setting version to 0.9.18

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>

actions/admin/settings/100.panel.php

@@ -32,6 +32,17 @@ return array(
 					'option_options_method' => 'getLanguages',
 					'save_method' => 'storeSettingField',
 					),
+				'panel_default_theme' => array(
+					'label' => $lng['serversettings']['default_theme'],
+					'settinggroup' => 'panel',
+					'varname' => 'default_theme',
+					'type' => 'option',
+					'default' => 'Froxlor',
+					'option_mode' => 'one',
+					'option_options' => array('Classic' => 'Classic', 'Froxlor' => 'Froxlor'),
+					/* 'option_options_method' => 'getThemes', // iterate through templates/ and dynamically display all folders found */
+					'save_method' => 'storeSettingField',
+					),
 				'panel_natsorting' => array(
 					'label' => $lng['serversettings']['natsorting'],
 					'settinggroup' => 'panel',
@@ -64,7 +75,7 @@ return array(
 					'type' => 'option',
 					'default' => 'Manual',
 					'option_mode' => 'one',
-					'option_options' => array('Manual' => 'Manual', 'Dropdown' => 'Dropdown'),
+					'option_options' => array('Manual' => $lng['serversettings']['manual'], 'Dropdown' => $lng['serversettings']['dropdown']),
 					'save_method' => 'storeSettingField',
 					),
 				'panel_adminmail' => array(
@@ -77,6 +88,24 @@ return array(
 					'default' => '',
 					'save_method' => 'storeSettingField',
 					),
+				'panel_adminmail_defname' => array(
+					'label' => $lng['serversettings']['adminmail_defname'],
+					'settinggroup' => 'panel',
+					'varname' => 'adminmail_defname',
+					'type' => 'string',
+					'default' => 'Froxlor Administrator',
+					'save_method' => 'storeSettingField',
+					),
+				'panel_adminmail_return' => array(
+					'label' => $lng['serversettings']['adminmail_return'],
+					'settinggroup' => 'panel',
+					'varname' => 'adminmail_return',
+					'type' => 'string',
+					'string_type' => 'mail',
+					'string_emptyallowed' => true,
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					),
 				'panel_decimal_places' => array(
 					'label' => $lng['serversettings']['decimal_places'],
 					'settinggroup' => 'panel',
@@ -133,14 +162,6 @@ return array(
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
-				'admin_froxlor_graphic' => array(
-					'label' => $lng['admin']['froxlor_graphic'],
-					'settinggroup' => 'admin',
-					'varname' => 'froxlor_graphic',
-					'type' => 'string',
-					'default' => '',
-					'save_method' => 'storeSettingField',
-					),
 				'panel_allow_domain_change_admin' => array(
 					'label' => $lng['serversettings']['panel_allow_domain_change_admin'],
 					'settinggroup' => 'panel',

actions/admin/settings/110.accounts.php

@@ -38,6 +38,14 @@ return array(
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
+				'login_domain_login' => array(
+					'label' => $lng['serversettings']['login_domain_login'],
+					'settinggroup' => 'login',
+					'varname' => 'domain_login',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
 				'login_maxloginattempts' => array(
 					'label' => $lng['serversettings']['maxloginattempts'],
 					'settinggroup' => 'login',
@@ -54,6 +62,23 @@ return array(
 					'default' => 900,
 					'save_method' => 'storeSettingField',
 					),
+				'panel_password_min_length' => array(
+					'label' => $lng['serversettings']['panel_password_min_length'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_min_length',
+					'type' => 'int',
+					'default' => 0,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_regex' => array(
+					'label' => $lng['serversettings']['panel_password_regex'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_regex',
+					'type' => 'string',
+					'default' => '',
+					/* 'plausibility_check_method' => 'checkValidRegEx', */
+					'save_method' => 'storeSettingField',
+					),
 				'customer_accountprefix' => array(
 					'label' => $lng['serversettings']['accountprefix'],
 					'settinggroup' => 'customer',
@@ -95,6 +120,14 @@ return array(
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
+					'dependency' => array(
+							'fieldname' => 'panel_allow_preset_admin',
+							'fielddata' => array(
+								'settinggroup' => 'panel',
+								'varname' => 'allow_preset_admin',
+							),
+							'onlyif' => 0
+						)
 					),
 				'panel_allow_preset_admin' => array(
 					'label' => $lng['serversettings']['allow_password_reset_admin'],
@@ -103,6 +136,14 @@ return array(
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
+					'dependency' => array(
+							'fieldname' => 'panel_allow_preset',
+							'fielddata' => array(
+								'settinggroup' => 'panel',
+								'varname' => 'allow_preset',
+							),
+							'onlyif' => 1
+						)
 					),
 				),
 			),

actions/admin/settings/120.system.php

@@ -29,6 +29,7 @@ return array(
 					'type' => 'string',
 					'default' => '/var/customers/webs/',
 					'save_method' => 'storeSettingField',
+					'plausibility_check_method' => 'checkPathConflicts'
 					),
 				'system_ipaddress' => array(
 					'label' => $lng['serversettings']['ipaddress'],
@@ -58,6 +59,22 @@ return array(
 					'default' => '',
 					'save_method' => 'storeSettingHostname',
 					),
+				'system_froxlordirectlyviahostname' => array(
+					'label' => $lng['serversettings']['froxlordirectlyviahostname'],
+					'settinggroup' => 'system',
+					'varname' => 'froxlordirectlyviahostname',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'system_stdsubdomain' => array(
+					'label' => $lng['serversettings']['stdsubdomainhost'],
+					'settinggroup' => 'system',
+					'varname' => 'stdsubdomain',
+					'type' => 'string',
+					'default' => '',
+					'save_method' => 'storeSettingHostname',
+					),
 				'system_mysql_access_host' => array(
 					'label' => $lng['serversettings']['mysql_access_host'],
 					'settinggroup' => 'system',
@@ -67,15 +84,6 @@ return array(
 					'plausibility_check_method' => 'checkMysqlAccessHost',
 					'save_method' => 'storeSettingMysqlAccessHost',
 					),
-				'system_realtime_port' => array(
-					'label' => $lng['serversettings']['system_realtime_port'],
-					'settinggroup' => 'system',
-					'varname' => 'realtime_port',
-					'type' => 'int',
-					'int_max' => 65535,
-					'default' => 0,
-					'save_method' => 'storeSettingField',
-					),
 				'system_index_file_extension' => array(
 					'label' => $lng['serversettings']['index_file_extension'],
 					'settinggroup' => 'system',
@@ -85,6 +93,14 @@ return array(
 					'default' => 'html',
 					'save_method' => 'storeSettingField',
 					),
+				'system_store_index_file_subs' => array(
+					'label' => $lng['serversettings']['system_store_index_file_subs'],
+					'settinggroup' => 'system',
+					'varname' => 'store_index_file_subs',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
 				'system_httpuser' => array(
 					'settinggroup' => 'system',
 					'varname' => 'httpuser',
@@ -97,6 +113,35 @@ return array(
 					'type' => 'hidden',
 					'default' => 'www-data',
 					),
+				'system_report_enable' => array(
+					'label' => $lng['serversettings']['report']['report'],
+					'settinggroup' => 'system',
+					'varname' => 'report_enable',
+					'type' => 'bool',
+					'default' => true,
+					'cronmodule' => 'froxlor/reports',
+					'save_method' => 'storeSettingField',
+					),
+				'system_report_webmax' => array(
+					'label' => $lng['serversettings']['report']['webmax'],
+					'settinggroup' => 'system',
+					'varname' => 'report_webmax',
+					'type' => 'int',
+					'int_min' => 1,
+					'int_max' => 99,
+					'default' => 90,
+					'save_method' => 'storeSettingField',
+					),
+				'system_report_trafficmax' => array(
+					'label' => $lng['serversettings']['report']['trafficmax'],
+					'settinggroup' => 'system',
+					'varname' => 'report_trafficmax',
+					'type' => 'int',
+					'int_min' => 1,
+					'int_max' => 99,
+					'default' => 90,
+					'save_method' => 'storeSettingField',
+					),
 				'system_debug_cron' => array(
 					'label' => $lng['serversettings']['cron']['debug'],
 					'settinggroup' => 'system',

actions/admin/settings/130.webserver.php

@@ -27,9 +27,26 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'webserver',
 					'type' => 'option',
-					'default' => 'Apache2',
+					'default' => 'apache2',
 					'option_mode' => 'one',
-					'option_options' => array('apache2' => 'Apache 2', 'lighttpd' => 'ligHTTPd'),
+					'option_options' => array('apache2' => 'Apache 2', 'lighttpd' => 'ligHTTPd', 'nginx' => 'Nginx'),
+					'save_method' => 'storeSettingField',
+					'overview_option' => true
+					),
+				'system_httpuser' => array(
+					'label' => $lng['admin']['webserver_user'],
+					'settinggroup' => 'system',
+					'varname' => 'httpuser',
+					'type' => 'string',
+					'default' => 'www-data',
+					'save_method' => 'storeSettingField',
+					),
+				'system_httpgroup' => array(
+					'label' => $lng['admin']['webserver_group'],
+					'settinggroup' => 'system',
+					'varname' => 'httpgroup',
+					'type' => 'string',
+					'default' => 'www-data',
 					'save_method' => 'storeSettingField',
 					),
 				'system_apacheconf_vhost' => array(
@@ -59,22 +76,6 @@ return array(
 					'default' => '/etc/apache2/htpasswd/',
 					'save_method' => 'storeSettingField',
 					),
-				'system_apachereload_command' => array(
-					'label' => $lng['serversettings']['apachereload_command'],
-					'settinggroup' => 'system',
-					'varname' => 'apachereload_command',
-					'type' => 'string',
-					'default' => '/etc/init.d/apache2 reload',
-					'save_method' => 'storeSettingField',
-					),
-				'system_mod_log_sql' => array(
-					'label' => $lng['serversettings']['mod_log_sql'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_log_sql',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					),
 				'system_logfiles_directory' => array(
 					'label' => $lng['serversettings']['logfiles_directory'],
 					'settinggroup' => 'system',
@@ -111,6 +112,104 @@ return array(
 					'default' => '',
 					'save_method' => 'storeSettingField',
 					),
+				'system_apachereload_command' => array(
+					'label' => $lng['serversettings']['apachereload_command'],
+					'settinggroup' => 'system',
+					'varname' => 'apachereload_command',
+					'type' => 'string',
+					'default' => '/etc/init.d/apache2 reload',
+					'save_method' => 'storeSettingField',
+					),
+				'system_phpreload_command' => array(
+					'label' => $lng['serversettings']['phpreload_command'],
+					'settinggroup' => 'system',
+					'varname' => 'phpreload_command',
+					'type' => (getSetting('phpfpm', 'enabled') == '1') ? 'hidden' : 'string',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('nginx')
+					),
+				'system_nginx_php_backend' => array(
+					'label' => $lng['serversettings']['nginx_php_backend'],
+					'settinggroup' => 'system',
+					'varname' => 'nginx_php_backend',
+					'type' => (getSetting('phpfpm', 'enabled') == '1') ? 'hidden' : 'string',
+					'default' => '127.0.0.1:8888',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('nginx')
+					),
+				'system_mod_log_sql' => array(
+					'label' => $lng['serversettings']['mod_log_sql'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_log_sql',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2')
+					),
+				'defaultwebsrverrhandler_enabled' => array(
+					'label' => $lng['serversettings']['defaultwebsrverrhandler_enabled'],
+					'settinggroup' => 'defaultwebsrverrhandler',
+					'varname' => 'enabled',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'defaultwebsrverrhandler_err401' => array(
+					'label' => $lng['serversettings']['defaultwebsrverrhandler_err401'],
+					'settinggroup' => 'defaultwebsrverrhandler',
+					'varname' => 'err401',
+					'type' => 'string',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2', 'nginx')
+					),
+				'defaultwebsrverrhandler_err403' => array(
+					'label' => $lng['serversettings']['defaultwebsrverrhandler_err403'],
+					'settinggroup' => 'defaultwebsrverrhandler',
+					'varname' => 'err403',
+					'type' => 'string',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2', 'nginx')
+					),
+				'defaultwebsrverrhandler_err404' => array(
+					'label' => $lng['serversettings']['defaultwebsrverrhandler_err404'],
+					'settinggroup' => 'defaultwebsrverrhandler',
+					'varname' => 'err404',
+					'type' => 'string',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					),
+				'defaultwebsrverrhandler_err500' => array(
+					'label' => $lng['serversettings']['defaultwebsrverrhandler_err500'],
+					'settinggroup' => 'defaultwebsrverrhandler',
+					'varname' => 'err500',
+					'type' => 'string',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2', 'nginx')
+					),
+				'customredirect_enabled' => array(
+					'label' => $lng['serversettings']['customredirect_enabled'],
+					'settinggroup' => 'customredirect',
+					'varname' => 'enabled',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2', 'lighttpd')
+					),
+				'customredirect_default' => array(
+					'label' => $lng['serversettings']['customredirect_default'],
+					'settinggroup' => 'customredirect',
+					'varname' => 'default',
+					'type' => 'option',
+					'default' => '1',
+					'option_mode' => 'one',
+					'option_options_method' => 'getRedirectCodes',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2', 'lighttpd')
+					),
 				),
 			),
 		'ssl' => array(
@@ -123,6 +222,7 @@ return array(
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
+					'overview_option' => true
 					),
 				'system_ssl_cert_file' => array(
 					'label' => $lng['serversettings']['ssl']['ssl_cert_file'],
@@ -154,6 +254,16 @@ return array(
 					'default' => '',
 					'save_method' => 'storeSettingField',
 					),
+				'system_ssl_cert_chainfile' => array(
+					'label' => $lng['admin']['ipsandports']['ssl_cert_chainfile'],
+					'settinggroup' => 'system',
+					'varname' => 'ssl_cert_chainfile',
+					'type' => 'string',
+					'string_type' => 'file',
+					'string_emptyallowed' => true,
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					),
 				'system_ssl_openssl_cnf' => array(
 					'label' => $lng['serversettings']['ssl']['openssl_cnf'],
 					'settinggroup' => 'system',

actions/admin/settings/135.fcgid.php

@@ -0,0 +1,143 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ * @version    $Id$
+ */
+
+return array(
+	'groups' => array(
+		'fcgid' => array(
+			'title' => $lng['admin']['fcgid_settings'],
+			'websrv_avail' => array('apache2', 'lighttpd'),
+			'fields' => array(
+				'system_mod_fcgid_enabled' => array(
+					'label' => $lng['serversettings']['mod_fcgid'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'plausibility_check_method' => 'checkFcgidPhpFpm',
+					'overview_option' => true
+					),					
+				'system_mod_fcgid_configdir' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['configdir'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_configdir',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => '/var/www/php-fcgi-scripts/',
+					'plausibility_check_method' => 'checkPathConflicts',
+					'save_method' => 'storeSettingField',
+					),
+				'system_mod_fcgid_tmpdir' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['tmpdir'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_tmpdir',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => '/var/customers/tmp/',
+					'save_method' => 'storeSettingField',
+					),
+				'system_mod_fcgid_peardir' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['peardir'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_peardir',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'string_delimiter' => ':',
+					'string_emptyallowed' => true,
+					'default' => '/usr/share/php/:/usr/share/php5/',
+					'save_method' => 'storeSettingField',
+					),
+				'system_mod_fcgid_wrapper' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['wrapper'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_wrapper',
+					'type' => 'option',
+					'option_options' => array(0 => 'ScriptAlias', 1=> 'FCGIWrapper'),
+					'default' => 1,
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2')
+					),
+				'system_mod_fcgid_starter' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['starter'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_starter',
+					'type' => 'int',
+					'default' => 0,
+					'save_method' => 'storeSettingField',
+					),
+				'system_mod_fcgid_maxrequests' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['maxrequests'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_maxrequests',
+					'type' => 'int',
+					'default' => 250,
+					'save_method' => 'storeSettingField',
+					),
+				'system_mod_fcgid_defaultini' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['defaultini'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_defaultini',
+					'type' => 'option',
+					'default' => '1',
+					'option_mode' => 'one',
+					'option_options_method' => 'getPhpConfigs',
+					'save_method' => 'storeSettingField',
+					),
+				'system_mod_fcgid_enabled_ownvhost' => array(
+					'label' => $lng['serversettings']['mod_fcgid_ownvhost'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_ownvhost',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2')
+					),
+				'system_mod_fcgid_httpuser' => array(
+					'label' => $lng['admin']['mod_fcgid_user'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_httpuser',
+					'type' => 'string',
+					'default' => 'froxlorlocal',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2')
+					),
+				'system_mod_fcgid_httpgroup' => array(
+					'label' => $lng['admin']['mod_fcgid_group'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_httpgroup',
+					'type' => 'string',
+					'default' => 'froxlorlocal',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2')
+					),
+				'system_mod_fcgid_defaultini_ownvhost' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['defaultini_ownvhost'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_defaultini_ownvhost',
+					'type' => 'option',
+					'default' => '1',
+					'option_mode' => 'one',
+					'option_options_method' => 'getPhpConfigs',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2')
+					),
+				)
+			)
+		)
+	);
+
+?>

actions/admin/settings/136.phpfpm.php

@@ -0,0 +1,161 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ * @version    $Id$
+ */
+
+return array(
+	'groups' => array(
+		'phpfpm' => array(
+			'title' => $lng['admin']['phpfpm_settings'],
+			'fields' => array(
+				'system_phpfpm_enabled' => array(
+					'label' => $lng['serversettings']['phpfpm'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'enabled',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'plausibility_check_method' => 'checkFcgidPhpFpm',
+					'overview_option' => true
+					),
+				'system_phpfpm_enabled_ownvhost' => array(
+					'label' => $lng['phpfpm']['ownvhost'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'enabled_ownvhost',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField'
+					),
+				'system_phpfpm_httpuser' => array(
+					'label' => $lng['phpfpm']['vhost_httpuser'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'vhost_httpuser',
+					'type' => 'string',
+					'default' => 'froxlorlocal',
+					'save_method' => 'storeSettingField'
+					),
+				'system_phpfpm_httpgroup' => array(
+					'label' => $lng['phpfpm']['vhost_httpgroup'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'vhost_httpgroup',
+					'type' => 'string',
+					'default' => 'froxlorlocal',
+					'save_method' => 'storeSettingField'
+					),
+				/*
+				 * @TODO implement if phpfpm knows custom php.ini files
+				 * 
+				'system_phpfpm_defaultini_ownvhost' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['defaultini_ownvhost'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'vhost_defaultini',
+					'type' => 'option',
+					'default' => '1',
+					'option_mode' => 'one',
+					'option_options_method' => 'getPhpConfigs',
+					'save_method' => 'storeSettingField',
+					),
+				*/
+				'system_phpfpm_configdir' => array(
+					'label' => $lng['serversettings']['phpfpm_settings']['configdir'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'configdir',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => '/etc/php-fpm.d/',
+					'save_method' => 'storeSettingField',
+					),
+				'system_phpfpm_tmpdir' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['tmpdir'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'tmpdir',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => '/var/customers/tmp/',
+					'save_method' => 'storeSettingField',
+					),
+				'system_phpfpm_peardir' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['peardir'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'peardir',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => '/usr/share/php/:/usr/share/php5/',
+					'save_method' => 'storeSettingField',
+					),
+				'system_phpfpm_reload' => array(
+					'label' => $lng['serversettings']['phpfpm_settings']['reload'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'reload',
+					'type' => 'string',
+					'default' => '/etc/init.d/php-fpm restart',
+					'save_method' => 'storeSettingField',
+					),
+				'system_phpfpm_pm' => array(
+					'label' => $lng['serversettings']['phpfpm_settings']['pm'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'pm',
+					'type' => 'option',
+					'default' => 'static',
+					'option_mode' => 'one',
+					'option_options' => array('static' => 'static', 'dynamic' => 'dynamic'),
+					'save_method' => 'storeSettingField',
+					),
+				'system_phpfpm_max_children' => array(
+					'label' => $lng['serversettings']['phpfpm_settings']['max_children'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'max_children',
+					'type' => 'int',
+					'default' => 1,
+					'save_method' => 'storeSettingField',
+					),
+				'system_phpfpm_start_servers' => array(
+					'label' => $lng['serversettings']['phpfpm_settings']['start_servers'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'start_servers',
+					'type' => 'int',
+					'default' => 20,
+					'save_method' => 'storeSettingField',
+					),
+				'system_phpfpm_min_spare_servers' => array(
+					'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'min_spare_servers',
+					'type' => 'int',
+					'default' => 5,
+					'save_method' => 'storeSettingField',
+					),
+				'system_phpfpm_max_spare_servers' => array(
+					'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'max_spare_servers',
+					'type' => 'int',
+					'default' => 35,
+					'save_method' => 'storeSettingField',
+					),
+				'system_phpfpm_max_requests' => array(
+					'label' => $lng['serversettings']['phpfpm_settings']['max_requests'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'max_requests',
+					'type' => 'int',
+					'default' => 0,
+					'save_method' => 'storeSettingField',
+					),
+				),
+			),
+		),
+	);
+
+?>

actions/admin/settings/137.perl.php

@@ -0,0 +1,64 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ * @version    $Id$
+ */
+
+return array(
+	'groups' => array(
+		'perl' => array(
+			'title' => $lng['admin']['perl_settings'],
+			'fields' => array(
+				'perl_path' => array(
+					'label' => $lng['serversettings']['perl_path'],
+					'settinggroup' => 'system',
+					'varname' => 'perl_path',
+					'type' => 'string',
+					'default' => '/usr/bin/perl',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('lighttpd')
+					),	
+				'system_perl_suexecworkaround' => array(
+					'label' => $lng['serversettings']['perl']['suexecworkaround'],
+					'settinggroup' => 'perl',
+					'varname' => 'suexecworkaround',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2')
+					),
+				'system_perl_suexeccgipath' => array(
+					'label' => $lng['serversettings']['perl']['suexeccgipath'],
+					'settinggroup' => 'perl',
+					'varname' => 'suexecpath',
+					'type' => 'string',
+					'default' => '/var/www/cgi-bin/',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2')
+					),
+				'perl_server' => array(
+					'label' => $lng['serversettings']['perl_server'],
+					'settinggroup' => 'serversettings',
+					'varname' => 'perl_server',
+					'type' => 'string',
+					'default' => 'unix:/var/run/nginx/cgiwrap-dispatch.sock',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('nginx')
+					),
+				),
+			),
+		),
+	);
+
+?>

actions/admin/settings/140.statistics.php

@@ -40,45 +40,45 @@ return array(
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
-				'system_awstats_domain_file' => array(
-					'label' => $lng['serversettings']['awstats_domain_file'],
-					'settinggroup' => 'system',
-					'varname' => 'awstats_domain_file',
-					'type' => 'string',
-					'string_type' => 'dir',
-					'default' => '/etc/awstats/',
-					'save_method' => 'storeSettingField',
-					),
-				'system_awstats_model_file' => array(
-					'label' => $lng['serversettings']['awstats_model_file'],
-					'settinggroup' => 'system',
-					'varname' => 'awstats_model_file',
-					'type' => 'string',
-					'string_type' => 'file',
-					'default' => '/etc/awstats/awstats.model.conf.syscp',
-					'save_method' => 'storeSettingField',
-					),
 				'system_awstats_path' => array(
 					'label' => $lng['serversettings']['awstats_path'],
 					'settinggroup' => 'system',
 					'varname' => 'awstats_path',
 					'type' => 'string',
 					'string_type' => 'dir',
-					'default' => '/usr/share/awstats/VERSION/webroot/cgi-bin/',
+					'default' => '/usr/bin/',
 					'save_method' => 'storeSettingField',
 					),
-				'system_awstats_updateall_command' => array(
+				'system_awstats_awstatspath' => array(
-					'label' => $lng['serversettings']['awstats_updateall_command'],
+					'label' => $lng['serversettings']['awstats_awstatspath'],
 					'settinggroup' => 'system',
-					'varname' => 'awstats_updateall_command',
+					'varname' => 'awstats_awstatspath',
 					'type' => 'string',
-					'string_type' => 'file',
+					'string_type' => 'dir',
-					'default' => '/usr/bin/awstats_updateall.pl',
+					'default' => '/usr/bin/',
 					'save_method' => 'storeSettingField',
 					),
+				'system_awstats_conf' => array(
+					'label' => $lng['serversettings']['awstats_conf'],
+					'settinggroup' => 'system',
+					'varname' => 'awstats_conf',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => '/etc/awstats/',
+					'save_method' => 'storeSettingField',
 					),
-			),
+				'system_awstats_icons' => array(
-		),
+					'label' => $lng['serversettings']['awstats_icons'],
+					'settinggroup' => 'system',
+					'varname' => 'awstats_icons',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => '/usr/share/awstats/icon/',
+					'save_method' => 'storeSettingField',
+					)
+				)
+			)
+		)
 	);
 
