make ssl-cipher-list an option, fixes #1274 ; improve ssl-related language-strings; setting version to 0.9.30 for release

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
Merge pull request #134 from RipClaw2971/#1281
2013-10-24 19:45:13 +02:00 · 2013-10-21 09:11:31 -07:00 · 2013-10-21 17:36:44 +02:00 · 2013-10-21 16:35:32 +02:00 · 2013-10-21 07:29:50 +02:00 · 2013-10-21 07:27:38 +02:00
1969 changed files with 73602 additions and 23056 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,10 @@
+packages/*
+lib/classes/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/*/
+temp/*
+templates/*
+install/update.log
+.buildpath
+.project
+.settings/
+*.diff
+*~
--- a/11
+++ b/11
@@ -2,7 +2,7 @@
 		       Version 2, June 1991

 Copyright (C) 1989, 1991 Free Software Foundation, Inc.
-                          675 Mass Ave, Cambridge, MA 02139, USA
+                       51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 Everyone is permitted to copy and distribute verbatim copies
 of this license document, but changing it is not allowed.

@@ -55,7 +55,7 @@ patent must be licensed for everyone's free use or not licensed at all.

  The precise terms and conditions for copying, distribution and
 modification follow.
-
+
 		    GNU GENERAL PUBLIC LICENSE
   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION

@@ -110,7 +110,7 @@ above, provided that you also meet all of these conditions:
    License.  (Exception: if the Program itself is interactive but
    does not normally print such an announcement, your work based on
    the Program is not required to print an announcement.)
-
+
 These requirements apply to the modified work as a whole.  If
 identifiable sections of that work are not derived from the Program,
 and can be reasonably considered independent and separate works in
@@ -168,7 +168,7 @@ access to copy from a designated place, then offering equivalent
 access to copy the source code from the same place counts as
 distribution of the source code, even though third parties are not
 compelled to copy the source along with the object code.
-
+
  4. You may not copy, modify, sublicense, or distribute the Program
 except as expressly provided under this License.  Any attempt
 otherwise to copy, modify, sublicense or distribute the Program is
@@ -225,7 +225,7 @@ impose that choice.

 This section is intended to make thoroughly clear what is believed to
 be a consequence of the rest of this License.
-
+
  8. If the distribution and/or use of the Program is restricted in
 certain countries either by patents or by copyrighted interfaces, the
 original copyright holder who places the Program under this License
@@ -278,4 +278,3 @@ PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
 POSSIBILITY OF SUCH DAMAGES.

 		     END OF TERMS AND CONDITIONS
-
--- a/actions/admin/settings/000.version.php
+++ b/actions/admin/settings/000.version.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

 return array(
--- a/actions/admin/settings/100.panel.php
+++ b/actions/admin/settings/100.panel.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Language
- * @version    $Id$
+ *
 */

 return array(
@@ -33,15 +33,31 @@ return array(
 					'save_method' => 'storeSettingField',
 					),
 				'panel_default_theme' => array(
-					'label' => $lng['serversettings']['default_theme'],
+					'label' => array('title' => $lng['panel']['theme'], 'description' => $lng['serversettings']['default_theme']),
 					'settinggroup' => 'panel',
 					'varname' => 'default_theme',
 					'type' => 'option',
 					'default' => 'Froxlor',
 					'option_mode' => 'one',
 					'option_options_method' => 'getThemes',
+					'save_method' => 'storeSettingDefaultTheme',
+					),
+				'panel_allow_theme_change_customer' => array(
+					'label' => $lng['serversettings']['panel_allow_theme_change_customer'],
+					'settinggroup' => 'panel',
+					'varname' => 'allow_theme_change_customer',
+					'type' => 'bool',
+					'default' => true,
 					'save_method' => 'storeSettingField',
 					),
+				'panel_allow_theme_change_admin' => array(
+					'label' => $lng['serversettings']['panel_allow_theme_change_admin'],
+					'settinggroup' => 'panel',
+					'varname' => 'allow_theme_change_admin',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField'
+					),
 				'panel_natsorting' => array(
 					'label' => $lng['serversettings']['natsorting'],
 					'settinggroup' => 'panel',
@@ -77,6 +93,23 @@ return array(
 					'option_options' => array('Manual' => $lng['serversettings']['manual'], 'Dropdown' => $lng['serversettings']['dropdown']),
 					'save_method' => 'storeSettingField',
 					),
+				'use_webfonts' => array(
+					'label' => $lng['serversettings']['enablewebfonts'],
+					'settinggroup' => 'panel',
+					'varname' => 'use_webfonts',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'webfont' => array(
+					'label' => $lng['serversettings']['definewebfont']['title'],
+					'settinggroup' => 'panel',
+					'varname' => 'webfont',
+					'type' => 'string',
+					'default' => 'Numans',
+					'string_emptyallowed' => false,
+					'save_method' => 'storeSettingField',
+					),
 				'panel_adminmail' => array(
 					'label' => $lng['serversettings']['adminmail'],
 					'settinggroup' => 'panel',
@@ -177,6 +210,14 @@ return array(
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
+				'panel_phpconfigs_hidestdsubdomain' => array(
+					'label' => $lng['serversettings']['panel_phpconfigs_hidestdsubdomain'],
+					'settinggroup' => 'panel',
+					'varname' => 'phpconfigs_hidestdsubdomain',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
 				),
 			),
 		),
--- a/actions/admin/settings/110.accounts.php
+++ b/actions/admin/settings/110.accounts.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

 return array(
--- a/actions/admin/settings/120.system.php
+++ b/actions/admin/settings/120.system.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

 return array(
@@ -27,10 +27,19 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'documentroot_prefix',
 					'type' => 'string',
+					'string_type' => 'dir',
 					'default' => '/var/customers/webs/',
 					'save_method' => 'storeSettingField',
 					'plausibility_check_method' => 'checkPathConflicts'
 					),
+				'system_documentroot_use_default_value' => array(
+					'label' => $lng['serversettings']['documentroot_use_default_value'],
+					'settinggroup' => 'system',
+					'varname' => 'documentroot_use_default_value',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
 				'system_ipaddress' => array(
 					'label' => $lng['serversettings']['ipaddress'],
 					'settinggroup' => 'system',
@@ -58,6 +67,7 @@ return array(
 					'type' => 'string',
 					'default' => '',
 					'save_method' => 'storeSettingHostname',
+					'plausibility_check_method' => 'checkHostname',
 					),
 				'system_froxlordirectlyviahostname' => array(
 					'label' => $lng['serversettings']['froxlordirectlyviahostname'],
@@ -67,6 +77,14 @@ return array(
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
+				'system_validatedomain' => array(
+					'label' => $lng['serversettings']['validate_domain'],
+					'settinggroup' => 'system',
+					'varname' => 'validate_domain',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
 				'system_stdsubdomain' => array(
 					'label' => $lng['serversettings']['stdsubdomainhost'],
 					'settinggroup' => 'system',
@@ -128,7 +146,7 @@ return array(
 					'varname' => 'report_webmax',
 					'type' => 'int',
 					'int_min' => 1,
-					'int_max' => 99,
+					'int_max' => 150,
 					'default' => 90,
 					'save_method' => 'storeSettingField',
 					),
@@ -138,7 +156,7 @@ return array(
 					'varname' => 'report_trafficmax',
 					'type' => 'int',
 					'int_min' => 1,
-					'int_max' => 99,
+					'int_max' => 150,
 					'default' => 90,
 					'save_method' => 'storeSettingField',
 					),
@@ -149,10 +167,10 @@ return array(
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
-					),					
+					),
 				),
 			),
 		),
 	);

-?>
+?>
--- a/actions/admin/settings/130.webserver.php
+++ b/actions/admin/settings/130.webserver.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

 return array(
@@ -33,6 +33,15 @@ return array(
 					'save_method' => 'storeSettingField',
 					'overview_option' => true
 					),
+				'system_apache_24' => array(
+					'label' => $lng['serversettings']['apache_24'],
+					'settinggroup' => 'system',
+					'varname' => 'apache24',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2')
+					),
 				'system_httpuser' => array(
 					'label' => $lng['admin']['webserver_user'],
 					'settinggroup' => 'system',
@@ -72,7 +81,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'apacheconf_htpasswddir',
 					'type' => 'string',
-					'string_type' => 'dir',
+					'string_type' => 'confdir',
 					'default' => '/etc/apache2/htpasswd/',
 					'save_method' => 'storeSettingField',
 					),
@@ -85,6 +94,15 @@ return array(
 					'default' => '/var/customers/logs/',
 					'save_method' => 'storeSettingField',
 					),
+				'system_customersslpath' => array(
+					'label' => $lng['serversettings']['customerssl_directory'],
+					'settinggroup' => 'system',
+					'varname' => 'customer_ssl_path',
+					'type' => 'string',
+					'string_type' => 'confdir',
+					'default' => '/etc/ssl/froxlor-custom/',
+					'save_method' => 'storeSettingField',
+					),
 				'system_phpappendopenbasedir' => array(
 					'label' => $lng['serversettings']['phpappendopenbasedir'],
 					'settinggroup' => 'system',
@@ -124,7 +142,7 @@ return array(
 					'label' => $lng['serversettings']['phpreload_command'],
 					'settinggroup' => 'system',
 					'varname' => 'phpreload_command',
-					'type' => (getSetting('phpfpm', 'enabled') == '1') ? 'hidden' : 'string',
+					'type' => 'string',
 					'default' => '',
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('nginx')
@@ -133,19 +151,20 @@ return array(
 					'label' => $lng['serversettings']['nginx_php_backend'],
 					'settinggroup' => 'system',
 					'varname' => 'nginx_php_backend',
-					'type' => (getSetting('phpfpm', 'enabled') == '1') ? 'hidden' : 'string',
+					'type' => 'string',
 					'default' => '127.0.0.1:8888',
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('nginx')
 					),
-				'system_mod_log_sql' => array(
-					'label' => $lng['serversettings']['mod_log_sql'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_log_sql',
-					'type' => 'bool',
-					'default' => false,
+				'nginx_fastcgiparams' => array(
+					'label' => $lng['serversettings']['nginx_fastcgiparams'],
+					'settinggroup' => 'nginx',
+					'varname' => 'fastcgiparams',
+					'type' => 'string',
+					'string_type' => 'file',
+					'default' => '/etc/nginx/fastcgi_params',
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2')
+					'websrv_avail' => array('nginx')
 					),
 				'defaultwebsrverrhandler_enabled' => array(
 					'label' => $lng['serversettings']['defaultwebsrverrhandler_enabled'],
@@ -209,72 +228,8 @@ return array(
 					'option_options_method' => 'getRedirectCodes',
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('apache2', 'lighttpd')
-					),
-				),
-			),
-		'ssl' => array(
-			'title' => $lng['admin']['sslsettings'],
-			'fields' => array(
-				'system_ssl_enabled' => array(
-					'label' => $lng['serversettings']['ssl']['use_ssl'],
-					'settinggroup' => 'system',
-					'varname' => 'use_ssl',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					'overview_option' => true
-					),
-				'system_ssl_cert_file' => array(
-					'label' => $lng['serversettings']['ssl']['ssl_cert_file'],
-					'settinggroup' => 'system',
-					'varname' => 'ssl_cert_file',
-					'type' => 'string',
-					'string_type' => 'file',
-					'string_emptyallowed' => true,
-					'default' => '/etc/apache2/apache2.pem',
-					'save_method' => 'storeSettingField',
-					),
-				'system_ssl_key_file' => array(
-					'label' => $lng['serversettings']['ssl']['ssl_key_file'],
-					'settinggroup' => 'system',
-					'varname' => 'ssl_key_file',
-					'type' => 'string',
-					'string_type' => 'file',
-					'string_emptyallowed' => true,
-					'default' => '/etc/apache2/apache2.key',
-					'save_method' => 'storeSettingField',
-					),
-				'system_ssl_ca_file' => array(
-					'label' => $lng['serversettings']['ssl']['ssl_ca_file'],
-					'settinggroup' => 'system',
-					'varname' => 'ssl_ca_file',
-					'type' => 'string',
-					'string_type' => 'file',
-					'string_emptyallowed' => true,
-					'default' => '',
-					'save_method' => 'storeSettingField',
-					),
-				'system_ssl_cert_chainfile' => array(
-					'label' => $lng['admin']['ipsandports']['ssl_cert_chainfile'],
-					'settinggroup' => 'system',
-					'varname' => 'ssl_cert_chainfile',
-					'type' => 'string',
-					'string_type' => 'file',
-					'string_emptyallowed' => true,
-					'default' => '',
-					'save_method' => 'storeSettingField',
-					),
-				'system_ssl_openssl_cnf' => array(
-					'label' => $lng['serversettings']['ssl']['openssl_cnf'],
-					'settinggroup' => 'system',
-					'varname' => 'openssl_cnf',
-					'type' => 'text',
-					'default' => '',
-					'save_method' => 'storeSettingField',
-					),
-				),
-			),
-		),
+					)
+				)
+			)
+		)
 	);
-
-?>
--- a/actions/admin/settings/131.ssl.php
+++ b/actions/admin/settings/131.ssl.php
@@ -0,0 +1,86 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ *
+ */
+
+return array(
+	'groups' => array(
+			'ssl' => array(
+					'title' => $lng['admin']['sslsettings'],
+					'fields' => array(
+							'system_ssl_enabled' => array(
+									'label' => $lng['serversettings']['ssl']['use_ssl'],
+									'settinggroup' => 'system',
+									'varname' => 'use_ssl',
+									'type' => 'bool',
+									'default' => false,
+									'save_method' => 'storeSettingField',
+									'overview_option' => true
+							),
+							'system_ssl_cipher_list' => array(
+									'label' => $lng['serversettings']['ssl']['ssl_cipher_list'],
+									'settinggroup' => 'system',
+									'varname' => 'ssl_cipher_list',
+									'type' => 'string',
+									'string_emptyallowed' => false,
+									'default' => 'ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH',
+									'save_method' => 'storeSettingField',
+							),
+							'system_ssl_cert_file' => array(
+									'label' => $lng['serversettings']['ssl']['ssl_cert_file'],
+									'settinggroup' => 'system',
+									'varname' => 'ssl_cert_file',
+									'type' => 'string',
+									'string_type' => 'file',
+									'string_emptyallowed' => true,
+									'default' => '/etc/apache2/apache2.pem',
+									'save_method' => 'storeSettingField',
+							),
+							'system_ssl_key_file' => array(
+									'label' => $lng['serversettings']['ssl']['ssl_key_file'],
+									'settinggroup' => 'system',
+									'varname' => 'ssl_key_file',
+									'type' => 'string',
+									'string_type' => 'file',
+									'string_emptyallowed' => true,
+									'default' => '/etc/apache2/apache2.key',
+									'save_method' => 'storeSettingField',
+							),
+							'system_ssl_cert_chainfile' => array(
+									'label' => $lng['admin']['ipsandports']['ssl_cert_chainfile'],
+									'settinggroup' => 'system',
+									'varname' => 'ssl_cert_chainfile',
+									'type' => 'string',
+									'string_type' => 'file',
+									'string_emptyallowed' => true,
+									'default' => '',
+									'save_method' => 'storeSettingField',
+							),
+							'system_ssl_ca_file' => array(
+									'label' => $lng['serversettings']['ssl']['ssl_ca_file'],
+									'settinggroup' => 'system',
+									'varname' => 'ssl_ca_file',
+									'type' => 'string',
+									'string_type' => 'file',
+									'string_emptyallowed' => true,
+									'default' => '',
+									'save_method' => 'storeSettingField',
+							)
+					)
+			)
+		)
+	);
--- a/actions/admin/settings/135.fcgid.php
+++ b/actions/admin/settings/135.fcgid.php
@@ -12,7 +12,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

