastpaging = (isset($this->userinfo['lastpaging']['table']) && $this->userinfo['lastpaging']['table'] == $this->table);
+		$this->userinfo['lastpaging']['table'] = $this->table;
+
+		if (isset($_REQUEST['sortorder']) && (strtolower($_REQUEST['sortorder']) == 'desc' || strtolower($_REQUEST['sortorder']) == 'asc')) {
+			$this->sortorder = strtolower($_REQUEST['sortorder']);
+		} else {
+
+			if ($checklastpaging && isset($this->userinfo['lastpaging']['sortorder']) && (strtolower($this->userinfo['lastpaging']['sortorder']) == 'desc' || strtolower($this->userinfo['lastpaging']['sortorder']) == 'asc')) {
+				$this->sortorder = strtolower($this->userinfo['lastpaging']['sortorder']);
+			} else {
+				$this->sortorder = $default_order;
+			}
+		}
+
+		$this->userinfo['lastpaging']['sortorder'] = $this->sortorder;
+
+		if (isset($_REQUEST['sortfield']) && isset($fields[$_REQUEST['sortfield']])) {
+			$this->sortfield = $_REQUEST['sortfield'];
+		} else {
+			if ($checklastpaging && isset($this->userinfo['lastpaging']['sortfield']) && isset($fields[$this->userinfo['lastpaging']['sortfield']])) {
+				$this->sortfield = $this->userinfo['lastpaging']['sortfield'];
+			} else {
+				$fieldnames = array_keys($fields);
+				$this->sortfield = $fieldnames[$default_field];
+			}
+		}
+
+		$this->userinfo['lastpaging']['sortfield'] = $this->sortfield;
+
+		if (isset($_REQUEST['searchfield']) && isset($fields[$_REQUEST['searchfield']])) {
+			$this->searchfield = $_REQUEST['searchfield'];
+		} else {
+			if ($checklastpaging && isset($this->userinfo['lastpaging']['searchfield']) && isset($fields[$this->userinfo['lastpaging']['searchfield']])) {
+				$this->searchfield = $this->userinfo['lastpaging']['searchfield'];
+			} else {
+				$fieldnames = array_keys($fields);
+				$this->searchfield = $fieldnames[0];
+			}
+		}
+
+		$this->userinfo['lastpaging']['searchfield'] = $this->searchfield;
+
+		if (isset($_REQUEST['searchtext']) && (preg_match('/[-_@\p{L}\p{N}*.]+$/u', $_REQUEST['searchtext']) || $_REQUEST['searchtext'] === '')) {
+			$this->searchtext = trim($_REQUEST['searchtext']);
+		} else {
+			if ($checklastpaging && isset($this->userinfo['lastpaging']['searchtext']) && preg_match('/[-_@\p{L}\p{N}*.]+$/u', $this->userinfo['lastpaging']['searchtext'])) {
+				$this->searchtext = $this->userinfo['lastpaging']['searchtext'];
+			} else {
+				$this->searchtext = '';
+			}
+		}
+
+		$this->userinfo['lastpaging']['searchtext'] = $this->searchtext;
+
+		if (isset($_REQUEST['pageno']) && intval($_REQUEST['pageno']) != 0) {
+			$this->pageno = intval($_REQUEST['pageno']);
+		} else {
+			if ($checklastpaging && isset($this->userinfo['lastpaging']['pageno']) && intval($this->userinfo['lastpaging']['pageno']) != 0) {
+				$this->pageno = intval($this->userinfo['lastpaging']['pageno']);
+			} else {
+				$this->pageno = 1;
+			}
+		}
+
+		$this->userinfo['lastpaging']['pageno'] = $this->pageno;
+		$upd_stmt = \Froxlor\Database\Database::prepare("
+			UPDATE `" . TABLE_PANEL_SESSIONS . "` SET
+			`lastpaging` = :lastpaging
+			WHERE `hash` = :hash  AND `userid` = :userid
+			AND `ipaddress` = :ipaddr AND `useragent` = :ua
+			AND `adminsession` = :adminsession
+		");
+		$upd_data = array(
+			'lastpaging' => json_encode($this->userinfo['lastpaging']),
+			'hash' => $userinfo['hash'],
+			'userid' => $userinfo['userid'],
+			'ipaddr' => $userinfo['ipaddress'],
+			'ua' => $userinfo['useragent'],
+			'adminsession' => $userinfo['adminsession']
+		);
+		\Froxlor\Database\Database::pexecute($upd_stmt, $upd_data);
+
+		$this->limit = $limit;
+	}
+
+	/**
+	 * Sets number of entries and adjusts pageno if the number of entries doesn't correspond to the pageno.