 ?>

actions/admin/settings/150.mail.php

@@ -75,7 +75,7 @@ return array(
 					'default' => 100,
 					'save_method' => 'storeSettingField',
 					),
-				'systen_autoresponder_enabled' => array(
+				'system_autoresponder_enabled' => array(
 					'label' => $lng['serversettings']['autoresponder_active'],
 					'settinggroup' => 'autoresponder',
 					'varname' => 'autoresponder_active',
@@ -84,7 +84,7 @@ return array(
 					'cronmodule' => 'froxlor/autoresponder',
 					'save_method' => 'storeSettingField',
 					),
-				'systen_last_autoresponder_run' => array(
+				'system_last_autoresponder_run' => array(
 					'settinggroup' => 'autoresponder',
 					'varname' => 'last_autoresponder_run',
 					'type' => 'hidden',

actions/admin/settings/155.ftpserver.php

@@ -0,0 +1,40 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ * @version    $Id: 220.ftpserver.php 1 2010-04-07 10:00:00Z monotek $
+ */
+
+return array(
+	'groups' => array(
+	'ftpserver' => array(
+			'title' => $lng['admin']['ftpserversettings'],
+			'fields' => array(
+				'ftpserver' => array(
+					'label' => $lng['admin']['ftpserver'],
+					'settinggroup' => 'system',
+					'varname' => 'ftpserver',
+					'type' => 'option',
+					'default' => 'proftpd',
+					'option_mode' => 'one',
+					'option_options' => array('proftpd' => 'Proftpd', 'pureftpd' => 'Pureftpd'),
+					'save_method' => 'storeSettingField',
+				),
+			),
+		),
+	)
+);
+
+?>

actions/admin/settings/160.nameserver.php

@@ -59,6 +59,24 @@ return array(
 					'default' => '',
 					'save_method' => 'storeSettingField',
 					),
+				'system_dns_createmailentry' => array(
+					'label' => $lng['serversettings']['mail_also_with_mxservers'],
+					'settinggroup' => 'system',
+					'varname' => 'dns_createmailentry',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField'
+					),
+				'system_defaultttl' => array(
+					'label' => $lng['serversettings']['defaultttl'],
+					'settinggroup' => 'system',
+					'varname' => 'defaultttl',
+					'type' => 'int',
+					'default' => 604800, /* 1 week */
+					'int_min' => 3600, /* 1 hour */
+					'int_max' => 2147483647, /* integer max */
+					'save_method' => 'storeSettingField',
+					),
 				),
 			),
 		),

actions/admin/settings/170.logger.php

@@ -29,6 +29,7 @@ return array(
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
+					'overview_option' => true
 					),
 				'logger_severity' => array(
 					'label' => $lng['serversettings']['logger']['severity'],

actions/admin/settings/180.dkim.php

@@ -28,7 +28,8 @@ return array(
 					'varname' => 'use_dkim',
 					'type' => 'bool',
 					'default' => false,
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingFieldInsertBindTask',
+					'overview_option' => true
 					),
 				'dkim_prefix' => array(
 					'label' => $lng['dkim']['dkim_prefix'],
@@ -56,6 +57,63 @@ return array(
 					'default' => 'dkim-keys.conf',
 					'save_method' => 'storeSettingField',
 					),
+				'dkim_algorithm' => array(
+					'label' => $lng['dkim']['dkim_algorithm'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_algorithm',
+					'type' => 'option',
+					'default' => 'all',
+					'option_mode' => 'multiple',
+					'option_options' => array('all' => 'All', 'sha1' => 'SHA1', 'sha256' => 'SHA256'),
+					'save_method' => 'storeSettingFieldInsertBindTask',
+					),
+				'dkim_servicetype' => array(
+					'label' => $lng['dkim']['dkim_servicetype'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_servicetype',
+					'type' => 'option',
+					'default' => '0',
+					'option_mode' => 'one',
+					'option_options' => array('0' => 'All', '1' => 'E-Mail'),
+					'save_method' => 'storeSettingFieldInsertBindTask',
+					),
+				'dkim_keylength' => array(
+					'label' => $lng['dkim']['dkim_keylength'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_keylength',
+					'type' => 'option',
+					'default' => '1024',
+					'option_mode' => 'one',
+					'option_options' => array('1024' => '1024 Bit', '2048' => '2048 Bit'),
+					'save_method' => 'storeSettingFieldInsertBindTask',
+					),
+				'dkim_notes' => array(
+					'label' => $lng['dkim']['dkim_notes'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_notes',
+					'type' => 'string',
+					'string_regexp' => '/^[a-z0-9\._]+$/i',
+					'default' => '',
+					'save_method' => 'storeSettingFieldInsertBindTask',
+					),
+				'dkim_add_adsp' => array(
+					'label' => $lng['dkim']['dkim_add_adsp'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_add_adsp',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingFieldInsertBindTask',
+					),
+				'dkim_add_adsppolicy' => array(
+					'label' => $lng['dkim']['dkim_add_adsppolicy'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_add_adsppolicy',
+					'type' => 'option',
+					'default' => '1',
+					'option_mode' => 'one',
+					'option_options' => array('0' => 'Unknown', '1' => 'All', '2' => 'Discardable'),
+					'save_method' => 'storeSettingFieldInsertBindTask',
+					),
 				'dkimrestart_command' => array(
 					'label' => $lng['dkim']['dkimrestart_command'],
 					'settinggroup' => 'dkim',

actions/admin/settings/185.spf.php

@@ -26,7 +26,8 @@ return array(
 					'varname' => 'use_spf',
 					'type' => 'bool',
 					'default' => false,
-					'save_method' => 'storeSettingField'
+					'save_method' => 'storeSettingField',
+					'overview_option' => true
 					),
 				'spf_entry' => array(
 					'label' => $lng['spf']['spf_entry'],

actions/admin/settings/190.ticket.php

@@ -30,6 +30,7 @@ return array(
 					'default' => false,
 					'cronmodule' => 'froxlor/ticket',
 					'save_method' => 'storeSettingField',
+					'overview_option' => true
 					),
 				'ticket_noreply_email' => array(
 					'label' => $lng['serversettings']['ticket']['noreply_email'],
@@ -57,6 +58,7 @@ return array(
 					'option_mode' => 'one',
 					'option_options' => array(0 => html_entity_decode($lng['admin']['tickets']['daily']), 1 => html_entity_decode($lng['admin']['tickets']['weekly']), 2 => html_entity_decode($lng['admin']['tickets']['monthly']), 3 => html_entity_decode($lng['admin']['tickets']['yearly'])),
 					'save_method' => 'storeSettingField',
+					'plausibility_check_method' => 'setCycleOfCronjob',
 					),
 				'ticket_concurrently_open' => array(
 					'label' => $lng['serversettings']['ticket']['concurrentlyopen'],
@@ -124,6 +126,16 @@ return array(
 					'type' => 'hidden',
 					'default' => '',
 					),
+				'ticket_default_priority' => array(
+					'label' => $lng['serversettings']['ticket']['default_priority'],
+					'settinggroup' => 'ticket',
+					'varname' => 'default_priority',
+					'type' => 'option',
+					'default' => 2,
+					'option_mode' => 'one',
+					'option_options' => array(1 => $lng['ticket']['unf_high'], 2 => $lng['ticket']['unf_normal'], 3 => $lng['ticket']['unf_low']),
+					'save_method' => 'storeSettingField', 
+					),
 				),
 			),
 		)

actions/admin/settings/200.aps.php

@@ -30,6 +30,7 @@ return array(
 					'default' => false,
 					'cronmodule' => 'froxlor/aps',
 					'save_method' => 'storeSettingField',
+					'overview_option' => true
 					),
 				'aps_items_per_page' => array(
 					'label' => $lng['aps']['packages_per_page'],
@@ -58,7 +59,7 @@ return array(
 					'type' => 'option',
 					'default' => '',
 					'option_mode' => 'multiple',
-					'option_options' => array('gd' => 'GD Library', 'pcre' => 'PCRE', 'ioncube' => 'ionCube', 'ioncube loader' => 'ionCube Loader', 'curl' => 'curl', 'mcrypt' => 'mcrypt', 'imap' => 'imap'),
+					'option_options' => array('gd' => 'GD Library', 'pcre' => 'PCRE', 'ioncube' => 'ionCube', 'ioncube loader' => 'ionCube Loader', 'curl' => 'curl', 'mcrypt' => 'mcrypt', 'imap' => 'imap', 'json' => 'json', 'ldap' => 'LDAP', 'hash' => 'hash', 'mbstring' => 'mbstring'),
 					'save_method' => 'storeSettingApsPhpExtensions',
 					),
 				'aps_php-function' => array(

actions/admin/settings/210.security.php

@@ -38,68 +38,6 @@ return array(
 					'default' => true,
 					'save_method' => 'storeSettingField',
 					),
-				'system_mod_fcgid_enabled' => array(
-					'label' => $lng['serversettings']['mod_fcgid'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					),
-				'system_mod_fcgid_configdir' => array(
-					'label' => $lng['serversettings']['mod_fcgid']['configdir'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_configdir',
-					'type' => 'string',
-					'string_type' => 'dir',
-					'default' => '/var/www/php-fcgi-scripts/',
-					'save_method' => 'storeSettingField',
-					),
-				'system_mod_fcgid_tmpdir' => array(
-					'label' => $lng['serversettings']['mod_fcgid']['tmpdir'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_tmpdir',
-					'type' => 'string',
-					'string_type' => 'dir',
-					'default' => '/var/customers/tmp/',
-					'save_method' => 'storeSettingField',
-					),
-				'system_mod_fcgid_peardir' => array(
-					'label' => $lng['serversettings']['mod_fcgid']['peardir'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_peardir',
-					'type' => 'string',
-					'string_type' => 'dir',
-					'string_delimiter' => ':',
-					'string_emptyallowed' => true,
-					'default' => '/usr/share/php/:/usr/share/php5/',
-					'save_method' => 'storeSettingField',
-					),
-				'system_mod_fcgid_wrapper' => array(
-					'label' => $lng['serversettings']['mod_fcgid']['wrapper'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_wrapper',
-					'type' => 'option',
-					'option_options' => array(0 => 'ScriptAlias', 1=> 'FCGIWrapper'),
-					'default' => 0,
-					'save_method' => 'storeSettingField',
-					),
-				'system_mod_fcgid_starter' => array(
-					'label' => $lng['serversettings']['mod_fcgid']['starter'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_starter',
-					'type' => 'int',
-					'default' => 0,
-					'save_method' => 'storeSettingField',
-					),
-				'system_mod_fcgid_maxrequests' => array(
-					'label' => $lng['serversettings']['mod_fcgid']['maxrequests'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_maxrequests',
-					'type' => 'int',
-					'default' => 250,
-					'save_method' => 'storeSettingField',
-					),
 				),
 			),
 		),

admin_admins.php

@@ -14,7 +14,7 @@
  * @author     Froxlor team <team@froxlor.org> (2010-)
  * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
  * @package    Panel
- * @version    $Id$
+ * @version    $Id: admin_admins.php 101 2010-12-08 07:03:42Z d00p $
  */
 
 define('AREA', 'admin');
@@ -47,6 +47,7 @@ if($page == 'admins'
 			'diskspace_used' => $lng['customer']['diskspace'] . ' (' . $lng['panel']['used'] . ')',
 			'traffic' => $lng['customer']['traffic'],
 			'traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')',
+/*
 			'mysqls' => $lng['customer']['mysqls'],
 			'mysqls_used' => $lng['customer']['mysqls'] . ' (' . $lng['panel']['used'] . ')',
 			'ftps' => $lng['customer']['ftps'],
@@ -63,6 +64,9 @@ if($page == 'admins'
 			'email_forwarders_used' => $lng['customer']['forwarders'] . ' (' . $lng['panel']['used'] . ')',
 			'email_quota' => $lng['customer']['email_quota'],
 			'email_quota_used' => $lng['customer']['email_quota'] . ' (' . $lng['panel']['used'] . ')',
+			'email_autoresponder' => $lng['customer']['autoresponder'],
+			'email_autoresponder_used' => $lng['customer']['autoresponder'] . ' (' . $lng['panel']['used'] . ')',
+*/
 			'deactivated' => $lng['admin']['deactivated']
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_ADMINS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
@@ -84,7 +88,20 @@ if($page == 'admins'
 				$row['traffic'] = round($row['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
 				$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
 				$row['diskspace'] = round($row['diskspace'] / 1024, $settings['panel']['decimal_places']);
-				$row = str_replace_array('-1', 'UL', $row, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps subdomains tickets');
+
+				/**
+				 * percent-values for progressbar
+				 */
+				if($row['diskspace'] > 0) {
+					$percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
+					$doublepercent = round($percent*2, 2);
+				} else {
+					$percent = 0;
+					$doublepercent = 0;
+				}
+				/* */
+
+				$row = str_replace_array('-1', 'UL', $row, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps subdomains tickets');
 				$row = htmlentities_array($row);
 				eval("\$admins.=\"" . getTemplate("admins/admins_admin") . "\";");
 				$count++;
@@ -93,6 +110,7 @@ if($page == 'admins'
 			$i++;
 		}
 
+		$admincount = $db->num_rows($result);
 		eval("echo \"" . getTemplate("admins/admins") . "\";");
 	}
 	elseif($action == 'su')
@@ -154,6 +172,7 @@ if($page == 'admins'
 
 			$loginname = validate($_POST['loginname'], 'loginname');
 			$password = validate($_POST['admin_password'], 'password');
+			$password = validatePassword($password);
 			$def_language = validate($_POST['def_language'], 'default language');
 			$customers = intval_ressource($_POST['customers']);
 
@@ -211,6 +230,20 @@ if($page == 'admins'
 				$email_quota = - 1;
 			}
 
+			if($settings['autoresponder']['autoresponder_active'] == '1')
+			{
+				$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
+
+				if(isset($_POST['email_autoresponder_ul']))
+				{
+					$email_autoresponder = - 1;
+				}
+			}
+			else
+			{
+				$email_autoresponder = 0;
+			}
+
 			$ftps = intval_ressource($_POST['ftps']);
 
 			if(isset($_POST['ftps_ul']))
@@ -218,13 +251,19 @@ if($page == 'admins'
 				$ftps = - 1;
 			}
 
+			if($settings['ticket']['enabled'] == 1)
+			{
 				$tickets = intval_ressource($_POST['tickets']);
 
-			if(isset($_POST['tickets_ul'])
+				if(isset($_POST['tickets_ul']))
-			   && $settings['ticket']['enabled'] == '1')
 				{
 					$tickets = - 1;
 				}
+			}
+			else
+			{
+				$tickets = 0;
+			}
 
 			$mysqls = intval_ressource($_POST['mysqls']);
 
@@ -336,8 +375,38 @@ if($page == 'admins'
 					$change_serversettings = '0';
 				}
 
-				$result = $db->query("INSERT INTO `" . TABLE_PANEL_ADMINS . "` (`loginname`, `password`, `name`, `email`, `def_language`, `change_serversettings`, `customers`, `customers_see_all`, `domains`, `domains_see_all`, `caneditphpsettings`, `diskspace`, `traffic`, `subdomains`, `emails`, `email_accounts`, `email_forwarders`, `email_quota`, `ftps`, `tickets`, `mysqls`, `ip`, `can_manage_aps_packages`, `aps_packages`)
+				$_theme = $settings['panel']['default_theme'];
-					                   VALUES ('" . $db->escape($loginname) . "', '" . md5($password) . "', '" . $db->escape($name) . "', '" . $db->escape($email) . "','" . $db->escape($def_language) . "', '" . $db->escape($change_serversettings) . "', '" . $db->escape($customers) . "', '" . $db->escape($customers_see_all) . "', '" . $db->escape($domains) . "', '" . $db->escape($domains_see_all) . "', '" . (int)$caneditphpsettings . "', '" . $db->escape($diskspace) . "', '" . $db->escape($traffic) . "', '" . $db->escape($subdomains) . "', '" . $db->escape($emails) . "', '" . $db->escape($email_accounts) . "', '" . $db->escape($email_forwarders) . "', '" . $db->escape($email_quota) . "', '" . $db->escape($ftps) . "', '" . $db->escape($tickets) . "', '" . $db->escape($mysqls) . "', '" . (int)$ipaddress . "', " . (int)$can_manage_aps_packages . ", " . (int)$number_of_aps_packages . ")");
+
+				$result = $db->query("INSERT INTO 
+					`" . TABLE_PANEL_ADMINS . "`
+				SET 
+					`loginname` = '" . $db->escape($loginname) . "', 
+					`password` = '" . md5($password) . "', 
+					`name` = '" . $db->escape($name) . "', 
+					`email` = '" . $db->escape($email) . "', 
+					`def_language` = '" . $db->escape($def_language) . "', 
+					`change_serversettings` = '" . $db->escape($change_serversettings) . "', 
+					`customers` = '" . $db->escape($customers) . "', 
+					`customers_see_all` = '" . $db->escape($customers_see_all) . "', 
+					`domains` = '" . $db->escape($domains) . "', 
+					`domains_see_all` = '" . $db->escape($domains_see_all) . "', 
+					`caneditphpsettings` = '" . (int)$caneditphpsettings . "', 
+					`diskspace` = '" . $db->escape($diskspace) . "', 
+					`traffic` = '" . $db->escape($traffic) . "', 
+					`subdomains` = '" . $db->escape($subdomains) . "', 
+					`emails` = '" . $db->escape($emails) . "', 
+					`email_accounts` = '" . $db->escape($email_accounts) . "', 
+					`email_forwarders` = '" . $db->escape($email_forwarders) . "', 
+					`email_quota` = '" . $db->escape($email_quota) . "', 
+					`ftps` = '" . $db->escape($ftps) . "', 
+					`tickets` = '" . $db->escape($tickets) . "', 
+					`mysqls` = '" . $db->escape($mysqls) . "', 
+					`ip` = '" . (int)$ipaddress . "', 
+					`can_manage_aps_packages` = '" . (int)$can_manage_aps_packages . "', 
+					`aps_packages` = '" . (int)$number_of_aps_packages . "', 
+					`email_autoresponder` = '" . $db->escape($email_autoresponder) . "',
+					`theme` = '".$db->escape($_theme)."';
+				");
 				$adminid = $db->insert_id();
 				$log->logAction(ADM_ACTION, LOG_INFO, "added admin '" . $loginname . "'");
 				redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -379,6 +448,7 @@ if($page == 'admins'
 			$email_accounts_ul = makecheckbox('email_accounts_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$email_forwarders_ul = makecheckbox('email_forwarders_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$email_quota_ul = makecheckbox('email_quota_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+			$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
@@ -389,6 +459,12 @@ if($page == 'admins'
 			$can_manage_aps_packages = makeyesno('can_manage_aps_packages', '1', '0', '0');
 			$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 
+			$admin_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/admin/formfield.admin_add.php';
+			$admin_add_form = htmlform::genHTMLForm($admin_add_data);
+
+			$title = $admin_add_data['admin_add']['title'];
+			$image = $admin_add_data['admin_add']['image'];
+
 			eval("echo \"" . getTemplate("admins/admins_add") . "\";");
 		}
 	}
@@ -417,6 +493,7 @@ if($page == 'admins'
 					$email_accounts = $result['email_accounts'];
 					$email_forwarders = $result['email_forwarders'];
 					$email_quota = $result['email_quota'];
+					$email_autoresponder = $result['email_autoresponder'];
 					$ftps = $result['ftps'];
 					$tickets = $result['tickets'];
 					$mysqls = $result['mysqls'];
@@ -491,6 +568,20 @@ if($page == 'admins'
 						$email_quota = - 1;
 					}
 
+					if($settings['autoresponder']['autoresponder_active'] == '1')
+					{
+						$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
+
+						if(isset($_POST['email_autoresponder_ul']))
+						{
+							$email_autoresponder = - 1;
+						}
+					}
+					else
+					{
+						$email_autoresponder = 0;
+					}
+
 					$ftps = intval_ressource($_POST['ftps']);
 
 					if(isset($_POST['ftps_ul']))
@@ -498,12 +589,19 @@ if($page == 'admins'
 						$ftps = - 1;
 					}
 					
+					if($settings['ticket']['enabled'] == 1)
+					{
 						$tickets = intval_ressource($_POST['tickets']);
 
 						if(isset($_POST['tickets_ul']))
 						{
 							$tickets = - 1;
 						}
+					}
+					else
+					{
+						$tickets = 0;
+					}
 
 					$mysqls = intval_ressource($_POST['mysqls']);
 
@@ -560,6 +658,7 @@ if($page == 'admins'
 				{
 					if($password != '')
 					{
+						$password = validatePassword($password);
 						$password = md5($password);
 					}
 					else
@@ -592,7 +691,7 @@ if($page == 'admins'
 						$change_serversettings = '0';
 					}
 
-					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `name`='" . $db->escape($name) . "', `email`='" . $db->escape($email) . "', `def_language`='" . $db->escape($def_language) . "', `change_serversettings` = '" . $db->escape($change_serversettings) . "', `customers` = '" . $db->escape($customers) . "', `customers_see_all` = '" . $db->escape($customers_see_all) . "', `domains` = '" . $db->escape($domains) . "', `domains_see_all` = '" . $db->escape($domains_see_all) . "', `caneditphpsettings` = '" . (int)$caneditphpsettings . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `email_quota`='" . $db->escape($email_quota) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `ip`='" . (int)$ipaddress . "', `deactivated`='" . $db->escape($deactivated) . "', `can_manage_aps_packages`=" . (int)$can_manage_aps_packages . ", `aps_packages`=" . (int)$number_of_aps_packages . " WHERE `adminid`='" . $db->escape($id) . "'");
+					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `name`='" . $db->escape($name) . "', `email`='" . $db->escape($email) . "', `def_language`='" . $db->escape($def_language) . "', `change_serversettings` = '" . $db->escape($change_serversettings) . "', `customers` = '" . $db->escape($customers) . "', `customers_see_all` = '" . $db->escape($customers_see_all) . "', `domains` = '" . $db->escape($domains) . "', `domains_see_all` = '" . $db->escape($domains_see_all) . "', `caneditphpsettings` = '" . (int)$caneditphpsettings . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `email_quota`='" . $db->escape($email_quota) . "', `email_autoresponder`='" . $db->escape($email_autoresponder) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `ip`='" . (int)$ipaddress . "', `deactivated`='" . $db->escape($deactivated) . "', `can_manage_aps_packages`=" . (int)$can_manage_aps_packages . ", `aps_packages`=" . (int)$number_of_aps_packages . " WHERE `adminid`='" . $db->escape($id) . "'");
 					$log->logAction(ADM_ACTION, LOG_INFO, "edited admin '#" . $id . "'");
 					$redirect_props = Array(
 						'page' => $page,
@@ -670,6 +769,13 @@ if($page == 'admins'
 					$result['email_quota'] = '';
 				}
 
+				$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, $result['email_autoresponder'], true, true);
+
+				if($result['email_autoresponder'] == '-1')
+				{
+					$result['email_autoresponder'] = '';
+				}
+
 				$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, $result['ftps'], true, true);
 
 				if($result['ftps'] == '-1')
@@ -731,6 +837,13 @@ if($page == 'admins'
 				$can_manage_aps_packages = makeyesno('can_manage_aps_packages', '1', '0', $result['can_manage_aps_packages']);
 
 				$result = htmlentities_array($result);
+
+				$admin_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/admin/formfield.admin_edit.php';
+				$admin_edit_form = htmlform::genHTMLForm($admin_edit_data);
+
+				$title = $admin_edit_data['admin_edit']['title'];
+				$image = $admin_edit_data['admin_edit']['image'];
+
 				eval("echo \"" . getTemplate("admins/admins_edit") . "\";");
 			}
 		}

admin_configfiles.php

@@ -95,9 +95,10 @@ if($userinfo['change_serversettings'] == '1')
 			'<VIRTUAL_MAILBOX_BASE>' => $settings['system']['vmail_homedir'],
 			'<VIRTUAL_UID_MAPS>' => $settings['system']['vmail_uid'],
 			'<VIRTUAL_GID_MAPS>' => $settings['system']['vmail_gid'],
-			'<AWSTATS_PATH>' => $settings['system']['awstats_path'],
 			'<SSLPROTOCOLS>' => ($settings['system']['use_ssl'] == '1') ? 'imaps pop3s' : '',
-			'<REALTIME_PORT>' => $settings['system']['realtime_port']
+			'<CUSTOMER_TMP>' => ($settings['system']['mod_fcgid_tmpdir'] != '') ? makeCorrectDir($settings['system']['mod_fcgid_tmpdir']) : '/tmp/',
+			'<BASE_PATH>' => makeCorrectDir(dirname(__FILE__)),
+			'<BIND_CONFIG_PATH>' => makeCorrectDir($settings['system']['bindconf_directory'])
 		);
 		$files = '';
 		$configpage = '';
@@ -110,6 +111,7 @@ if($userinfo['change_serversettings'] == '1')
 				if(is_array($value))
 				{
 					$commands = implode("\n", $value);
+					$commands = str_replace("\n\n", "\n", $commands);
 
 					if($commands != '')
 					{

admin_cronjobs.php

@@ -12,7 +12,7 @@
  * @author     Froxlor team <team@froxlor.org> (2010-)
  * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
  * @package    Panel
- * @version    $Id$
+ * @version    $Id: admin_cronjobs.php 105 2010-12-09 08:02:33Z d00p $
  */
 
 define('AREA', 'admin');
@@ -75,12 +75,6 @@ if($page == 'cronjobs'
 				
 				$description = $lng['crondesc'][$row['desc_lng_key']];
 				
-				/*
-				 * don't allow deletion of 'froxlor' cronjobs
-				 */
-				$vendor_a = explode('/', $row['module']);
-				$vendor = $vendor_a[0];
-				
 				eval("\$crons.=\"" . getTemplate("cronjobs/cronjobs_cronjob") . "\";");
 				$count++;
 			}
@@ -94,21 +88,74 @@ if($page == 'cronjobs'
 	elseif($action == 'new')
 	{
 		/*
-		 * @TODO Finish me
+		 * @TODO later
 		 */
 	}
 	elseif($action == 'edit'
 	&& $id != 0)
 	{
-		/*
+		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_CRONRUNS . "` WHERE `id`='" . (int)$id . "'");
-		 * @TODO Finish me
+		
-		 */
+		if ($result['cronfile'] != '')
+		{
+			if(isset($_POST['send'])
+			   && $_POST['send'] == 'send')
+			{
+				$isactive = intval($_POST['isactive']);
+				$interval_value = validate($_POST['interval_value'], 'interval_value', '/^([0-9]+)$/Di', 'stringisempty');
+				$interval_interval = validate($_POST['interval_interval'], 'interval_interval');
+				
+				if($isactive != 1)
+				{
+					$isactive = 0;
+				}
+				
+				$interval = $interval_value.' '.strtoupper($interval_interval);
+				
+				$db->query("UPDATE `" . TABLE_PANEL_CRONRUNS . "` 
+							SET `isactive` = '".(int)$isactive."',
+							`interval` = '".$interval."'
+							WHERE `id` = '" . (int)$id . "'");
+
+				redirectTo($filename, Array('page' => $page, 's' => $s));
+			}
+			else
+			{
+				$isactive = makeyesno('isactive', '1', '0', $result['isactive']);
+				// interval
+				$interval_nfo = explode(' ', $result['interval']);
+				$interval_value = $interval_nfo[0];
+
+				$interval_interval = '';
+				$interval_interval.= makeoption($lng['cronmgmt']['seconds'], 'SECOND', $interval_nfo[1]);
+				$interval_interval.= makeoption($lng['cronmgmt']['minutes'], 'MINUTE', $interval_nfo[1]);
+				$interval_interval.= makeoption($lng['cronmgmt']['hours'], 'HOUR', $interval_nfo[1]);
+				$interval_interval.= makeoption($lng['cronmgmt']['days'], 'DAY', $interval_nfo[1]);
+				$interval_interval.= makeoption($lng['cronmgmt']['weeks'], 'WEEK', $interval_nfo[1]);
+				$interval_interval.= makeoption($lng['cronmgmt']['months'], 'MONTH', $interval_nfo[1]);
+				// end of interval
+				
+				$change_cronfile = false;
+				if (substr($result['module'], 0, strpos($result['module'], '/')) != 'froxlor')
+				{
+					$change_cronfile = true;
+				}
+
+				$cronjobs_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/cronjobs/formfield.cronjobs_edit.php';
+				$cronjobs_edit_form = htmlform::genHTMLForm($cronjobs_edit_data);
+
+				$title = $cronjobs_edit_data['cronjobs_edit']['title'];
+				$image = $cronjobs_edit_data['cronjobs_edit']['image'];
+
+				eval("echo \"" . getTemplate("cronjobs/cronjob_edit") . "\";");
+			}
+		}
 	}
 	elseif($action == 'delete'
 	&& $id != 0)
 	{
 		/*
-		 * @TODO Finish me
+		 * @TODO later
 		 */
 	}
 }

admin_customers.php

@@ -50,7 +50,8 @@ if($page == 'customers'
 			'c.diskspace' => $lng['customer']['diskspace'],
 			'c.diskspace_used' => $lng['customer']['diskspace'] . ' (' . $lng['panel']['used'] . ')',
 			'c.traffic' => $lng['customer']['traffic'],
-			'c.traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')',
+			'c.traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')'
+/*
 			'c.mysqls' => $lng['customer']['mysqls'],
 			'c.mysqls_used' => $lng['customer']['mysqls'] . ' (' . $lng['panel']['used'] . ')',
 			'c.ftps' => $lng['customer']['ftps'],
@@ -66,15 +67,26 @@ if($page == 'customers'
 			'c.email_quota' => $lng['customer']['email_quota'],
 			'c.email_quota_used' => $lng['customer']['email_quota'] . ' (' . $lng['panel']['used'] . ')',
 			'c.deactivated' => $lng['admin']['deactivated'],
-			'c.phpenabled' => $lng['admin']['phpenabled']
+			'c.lastlogin_succ' => $lng['admin']['lastlogin_succ'],
+			'c.phpenabled' => $lng['admin']['phpenabled'],
+			'c.perlenabled' => $lng['admin']['perlenabled']
+*/
 		);
 