 return array(
@@ -30,13 +30,13 @@ return array(
 					'save_method' => 'storeSettingField',
 					'plausibility_check_method' => 'checkFcgidPhpFpm',
 					'overview_option' => true
-					),					
+					),
 				'system_mod_fcgid_configdir' => array(
 					'label' => $lng['serversettings']['mod_fcgid']['configdir'],
 					'settinggroup' => 'system',
 					'varname' => 'mod_fcgid_configdir',
 					'type' => 'string',
-					'string_type' => 'dir',
+					'string_type' => 'confdir',
 					'default' => '/var/www/php-fcgi-scripts/',
 					'plausibility_check_method' => 'checkPathConflicts',
 					'save_method' => 'storeSettingField',
@@ -66,7 +66,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'mod_fcgid_wrapper',
 					'type' => 'option',
-					'option_options' => array(0 => 'ScriptAlias', 1=> 'FCGIWrapper'),
+					'option_options' => array(0 => 'ScriptAlias', 1=> 'FcgidWrapper'),
 					'default' => 1,
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('apache2')
@@ -135,6 +135,14 @@ return array(
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('apache2')
 					),
+				'system_mod_fcgid_idle_timeout' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['idle_timeout'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_idle_timeout',
+					'type' => 'int',
+					'default' => 30,
+					'save_method' => 'storeSettingField'
+					),
 				)
 			)
 		)
--- a/actions/admin/settings/136.phpfpm.php
+++ b/actions/admin/settings/136.phpfpm.php
@@ -12,7 +12,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

 return array(
@@ -54,9 +54,16 @@ return array(
 					'default' => 'froxlorlocal',
 					'save_method' => 'storeSettingField'
 					),
-				/*
-				 * @TODO implement if phpfpm knows custom php.ini files
-				 * 
+				'system_phpfpm_defaultini' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['defaultini'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'defaultini',
+					'type' => 'option',
+					'default' => '1',
+					'option_mode' => 'one',
+					'option_options_method' => 'getPhpConfigs',
+					'save_method' => 'storeSettingField',
+					),
 				'system_phpfpm_defaultini_ownvhost' => array(
 					'label' => $lng['serversettings']['mod_fcgid']['defaultini_ownvhost'],
 					'settinggroup' => 'phpfpm',
@@ -67,16 +74,24 @@ return array(
 					'option_options_method' => 'getPhpConfigs',
 					'save_method' => 'storeSettingField',
 					),
-				*/
 				'system_phpfpm_configdir' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['configdir'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'configdir',
 					'type' => 'string',
-					'string_type' => 'dir',
+					'string_type' => 'confdir',
 					'default' => '/etc/php-fpm.d/',
 					'save_method' => 'storeSettingField',
 					),
+				'system_phpfpm_aliasconfigdir' => array(
+					'label' => $lng['serversettings']['phpfpm_settings']['aliasconfigdir'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'aliasconfigdir',
+					'type' => 'string',
+					'string_type' => 'confdir',
+					'default' => '/var/www/php-fpm/',
+					'save_method' => 'storeSettingField',
+					),
 				'system_phpfpm_tmpdir' => array(
 					'label' => $lng['serversettings']['mod_fcgid']['tmpdir'],
 					'settinggroup' => 'phpfpm',
@@ -110,7 +125,7 @@ return array(
 					'type' => 'option',
 					'default' => 'static',
 					'option_mode' => 'one',
-					'option_options' => array('static' => 'static', 'dynamic' => 'dynamic'),
+					'option_options' => array('static' => 'static', 'dynamic' => 'dynamic', 'ondemand' => 'ondemand'),
 					'save_method' => 'storeSettingField',
 					),
 				'system_phpfpm_max_children' => array(
@@ -153,6 +168,14 @@ return array(
 					'default' => 0,
 					'save_method' => 'storeSettingField',
 					),
+				'system_phpfpm_idle_timeout' => array(
+					'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'idle_timeout',
+					'type' => 'int',
+					'default' => 30,
+					'save_method' => 'storeSettingField'
+					),
 				),
 			),
 		),
--- a/actions/admin/settings/137.perl.php
+++ b/actions/admin/settings/137.perl.php
@@ -12,7 +12,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

 return array(
@@ -43,6 +43,7 @@ return array(
 					'settinggroup' => 'perl',
 					'varname' => 'suexecpath',
 					'type' => 'string',
+					'string_type' => 'dir',
 					'default' => '/var/www/cgi-bin/',
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('apache2')
--- a/actions/admin/settings/140.statistics.php
+++ b/actions/admin/settings/140.statistics.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

 return array(
--- a/actions/admin/settings/150.mail.php
+++ b/actions/admin/settings/150.mail.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

 return array(
@@ -51,6 +51,16 @@ return array(
 					'default' => '/var/customers/mail/',
 					'save_method' => 'storeSettingField',
 					),
+				'system_vmail_maildirname' => array(
+					'label' => $lng['serversettings']['vmail_maildirname'],
+					'settinggroup' => 'system',
+					'varname' => 'vmail_maildirname',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => 'Maildir',
+					'string_emptyallowed' => true,
+					'save_method' => 'storeSettingField',
+					),
 				'panel_sendalternativemail' => array(
 					'label' => $lng['serversettings']['sendalternativemail'],
 					'settinggroup' => 'panel',
@@ -90,9 +100,17 @@ return array(
 					'type' => 'hidden',
 					'default' => 0,
 					),
+				'system_catchall_enabled' => array(
+					'label' => $lng['serversettings']['catchall_enabled'],
+					'settinggroup' => 'catchall',
+					'varname' => 'catchall_enabled',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingResetCatchall',
+					),
 				),
 			),
 		),
 	);

-?>
+?>
--- a/actions/admin/settings/155.ftpserver.php
+++ b/actions/admin/settings/155.ftpserver.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id: 220.ftpserver.php 1 2010-04-07 10:00:00Z monotek $
+ *
 */

 return array(
--- a/actions/admin/settings/160.nameserver.php
+++ b/actions/admin/settings/160.nameserver.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

 return array(
@@ -22,6 +22,15 @@ return array(
 		'nameserver' => array(
 			'title' => $lng['admin']['nameserversettings'],
 			'fields' => array(
+				'nameserver_enable' => array(
+					'label' => $lng['serversettings']['bindenable'],
+					'settinggroup' => 'system',
+					'varname' => 'bind_enable',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					'overview_option' => true
+					),
 				'system_bindconf_directory' => array(
 					'label' => $lng['serversettings']['bindconf_directory'],
 					'settinggroup' => 'system',
@@ -59,6 +68,16 @@ return array(
 					'default' => '',
 					'save_method' => 'storeSettingField',
 					),
+				'system_axfrservers' => array(
+					'label' => $lng['serversettings']['axfrservers'],
+					'settinggroup' => 'system',
+					'varname' => 'axfrservers',
+					'type' => 'string',
+					'string_type' => 'validate_ip',
+					'string_emptyallowed' => true,
+					'default' => '',
+					'save_method' => 'storeSettingField',
+				),
 				'system_dns_createmailentry' => array(
 					'label' => $lng['serversettings']['mail_also_with_mxservers'],
 					'settinggroup' => 'system',
--- a/actions/admin/settings/170.logger.php
+++ b/actions/admin/settings/170.logger.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

 return array(
--- a/actions/admin/settings/180.dkim.php
+++ b/actions/admin/settings/180.dkim.php
@@ -14,9 +14,11 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

+global $settings;
+
 return array(
 	'groups' => array(
 		'dkim' => array(
@@ -36,6 +38,7 @@ return array(
 					'settinggroup' => 'dkim',
 					'varname' => 'dkim_prefix',
 					'type' => 'string',
+					'string_type' => 'dir',
 					'default' => '/etc/postfix/dkim/',
 					'save_method' => 'storeSettingField',
 					),
@@ -78,7 +81,10 @@ return array(
 					'save_method' => 'storeSettingFieldInsertBindTask',
 					),
 				'dkim_keylength' => array(
-					'label' => $lng['dkim']['dkim_keylength'],
+					'label' => array(
+						'title' => $lng['dkim']['dkim_keylength']['title'], 
+						'description' => sprintf($lng['dkim']['dkim_keylength']['description'],$settings['dkim']['dkim_prefix'])
+					),
 					'settinggroup' => 'dkim',
 					'varname' => 'dkim_keylength',
 					'type' => 'option',
--- a/actions/admin/settings/185.spf.php
+++ b/actions/admin/settings/185.spf.php
@@ -12,7 +12,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

 return array(
--- a/actions/admin/settings/190.ticket.php
+++ b/actions/admin/settings/190.ticket.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

 return array(
@@ -133,7 +133,7 @@ return array(
 					'type' => 'option',
 					'default' => 2,
 					'option_mode' => 'one',
-					'option_options' => array(1 => $lng['ticket']['unf_high'], 2 => $lng['ticket']['unf_normal'], 3 => $lng['ticket']['unf_low']),
+					'option_options' => array(1 => $lng['ticket']['high'], 2 => $lng['ticket']['normal'], 3 => $lng['ticket']['low']),
 					'save_method' => 'storeSettingField', 
 					),
 				),
@@ -141,4 +141,4 @@ return array(
 		)
 	);

-?>
+?>
--- a/actions/admin/settings/200.aps.php
+++ b/actions/admin/settings/200.aps.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

 return array(
@@ -59,7 +59,7 @@ return array(
 					'type' => 'option',
 					'default' => '',
 					'option_mode' => 'multiple',
-					'option_options' => array('gd' => 'GD Library', 'pcre' => 'PCRE', 'ioncube' => 'ionCube', 'ioncube loader' => 'ionCube Loader', 'curl' => 'curl', 'mcrypt' => 'mcrypt', 'imap' => 'imap', 'json' => 'json', 'ldap' => 'LDAP', 'hash' => 'hash', 'mbstring' => 'mbstring'),
+					'option_options' => array('gd' => 'GD Library', 'pcre' => 'PCRE', 'ioncube' => 'ionCube', 'ioncube loader' => 'ionCube Loader', 'curl' => 'curl', 'mcrypt' => 'mcrypt', 'imap' => 'imap', 'json' => 'json', 'ldap' => 'LDAP', 'hash' => 'hash', 'mbstring' => 'mbstring', 'Zend Optimizer' => 'Zend Guard'),
 					'save_method' => 'storeSettingApsPhpExtensions',
 					),
 				'aps_php-function' => array(
--- a/actions/admin/settings/210.security.php
+++ b/actions/admin/settings/210.security.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Settings
- * @version    $Id$
+ *
 */

 return array(
@@ -38,9 +38,17 @@ return array(
 					'default' => true,
 					'save_method' => 'storeSettingField',
 					),
-				),
-			),
-		),
+				'system_passwordcryptfunc' => array(
+					'label' => $lng['serversettings']['passwordcryptfunc'],
+					'settinggroup' => 'system',
+					'varname' => 'passwordcryptfunc',
+					'type' => 'option',
+					'default' => 0,
+					'option_mode' => 'one',
+					'option_options' => array(0 => $lng['serversettings']['systemdefault'], 1 => 'MD5', 2 => 'BLOWFISH', 3 => 'SHA-256', 4 => 'SHA-512'),
+					'save_method' => 'storeSettingField',
+					)
+				)
+			)
+		)
 	);
-
-?>
--- a/actions/admin/settings/215.backup.php
+++ b/actions/admin/settings/215.backup.php
@@ -0,0 +1,118 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ *
+ */
+
+return array(
+	'groups' => array(
+		'backup' => array(
+			'title' => $lng['backup'],
+			'fields' => array(
+				'backup_enabled' => array(
+					'label' => $lng['serversettings']['backup_enabled'],
+					'settinggroup' => 'system',
+					'varname' => 'backup_enabled',
+					'type' => 'bool',
+					'default' => false,
+					'cronmodule' => 'froxlor/backup',
+					'save_method' => 'storeSettingField',
+					'overview_option' => true
+				),
+				'backup_dir' => array(
+					'label' => $lng['serversettings']['backupdir']['description'],
+					'settinggroup' => 'system',
+					'varname' => 'backup_dir',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => '/var/customers/backups/',
+					'string_regexp' => '#^/.*/$#',
+					'save_method' => 'storeSettingField',
+				),
+				'backup_mysqldump_path' => array(
+					'label' => $lng['serversettings']['mysqldump_path']['description'],
+					'settinggroup' => 'system',
+					'varname' => 'backup_mysqldump_path',
+					'type' => 'string',
+					'default' => '/usr/bin/mysqldump',
+					'save_method' => 'storeSettingField',
+				),
+				'backup_count' => array(
+					'label' => $lng['serversettings']['backup_count'],
+					'settinggroup' => 'system',
+					'varname' => 'backup_count',
+					'type' => 'bool',
+					'default' => 'true',
+					'save_method' => 'storeSettingField',
+					'overview_option' => false
+				),				
+				'backup_bigfile' => array(
+					'label' => $lng['serversettings']['backup_bigfile'],
+					'settinggroup' => 'system',
+					'varname' => 'backup_bigfile',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'overview_option' => false
+				),
+				'backup_ftp_enabled_' => array(
+					'label' => $lng['serversettings']['backup_ftp_enabled'],
+					'settinggroup' => 'system',
+					'varname' => 'backup_ftp_enabled',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'overview_option' => false
+				),
+				'backup_server' => array(
+					'label' => $lng['serversettings']['backup_ftp_server'],
+					'settinggroup' => 'system',
+					'varname' => 'backup_ftp_server',
+					'type' => 'string',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+				),
+				'backup_user' => array(
+					'label' => $lng['serversettings']['backup_ftp_user'],
+					'settinggroup' => 'system',
+					'varname' => 'backup_ftp_user',
+					'type' => 'string',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+				),
+				'backup_pass' => array(
+					'label' => $lng['serversettings']['backup_ftp_pass'],
+					'settinggroup' => 'system',
+					'varname' => 'backup_ftp_pass',
+					'type' => 'hiddenstring',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+				),
+				'backup_passive_mode' => array(
+					'label' => $lng['serversettings']['backup_ftp_passive_mode'],
+					'settinggroup' => 'system',
+					'varname' => 'backup_ftp_passive',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					'overview_option' => false,
+				),
+				),
+			),
+		),
+	);
+
+?>
--- a/actions/admin/settings/220.quota.php
+++ b/actions/admin/settings/220.quota.php
@@ -0,0 +1,60 @@
+<?php
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2011- the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2011-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ *
+ */
+
+return array(
+	'groups' => array(
+		'diskquota' => array(
+			'title' => $lng['diskquota'],
+			'fields' => array(
+				'diskquota_enabled' => array(
+					'label' => $lng['serversettings']['diskquota_enabled'],
+					'settinggroup' => 'system',
+					'varname' => 'diskquota_enabled',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'overview_option' => true
+				),
+				'diskquota_repquota_path' => array(
+					'label' => $lng['serversettings']['diskquota_repquota_path']['description'],
+					'settinggroup' => 'system',
+					'varname' => 'diskquota_repquota_path',
+					'type' => 'string',
+					'default' => '/usr/sbin/repquota',
+					'save_method' => 'storeSettingField',
+				),
+				'diskquota_quotatool_path' => array(
+					'label' => $lng['serversettings']['diskquota_quotatool_path']['description'],
+					'settinggroup' => 'system',
+					'varname' => 'diskquota_quotatool_path',
+					'type' => 'string',
+					'default' => '/usr/bin/quotatool',
+					'save_method' => 'storeSettingField',
+				),
+				'diskquota_customer_partition' => array(
+					'label' => $lng['serversettings']['diskquota_customer_partition']['description'],
+					'settinggroup' => 'system',
+					'varname' => 'diskquota_customer_partition',
+					'type' => 'string',
+					'default' => '/dev/root',
+					'save_method' => 'storeSettingField',
+				),
+				),
+			),
+		),
+	);
+
+?>
--- a/admin_admins.php
+++ b/admin_admins.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id: admin_admins.php 101 2010-12-08 07:03:42Z d00p $
+ *
 */