+	 *
+	 * @param
+	 *        	int entries
+	 */
+	public function setEntries($entries)
+	{
+		$this->entries = $entries;
+
+		if (($this->pageno - 1) * $this->entriesperpage > $this->entries) {
+			$this->pageno = 1;
+		}
+
+		return true;
+	}
+
+	/**
+	 * Checks if a row should be displayed or not, used in loops
+	 *
+	 * @param
+	 *        	int number of row
+	 * @return bool to display or not to display, that's the question
+	 */
+	public function checkDisplay($count)
+	{
+		$begin = (intval($this->pageno) - 1) * intval($this->entriesperpage);
+		$end = (intval($this->pageno) * intval($this->entriesperpage));
+		return (($count >= $begin && $count < $end) || $this->entriesperpage == 0);
+	}
+
+	/**
+	 * Returns condition code for sql query
+	 *
+	 * @param
+	 *        	bool should returned condition code start with WHERE (false) or AND (true)?
+	 * @return string the condition code
+	 */
+	public function getSqlWhere($append = false)
+	{
+		if ($this->searchtext != '') {
+			if ($append == true) {
+				$condition = ' AND ';
+			} else {
+				$condition = ' WHERE ';
+			}
+
+			$searchfield = explode('.', $this->searchfield);
+			foreach ($searchfield as $id => $field) {
+				if (substr($field, - 1, 1) != '`') {
+					$field .= '`';
+				}
+
+				if ($field[0] != '`') {
+					$field = '`' . $field;
+				}
+
+				$searchfield[$id] = $field;
+			}
+
+			$searchfield = implode('.', $searchfield);
+
+			$ops = array(
+				'<',
+				'>',
+				'='
+			);
+
+			// check if we use an operator or not
+			$useOper = 0;
+			$oper = "=";
+			if (in_array(substr($this->searchtext, 0, 1), $ops)) {
+				$useOper = 1;
+				$oper = substr($this->searchtext, 0, 1);
+			}
+
+			// check for diskspace and whether searchtext is a number
+			// in any other case the logical-operators would make no sense
+			if (strpos($searchfield, 'diskspace') > 0 && is_numeric(substr($this->searchtext, $useOper))) {
+				// anything with diskspace is *1024
+				$searchtext = ((int) substr($this->searchtext, $useOper)) * 1024;
+				$useOper = 1;
+			} elseif (strpos($searchfield, 'traffic') > 0 && is_numeric(substr($this->searchtext, $useOper))) {
+				// anything with traffic is *1024*1024
+				$searchtext = ((int) substr($this->searchtext, $useOper)) * 1024 * 1024;
+				$useOper = 1;
+			} else {
+				// any other field
+				$searchtext = substr($this->searchtext, $useOper);
+			}
+
+			if ($useOper == 1 && is_numeric(substr($this->searchtext, $useOper))) {
+				// now as we use >, < or = we use the given operator and not LIKE
+				$condition .= $searchfield . " " . $oper . " " . \Froxlor\Database\Database::quote($searchtext);
+			} else {
+				$searchtext = str_replace('*', '%', $this->searchtext);
+				// append wildcards if user did not enter any
+				if (strpos($searchtext, '%') === false)
+					$searchtext = '%' . $searchtext . '%';
+				$condition .= $searchfield . " LIKE " . \Froxlor\Database\Database::quote($searchtext);
+			}
+		} else {
+			$condition = '';
+		}
+
+		return $condition;
+	}
+
+	/**
+	 * Returns "order by"-code for sql query
+	 *
+	 * @param
+	 *        	bool Switch natsorting on/off (local, affects just this call)
+	 * @return string the "order by"-code
+	 */
+	public function getSqlOrderBy($natSorting = null)
+	{
+		$sortfield = explode('.', $this->sortfield);
+		foreach ($sortfield as $id => $field) {
+			if (substr($field, - 1, 1) != '`') {
+				$field .= '`';
+			}
+
+			if ($field[0] != '`') {
+				$field = '`' . $field;
+			}
+
+			$sortfield[$id] = $field;
+		}
+
+		$sortfield = implode('.', $sortfield);
+		$sortorder = strtoupper($this->sortorder);
+
+		if ($natSorting == true || ($natSorting === null && $this->natSorting == true)) {
+			// Acts similar to php's natsort(), found in one comment at http://my.opera.com/cpr/blog/show.dml/160556
+			$sortcode = "ORDER BY CONCAT( IF( ASCII( LEFT( " . $sortfield . ", 5 ) ) > 57,
+				LEFT( " . $sortfield . ", 1 ), 0 ),
+				IF( ASCII( RIGHT( " . $sortfield . ", 1 ) ) > 57,
+					LPAD( " . $sortfield . ", 255, '0' ),
+					LPAD( CONCAT( " . $sortfield . ", '-' ), 255, '0' )
+				)) " . $sortorder;