+/*
 		if($settings['ticket']['enabled'] == 1)
 		{
 			$fields['c.tickets'] = $lng['customer']['tickets'];
 			$fields['c.tickets_used'] = $lng['customer']['tickets'] . ' (' . $lng['panel']['used'] . ')';
 		}
 		
+		if($settings['autoresponder']['autoresponder_active'] == 1)
+		{
+			$fields['c.email_autoresponder'] = $lng['customer']['autoresponder'];
+			$fields['c.email_autoresponder_used'] = $lng['customer']['autoresponder'] . ' (' . $lng['panel']['used'] . ')';			
+		}
+*/
+
 		$paging = new paging($userinfo, $db, TABLE_PANEL_CUSTOMERS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 		$customers = '';
 		$result = $db->query("SELECT `c`.*, `a`.`loginname` AS `adminname` " . "FROM `" . TABLE_PANEL_CUSTOMERS . "` `c`, `" . TABLE_PANEL_ADMINS . "` `a` " . "WHERE " . ($userinfo['customers_see_all'] ? '' : " `c`.`adminid` = '" . (int)$userinfo['adminid'] . "' AND ") . "`c`.`adminid`=`a`.`adminid` " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
@@ -96,7 +108,29 @@ if($page == 'customers'
 				$row['traffic'] = round($row['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
 				$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
 				$row['diskspace'] = round($row['diskspace'] / 1024, $settings['panel']['decimal_places']);
-				$row = str_replace_array('-1', 'UL', $row, 'diskspace traffic mysqls emails email_accounts email_forwarders ftps tickets subdomains');
+				$last_login = ((int)$row['lastlogin_succ'] == 0) ? $lng['panel']['neverloggedin'] : date('d.m.Y', $row['lastlogin_succ']);
+
+				/**
+				 * percent-values for progressbar
+				 */
+				if ($row['diskspace'] > 0) {
+					$percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
+					$doublepercent = round($percent*2, 2);
+				} else {
+					$percent = 0;
+					$doublepercent = 0;
+				}
+
+				$column_style = '';
+				$unlock_link = '';
+				if($row['loginfail_count'] >= $settings['login']['maxloginattempts']
+					&& $row['lastlogin_fail'] > (time() - $settings['login']['deactivatetime'])
+				) {
+					$column_style = ' style="background-color: #f99122;"';
+					$unlock_link = '<a href="'.$filename.'?s='.$s.'&amp;page='.$page.'&amp;action=unlock&amp;id='.$row['customerid'].'">'.$lng['panel']['unlock'].'</a><br />';
+				}
+
+				$row = str_replace_array('-1', 'UL', $row, 'diskspace traffic mysqls emails email_accounts email_forwarders ftps tickets subdomains email_autoresponder');
 				$row = htmlentities_array($row);
 				eval("\$customers.=\"" . getTemplate("customers/customers_customer") . "\";");
 				$count++;
@@ -105,6 +139,7 @@ if($page == 'customers'
 			$i++;
 		}
 
+		$customercount = $db->num_rows($result);
 		eval("echo \"" . getTemplate("customers/customers") . "\";");
 	}
 	elseif($action == 'su'
@@ -126,6 +161,31 @@ if($page == 'customers'
 			redirectTo('index.php', Array('action' => 'login'));
 		}
 	}
+	elseif($action == 'unlock'
+	       && $id != 0)
+	{
+		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid`='" . (int)$id . "' " . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = '" . $db->escape($userinfo['adminid']) . "' "));
+
+		if($result['loginname'] != '')
+		{
+			if(isset($_POST['send'])
+			   && $_POST['send'] == 'send')
+			{
+				$result = $db->query("UPDATE 
+					`" . TABLE_PANEL_CUSTOMERS . "` 
+				SET 
+					`loginfail_count` = '0' 
+				WHERE 
+					`customerid`= '" . (int)$id . "'"
+				);
+				redirectTo($filename, Array('page' => $page, 's' => $s));
+			}
+			else
+			{
+				ask_yesno('customer_reallyunlock', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['loginname']);
+			}
+		}
+	}
 	elseif($action == 'delete'
 	       && $id != 0)
 	{
@@ -170,13 +230,39 @@ if($page == 'customers'
 				$db->query("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$id . "'");
 				$domains_deleted = $db->affected_rows();
 				$db->query("DELETE FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$id . "'");
+				$db->query("DELETE FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int)$id . "'");
 				$db->query("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid`='" . (int)$id . "' AND `adminsession` = '0'");
 				$db->query("DELETE FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE `customerid`='" . (int)$id . "'");
 				$db->query("DELETE FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid`='" . (int)$id . "'");
 				$db->query("DELETE FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid`='" . (int)$id . "'");
+				$result2 = $db->query("SELECT `username` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$id . "'");
+				while($row = $db->fetch_array($result2))
+				{
+					$db->query("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name`='" . $row['username'] . "'");
+				}
 				$db->query("DELETE FROM `" . TABLE_FTP_GROUPS . "` WHERE `customerid`='" . (int)$id . "'");
 				$db->query("DELETE FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$id . "'");
 				$db->query("DELETE FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid`='" . (int)$id . "'");
+
+				// Delete all waiting "create user" -tasks for this user, #276
+				// Note: the WHERE selects part of a serialized array, but it should be safe this way
+				$db->query("DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '2' AND `data` LIKE '%:\"" . $db->escape($result['loginname']) . "\";%';");
+
+				// remove everything APS-related, #216
+				$apsresult = $db->query("SELECT `ID` FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID`='".(int)$id."'");
+				while($apsrow = $db->fetch_array($apsresult))
+				{
+					// remove all package related settings
+					$db->query("DELETE FROM `".TABLE_APS_SETTINGS."` WHERE `InstanceID` = '".(int)$apsrow['ID']."'");
+					// maybe some leftovers in the tasks
+					$db->query("DELETE FROM `".TABLE_APS_TASKS."` WHERE `InstanceID` = '".(int)$apsrow['ID']."'"); 
+				}
+				// now remove all user instances
+				$db->query("DELETE FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID`='".(int)$id."'");
+				// eventually some temp-setting-leftovers
+				$db->query("DELETE FROM `".TABLE_APS_TEMP_SETTINGS."` WHERE `CustomerID`='".(int)$id."'");
+				// eof APS-related removings, #216
+
 				$admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` - 1 ";
 				$admin_update_query.= ", `domains_used` = `domains_used` - 0" . (int)($domains_deleted - $result['subdomains_used']);
 
@@ -205,6 +291,11 @@ if($page == 'customers'
 					$admin_update_query.= ", `email_quota_used` = `email_quota_used` - 0" . (int)$result['email_quota'];
 				}
 
+				if($result['email_autoresponder'] != '-1')
+				{
+					$admin_update_query.= ", `email_autoresponder` = `email_autoresponder` - 0" . (int)$result['email_autoresponder'];
+				}
+
 				if($result['subdomains'] != '-1')
 				{
 					$admin_update_query.= ", `subdomains_used` = `subdomains_used` - 0" . (int)$result['subdomains'];
@@ -220,6 +311,11 @@ if($page == 'customers'
 					$admin_update_query.= ", `tickets_used` = `tickets_used` - 0" . (int)$result['tickets'];
 				}
 
+				if($result['aps_packages'] != '-1')
+				{
+					$admin_update_query.= ", `aps_packages` = `aps_packages` - 0" . (int)$result['aps_packages'];
+				}
+
 				if(($result['diskspace'] / 1024) != '-1')
 				{
 					$admin_update_query.= ", `diskspace_used` = `diskspace_used` - 0" . (int)$result['diskspace'];
@@ -339,6 +435,20 @@ if($page == 'customers'
 					$email_quota = - 1;
 				}
 				
+				if($settings['autoresponder']['autoresponder_active'] == '1')
+				{
+					$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
+
+					if(isset($_POST['email_autoresponder_ul']))
+					{
+						$email_autoresponder = - 1;
+					}
+				}
+				else
+				{
+					$email_autoresponder = 0;
+				}
+
 				$email_imap = intval_ressource($_POST['email_imap']);
 				$email_pop3 = intval_ressource($_POST['email_pop3']);
 				$ftps = intval_ressource($_POST['ftps']);
@@ -378,9 +488,17 @@ if($page == 'customers'
 				}
 
 				$createstdsubdomain = intval($_POST['createstdsubdomain']);
-				$password = validate($_POST['customer_password'], 'password');
+				$password = validate($_POST['new_customer_password'], 'password');
+				// only check if not empty,
+				// cause empty == generate password automatically
+				if($password != '')
+				{
+					$password = validatePassword($password);
+				}
 				$sendpassword = intval($_POST['sendpassword']);
 				$phpenabled = intval($_POST['phpenabled']);
+				$perlenabled = intval($_POST['perlenabled']);
+				$store_defaultindex = intval($_POST['store_defaultindex']);
 				$diskspace = $diskspace * 1024;
 				$traffic = $traffic * 1024 * 1024;
 
@@ -390,6 +508,7 @@ if($page == 'customers'
 				   || ((($userinfo['email_accounts_used'] + $email_accounts) > $userinfo['email_accounts']) && $userinfo['email_accounts'] != '-1')
 				   || ((($userinfo['email_forwarders_used'] + $email_forwarders) > $userinfo['email_forwarders']) && $userinfo['email_forwarders'] != '-1')
 				   || ((($userinfo['email_quota_used'] + $email_quota) > $userinfo['email_quota']) && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
+				   || ((($userinfo['email_autoresponder_used'] + $email_autoresponder) > $userinfo['email_autoresponder']) && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
 				   || ((($userinfo['ftps_used'] + $ftps) > $userinfo['ftps']) && $userinfo['ftps'] != '-1')
 				   || ((($userinfo['tickets_used'] + $tickets) > $userinfo['tickets']) && $userinfo['tickets'] != '-1')
 				   || ((($userinfo['subdomains_used'] + $subdomains) > $userinfo['subdomains']) && $userinfo['subdomains'] != '-1')
@@ -400,6 +519,7 @@ if($page == 'customers'
 				   || ($email_accounts == '-1' && $userinfo['email_accounts'] != '-1')
 				   || ($email_forwarders == '-1' && $userinfo['email_forwarders'] != '-1')
 				   || ($email_quota == '-1' && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
+				   || ($email_autoresponder == '-1' && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
 				   || ($ftps == '-1' && $userinfo['ftps'] != '-1')
 				   || ($tickets == '-1' && $userinfo['tickets'] != '-1')
 				   || ($subdomains == '-1' && $userinfo['subdomains'] != '-1')
@@ -431,11 +551,11 @@ if($page == 'customers'
 				}
 				else
 				{
-					if(isset($_POST['loginname'])
+					if(isset($_POST['new_loginname'])
-					   && $_POST['loginname'] != '')
+					   && $_POST['new_loginname'] != '')
 					{
 						$accountnumber = intval($settings['system']['lastaccountnumber']);
-						$loginname = validate($_POST['loginname'], 'loginname', '/^[a-z0-9\-_]+$/i');
+						$loginname = validate($_POST['new_loginname'], 'loginname', '/^[a-z0-9\-_]+$/i');
 
 						// Accounts which match systemaccounts are not allowed, filtering them
 
@@ -483,12 +603,55 @@ if($page == 'customers'
 						$phpenabled = '1';
 					}
 
+					if($perlenabled != '0')
+					{
+						$perlenabled = '1';
+					}
+
 					if($password == '')
 					{
 						$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
 					}
 
-					$result = $db->query("INSERT INTO `" . TABLE_PANEL_CUSTOMERS . "` (`adminid`, `loginname`, `password`, `name`, `firstname`, `company`, `street`, `zipcode`, `city`, `phone`, `fax`, `email`, `customernumber`, `def_language`, `documentroot`, `guid`, `diskspace`, `traffic`, `subdomains`, `emails`, `email_accounts`, `email_forwarders`, `email_quota`, `ftps`, `tickets`, `mysqls`, `standardsubdomain`, `phpenabled`, `imap`, `pop3`, `aps_packages`)  VALUES ('" . (int)$userinfo['adminid'] . "', '" . $db->escape($loginname) . "', '" . md5($password) . "', '" . $db->escape($name) . "', '" . $db->escape($firstname) . "', '" . $db->escape($company) . "', '" . $db->escape($street) . "', '" . $db->escape($zipcode) . "', '" . $db->escape($city) . "', '" . $db->escape($phone) . "', '" . $db->escape($fax) . "', '" . $db->escape($email) . "', '" . $db->escape($customernumber) . "','" . $db->escape($def_language) . "', '" . $db->escape($documentroot) . "', '" . $db->escape($guid) . "', '" . $db->escape($diskspace) . "', '" . $db->escape($traffic) . "', '" . $db->escape($subdomains) . "', '" . $db->escape($emails) . "', '" . $db->escape($email_accounts) . "', '" . $db->escape($email_forwarders) . "', '" . $db->escape($email_quota) . "', '" . $db->escape($ftps) . "', '" . $db->escape($tickets) . "', '" . $db->escape($mysqls) . "', '0', '" . $db->escape($phpenabled) . "', '" . $db->escape($email_imap) . "', '" . $db->escape($email_pop3) . "', '" . (int)$number_of_aps_packages . "')");
+					$_theme = $settings['panel']['default_theme'];
+
+					$result = $db->query(
+						"INSERT INTO `" . TABLE_PANEL_CUSTOMERS . "` SET 
+						`adminid` = '" . (int)$userinfo['adminid'] . "', 
+						`loginname` = '" . $db->escape($loginname) . "', 
+						`password` = '" . md5($password) . "', 
+						`name` = '" . $db->escape($name) . "', 
+						`firstname` = '" . $db->escape($firstname) . "', 
+						`company` = '" . $db->escape($company) . "', 
+						`street` = '" . $db->escape($street) . "', 
+						`zipcode` = '" . $db->escape($zipcode) . "', 
+						`city` = '" . $db->escape($city) . "', 
+						`phone` = '" . $db->escape($phone) . "', 
+						`fax` = '" . $db->escape($fax) . "', 
+						`email` = '" . $db->escape($email) . "', 
+						`customernumber` = '" . $db->escape($customernumber) . "', 
+						`def_language` = '" . $db->escape($def_language) . "', 
+						`documentroot` = '" . $db->escape($documentroot) . "', 
+						`guid` = '" . $db->escape($guid) . "', 
+						`diskspace` = '" . $db->escape($diskspace) . "', 
+						`traffic` = '" . $db->escape($traffic) . "', 
+						`subdomains` = '" . $db->escape($subdomains) . "', 
+						`emails` = '" . $db->escape($emails) . "', 
+						`email_accounts` = '" . $db->escape($email_accounts) . "', 
+						`email_forwarders` = '" . $db->escape($email_forwarders) . "', 
+						`email_quota` = '" . $db->escape($email_quota) . "', 
+						`ftps` = '" . $db->escape($ftps) . "', 
+						`tickets` = '" . $db->escape($tickets) . "', 
+						`mysqls` = '" . $db->escape($mysqls) . "', 
+						`standardsubdomain` = '0', 
+						`phpenabled` = '" . $db->escape($phpenabled) . "', 
+						`imap` = '" . $db->escape($email_imap) . "', 
+						`pop3` = '" . $db->escape($email_pop3) . "', 
+						`aps_packages` = '" . (int)$number_of_aps_packages . "', 
+						`perlenabled` = '" . $db->escape($perlenabled) . "', 
+						`email_autoresponder` = '" . $db->escape($email_autoresponder) . "',
+						`theme` = '" . $db->escape($_theme) . "'"
+					);
 					$customerid = $db->insert_id();
 					$admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` + 1";
 
@@ -517,6 +680,12 @@ if($page == 'customers'
 						$admin_update_query.= ", `email_quota_used` = `email_quota_used` + 0" . (int)$email_quota;
 					}
 
+					if($email_autoresponder != '-1'
+						&& $settings['autoresponder']['autoresponder_active'] == 1)
+					{
+						$admin_update_query.= ", `email_autoresponder_used` = `email_autoresponder_used` + 0" . (int)$email_autoresponder;
+					}
+
 					if($subdomains != '-1')
 					{
 						$admin_update_query.= ", `subdomains_used` = `subdomains_used` + 0" . (int)$subdomains;
@@ -553,7 +722,7 @@ if($page == 'customers'
 					}
 
 					$log->logAction(ADM_ACTION, LOG_INFO, "added user '" . $loginname . "'");
-					inserttask('2', $loginname, $guid, $guid);
+					inserttask('2', $loginname, $guid, $guid, $store_defaultindex);
 
 					// Add htpasswd for the webalizer stats
 
@@ -567,24 +736,37 @@ if($page == 'customers'
 						$htpasswdPassword = crypt($password);
 					}
 
-					$db->query("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` " . "(`customerid`, `username`, `password`, `path`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($htpasswdPassword) . "', '" . $db->escape(makeCorrectDir($documentroot . '/webalizer/')) . "')");
-					$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added webalizer htpasswd for user '" . $loginname . "'");
-
 					if($settings['system']['awstats_enabled'] == '1')
 					{
 						$db->query("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` " . "(`customerid`, `username`, `password`, `path`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($htpasswdPassword) . "', '" . $db->escape(makeCorrectDir($documentroot . '/awstats/')) . "')");
 						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added awstats htpasswd for user '" . $loginname . "'");
 					}
+					else
+					{
+						$db->query("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` " . "(`customerid`, `username`, `password`, `path`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($htpasswdPassword) . "', '" . $db->escape(makeCorrectDir($documentroot . '/webalizer/')) . "')");
+						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added webalizer htpasswd for user '" . $loginname . "'");
+					}
 
 					inserttask('1');
 					$result = $db->query("INSERT INTO `" . TABLE_FTP_USERS . "` " . "(`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', ENCRYPT('" . $db->escape($password) . "'), '" . $db->escape($documentroot) . "', 'y', '" . (int)$guid . "', '" . (int)$guid . "')");
 					$result = $db->query("INSERT INTO `" . TABLE_FTP_GROUPS . "` " . "(`customerid`, `groupname`, `gid`, `members`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($guid) . "', '" . $db->escape($loginname) . "')");
+					$result = $db->query("INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` (`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`) VALUES ('" . $db->escape($loginname) . "', 'user', '0', '0', '0', '0', '0', '0')");
 					$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added ftp-account for user '" . $loginname . "'");
 
 					if($createstdsubdomain == '1')
 					{
+						if (isset($settings['system']['stdsubdomain'])
+							&& $settings['system']['stdsubdomain'] != ''
+						) {
+							$_stdsubdomain = $loginname . '.' . $settings['system']['stdsubdomain'];
+						}
+						else
+						{
+							$_stdsubdomain = $loginname . '.' . $settings['system']['hostname'];
+						}
+
 						$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET " . 
-							"`domain` = '". $db->escape($loginname . '.' . $settings['system']['hostname']) . "', " .
+							"`domain` = '". $db->escape($_stdsubdomain) . "', " .
 							"`customerid` = '" . (int)$customerid . "', " .
 							"`adminid` = '" . (int)$userinfo['adminid'] . "', " . 
 							"`parentdomainid` = '-1', " .
@@ -596,7 +778,8 @@ if($page == 'customers'
 							"`openbasedir` = '1', " .
 							"`safemode` = '1', " .
 							"`speciallogfile` = '0', " .
-							"`specialsettings` = ''");
+							"`specialsettings` = '', " .
+							"`add_date` = '".date('Y-m-d')."'");
 						$domainid = $db->insert_id();
 						$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `standardsubdomain`=\'' . (int)$domainid . '\' WHERE `customerid`=\'' . (int)$customerid . '\'');
 						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added standardsubdomain for user '" . $loginname . "'");
@@ -608,7 +791,6 @@ if($page == 'customers'
 						$replace_arr = array(
 							'FIRSTNAME' => $firstname,
 							'NAME' => $name,
-							'TITLE' => $title,
 							'COMPANY' => $company,
 							'SALUTATION' => getCorrectUserSalutation(array('firstname' => $firstname, 'name' => $name, 'company' => $company)),
 							'USERNAME' => $loginname,
@@ -622,23 +804,22 @@ if($page == 'customers'
 						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'createcustomer_mailbody\'');
 						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['createcustomer']['mailbody']), $replace_arr));
 
-						$mail->From = $userinfo['email'];
+						$_mailerror = false;
-						$mail->FromName = $userinfo['name'];
+						try {
 							$mail->Subject = $mail_subject;
-						$mail->Body = $mail_body;
+							$mail->AltBody = $mail_body;
+							$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
 							$mail->AddAddress($email, getCorrectUserSalutation(array('firstname' => $firstname, 'name' => $name, 'company' => $company)));
-
+							$mail->Send();
-						if(!$mail->Send())
+						} catch(phpmailerException $e) {
-						{
+							$mailerr_msg = $e->errorMessage();
-							if($mail->ErrorInfo != '')
+							$_mailerror = true;
-							{
+						} catch (Exception $e) {
-								$mailerr_msg = $mail->ErrorInfo;
+							$mailerr_msg = $e->getMessage();
-							}
+							$_mailerror = true;
-							else
-							{
-								$mailerr_msg = $email;
 						}
 
+						if ($_mailerror) {
 							$log->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
 							standard_error('errorsendingmail', $email);
 						}
@@ -656,7 +837,7 @@ if($page == 'customers'
 
 				while(list($language_file, $language_name) = each($languages))
 				{
-					$language_options.= makeoption($language_name, $language_file, $userinfo['def_language'], true);
+					$language_options.= makeoption($language_name, $language_file, $settings['panel']['standardlanguage'], true);
 				}
 
 				$diskspace_ul = makecheckbox('diskspace_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
@@ -666,6 +847,7 @@ if($page == 'customers'
 				$email_accounts_ul = makecheckbox('email_accounts_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$email_forwarders_ul = makecheckbox('email_forwarders_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$email_quota_ul = makecheckbox('email_quota_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+				$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
@@ -675,6 +857,15 @@ if($page == 'customers'
 				$email_pop3 = makeyesno('email_pop3', '1', '0', '1');
 				$sendpassword = makeyesno('sendpassword', '1', '0', '1');
 				$phpenabled = makeyesno('phpenabled', '1', '0', '1');
+				$perlenabled = makeyesno('perlenabled', '1', '0', '0');
+				$store_defaultindex = makeyesno('store_defaultindex', '1', '0', '1');
+
+				$customer_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/customer/formfield.customer_add.php';
+				$customer_add_form = htmlform::genHTMLForm($customer_add_data);
+
+				$title = $customer_add_data['customer_add']['title'];
+				$image = $customer_add_data['customer_add']['image'];
+
 				eval("echo \"" . getTemplate("customers/customers_add") . "\";");
 			}
 		}
@@ -700,7 +891,7 @@ if($page == 'customers'
 				$email = $idna_convert->encode(validate($_POST['email'], 'email'));
 				$customernumber = validate($_POST['customernumber'], 'customer number', '/^[A-Za-z0-9 \-]*$/Di');
 				$def_language = validate($_POST['def_language'], 'default language');
-				$password = validate($_POST['customer_password'], 'new password');
+				$password = validate($_POST['new_customer_password'], 'new password');
 				$diskspace = intval_ressource($_POST['diskspace']);
 
 				if(isset($_POST['diskspace_ul']))
@@ -757,6 +948,20 @@ if($page == 'customers'
 					$email_quota = - 1;
 				}
 
+				if($settings['autoresponder']['autoresponder_active'] == '1')
+				{
+					$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
+
+					if(isset($_POST['email_autoresponder_ul']))
+					{
+						$email_autoresponder = - 1;
+					}
+				}
+				else
+				{
+					$email_autoresponder = 0;
+				}				
+
 				$email_imap = intval_ressource($_POST['email_imap']);
 				$email_pop3 = intval_ressource($_POST['email_pop3']);
 				$ftps = intval_ressource($_POST['ftps']);
@@ -781,16 +986,24 @@ if($page == 'customers'
 					$mysqls = - 1;
 				}
 
+				if($settings['aps']['aps_active'] == '1')
+				{				
 					$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
 
 					if(isset($_POST['number_of_aps_packages_ul']))
 					{
 						$number_of_aps_packages = - 1;
 					}
+				}
+				else
+				{
+					$number_of_aps_packages = 0;
+				}
 
 				$createstdsubdomain = intval($_POST['createstdsubdomain']);
 				$deactivated = intval($_POST['deactivated']);
 				$phpenabled = intval($_POST['phpenabled']);
+				$perlenabled = intval($_POST['perlenabled']);
 				$diskspace = $diskspace * 1024;
 				$traffic = $traffic * 1024 * 1024;
 