 define('AREA', 'admin');
@@ -47,26 +47,6 @@ if($page == 'admins'
 			'diskspace_used' => $lng['customer']['diskspace'] . ' (' . $lng['panel']['used'] . ')',
 			'traffic' => $lng['customer']['traffic'],
 			'traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')',
-/*
-			'mysqls' => $lng['customer']['mysqls'],
-			'mysqls_used' => $lng['customer']['mysqls'] . ' (' . $lng['panel']['used'] . ')',
-			'ftps' => $lng['customer']['ftps'],
-			'ftps_used' => $lng['customer']['ftps'] . ' (' . $lng['panel']['used'] . ')',
-			'tickets' => $lng['customer']['tickets'],
-			'tickets_used' => $lng['customer']['tickets'] . ' (' . $lng['panel']['used'] . ')',
-			'subdomains' => $lng['customer']['subdomains'],
-			'subdomains_used' => $lng['customer']['subdomains'] . ' (' . $lng['panel']['used'] . ')',
-			'emails' => $lng['customer']['emails'],
-			'emails_used' => $lng['customer']['emails'] . ' (' . $lng['panel']['used'] . ')',
-			'email_accounts' => $lng['customer']['accounts'],
-			'email_accounts_used' => $lng['customer']['accounts'] . ' (' . $lng['panel']['used'] . ')',
-			'email_forwarders' => $lng['customer']['forwarders'],
-			'email_forwarders_used' => $lng['customer']['forwarders'] . ' (' . $lng['panel']['used'] . ')',
-			'email_quota' => $lng['customer']['email_quota'],
-			'email_quota_used' => $lng['customer']['email_quota'] . ' (' . $lng['panel']['used'] . ')',
-			'email_autoresponder' => $lng['customer']['autoresponder'],
-			'email_autoresponder_used' => $lng['customer']['autoresponder'] . ' (' . $lng['panel']['used'] . ')',
-*/
 			'deactivated' => $lng['admin']['deactivated']
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_ADMINS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
@@ -92,13 +72,23 @@ if($page == 'admins'
 				/**
 				 * percent-values for progressbar
 				 */
-				if($row['diskspace'] > 0) {
-					$percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
-					$doublepercent = round($percent*2, 2);
-				} else {
-					$percent = 0;
-					$doublepercent = 0;
-				}
+                                //For Disk usage
+                                if ($row['diskspace'] > 0) {
+                                        $disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
+                                        $disk_doublepercent = round($disk_percent*2, 2);
+                                } else {
+                                        $disk_percent = 0;
+                                        $disk_doublepercent = 0;
+                                }
+
+				//For Traffic usage
+                                if ($row['traffic'] > 0) {
+                                        $traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 2);
+                                        $traffic_doublepercent = round($traffic_percent*2, 2);
+                                } else {
+                                        $traffic_percent = 0;
+                                        $traffic_doublepercent = 0;
+                                }
 				/* */

 				$row = str_replace_array('-1', 'UL', $row, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps subdomains tickets');
@@ -281,7 +271,7 @@ if($page == 'admins'
 					$number_of_aps_packages = - 1;
 				}

-				$can_manage_aps_packages = intval($_POST['can_manage_aps_packages']);
+				$can_manage_aps_packages = isset($_POST['can_manage_aps_packages']) ? 1 : 0;
 			}
 			else
 			{
@@ -289,10 +279,21 @@ if($page == 'admins'
 				$can_manage_aps_packages = 0;
 			}

-			$customers_see_all = intval($_POST['customers_see_all']);
-			$domains_see_all = intval($_POST['domains_see_all']);
-			$caneditphpsettings = intval($_POST['caneditphpsettings']);
-			$change_serversettings = intval($_POST['change_serversettings']);
+			$customers_see_all = 0;
+			if(isset($_POST['customers_see_all']))
+				$customers_see_all = intval($_POST['customers_see_all']);
+			
+			$domains_see_all = 0;
+			if(isset($_POST['domains_see_all']))
+				$domains_see_all = intval($_POST['domains_see_all']);
+			
+			$caneditphpsettings = 0;
+			if(isset($_POST['caneditphpsettings']))
+				$caneditphpsettings = intval($_POST['caneditphpsettings']);
+			
+			$change_serversettings = 0;
+			if(isset($_POST['change_serversettings']))
+				$change_serversettings = intval($_POST['change_serversettings']);

 			$diskspace = intval_ressource($_POST['diskspace']);

@@ -308,6 +309,10 @@ if($page == 'admins'
 				$traffic = - 1;
 			}

+			$tickets_see_all = 0;
+			if(isset($_POST['tickets_see_all']))
+				$tickets_see_all = intval($_POST['tickets_see_all']);
+
 			$diskspace = $diskspace * 1024;
 			$traffic = $traffic * 1024 * 1024;
 			$ipaddress = intval_ressource($_POST['ipaddress']);
@@ -375,6 +380,10 @@ if($page == 'admins'
 					$change_serversettings = '0';
 				}

+				if ($tickets_see_all != '1') {
+					$tickets_see_all  = '0';
+				}
+
 				$_theme = $settings['panel']['default_theme'];

 				$result = $db->query("INSERT INTO 
@@ -400,6 +409,7 @@ if($page == 'admins'
 					`email_quota` = '" . $db->escape($email_quota) . "', 
 					`ftps` = '" . $db->escape($ftps) . "', 
 					`tickets` = '" . $db->escape($tickets) . "', 
+					`tickets_see_all` = '" . $db->escape($tickets_see_all) . "',
 					`mysqls` = '" . $db->escape($mysqls) . "', 
 					`ip` = '" . (int)$ipaddress . "', 
 					`can_manage_aps_packages` = '" . (int)$can_manage_aps_packages . "', 
@@ -452,11 +462,13 @@ if($page == 'admins'
 			$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+			/*
 			$change_serversettings = makeyesno('change_serversettings', '1', '0', '0');
 			$customers_see_all = makeyesno('customers_see_all', '1', '0', '0');
 			$domains_see_all = makeyesno('domains_see_all', '1', '0', '0');
 			$caneditphpsettings = makeyesno('caneditphpsettings', '1', '0', '0');
 			$can_manage_aps_packages = makeyesno('can_manage_aps_packages', '1', '0', '0');
+			*/
 			$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);

 			$admin_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/admin/formfield.admin_add.php';
@@ -497,6 +509,7 @@ if($page == 'admins'
 					$ftps = $result['ftps'];
 					$tickets = $result['tickets'];
 					$mysqls = $result['mysqls'];
+					$tickets_see_all = $result['tickets_see_all'];
 					$customers_see_all = $result['customers_see_all'];
 					$domains_see_all = $result['domains_see_all'];
 					$caneditphpsettings = $result['caneditphpsettings'];
@@ -511,130 +524,113 @@ if($page == 'admins'
 				{
 					$password = validate($_POST['admin_password'], 'new password');
 					$def_language = validate($_POST['def_language'], 'default language');
-					$deactivated = intval($_POST['deactivated']);
-					$customers = intval_ressource($_POST['customers']);
+					$deactivated = isset($_POST['deactivated']) ? 1 : 0;

-					if(isset($_POST['customers_ul']))
-					{
-						$customers = - 1;
+					$customers = intval_ressource($_POST['customers']);
+					if (isset($_POST['customers_ul'])) {
+						$customers = -1;
 					}

 					$domains = intval_ressource($_POST['domains']);
-
-					if(isset($_POST['domains_ul']))
-					{
-						$domains = - 1;
+					if (isset($_POST['domains_ul'])) {
+						$domains = -1;
 					}

 					$subdomains = intval_ressource($_POST['subdomains']);
-
-					if(isset($_POST['subdomains_ul']))
-					{
-						$subdomains = - 1;
+					if (isset($_POST['subdomains_ul'])) {
+						$subdomains = -1;
 					}

 					$emails = intval_ressource($_POST['emails']);
-
-					if(isset($_POST['emails_ul']))
-					{
-						$emails = - 1;
+					if (isset($_POST['emails_ul'])) {
+						$emails = -1;
 					}

 					$email_accounts = intval_ressource($_POST['email_accounts']);
-
-					if(isset($_POST['email_accounts_ul']))
-					{
-						$email_accounts = - 1;
+					if (isset($_POST['email_accounts_ul'])) {
+						$email_accounts = -1;
 					}

 					$email_forwarders = intval_ressource($_POST['email_forwarders']);
-
-					if(isset($_POST['email_forwarders_ul']))
-					{
-						$email_forwarders = - 1;
+					if (isset($_POST['email_forwarders_ul'])) {
+						$email_forwarders = -1;
 					}

-					if($settings['system']['mail_quota_enabled'] == '1')
-					{
+					if ($settings['system']['mail_quota_enabled'] == '1') {
 						$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
-
-						if(isset($_POST['email_quota_ul']))
-						{
-							$email_quota = - 1;
+						if (isset($_POST['email_quota_ul'])) {
+							$email_quota = -1;
 						}
-					}
-					else
-					{
-						$email_quota = - 1;
+					} else {
+						$email_quota = -1;
 					}

-					if($settings['autoresponder']['autoresponder_active'] == '1')
-					{
+					if ($settings['autoresponder']['autoresponder_active'] == '1') {
 						$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
-
-						if(isset($_POST['email_autoresponder_ul']))
-						{
-							$email_autoresponder = - 1;
+						if (isset($_POST['email_autoresponder_ul'])) {
+							$email_autoresponder = -1;
 						}
-					}
-					else
-					{
+					} else {
 						$email_autoresponder = 0;
 					}

 					$ftps = intval_ressource($_POST['ftps']);
-
-					if(isset($_POST['ftps_ul']))
-					{
-						$ftps = - 1;
+					if (isset($_POST['ftps_ul'])) {
+						$ftps = -1;
 					}
 					
-					if($settings['ticket']['enabled'] == 1)
-					{
+					if ($settings['ticket']['enabled'] == 1) {
 						$tickets = intval_ressource($_POST['tickets']);
-
-						if(isset($_POST['tickets_ul']))
-						{
-							$tickets = - 1;
+						if (isset($_POST['tickets_ul'])) {
+							$tickets = -1;
 						}
-					}
-					else
-					{
+					} else {
 						$tickets = 0;
 					}

 					$mysqls = intval_ressource($_POST['mysqls']);
-
-					if(isset($_POST['mysqls_ul']))
-					{
+					if (isset($_POST['mysqls_ul'])) {
 						$mysqls = - 1;
 					}

-					$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
-
-					if(isset($_POST['number_of_aps_packages_ul']))
-					{
-						$number_of_aps_packages = - 1;
+					if ($settings['aps']['aps_active'] == '1') {
+						$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
+						if (isset($_POST['number_of_aps_packages_ul'])) {
+							$number_of_aps_packages = -1;
+						}
+						$can_manage_aps_packages = isset($_POST['can_manage_aps_packages']) ? 1 : 0;
+					} else {
+						$number_of_aps_packages = 0;
 					}

-					$customers_see_all = intval($_POST['customers_see_all']);
-					$domains_see_all = intval($_POST['domains_see_all']);
-					$caneditphpsettings = intval($_POST['caneditphpsettings']);
-					$change_serversettings = intval($_POST['change_serversettings']);
-					$can_manage_aps_packages = intval($_POST['can_manage_aps_packages']);
+					$customers_see_all = 0;
+					if(isset($_POST['customers_see_all']))
+						$customers_see_all = intval($_POST['customers_see_all']);
+					
+					$domains_see_all = 0;
+					if(isset($_POST['domains_see_all']))
+						$domains_see_all = intval($_POST['domains_see_all']);
+					
+					$caneditphpsettings = 0;
+					if(isset($_POST['caneditphpsettings']))
+						$caneditphpsettings = intval($_POST['caneditphpsettings']);
+
+					$change_serversettings = 0;
+					if(isset($_POST['change_serversettings']))
+						$change_serversettings = isset($_POST['change_serversettings']) ? 1 : 0;
+
+					$tickets_see_all = 0;
+					if (isset($_POST['tickets_see_all']))
+						$tickets_see_all = intval($_POST['tickets_see_all']);

 					$diskspace = intval($_POST['diskspace']);
-
-					if(isset($_POST['diskspace_ul']))
-					{
-						$diskspace = - 1;
+					if (isset($_POST['diskspace_ul'])) {
+						$diskspace = -1;
 					}

 					$traffic = doubleval_ressource($_POST['traffic']);
-
-					if(isset($_POST['traffic_ul']))
-					{
-						$traffic = - 1;
+					if (isset($_POST['traffic_ul'])) {
+						$traffic = -1;
 					}

 					$diskspace = $diskspace * 1024;
@@ -691,7 +687,88 @@ if($page == 'admins'
 						$change_serversettings = '0';
 					}