+		} else {
+			$sortcode = 'ORDER BY ' . $sortfield . ' ' . $sortorder;
+		}
+
+		return $sortcode;
+	}
+
+	/**
+	 * Currently not used
+	 *
+	 * @return string always empty
+	 */
+	public function getSqlLimit()
+	{
+		if ($this->limit > 0) {
+			$_offset = ($this->pageno - 1) * $this->limit;
+			return ' LIMIT ' . $_offset . ',' . $this->limit;
+		}
+		/**
+		 * currently not in use
+		 */
+		return '';
+	}
+
+	/**
+	 * Returns html code for sorting field
+	 *
+	 * @param
+	 *        	array Language array
+	 * @return string the html sortcode
+	 */
+	public function getHtmlSortCode($lng, $break = false)
+	{
+		$sortcode = '';
+		$fieldoptions = '';
+		$orderoptions = '';
+
+		foreach ($this->fields as $fieldname => $fieldcaption) {
+			$fieldoptions .= HTML::makeoption($fieldcaption, $fieldname, $this->sortfield, true, true);
+		}
+
+		$breakorws = ($break ? '<br />' : '&nbsp;');
+		foreach (array(
+			'asc' => $lng['panel']['ascending'],
+			'desc' => $lng['panel']['descending']
+		) as $sortordertype => $sortorderdescription) {
+			$orderoptions .= HTML::makeoption($sortorderdescription, $sortordertype, $this->sortorder, true, true);
+		}
+
+		eval("\$sortcode =\"" . Template::getTemplate("misc/htmlsortcode", '1') . "\";");
+		return $sortcode;
+	}
+
+	/**
+	 * Returns html code for sorting arrows
+	 *
+	 * @param
+	 *        	string URL to use as base for links
+	 * @param
+	 *        	string If set, only this field will be returned
+	 * @return mixed An array or a string (if field is set) of html code of arrows
+	 */
+	public function getHtmlArrowCode($baseurl, $field = '')
+	{
+		global $theme;
+
+		if ($field != '' && isset($this->fields[$field])) {
+			$baseurl = htmlspecialchars($baseurl);
+			$fieldname = htmlspecialchars($field);
+			eval("\$arrowcode =\"" . Template::getTemplate("misc/htmlarrowcode", '1') . "\";");
+		} else {
+			$baseurl = htmlspecialchars($baseurl);
+			$arrowcode = array();
+			foreach ($this->fields as $fieldname => $fieldcaption) {
+				$fieldname = htmlspecialchars($fieldname);
+				eval("\$arrowcode[\$fieldname] =\"" . Template::getTemplate("misc/htmlarrowcode", '1') . "\";");
+			}
+		}
+
+		return $arrowcode;
+	}
+
+	/**
+	 * Returns html code for searching field
+	 *
+	 * @param
+	 *        	array Language array
+	 * @return string the html searchcode
+	 */
+	public function getHtmlSearchCode($lng)
+	{
+		$searchcode = '';
+		$fieldoptions = '';
+		$searchtext = htmlspecialchars($this->searchtext);
+		foreach ($this->fields as $fieldname => $fieldcaption) {
+			$fieldoptions .= HTML::makeoption($fieldcaption, $fieldname, $this->searchfield, true, true);
+		}
+		eval("\$searchcode =\"" . Template::getTemplate("misc/htmlsearchcode", '1') . "\";");
+		return $searchcode;
+	}
+
+	/**
+	 * Returns html code for paging
+	 *
+	 * @param
+	 *        	string URL to use as base for links
+	 * @return string the html pagingcode
+	 */
+	public function getHtmlPagingCode($baseurl)
+	{
+		if ($this->entriesperpage == 0) {
+			return '';
+		} else {
+			$pages = intval($this->entries / $this->entriesperpage);
+		}
+
+		if ($this->entries % $this->entriesperpage != 0) {
+			$pages ++;
+		}
+
+		if ($pages > 1) {
+
+			$start = $this->pageno - 4;
+			if ($start < 1) {
+				$start = 1;
+			}
+
+			$stop = $this->pageno + 4;
+			if ($stop > $pages) {
+				$stop = $pages;
+			}
+
+			$pagingcode = '<a href="' . htmlspecialchars($baseurl) . '&amp;pageno=1">&laquo;</a> <a href="' . htmlspecialchars($baseurl) . '&amp;pageno=' . ((intval($this->pageno) - 1) == 0 ? '1' : intval($this->pageno) - 1) . '">&lt;</a>&nbsp;';
+			for ($i = $start; $i <= $stop; $i ++) {
+				if ($i != $this->pageno) {
+					$pagingcode .= ' <a href="' . htmlspecialchars($baseurl) . '&amp;pageno=' . $i . '">' . $i . '</a>&nbsp;';
+				} else {
+					$pagingcode .= ' <strong>' . $i . '</strong>&nbsp;';
+				}
+			}
+			$pagingcode .= ' <a href="' . htmlspecialchars($baseurl) . '&amp;pageno=' . ((intval($this->pageno) + 1) > $pages ? $pages : intval($this->pageno) + 1) . '">&gt;</a> <a href="' . $baseurl . '&amp;pageno=' . $pages . '">&raquo;</a>';