@@ -800,6 +1013,7 @@ if($page == 'customers'
 				   || ((($userinfo['email_accounts_used'] + $email_accounts - $result['email_accounts']) > $userinfo['email_accounts']) && $userinfo['email_accounts'] != '-1')
 				   || ((($userinfo['email_forwarders_used'] + $email_forwarders - $result['email_forwarders']) > $userinfo['email_forwarders']) && $userinfo['email_forwarders'] != '-1')
 				   || ((($userinfo['email_quota_used'] + $email_quota - $result['email_quota']) > $userinfo['email_quota']) && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
+				   || ((($userinfo['email_autoresponder_used'] + $email_autoresponder - $result['email_autoresponder']) > $userinfo['email_autoresponder']) && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
 				   || ((($userinfo['ftps_used'] + $ftps - $result['ftps']) > $userinfo['ftps']) && $userinfo['ftps'] != '-1')
 				   || ((($userinfo['tickets_used'] + $tickets - $result['tickets']) > $userinfo['tickets']) && $userinfo['tickets'] != '-1')
 				   || ((($userinfo['subdomains_used'] + $subdomains - $result['subdomains']) > $userinfo['subdomains']) && $userinfo['subdomains'] != '-1')
@@ -810,6 +1024,7 @@ if($page == 'customers'
 				   || ($email_accounts == '-1' && $userinfo['email_accounts'] != '-1')
 				   || ($email_forwarders == '-1' && $userinfo['email_forwarders'] != '-1')
 				   || ($email_quota == '-1' && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
+				   || ($email_autoresponder == '-1' && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
 				   || ($ftps == '-1' && $userinfo['ftps'] != '-1')
 				   || ($tickets == '-1' && $userinfo['tickets'] != '-1')
 				   || ($subdomains == '-1' && $userinfo['subdomains'] != '-1')
@@ -843,6 +1058,7 @@ if($page == 'customers'
 				{
 					if($password != '')
 					{
+						$password = validatePassword($password);
 						$password = md5($password);
 					}
 					else
@@ -858,7 +1074,17 @@ if($page == 'customers'
 					if($createstdsubdomain == '1'
 					   && $result['standardsubdomain'] == '0')
 					{
-						$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` " . "(`domain`, `customerid`, `adminid`, `parentdomainid`, `ipandport`, `documentroot`, `zonefile`, `isemaildomain`, `caneditdomain`, `openbasedir`, `safemode`, `speciallogfile`, `specialsettings`) " . "VALUES ('" . $db->escape($result['loginname'] . '.' . $settings['system']['hostname']) . "', '" . (int)$result['customerid'] . "', '" . (int)$userinfo['adminid'] . "', '-1', '" . $db->escape($settings['system']['defaultip']) . "', '" . $db->escape($result['documentroot']) . "', '', '0', '0', '1', '1', '0', '')");
+						if (isset($settings['system']['stdsubdomain'])
+							&& $settings['system']['stdsubdomain'] != ''
+						) {
+							$_stdsubdomain = $result['loginname'] . '.' . $settings['system']['stdsubdomain'];
+						}
+						else
+						{
+							$_stdsubdomain = $result['loginname'] . '.' . $settings['system']['hostname'];
+						}
+
+						$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` " . "(`domain`, `customerid`, `adminid`, `parentdomainid`, `ipandport`, `documentroot`, `zonefile`, `isemaildomain`, `caneditdomain`, `openbasedir`, `safemode`, `speciallogfile`, `specialsettings`, `add_date`) " . "VALUES ('" . $db->escape($_stdsubdomain) . "', '" . (int)$result['customerid'] . "', '" . (int)$userinfo['adminid'] . "', '-1', '" . $db->escape($settings['system']['defaultip']) . "', '" . $db->escape($result['documentroot']) . "', '', '0', '0', '1', '1', '0', '', '".date('Y-m-d')."')");
 						$domainid = $db->insert_id();
 						$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `standardsubdomain`=\'' . (int)$domainid . '\' WHERE `customerid`=\'' . (int)$result['customerid'] . '\'');
 						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added standardsubdomain for user '" . $result['loginname'] . "'");
@@ -884,7 +1110,13 @@ if($page == 'customers'
 						$phpenabled = '1';
 					}
 
-					if($phpenabled != $result['phpenabled'])
+					if($perlenabled != '0')
+					{
+						$perlenabled = '1';
+					}
+
+					if($phpenabled != $result['phpenabled']
+						|| $perlenabled != $result['perlenabled'])
 					{
 						inserttask('1');
 					}
@@ -912,7 +1144,7 @@ if($page == 'customers'
 						$db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `imap`='" . (int)$email_imap . "' WHERE `customerid`='" . (int)$id . "'");
 					}
 
-					$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `name`='" . $db->escape($name) . "', `firstname`='" . $db->escape($firstname) . "', `company`='" . $db->escape($company) . "', `street`='" . $db->escape($street) . "', `zipcode`='" . $db->escape($zipcode) . "', `city`='" . $db->escape($city) . "', `phone`='" . $db->escape($phone) . "', `fax`='" . $db->escape($fax) . "', `email`='" . $db->escape($email) . "', `customernumber`='" . $db->escape($customernumber) . "', `def_language`='" . $db->escape($def_language) . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `deactivated`='" . $db->escape($deactivated) . "', `phpenabled`='" . $db->escape($phpenabled) . "', `email_quota`='" . $db->escape($email_quota) . "', `imap`='" . $db->escape($email_imap) . "', `pop3`='" . $db->escape($email_pop3) . "', `aps_packages`='" . (int)$number_of_aps_packages . "' WHERE `customerid`='" . (int)$id . "'");
+					$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `name`='" . $db->escape($name) . "', `firstname`='" . $db->escape($firstname) . "', `company`='" . $db->escape($company) . "', `street`='" . $db->escape($street) . "', `zipcode`='" . $db->escape($zipcode) . "', `city`='" . $db->escape($city) . "', `phone`='" . $db->escape($phone) . "', `fax`='" . $db->escape($fax) . "', `email`='" . $db->escape($email) . "', `customernumber`='" . $db->escape($customernumber) . "', `def_language`='" . $db->escape($def_language) . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `deactivated`='" . $db->escape($deactivated) . "', `phpenabled`='" . $db->escape($phpenabled) . "', `email_quota`='" . $db->escape($email_quota) . "', `imap`='" . $db->escape($email_imap) . "', `pop3`='" . $db->escape($email_pop3) . "', `aps_packages`='" . (int)$number_of_aps_packages . "', `perlenabled`='" . $db->escape($perlenabled) . "', `email_autoresponder`='" . $db->escape($email_autoresponder) . "' WHERE `customerid`='" . (int)$id . "'");
 					$admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` ";
 
 					if($mysqls != '-1'
@@ -995,6 +1227,22 @@ if($page == 'customers'
 						}
 					}
 
+					if($email_autoresponder != '-1'
+					   || $result['email_autoresponder'] != '-1')
+					{
+						$admin_update_query.= ", `email_autoresponder_used` = `email_autoresponder_used` ";
+
+						if($email_autoresponder != '-1')
+						{
+							$admin_update_query.= " + 0" . (int)$email_autoresponder . " ";
+						}
+
+						if($result['email_autoresponder'] != '-1')
+						{
+							$admin_update_query.= " - 0" . (int)$result['email_autoresponder'] . " ";
+						}
+					}
+
 					if($subdomains != '-1'
 					   || $result['subdomains'] != '-1')
 					{
@@ -1147,6 +1395,13 @@ if($page == 'customers'
 					$result['email_quota'] = '';
 				}
 
+				$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, $result['email_autoresponder'], true, true);
+
+				if($result['email_autoresponder'] == '-1')
+				{
+					$result['email_autoresponder'] = '';
+				}
+
 				$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, $result['ftps'], true, true);
 
 				if($result['ftps'] == '-1')
@@ -1177,11 +1432,19 @@ if($page == 'customers'
 
 				$createstdsubdomain = makeyesno('createstdsubdomain', '1', '0', (($result['standardsubdomain'] != '0') ? '1' : '0'));
 				$phpenabled = makeyesno('phpenabled', '1', '0', $result['phpenabled']);
+				$perlenabled = makeyesno('perlenabled', '1', '0', $result['perlenabled']);
 				$deactivated = makeyesno('deactivated', '1', '0', $result['deactivated']);
 				$email_imap = makeyesno('email_imap', '1', '0', $result['imap']);
 				$email_pop3 = makeyesno('email_pop3', '1', '0', $result['pop3']);
 
 				$result = htmlentities_array($result);
+
+				$customer_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/customer/formfield.customer_edit.php';
+				$customer_edit_form = htmlform::genHTMLForm($customer_edit_data);
+
+				$title = $customer_edit_data['customer_edit']['title'];
+				$image = $customer_edit_data['customer_edit']['image'];
+
 				eval("echo \"" . getTemplate("customers/customers_edit") . "\";");
 			}
 		}

admin_domains.php

@@ -130,6 +130,8 @@ if($page == 'domains'
 			$i++;
 		}
 
+		$domainscount = $db->num_rows($result);
+
 		// Display the list
 
 		eval("echo \"" . getTemplate("domains/domains") . "\";");
@@ -142,12 +144,28 @@ if($page == 'domains'
 		$alias_check = $db->query_first('SELECT COUNT(`id`) AS `count` FROM `' . TABLE_PANEL_DOMAINS . '` WHERE `aliasdomain`=\'' . (int)$id . '\'');
 
 		if($result['domain'] != ''
-		   && $alias_check['count'] == 0)
+			&& $alias_check['count'] == 0
-		{
+		) {
 			if(isset($_POST['send'])
 			   && $_POST['send'] == 'send')
 			{
-				$query = 'SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` WHERE (`id`="' . (int)$id . '" OR `parentdomainid`="' . (int)$id . '")  AND  `isemaildomain`="1"';
+				/*
+				 * check for APS packages used with this domain, #110
+				 */
+				if(domainHasApsInstances($id))
+				{
+					standard_error('domains_cantdeletedomainwithapsinstances');
+				}
+
+				// check for deletion of main-domains which are logically subdomains, #329
+				$rsd_sql = '';
+				$remove_subbutmain_domains = isset($_POST['delete_userfiles']) ? 1 : 0;
+				if($remove_subbutmain_domains == 1)
+				{
+					$rsd_sql .= ' OR `ismainbutsubto` = "'.(int)$id.'"';
+				}
+
+				$query = 'SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` WHERE (`id`="' . (int)$id . '" OR `parentdomainid`="' . (int)$id . '"'.$rsd_sql.')  AND  `isemaildomain`="1"';
 				$subResult = $db->query($query);
 				$idString = array();
 
@@ -167,20 +185,29 @@ if($page == 'domains'
 					$log->logAction(ADM_ACTION, LOG_NOTICE, "deleted domain/s from mail-tables");
 				}
 
-				$db->query("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `id`='" . (int)$id . "' OR `parentdomainid`='" . (int)$result['id'] . "'");
+				$db->query("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `id`='" . (int)$id . "' OR `parentdomainid`='" . (int)$result['id'] . "'".$rsd_sql);
 				$deleted_domains = (int)$db->affected_rows();
 				$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `subdomains_used` = `subdomains_used` - " . (int)($deleted_domains - 1) . " WHERE `customerid` = '" . (int)$result['customerid'] . "'");
 				$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` - 1 WHERE `adminid` = '" . (int)$userinfo['adminid'] . "'");
 				$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `standardsubdomain`=\'0\' WHERE `standardsubdomain`=\'' . (int)$result['id'] . '\' AND `customerid`=\'' . (int)$result['customerid'] . '\'');
+				$db->query("DELETE FROM `" . TABLE_PANEL_DOMAINREDIRECTS . "` WHERE `did` = '".(int)$id."'");
 				$log->logAction(ADM_ACTION, LOG_INFO, "deleted domain/subdomains (#" . $result['id'] . ")");
 				updateCounters();
 				inserttask('1');
 				inserttask('4');
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
+			elseif ($alias_check['count'] > 0) {
+				standard_error('domains_cantdeletedomainwithaliases');
+			}
 			else
 			{
-				ask_yesno('admin_domain_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['domain']));
+				$showcheck = false;
+				if(domainHasMainSubDomains($id))
+				{
+					$showcheck = true;
+				}
+				ask_yesno_withcheckbox('admin_domain_reallydelete', 'remove_subbutmain_domains', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['domain']), $showcheck);
 			}
 		}
 	}
@@ -205,6 +232,7 @@ if($page == 'domains'
 				$wwwserveralias = intval($_POST['wwwserveralias']);
 				$speciallogfile = intval($_POST['speciallogfile']);
 				$aliasdomain = intval($_POST['alias']);
+				$issubof = intval($_POST['issubof']);
 				$customerid = intval($_POST['customerid']);
 				$customer = $db->query_first("SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid`='" . (int)$customerid . "' " . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = '" . (int)$userinfo['adminid'] . "' ") . " ");
 
@@ -298,7 +326,7 @@ if($page == 'domains'
 					}
 					else
 					{
-						$phpsettingid = '1';
+						$phpsettingid = $settings['system']['mod_fcgid_defaultini'];
 						$mod_fcgid_starter = '-1';
 						$mod_fcgid_maxrequests = '-1';
 					}
@@ -307,7 +335,7 @@ if($page == 'domains'
 				{
 					$openbasedir = '1';
 					$safemode = '1';
-					$phpsettingid = '1';
+					$phpsettingid = $settings['system']['mod_fcgid_defaultini'];
 					$mod_fcgid_starter = '-1';
 					$mod_fcgid_maxrequests = '-1';
 				}
@@ -358,9 +386,16 @@ if($page == 'domains'
 				}
 
 				if(!preg_match('/^https?\:\/\//', $documentroot))
+				{
+					if(strstr($documentroot, ":") !== FALSE)
+					{
+						standard_error('pathmaynotcontaincolon');
+					}
+					else
 					{
 						$documentroot = makeCorrectDir($documentroot);
 					}
+				}
 
 				$domain_check = $db->query_first("SELECT `id`, `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain` = '" . $db->escape(strtolower($domain)) . "'");
 				$aliasdomain_check = array(
@@ -369,7 +404,8 @@ if($page == 'domains'
 
 				if($aliasdomain != 0)
 				{
-					$aliasdomain_check = $db->query_first('SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\'');
+					// also check ip/port combination to be the same, #176
+					$aliasdomain_check = $db->query_first('SELECT `d`.`id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\' AND `d`.`ipandport` = \''.(int)$ipandport.'\'');
 				}
 
 				if($openbasedir != '1')
@@ -428,6 +464,11 @@ if($page == 'domains'
 					$caneditdomain = '0';
 				}
 				
+				if($issubof <= '0')
+				{
+					$issubof = '0';
+				}
+
 				if($domain == '')
 				{
 					standard_error(array('stringisempty', 'mydomain'));
@@ -481,13 +522,15 @@ if($page == 'domains'
 						'mod_fcgid_starter' => $mod_fcgid_starter,
 						'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
 						'specialsettings' => $specialsettings,
-						'registration_date' => $registration_date
+						'registration_date' => $registration_date,
+						'issubof' => $issubof
 					);
 
 					$security_questions = array(
 						'reallydisablesecuritysetting' => (($openbasedir == '0' || $safemode == '0') && $userinfo['change_serversettings'] == '1'),
 						'reallydocrootoutofcustomerroot' => (substr($documentroot, 0, strlen($customer['documentroot'])) != $customer['documentroot'] && !preg_match('/^https?\:\/\//', $documentroot))
 					);
+					$question_nr = 1;
 					foreach($security_questions as $question_name => $question_launch)
 					{
 						if($question_launch !== false)
@@ -497,13 +540,14 @@ if($page == 'domains'
 							if(!isset($_POST[$question_name])
 							   || $_POST[$question_name] != $question_name)
 							{
-								ask_yesno('admin_domain_' . $question_name, $filename, $params);
+								ask_yesno('admin_domain_' . $question_name, $filename, $params, $question_nr);
 								exit;
 							}
 						}
+						$question_nr++;
 					}
 
-					$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` (`domain`, `customerid`, `adminid`, `documentroot`, `ipandport`,`aliasdomain`, `zonefile`, `dkim`, `wwwserveralias`, `isbinddomain`, `isemaildomain`, `email_only`, `subcanemaildomain`, `caneditdomain`, `openbasedir`, `safemode`,`speciallogfile`, `specialsettings`, `ssl`, `ssl_redirect`, `ssl_ipandport`, `add_date`, `registration_date`, `phpsettingid`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`) VALUES ('" . $db->escape($domain) . "', '" . (int)$customerid . "', '" . (int)$adminid . "', '" . $db->escape($documentroot) . "', '" . $db->escape($ipandport) . "', " . (($aliasdomain != 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ", '" . $db->escape($zonefile) . "', '" . $db->escape($dkim) . "', '" . $db->escape($wwwserveralias) . "', '" . $db->escape($isbinddomain) . "', '" . $db->escape($isemaildomain) . "', '" . $db->escape($email_only) . "', '" . $db->escape($subcanemaildomain) . "', '" . $db->escape($caneditdomain) . "', '" . $db->escape($openbasedir) . "', '" . $db->escape($safemode) . "', '" . $db->escape($speciallogfile) . "', '" . $db->escape($specialsettings) . "', '" . $ssl . "', '" . $ssl_redirect . "' , '" . $ssl_ipandport . "', '" . $db->escape(time()) . "', '" . $db->escape($registration_date) . "', '" . (int)$phpsettingid . "', '" . (int)$mod_fcgid_starter . "', '" . (int)$mod_fcgid_maxrequests . "')");
+					$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` (`domain`, `customerid`, `adminid`, `documentroot`, `ipandport`,`aliasdomain`, `zonefile`, `dkim`, `wwwserveralias`, `isbinddomain`, `isemaildomain`, `email_only`, `subcanemaildomain`, `caneditdomain`, `openbasedir`, `safemode`,`speciallogfile`, `specialsettings`, `ssl`, `ssl_redirect`, `ssl_ipandport`, `add_date`, `registration_date`, `phpsettingid`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`, `ismainbutsubto`) VALUES ('" . $db->escape($domain) . "', '" . (int)$customerid . "', '" . (int)$adminid . "', '" . $db->escape($documentroot) . "', '" . $db->escape($ipandport) . "', " . (($aliasdomain != 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ", '" . $db->escape($zonefile) . "', '" . $db->escape($dkim) . "', '" . $db->escape($wwwserveralias) . "', '" . $db->escape($isbinddomain) . "', '" . $db->escape($isemaildomain) . "', '" . $db->escape($email_only) . "', '" . $db->escape($subcanemaildomain) . "', '" . $db->escape($caneditdomain) . "', '" . $db->escape($openbasedir) . "', '" . $db->escape($safemode) . "', '" . $db->escape($speciallogfile) . "', '" . $db->escape($specialsettings) . "', '" . $ssl . "', '" . $ssl_redirect . "' , '" . $ssl_ipandport . "', '" . $db->escape(time()) . "', '" . $db->escape($registration_date) . "', '" . (int)$phpsettingid . "', '" . (int)$mod_fcgid_starter . "', '" . (int)$mod_fcgid_maxrequests . "', '".(int)$issubof."')");
 					$domainid = $db->insert_id();
 					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` + 1 WHERE `adminid` = '" . (int)$adminid . "'");
 					$log->logAction(ADM_ACTION, LOG_INFO, "added domain '" . $domain . "'");
@@ -555,7 +599,7 @@ if($page == 'domains'
 						$row_ipandport['ip'] = '[' . $row_ipandport['ip'] . ']';
 					}
 
-					$ipsandports.= makeoption($row_ipandport['ip'] . ':' . $row_ipandport['port'], $row_ipandport['id']);
+					$ipsandports.= makeoption($row_ipandport['ip'] . ':' . $row_ipandport['port'], $row_ipandport['id'], $settings['system']['defaultip']);
 				}
 
 				$ssl_ipsandports = '';
@@ -595,12 +639,20 @@ if($page == 'domains'
 					$domains.= makeoption($idna_convert->decode($row_domain['domain']) . ' (' . $row_domain['loginname'] . ')', $row_domain['id']);
 				}
 				
+				$subtodomains = makeoption($lng['domains']['nosubtomaindomain'], 0, NULL, true);
+				$result_domains = $db->query("SELECT `d`.`id`, `d`.`domain`, `c`.`loginname` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`parentdomainid`=0 AND `d`.`ismainbutsubto`=0 " . $standardsubdomains . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = '" . (int)$userinfo['adminid'] . "'") . " AND `d`.`customerid`=`c`.`customerid` ORDER BY `loginname`, `domain` ASC");
+
+				while($row_domain = $db->fetch_array($result_domains))
+				{
+					$subtodomains.= makeoption($idna_convert->decode($row_domain['domain']) . ' (' . $row_domain['loginname'] . ')', $row_domain['id']);
+				}
+
 				$phpconfigs = '';
 				$configs = $db->query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
 
 				while($row = $db->fetch_array($configs))
 				{
-					$phpconfigs.= makeoption($row['description'], $row['id'], '1', true, true);
+					$phpconfigs.= makeoption($row['description'], $row['id'], $settings['system']['mod_fcgid_defaultini'], true, true);
 				}
 
 				$isbinddomain = makeyesno('isbinddomain', '1', '0', '1');
@@ -617,6 +669,12 @@ if($page == 'domains'
 				$ssl_redirect = makeyesno('ssl_redirect', '1', '0', '0');				
 				$add_date = date('Y-m-d');
 
+				$domain_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/domains/formfield.domains_add.php';
+				$domain_add_form = htmlform::genHTMLForm($domain_add_data);
+
+				$title = $domain_add_data['domain_add']['title'];
+				$image = $domain_add_data['domain_add']['image'];
+
 				eval("echo \"" . getTemplate("domains/domains_add") . "\";");
 			}
 		}
@@ -624,7 +682,11 @@ if($page == 'domains'
 	elseif($action == 'edit'
 	       && $id != 0)
 	{
-		$result = $db->query_first("SELECT `d`.`id`, `d`.`domain`, `d`.`customerid`, `d`.`adminid`, `d`.`email_only`, `d`.`documentroot`, `d`.`ssl`, `d`.`ssl_redirect`, `d`.`ssl_ipandport`,`d`.`ipandport`, `d`.`aliasdomain`, `d`.`isbinddomain`, `d`.`isemaildomain`, `d`.`subcanemaildomain`, `d`.`dkim`, `d`.`caneditdomain`, `d`.`zonefile`, `d`.`wwwserveralias`, `d`.`openbasedir`, `d`.`safemode`, `d`.`speciallogfile`, `d`.`specialsettings`, `d`.`add_date`, `d`.`registration_date`, `c`.`loginname`, `c`.`name`, `c`.`firstname`, `c`.`company`, `d`.`phpsettingid`, `d`.`mod_fcgid_starter`, `d`.`mod_fcgid_maxrequests` " . "FROM `" . TABLE_PANEL_DOMAINS . "` `d` " . "LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) " . "WHERE `d`.`parentdomainid`='0' AND `d`.`id`='" . (int)$id . "'" . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = '" . (int)$userinfo['adminid'] . "' "));
+		$result = $db->query_first("SELECT `d`.*, `c`.`customerid` FROM `" . TABLE_PANEL_DOMAINS . "` `d` 
+									LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) 
+									WHERE `d`.`parentdomainid`='0' 
+									AND `d`.`id`='" . (int)$id . "'" 
+									. ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = '" . (int)$userinfo['adminid'] . "' "));
 
 		if($result['domain'] != '')
 		{
@@ -701,6 +763,7 @@ if($page == 'domains'
 				}
 
 				$aliasdomain = intval($_POST['alias']);
+				$issubof = intval($_POST['issubof']);
 				$isemaildomain = intval($_POST['isemaildomain']);
 				$email_only = intval($_POST['email_only']);
 				$subcanemaildomain = intval($_POST['subcanemaildomain']);
@@ -729,6 +792,12 @@ if($page == 'domains'
 					{
 						$documentroot = $customer['documentroot'];
 					}
+
+					if(!preg_match('/^https?\:\/\//', $documentroot)
+						&& strstr($documentroot, ":") !== FALSE
+					) {
+						standard_error('pathmaynotcontaincolon');
+					}
 				}
 				else
 				{
@@ -878,7 +947,8 @@ if($page == 'domains'
 
 				if($aliasdomain != 0)
 				{
-					$aliasdomain_check = $db->query_first('SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$result['customerid'] . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$result['customerid'] . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\'');
+					// also check ip/port combination to be the same, #176
+					$aliasdomain_check = $db->query_first('SELECT `d`.`id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$result['customerid'] . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$result['customerid'] . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\' AND `d`.`ipandport` = \''.(int)$ipandport.'\'');
 				}
 
 				if($aliasdomain_check['id'] != $aliasdomain)
@@ -886,6 +956,11 @@ if($page == 'domains'
 					standard_error('domainisaliasorothercustomer');
 				}
 				
+				if($issubof <= '0')
+				{
+					$issubof = '0';
+				}
+
 				$params = array(
 					'id' => $id,
 					'page' => $page,
@@ -912,7 +987,8 @@ if($page == 'domains'
 					'mod_fcgid_starter' => $mod_fcgid_starter,
 					'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
 					'specialsettings' => $specialsettings,
-					'registration_date' => $registration_date
+					'registration_date' => $registration_date,
+					'issubof' => $issubof
 				);
 
 				$security_questions = array(
@@ -946,7 +1022,8 @@ if($page == 'domains'
 				   || $mod_fcgid_starter != $result['mod_fcgid_starter']
 				   || $mod_fcgid_maxrequests != $result['mod_fcgid_maxrequests']
 				   || $specialsettings != $result['specialsettings']
-				   || $aliasdomain != $result['aliasdomain'])
+				   || $aliasdomain != $result['aliasdomain']
+				   || $issubof != $result['ismainbutsubto'])
 				{
 					inserttask('1');
 				}
@@ -1008,7 +1085,7 @@ if($page == 'domains'
 					$log->logAction(ADM_ACTION, LOG_INFO, "removed specialsettings on all subdomains of domain #" . $id);
 				}
 				