-					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `name`='" . $db->escape($name) . "', `email`='" . $db->escape($email) . "', `def_language`='" . $db->escape($def_language) . "', `change_serversettings` = '" . $db->escape($change_serversettings) . "', `customers` = '" . $db->escape($customers) . "', `customers_see_all` = '" . $db->escape($customers_see_all) . "', `domains` = '" . $db->escape($domains) . "', `domains_see_all` = '" . $db->escape($domains_see_all) . "', `caneditphpsettings` = '" . (int)$caneditphpsettings . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `email_quota`='" . $db->escape($email_quota) . "', `email_autoresponder`='" . $db->escape($email_autoresponder) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `ip`='" . (int)$ipaddress . "', `deactivated`='" . $db->escape($deactivated) . "', `can_manage_aps_packages`=" . (int)$can_manage_aps_packages . ", `aps_packages`=" . (int)$number_of_aps_packages . " WHERE `adminid`='" . $db->escape($id) . "'");
+					if ($tickets_see_all != '1') {
+						$tickets_see_all = '0';
+					}
+
+					// check if a resource was set to something lower
+					// than actually used by the admin/reseller
+					$res_warning = "";
+					if ($customers != $result['customers'] && $customers < $result['customers_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'customers');
+					}
+					if ($domains != $result['domains'] && $domains < $result['domains_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'domains');
+					}
+					if ($diskspace != $result['diskspace'] && ($diskspace / 1024) != -1 && $diskspace < $result['diskspace_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'diskspace');
+					}
+					if ($traffic != $result['traffic'] && ($traffic / 1024 / 1024) != -1 && $traffic < $result['traffic_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'traffic');
+					}
+					if ($emails != $result['emails'] && $emails < $result['emails_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'emails');
+					}
+					if ($email_accounts != $result['email_accounts'] && $email_accounts < $result['email_accounts_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email accounts');
+					}
+					if ($email_forwarders != $result['email_forwarders'] && $email_forwarders < $result['email_forwarders_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email forwarders');
+					}
+					if ($email_quota != $result['email_quota'] && $email_quota < $result['email_quota_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email quota');
+					}
+					if ($email_autoresponder != $result['email_autoresponder'] && $email_autoresponder < $result['email_autoresponder_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email autoresponder');
+					}
+					if ($ftps != $result['ftps'] && $ftps < $result['ftps_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'ftps');
+					}
+					if ($tickets != $result['tickets'] && $tickets < $result['tickets_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'tickets');
+					}
+					if ($mysqls != $result['mysqls'] && $mysqls < $result['mysqls_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'mysqls');
+					}
+					if ($number_of_aps_packages != $result['aps_packages'] && $number_of_aps_packages < $result['aps_packages_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'aps packages');
+					}
+
+					if ($res_warning != "") {
+						$link = '';
+						$error = $res_warning;
+						eval("echo \"" . getTemplate('misc/error', '1') . "\";");
+						exit;
+					}
+
+					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET
+						`name`='" . $db->escape($name) . "',
+						`email`='" . $db->escape($email) . "',
+						`def_language`='" . $db->escape($def_language) . "',
+						`change_serversettings` = '" . $db->escape($change_serversettings) . "',
+						`customers` = '" . $db->escape($customers) . "',
+						`customers_see_all` = '" . $db->escape($customers_see_all) . "',
+						`domains` = '" . $db->escape($domains) . "',
+						`domains_see_all` = '" . $db->escape($domains_see_all) . "',
+						`caneditphpsettings` = '" . (int)$caneditphpsettings . "',
+						`password` = '" . $password . "',
+						`diskspace`='" . $db->escape($diskspace) . "',
+						`traffic`='" . $db->escape($traffic) . "',
+						`subdomains`='" . $db->escape($subdomains) . "',
+						`emails`='" . $db->escape($emails) . "',
+						`email_accounts` = '" . $db->escape($email_accounts) . "',
+						`email_forwarders`='" . $db->escape($email_forwarders) . "',
+						`email_quota`='" . $db->escape($email_quota) . "',
+						`email_autoresponder`='" . $db->escape($email_autoresponder) . "',
+						`ftps`='" . $db->escape($ftps) . "',
+						`tickets`='" . $db->escape($tickets) . "',
+						`tickets_see_all`='".$db->escape($tickets_see_all) . "',
+						`mysqls`='" . $db->escape($mysqls) . "',
+						`ip`='" . (int)$ipaddress . "',
+						`deactivated`='" . $db->escape($deactivated) . "',
+						`can_manage_aps_packages`=" . (int)$can_manage_aps_packages . ",
+						`aps_packages`=" . (int)$number_of_aps_packages . "
+						 WHERE `adminid`='" . $db->escape($id) . "'");
 					$log->logAction(ADM_ACTION, LOG_INFO, "edited admin '#" . $id . "'");
 					$redirect_props = Array(
 						'page' => $page,
@@ -829,13 +906,14 @@ if($page == 'admins'
 					}
 				}

+				/*
 				$change_serversettings = makeyesno('change_serversettings', '1', '0', $result['change_serversettings']);
 				$customers_see_all = makeyesno('customers_see_all', '1', '0', $result['customers_see_all']);
 				$domains_see_all = makeyesno('domains_see_all', '1', '0', $result['domains_see_all']);
 				$caneditphpsettings = makeyesno('caneditphpsettings', '1', '0', $result['caneditphpsettings']);
 				$deactivated = makeyesno('deactivated', '1', '0', $result['deactivated']);
 				$can_manage_aps_packages = makeyesno('can_manage_aps_packages', '1', '0', $result['can_manage_aps_packages']);
-
+				*/
 				$result = htmlentities_array($result);

 				$admin_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/admin/formfield.admin_edit.php';
--- a/admin_aps.php
+++ b/admin_aps.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 // Required code
--- a/admin_configfiles.php
+++ b/admin_configfiles.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'admin');
@@ -98,7 +98,9 @@ if($userinfo['change_serversettings'] == '1')
 			'<SSLPROTOCOLS>' => ($settings['system']['use_ssl'] == '1') ? 'imaps pop3s' : '',
 			'<CUSTOMER_TMP>' => ($settings['system']['mod_fcgid_tmpdir'] != '') ? makeCorrectDir($settings['system']['mod_fcgid_tmpdir']) : '/tmp/',
 			'<BASE_PATH>' => makeCorrectDir(dirname(__FILE__)),
-			'<BIND_CONFIG_PATH>' => makeCorrectDir($settings['system']['bindconf_directory'])
+			'<BIND_CONFIG_PATH>' => makeCorrectDir($settings['system']['bindconf_directory']),
+			'<WEBSERVER_RELOAD_CMD>' => $settings['system']['apachereload_command'],
+			'<CUSTOMER_LOGS>' => makeCorrectDir($settings['system']['logfiles_directory'])
 		);
 		$files = '';
 		$configpage = '';
--- a/admin_cronjobs.php
+++ b/admin_cronjobs.php
@@ -12,28 +12,21 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id: admin_cronjobs.php 105 2010-12-09 08:02:33Z d00p $
+ *
 */

 define('AREA', 'admin');
+require_once('./lib/init.php');

-require_once("./lib/init.php");
-
-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif(isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'cronjobs'
-  || $page == 'overview')
-{
-	if($action == '')
-	{
-		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_cronjobs");
+if ($page == 'cronjobs' || $page == 'overview') {
+	if ($action == '') {
+		$log->logAction(ADM_ACTION, LOG_NOTICE, 'viewed admin_cronjobs');

 		$fields = array(
 			'c.lastrun' => $lng['cron']['lastrun'],
@@ -56,88 +49,65 @@ if($page == 'cronjobs'
 		$i = 0;
 		$count = 0;

-		while($row = $db->fetch_array($result))
-		{
-			if($paging->checkDisplay($i))
-			{
+		while ($row = $db->fetch_array($result)) {
+			if ($paging->checkDisplay($i)) {
 				$row = htmlentities_array($row);
-				
+
 				$row['lastrun'] = date('d.m.Y H:i', $row['lastrun']);
-				
-				if((int)$row['isactive'] == 1)
-				{
-					$row['isactive'] = $lng['panel']['yes'];
-				}
-				else
-				{
-					$row['isactive'] = $lng['panel']['no'];
-				}
-				
+				$row['isactive'] = ((int)$row['isactive'] == 1) ? $lng['panel']['yes'] : $lng['panel']['no'];
+
 				$description = $lng['crondesc'][$row['desc_lng_key']];
-				
-				eval("\$crons.=\"" . getTemplate("cronjobs/cronjobs_cronjob") . "\";");
+
+				eval("\$crons.=\"" . getTemplate('cronjobs/cronjobs_cronjob') . "\";");
 				$count++;
 			}

 			$i++;
 		}

-		eval("echo \"" . getTemplate("cronjobs/cronjobs") . "\";");
+		eval("echo \"" . getTemplate('cronjobs/cronjobs') . "\";");

-	}
-	elseif($action == 'new')
-	{
+	} elseif ($action == 'new') {
 		/*
 		 * @TODO later
 		 */
-	}
-	elseif($action == 'edit'
-	&& $id != 0)
-	{
+	} elseif ($action == 'edit' && $id != 0) {
 		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_CRONRUNS . "` WHERE `id`='" . (int)$id . "'");
-		
-		if ($result['cronfile'] != '')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
-				$isactive = intval($_POST['isactive']);
+		if ($result['cronfile'] != '') {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				$isactive = isset($_POST['isactive']) ? 1 : 0;
 				$interval_value = validate($_POST['interval_value'], 'interval_value', '/^([0-9]+)$/Di', 'stringisempty');
 				$interval_interval = validate($_POST['interval_interval'], 'interval_interval');
-				
-				if($isactive != 1)
-				{
+
+				if ($isactive != 1) {
 					$isactive = 0;
 				}
-				
-				$interval = $interval_value.' '.strtoupper($interval_interval);
-				
+
+				$interval = $interval_value . ' ' . strtoupper($interval_interval);
+
 				$db->query("UPDATE `" . TABLE_PANEL_CRONRUNS . "` 
 							SET `isactive` = '".(int)$isactive."',
 							`interval` = '".$interval."'
 							WHERE `id` = '" . (int)$id . "'");

 				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
-				$isactive = makeyesno('isactive', '1', '0', $result['isactive']);
+			} else {
+				//$isactive = makeyesno('isactive', '1', '0', $result['isactive']);
 				// interval
 				$interval_nfo = explode(' ', $result['interval']);
 				$interval_value = $interval_nfo[0];

 				$interval_interval = '';
-				$interval_interval.= makeoption($lng['cronmgmt']['seconds'], 'SECOND', $interval_nfo[1]);
-				$interval_interval.= makeoption($lng['cronmgmt']['minutes'], 'MINUTE', $interval_nfo[1]);
-				$interval_interval.= makeoption($lng['cronmgmt']['hours'], 'HOUR', $interval_nfo[1]);
-				$interval_interval.= makeoption($lng['cronmgmt']['days'], 'DAY', $interval_nfo[1]);
-				$interval_interval.= makeoption($lng['cronmgmt']['weeks'], 'WEEK', $interval_nfo[1]);
-				$interval_interval.= makeoption($lng['cronmgmt']['months'], 'MONTH', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['seconds'], 'SECOND', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['minutes'], 'MINUTE', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['hours'], 'HOUR', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['days'], 'DAY', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['weeks'], 'WEEK', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['months'], 'MONTH', $interval_nfo[1]);
 				// end of interval
-				
+
 				$change_cronfile = false;
-				if (substr($result['module'], 0, strpos($result['module'], '/')) != 'froxlor')
-				{
+				if (substr($result['module'], 0, strpos($result['module'], '/')) != 'froxlor') {
 					$change_cronfile = true;
 				}

@@ -147,17 +117,13 @@ if($page == 'cronjobs'
 				$title = $cronjobs_edit_data['cronjobs_edit']['title'];
 				$image = $cronjobs_edit_data['cronjobs_edit']['image'];

-				eval("echo \"" . getTemplate("cronjobs/cronjob_edit") . "\";");
+				eval("echo \"" . getTemplate('cronjobs/cronjob_edit') . "\";");
 			}
 		}
 	}
-	elseif($action == 'delete'
-	&& $id != 0)
-	{
+	elseif ($action == 'delete' && $id != 0) {
 		/*
 		 * @TODO later
 		 */
 	}
 }
-
-?>
--- a/admin_customers.php
+++ b/admin_customers.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'admin');
@@ -40,56 +40,30 @@ if($page == 'customers'
 {
 	if($action == '')
 	{
+		// clear request data
+		unset($_SESSION['requestData']);
+
 		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_customers");
 		$fields = array(
 			'c.loginname' => $lng['login']['username'],
 			'a.loginname' => $lng['admin']['admin'],
 			'c.name' => $lng['customer']['name'],
+			'c.email' => $lng['customer']['email'],
 			'c.firstname' => $lng['customer']['firstname'],
 			'c.company' => $lng['customer']['company'],
 			'c.diskspace' => $lng['customer']['diskspace'],
 			'c.diskspace_used' => $lng['customer']['diskspace'] . ' (' . $lng['panel']['used'] . ')',
 			'c.traffic' => $lng['customer']['traffic'],
 			'c.traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')'
-/*
-			'c.mysqls' => $lng['customer']['mysqls'],
-			'c.mysqls_used' => $lng['customer']['mysqls'] . ' (' . $lng['panel']['used'] . ')',
-			'c.ftps' => $lng['customer']['ftps'],
-			'c.ftps_used' => $lng['customer']['ftps'] . ' (' . $lng['panel']['used'] . ')',
-			'c.subdomains' => $lng['customer']['subdomains'],
-			'c.subdomains_used' => $lng['customer']['subdomains'] . ' (' . $lng['panel']['used'] . ')',
-			'c.emails' => $lng['customer']['emails'],
-			'c.emails_used' => $lng['customer']['emails'] . ' (' . $lng['panel']['used'] . ')',
-			'c.email_accounts' => $lng['customer']['accounts'],
-			'c.email_accounts_used' => $lng['customer']['accounts'] . ' (' . $lng['panel']['used'] . ')',
-			'c.email_forwarders' => $lng['customer']['forwarders'],
-			'c.email_forwarders_used' => $lng['customer']['forwarders'] . ' (' . $lng['panel']['used'] . ')',
-			'c.email_quota' => $lng['customer']['email_quota'],
-			'c.email_quota_used' => $lng['customer']['email_quota'] . ' (' . $lng['panel']['used'] . ')',
-			'c.deactivated' => $lng['admin']['deactivated'],
-			'c.lastlogin_succ' => $lng['admin']['lastlogin_succ'],
-			'c.phpenabled' => $lng['admin']['phpenabled'],
-			'c.perlenabled' => $lng['admin']['perlenabled']
-*/
 		);

-/*
-		if($settings['ticket']['enabled'] == 1)
-		{
-			$fields['c.tickets'] = $lng['customer']['tickets'];
-			$fields['c.tickets_used'] = $lng['customer']['tickets'] . ' (' . $lng['panel']['used'] . ')';
+		if ($settings['system']['backup_enabled'] == '1') {
+			$field['c.backup_allowed'] = $lng['backup_allowed'];
 		}
-		
-		if($settings['autoresponder']['autoresponder_active'] == 1)
-		{
-			$fields['c.email_autoresponder'] = $lng['customer']['autoresponder'];
-			$fields['c.email_autoresponder_used'] = $lng['customer']['autoresponder'] . ' (' . $lng['panel']['used'] . ')';			
-		}
-*/

 		$paging = new paging($userinfo, $db, TABLE_PANEL_CUSTOMERS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 		$customers = '';
-		$result = $db->query("SELECT `c`.*, `a`.`loginname` AS `adminname` " . "FROM `" . TABLE_PANEL_CUSTOMERS . "` `c`, `" . TABLE_PANEL_ADMINS . "` `a` " . "WHERE " . ($userinfo['customers_see_all'] ? '' : " `c`.`adminid` = '" . (int)$userinfo['adminid'] . "' AND ") . "`c`.`adminid`=`a`.`adminid` " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		$result = $db->query("SELECT `c`.*, `a`.`loginname` AS `adminname` " . "FROM `" . TABLE_PANEL_CUSTOMERS . "` `c`, `" . TABLE_PANEL_ADMINS . "` `a` " . "WHERE " . ($userinfo['customers_see_all'] ? '' : " `c`.`adminid` = '" . (int)$userinfo['adminid'] . "' AND ") . "`c`.`adminid`=`a`.`adminid` " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy($settings['panel']['natsorting']) . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng, true);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -113,21 +87,28 @@ if($page == 'customers'
 				/**
 				 * percent-values for progressbar
 				 */
+				//For Disk usage
 				if ($row['diskspace'] > 0) {
-					$percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
-					$doublepercent = round($percent*2, 2);
+					$disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
+					$disk_doublepercent = round($disk_percent*2, 2);
 				} else {
-					$percent = 0;
-					$doublepercent = 0;
+					$disk_percent = 0;
+					$disk_doublepercent = 0;
 				}