+		} else {
+			$pagingcode = '';
+		}
+
+		return $pagingcode;
+	}
+}
--- a/lib/Froxlor/User.php
+++ b/lib/Froxlor/User.php
@@ -79,8 +79,8 @@ class User
 	/**
 	 * Function which updates all counters of used ressources in panel_admins and panel_customers
 	 *
-	 * @param
-	 *        	bool Set to true to get an array with debug information
+	 * @param bool $returndebuginfo
+	 *        	Set to true to get an array with debug information
 	 * @return array Contains debug information if parameter 'returndebuginfo' is set to true
 	 *        
 	 * @author Florian Lippert <flo@syscp.org> (2003-2009)
@@ -100,17 +100,17 @@ class User
 		// Customers
 		$customers_stmt = Database::prepare('SELECT * FROM `' . TABLE_PANEL_CUSTOMERS . '` ORDER BY `customerid`');
 		Database::pexecute($customers_stmt);
-
+		// array to store currently used resources per admin
 		$admin_resources = array();
 		while ($customer = $customers_stmt->fetch(\PDO::FETCH_ASSOC)) {
-
+			// set current admin
 			$cur_adm = $customer['adminid'];
-
 			// initialize admin-resources array for admin $customer['adminid']
 			if (! isset($admin_resources[$cur_adm])) {
 				$admin_resources[$cur_adm] = array();
 			}

+			// fill admin resource usage array with customer data
 			self::addResourceCountEx($admin_resources[$cur_adm], $customer, 'diskspace_used', 'diskspace');
 			self::addResourceCountEx($admin_resources[$cur_adm], $customer, 'traffic_used', 'traffic_used'); // !!! yes, USED and USED

@@ -126,6 +126,7 @@ class User
 				self::addResourceCount($admin_resources[$cur_adm], $customer, $field . '_used', $field);
 			}

+			// calculate real usage
 			$customer_mysqls_stmt = Database::prepare('SELECT COUNT(*) AS `number_mysqls` FROM `' . TABLE_PANEL_DATABASES . '`
 			WHERE `customerid` = :cid');
 			$customer_mysqls = Database::pexecute_first($customer_mysqls_stmt, array(
@@ -181,6 +182,7 @@ class User
 			));
 			$customer['email_quota_used_new'] = (int) $customer_email_quota['email_quota'];

+			// update database accordingly
 			$stmt = Database::prepare('UPDATE `' . TABLE_PANEL_CUSTOMERS . '`
 			SET `mysqls_used` = :mysqls_used,
 				`emails_used` = :emails_used,
@@ -211,63 +213,56 @@ class User
 		$admins_stmt = Database::prepare('SELECT * FROM `' . TABLE_PANEL_ADMINS . '` ORDER BY `adminid`');
 		Database::pexecute($admins_stmt, array());

+		$resource_fields = array(
+			'diskspace_used',
+			'traffic_used',
+			'mysqls_used',
+			'ftps_used',
+			'emails_used',
+			'email_accounts_used',
+			'email_forwarders_used',
+			'email_quota_used',
+			'subdomains_used'
+		);
+
+		$admin_customers_stmt = Database::prepare('SELECT * FROM `' . TABLE_PANEL_CUSTOMERS . '` WHERE `adminid` = :aid');
 		while ($admin = $admins_stmt->fetch(\PDO::FETCH_ASSOC)) {
-			$admin_customers_stmt = Database::prepare('SELECT * FROM `' . TABLE_PANEL_CUSTOMERS . '` WHERE `adminid` = :aid');
 			Database::pexecute($admin_customers_stmt, array(
 				"aid" => $admin['adminid']
 			));
 			$admin_customers = $admin_customers_stmt->fetchAll(\PDO::FETCH_ASSOC);
 			$admin['customers_used_new'] = count($admin_customers);

-			$admin_domains_stmt = Database::prepare('SELECT COUNT(*) AS `number_domains` FROM `' . TABLE_PANEL_DOMAINS . '` WHERE `adminid` = :aid');
+			$admin_domains_stmt = Database::prepare('SELECT COUNT(*) AS `number_domains` FROM `' . TABLE_PANEL_DOMAINS . '` WHERE `adminid` = :aid AND `parentdomainid` = "0"');
 			$admin_domains = Database::pexecute_first($admin_domains_stmt, array(
 				"aid" => $admin['adminid']
 			));
-			// substract the amount of domains that are std-subdomains later when we iterated through all customers and now for sure
+			// substract the amount of domains that are std-subdomains later when we iterated through all customers and know for sure
 			$admin['domains_used_new'] = $admin_domains['number_domains'];
-
+			// set current admin
 			$cur_adm = $admin['adminid'];
-
+			// if there's an admin without any customers it might be possible that the id is not yet known in $admin_resources
 			if (! isset($admin_resources[$cur_adm])) {