-				$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `customerid` = '" . (int)$customerid . "', `adminid` = '" . (int)$adminid . "', `documentroot`='" . $db->escape($documentroot) . "', `ipandport`='" . $db->escape($ipandport) . "', `ssl`='" . (int)$ssl . "', `ssl_redirect`='" . (int)$ssl_redirect . "', `ssl_ipandport`='" . (int)$ssl_ipandport . "', `aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ", `isbinddomain`='" . $db->escape($isbinddomain) . "', `isemaildomain`='" . $db->escape($isemaildomain) . "', `email_only`='" . $db->escape($email_only) . "', `subcanemaildomain`='" . $db->escape($subcanemaildomain) . "', `dkim`='" . $db->escape($dkim) . "', `caneditdomain`='" . $db->escape($caneditdomain) . "', `zonefile`='" . $db->escape($zonefile) . "', `wwwserveralias`='" . $db->escape($wwwserveralias) . "', `openbasedir`='" . $db->escape($openbasedir) . "', `safemode`='" . $db->escape($safemode) . "', `phpsettingid`='" . $db->escape($phpsettingid) . "', `mod_fcgid_starter`='" . $db->escape($mod_fcgid_starter) . "', `mod_fcgid_maxrequests`='" . $db->escape($mod_fcgid_maxrequests) . "', `specialsettings`='" . $db->escape($specialsettings) . "', `registration_date`='" . $db->escape($registration_date) . "' WHERE `id`='" . (int)$id . "'");
+				$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `customerid` = '" . (int)$customerid . "', `adminid` = '" . (int)$adminid . "', `documentroot`='" . $db->escape($documentroot) . "', `ipandport`='" . $db->escape($ipandport) . "', `ssl`='" . (int)$ssl . "', `ssl_redirect`='" . (int)$ssl_redirect . "', `ssl_ipandport`='" . (int)$ssl_ipandport . "', `aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ", `isbinddomain`='" . $db->escape($isbinddomain) . "', `isemaildomain`='" . $db->escape($isemaildomain) . "', `email_only`='" . $db->escape($email_only) . "', `subcanemaildomain`='" . $db->escape($subcanemaildomain) . "', `dkim`='" . $db->escape($dkim) . "', `caneditdomain`='" . $db->escape($caneditdomain) . "', `zonefile`='" . $db->escape($zonefile) . "', `wwwserveralias`='" . $db->escape($wwwserveralias) . "', `openbasedir`='" . $db->escape($openbasedir) . "', `safemode`='" . $db->escape($safemode) . "', `phpsettingid`='" . $db->escape($phpsettingid) . "', `mod_fcgid_starter`='" . $db->escape($mod_fcgid_starter) . "', `mod_fcgid_maxrequests`='" . $db->escape($mod_fcgid_maxrequests) . "', `specialsettings`='" . $db->escape($specialsettings) . "', `registration_date`='" . $db->escape($registration_date) . "', `ismainbutsubto`='" . (int)$issubof . "' WHERE `id`='" . (int)$id . "'");
 				$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `customerid` = '" . (int)$customerid . "', `adminid` = '" . (int)$adminid . "', `ipandport`='" . $db->escape($ipandport) . "', `openbasedir`='" . $db->escape($openbasedir) . "', `safemode`='" . $db->escape($safemode) . "', `phpsettingid`='" . $db->escape($phpsettingid) . "', `mod_fcgid_starter`='" . $db->escape($mod_fcgid_starter) . "', `mod_fcgid_maxrequests`='" . $db->escape($mod_fcgid_maxrequests) . "'" . $upd_specialsettings . $updatechildren . " WHERE `parentdomainid`='" . (int)$id . "'");
 				$log->logAction(ADM_ACTION, LOG_INFO, "edited domain #" . $id);
 				$redirect_props = Array(
@@ -1064,6 +1141,14 @@ if($page == 'domains'
 					$domains.= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id'], $result['aliasdomain']);
 				}
 
+				$subtodomains = makeoption($lng['domains']['nosubtomaindomain'], 0, NULL, true);
+				$result_domains = $db->query("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`parentdomainid`=0 AND `d`.`id`<>'" . (int)$result['id'] . "' AND `c`.`standardsubdomain`<>`d`.`id` AND `c`.`customerid`=`d`.`customerid`". ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = '" . (int)$userinfo['adminid'] . "'") . " ORDER BY `d`.`domain` ASC");
+
+				while($row_domain = $db->fetch_array($result_domains))
+				{
+					$subtodomains.= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id'], $result['ismainbutsubto']);
+				}
+
 				if($userinfo['ip'] == "-1")
 				{
 					$result_ipsandports = $db->query("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='0' ORDER BY `ip`, `port` ASC");
@@ -1129,6 +1214,13 @@ if($page == 'domains'
 				$specialsettingsforsubdomains = makeyesno('specialsettingsforsubdomains', '1', '0', '1');
 				
 				$result = htmlentities_array($result);
+
+				$domain_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/domains/formfield.domains_edit.php';
+				$domain_edit_form = htmlform::genHTMLForm($domain_edit_data);
+
+				$title = $domain_edit_data['domain_edit']['title'];
+				$image = $domain_edit_data['domain_edit']['image'];
+
 				eval("echo \"" . getTemplate("domains/domains_edit") . "\";");
 			}
 		}

admin_index.php

@@ -61,6 +61,7 @@ if($page == 'overview')
 				SUM(`email_accounts_used`) AS `email_accounts_used`,
 				SUM(`email_forwarders_used`) AS `email_forwarders_used`,
 				SUM(`email_quota_used`) AS `email_quota_used`,
+				SUM(`email_autoresponder_used`) AS `email_autoresponder_used`,
 				SUM(`ftps_used`) AS `ftps_used`,
 				SUM(`tickets_used`) AS `tickets_used`,
 				SUM(`subdomains_used`) AS `subdomains_used`,
@@ -88,22 +89,34 @@ if($page == 'overview')
 	{
 		$update_check_uri = 'http://version.froxlor.org/Froxlor/legacy/' . $version;
 
-		if(strtolower(ini_get('allow_url_fopen')) == 'on')
+		if(ini_get('allow_url_fopen'))
 		{
 			$latestversion = @file($update_check_uri);
 
-			$latestversion = explode(':', $latestversion);
+			if (isset($latestversion[0]))
+			{
+				$latestversion = explode('|', $latestversion[0]);
 
 				if(is_array($latestversion)
-			   && count($latestversion) >= 2)
+				&& count($latestversion) >= 1)
 				{
-				$lookfornewversion_lable = $latestversion[0];
+					$_version = $latestversion[0];
-				$lookfornewversion_link = $latestversion[1];
+					$_message = isset($latestversion[1]) ? $latestversion[1] : '';
-				$lookfornewversion_addinfo = '';
+					$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
 
-				if(count($latestversion) >= 3)
+					$lookfornewversion_lable = $_version;
+					$lookfornewversion_link = $_link;
+					$lookfornewversion_addinfo = $_message;
+					
+					if (version_compare($version, $_version) == -1) {
+						$isnewerversion = 1;
+					} else {
+						$isnewerversion = 0;
+					}
+				}
+				else
 				{
-					$lookfornewversion_addinfo = $latestversion[2];
+					redirectTo($update_check_uri.'/pretty', NULL);
 				}
 			}
 			else
@@ -121,13 +134,14 @@ if($page == 'overview')
 		$lookfornewversion_lable = $lng['admin']['lookfornewversion']['clickhere'];
 		$lookfornewversion_link = htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
 		$lookfornewversion_addinfo = '';
+		$isnewerversion = 0;
 	}
 
 	$userinfo['diskspace'] = round($userinfo['diskspace'] / 1024, $settings['panel']['decimal_places']);
 	$userinfo['diskspace_used'] = round($userinfo['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
 	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
 	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps tickets subdomains aps_packages');
+	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps tickets subdomains aps_packages');
 
 	$cron_last_runs = getCronjobsLastRun();
 	$outstanding_tasks = getOutstandingTasks();
@@ -172,7 +186,7 @@ if($page == 'overview')
 	}
 
 	// Try to get the uptime
-	// First: With exec (let's hope it's enabled for the SysCP - vHost)
+	// First: With exec (let's hope it's enabled for the Froxlor - vHost)
 
 	$uptime_array = explode(" ", @file_get_contents("/proc/uptime"));
 
@@ -268,13 +282,47 @@ elseif($page == 'change_language')
 	{
 		$language_options = '';
 
+		$default_lang = $settings['panel']['standardlanguage'];
+		if($userinfo['def_language'] != '') { 
+			$default_lang = $userinfo['def_language'];
+		}
+
 		while(list($language_file, $language_name) = each($languages))
 		{
-			$language_options.= makeoption($language_name, $language_file, $userinfo['def_language'], true);
+			$language_options.= makeoption($language_name, $language_file, $default_lang, true);
 		}
 
 		eval("echo \"" . getTemplate("index/change_language") . "\";");
 	}
 }
+elseif($page == 'change_theme')
+{
+	if(isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {
+		$theme = validate($_POST['theme'], 'theme');
 
-?>
+		$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `theme`='" . $db->escape($theme) . "' WHERE `adminid`='" . (int)$userinfo['adminid'] . "'");
+		$db->query("UPDATE `" . TABLE_PANEL_SESSIONS . "` SET `theme`='" . $db->escape($theme) . "' WHERE `hash`='" . $db->escape($s) . "'");
+
+		$log->logAction(ADM_ACTION, LOG_NOTICE, "changed his/her theme to '" . $theme . "'");
+		redirectTo($filename, Array('s' => $s));
+	}
+	else
+	{
+		$theme_options = '';
+
+		$default_theme = $settings['panel']['default_theme'];
+		if($userinfo['theme'] != '') {
+			$default_theme = $userinfo['theme'];
+		}
+
+		$themes_avail = getThemes();
+		foreach($themes_avail as $t)
+		{
+			$theme_options.= makeoption($t, $t, $default_theme, true);
+		}
+
+		eval("echo \"" . getTemplate("index/change_theme") . "\";");
+	}
+}

admin_ipsandports.php

@@ -141,11 +141,22 @@ if($page == 'ipsandports'
 			$vhostcontainer = intval($_POST['vhostcontainer']);
 			$specialsettings = validate(str_replace("\r\n", "\n", $_POST['specialsettings']), 'specialsettings', '/^[^\0]*$/');
 			$vhostcontainer_servername_statement = intval($_POST['vhostcontainer_servername_statement']);
+			$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
+			$docroot = validate($_POST['docroot'], 'docroot');
+			if((int)$settings['system']['use_ssl'] == 1)
+			{
 				$ssl = intval($_POST['ssl']);
 				$ssl_cert_file = validate($_POST['ssl_cert_file'], 'ssl_cert_file');
 				$ssl_key_file = validate($_POST['ssl_key_file'], 'ssl_key_file');
 				$ssl_ca_file = validate($_POST['ssl_ca_file'], 'ssl_ca_file');
-			$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
+				$ssl_cert_chainfile = validate($_POST['ssl_cert_chainfile'], 'ssl_cert_chainfile');
+			} else {
+				$ssl = 0;
+				$ssl_cert_file = '';
+				$ssl_key_file = '';
+				$ssl_ca_file = '';
+				$ssl_cert_chainfile = '';
+			}
 			
 			if($listen_statement != '1')
 			{
@@ -187,6 +198,20 @@ if($page == 'ipsandports'
 				$ssl_ca_file = makeCorrectFile($ssl_ca_file);
 			}
 
+			if($ssl_cert_chainfile != '')
+			{
+				$ssl_cert_chainfile = makeCorrectFile($ssl_cert_chainfile);
+			}
+
+			if(strlen(trim($docroot)) > 0)
+			{
+				$docroot = makeCorrectDir($docroot);
+			}
+			else
+			{
+				$docroot = '';
+			}
+
 			$result_checkfordouble = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ip`='" . $db->escape($ip) . "' AND `port`='" . (int)$port . "'");
 
 			if($result_checkfordouble['id'] != '')
@@ -195,7 +220,23 @@ if($page == 'ipsandports'
 			}
 			else
 			{
-				$db->query("INSERT INTO `" . TABLE_PANEL_IPSANDPORTS . "` (`ip`, `port`, `listen_statement`, `namevirtualhost_statement`, `vhostcontainer`, `vhostcontainer_servername_statement`, `specialsettings`, `ssl`, `ssl_cert_file`, `ssl_key_file`, `ssl_ca_file`, `default_vhostconf_domain`) VALUES ('" . $db->escape($ip) . "', '" . (int)$port . "', '" . (int)$listen_statement . "', '" . (int)$namevirtualhost_statement . "', '" . (int)$vhostcontainer . "', '" . (int)$vhostcontainer_servername_statement . "', '" . $db->escape($specialsettings) . "', '" . (int)$ssl . "', '" . $db->escape($ssl_cert_file) . "', '" . $db->escape($ssl_key_file) . "', '" . $db->escape($ssl_ca_file) . "', '" . $db->escape($default_vhostconf_domain) . "')");
+				$db->query("INSERT INTO `" . TABLE_PANEL_IPSANDPORTS . "`
+					SET 
+						`ip` = '" . $db->escape($ip) . "', 
+						`port` = '" . (int)$port . "', 
+						`listen_statement` = '" . (int)$listen_statement . "', 
+						`namevirtualhost_statement` = '" . (int)$namevirtualhost_statement . "', 
+						`vhostcontainer` = '" . (int)$vhostcontainer . "', 
+						`vhostcontainer_servername_statement` = '" . (int)$vhostcontainer_servername_statement . "', 
+						`specialsettings` = '" . $db->escape($specialsettings) . "', 
+						`ssl` = '" . (int)$ssl . "', 
+						`ssl_cert_file` = '" . $db->escape($ssl_cert_file) . "', 
+						`ssl_key_file` = '" . $db->escape($ssl_key_file) . "', 
+						`ssl_ca_file` = '" . $db->escape($ssl_ca_file) . "',
+						`ssl_cert_chainfile` = '" . $db->escape($ssl_cert_chainfile) . "', 
+						`default_vhostconf_domain` = '" . $db->escape($default_vhostconf_domain) . "',
+						`docroot` = '" . $db->escape($docroot) . "';
+					");
 
 				if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
 				{
@@ -215,6 +256,13 @@ if($page == 'ipsandports'
 			$namevirtualhost_statement = makeyesno('namevirtualhost_statement', '1', '0', '1');
 			$vhostcontainer = makeyesno('vhostcontainer', '1', '0', '1');
 			$vhostcontainer_servername_statement = makeyesno('vhostcontainer_servername_statement', '1', '0', '1');
+
+			$ipsandports_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/ipsandports/formfield.ipsandports_add.php';
+			$ipsandports_add_form = htmlform::genHTMLForm($ipsandports_add_data);
+
+			$title = $ipsandports_add_data['ipsandports_add']['title'];
+			$image = $ipsandports_add_data['ipsandports_add']['image'];
+
 			eval("echo \"" . getTemplate("ipsandports/ipsandports_add") . "\";");
 		}
 	}
@@ -237,11 +285,22 @@ if($page == 'ipsandports'
 				$vhostcontainer = intval($_POST['vhostcontainer']);
 				$specialsettings = validate(str_replace("\r\n", "\n", $_POST['specialsettings']), 'specialsettings', '/^[^\0]*$/');
 				$vhostcontainer_servername_statement = intval($_POST['vhostcontainer_servername_statement']);
+				$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
+				$docroot =  validate($_POST['docroot'], 'docroot');
+				if((int)$settings['system']['use_ssl'] == 1)
+				{
 					$ssl = intval($_POST['ssl']);
 					$ssl_cert_file = validate($_POST['ssl_cert_file'], 'ssl_cert_file');
 					$ssl_key_file = validate($_POST['ssl_key_file'], 'ssl_key_file');
 					$ssl_ca_file = validate($_POST['ssl_ca_file'], 'ssl_ca_file');
-				$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
+					$ssl_cert_chainfile = validate($_POST['ssl_cert_chainfile'], 'ssl_cert_chainfile');
+				} else {
+					$ssl = 0;
+					$ssl_cert_file = '';
+					$ssl_key_file = '';
+					$ssl_ca_file = '';
+					$ssl_cert_chainfile = '';
+				}
 				
 				if($listen_statement != '1')
 				{
@@ -283,6 +342,20 @@ if($page == 'ipsandports'
 					$ssl_ca_file = makeCorrectFile($ssl_ca_file);
 				}
 
+				if($ssl_cert_chainfile != '')
+				{
+					$ssl_cert_chainfile = makeCorrectFile($ssl_cert_chainfile);
+				}
+
+				if(strlen(trim($docroot)) > 0)
+				{
+					$docroot = makeCorrectDir($docroot);
+				}
+				else
+				{
+					$docroot = '';
+				}
+
 				if($result['ip'] != $ip
 				   && $result['ip'] == $settings['system']['ipaddress']
 				   && $result_sameipotherport['id'] == '')
@@ -296,7 +369,26 @@ if($page == 'ipsandports'
 				}
 				else
 				{
-					$db->query("UPDATE `" . TABLE_PANEL_IPSANDPORTS . "` SET `ip`='" . $db->escape($ip) . "', `port`='" . (int)$port . "', `listen_statement`='" . (int)$listen_statement . "', `namevirtualhost_statement`='" . (int)$namevirtualhost_statement . "', `vhostcontainer`='" . (int)$vhostcontainer . "', `vhostcontainer_servername_statement`='" . (int)$vhostcontainer_servername_statement . "', `specialsettings`='" . $db->escape($specialsettings) . "', `ssl`='" . (int)$ssl . "', `ssl_cert_file`='" . $db->escape($ssl_cert_file) . "', `ssl_key_file`='" . $db->escape($ssl_key_file) . "', `ssl_ca_file`='" . $db->escape($ssl_ca_file) . "', `default_vhostconf_domain`='" . $db->escape($default_vhostconf_domain) . "' WHERE `id`='" . (int)$id . "'");
+
+					$db->query("UPDATE `" . TABLE_PANEL_IPSANDPORTS . "`
+					SET 
+						`ip` = '" . $db->escape($ip) . "', 
+						`port` = '" . (int)$port . "', 
+						`listen_statement` = '" . (int)$listen_statement . "', 
+						`namevirtualhost_statement` = '" . (int)$namevirtualhost_statement . "', 
+						`vhostcontainer` = '" . (int)$vhostcontainer . "', 
+						`vhostcontainer_servername_statement` = '" . (int)$vhostcontainer_servername_statement . "', 
+						`specialsettings` = '" . $db->escape($specialsettings) . "', 
+						`ssl` = '" . (int)$ssl . "', 
+						`ssl_cert_file` = '" . $db->escape($ssl_cert_file) . "', 
+						`ssl_key_file` = '" . $db->escape($ssl_key_file) . "', 
+						`ssl_ca_file` = '" . $db->escape($ssl_ca_file) . "',
+						`ssl_cert_chainfile` = '" . $db->escape($ssl_cert_chainfile) . "', 
+						`default_vhostconf_domain` = '" . $db->escape($default_vhostconf_domain) . "',
+						`docroot` = '" . $db->escape($docroot) . "' 
+					WHERE `id`='" . (int)$id . "'
+					");
+
 					$log->logAction(ADM_ACTION, LOG_WARNING, "changed IP/port from '" . $result['ip'] . ":" . $result['port'] . "' to '" . $ip . ":" . $port . "'");
 					inserttask('1');
 					inserttask('4');
@@ -311,6 +403,13 @@ if($page == 'ipsandports'
 				$namevirtualhost_statement = makeyesno('namevirtualhost_statement', '1', '0', $result['namevirtualhost_statement']);
 				$vhostcontainer = makeyesno('vhostcontainer', '1', '0', $result['vhostcontainer']);
 				$vhostcontainer_servername_statement = makeyesno('vhostcontainer_servername_statement', '1', '0', $result['vhostcontainer_servername_statement']);
+
+				$ipsandports_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/ipsandports/formfield.ipsandports_edit.php';
+				$ipsandports_edit_form = htmlform::genHTMLForm($ipsandports_edit_data);
+	
+				$title = $ipsandports_edit_data['ipsandports_edit']['title'];
+				$image = $ipsandports_edit_data['ipsandports_edit']['image'];
+
 				eval("echo \"" . getTemplate("ipsandports/ipsandports_edit") . "\";");
 			}
 		}

admin_logger.php

@@ -31,10 +31,10 @@ if($page == 'log'
 	if($action == '')
 	{
 		$fields = array(
-			'action' => $lng['logger']['action'],
 			'date' => $lng['logger']['date'],
 			'type' => $lng['logger']['type'],
-			'user' => $lng['logger']['user']
+			'user' => $lng['logger']['user'],
+			'text' => $lng['logger']['action']
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_LOG, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 		$paging->sortfield = 'date';
@@ -167,5 +167,3 @@ if($page == 'log'
 		}
 	}
 }
-
-?>

admin_phpsettings.php

@@ -39,6 +39,7 @@ if($page == 'overview')
 	if($action == '')
 	{
 		$tablecontent = '';
+		$count = 0;
 		$result = $db->query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
 
 		while($row = $db->fetch_array($result))
@@ -68,6 +69,7 @@ if($page == 'overview')
 				$domains = $lng['admin']['phpsettings']['notused'];
 			}
 
+			$count ++;
 			eval("\$tablecontent.=\"" . getTemplate("phpconfig/overview_overview") . "\";");
 		}
 
@@ -97,12 +99,19 @@ if($page == 'overview')
 
 				$db->query("INSERT INTO `" . TABLE_PANEL_PHPCONFIGS . "` SET `description` = '" . $db->escape($description) . "', `binary` = '" . $db->escape($binary) . "', `file_extensions` = '" . $db->escape($file_extensions) . "', `mod_fcgid_starter` = '" . $db->escape($mod_fcgid_starter) . "', `mod_fcgid_maxrequests` = '" . $db->escape($mod_fcgid_maxrequests) . "', `phpsettings` = '" . $db->escape($phpsettings) . "'");
 				inserttask('1');
-				$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with description '" . $value . "' has been created by '" . $userinfo['loginname'] . "'");
+				$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with description '" . $description . "' has been created by '" . $userinfo['loginname'] . "'");
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
 			else
 			{
 				$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = 1");
+
+				$phpconfig_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php';
+				$phpconfig_add_form = htmlform::genHTMLForm($phpconfig_add_data);
+
+				$title = $phpconfig_add_data['phpconfig_add']['title'];
+				$image = $phpconfig_add_data['phpconfig_add']['image'];
+
 				eval("echo \"" . getTemplate("phpconfig/overview_add") . "\";");
 			}
 		}
@@ -172,6 +181,12 @@ if($page == 'overview')
 			}
 			else
 			{
+				$phpconfig_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php';
+				$phpconfig_edit_form = htmlform::genHTMLForm($phpconfig_edit_data);
+
+				$title = $phpconfig_edit_data['phpconfig_edit']['title'];
+				$image = $phpconfig_edit_data['phpconfig_edit']['image'];
+
 				eval("echo \"" . getTemplate("phpconfig/overview_edit") . "\";");
 			}
 		}

admin_settings.php

@@ -31,20 +31,82 @@ if(($page == 'settings' || $page == 'overview')
    && $userinfo['change_serversettings'] == '1')
 {
 	$settings_data = loadConfigArrayDir('./actions/admin/settings/');
-	$settings = loadSettings(&$settings_data, &$db);
+	$settings = loadSettings($settings_data, $db);
 	
 	if(isset($_POST['send'])
 	   && $_POST['send'] == 'send')
 	{
-		if(processForm(&$settings_data, &$_POST, array('filename' => $filename, 'action' => $action, 'page' => $page)))
+		$_part = isset($_GET['part']) ? $_GET['part'] : '';
+
+		if($_part == '')
 		{
+			$_part = isset($_POST['part']) ? $_POST['part'] : '';
+		}
+
+		if($_part != '')
+		{
+			if($_part == 'all')
+			{
+				$settings_all = true;
+				$settings_part = false;
+			}
+			else
+			{
+				$settings_all = false;
+				$settings_part = true;
+			}
+
+			$only_enabledisable = false;
+		}
+		else
+		{
+			$settings_all = false;
+			$settings_part = false;
+			$only_enabledisable = true;
+		}
+		
+		if(processFormEx(
+			$settings_data, 
+			$_POST, 
+			array('filename' => $filename, 'action' => $action, 'page' => $page),
+			$_part,
+			$settings_all,
+			$settings_part,
+			$only_enabledisable
+			)
+		) {
+			$log->logAction(ADM_ACTION, LOG_INFO, "rebuild configfiles due to changed setting");
+			inserttask('1');
+			inserttask('4');
+			inserttask('5');
 			standard_success('settingssaved', '', array('filename' => $filename, 'action' => $action, 'page' => $page));
 		}
 	}
 	else
 	{
-		$fields = buildForm(&$settings_data);
+		$_part = isset($_GET['part']) ? $_GET['part'] : '';
-		eval("echo \"" . getTemplate("settings/settings") . "\";");
+		
+		if($_part == '')
+		{
+			$_part = isset($_POST['part']) ? $_POST['part'] : '';
+		}
+
+		$fields = buildFormEx($settings_data, $_part);
+		
+		$settings_page = '';
+		if($_part == '')
+		{
+			eval("\$settings_page .= \"" . getTemplate("settings/settings_overview") . "\";");
+		} 
+		else
+		{
+			eval("\$settings_page .= \"" . getTemplate("settings/settings") . "\";");
+		}
+		
+		eval("echo \"" . getTemplate("settings/settings_form_begin") . "\";");
+		eval("echo \$settings_page;");
+		eval("echo \"" . getTemplate("settings/settings_form_end") . "\";");
+
 	}
 }
 elseif($page == 'rebuildconfigs'
@@ -57,7 +119,7 @@ elseif($page == 'rebuildconfigs'
 		inserttask('1');
 		inserttask('4');
 		inserttask('5');
-		redirectTo('admin_index.php', array('s' => $s));
+		standard_success('rebuildingconfigs', '', array('filename' => 'admin_index.php'));
 	}
 	else
 	{
@@ -157,5 +219,3 @@ elseif($page == 'enforcequotas'
 		ask_yesno('admin_quotas_reallyenforce', $filename, array('page' => $page));
 	}
 }
-
-?>

admin_templates.php

@@ -48,12 +48,16 @@ elseif(isset($_GET['id']))
 $available_templates = array(
 	'createcustomer',
 	'pop_success',
-	'trafficninetypercent',
+	'trafficmaxpercent',
+	'diskmaxpercent',
 	'new_ticket_by_customer',
 	'new_ticket_for_customer',
 	'new_ticket_by_staff',
 	'new_reply_ticket_by_customer',
-	'new_reply_ticket_by_staff'
+	'new_reply_ticket_by_staff',
+	'new_database_by_customer',
+	'new_ftpaccount_by_customer',
+	'password_reset'
 );
 $file_templates = array(
 	'index_html'
@@ -148,7 +152,7 @@ elseif($action == 'delete'
 		}
 	}
 }
-elseif($action == 'delete'
+elseif($action == 'deletef'
        && $id != 0)
 {
 	//file templates
@@ -205,6 +209,12 @@ elseif($action == 'add')
 			$template_options.= makeoption($lng['admin']['templates'][$template], $template, NULL, true);
 		}
 
+		$template_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/templates/formfield.template_add.php';
+		$template_add_form = htmlform::genHTMLForm($template_add_data);
+
+		$title = $template_add_data['template_add']['title'];
+		$image = $template_add_data['template_add']['image'];
+
 		eval("echo \"" . getTemplate("templates/templates_add_2") . "\";");
 	}
 	elseif(isset($_POST['send'])
@@ -308,6 +318,12 @@ elseif($action == 'add')
 				$free_templates.= makeoption($lng['admin']['templates'][$template], $template, '', true);
 			}
 