-				$column_style = '';
-				$unlock_link = '';
+				if ($row['traffic'] > 0) {
+					$traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 2);
+					$traffic_doublepercent = round($traffic_percent*2, 2);
+				} else {
+					$traffic_percent = 0;
+					$traffic_doublepercent = 0;
+				}
+
+				$islocked = 0;
 				if($row['loginfail_count'] >= $settings['login']['maxloginattempts']
 					&& $row['lastlogin_fail'] > (time() - $settings['login']['deactivatetime'])
 				) {
-					$column_style = ' style="background-color: #f99122;"';
-					$unlock_link = '<a href="'.$filename.'?s='.$s.'&amp;page='.$page.'&amp;action=unlock&amp;id='.$row['customerid'].'">'.$lng['panel']['unlock'].'</a><br />';
+					$islocked = 1;
 				}

 				$row = str_replace_array('-1', 'UL', $row, 'diskspace traffic mysqls emails email_accounts email_forwarders ftps tickets subdomains email_autoresponder');
@@ -150,11 +131,14 @@ if($page == 'customers'

 		if($destination_user != '')
 		{
+			if ($result['deactivated'] == '1') {
+				standard_error("usercurrentlydeactivated", $destination_user);
+			}
 			$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid`='" . (int)$userinfo['userid'] . "' AND `hash`='" . $db->escape($s) . "'");
 			$s = md5(uniqid(microtime(), 1));
 			$db->query("INSERT INTO `" . TABLE_PANEL_SESSIONS . "` (`hash`, `userid`, `ipaddress`, `useragent`, `lastactivity`, `language`, `adminsession`) VALUES ('" . $db->escape($s) . "', '" . (int)$id . "', '" . $db->escape($result['ipaddress']) . "', '" . $db->escape($result['useragent']) . "', '" . time() . "', '" . $db->escape($result['language']) . "', '0')");
 			$log->logAction(ADM_ACTION, LOG_INFO, "switched user and is now '" . $destination_user . "'");
-			redirectTo('customer_index.php', Array('s' => $s));
+			redirectTo('customer_index.php', Array('s' => $s), true);
 		}
 		else
 		{
@@ -171,11 +155,11 @@ if($page == 'customers'
 			if(isset($_POST['send'])
 			   && $_POST['send'] == 'send')
 			{
-				$result = $db->query("UPDATE 
-					`" . TABLE_PANEL_CUSTOMERS . "` 
-				SET 
-					`loginfail_count` = '0' 
-				WHERE 
+				$result = $db->query("UPDATE
+					`" . TABLE_PANEL_CUSTOMERS . "`
+				SET
+					`loginfail_count` = '0'
+				WHERE
 					`customerid`= '" . (int)$id . "'"
 				);
 				redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -198,7 +182,6 @@ if($page == 'customers'
 			{
 				$databases = $db->query("SELECT * FROM " . TABLE_PANEL_DATABASES . " WHERE customerid='" . (int)$id . "' ORDER BY `dbserver`");
 				$db_root = new db($sql_root[0]['host'], $sql_root[0]['user'], $sql_root[0]['password'], '');
-				unset($db_root->password);
 				$last_dbserver = 0;

 				while($row_database = $db->fetch_array($databases))
@@ -208,16 +191,20 @@ if($page == 'customers'
 						$db_root->query('FLUSH PRIVILEGES;');
 						$db_root->close();
 						$db_root = new db($sql_root[$row_database['dbserver']]['host'], $sql_root[$row_database['dbserver']]['user'], $sql_root[$row_database['dbserver']]['password'], '');
-						unset($db_root->password);
 						$last_dbserver = $row_database['dbserver'];
 					}

-					foreach(array_unique(explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host)
+					if(mysql_get_server_info() < '5.0.2') {
+						// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
+						$db_root->query('REVOKE ALL PRIVILEGES, GRANT OPTION FROM \'' . $db_root->escape($row_database['databasename']) .'\'',false,true);
+					}
+
+					$host_res = $db_root->query("SELECT `Host` FROM `mysql`.`user` WHERE `User`='" . $db_root->escape($row_database['databasename']) . "'");
+					while($host = $db_root->fetch_array($host_res))
 					{
-						$mysql_access_host = trim($mysql_access_host);
-						$db_root->query('REVOKE ALL PRIVILEGES ON * . * FROM `' . $db_root->escape($row_database['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
-						$db_root->query('REVOKE ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($row_database['databasename'])) . '` . * FROM `' . $db_root->escape($row_database['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
-						$db_root->query('DELETE FROM `mysql`.`user` WHERE `User` = "' . $db_root->escape($row_database['databasename']) . '" AND `Host` = "' . $db_root->escape($mysql_access_host) . '"');
+						// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
+						$db_root->query('DROP USER \'' . $db_root->escape($row_database['databasename']). '\'@\'' . $db_root->escape($host['Host']) . '\'', false, true);
+						
 					}

 					$db_root->query('DROP DATABASE IF EXISTS `' . $db_root->escape($row_database['databasename']) . '`');
@@ -255,7 +242,7 @@ if($page == 'customers'
 					// remove all package related settings
 					$db->query("DELETE FROM `".TABLE_APS_SETTINGS."` WHERE `InstanceID` = '".(int)$apsrow['ID']."'");
 					// maybe some leftovers in the tasks
-					$db->query("DELETE FROM `".TABLE_APS_TASKS."` WHERE `InstanceID` = '".(int)$apsrow['ID']."'"); 
+					$db->query("DELETE FROM `".TABLE_APS_TASKS."` WHERE `InstanceID` = '".(int)$apsrow['ID']."'");
 				}
 				// now remove all user instances
 				$db->query("DELETE FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID`='".(int)$id."'");
@@ -293,7 +280,7 @@ if($page == 'customers'

 				if($result['email_autoresponder'] != '-1')
 				{
-					$admin_update_query.= ", `email_autoresponder` = `email_autoresponder` - 0" . (int)$result['email_autoresponder'];
+					$admin_update_query.= ", `email_autoresponder_used` = `email_autoresponder_used` - 0" . (int)$result['email_autoresponder'];
 				}

 				if($result['subdomains'] != '-1')
@@ -313,7 +300,7 @@ if($page == 'customers'

 				if($result['aps_packages'] != '-1')
 				{
-					$admin_update_query.= ", `aps_packages` = `aps_packages` - 0" . (int)$result['aps_packages'];
+					$admin_update_query.= ", `aps_packages_used` = `aps_packages_used` - 0" . (int)$result['aps_packages'];
 				}

 				if(($result['diskspace'] / 1024) != '-1')
@@ -325,14 +312,19 @@ if($page == 'customers'
 				$db->query($admin_update_query);
 				$log->logAction(ADM_ACTION, LOG_INFO, "deleted user '" . $result['loginname'] . "'");
 				inserttask('1');
+
+				// Using nameserver, insert a task which rebuilds the server config
 				inserttask('4');
-				
-				if(isset($_POST['delete_userfiles'])
-				  && (int)$_POST['delete_userfiles'] == 1)
-				{
+
+				if (isset($_POST['delete_userfiles'])
+						&& (int)$_POST['delete_userfiles'] == 1
+				) {
 					inserttask('6', $result['loginname']);
 				}
-				
+
+				// Using filesystem - quota, insert a task which cleans the filesystem - quota
+				inserttask('10');
+
 				/*
 				 * move old tickets to archive
 				 */
@@ -350,8 +342,8 @@ if($page == 'customers'
 						$mainticket->Archive();
 						$log->logAction(ADM_ACTION, LOG_NOTICE, "archived ticket '" . $mainticket->Get('subject') . "'");
 					}
-				}				
-				
+				}
+
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
 			else
@@ -380,6 +372,7 @@ if($page == 'customers'
 				$customernumber = validate($_POST['customernumber'], 'customer number', '/^[A-Za-z0-9 \-]*$/Di');
 				$def_language = validate($_POST['def_language'], 'default language');
 				$diskspace = intval_ressource($_POST['diskspace']);
+				$gender = intval_ressource($_POST['gender']);

 				if(isset($_POST['diskspace_ul']))
 				{
@@ -434,7 +427,7 @@ if($page == 'customers'
 				{
 					$email_quota = - 1;
 				}
-				
+
 				if($settings['autoresponder']['autoresponder_active'] == '1')
 				{
 					$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
@@ -449,9 +442,17 @@ if($page == 'customers'
 					$email_autoresponder = 0;
 				}

-				$email_imap = intval_ressource($_POST['email_imap']);
-				$email_pop3 = intval_ressource($_POST['email_pop3']);
-				$ftps = intval_ressource($_POST['ftps']);
+				$email_imap = 0;
+				if(isset($_POST['email_imap']))
+					$email_imap = intval_ressource($_POST['email_imap']);
+
+				$email_pop3 = 0;
+				if(isset($_POST['email_pop3']))
+					$email_pop3 = intval_ressource($_POST['email_pop3']);
+
+				$ftps = 0;
+				if(isset($_POST['ftps']))
+					$ftps = intval_ressource($_POST['ftps']);

 				if(isset($_POST['ftps_ul']))
 				{
@@ -487,7 +488,9 @@ if($page == 'customers'
 					$number_of_aps_packages = 0;
 				}

-				$createstdsubdomain = intval($_POST['createstdsubdomain']);
+				$createstdsubdomain = 0;
+				if(isset($_POST['createstdsubdomain']))
+					$createstdsubdomain = intval($_POST['createstdsubdomain']);
 				$password = validate($_POST['new_customer_password'], 'password');
 				// only check if not empty,
 				// cause empty == generate password automatically
@@ -495,10 +498,37 @@ if($page == 'customers'
 				{
 					$password = validatePassword($password);
 				}
-				$sendpassword = intval($_POST['sendpassword']);
-				$phpenabled = intval($_POST['phpenabled']);
-				$perlenabled = intval($_POST['perlenabled']);
-				$store_defaultindex = intval($_POST['store_defaultindex']);
+
+				$backup_allowed = 0;
+				if(isset($_POST['backup_allowed']))
+					$backup_allowed = intval($_POST['backup_allowed']);
+
+				if ($backup_allowed != 0)
+				{
+					$backup_allowed = 1;
+				}
+
+				// gender out of range? [0,2]
+				if ($gender < 0 || $gender > 2) {
+					$gender = 0;
+				}
+
+				$sendpassword = 0;
+				if(isset($_POST['sendpassword']))
+					$sendpassword = intval($_POST['sendpassword']);
+
+				$phpenabled = 0;
+				if(isset($_POST['phpenabled']))
+					$phpenabled = intval($_POST['phpenabled']);
+
+				$perlenabled = 0;
+				if(isset($_POST['perlenabled']))
+					$perlenabled = intval($_POST['perlenabled']);
+
+				$store_defaultindex = 0;
+				if(isset($_POST['store_defaultindex']))
+					$store_defaultindex = intval($_POST['store_defaultindex']);
+
 				$diskspace = $diskspace * 1024;
 				$traffic = $traffic * 1024 * 1024;

@@ -563,6 +593,11 @@ if($page == 'customers'
 						{
 							standard_error('loginnameissystemaccount', $settings['customer']['accountprefix']);
 						}
+						
+						//Additional filtering for Bug #962
+						if(function_exists('posix_getpwnam') && !in_array("posix_getpwnam",explode(",",ini_get('disable_functions'))) && posix_getpwnam($loginname)) {
+							standard_error('loginnameissystemaccount', $settings['customer']['accountprefix']);
+						}
 					}
 					else
 					{
@@ -616,40 +651,42 @@ if($page == 'customers'
 					$_theme = $settings['panel']['default_theme'];

 					$result = $db->query(
-						"INSERT INTO `" . TABLE_PANEL_CUSTOMERS . "` SET 
-						`adminid` = '" . (int)$userinfo['adminid'] . "', 
-						`loginname` = '" . $db->escape($loginname) . "', 
-						`password` = '" . md5($password) . "', 
-						`name` = '" . $db->escape($name) . "', 
-						`firstname` = '" . $db->escape($firstname) . "', 
-						`company` = '" . $db->escape($company) . "', 
-						`street` = '" . $db->escape($street) . "', 
-						`zipcode` = '" . $db->escape($zipcode) . "', 
-						`city` = '" . $db->escape($city) . "', 
-						`phone` = '" . $db->escape($phone) . "', 
-						`fax` = '" . $db->escape($fax) . "', 
-						`email` = '" . $db->escape($email) . "', 
-						`customernumber` = '" . $db->escape($customernumber) . "', 
-						`def_language` = '" . $db->escape($def_language) . "', 
-						`documentroot` = '" . $db->escape($documentroot) . "', 
-						`guid` = '" . $db->escape($guid) . "', 
-						`diskspace` = '" . $db->escape($diskspace) . "', 
-						`traffic` = '" . $db->escape($traffic) . "', 
-						`subdomains` = '" . $db->escape($subdomains) . "', 
-						`emails` = '" . $db->escape($emails) . "', 
-						`email_accounts` = '" . $db->escape($email_accounts) . "', 
-						`email_forwarders` = '" . $db->escape($email_forwarders) . "', 
-						`email_quota` = '" . $db->escape($email_quota) . "', 
-						`ftps` = '" . $db->escape($ftps) . "', 
-						`tickets` = '" . $db->escape($tickets) . "', 
-						`mysqls` = '" . $db->escape($mysqls) . "', 
-						`standardsubdomain` = '0', 
-						`phpenabled` = '" . $db->escape($phpenabled) . "', 
-						`imap` = '" . $db->escape($email_imap) . "', 
-						`pop3` = '" . $db->escape($email_pop3) . "', 
-						`aps_packages` = '" . (int)$number_of_aps_packages . "', 
-						`perlenabled` = '" . $db->escape($perlenabled) . "', 
+						"INSERT INTO `" . TABLE_PANEL_CUSTOMERS . "` SET
+						`adminid` = '" . (int)$userinfo['adminid'] . "',
+						`loginname` = '" . $db->escape($loginname) . "',
+						`password` = '" . md5($password) . "',
+						`name` = '" . $db->escape($name) . "',
+						`firstname` = '" . $db->escape($firstname) . "',
+						`gender` = '" . (int)$gender . "',
+						`company` = '" . $db->escape($company) . "',
+						`street` = '" . $db->escape($street) . "',
+						`zipcode` = '" . $db->escape($zipcode) . "',
+						`city` = '" . $db->escape($city) . "',
+						`phone` = '" . $db->escape($phone) . "',
+						`fax` = '" . $db->escape($fax) . "',
+						`email` = '" . $db->escape($email) . "',
+						`customernumber` = '" . $db->escape($customernumber) . "',
+						`def_language` = '" . $db->escape($def_language) . "',
+						`documentroot` = '" . $db->escape($documentroot) . "',
+						`guid` = '" . $db->escape($guid) . "',
+						`diskspace` = '" . $db->escape($diskspace) . "',
+						`traffic` = '" . $db->escape($traffic) . "',
+						`subdomains` = '" . $db->escape($subdomains) . "',
+						`emails` = '" . $db->escape($emails) . "',
+						`email_accounts` = '" . $db->escape($email_accounts) . "',
+						`email_forwarders` = '" . $db->escape($email_forwarders) . "',
+						`email_quota` = '" . $db->escape($email_quota) . "',
+						`ftps` = '" . $db->escape($ftps) . "',
+						`tickets` = '" . $db->escape($tickets) . "',
+						`mysqls` = '" . $db->escape($mysqls) . "',
+						`standardsubdomain` = '0',
+						`phpenabled` = '" . $db->escape($phpenabled) . "',
+						`imap` = '" . $db->escape($email_imap) . "',
+						`pop3` = '" . $db->escape($email_pop3) . "',
+						`aps_packages` = '" . (int)$number_of_aps_packages . "',
+						`perlenabled` = '" . $db->escape($perlenabled) . "',
 						`email_autoresponder` = '" . $db->escape($email_autoresponder) . "',
+						`backup_allowed` = '" . $db->escape($backup_allowed) . "',
 						`theme` = '" . $db->escape($_theme) . "'"
 					);
 					$customerid = $db->insert_id();
@@ -724,8 +761,10 @@ if($page == 'customers'
 					$log->logAction(ADM_ACTION, LOG_INFO, "added user '" . $loginname . "'");
 					inserttask('2', $loginname, $guid, $guid, $store_defaultindex);