 				$admin_resources[$cur_adm] = array();
 			}
-
-			foreach (array(
-				'diskspace_used',
-				'traffic_used',
-				'mysqls_used',
-				'ftps_used',
-				'emails_used',
-				'email_accounts_used',
-				'email_forwarders_used',
-				'email_quota_used',
-				'subdomains_used'
-			) as $field) {
+			// be sure that all fields are set in the array
+			foreach ($resource_fields as $field) {
 				self::initArrField($field, $admin_resources[$cur_adm], 0);
-				$admin[$field . '_new'] = $admin_resources[$cur_adm][$field];
+				// initialize new values
+				$admin[$field . '_new'] = 0;
 			}
-
+			// now get the customer resource usage which we have re-calculated previously
 			foreach ($admin_customers as $acustomer) {
-				foreach (array(
-					'diskspace_used',
-					'traffic_used',
-					'mysqls_used',
-					'ftps_used',
-					'emails_used',
-					'email_accounts_used',
-					'email_forwarders_used',
-					'email_quota_used',
-					'subdomains_used'
-				) as $field) {
+				foreach ($resource_fields as $field) {
 					$admin[$field . '_new'] += $acustomer[$field];
 				}
 				// check for std-subdomain
 				if ($acustomer['standardsubdomain'] > 0) {
-					// std-subdomain does not count to assign resource
-					$admin['domains_used_new']--;
+					// std-subdomain does not count as assigned resource
+					$admin['domains_used_new'] --;
 				}
 			}
-
+			// update database entry accordingly
 			$stmt = Database::prepare('UPDATE `' . TABLE_PANEL_ADMINS . '`
 			SET `customers_used` = :customers_used,
 				`domains_used` = :domains_used,
--- a/lib/configfiles/bionic.xml
+++ b/lib/configfiles/bionic.xml
@@ -4625,7 +4625,7 @@ aliases:     files
 						<command><![CDATA[useradd -s /bin/false -g {{settings.system.mod_fcgid_httpgroup}} {{settings.system.mod_fcgid_httpuser}}]]></command>
 						<command><![CDATA[mkdir -p {{settings.system.mod_fcgid_configdir}}]]></command>
 						<command><![CDATA[mkdir -p {{settings.system.mod_fcgid_tmpdir}}]]></command>
-						<command><![CDATA[a2dismod php7.0]]></command>
+						<command><![CDATA[a2dismod php7.2]]></command>
 					</commands>
 					<!-- instead of just restarting apache, we let the cronjob do all the 
 						dirty work -->
--- a/lib/configfiles/buster.xml
+++ b/lib/configfiles/buster.xml
@@ -4827,7 +4827,7 @@ aliases:     files
 						<command><![CDATA[useradd -s /bin/false -g {{settings.system.mod_fcgid_httpgroup}} {{settings.system.mod_fcgid_httpuser}}]]></command>
 						<command><![CDATA[mkdir -p {{settings.system.mod_fcgid_configdir}}]]></command>
 						<command><![CDATA[mkdir -p {{settings.system.mod_fcgid_tmpdir}}]]></command>
-						<command><![CDATA[a2dismod php7.0]]></command>
+						<command><![CDATA[a2dismod php7.3]]></command>
 					</commands>
 					<!-- instead of just restarting apache, we let the cronjob do all the 
 						dirty work -->
@@ -4860,7 +4860,7 @@ aliases:     files
 						</visibility>
 						<visibility mode="true">{{settings.phpfpm.enabled_ownvhost}}
 						</visibility>
-						<command><![CDATA[a2dismod php7.0]]></command>
+						<command><![CDATA[a2dismod php7.3]]></command>
 					</commands>
 					<commands index="5">
 						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
--- a/lib/configfiles/rhel_centos.xml
+++ b/lib/configfiles/rhel_centos.xml
@@ -1,7 +1,39 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <froxlor>
-	<distribution name="RHEL / CentOS" version="7"
+	<distribution name="CentOS" version="7"
 		defaulteditor="/usr/bin/nano">
+      <defaults>
+        <property>
+          <varname>apacheconf_vhost</varname>
+          <settinggroup>system</settinggroup>
+          <value>/etc/httpd/conf.d/</value>
+        </property>
+        <property>
+          <varname>apacheconf_diroptions</varname>
+          <settinggroup>system</settinggroup>
+          <value>/etc/httpd/conf.d/</value>
+        </property>
+        <property>
+          <varname>apacheconf_htpasswddir</varname>
+          <settinggroup>system</settinggroup>
+          <value>/etc/httpd/froxlor-htpasswd/</value>
+        </property>
+        <property>