+			$filetemplate_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/templates/formfield.filetemplate_add.php';
+			$filetemplate_add_form = htmlform::genHTMLForm($filetemplate_add_data);
+
+			$title = $filetemplate_add_data['filetemplate_add']['title'];
+			$image = $filetemplate_add_data['filetemplate_add']['image'];
+
 			eval("echo \"" . getTemplate("templates/filetemplates_add") . "\";");
 		}
 	}
@@ -340,11 +356,18 @@ elseif($action == 'edit'
 			$result = $db->query_first("SELECT `language`, `varname`, `value` FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `id`='$mailbodyid'");
 			$result = htmlentities_array($result);
 			$mailbody = $result['value'];
+
+			$template_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/templates/formfield.template_edit.php';
+			$template_edit_form = htmlform::genHTMLForm($template_edit_data);
+
+			$title = $template_edit_data['template_edit']['title'];
+			$image = $template_edit_data['template_edit']['image'];
+
 			eval("echo \"" . getTemplate("templates/templates_edit") . "\";");
 		}
 	}
 }
-elseif($action == 'edit'
+elseif($action == 'editf'
        && $id != 0)
 {
 	//file templates
@@ -368,6 +391,13 @@ elseif($action == 'edit'
 		else
 		{
 			$row = htmlentities_array($row);
+
+			$filetemplate_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/templates/formfield.filetemplate_edit.php';
+			$filetemplate_edit_form = htmlform::genHTMLForm($filetemplate_edit_data);
+
+			$title = $filetemplate_edit_data['filetemplate_edit']['title'];
+			$image = $filetemplate_edit_data['filetemplate_edit']['image'];
+
 			eval("echo \"" . getTemplate("templates/filetemplates_edit") . "\";");
 		}
 	}
@@ -377,5 +407,3 @@ elseif($action == 'edit'
 		exit;
 	}
 }
-
-?>

admin_tickets.php

@@ -56,7 +56,7 @@ if($page == 'tickets'
 		$paging = new paging($userinfo, $db, TABLE_PANEL_TICKETS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 		$paging->sortfield = 'lastchange';
 		$paging->sortorder = 'desc';
-		$result = $db->query('SELECT `main`.`id`, `main`.`customerid`, (SELECT COUNT(`sub`.`id`) FROM `' . TABLE_PANEL_TICKETS . '` `sub` WHERE `sub`.`answerto` = `main`.`id`) as `ticket_answers`, `main`.`lastchange`, `main`.`subject`, `main`.`status`, `main`.`lastreplier`, `main`.`priority` FROM `' . TABLE_PANEL_TICKETS . '` as `main` WHERE `main`.`answerto` = "0"  AND `archived` = "0" AND `adminid` = "' . (int)$userinfo['adminid'] . '" ' . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		$result = $db->query('SELECT `main`.`id`, `main`.`customerid`, (SELECT COUNT(`sub`.`id`) FROM `' . TABLE_PANEL_TICKETS . '` `sub` WHERE `sub`.`answerto` = `main`.`id`) as `ticket_answers`, `main`.`lastchange`, `main`.`subject`, `main`.`status`, `main`.`lastreplier`, `main`.`priority` FROM `' . TABLE_PANEL_TICKETS . '` as `main` WHERE `main`.`answerto` = "0"  AND `archived` = "0" ' . ($userinfo['customers_see_all'] ? '' : ' AND  `adminid` = "' . (int)$userinfo['adminid'] . '"') . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -102,11 +102,12 @@ if($page == 'tickets'
 					if($_cid != $row['customerid'])
 					{
 						$cid = $row['customerid'];
-						$usr = $db->query_first('SELECT `firstname`, `name`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						$usr = $db->query_first('SELECT `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
                                      WHERE `customerid` = "' . (int)$cid . '"');
 						
 						if(isset($usr['loginname'])) {
-							$customer = $usr['firstname'] . " " . $usr['name'] . " (" . $usr['loginname'] . ")";
+							$customer = getCorrectFullUserDetails($usr) . ' (' . $usr['loginname'] . ')';
+							//$customer = $usr['firstname'] . " " . $usr['name'] . " (" . $usr['loginname'] . ")";
 						} else {
 							$customer = $lng['ticket']['nonexistingcustomer'];
 						}
@@ -139,6 +140,7 @@ if($page == 'tickets'
 						$cananswer = 1;
 					}
 
+					$row['subject'] = html_entity_decode($row['subject']);
 					if(strlen($row['subject']) > 20)
 					{
 						$row['subject'] = substr($row['subject'], 0, 17) . '...';
@@ -167,7 +169,7 @@ if($page == 'tickets'
 				$newticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 				$newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 				$newticket->Set('category', validate($_POST['category'], 'category'), true, false);
-				$newticket->Set('customer', validate($_POST['customer'], 'customer'), true, false);
+				$newticket->Set('customer', (int)$_POST['customer'], true, false);
 				$newticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);
 
 				if($newticket->Get('subject') == null)
@@ -197,12 +199,12 @@ if($page == 'tickets'
 			else
 			{
 				$categories = '';
-				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `name` ASC');
+				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
 
 				if(isset($result['name'])
 				   && $result['name'] != '')
 				{
-					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `name` ASC');
+					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
 
 					while($row = $db->fetch_array($result2))
 					{
@@ -219,27 +221,19 @@ if($page == 'tickets'
 
 				while($row_customer = $db->fetch_array($result_customers))
 				{
-					if($row_customer['company'] == '')
+					$customers.= makeoption(getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
-					{
-						$customers.= makeoption($row_customer['name'] . ', ' . $row_customer['firstname'] . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
-					}
-					else
-					{
-						if($row_customer['name'] != ''
-						   && $row_customer['firstname'] != '')
-						{
-							$customers.= makeoption($row_customer['name'] . ', ' . $row_customer['firstname'] . ' | ' . $row_customer['company'] . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
-						}
-						else
-						{
-							$customers.= makeoption($row_customer['company'] . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
-						}
-					}
 				}
 
-				$priorities = makeoption($lng['ticket']['unf_high'], '1');
+				$priorities = makeoption($lng['ticket']['unf_high'], '1', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_normal'], '2');
+				$priorities.= makeoption($lng['ticket']['unf_normal'], '2', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_low'], '3');
+				$priorities.= makeoption($lng['ticket']['unf_low'], '3', $settings['ticket']['default_priority']);
+
+				$ticket_new_data = include_once dirname(__FILE__).'/lib/formfields/admin/ticket/formfield.ticket_new.php';
+				$ticket_new_form = htmlform::genHTMLForm($ticket_new_data);
+
+				$title = $ticket_new_data['ticket_new']['title'];
+				$image = $ticket_new_data['ticket_new']['image'];
+
 				eval("echo \"" . getTemplate("ticket/tickets_new") . "\";");
 			}
 		}
@@ -351,6 +345,11 @@ if($page == 'tickets'
 			$ticket_replies_count = $db->num_rows($andere) + 1;
 
 			// don't forget the main-ticket!
+			$ticket_reply_data = include_once dirname(__FILE__).'/lib/formfields/admin/ticket/formfield.ticket_reply.php';
+			$ticket_reply_form = htmlform::genHTMLForm($ticket_reply_data);
+ 
+			$title = $ticket_reply_data['ticket_reply']['title'];
+			$image = $ticket_reply_data['ticket_reply']['image'];
 
 			eval("echo \"" . getTemplate("ticket/tickets_reply") . "\";");
 		}
@@ -435,10 +434,11 @@ elseif($page == 'categories'
 	{
 		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_tickets::categories");
 		$fields = array(
-			'name' => $lng['ticket']['category']
+			'name' => $lng['ticket']['category'],
+			'logicalorder' => $lng['ticket']['logicalorder']
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_TICKET_CATS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result = $db->query("SELECT `main`.`id`, `main`.`name`, (
+		$result = $db->query("SELECT `main`.`id`, `main`.`name`, `main`.`logicalorder`, (
                               SELECT COUNT(`sub`.`id`) FROM `" . TABLE_PANEL_TICKETS . "` `sub`
                               WHERE `sub`.`category` = `main`.`id`
                               AND `sub`.`answerto` = '0' AND `sub`.`adminid` = '" . $userinfo['adminid'] . "')
@@ -481,6 +481,13 @@ elseif($page == 'categories'
 		   && $_POST['send'] == 'send')
 		{
 			$category = validate($_POST['category'], 'category');
+			$order = validate($_POST['logicalorder'], 'logicalorder');
+			
+			if($order < 1 || $order >= 1000)
+			{
+				// use the latest available
+				$order = ticket::getHighestOrderNumber($db) + 1;
+			}
 
 			if($category == '')
 			{
@@ -488,13 +495,21 @@ elseif($page == 'categories'
 			}
 			else
 			{
-				ticket::addCategory($db, $category, $userinfo['adminid']);
+				ticket::addCategory($db, $category, $userinfo['adminid'], $order);
 				$log->logAction(ADM_ACTION, LOG_INFO, "added ticket-category '" . $category . "'");
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
 		}
 		else
 		{
+			$order = ticket::getHighestOrderNumber($db) + 1;
+
+			$category_new_data = include_once dirname(__FILE__).'/lib/formfields/admin/ticket/formfield.category_new.php';
+			$category_new_form = htmlform::genHTMLForm($category_new_data);
+
+			$title = $category_new_data['category_new']['title'];
+			$image = $category_new_data['category_new']['image'];
+
 			eval("echo \"" . getTemplate("ticket/tickets_newcategory") . "\";");
 		}
 	}
@@ -505,6 +520,12 @@ elseif($page == 'categories'
 		   && $_POST['send'] == 'send')
 		{
 			$category = validate($_POST['category'], 'category');
+			$order = validate($_POST['logicalorder'], 'logicalorder');
+
+			if($order < 1 || $order >= 1000)
+			{
+				$order = 1;
+			}
 
 			if($category == '')
 			{
@@ -512,7 +533,7 @@ elseif($page == 'categories'
 			}
 			else
 			{
-				ticket::editCategory($db, $category, $id);
+				ticket::editCategory($db, $category, $id, $order);
 				$log->logAction(ADM_ACTION, LOG_INFO, "edited ticket-category '" . $category . "'");
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
@@ -520,6 +541,13 @@ elseif($page == 'categories'
 		else
 		{
 			$row = $db->query_first('SELECT * FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `id` = "' . (int)$id . '"');
+
+			$category_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/ticket/formfield.category_edit.php';
+			$category_edit_form = htmlform::genHTMLForm($category_edit_data);
+
+			$title = $category_edit_data['category_edit']['title'];
+			$image = $category_edit_data['category_edit']['image'];
+
 			eval("echo \"" . getTemplate("ticket/tickets_editcategory") . "\";");
 		}
 	}
@@ -634,14 +662,15 @@ elseif($page == 'archive'
 						if($_cid != $ticket['customerid'])
 						{
 							$cid = $ticket['customerid'];
-							$usr = $db->query_first('SELECT `firstname`, `name`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
+							$usr = $db->query_first('SELECT `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
                                        WHERE `customerid` = "' . (int)$cid . '"');
 							
 							if(isset($usr['loginname'])) {
-								$customer = $usr['firstname'] . " " . $usr['name'] . " (" . $usr['loginname'] . ")";
+								$customer = getCorrectFullUserDetails($usr) . ' (' . $usr['loginname'] . ')';
 							} else {
 								$customer = $lng['ticket']['nonexistingcustomer'];
 							}
+							
 							eval("\$tickets.=\"" . getTemplate("ticket/tickets_customer") . "\";");
 						}
 
@@ -718,18 +747,11 @@ elseif($page == 'archive'
 			}
 
 			$customers = makeoption($lng['ticket']['nocustomer'], '-1', '-1');
-			$result = $db->query_first('SELECT `customerid` FROM `' . TABLE_PANEL_CUSTOMERS . '` ' . ($userinfo['customers_see_all'] ? '' : ' WHERE `adminid` = "' . (int)$userinfo['adminid'] . '" ') . 'ORDER BY `name` ASC');
+			$result_customers = $db->query("SELECT `customerid`, `loginname`, `name`, `firstname`, `company` FROM `" . TABLE_PANEL_CUSTOMERS . "` " . ($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = '" . (int)$userinfo['adminid'] . "' ") . " ORDER BY `name` ASC");
 
-			if(isset($result['customerid'])
+			while($row_customer = $db->fetch_array($result_customers))
-			   && $result['customerid'] != '')
 			{
-				$result2 = $db->query('SELECT `customerid`, `loginname`, `firstname`, `name`
+				$customers.= makeoption(getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
-  									          FROM `' . TABLE_PANEL_CUSTOMERS . '` ' . ($userinfo['customers_see_all'] ? '' : ' WHERE `adminid` = "' . (int)$userinfo['adminid'] . '" ') . ' ORDER BY `name` ASC');
-
-				while($row = $db->fetch_array($result2))
-				{
-					$customers.= makeoption($row['name'] . ', ' . $row['firstname'] . ' (' . $row['loginname'] . ')', $row['customerid']);
-				}
 			}
 
 			eval("echo \"" . getTemplate("ticket/archive") . "\";");

admin_updates.php

@@ -22,33 +22,90 @@ if($page == 'overview')
 {
 	$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_updates");
 
+	/**
+	 * this is a dirty hack but syscp 1.4.2.1 does not
+	 * has any version/dbversion in the database (don't know why)
+	 * so we have to set them both to run a correct upgrade
+	 */
+	if (!isFroxlor()) {
+		if (!isset($settings['panel']['version'])
+		|| $settings['panel']['version'] == ''
+		) {
+			$settings['panel']['version'] = '1.4.2.1';
+			$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('panel','version','".$settings['panel']['version']."')");
+		}
+		if (!isset($settings['system']['dbversion'])
+		|| $settings['system']['dbversion'] == ''
+		) {
+			/**
+			 * for syscp-stable (1.4.2.1) this value has to be 0
+			 * so the required table-fields are added correctly
+			 * and the svn-version has its value in the database
+			 * -> bug #54
+			 */
+			
+			$result = $db->query_first("SELECT `value` FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `varname` = 'dbversion'");
+			
+			if(isset($result['value']))
+			{
+				$settings['system']['dbversion'] = (int)$result['value'];
+			} else {
+				$settings['system']['dbversion'] = 0;
+			}
+		}
+	}
+
 	if(hasUpdates($version))
 	{
+		$successful_update = false;
+		$message = '';
+
 		if(isset($_POST['send'])
 		&& $_POST['send'] == 'send')
 		{
-	
+			if((isset($_POST['update_preconfig'])
+				&& isset($_POST['update_changesagreed'])
+				&& intval($_POST['update_changesagreed']) != 0)
+				|| !isset($_POST['update_preconfig'])
+			) {
 				eval("echo \"" . getTemplate("update/update_start") . "\";");
 	
-			include_once('./install/updatesql.php');
+				include_once './install/updatesql.php';
 	
-			$redirect_url = 'admin_index.php';
+				$redirect_url = 'admin_index.php?s=' . $s;
 				eval("echo \"" . getTemplate("update/update_end") . "\";");
 	
 				updateCounters();
 				inserttask('1');
 				@chmod('./lib/userdata.inc.php', 0440);
+				
+				$successful_update = true;
 			}
 			else
+			{
+				$message = '<br /><strong style="color:#ff0000;">You have to agree that you have read the update notifications.</strong>';
+			}
+		}
+
+		if(!$successful_update)
 		{
 			$current_version = $settings['panel']['version'];
 			$new_version = $version;
 
-			$ui_text = $lng['update']['update_information'];
+			$ui_text = $lng['update']['update_information']['part_a'];
 			$ui_text = str_replace('%curversion', $current_version, $ui_text);
 			$ui_text = str_replace('%newversion', $new_version, $ui_text);
 			$update_information = $ui_text;
 			
+			include_once './install/updates/preconfig.php';
+			$preconfig = getPreConfig($current_version);
+			if($preconfig != '')
+			{
+				$update_information .= '<br />'.$preconfig.$message;
+			}
+			
+			$update_information .= $lng['update']['update_information']['part_b'];
+
 			eval("echo \"" . getTemplate("update/index") . "\";");
 		}
 	}
@@ -59,7 +116,7 @@ if($page == 'overview')
 		 */
 
 		$success_message = $lng['update']['noupdatesavail'];
-		$redirect_url = 'admin_index.php';
+		$redirect_url = 'admin_index.php?s=' . $s;
 		eval("echo \"" . getTemplate("update/noupdatesavail") . "\";");
 	}
 }

customer_autoresponder.php

@@ -87,6 +87,7 @@ if($action == "add")
 			`subject` = '" . $db->escape($subject) . "',
 			`customerid` = '" . $db->escape((int)$userinfo['customerid']) . "'
 			");
+		$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_autoresponder_used` = `email_autoresponder_used` + 1 WHERE `customerid` = '" . $db->escape((int)$userinfo['customerid']). "'");
 		redirectTo($filename, Array('s' => $s));
 	}
 
@@ -107,7 +108,7 @@ if($action == "add")
 	}
 	
 	$date_from_off = makecheckbox('date_from_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
-	$date_until_off = makecheckbox('date_from_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
+	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
 
 	eval("echo \"" . getTemplate("email/autoresponder_add") . "\";");
 }
@@ -229,7 +230,7 @@ if($action == "edit")
 		$deactivated = '0';
 		$date_until = date('d-m-Y', $date_until);
 	}
-	$date_from_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, $deactivated, true, true);
+	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, $deactivated, true, true);
 
 	$checked = '';
 
@@ -265,6 +266,7 @@ if($action == "delete")
 			WHERE `email` = '" . $db->escape($account) . "'
 			AND `customerid` = '" . $db->escape((int)$userinfo['customerid']) . "'
 			");
+		$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_autoresponder_used` = `email_autoresponder_used` - 1 WHERE `customerid` = '" . $db->escape((int)$userinfo['customerid']). "'");
 		redirectTo($filename, Array('s' => $s));
 	}
 
@@ -277,6 +279,7 @@ if($action == "delete")
 else 
 {
 	$autoresponder = '';
+	$count = 0;
 	$result = $db->query("SELECT * FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' ORDER BY email ASC");
 
 	while($row = $db->fetch_array($result))
@@ -298,9 +301,8 @@ else
 			$activated_date = date('d-m-Y', $row['date_from']) . ' - ' . date('d-m-Y', $row['date_until']);
 		}
 		eval("\$autoresponder.=\"" . getTemplate("email/autoresponder_autoresponder") . "\";");
+		$count++;
 	}	
 
 	eval("echo \"" . getTemplate("email/autoresponder") . "\";");
 }
-
-?>

customer_domains.php

@@ -68,13 +68,13 @@ elseif($page == 'domains')
 			$row['domainalias'] = $idna_convert->decode($row['domainalias']);
 
 			if($row['parentdomainid'] == '0'
-			   && $row['iswildcarddomain'] != '1'
 			   && $row['caneditdomain'] == '1')
 			{
 				$parentdomains_count++;
 			}
 
 			$domains_count++;
+/*
 			$domainparts = explode('.', $row['domain']);
 			$domainparts = array_reverse($domainparts);
 			$sortkey = '';
@@ -82,8 +82,9 @@ elseif($page == 'domains')
 			{
 				$sortkey.= $part . '.';
 			}
-
 			$domain_array[$sortkey] = $row;
+*/
+			$domain_array[$row['domain']] = $row;
 		}
 
 		ksort($domain_array);
@@ -125,6 +126,11 @@ elseif($page == 'domains')
 			if($paging->checkDisplay($i))
 			{
 				$row = htmlentities_array($domain_array[$sortkey]);
+				if($settings['system']['awstats_enabled'] == '1') {
+					$statsapp = 'awstats';
+				} else {
+					$statsapp = 'webalizer';
+				}
 				eval("\$domains.=\"" . getTemplate("domains/domains_delimiter") . "\";");
 
 				if($paging->sortfield == 'd.domain'
@@ -178,6 +184,14 @@ elseif($page == 'domains')
 					}
 				}
 
+				/*
+				 * check for APS packages used with this domain, #110
+				 */
+				if(domainHasApsInstances($id))
+				{
+					standard_error('domains_cantdeletedomainwithapsinstances');
+				}
+
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted subdomain '" . $idna_convert->decode($result['domain']) . "'");
 				$result = $db->query("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 				$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `subdomains_used`=`subdomains_used`-1 WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
@@ -205,17 +219,19 @@ elseif($page == 'domains')
 			{
 				$subdomain = $idna_convert->encode(preg_replace(Array('/\:(\d)+$/', '/^https?\:\/\//'), '', validate($_POST['subdomain'], 'subdomain', '', 'subdomainiswrong')));
 				$domain = $idna_convert->encode($_POST['domain']);
-				$domain_check = $db->query_first("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain`='" . $db->escape($domain) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "' AND `parentdomainid`='0' AND `email_only`='0' AND `iswildcarddomain`='0' AND `caneditdomain`='1' ");
+				$domain_check = $db->query_first("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain`='" . $db->escape($domain) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "' AND `parentdomainid`='0' AND `email_only`='0' AND `caneditdomain`='1' ");
 				$completedomain = $subdomain . '.' . $domain;
 				$completedomain_check = $db->query_first("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain`='" . $db->escape($completedomain) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "' AND `email_only`='0' AND `caneditdomain` = '1'");
 				$aliasdomain = intval($_POST['alias']);
 				$aliasdomain_check = array(
 					'id' => 0
 				);
+				$_doredirect = false;
 
 				if($aliasdomain != 0)
 				{
-					$aliasdomain_check = $db->query_first('SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\'');
+					// also check ip/port combination to be the same, #176
+					$aliasdomain_check = $db->query_first('SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\' AND `d`.`ipandport` = \''.(int)$domain_check['ipandport'].'\'');
 				}
 
 				if(isset($_POST['url'])
@@ -223,6 +239,7 @@ elseif($page == 'domains')
 				   && validateUrl($idna_convert->encode($_POST['url'])))
 				{
 					$path = $_POST['url'];
+					$_doredirect = true;
 				}
 				else
 				{
@@ -234,6 +251,14 @@ elseif($page == 'domains')
 				{
 					$path = $userinfo['documentroot'] . '/' . $path;
 					$path = makeCorrectDir($path);
+					if (strstr($path, ":") !== FALSE)
+					{
+						standard_error('pathmaynotcontaincolon');
+					}
+				}
+				else
+				{
+					$_doredirect = true;
 				}
 
 				if(isset($_POST['openbasedir_path'])
@@ -286,7 +311,38 @@ elseif($page == 'domains')
 				}
 				else
 				{
-					$result = $db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` (`customerid`, `domain`, `documentroot`, `ipandport`, `aliasdomain`, `parentdomainid`, `isemaildomain`, `openbasedir`, `openbasedir_path`, `safemode`, `speciallogfile`, `specialsettings`, `ssl_redirect`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($completedomain) . "', '" . $db->escape($path) . "', '" . $db->escape($domain_check['ipandport']) . "', " . (($aliasdomain != 0) ? "'" . $db->escape($aliasdomain) . "'" : "NULL") . ", '" . (int)$domain_check['id'] . "', '" . ($domain_check['subcanemaildomain'] == '3' ? '1' : '0') . "', '" . $db->escape($domain_check['openbasedir']) . "', '" . $db->escape($openbasedir_path) . "', '" . $db->escape($domain_check['safemode']) . "', '" . $db->escape($domain_check['speciallogfile']) . "', '" . $db->escape($domain_check['specialsettings']) . "', '" . $ssl_redirect . "')");
+					// get the phpsettingid from parentdomain, #107
+					$phpsid_result = $db->query_first("SELECT `phpsettingid` FROM `".TABLE_PANEL_DOMAINS."` WHERE `id` = '".(int)$domain_check['id']."'");
+					if(!isset($phpsid_result['phpsettingid'])
+						|| (int)$phpsid_result['phpsettingid'] <= 0
+					) {
+						// assign default config
+						$phpsid_result['phpsettingid'] = 1;
+					}
+
+					$result = $db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET 
+								`customerid` = '" . (int)$userinfo['customerid'] . "',
+								`domain` = '" . $db->escape($completedomain) . "', 
+								`documentroot` = '" . $db->escape($path) . "', 
+								`ipandport` = '" . $db->escape($domain_check['ipandport']) . "', 
+								`aliasdomain` = ".(($aliasdomain != 0) ? "'" . $db->escape($aliasdomain) . "'" : "NULL") .", 
+								`parentdomainid` = '" . (int)$domain_check['id'] . "', 
+								`isemaildomain` = '" . ($domain_check['subcanemaildomain'] == '3' ? '1' : '0') . "', 
+								`openbasedir` = '" . $db->escape($domain_check['openbasedir']) . "', 
+								`openbasedir_path` = '" . $db->escape($openbasedir_path) . "', 
+								`safemode` = '" . $db->escape($domain_check['safemode']) . "', 
+								`speciallogfile` = '" . $db->escape($domain_check['speciallogfile']) . "', 
+								`specialsettings` = '" . $db->escape($domain_check['specialsettings']) . "', 
+								`ssl_redirect` = '" . $ssl_redirect . "', 
+								`phpsettingid` = '" . $phpsid_result['phpsettingid'] . "'");
+
+					if($_doredirect)
+					{
+						$did = $db->insert_id();
+						$redirect = isset($_POST['redirectcode']) ? (int)$_POST['redirectcode'] : $settings['customredirect']['default'];
+						addRedirectToDomain($did, $redirect);
+					}
+
 					$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `subdomains_used`=`subdomains_used`+1 WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 					$log->logAction(USR_ACTION, LOG_INFO, "added subdomain '" . $completedomain . "'");
 					inserttask('1');
@@ -296,7 +352,7 @@ elseif($page == 'domains')
 			}
 			else
 			{
-				$result = $db->query("SELECT `id`, `domain`, `documentroot`, `ssl_redirect`,`isemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `parentdomainid`='0' AND `email_only`='0' AND `iswildcarddomain`='0' AND `caneditdomain`='1' ORDER BY `domain` ASC");
+				$result = $db->query("SELECT `id`, `domain`, `documentroot`, `ssl_redirect`,`isemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `parentdomainid`='0' AND `email_only`='0' AND `caneditdomain`='1' ORDER BY `domain` ASC");
 				$domains = '';
 
 				while($row = $db->fetch_array($result))
@@ -312,9 +368,26 @@ elseif($page == 'domains')
 					$aliasdomains.= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id']);
 				}
 