-					// Add htpasswd for the webalizer stats
+					// Using filesystem - quota, insert a task which cleans the filesystem - quota
+					inserttask('10');

+					// Add htpasswd for the webalizer stats
 					if(CRYPT_STD_DES == 1)
 					{
 						$saltfordescrypt = substr(md5(uniqid(microtime(), 1)), 4, 2);
@@ -748,7 +787,8 @@ if($page == 'customers'
 					}

 					inserttask('1');
-					$result = $db->query("INSERT INTO `" . TABLE_FTP_USERS . "` " . "(`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', ENCRYPT('" . $db->escape($password) . "'), '" . $db->escape($documentroot) . "', 'y', '" . (int)$guid . "', '" . (int)$guid . "')");
+					$cryptPassword = makeCryptPassword($password);
+					$result = $db->query("INSERT INTO `" . TABLE_FTP_USERS . "` " . "(`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($cryptPassword) . "', '" . $db->escape($documentroot) . "', 'y', '" . (int)$guid . "', '" . (int)$guid . "')");
 					$result = $db->query("INSERT INTO `" . TABLE_FTP_GROUPS . "` " . "(`customerid`, `groupname`, `gid`, `members`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($guid) . "', '" . $db->escape($loginname) . "')");
 					$result = $db->query("INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` (`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`) VALUES ('" . $db->escape($loginname) . "', 'user', '0', '0', '0', '0', '0', '0')");
 					$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added ftp-account for user '" . $loginname . "'");
@@ -765,22 +805,26 @@ if($page == 'customers'
 							$_stdsubdomain = $loginname . '.' . $settings['system']['hostname'];
 						}

-						$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET " . 
+						$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET " .
 							"`domain` = '". $db->escape($_stdsubdomain) . "', " .
 							"`customerid` = '" . (int)$customerid . "', " .
-							"`adminid` = '" . (int)$userinfo['adminid'] . "', " . 
+							"`adminid` = '" . (int)$userinfo['adminid'] . "', " .
 							"`parentdomainid` = '-1', " .
-							"`ipandport` = '" . $db->escape($settings['system']['defaultip']) . "', " . 
-							"`documentroot` = '" . $db->escape($documentroot) . "', " . 
+							"`documentroot` = '" . $db->escape($documentroot) . "', " .
 							"`zonefile` = '', " .
 							"`isemaildomain` = '0', " .
-							"`caneditdomain` = '0', " . 
+							"`caneditdomain` = '0', " .
 							"`openbasedir` = '1', " .
-							"`safemode` = '1', " .
 							"`speciallogfile` = '0', " .
 							"`specialsettings` = '', " .
 							"`add_date` = '".date('Y-m-d')."'");
 						$domainid = $db->insert_id();
+						// set ip <-> domain connection
+						$db->query("INSERT INTO `".TABLE_DOMAINTOIP."` SET
+							`id_domain` = '".$domainid."',
+							`id_ipandports` = '".(int)$settings['system']['defaultip']."'"
+						);
+
 						$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `standardsubdomain`=\'' . (int)$domainid . '\' WHERE `customerid`=\'' . (int)$customerid . '\'');
 						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added standardsubdomain for user '" . $loginname . "'");
 						inserttask('1');
@@ -852,13 +896,10 @@ if($page == 'customers'
 				$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
-				$createstdsubdomain = makeyesno('createstdsubdomain', '1', '0', '1');
-				$email_imap = makeyesno('email_imap', '1', '0', '1');
-				$email_pop3 = makeyesno('email_pop3', '1', '0', '1');
-				$sendpassword = makeyesno('sendpassword', '1', '0', '1');
-				$phpenabled = makeyesno('phpenabled', '1', '0', '1');
-				$perlenabled = makeyesno('perlenabled', '1', '0', '0');
-				$store_defaultindex = makeyesno('store_defaultindex', '1', '0', '1');
+
+				$gender_options = makeoption($lng['gender']['undef'], 0, true, true, true);
+				$gender_options .= makeoption($lng['gender']['male'], 1, null, true, true);
+				$gender_options .= makeoption($lng['gender']['female'], 2, null, true, true);

 				$customer_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/customer/formfield.customer_add.php';
 				$customer_add_form = htmlform::genHTMLForm($customer_add_data);
@@ -893,6 +934,7 @@ if($page == 'customers'
 				$def_language = validate($_POST['def_language'], 'default language');
 				$password = validate($_POST['new_customer_password'], 'new password');
 				$diskspace = intval_ressource($_POST['diskspace']);
+				$gender = intval_ressource($_POST['gender']);

 				if(isset($_POST['diskspace_ul']))
 				{
@@ -960,11 +1002,19 @@ if($page == 'customers'
 				else
 				{
 					$email_autoresponder = 0;
-				}				
+				}

-				$email_imap = intval_ressource($_POST['email_imap']);
-				$email_pop3 = intval_ressource($_POST['email_pop3']);
-				$ftps = intval_ressource($_POST['ftps']);
+				$email_imap = 0;
+				if(isset($_POST['email_imap']))
+					$email_imap = intval_ressource($_POST['email_imap']);
+
+				$email_pop3 = 0;
+				if(isset($_POST['email_pop3']))
+					$email_pop3 = intval_ressource($_POST['email_pop3']);
+
+				$ftps = 0;
+				if(isset($_POST['ftps']))
+					$ftps = intval_ressource($_POST['ftps']);

 				if(isset($_POST['ftps_ul']))
 				{
@@ -979,7 +1029,22 @@ if($page == 'customers'
 					$tickets = - 1;
 				}

-				$mysqls = intval_ressource($_POST['mysqls']);
+				$backup_allowed = 0;
+				if (isset($_POST['backup_allowed']))
+					$backup_allowed = intval($_POST['backup_allowed']);
+
+				if($backup_allowed != '0'){
+					$backup_allowed = 1;
+				}
+
+				// gender out of range? [0,2]
+				if ($gender < 0 || $gender > 2) {
+					$gender = 0;
+				}
+
+				$mysqls = 0;
+				if(isset($_POST['mysqls']))
+					$mysqls = intval_ressource($_POST['mysqls']);

 				if(isset($_POST['mysqls_ul']))
 				{
@@ -987,7 +1052,7 @@ if($page == 'customers'
 				}

 				if($settings['aps']['aps_active'] == '1')
-				{				
+				{
 					$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);

 					if(isset($_POST['number_of_aps_packages_ul']))
@@ -1000,10 +1065,21 @@ if($page == 'customers'
 					$number_of_aps_packages = 0;
 				}

-				$createstdsubdomain = intval($_POST['createstdsubdomain']);
-				$deactivated = intval($_POST['deactivated']);
-				$phpenabled = intval($_POST['phpenabled']);
-				$perlenabled = intval($_POST['perlenabled']);
+				$createstdsubdomain = 0;
+				if(isset($_POST['createstdsubdomain']))
+					$createstdsubdomain = intval($_POST['createstdsubdomain']);
+
+				$deactivated = 0;
+				if(isset($_POST['deactivated']))
+					$deactivated = intval($_POST['deactivated']);
+
+				$phpenabled = 0;
+				if(isset($_POST['phpenabled']))
+					$phpenabled = intval($_POST['phpenabled']);
+
+				$perlenabled = 0;
+				if(isset($_POST['perlenabled']))
+					$perlenabled = intval($_POST['perlenabled']);
 				$diskspace = $diskspace * 1024;
 				$traffic = $traffic * 1024 * 1024;

@@ -1084,9 +1160,30 @@ if($page == 'customers'
 							$_stdsubdomain = $result['loginname'] . '.' . $settings['system']['hostname'];
 						}

-						$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` " . "(`domain`, `customerid`, `adminid`, `parentdomainid`, `ipandport`, `documentroot`, `zonefile`, `isemaildomain`, `caneditdomain`, `openbasedir`, `safemode`, `speciallogfile`, `specialsettings`, `add_date`) " . "VALUES ('" . $db->escape($_stdsubdomain) . "', '" . (int)$result['customerid'] . "', '" . (int)$userinfo['adminid'] . "', '-1', '" . $db->escape($settings['system']['defaultip']) . "', '" . $db->escape($result['documentroot']) . "', '', '0', '0', '1', '1', '0', '', '".date('Y-m-d')."')");
+						$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
+							`domain` = '" . $db->escape($_stdsubdomain) . "',
+							`customerid` = '" . (int)$result['customerid'] . "',
+							`adminid` = '" . (int)$userinfo['adminid'] . "',
+							`parentdomainid` = '-1',
+							`documentroot` = '" . $db->escape($result['documentroot']) . "',
+							`zonefile` = '',
+							`isemaildomain` = '0',
+							`caneditdomain` = '0',
+							`openbasedir` = '1',
+							`speciallogfile` = '0',
+							`specialsettings` = '',
+							`add_date` = '".date('Y-m-d')."'"
+						);
 						$domainid = $db->insert_id();
-						$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `standardsubdomain`=\'' . (int)$domainid . '\' WHERE `customerid`=\'' . (int)$result['customerid'] . '\'');
+						// set ip <-> domain connection
+						$db->query("INSERT INTO `".TABLE_DOMAINTOIP."` SET
+							`id_domain` = '".$domainid."',
+							`id_ipandports` = '".(int)$settings['system']['defaultip']."'"
+						);
+						$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
+							`standardsubdomain`='" . (int)$domainid . "'
+							 WHERE `customerid`='" . (int)$result['customerid'] . "'"
+						);
 						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added standardsubdomain for user '" . $result['loginname'] . "'");
 						inserttask('1');
 					}
@@ -1094,8 +1191,12 @@ if($page == 'customers'
 					if($createstdsubdomain == '0'
 					   && $result['standardsubdomain'] != '0')
 					{
-						$db->query('DELETE FROM `' . TABLE_PANEL_DOMAINS . '` WHERE `id`=\'' . (int)$result['standardsubdomain'] . '\'');
-						$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `standardsubdomain`=\'0\' WHERE `customerid`=\'' . (int)$result['customerid'] . '\'');
+						$db->query("DELETE FROM `" . TABLE_PANEL_DOMAINS . "`
+							WHERE `id`='" . (int)$result['standardsubdomain'] . "'");
+						$db->query("DELETE FROM `" . TABLE_DOMAINTOIP . "`
+							WHERE `id_domain`='" . (int)$result['standardsubdomain'] . "'");
+						$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
+							`standardsubdomain`= '0' WHERE `customerid`= '" . (int)$result['customerid'] . "'");
 						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically deleted standardsubdomain for user '" . $result['loginname'] . "'");
 						inserttask('1');
 					}
@@ -1123,9 +1224,48 @@ if($page == 'customers'

 					if($deactivated != $result['deactivated'])
 					{
-						$db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `postfix`='" . (($deactivated) ? 'N' : 'Y') . "', `pop3`='" . (($deactivated) ? '0' : '1') . "', `imap`='" . (($deactivated) ? '0' : '1') . "' WHERE `customerid`='" . (int)$id . "'");
+						$db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `postfix`='" . (($deactivated) ? 'N' : 'Y') . "', `pop3`='" . (($deactivated) ? '0' : (int)$result['pop3']) . "', `imap`='" . (($deactivated) ? '0' : (int)$result['imap']) . "' WHERE `customerid`='" . (int)$id . "'");
 						$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `login_enabled`='" . (($deactivated) ? 'N' : 'Y') . "' WHERE `customerid`='" . (int)$id . "'");
 						$db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `deactivated`='" . (int)$deactivated . "' WHERE `customerid`='" . (int)$id . "'");
+
+						/* Retrieve customer's databases */
+						$databases = $db->query("SELECT * FROM " . TABLE_PANEL_DATABASES . " WHERE customerid='" . (int)$id . "' ORDER BY `dbserver`");
+						$db_root = new db($sql_root[0]['host'], $sql_root[0]['user'], $sql_root[0]['password'], '');
+						$last_dbserver = 0;
+
+						/* For each of them */
+						while($row_database = $db->fetch_array($databases))
+						{
+							if($last_dbserver != $row_database['dbserver'])
+							{
+								$db_root->query('FLUSH PRIVILEGES;');
+								$db_root->close();
+								$db_root = new db($sql_root[$row_database['dbserver']]['host'], $sql_root[$row_database['dbserver']]['user'], $sql_root[$row_database['dbserver']]['password'], '');
+								$last_dbserver = $row_database['dbserver'];
+							}
+
+							foreach(array_unique(explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host)
+							{
+								$mysql_access_host = trim($mysql_access_host);
+
+								/* Prevent access, if deactivated */
+								if($deactivated)
+								{
+									// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
+									$db_root->query('REVOKE ALL PRIVILEGES, GRANT OPTION FROM \'' . $db_root->escape($row_database['databasename']) .'\'',false,true);
+								}
+								else /* Otherwise grant access */
+								{
+									$db_root->query('GRANT ALL PRIVILEGES ON `' . $db_root->escape($row_database['databasename']) .'`.* TO `' . $db_root->escape($row_database['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
+									$db_root->query('GRANT ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($row_database['databasename'])) . '` . * TO `' . $db_root->escape($row_database['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
+								}
+							}
+						}
+
+						/* At last flush the new privileges */
+						$db_root->query('FLUSH PRIVILEGES;');
+						$db_root->close();
+
 						$log->logAction(ADM_ACTION, LOG_INFO, "deactivated user '" . $result['loginname'] . "'");
 						inserttask('1');
 					}
@@ -1144,9 +1284,13 @@ if($page == 'customers'
 						$db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `imap`='" . (int)$email_imap . "' WHERE `customerid`='" . (int)$id . "'");
 					}