+          <varname>apachereload_command</varname>
+          <settinggroup>system</settinggroup>
+          <value>systemctl reload-or-restart httpd.service</value>
+        </property>
+        <property>
+          <varname>bindreload_command</varname>
+          <settinggroup>system</settinggroup>
+          <value>systemctl reload-or-restart named.service</value>
+        </property>
+        <property>
+          <varname>crondreload</varname>
+          <settinggroup>system</settinggroup>
+          <value>systemctl reload-or-restart crond.service</value>
+        </property>
+      </defaults>
 		<services>
 			<!-- HTTP -->
 			<service type="http" title="{{lng.admin.configfiles.http}}">
@@ -61,6 +93,20 @@ Alias "/.well-known/acme-challenge" "{{settings.system.letsencryptchallengepath}
 					<command><![CDATA[systemctl reload-or-restart httpd.service]]></command>
 				</daemon>
 			</service>
+			<!--DNS -->
+			<service type="dns" title="{{lng.admin.configfiles.dns}}">
+				<!--Bind9 -->
+				<daemon name="bind" title="Bind9 nameserver" default="true">
+					<install><![CDATA[yum install bind]]></install>
+					<command><![CDATA[ln -sv /etc/named /etc/bind]]></command>
+					<command><![CDATA[echo "include \"/etc/named.conf.local\";" >> /etc/named.conf]]></command>
+					<command><![CDATA[echo "include \"{{settings.system.bindconf_directory}}froxlor_bind.conf\";" >> /etc/named.conf.local]]></command>
+					<command><![CDATA[touch {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
+					<command><![CDATA[chown named:0 {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
+					<command><![CDATA[chmod 0644 {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
+					<command><![CDATA[systemctl restart named]]></command>
+				</daemon>
+			</service>
 			<!-- SMTP services -->
 			<service type="smtp" title="{{lng.admin.configfiles.smtp}}">
 				<!-- general SMTP commands -->
@@ -1825,6 +1871,7 @@ iterate_query = SELECT username AS user FROM mail_users
 				<!-- Proftpd -->
 				<daemon name="proftpd" version="1.3" title="ProFTPd"
 					default="true">
+          <install><![CDATA[yum --enablerepo=extras install epel-release]]></install>
 					<install><![CDATA[yum install proftpd proftpd-mysql]]></install>
 					<file name="/etc/proftpd.conf" chown="root:0"
 						chmod="0600" backup="true">
@@ -2295,9 +2342,10 @@ ControlsLog			/var/log/proftpd/controls.log
 				<!-- AWstats -->
 				<daemon name="awstats"
 					title="Awstats (webalizer alternative)">
+          <install><![CDATA[yum install awstats]]></install>
 					<command><![CDATA[sed -i.bak 's/^DirData/# DirData/' {{settings.system.awstats_conf}}/awstats.model.conf]]></command>
 					<command><![CDATA[sed -i.bak 's|^\\(DirIcons=\\).*$|\\1\\"/awstats-icon\\"|' {{settings.system.awstats_conf}}/awstats.model.conf]]></command>
-					<command><![CDATA[rm /etc/cron.d/awstats]]></command>
+					<command><![CDATA[rm /etc/cron.hourly/awstats]]></command>
 				</daemon>
 				<!-- libnss-mysql -->
 				<daemon name="libnss"
--- a/lib/configfiles/centos8.xml
+++ b/lib/configfiles/centos8.xml
--- a/lib/configfiles/focal.xml
+++ b/lib/configfiles/focal.xml
--- a/lib/configfiles/trusty.xml
+++ b/lib/configfiles/trusty.xml
--- a/lib/configfiles/xenial.xml
+++ b/lib/configfiles/xenial.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <froxlor>
 	<distribution name="Ubuntu" codename="Xenial"
-		version="16.04" defaulteditor="/bin/nano">
+		version="16.04" defaulteditor="/bin/nano" deprecated="true">
 		<services>
 			<!-- HTTP -->
 			<service type="http" title="{{lng.admin.configfiles.http}}">
--- a/lib/formfields/admin/domains/formfield.domains_add.php
+++ b/lib/formfields/admin/domains/formfield.domains_add.php
@@ -180,6 +180,20 @@ return array(
 				'image' => 'icons/domain_add.png',
 				'visible' => \Froxlor\Settings::Get('system.use_ssl') == '1' ? true : false,
 				'fields' => array(
+					'sslenabled' => array(
+						'visible' => ($ssl_ipsandports != '' ? true : false),
+						'label' => $lng['admin']['domain_sslenabled'],
+						'type' => 'checkbox',
+						'values' => array(