+				if($settings['customredirect']['enabled'] == '1')
+				{
+					$redirectcode = '';
+					$codes = getRedirectCodesArray();
+					foreach($codes as $rc)
+					{
+						$redirectcode .= makeoption($rc['code']. ' ('.$lng['redirect_desc'][$rc['desc']].')', $rc['id'], $settings['customredirect']['default']);
+					}
+				}
+
 				$ssl_redirect = makeyesno('ssl_redirect', '1', '0', $result['ssl_redirect']);
 				$openbasedir = makeoption($lng['domain']['docroot'], 0, NULL, true) . makeoption($lng['domain']['homedir'], 1, NULL, true);
 				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+
+				$subdomain_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/domains/formfield.domains_add.php';
+				$subdomain_add_form = htmlform::genHTMLForm($subdomain_add_data);
+
+				$title = $subdomain_add_data['domain_add']['title'];
+				$image = $subdomain_add_data['domain_add']['image'];
+
 				eval("echo \"" . getTemplate("domains/domains_add") . "\";");
 			}
 		}
@@ -322,9 +395,10 @@ elseif($page == 'domains')
 	elseif($action == 'edit'
 	       && $id != 0)
 	{
-		$result = $db->query_first("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir_path` ,`pd`.`subcanemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd` WHERE `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `d`.`id`='" . (int)$id . "' AND ((`d`.`parentdomainid`!='0' AND `pd`.`id`=`d`.`parentdomainid`) OR (`d`.`parentdomainid`='0' AND `pd`.`id`=`d`.`id`)) AND `d`.`caneditdomain`='1'");
+		$result = $db->query_first("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir_path`, `d`.`ipandport`, `pd`.`subcanemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd` WHERE `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `d`.`id`='" . (int)$id . "' AND ((`d`.`parentdomainid`!='0' AND `pd`.`id`=`d`.`parentdomainid`) OR (`d`.`parentdomainid`='0' AND `pd`.`id`=`d`.`id`)) AND `d`.`caneditdomain`='1'");
 		$alias_check = $db->query_first('SELECT COUNT(`id`) AS count FROM `' . TABLE_PANEL_DOMAINS . '` WHERE `aliasdomain`=\'' . (int)$result['id'] . '\'');
 		$alias_check = $alias_check['count'];
+		$_doredirect = false;
 
 		if(isset($result['customerid'])
 		   && $result['customerid'] == $userinfo['customerid'])
@@ -337,6 +411,7 @@ elseif($page == 'domains')
 				   && validateUrl($idna_convert->encode($_POST['url'])))
 				{
 					$path = $_POST['url'];
+					$_doredirect = true;
 				}
 				else
 				{
@@ -348,6 +423,14 @@ elseif($page == 'domains')
 				{
 					$path = $userinfo['documentroot'] . '/' . $path;
 					$path = makeCorrectDir($path);
+					if (strstr($path, ":") !== FALSE)
+					{
+						standard_error('pathmaynotcontaincolon');
+					}
+				}
+				else
+				{
+					$_doredirect = true;
 				}
 
 				$aliasdomain = intval($_POST['alias']);
@@ -355,16 +438,7 @@ elseif($page == 'domains')
 				if(isset($_POST['iswildcarddomain'])
 				   && $_POST['iswildcarddomain'] == '1'
 				   && $result['parentdomainid'] == '0'
-				   && $userinfo['subdomains'] != '0')
+				){
-				{
-					$wildcarddomaincheck = $db->query("SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `parentdomainid` = '" . (int)$result['id'] . "'");
-
-					if($db->num_rows($wildcarddomaincheck) != '0')
-					{
-						standard_error('firstdeleteallsubdomains');
-						exit;
-					}
-
 					$iswildcarddomain = '1';
 				}
 				else
@@ -431,6 +505,12 @@ elseif($page == 'domains')
 						$log->logAction(USR_ACTION, LOG_NOTICE, "automatically deleted mail-table entries for '" . $idna_convert->decode($result['domain']) . "'");
 					}
 
+					if($_doredirect)
+					{
+						$redirect = isset($_POST['redirectcode']) ? (int)$_POST['redirectcode'] : false;
+						updateRedirectOfDomain($id, $redirect);
+					}
+
 					if($path != $result['documentroot']
 					   || $isemaildomain != $result['isemaildomain']
 					   || $iswildcarddomain != $result['iswildcarddomain']
@@ -439,9 +519,9 @@ elseif($page == 'domains')
 					   || $ssl_redirect != $result['ssl_redirect'])
 					{
 						$log->logAction(USR_ACTION, LOG_INFO, "edited domain '" . $idna_convert->decode($result['domain']) . "'");
+						$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `documentroot`='" . $db->escape($path) . "', `isemaildomain`='" . (int)$isemaildomain . "', `iswildcarddomain`='" . (int)$iswildcarddomain . "', `aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ",`openbasedir_path`='" . $db->escape($openbasedir_path) . "', `ssl_redirect`='" . $ssl_redirect . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 						inserttask('1');
 						inserttask('4');
-						$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `documentroot`='" . $db->escape($path) . "', `isemaildomain`='" . (int)$isemaildomain . "', `iswildcarddomain`='" . (int)$iswildcarddomain . "', `aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ",`openbasedir_path`='" . $db->escape($openbasedir_path) . "', `ssl_redirect`='" . $ssl_redirect . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 					}
 
 					redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -451,7 +531,8 @@ elseif($page == 'domains')
 			{
 				$result['domain'] = $idna_convert->decode($result['domain']);
 				$domains = makeoption($lng['domains']['noaliasdomain'], 0, $result['aliasdomain'], true);
-				$result_domains = $db->query("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`id`<>'" . (int)$result['id'] . "' AND `c`.`standardsubdomain`<>`d`.`id` AND `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `c`.`customerid`=`d`.`customerid` ORDER BY `d`.`domain` ASC");
+				// also check ip/port combination to be the same, #176
+				$result_domains = $db->query("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`id`<>'" . (int)$result['id'] . "' AND `c`.`standardsubdomain`<>`d`.`id` AND `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `c`.`customerid`=`d`.`customerid` AND `d`.`ipandport` = '".(int)$result['ipandport']."' ORDER BY `d`.`domain` ASC");
 
 				while($row_domain = $db->fetch_array($result_domains))
 				{
@@ -471,15 +552,35 @@ elseif($page == 'domains')
 					$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $result['documentroot']);
 				}
 
+				if($settings['customredirect']['enabled'] == '1')
+				{
+					$def_code = getDomainRedirectId($id);
+					$redirectcode = '';
+					$codes = getRedirectCodesArray();
+					foreach($codes as $rc)
+					{
+						$redirectcode .= makeoption($rc['code']. ' ('.$lng['redirect_desc'][$rc['desc']].')', $rc['id'], $def_code);
+					}
+				}
+
 				$ssl_redirect = makeyesno('ssl_redirect', '1', '0', $result['ssl_redirect']);
 				$iswildcarddomain = makeyesno('iswildcarddomain', '1', '0', $result['iswildcarddomain']);
 				$isemaildomain = makeyesno('isemaildomain', '1', '0', $result['isemaildomain']);
 				$openbasedir = makeoption($lng['domain']['docroot'], 0, $result['openbasedir_path'], true) . makeoption($lng['domain']['homedir'], 1, $result['openbasedir_path'], true);
+
+				$result_ipandport = $db->query_first("SELECT `ip` FROM `".TABLE_PANEL_IPSANDPORTS."` WHERE `id`='".(int)$result['ipandport']."'");
+				if(filter_var($result_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
+				{
+					$result_ipandport['ip'] = '[' . $result_ipandport['ip'] . ']';
+				}
+				$domainip = $result_ipandport['ip'];
 				$result = htmlentities_array($result);
 
-				if($settings['system']['use_ssl'] == "1")
+				$subdomain_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/domains/formfield.domains_edit.php';
-				{
+				$subdomain_edit_form = htmlform::genHTMLForm($subdomain_edit_data);
-				}
+
+				$title = $subdomain_edit_data['domain_edit']['title'];
+				$image = $subdomain_edit_data['domain_edit']['image'];
 
 				eval("echo \"" . getTemplate("domains/domains_edit") . "\";");
 			}

customer_email.php

@@ -139,8 +139,10 @@ elseif($page == 'emails')
 			}
 		}
 
-		$emaildomains_count = $db->query_first("SELECT COUNT(`id`) AS `count` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . $userinfo['customerid'] . "' AND `isemaildomain`='1' ORDER BY `domain` ASC");
+		$emaildomains_count = $db->query_first("SELECT COUNT(`id`) AS `count` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `isemaildomain`='1' ORDER BY `domain` ASC");
 		$emaildomains_count = $emaildomains_count['count'];
+
+		$emailscount = $db->num_rows($result);
 		eval("echo \"" . getTemplate("email/emails") . "\";");
 	}
 	elseif($action == 'delete'
@@ -182,6 +184,12 @@ elseif($page == 'emails')
 					$number_forwarders = 0;
 				}
 
+				if(isset($_POST['delete_userfiles'])
+				  && (int)$_POST['delete_userfiles'] == 1)
+				{
+					inserttask('7', $userinfo['loginname'], $result['email_full']);
+				}
+
 				$db->query("DELETE FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 				$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `emails_used`=`emails_used` - 1 , `email_forwarders_used` = `email_forwarders_used` - " . (int)$number_forwarders . " $update_users_query_addon WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted email address '" . $result['email'] . "'");
@@ -189,7 +197,12 @@ elseif($page == 'emails')
 			}
 			else
 			{
-				ask_yesno('email_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['email_full']));
+				if(maildirExists($result))  {
+					$show_checkbox = true;
+				} else {
+					$show_checkbox = false;
+				}
+				ask_yesno_withcheckbox('email_reallydelete', 'admin_customer_alsoremovemail', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['email_full']), $show_checkbox);
 			}
 		}
 	}
@@ -269,6 +282,13 @@ elseif($page == 'emails')
 				}
 
 				$iscatchall = makeyesno('iscatchall', '1', '0', '0');
+
+				$email_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_add.php';
+				$email_add_form = htmlform::genHTMLForm($email_add_data);
+
+				$title = $email_add_data['emails_add']['title'];
+				$image = $email_add_data['emails_add']['image'];
+
 				eval("echo \"" . getTemplate("email/emails_add") . "\";");
 			}
 		}
@@ -308,6 +328,13 @@ elseif($page == 'emails')
 
 			$destinations_count = count($result['destination']);
 			$result = htmlentities_array($result);
+
+			$email_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_edit.php';
+			$email_edit_form = htmlform::genHTMLForm($email_edit_data);
+
+			$title = $email_edit_data['emails_edit']['title'];
+			$image = $email_edit_data['emails_edit']['image'];
+			
 			eval("echo \"" . getTemplate("email/emails_edit") . "\";");
 		}
 	}
@@ -372,6 +399,7 @@ elseif($page == 'accounts')
 					$email_full = $result['email_full'];
 					$username = $idna_convert->decode($email_full);
 					$password = validate($_POST['email_password'], 'password');
+					$password = validatePassword($password);
 
 					if($settings['panel']['sendalternativemail'] == 1)
 					{
@@ -427,25 +455,26 @@ elseif($page == 'accounts')
 						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['pop_success']['subject']), $replace_arr));
 						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($userinfo['def_language']) . '\' AND `templategroup`=\'mails\' AND `varname`=\'pop_success_mailbody\'');
 						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['pop_success']['mailbody']), $replace_arr));
-						$mail->From = $admin['email'];
+						
-						$mail->FromName = getCorrectUserSalutation($admin);
+						$_mailerror = false;
+						try {
+							$mail->SetFrom($admin['email'], getCorrectUserSalutation($admin));
 							$mail->Subject = $mail_subject;
-						$mail->Body = $mail_body;
+							$mail->AltBody = $mail_body;
+							$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
 							$mail->AddAddress($email_full, getCorrectUserSalutation($userinfo));
-
+							$mail->Send();
-						if(!$mail->Send())
+						} catch(phpmailerException $e) {
-						{
+							$mailerr_msg = $e->errorMessage();
-							if($mail->ErrorInfo != '')
+							$_mailerror = true;
-							{
+						} catch (Exception $e) {
-								$mailerr_msg = $mail->ErrorInfo;
+							$mailerr_msg = $e->getMessage();
-							}
+							$_mailerror = true;
-							else
-							{
-								$mailerr_msg = $email;
 						}
 
+						if ($_mailerror) {	
 							$log->logAction(USR_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
-							standard_error('errorsendingmail', $email);
+							standard_error('errorsendingmail', $email_full);
 						}
 
 						$mail->ClearAddresses();
@@ -457,23 +486,24 @@ elseif($page == 'accounts')
 							$mail_subject = replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['pop_success_alternative']['subject']), $replace_arr);
 							$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($userinfo['def_language']) . '\' AND `templategroup`=\'mails\' AND `varname`=\'pop_success_alternative_mailbody\'');
 							$mail_body = replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['pop_success_alternative']['mailbody']), $replace_arr);
-							$mail->From = $admin['email'];
+							
-							$mail->FromName = getCorrectUserSalutation($admin);
+							$_mailerror = false;
+							try {
+								$mail->SetFrom($admin['email'], getCorrectUserSalutation($admin));
 								$mail->Subject = $mail_subject;
-							$mail->Body = $mail_body;
+								$mail->AltBody = $mail_body;
+								$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
 								$mail->AddAddress($idna_convert->encode($alternative_email), getCorrectUserSalutation($userinfo));
-
+								$mail->Send();
-							if(!$mail->Send())
+							} catch(phpmailerException $e) {
-							{
+								$mailerr_msg = $e->errorMessage();
-								if($mail->ErrorInfo != '')
+								$_mailerror = true;
-								{
+							} catch (Exception $e) {
-									$mailerr_msg = $mail->ErrorInfo;
+								$mailerr_msg = $e->getMessage();
-								}
+								$_mailerror = true;
-								else
-								{
-									$mailerr_msg = $alternative_email;
 							}
 	
+							if ($_mailerror) {	
 								$log->logAction(USR_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
 								standard_error(array('errorsendingmail', $alternative_email));
 							}
@@ -489,6 +519,13 @@ elseif($page == 'accounts')
 					$result['email_full'] = $idna_convert->decode($result['email_full']);
 					$result = htmlentities_array($result);
 					$quota = $settings['system']['mail_quota'];
+
+					$account_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_addaccount.php';
+					$account_add_form = htmlform::genHTMLForm($account_add_data);
+
+					$title = $account_add_data['emails_addaccount']['title'];
+					$image = $account_add_data['emails_addaccount']['image'];
+
 					eval("echo \"" . getTemplate("email/account_add") . "\";");
 				}
 			}
@@ -516,17 +553,24 @@ elseif($page == 'accounts')
 					standard_error(array('stringisempty', 'mypassword'));
 					exit;
 				}
-				else
+				
-				{
+				$password = validatePassword($password);
+				
 				$log->logAction(USR_ACTION, LOG_NOTICE, "changed email password for '" . $result['email_full'] . "'");
 				$result = $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET " . ($settings['system']['mailpwcleartext'] == '1' ? "`password` = '" . $db->escape($password) . "', " : '') . " `password_enc`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['popaccountid'] . "'");
 				redirectTo($filename, Array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 			}
-			}
 			else
 			{
 				$result['email_full'] = $idna_convert->decode($result['email_full']);
 				$result = htmlentities_array($result);
+
+				$account_changepw_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_accountchangepasswd.php';
+				$account_changepw_form = htmlform::genHTMLForm($account_changepw_data);
+
+				$title = $account_changepw_data['emails_accountchangepasswd']['title'];
+				$image = $account_changepw_data['emails_accountchangepasswd']['image'];
+
 				eval("echo \"" . getTemplate("email/account_changepw") . "\";");
 			}
 		}
@@ -568,6 +612,13 @@ elseif($page == 'accounts')
 			{
 				$result['email_full'] = $idna_convert->decode($result['email_full']);
 				$result = htmlentities_array($result);
+
+				$quota_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_accountchangequota.php';
+				$quota_edit_form = htmlform::genHTMLForm($quota_edit_data);
+
+				$title = $quota_edit_data['emails_accountchangequota']['title'];
+				$image = $quota_edit_data['emails_accountchangequota']['image'];
+        
 				eval("echo \"" . getTemplate("email/account_changequota") . "\";");
 			}
 		}
@@ -597,13 +648,19 @@ elseif($page == 'accounts')
 					$quota = 0;
 				}
 
+				if(isset($_POST['delete_userfiles'])
+				  && (int)$_POST['delete_userfiles'] == 1)
+				{
+					inserttask('7', $userinfo['loginname'], $result['email_full']);
+				}
+
 				$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_accounts_used` = `email_accounts_used` - 1, `email_quota_used` = `email_quota_used` - " . (int)$quota . " WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted email account for '" . $result['email_full'] . "'");
 				redirectTo($filename, Array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 			}
 			else
 			{
-				ask_yesno('email_reallydelete_account', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['email_full']));
+				ask_yesno_withcheckbox('email_reallydelete_account', 'admin_customer_alsoremovemail', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['email_full']));
 			}
 		}
 	}
@@ -656,6 +713,13 @@ elseif($page == 'forwarders')
 				{
 					$result['email_full'] = $idna_convert->decode($result['email_full']);
 					$result = htmlentities_array($result);
+
+					$forwarder_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_addforwarder.php';
+					$forwarder_add_form = htmlform::genHTMLForm($forwarder_add_data);
+
+					$title = $forwarder_add_data['emails_addforwarder']['title'];
+					$image = $forwarder_add_data['emails_addforwarder']['image'];
+
 					eval("echo \"" . getTemplate("email/forwarder_add") . "\";");
 				}
 			}

customer_extras.php

@@ -49,7 +49,7 @@ elseif($page == 'htpasswds')
 			'path' => $lng['panel']['path']
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_HTPASSWDS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result = $db->query("SELECT `id`, `username`, `path` FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		$result = $db->query("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -81,7 +81,7 @@ elseif($page == 'htpasswds')
 	elseif($action == 'delete'
 	       && $id != 0)
 	{
-		$result = $db->query_first("SELECT `id`, `customerid`, `username`, `path` FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 
 		if(isset($result['username'])
 		   && $result['username'] != '')
@@ -114,6 +114,7 @@ elseif($page == 'htpasswds')
 			$userpath = $path;
 			$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
 			$username = validate($_POST['username'], 'username', '/^[a-zA-Z0-9][a-zA-Z0-9\-_]+\$?$/');
+			$authname = validate($_POST['directory_authname'], 'directory_authname', '/^[a-zA-Z0-9][a-zA-Z0-9\-_ ]+\$?$/');
 			validate($_POST['directory_password'], 'password');
 			$username_path_check = $db->query_first("SELECT `id`, `username`, `path` FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `username`='" . $db->escape($username) . "' AND `path`='" . $db->escape($path) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");
 
@@ -151,7 +152,7 @@ elseif($page == 'htpasswds')
 			}
 			else
 			{
-				$db->query("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` (`customerid`, `username`, `password`, `path`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', '" . $db->escape($password) . "', '" . $db->escape($path) . "')");
+				$db->query("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` (`customerid`, `username`, `password`, `path`, `authname`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', '" . $db->escape($password) . "', '" . $db->escape($path) . "', '" . $db->escape($authname) . "')");
 				$log->logAction(USR_ACTION, LOG_INFO, "added htpasswd for '" . $username . " (" . $path . ")'");
 				inserttask('1');
 				redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -160,13 +161,20 @@ elseif($page == 'htpasswds')
 		else
 		{
 			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+
+			$htpasswd_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htpasswd_add.php';
+			$htpasswd_add_form = htmlform::genHTMLForm($htpasswd_add_data);
+
+			$title = $htpasswd_add_data['htpasswd_add']['title'];
+			$image = $htpasswd_add_data['htpasswd_add']['image'];
+
 			eval("echo \"" . getTemplate("extras/htpasswds_add") . "\";");
 		}
 	}
 	elseif($action == 'edit'
 	       && $id != 0)
 	{
-		$result = $db->query_first("SELECT `id`, `username`, `path` FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 
 		if(isset($result['username'])
 		   && $result['username'] != '')
@@ -175,6 +183,7 @@ elseif($page == 'htpasswds')
 			   && $_POST['send'] == 'send')
 			{
 				validate($_POST['directory_password'], 'password');
+				$authname = validate($_POST['directory_authname'], 'directory_authname', '/^[a-zA-Z0-9][a-zA-Z0-9\-_ ]+\$?$/');
 
 				if(CRYPT_STD_DES == 1)
 				{
@@ -186,13 +195,25 @@ elseif($page == 'htpasswds')
 					$password = crypt($_POST['directory_password']);
 				}
 
-				if($_POST['directory_password'] == '')
+				$pwd_sql = '';
+				if($_POST['directory_password'] != '')
 				{
-					standard_error(array('stringisempty', 'mypassword'));
+					$pwd_sql = "`password`='" . $db->escape($password) . "' ";
 				}
-				else
+				
+				$auth_sql = '';
+				if($authname != $result['authname'])
 				{
-					$db->query("UPDATE `" . TABLE_PANEL_HTPASSWDS . "` SET `password`='" . $db->escape($password) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+					$auth_sql = "`authname`='" . $db->escape($authname) . "' ";
+				}
+
+				if($pwd_sql != '' || $auth_sql != '')
+				{
+					if($pwd_sql !='' && $auth_sql != '') {
+						$pwd_sql.= ', ';
+					}
+
+					$db->query("UPDATE `" . TABLE_PANEL_HTPASSWDS . "` SET ".$pwd_sql.$auth_sql." WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 					$log->logAction(USR_ACTION, LOG_INFO, "edited htpasswd for '" . $result['username'] . " (" . $result['path'] . ")'");
 					inserttask('1');
 					redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -206,6 +227,13 @@ elseif($page == 'htpasswds')
 				}
 
 				$result = htmlentities_array($result);
+
+				$htpasswd_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htpasswd_edit.php';
+				$htpasswd_edit_form = htmlform::genHTMLForm($htpasswd_edit_data);
+
+				$title = $htpasswd_edit_data['htpasswd_edit']['title'];
+				$image = $htpasswd_edit_data['htpasswd_edit']['image'];
+
 				eval("echo \"" . getTemplate("extras/htpasswds_edit") . "\";");
 			}
 		}
@@ -221,10 +249,11 @@ elseif($page == 'htaccess')
 			'options_indexes' => $lng['extras']['view_directory'],
 			'error404path' => $lng['extras']['error404path'],
 			'error403path' => $lng['extras']['error403path'],
-			'error500path' => $lng['extras']['error500path']
+			'error500path' => $lng['extras']['error500path'],
+			'options_cgi' => $lng['extras']['execute_perl']
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_HTACCESS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result = $db->query("SELECT `id`, `path`, `options_indexes`, `error404path`, `error403path`, `error500path` FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		$result = $db->query("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -234,6 +263,8 @@ elseif($page == 'htaccess')
 		$count = 0;
 		$htaccess = '';
 
+		$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
+
 		while($row = $db->fetch_array($result))
 		{
 			if($paging->checkDisplay($i))
@@ -241,10 +272,14 @@ elseif($page == 'htaccess')
 				if(strpos($row['path'], $userinfo['documentroot']) === 0)
 				{
 					$row['path'] = substr($row['path'], strlen($userinfo['documentroot']));
+					// don't show nothing wehn it's the docroot, show slash
+					if ($row['path'] == '') { $row['path'] = '/'; }
 				}
 
 				$row['options_indexes'] = str_replace('1', $lng['panel']['yes'], $row['options_indexes']);
 				$row['options_indexes'] = str_replace('0', $lng['panel']['no'], $row['options_indexes']);
+				$row['options_cgi'] = str_replace('1', $lng['panel']['yes'], $row['options_cgi']);
+				$row['options_cgi'] = str_replace('0', $lng['panel']['no'], $row['options_cgi']);
 				$row = htmlentities_array($row);
 				eval("\$htaccess.=\"" . getTemplate("extras/htaccess_htaccess") . "\";");
 				$count++;
@@ -293,35 +328,18 @@ elseif($page == 'htaccess')
 				standard_error('invalidpath');
 			}
 
-			if(($_POST['error404path'] === '')
+			if(isset($_POST['options_cgi']))
-			   || (validateUrl($idna_convert->encode($_POST['error404path']))))
 			{
-				$error404path = $_POST['error404path'];
+				$options_cgi = intval($_POST['options_cgi']);
 			}
 			else
 			{
-				standard_error('mustbeurl');
+				$options_cgi = '0';
 			} 
 
-			if(($_POST['error403path'] === '')
+			$error404path = correctErrorDocument($_POST['error404path']);
-			   || (validateUrl($idna_convert->encode($_POST['error403path']))))
+			$error403path = correctErrorDocument($_POST['error403path']);
-			{
+			$error500path = correctErrorDocument($_POST['error500path']);
-				$error403path = $_POST['error403path'];
-			}
-			else
-			{
-				standard_error('mustbeurl');
-			}
-
-			if(($_POST['error500path'] === '')
-			   || (validateUrl($idna_convert->encode($_POST['error500path']))))
-			{
-				$error500path = $_POST['error500path'];
-			}
-			else
-			{
-				standard_error('mustbeurl');
-			}
 
 			if($path_dupe_check['path'] == $path)
 			{
@@ -333,7 +351,15 @@ elseif($page == 'htaccess')
 			}
 			else
 			{
-				$db->query('INSERT INTO `' . TABLE_PANEL_HTACCESS . '`  (`customerid`,  `path`,  `options_indexes`,  `error404path`,  `error403path`,  `error500path`  ) VALUES ("' . (int)$userinfo['customerid'] . '",  "' . $db->escape($path) . '",  "' . $db->escape($_POST['options_indexes'] == '1' ? '1' : '0') . '",  "' . $db->escape($error404path) . '",  "' . $db->escape($error403path) . '",  "' . $db->escape($error500path) . '"  )');
+				$db->query('INSERT INTO `' . TABLE_PANEL_HTACCESS . '` SET
+							`customerid` = "'.(int)$userinfo['customerid'].'",
+							`path` = "'.$db->escape($path).'",
+							`options_indexes` = "'.$db->escape($_POST['options_indexes'] == '1' ? '1' : '0').'",
+							`error404path` = "'.$db->escape($error404path).'",
+							`error403path` = "'.$db->escape($error403path).'",
+							`error500path` = "'.$db->escape($error500path).'",
+							`options_cgi` = "'.$db->escape($options_cgi).'"');
+
 				$log->logAction(USR_ACTION, LOG_INFO, "added htaccess for '" . $path . "'");
 				inserttask('1');
 				redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -342,7 +368,16 @@ elseif($page == 'htaccess')
 		else
 		{
 			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
-			$options_indexes = makeyesno('options_indexes', '1', '0', '1');
+			$options_indexes = makeyesno('options_indexes', '1', '0', '0');
+			$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
+			$options_cgi = makeyesno('options_cgi', '1', '0', '0');
+
+			$htaccess_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htaccess_add.php';
+			$htaccess_add_form = htmlform::genHTMLForm($htaccess_add_data);
+
+			$title = $htaccess_add_data['htaccess_add']['title'];
+			$image = $htaccess_add_data['htaccess_add']['image'];
+
 			eval("echo \"" . getTemplate("extras/htaccess_add") . "\";");
 		}
 	}
@@ -359,49 +394,30 @@ elseif($page == 'htaccess')
 			   && $_POST['send'] == 'send')
 			{
 				$option_indexes = intval($_POST['options_indexes']);
+				$options_cgi = isset($_POST['options_cgi']) ? intval($_POST['options_cgi']) : 0;
 
 				if($option_indexes != '1')
 				{
 					$option_indexes = '0';
 				}
 
-				if(($_POST['error404path'] === '')
+				if($options_cgi != '1')
-				   || (validateUrl($idna_convert->encode($_POST['error404path']))))
 				{
-					$error404path = $_POST['error404path'];
+					$options_cgi = '0';
-				}
-				else
-				{
-					standard_error('mustbeurl');
 				}
 