-					$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `name`='" . $db->escape($name) . "', `firstname`='" . $db->escape($firstname) . "', `company`='" . $db->escape($company) . "', `street`='" . $db->escape($street) . "', `zipcode`='" . $db->escape($zipcode) . "', `city`='" . $db->escape($city) . "', `phone`='" . $db->escape($phone) . "', `fax`='" . $db->escape($fax) . "', `email`='" . $db->escape($email) . "', `customernumber`='" . $db->escape($customernumber) . "', `def_language`='" . $db->escape($def_language) . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `deactivated`='" . $db->escape($deactivated) . "', `phpenabled`='" . $db->escape($phpenabled) . "', `email_quota`='" . $db->escape($email_quota) . "', `imap`='" . $db->escape($email_imap) . "', `pop3`='" . $db->escape($email_pop3) . "', `aps_packages`='" . (int)$number_of_aps_packages . "', `perlenabled`='" . $db->escape($perlenabled) . "', `email_autoresponder`='" . $db->escape($email_autoresponder) . "' WHERE `customerid`='" . (int)$id . "'");
+					// $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `name`='" . $db->escape($name) . "', `firstname`='" . $db->escape($firstname) . "', `company`='" . $db->escape($company) . "', `street`='" . $db->escape($street) . "', `zipcode`='" . $db->escape($zipcode) . "', `city`='" . $db->escape($city) . "', `phone`='" . $db->escape($phone) . "', `fax`='" . $db->escape($fax) . "', `email`='" . $db->escape($email) . "', `customernumber`='" . $db->escape($customernumber) . "', `def_language`='" . $db->escape($def_language) . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `deactivated`='" . $db->escape($deactivated) . "', `phpenabled`='" . $db->escape($phpenabled) . "', `email_quota`='" . $db->escape($email_quota) . "', `imap`='" . $db->escape($email_imap) . "', `pop3`='" . $db->escape($email_pop3) . "', `aps_packages`='" . (int)$number_of_aps_packages . "', `perlenabled`='" . $db->escape($perlenabled) . "', `email_autoresponder`='" . $db->escape($email_autoresponder) . "' WHERE `customerid`='" . (int)$id . "'");
+					$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `name`='" . $db->escape($name) . "', `firstname`='" . $db->escape($firstname) . "', `gender`='" . $db->escape($gender) . "', `company`='" . $db->escape($company) . "', `street`='" . $db->escape($street) . "', `zipcode`='" . $db->escape($zipcode) . "', `city`='" . $db->escape($city) . "', `phone`='" . $db->escape($phone) . "', `fax`='" . $db->escape($fax) . "', `email`='" . $db->escape($email) . "', `customernumber`='" . $db->escape($customernumber) . "', `def_language`='" . $db->escape($def_language) . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `deactivated`='" . $db->escape($deactivated) . "', `phpenabled`='" . $db->escape($phpenabled) . "', `email_quota`='" . $db->escape($email_quota) . "', `imap`='" . $db->escape($email_imap) . "', `pop3`='" . $db->escape($email_pop3) . "', `aps_packages`='" . (int)$number_of_aps_packages . "', `perlenabled`='" . $db->escape($perlenabled) . "', `email_autoresponder`='" . $db->escape($email_autoresponder) . "', `backup_allowed`='" . $db->escape($backup_allowed) . "' WHERE `customerid`='" . (int)$id . "'");
 					$admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` ";

+					// Using filesystem - quota, insert a task which cleans the filesystem - quota
+					inserttask('10');
+
 					if($mysqls != '-1'
 					   || $result['mysqls'] != '-1')
 					{
@@ -1430,15 +1574,12 @@ if($page == 'customers'
 					$result['aps_packages'] = '';
 				}

-				$createstdsubdomain = makeyesno('createstdsubdomain', '1', '0', (($result['standardsubdomain'] != '0') ? '1' : '0'));
-				$phpenabled = makeyesno('phpenabled', '1', '0', $result['phpenabled']);
-				$perlenabled = makeyesno('perlenabled', '1', '0', $result['perlenabled']);
-				$deactivated = makeyesno('deactivated', '1', '0', $result['deactivated']);
-				$email_imap = makeyesno('email_imap', '1', '0', $result['imap']);
-				$email_pop3 = makeyesno('email_pop3', '1', '0', $result['pop3']);
-
 				$result = htmlentities_array($result);

+				$gender_options = makeoption($lng['gender']['undef'], 0, ($result['gender'] == '0' ? true : false), true, true);
+				$gender_options .= makeoption($lng['gender']['male'], 1, ($result['gender'] == '1' ? true : false), true, true);
+				$gender_options .= makeoption($lng['gender']['female'], 2, ($result['gender'] == '2' ? true : false), true, true);
+
 				$customer_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/customer/formfield.customer_edit.php';
 				$customer_edit_form = htmlform::genHTMLForm($customer_edit_data);

--- a/admin_domains.php
+++ b/admin_domains.php
--- a/admin_index.php
+++ b/admin_index.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'admin');
@@ -104,11 +104,13 @@ if($page == 'overview')
 					$_message = isset($latestversion[1]) ? $latestversion[1] : '';
 					$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');

-					$lookfornewversion_lable = $_version;
+					// add the branding so debian guys are not gettings confused
+					// about their version-number
+					$lookfornewversion_lable = $_version.$branding;
 					$lookfornewversion_link = $_link;
 					$lookfornewversion_addinfo = $_message;
-					
-					if (version_compare($version, $_version) == -1) {
+
+					if (version_compare2($version, $_version) == -1) {
 						$isnewerversion = 1;
 					} else {
 						$isnewerversion = 0;
@@ -146,18 +148,6 @@ if($page == 'overview')
 	$cron_last_runs = getCronjobsLastRun();
 	$outstanding_tasks = getOutstandingTasks();

-	$opentickets = 0;
-	$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
-                                   WHERE `answerto` = "0" AND (`status` = "0" OR `status` = "1")
-                                   AND `lastreplier`="0" AND `adminid` = "' . $userinfo['adminid'] . '"');
-	$awaitingtickets = $opentickets['count'];
-	$awaitingtickets_text = '';
-
-	if($opentickets > 0)
-	{
-		$awaitingtickets_text = strtr($lng['ticket']['awaitingticketreply'], array('%s' => '<a href="admin_tickets.php?page=tickets&amp;s=' . $s . '">' . $opentickets['count'] . '</a>'));
-	}
-
 	if(function_exists('sys_getloadavg'))
 	{
 		$loadArray = sys_getloadavg();
@@ -283,7 +273,7 @@ elseif($page == 'change_language')
 		$language_options = '';

 		$default_lang = $settings['panel']['standardlanguage'];
-		if($userinfo['def_language'] != '') { 
+		if($userinfo['def_language'] != '') {
 			$default_lang = $userinfo['def_language'];
 		}

--- a/admin_ipsandports.php
+++ b/admin_ipsandports.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'admin');
@@ -83,7 +83,7 @@ if($page == 'ipsandports'
 		if(isset($result['id'])
 		   && $result['id'] == $id)
 		{
-			$result_checkdomain = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `ipandport`='" . (int)$id . "'");
+			$result_checkdomain = $db->query_first("SELECT `id_domain` as `id` FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_ipandports`='" . (int)$id . "'");

 			if($result_checkdomain['id'] == '')
 			{
@@ -102,9 +102,16 @@ if($page == 'ipsandports'
 							   && $_POST['send'] == 'send')
 							{
 								$db->query("DELETE FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id`='" . (int)$id . "'");
+
+								// also, remove connections to domains (multi-stack)
+								$db->query("DELETE FROM `".TABLE_DOMAINTOIP."` WHERE `id_ipandports`='".(int)$id."'");
+
 								$log->logAction(ADM_ACTION, LOG_WARNING, "deleted IP/port '" . $result['ip'] . ":" . $result['port'] . "'");
 								inserttask('1');
+
+								// Using nameserver, insert a task which rebuilds the server config
 								inserttask('4');
+
 								redirectTo($filename, Array('page' => $page, 's' => $s));
 							}
 							else
@@ -136,11 +143,11 @@ if($page == 'ipsandports'
 		{
 			$ip = validate_ip($_POST['ip']);
 			$port = validate($_POST['port'], 'port', '/^(([1-9])|([1-9][0-9])|([1-9][0-9][0-9])|([1-9][0-9][0-9][0-9])|([1-5][0-9][0-9][0-9][0-9])|(6[0-4][0-9][0-9][0-9])|(65[0-4][0-9][0-9])|(655[0-2][0-9])|(6553[0-5]))$/Di', array('stringisempty', 'myport'));
-			$listen_statement = intval($_POST['listen_statement']);
-			$namevirtualhost_statement = intval($_POST['namevirtualhost_statement']);
-			$vhostcontainer = intval($_POST['vhostcontainer']);
+			$listen_statement = isset($_POST['listen_statement']) ? 1 : 0;
+			$namevirtualhost_statement = isset($_POST['namevirtualhost_statement']) ? 1 : 0;
+			$vhostcontainer = isset($_POST['vhostcontainer']) ? 1 : 0;
 			$specialsettings = validate(str_replace("\r\n", "\n", $_POST['specialsettings']), 'specialsettings', '/^[^\0]*$/');
-			$vhostcontainer_servername_statement = intval($_POST['vhostcontainer_servername_statement']);
+			$vhostcontainer_servername_statement = isset($_POST['vhostcontainer_servername_statement']) ? 1 : 0;
 			$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
 			$docroot = validate($_POST['docroot'], 'docroot');
 			if((int)$settings['system']['use_ssl'] == 1)
@@ -245,17 +252,22 @@ if($page == 'ipsandports'

 				$log->logAction(ADM_ACTION, LOG_WARNING, "added IP/port '" . $ip . ":" . $port . "'");
 				inserttask('1');
+
+				// Using nameserver, insert a task which rebuilds the server config
 				inserttask('4');
+
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
 		}
 		else
 		{
+			/*
 			$enable_ssl = makeyesno('ssl', '1', '0', '0');
 			$listen_statement = makeyesno('listen_statement', '1', '0', '1');
 			$namevirtualhost_statement = makeyesno('namevirtualhost_statement', '1', '0', '1');
 			$vhostcontainer = makeyesno('vhostcontainer', '1', '0', '1');
 			$vhostcontainer_servername_statement = makeyesno('vhostcontainer_servername_statement', '1', '0', '1');
+			*/

 			$ipsandports_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/ipsandports/formfield.ipsandports_add.php';
 			$ipsandports_add_form = htmlform::genHTMLForm($ipsandports_add_data);
@@ -280,16 +292,23 @@ if($page == 'ipsandports'
 				$port = validate($_POST['port'], 'port', '/^(([1-9])|([1-9][0-9])|([1-9][0-9][0-9])|([1-9][0-9][0-9][0-9])|([1-5][0-9][0-9][0-9][0-9])|(6[0-4][0-9][0-9][0-9])|(65[0-4][0-9][0-9])|(655[0-2][0-9])|(6553[0-5]))$/Di', array('stringisempty', 'myport'));
 				$result_checkfordouble = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ip`='" . $db->escape($ip) . "' AND `port`='" . (int)$port . "'");
 				$result_sameipotherport = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ip`='" . $db->escape($result['ip']) . "' AND `id`!='" . (int)$id . "'");
-				$listen_statement = intval($_POST['listen_statement']);
-				$namevirtualhost_statement = intval($_POST['namevirtualhost_statement']);
-				$vhostcontainer = intval($_POST['vhostcontainer']);
+				$listen_statement = isset($_POST['listen_statement']) ? 1 : 0;
+				$namevirtualhost_statement = isset($_POST['namevirtualhost_statement']) ? 1 : 0;
+				$vhostcontainer = isset($_POST['vhostcontainer']) ? 1 : 0;
 				$specialsettings = validate(str_replace("\r\n", "\n", $_POST['specialsettings']), 'specialsettings', '/^[^\0]*$/');
-				$vhostcontainer_servername_statement = intval($_POST['vhostcontainer_servername_statement']);
+				$vhostcontainer_servername_statement = isset($_POST['vhostcontainer_servername_statement']) ? 1 : 0;
 				$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
 				$docroot =  validate($_POST['docroot'], 'docroot');
-				if((int)$settings['system']['use_ssl'] == 1)
-				{
-					$ssl = intval($_POST['ssl']);
+
+				if((int)$settings['system']['use_ssl'] == 1
+					/* 
+					 * check here if ssl is even checked, cause if not, we don't need
+					 * to validate and set all the $ssl_*_file vars
+					 */
+					&& isset($_POST['ssl'])
+					&& $_POST['ssl'] != 0
+				) {
+					$ssl = 1;
 					$ssl_cert_file = validate($_POST['ssl_cert_file'], 'ssl_cert_file');
 					$ssl_key_file = validate($_POST['ssl_key_file'], 'ssl_key_file');
 					$ssl_ca_file = validate($_POST['ssl_ca_file'], 'ssl_ca_file');
@@ -391,18 +410,23 @@ if($page == 'ipsandports'

 					$log->logAction(ADM_ACTION, LOG_WARNING, "changed IP/port from '" . $result['ip'] . ":" . $result['port'] . "' to '" . $ip . ":" . $port . "'");
 					inserttask('1');
+
+					// Using nameserver, insert a task which rebuilds the server config
 					inserttask('4');
+
 					redirectTo($filename, Array('page' => $page, 's' => $s));
 				}
 			}
 			else
 			{
-				$enable_ssl = makeyesno('ssl', '1', '0', $result['ssl']);
 				$result = htmlentities_array($result);
+				/*
+				$enable_ssl = makeyesno('ssl', '1', '0', $result['ssl']);
 				$listen_statement = makeyesno('listen_statement', '1', '0', $result['listen_statement']);
 				$namevirtualhost_statement = makeyesno('namevirtualhost_statement', '1', '0', $result['namevirtualhost_statement']);
 				$vhostcontainer = makeyesno('vhostcontainer', '1', '0', $result['vhostcontainer']);
 				$vhostcontainer_servername_statement = makeyesno('vhostcontainer_servername_statement', '1', '0', $result['vhostcontainer_servername_statement']);
+				*/

 				$ipsandports_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/ipsandports/formfield.ipsandports_edit.php';
 				$ipsandports_edit_form = htmlform::genHTMLForm($ipsandports_edit_data);
--- a/admin_logger.php
+++ b/admin_logger.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'admin');
@@ -22,14 +22,12 @@ define('AREA', 'admin');
 /**
 * Include our init.php, which manages Sessions, Language etc.
 */
+require('./lib/init.php');

-require ("./lib/init.php");
-
-if($page == 'log'
-   && $userinfo['change_serversettings'] == '1')
-{
-	if($action == '')
-	{
+if ($page == 'log'
+   && $userinfo['change_serversettings'] == '1'
+) {
+	if ($action == '') {
 		$fields = array(
 			'date' => $lng['logger']['date'],
 			'type' => $lng['logger']['type'],
@@ -47,24 +45,21 @@ if($page == 'log'
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$clog = array();

-		while($row = $db->fetch_array($result))
-		{
-			if(!isset($clog[$row['action']])
-			   || !is_array($clog[$row['action']]))
-			{
+		while ($row = $db->fetch_array($result)) {
+			if (!isset($clog[$row['action']])
+			   || !is_array($clog[$row['action']])
+			) {
 				$clog[$row['action']] = array();
 			}

 			$clog[$row['action']][$row['logid']] = $row;
 		}

-		if($paging->sortfield == 'date'
-		   && $paging->sortorder == 'desc')
-		{
+		if ($paging->sortfield == 'date'
+		   && $paging->sortorder == 'desc'
+		) {
 			krsort($clog);
-		}
-		else
-		{
+		} else {
 			ksort($clog);
 		}