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							'1'
+						)
+					),
 					'no_ssl_available_info' => array(
 						'visible' => ($ssl_ipsandports == '' ? true : false),
 						'label' => 'SSL',
@@ -251,7 +265,6 @@ return array(
 						'desc' => $lng['serversettings']['ssl']['ssl_protocols']['description'],
 						'type' => 'checkbox',
 						'value' => array(
-							'TLSv1',
 							'TLSv1.2'
 						),
 						'values' => array(
@@ -356,6 +369,32 @@ return array(
 							)
 						),
 						'value' => array()
+					),
+					'honorcipherorder' => array(
+						'visible' => ($ssl_ipsandports != '' ? true : false),
+						'label' => $lng['admin']['domain_honorcipherorder'],
+						'type' => 'checkbox',
+						'values' => array(
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array()
+					),
+					'sessiontickets' => array(
+						'visible' => ($ssl_ipsandports != '' ? true : false) && \Froxlor\Settings::Get('system.webserver') != 'lighttpd' && \Froxlor\Settings::Get('system.sessionticketsenabled' != '1'),
+						'label' => $lng['admin']['domain_sessiontickets'],
+						'type' => 'checkbox',
+						'values' => array(
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							'1'
+						)
 					)
 				)
 			),
--- a/lib/formfields/admin/domains/formfield.domains_edit.php
+++ b/lib/formfields/admin/domains/formfield.domains_edit.php
@@ -159,7 +159,7 @@ return array(
 							)
 						),
 						'value' => array(
-							'1'
+							\Froxlor\Settings::Get('system.apply_specialsettings_default') == 1 ? '1' : ''
 						)
 					),
 					'notryfiles' => array(
@@ -212,6 +212,20 @@ return array(
 				'image' => 'icons/domain_edit.png',
 				'visible' => \Froxlor\Settings::Get('system.use_ssl') == '1' ? true : false,
 				'fields' => array(
+					'sslenabled' => array(
+						'visible' => ($ssl_ipsandports != '' ? true : false),
+						'label' => $lng['admin']['domain_sslenabled'],
+						'type' => 'checkbox',
+						'values' => array(
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							$result['ssl_enabled']
+						)
+					),
 					'no_ssl_available_info' => array(
 						'visible' => ($ssl_ipsandports == '' ? true : false),
 						'label' => 'SSL',
@@ -290,7 +304,7 @@ return array(
 						'label' => $lng['serversettings']['ssl']['ssl_protocols']['title'],
 						'desc' => $lng['serversettings']['ssl']['ssl_protocols']['description'],
 						'type' => 'checkbox',
-						'value' => !empty($result['ssl_protocols']) ? explode(",", $result['ssl_protocols']) : explode(",", \Froxlor\Settings::Get('system.ssl_protocols')),
+						'value' => ! empty($result['ssl_protocols']) ? explode(",", $result['ssl_protocols']) : explode(",", \Froxlor\Settings::Get('system.ssl_protocols')),
 						'values' => array(
 							array(
 								'value' => 'TLSv1',
@@ -316,14 +330,14 @@ return array(
 						'label' => $lng['serversettings']['ssl']['ssl_cipher_list']['title'],
 						'desc' => $lng['serversettings']['ssl']['ssl_cipher_list']['description'],
 						'type' => 'text',
-						'value' => !empty($result['ssl_cipher_list']) ? $result['ssl_cipher_list'] : \Froxlor\Settings::Get('system.ssl_cipher_list')
+						'value' => ! empty($result['ssl_cipher_list']) ? $result['ssl_cipher_list'] : \Froxlor\Settings::Get('system.ssl_cipher_list')
 					),
 					'tlsv13_cipher_list' => array(
 						'visible' => (($ssl_ipsandports != '' ? true : false) && $userinfo['change_serversettings'] == '1' && \Froxlor\Settings::Get('system.webserver') == "apache2" && \Froxlor\Settings::Get('system.apache24') == 1 ? true : false),
 						'label' => $lng['serversettings']['ssl']['tlsv13_cipher_list']['title'],
 						'desc' => $lng['serversettings']['ssl']['tlsv13_cipher_list']['description'],
 						'type' => 'text',
-						'value' => !empty($result['tlsv13_cipher_list']) ? $result['tlsv13_cipher_list'] : \Froxlor\Settings::Get('system.tlsv13_cipher_list')
+						'value' => ! empty($result['tlsv13_cipher_list']) ? $result['tlsv13_cipher_list'] : \Froxlor\Settings::Get('system.tlsv13_cipher_list')
 					),
 					'ssl_specialsettings' => array(