-				if(($_POST['error403path'] === '')
+				$error404path = correctErrorDocument($_POST['error404path']);
-				   || (validateUrl($idna_convert->encode($_POST['error403path']))))
+				$error403path = correctErrorDocument($_POST['error403path']);
-				{
+				$error500path = correctErrorDocument($_POST['error500path']);
-					$error403path = $_POST['error403path'];
-				}
-				else
-				{
-					standard_error('mustbeurl');
-				}
-
-				if(($_POST['error500path'] === '')
-				   || (validateUrl($idna_convert->encode($_POST['error500path']))))
-				{
-					$error500path = $_POST['error500path'];
-				}
-				else
-				{
-					standard_error('mustbeurl');
-				}
 
 				if(($option_indexes != $result['options_indexes'])
 				   || ($error404path != $result['error404path'])
 				   || ($error403path != $result['error403path'])
-				   || ($error500path != $result['error500path']))
+				   || ($error500path != $result['error500path'])
+				   || ($options_cgi != $result['options_cgi']))
 				{
 					inserttask('1');
-					$db->query('UPDATE `' . TABLE_PANEL_HTACCESS . '` SET `options_indexes` = "' . $db->escape($option_indexes) . '", `error404path`    = "' . $db->escape($error404path) . '",  `error403path`    = "' . $db->escape($error403path) . '",  `error500path`    = "' . $db->escape($error500path) . '" WHERE `customerid` = "' . (int)$userinfo['customerid'] . '"  AND `id` = "' . (int)$id . '"');
+					$db->query('UPDATE `' . TABLE_PANEL_HTACCESS . '` SET `options_indexes` = "' . $db->escape($option_indexes) . '", `error404path`    = "' . $db->escape($error404path) . '",  `error403path`    = "' . $db->escape($error403path) . '",  `error500path`    = "' . $db->escape($error500path) . '", `options_cgi` = "' . $db->escape($options_cgi) . '" WHERE `customerid` = "' . (int)$userinfo['customerid'] . '"  AND `id` = "' . (int)$id . '"');
 					$log->logAction(USR_ACTION, LOG_INFO, "edited htaccess for '" . str_replace($userinfo['documentroot'], '', $result['path']) . "'");
 				}
 
@@ -412,13 +428,24 @@ elseif($page == 'htaccess')
 				if(strpos($result['path'], $userinfo['documentroot']) === 0)
 				{
 					$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
+					// don't show nothing wehn it's the docroot, show slash
+					if ($result['path'] == '') { $result['path'] = '/'; }
 				}
 
 				$result['error404path'] = $result['error404path'];
 				$result['error403path'] = $result['error403path'];
 				$result['error500path'] = $result['error500path'];
 				$options_indexes = makeyesno('options_indexes', '1', '0', $result['options_indexes']);
+				$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
+				$options_cgi = makeyesno('options_cgi', '1', '0', $result['options_cgi']);
 				$result = htmlentities_array($result);
+
+				$htaccess_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htaccess_edit.php';
+				$htaccess_edit_form = htmlform::genHTMLForm($htaccess_edit_data);
+	
+				$title = $htaccess_edit_data['htaccess_edit']['title'];
+				$image = $htaccess_edit_data['htaccess_edit']['image'];
+
 				eval("echo \"" . getTemplate("extras/htaccess_edit") . "\";");
 			}
 		}

customer_ftp.php

@@ -97,12 +97,12 @@ elseif($page == 'accounts')
 			   && $_POST['send'] == 'send')
 			{
 				$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `up_count`=`up_count`+'" . (int)$result['up_count'] . "', `up_bytes`=`up_bytes`+'" . (int)$result['up_bytes'] . "', `down_count`=`down_count`+'" . (int)$result['down_count'] . "', `down_bytes`=`down_bytes`+'" . (int)$result['down_bytes'] . "' WHERE `username`='" . $db->escape($userinfo['loginname']) . "'");
+				$result = $db->query_first("SELECT `username`, `homedir` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+				$db->query("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = '" . $db->escape($result['username']) . "'");
 				$db->query("DELETE FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted ftp-account '" . $result['username'] . "'");
 				$db->query("UPDATE `" . TABLE_FTP_GROUPS . "` SET `members`=REPLACE(`members`,'," . $db->escape($result['username']) . "','') WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 
-				//					$db->query("DELETE FROM `".TABLE_FTP_GROUPS."` WHERE `customerid`='".$userinfo['customerid']."' AND `id`='$id'");
-
 				if($userinfo['ftps_used'] == '1')
 				{
 					$resetaccnumber = " , `ftp_lastaccountnumber`='0'";
@@ -112,12 +112,19 @@ elseif($page == 'accounts')
 					$resetaccnumber = '';
 				}
 
+				// refs #293
+				if(isset($_POST['delete_userfiles'])
+				  && (int)$_POST['delete_userfiles'] == 1)
+				{
+					inserttask('8', $userinfo['loginname'], $result['homedir']);
+				}
+
 				$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `ftps_used`=`ftps_used`-1 $resetaccnumber WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
 			else
 			{
-				ask_yesno('ftp_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username']);
+				ask_yesno_withcheckbox('ftp_reallydelete', 'admin_customer_alsoremoveftphomedir', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username']);
 			}
 		}
 		else
@@ -135,6 +142,13 @@ elseif($page == 'accounts')
 			{
 				$path = validate($_POST['path'], 'path');
 				$password = validate($_POST['ftp_password'], 'password');
+				$password = validatePassword($password);
+
+				$sendinfomail = intval($_POST['sendinfomail']);
+				if($sendinfomail != 1)
+				{
+					$sendinfomail = 0;
+				}
 
 				if($settings['customer']['ftpatdomain'] == '1')
 				{
@@ -172,26 +186,166 @@ elseif($page == 'accounts')
 				}
 				else
 				{
-					$userpath = makeCorrectDir($path);
 					$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
 					
 					$db->query("INSERT INTO `" . TABLE_FTP_USERS . "` (`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', ENCRYPT('" . $db->escape($password) . "'), '" . $db->escape($path) . "', 'y', '" . (int)$userinfo['guid'] . "', '" . (int)$userinfo['guid'] . "')");
+					$result = $db->query("SELECT `bytes_in_used` FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = '" . $userinfo['loginname'] . "'");
+					while($row = $db->fetch_array($result))
+					{
+						$db->query("INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` (`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`) VALUES ('" . $db->escape($username) . "', 'user', '" . $db->escape($row['bytes_in_used']) . "', '0', '0', '0', '0', '0')");
+					}
 					$db->query("UPDATE `" . TABLE_FTP_GROUPS . "` SET `members`=CONCAT_WS(',',`members`,'" . $db->escape($username) . "') WHERE `customerid`='" . $userinfo['customerid'] . "' AND `gid`='" . (int)$userinfo['guid'] . "'");
-
-					//						$db->query("INSERT INTO `".TABLE_FTP_GROUPS."` (`customerid`, `groupname`, `gid`, `members`) VALUES ('".$userinfo['customerid']."', '$username', '$uid', '$username')");
-
 					$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `ftps_used`=`ftps_used`+1, `ftp_lastaccountnumber`=`ftp_lastaccountnumber`+1 WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 
-					//						$db->query("UPDATE `".TABLE_PANEL_SETTINGS."` SET `value`='$uid' WHERE settinggroup='ftp' AND varname='lastguid'");
-
 					$log->logAction(USR_ACTION, LOG_INFO, "added ftp-account '" . $username . " (" . $path . ")'");
 					inserttask(5);
+
+					if($sendinfomail == 1)
+					{
+						$replace_arr = array(
+							'CUST_NAME' => getCorrectUserSalutation($userinfo),
+							'USR_NAME' => $username,
+							'USR_PASS' => $password,
+							'USR_PATH' => makeCorrectDir(substr($path, strlen($userinfo['documentroot'])))
+						);
+						
+						$def_language = $userinfo['def_language'];
+						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'new_ftpaccount_by_customer_subject\'');
+						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['ftp_add']['infomail_subject']), $replace_arr));
+						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'new_ftpaccount_by_customer_mailbody\'');
+						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['ftp_add']['infomail_body']['main']), $replace_arr));
+						
+						$_mailerror = false;
+						try {
+							$mail->Subject = $mail_subject;
+							$mail->AltBody = $mail_body;
+							$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
+							$mail->AddAddress($userinfo['email'], getCorrectUserSalutation($userinfo));
+							$mail->Send();
+						} catch(phpmailerException $e) {
+							$mailerr_msg = $e->errorMessage();
+							$_mailerror = true;
+						} catch (Exception $e) {
+							$mailerr_msg = $e->getMessage();
+							$_mailerror = true;
+						}
+
+						if ($_mailerror) {
+							$log->logAction(USR_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
+							standard_error('errorsendingmail', $userinfo['email']);
+						}
+
+						$mail->ClearAddresses();
+					}
+
 					redirectTo($filename, Array('page' => $page, 's' => $s));
 				}
 			}
 			else
 			{
-				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], '/');
+
+				if($settings['customer']['ftpatdomain'] == '1')
+				{
+					$domainlist = array();
+					$domains = '';
+
+					$result_domains = $db->query("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
+
+					while($row_domain = $db->fetch_array($result_domains))
+					{
+						$domainlist[] =  $row_domain['domain'];
+					}
+
+					sort($domainlist);
+
+					if(isset($domainlist[0]) && $domainlist[0] != '')
+					{
+						foreach($domainlist as $dom)
+						{
+							$domains .= makeoption($idna_convert->decode($dom), $dom);
+						}
+					}
+				}
+
+				$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');
+
+				$ftp_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/ftp/formfield.ftp_add.php';
+				$ftp_add_form = htmlform::genHTMLForm($ftp_add_data);
+
+				$title = $ftp_add_data['ftp_add']['title'];
+				$image = $ftp_add_data['ftp_add']['image'];
+
+				eval("echo \"" . getTemplate("ftp/accounts_add") . "\";");
+			}
+		}
+	}
+	elseif($action == 'edit'
+	       && $id != 0)
+	{
+		$result = $db->query_first("SELECT `id`, `username`, `homedir`, `uid`, `gid` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+
+		if(isset($result['username'])
+		   && $result['username'] != '')
+		{
+			if(isset($_POST['send'])
+			   && $_POST['send'] == 'send')
+			{
+				$path = validate($_POST['path'], 'path');
+				
+				$_setnewpass = false;
+				if(isset($_POST['ftp_password']) && $_POST['ftp_password'] != '')
+				{
+					$password = validate($_POST['ftp_password'], 'password');
+					$password = validatePassword($password);
+					$_setnewpass = true;
+				}
+
+				if($_setnewpass)
+				{
+					if($password == '')
+					{
+						standard_error(array('stringisempty', 'mypassword'));
+						exit;
+					}
+					else
+					{
+						$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account password for '" . $result['username'] . "'");
+						$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+					}
+				}
+				
+				if($path != '')
+				{
+					$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
+					
+					if($path != $result['homedir'])
+					{
+						if(!file_exists($path))
+						{
+							mkDirWithCorrectOwnership($userinfo['documentroot'], $path, $result['uid'], $result['gid']);
+						}
+
+						$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account homdir for '" . $result['username'] . "'");
+						$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `homedir`= '" . $db->escape($path) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");						
+					}
+				}
+
+				redirectTo($filename, Array('page' => $page, 's' => $s));
+			}
+			else
+			{
+				if(strpos($result['homedir'], $userinfo['documentroot']) === 0)
+				{
+					$homedir = substr($result['homedir'], strlen($userinfo['documentroot']));
+				}
+				else
+				{
+					$homedir = $result['homedir'];
+				}
+				$homedir = makeCorrectDir($homedir);
+
+				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $homedir);
 
 				if($settings['customer']['ftpatdomain'] == '1')
 				{
@@ -205,37 +359,12 @@ elseif($page == 'accounts')
 					}
 				}
 
-				eval("echo \"" . getTemplate("ftp/accounts_add") . "\";");
+				$ftp_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/ftp/formfield.ftp_edit.php';
-			}
+				$ftp_edit_form = htmlform::genHTMLForm($ftp_edit_data);
-		}
-	}
-	elseif($action == 'edit'
-	       && $id != 0)
-	{
-		$result = $db->query_first("SELECT `id`, `username`, `homedir` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 
-		if(isset($result['username'])
+				$title = $ftp_edit_data['ftp_edit']['title'];
-		   && $result['username'] != '')
+				$image = $ftp_edit_data['ftp_edit']['image'];
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
-				$password = validate($_POST['ftp_password'], 'password');
 
-				if($password == '')
-				{
-					standard_error(array('stringisempty', 'mypassword'));
-					exit;
-				}
-				else
-				{
-					$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
-					$log->logAction(USR_ACTION, LOG_INFO, "edited ftp-account '" . $result['username'] . "'");
-					redirectTo($filename, Array('page' => $page, 's' => $s));
-				}
-			}
-			else
-			{
 				eval("echo \"" . getTemplate("ftp/accounts_edit") . "\";");
 			}
 		}

customer_index.php

@@ -67,7 +67,7 @@ if($page == 'overview')
 	$userinfo['diskspace_used'] = round($userinfo['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
 	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
 	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps tickets subdomains aps_packages');
+	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps tickets subdomains aps_packages');
 	$opentickets = 0;
 	$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
                                    WHERE `customerid` = "' . $userinfo['customerid'] . '"
@@ -172,13 +172,46 @@ elseif($page == 'change_language')
 	{
 		$language_options = '';
 
+		$default_lang = $settings['panel']['standardlanguage'];
+		if($userinfo['def_language'] != '') { 
+			$default_lang = $userinfo['def_language'];
+		}
+
 		while(list($language_file, $language_name) = each($languages))
 		{
-			$language_options.= makeoption($language_name, $language_file, $userinfo['def_language'], true);
+			$language_options.= makeoption($language_name, $language_file, $default_lang, true);
 		}
 
 		eval("echo \"" . getTemplate("index/change_language") . "\";");
 	}
 }
+elseif($page == 'change_theme')
+{
+	if(isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {
+		$theme = validate($_POST['theme'], 'theme');
  
-?>
+		$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `theme`='" . $db->escape($theme) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
+		$db->query("UPDATE `" . TABLE_PANEL_SESSIONS . "` SET `theme`='" . $db->escape($theme) . "' WHERE `hash`='" . $db->escape($s) . "'");
+		$log->logAction(USR_ACTION, LOG_NOTICE, "changed default theme to '" . $theme . "'");
+		redirectTo($filename, Array('s' => $s));
+	}
+	else
+	{
+		$theme_options = '';
+
+		$default_theme = $settings['panel']['default_theme'];
+		if($userinfo['theme'] != '') {
+			$default_theme = $userinfo['theme'];
+		}
+
+		$themes_avail = getThemes();
+		foreach($themes_avail as $t)
+		{
+			$theme_options.= makeoption($t, $t, $default_theme, true);
+		}
+
+		eval("echo \"" . getTemplate("index/change_theme") . "\";");
+	}
+}

customer_mysql.php

@@ -52,7 +52,7 @@ elseif($page == 'mysqls')
 			'description' => $lng['mysql']['databasedescription']
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_DATABASES, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result = $db->query("SELECT `id`, `databasename`, `description`, `dbserver` FROM `" . TABLE_PANEL_DATABASES . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		$result = $db->query("SELECT * FROM `" . TABLE_PANEL_DATABASES . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -80,7 +80,7 @@ elseif($page == 'mysqls')
 	elseif($action == 'delete'
 	       && $id != 0)
 	{
-		$result = $db->query_first('SELECT `id`, `databasename`, `dbserver` FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int)$userinfo['customerid'] . '" AND `id`="' . (int)$id . '"');
+		$result = $db->query_first('SELECT `id`, `databasename`, `description`, `dbserver` FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int)$userinfo['customerid'] . '" AND `id`="' . (int)$id . '"');
 
 		if(isset($result['databasename'])
 		   && $result['databasename'] != '')
@@ -126,7 +126,11 @@ elseif($page == 'mysqls')
 			}
 			else
 			{
-				ask_yesno('mysql_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['databasename']);
+				$dbnamedesc = $result['databasename'];
+				if(isset($result['description']) && $result['description'] != '') {
+					$dbnamedesc.= ' ('.$result['description'].')';
+				}
+				ask_yesno('mysql_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $dbnamedesc);
 			}
 		}
 	}
@@ -139,6 +143,13 @@ elseif($page == 'mysqls')
 			   && $_POST['send'] == 'send')
 			{
 				$password = validate($_POST['mysql_password'], 'password');
+				$password = validatePassword($password);
+
+				$sendinfomail = intval($_POST['sendinfomail']);
+				if($sendinfomail != 1)
+				{
+					$sendinfomail = 0;
+				}
 
 				if($password == '')
 				{
@@ -184,6 +195,53 @@ elseif($page == 'mysqls')
 					$databasedescription = validate($_POST['description'], 'description');
 					$result = $db->query('INSERT INTO `' . TABLE_PANEL_DATABASES . '` (`customerid`, `databasename`, `description`, `dbserver`) VALUES ("' . (int)$userinfo['customerid'] . '", "' . $db->escape($username) . '", "' . $db->escape($databasedescription) . '", "' . $db->escape($dbserver) . '")');
 					$result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`+1, `mysql_lastaccountnumber`=`mysql_lastaccountnumber`+1 WHERE `customerid`="' . (int)$userinfo['customerid'] . '"');
+
+					if($sendinfomail == 1)
+					{
+						$pma = $lng['admin']['notgiven'];
+						if($settings['panel']['phpmyadmin_url'] != '')
+						{
+							$pma = $settings['panel']['phpmyadmin_url'];
+						}
+
+						$replace_arr = array(
+							'CUST_NAME' => getCorrectUserSalutation($userinfo),
+							'DB_NAME' => $username,
+							'DB_PASS' => $password,
+							'DB_DESC' => $databasedescription,
+							'DB_SRV' => $sql_root[$dbserver]['host'],
+							'PMA_URI' => $pma 
+						);
+						
+						$def_language = $userinfo['def_language'];
+						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'new_database_by_customer_subject\'');
+						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['mysql_add']['infomail_subject']), $replace_arr));
+						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'new_database_by_customer_mailbody\'');
+						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['mysql_add']['infomail_body']['main']), $replace_arr));
+
+						$_mailerror = false;
+						try {
+							$mail->Subject = $mail_subject;
+							$mail->AltBody = $mail_body;
+							$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
+							$mail->AddAddress($userinfo['email'], getCorrectUserSalutation($userinfo));
+							$mail->Send();
+						} catch(phpmailerException $e) {
+							$mailerr_msg = $e->errorMessage();
+							$_mailerror = true;
+						} catch (Exception $e) {
+							$mailerr_msg = $e->getMessage();
+							$_mailerror = true;
+						}
+
+						if ($_mailerror) {
+							$log->logAction(USR_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
+							standard_error('errorsendingmail', $userinfo['email']);
+						}
+
+						$mail->ClearAddresses();
+					}
+
 					redirectTo($filename, Array('page' => $page, 's' => $s));
 				}
 			}
@@ -196,6 +254,14 @@ elseif($page == 'mysqls')
 					$mysql_servers .= makeoption($mysql_server_details['caption'], $mysql_server);
 				}
 
+				$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');
+
+				$mysql_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/mysql/formfield.mysql_add.php';
+				$mysql_add_form = htmlform::genHTMLForm($mysql_add_data);
+
+				$title = $mysql_add_data['mysql_add']['title'];
+				$image = $mysql_add_data['mysql_add']['image'];
+
 				eval("echo \"" . getTemplate("mysql/mysqls_add") . "\";");
 			}
 		}
@@ -217,13 +283,14 @@ elseif($page == 'mysqls')
 			   && $_POST['send'] == 'send')
 			{
 				// Only change Password if it is set, do nothing if it is empty! -- PH 2004-11-29
-
 				$password = validate($_POST['mysql_password'], 'password');
 
 				if($password != '')
 				{
-					// Begin root-session
+					// validate password
+					$password = validatePassword($password);
 
+					// Begin root-session
 					$db_root = new db($sql_root[$result['dbserver']]['host'], $sql_root[$result['dbserver']]['user'], $sql_root[$result['dbserver']]['password'], '');
 					unset($db_root->password);
 					foreach(array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host)
@@ -246,6 +313,12 @@ elseif($page == 'mysqls')
 			}
 			else
 			{
+				$mysql_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/mysql/formfield.mysql_edit.php';
+				$mysql_edit_form = htmlform::genHTMLForm($mysql_edit_data);
+
+				$title = $mysql_edit_data['mysql_edit']['title'];
+				$image = $mysql_edit_data['mysql_edit']['image'];
+
 				eval("echo \"" . getTemplate("mysql/mysqls_edit") . "\";");
 			}
 		}

customer_tickets.php

@@ -98,6 +98,7 @@ elseif($page == 'tickets')
 					$cananswer = 0;
 				}
 
+				$row['subject'] = html_entity_decode($row['subject']);
 				if(strlen($row['subject']) > 20)
 				{
 					$row['subject'] = substr($row['subject'], 0, 17) . '...';
@@ -209,12 +210,12 @@ elseif($page == 'tickets')
 			else
 			{
 				$categories = '';
-				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `name` ASC');
+				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `logicalorder`, `name` ASC');
 
 				if(isset($result['name'])
 				   && $result['name'] != '')
 				{
-					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `name` ASC');
+					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `logicalorder`, `name` ASC');
 
 					while($row = $db->fetch_array($result2))
 					{
@@ -226,9 +227,9 @@ elseif($page == 'tickets')
 					$categories = makeoption($lng['ticket']['no_cat'], '0');
 				}
 
-				$priorities = makeoption($lng['ticket']['unf_high'], '1');
+				$priorities = makeoption($lng['ticket']['unf_high'], '1', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_normal'], '2');
+				$priorities.= makeoption($lng['ticket']['unf_normal'], '2', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_low'], '3');
+				$priorities.= makeoption($lng['ticket']['unf_low'], '3', $settings['ticket']['default_priority']);
 				$ticketsopen = 0;
 				$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
                                            WHERE `customerid` = "' . $userinfo['customerid'] . '"
@@ -246,6 +247,13 @@ elseif($page == 'tickets')
 				}
 
 				$ticketsopen = (int)$opentickets['count'];
+
+				$ticket_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/ticket/formfield.ticket_add.php';
+				$ticket_add_form = htmlform::genHTMLForm($ticket_add_data);
+
+				$title = $ticket_add_data['ticket_add']['title'];
+				$image = $ticket_add_data['ticket_add']['image'];
+
 				eval("echo \"" . getTemplate("ticket/tickets_new") . "\";");
 			}
 		}
@@ -359,6 +367,12 @@ elseif($page == 'tickets')
 
 			// don't forget the main-ticket!
 
+			$ticket_reply_data = include_once dirname(__FILE__).'/lib/formfields/customer/ticket/formfield.ticket_reply.php';
+			$ticket_reply_form = htmlform::genHTMLForm($ticket_reply_data);
+
+			$title = $ticket_reply_data['ticket_reply']['title'];
+			$image = $ticket_reply_data['ticket_reply']['image'];
+
 			eval("echo \"" . getTemplate("ticket/tickets_reply") . "\";");
 		}
 	}

customer_traffic.php

@@ -174,17 +174,22 @@ if(!is_null($month)
 }
 else
 {
-	$result = $db->query("(SELECT SUM(`http`) as sum FROM `" . TABLE_PANEL_TRAFFIC . "`
+	$result = $db->query("SELECT MAX(`http`), MAX(`ftp_up`+`ftp_down`), MAX(`mail`)
-	                      WHERE `customerid` = '" . $userinfo['customerid'] . "'
+	                     FROM `" . TABLE_PANEL_TRAFFIC . "`
-	                      GROUP BY CONCAT(`year`,`month`) ORDER BY CONCAT(`year`,`month`) DESC LIMIT 12)   UNION
+	                     WHERE `customerid`='" . $userinfo['customerid'] . "'
-	                      (SELECT SUM(`ftp_up`+`ftp_down`) FROM `" . TABLE_PANEL_TRAFFIC . "`
+	                     GROUP BY CONCAT(`year`,`month`) ORDER BY CONCAT(`year`,`month`) DESC LIMIT 12");
-	                      WHERE `customerid` = '" . $userinfo['customerid'] . "'
+	
-	                      GROUP BY CONCAT(`year`,`month`) ORDER BY CONCAT(`year`,`month`) DESC LIMIT 12) UNION
+	$nums = mysql_num_rows($result);
-	                      (SELECT SUM(`mail`) FROM `" . TABLE_PANEL_TRAFFIC . "`
+	if($nums > 0)
-	                      WHERE `customerid` = '" . $userinfo['customerid'] . "'
+	{
-	                      GROUP BY CONCAT(`year`,`month`) ORDER BY CONCAT(`year`,`month`) DESC LIMIT 12) ORDER BY sum DESC LIMIT 1");
+		$row = mysql_fetch_row($result);
-	$row = $db->fetch_array($result);
+		rsort($row);
-	$traf['max'] = ($row[0] > $row[1] ? ($row[0] > $row[2] ? $row[0] : $row[2]) : ($row[1] > $row[2] ? $row[1] : $row[2]));;
+		$traf['max'] = ($row[0] > $row[1] ? ($row[0] > $row[2] ? $row[0] : $row[2]) : ($row[1] > $row[2] ? $row[1] : $row[2]));
+	} else {
+		// no records yet
+		$traf['max'] = 0;
+	}
+	
 	$result = $db->query("SELECT `month`, `year`, SUM(`http`) AS http, SUM(`ftp_up`) AS ftp_up, SUM(`ftp_down`) AS ftp_down, SUM(`mail`) AS mail
 	                     FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE `customerid` = '" . $userinfo['customerid'] . "'
 	                     GROUP BY CONCAT(`year`,`month`) ORDER BY CONCAT(`year`,`month`) DESC LIMIT 12");