 						'visible' => ($userinfo['change_serversettings'] == '1' ? true : false),
@@ -401,6 +415,34 @@ return array(
 						'value' => array(
 							$result['ocsp_stapling']
 						)
+					),
+					'honorcipherorder' => array(
+						'visible' => ($ssl_ipsandports != '' ? true : false),
+						'label' => $lng['admin']['domain_honorcipherorder'],
+						'type' => 'checkbox',
+						'values' => array(
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							$result['ssl_honorcipherorder']
+						)
+					),
+					'sessiontickets' => array(
+						'visible' => ($ssl_ipsandports != '' ? true : false) && \Froxlor\Settings::Get('system.webserver') != 'lighttpd' && \Froxlor\Settings::Get('system.sessionticketsenabled' != '1'),
+						'label' => $lng['admin']['domain_sessiontickets'],
+						'type' => 'checkbox',
+						'values' => array(
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							$result['ssl_sessiontickets']
+						)
 					)
 				)
 			),
@@ -453,7 +495,7 @@ return array(
 							)
 						),
 						'value' => array(
-							'1'
+							\Froxlor\Settings::Get('system.apply_phpconfigs_default') == 1 ? '1' : ''
 						)
 					),
 					'mod_fcgid_starter' => array(
--- a/lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php
+++ b/lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php
@@ -32,13 +32,13 @@ return array(
 						'label' => $lng['serversettings']['phpfpm_settings']['reload'],
 						'type' => 'text',
 						'maxlength' => 255,
-						'value' => 'service php7.0-fpm restart'
+						'value' => 'service php7.3-fpm restart'
 					),
 					'config_dir' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['configdir'],
 						'type' => 'text',
 						'maxlength' => 255,
-						'value' => '/etc/php/7.0/fpm/pool.d/'
+						'value' => '/etc/php/7.3/fpm/pool.d/'
 					),
 					'pm' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['pm'],
@@ -49,25 +49,25 @@ return array(
 						'label' => $lng['serversettings']['phpfpm_settings']['max_children']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['max_children']['description'],
 						'type' => 'int',
-						'value' => 1
+						'value' => 5
 					),
 					'start_servers' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['start_servers']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['start_servers']['description'],
 						'type' => 'int',
-						'value' => 20
+						'value' => 2
 					),
 					'min_spare_servers' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['description'],
 						'type' => 'int',
-						'value' => 5
+						'value' => 1
 					),
 					'max_spare_servers' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['description'],
 						'type' => 'int',
-						'value' => 35
+						'value' => 3
 					),
 					'max_requests' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['max_requests']['title'],
@@ -79,13 +79,20 @@ return array(
 						'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['description'],
 						'type' => 'int',
-						'value' => 30
+						'value' => 10
 					),
 					'limit_extensions' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['description'],
 						'type' => 'text',
 						'value' => '.php'
+					),
+					'custom_config' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['custom_config']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['custom_config']['description'],
+						'type' => 'textarea',
+						'cols' => 50,
+						'rows' => 7
 					)
 				)
 			)
--- a/lib/formfields/admin/phpconfig/formfield.fpmconfig_edit.php
+++ b/lib/formfields/admin/phpconfig/formfield.fpmconfig_edit.php
@@ -87,6 +87,14 @@ return array(
 						'desc' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['description'],
 						'type' => 'text',
 						'value' => $result['limit_extensions']
+					),
+					'custom_config' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['custom_config']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['custom_config']['description'],
+						'type' => 'textarea',
+						'cols' => 50,
+						'rows' => 7,
+						'value' => $result['custom_config']
 					)
 				)
 			)
--- a/Show More
+++ b/Show More