@@ -72,20 +67,15 @@ if($page == 'log'
 		$count = 0;
 		$log_count = 0;
 		$log = '';
-		foreach($clog as $action => $logrows)
-		{
+		foreach ($clog as $action => $logrows) {
 			$_action = 0;
-			foreach($logrows as $row)
-			{
-				if($paging->checkDisplay($i))
-				{
+			foreach ($logrows as $row) {
+				if ($paging->checkDisplay($i)) {
 					$row = htmlentities_array($row);
 					$row['date'] = date("d.m.y H:i:s", $row['date']);

-					if($_action != $action)
-					{
-						switch($action)
-						{
+					if ($_action != $action) {
+						switch ($action) {
 							case USR_ACTION:
 								$_action = $lng['admin']['customer'];
 								break;
@@ -107,15 +97,14 @@ if($page == 'log'
 						}

 						$row['action'] = $_action;
-						eval("\$log.=\"" . getTemplate("logger/logger_action") . "\";");
+						eval("\$log.=\"" . getTemplate('logger/logger_action') . "\";");
 					}

 					$log_count++;
 					$type = $row['type'];
 					$_type = 'unknown';

-					switch($type)
-					{
+					switch ($type) {
 						case LOG_INFO:
 							$_type = 'Information';
 							break;
@@ -137,32 +126,27 @@ if($page == 'log'
 					}

 					$row['type'] = $_type;
-					eval("\$log.=\"" . getTemplate("logger/logger_log") . "\";");
+					eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";");
 					$count++;
 					$_action = $action;
 				}
 			}
-
 			$i++;
 		}

-		eval("echo \"" . getTemplate("logger/logger") . "\";");
-	}
-	elseif($action == 'truncate')
-	{
-		if(isset($_POST['send'])
-		   && $_POST['send'] == 'send')
-		{
+		eval("echo \"" . getTemplate('logger/logger') . "\";");
+	} elseif ($action == 'truncate') {
+		if (isset($_POST['send'])
+		   && $_POST['send'] == 'send'
+		) {
 			$yesterday = time() - (60 * 10);

 			/* (60*60*24); */

 			$db->query("DELETE FROM `" . TABLE_PANEL_LOG . "` WHERE `date` < '" . $yesterday . "'");
-			$log->logAction(ADM_ACTION, LOG_WARNING, "truncated the system-log (mysql)");
+			$log->logAction(ADM_ACTION, LOG_WARNING, 'truncated the system-log (mysql)');
 			redirectTo($filename, Array('page' => $page, 's' => $s));
-		}
-		else
-		{
+		} else {
 			ask_yesno('logger_reallytruncate', $filename, array('page' => $page, 'action' => $action), TABLE_PANEL_LOG);
 		}
 	}
--- a/admin_message.php
+++ b/admin_message.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'admin');
@@ -22,79 +22,60 @@ define('AREA', 'admin');
 /**
 * Include our init.php, which manages Sessions, Language etc.
 */
+require('./lib/init.php');

-require ("./lib/init.php");
-
-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif (isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'message')
-{
-	if($action == '')
-	{
-		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed panel_message");
+if ($page == 'message') {
+	if ($action == '') {
+		$log->logAction(ADM_ACTION, LOG_NOTICE, 'viewed panel_message');

-		if(isset($_POST['send'])
-		   && $_POST['send'] == 'send')
-		{
-			if($_POST['receipient'] == 0
-			   && $userinfo['customers_see_all'] == '1')
-			{
-				$log->logAction(ADM_ACTION, LOG_NOTICE, "sending messages to admins");
+		if (isset($_POST['send'])
+		   && $_POST['send'] == 'send'
+		) {
+			if ($_POST['receipient'] == 0
+			   && $userinfo['customers_see_all'] == '1'
+			) {
+				$log->logAction(ADM_ACTION, LOG_NOTICE, 'sending messages to admins');
 				$result = $db->query('SELECT `name`, `email`  FROM `' . TABLE_PANEL_ADMINS . "`");
-			}
-			elseif($_POST['receipient'] == 1)
-			{
-				if($userinfo['customers_see_all'] == "1")
-				{
-					$log->logAction(ADM_ACTION, LOG_NOTICE, "sending messages to ALL customers");
+			} elseif ($_POST['receipient'] == 1) {
+				if ($userinfo['customers_see_all'] == '1') {
+					$log->logAction(ADM_ACTION, LOG_NOTICE, 'sending messages to ALL customers');
 					$result = $db->query('SELECT `firstname`, `name`, `email`  FROM `' . TABLE_PANEL_CUSTOMERS . "`");
-				}
-				else
-				{
-					$log->logAction(ADM_ACTION, LOG_NOTICE, "sending messages to customers");
+				} else {
+					$log->logAction(ADM_ACTION, LOG_NOTICE, 'sending messages to customers');
 					$result = $db->query('SELECT `firstname`, `name`, `email`  FROM `' . TABLE_PANEL_CUSTOMERS . "` WHERE `adminid`='" . $userinfo['adminid'] . "'");
 				}
-			}
-			else
-			{
+			} else {
 				standard_error('noreceipientsgiven');
 			}

 			$subject = $_POST['subject'];
 			$message = wordwrap($_POST['message'], 70);

-			if(!empty($message))
-			{
+			if (!empty($message)) {
 				$mailcounter = 0;
 				$mail->Body = $message;
 				$mail->Subject = $subject;

-				while($row = $db->fetch_array($result))
-				{
+				while ($row = $db->fetch_array($result)) {
 					$mail->AddAddress($row['email'], (isset($row['firstname']) ? $row['firstname'] . ' ' : '') . $row['name']);
 					$mail->From = $userinfo['email'];
 					$mail->FromName = (isset($userinfo['firstname']) ? $userinfo['firstname'] . ' ' : '') . $userinfo['name'];

-					if(!$mail->Send())
-					{
-						if($mail->ErrorInfo != '')
-						{
+					if (!$mail->Send()) {
+						if ($mail->ErrorInfo != '') {
 							$mailerr_msg = $mail->ErrorInfo;
-						}
-						else
-						{
-							$mailerr_msg = $row["email"];
+						} else {
+							$mailerr_msg = $row['email'];
 						}

-						$log->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
-						standard_error('errorsendingmail', $row["email"]);
+						$log->logAction(ADM_ACTION, LOG_ERR, 'Error sending mail: ' . $mailerr_msg);
+						standard_error('errorsendingmail', $row['email']);
 					}

 					$mailcounter++;
@@ -102,47 +83,34 @@ if($page == 'message')
 				}

 				redirectTo($filename, Array('page' => $page, 's' => $s, 'action' => 'showsuccess', 'sentitems' => $mailcounter));
-			}
-			else
-			{
+			} else {
 				standard_error('nomessagetosend');
 			}
 		}
 	}

-	if($action == 'showsuccess')
-	{
+	if ($action == 'showsuccess') {
 		$success = 1;
 		$sentitems = isset($_GET['sentitems']) ? (int)$_GET['sentitems'] : 0;

-		if($sentitems == 0)
-		{
+		if ($sentitems == 0) {
 			$successmessage = $lng['message']['noreceipients'];
-		}
-		else
-		{
+		} else {
 			$successmessage = str_replace('%s', $sentitems, $lng['message']['success']);
 		}
-
-		$action = '';
-	}
-	else
-	{
+	} else {
 		$success = 0;
 		$sentitems = 0;
 		$successmessage = '';
-		$action = '';
 	}
+	$action = '';

 	$receipients = '';

-	if($userinfo['customers_see_all'] == "1")
-	{
+	if ($userinfo['customers_see_all'] == '1') {
 		$receipients.= makeoption($lng['panel']['reseller'], 0);
 	}

-	$receipients.= makeoption($lng['panel']['customer'], 1);
-	eval("echo \"" . getTemplate("message/message") . "\";");
+	$receipients .= makeoption($lng['panel']['customer'], 1);
+	eval("echo \"" . getTemplate('message/message') . "\";");
 }
-
-?>
--- a/admin_phpsettings.php
+++ b/admin_phpsettings.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'admin');
@@ -25,47 +25,54 @@ define('AREA', 'admin');

 require ("./lib/init.php");

-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif (isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'overview')
-{
-	if($action == '')
-	{
+if ($page == 'overview') {
+
+	if ($action == '') {
+
 		$tablecontent = '';
 		$count = 0;
 		$result = $db->query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");

-		while($row = $db->fetch_array($result))
-		{
+		while ($row = $db->fetch_array($result)) {
+
 			$domainresult = false;

-			if((int)$userinfo['domains_see_all'] == 0)
-			{
-				$domainresult = $db->query("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `adminid` = " . (int)$userinfo['userid'] . " AND `phpsettingid` = " . (int)$row['id']);
-			}
-			else
-			{
-				$domainresult = $db->query("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `phpsettingid` = " . (int)$row['id']);
+			$query = "SELECT * FROM `".TABLE_PANEL_DOMAINS."`
+					WHERE `phpsettingid` = '".(int)$row['id']."'
+					AND `parentdomainid` = '0'";
+
+			if ((int)$userinfo['domains_see_all'] == 0) {
+				$query .= " AND `adminid` = '".(int)$userinfo['userid']."'";
 			}

-			$domains = '';
-
-			if($db->num_rows($domainresult) > 0)
-			{
-				while($row2 = $db->fetch_array($domainresult))
-				{
-					$domains.= $row2['domain'] . '<br/>';
+			if ((int)$settings['panel']['phpconfigs_hidestdsubdomain'] == 1) {
+				$query2 = "SELECT DISTINCT `standardsubdomain`
+						FROM `".TABLE_PANEL_CUSTOMERS."`
+						WHERE `standardsubdomain` > 0 ORDER BY `standardsubdomain` ASC;";
+				$ssdids_res = $db->query($query2);
+				$ssdids = array();
+				while ($ssd = $db->fetch_array($ssdids_res)) {
+					$ssdids[] = $ssd['standardsubdomain'];
+				}
+				if (count($ssdids) > 0) {
+					$query .= " AND `id` NOT IN (".implode(', ', $ssdids).")";
 				}
 			}
-			else
-			{
+
+			$domainresult = $db->query($query);
+
+			$domains = '';
+			if ($db->num_rows($domainresult) > 0) {
+				while ($row2 = $db->fetch_array($domainresult)) {
+					$domains.= $row2['domain'] . '<br/>';
+				}
+			} else {
 				$domains = $lng['admin']['phpsettings']['notused'];
 			}

--- a/admin_settings.php
+++ b/admin_settings.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'admin');
@@ -32,7 +32,7 @@ if(($page == 'settings' || $page == 'overview')
 {
 	$settings_data = loadConfigArrayDir('./actions/admin/settings/');
 	$settings = loadSettings($settings_data, $db);
-	
+
 	if(isset($_POST['send'])
 	   && $_POST['send'] == 'send')
 	{
@@ -65,9 +65,14 @@ if(($page == 'settings' || $page == 'overview')
 			$only_enabledisable = true;
 		}
 		
+		// check if the session timeout is too low #815
+		if (isset($_POST['session_sessiontimeout']) && $_POST['session_sessiontimeout'] <= 60) {
+			standard_error($lng['error']['session_timeout'], $lng['error']['session_timeout_desc']);
+		}
+
 		if(processFormEx(
-			$settings_data, 
-			$_POST, 
+			$settings_data,
+			$_POST,
 			array('filename' => $filename, 'action' => $action, 'page' => $page),
 			$_part,
 			$settings_all,
@@ -77,38 +82,83 @@ if(($page == 'settings' || $page == 'overview')
 		) {
 			$log->logAction(ADM_ACTION, LOG_INFO, "rebuild configfiles due to changed setting");
 			inserttask('1');
+			// Using nameserver, insert a task which rebuilds the server config
 			inserttask('4');
-			inserttask('5');
+
 			standard_success('settingssaved', '', array('filename' => $filename, 'action' => $action, 'page' => $page));
 		}
 	}
 	else
 	{
 		$_part = isset($_GET['part']) ? $_GET['part'] : '';
-		
+
 		if($_part == '')
 		{
 			$_part = isset($_POST['part']) ? $_POST['part'] : '';
 		}

 		$fields = buildFormEx($settings_data, $_part);
-		
+
 		$settings_page = '';
 		if($_part == '')
 		{
 			eval("\$settings_page .= \"" . getTemplate("settings/settings_overview") . "\";");
-		} 
+		}
 		else
 		{
 			eval("\$settings_page .= \"" . getTemplate("settings/settings") . "\";");
 		}
-		
+
 		eval("echo \"" . getTemplate("settings/settings_form_begin") . "\";");
 		eval("echo \$settings_page;");
 		eval("echo \"" . getTemplate("settings/settings_form_end") . "\";");

 	}
 }
+elseif($page == 'phpinfo'
+	&& $userinfo['change_serversettings'] == '1'
+) {
+		ob_start();
+		phpinfo();
+		$phpinfo = array('phpinfo' => array());
+		if (preg_match_all(
+				'#(?:<h2>(?:<a name=".*?">)?(.*?)(?:</a>)?</h2>)|(?:<tr(?: class=".*?")?><t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>(?:<t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>(?:<t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>)?)?</tr>)#s',
+				ob_get_clean(), $matches, PREG_SET_ORDER
+			)
+		) {
+		foreach ($matches as $match) {
+			$end = array_keys($phpinfo);
+			$end = end($end);
+			if (strlen($match[1])) {
+				$phpinfo[$match[1]] = array();
+			} elseif (isset($match[3])) {
+				$phpinfo[$end][$match[2]] = isset($match[4]) ? array($match[3], $match[4]) : $match[3];
+			} else {
+				$phpinfo[$end][] = $match[2];
+			}
+		}
+		$phpinfohtml = '';
+		foreach ($phpinfo as $name => $section) {
+			$phpinfoentries = "";
+			foreach ($section as $key => $val) {
+				if (is_array($val)) {
+					eval("\$phpinfoentries .= \"" . getTemplate("settings/phpinfo/phpinfo_3") . "\";");
+				} elseif (is_string($key)) {
+					eval("\$phpinfoentries .= \"" . getTemplate("settings/phpinfo/phpinfo_2") . "\";");
+				} else {
+					eval("\$phpinfoentries .= \"" . getTemplate("settings/phpinfo/phpinfo_1") . "\";");
+				}
+			}
+			// first header -> show actual php version
+			if (strtolower($name) == "phpinfo") {
+				$name = "PHP ".PHP_VERSION;
+			}
+			eval("\$phpinfohtml .= \"" . getTemplate("settings/phpinfo/phpinfo_table") . "\";");
+		}
+		$phpinfo = $phpinfohtml;
+	}
+	eval("echo \"" . getTemplate("settings/phpinfo") . "\";");
+}
 elseif($page == 'rebuildconfigs'
       && $userinfo['change_serversettings'] == '1')
 {
@@ -117,8 +167,10 @@ elseif($page == 'rebuildconfigs'
 	{
 		$log->logAction(ADM_ACTION, LOG_INFO, "rebuild configfiles");
 		inserttask('1');
+		inserttask('10');
+		// Using nameserver, insert a task which rebuilds the server config
 		inserttask('4');
-		inserttask('5');
+
 		standard_success('rebuildingconfigs', '', array('filename' => 'admin_index.php'));
 	}
 	else
--- a/admin_templates.php
+++ b/admin_templates.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'admin');
@@ -48,17 +48,28 @@ elseif(isset($_GET['id']))
 $available_templates = array(
 	'createcustomer',
 	'pop_success',
-	'trafficmaxpercent',
-	'diskmaxpercent',
-	'new_ticket_by_customer',
-	'new_ticket_for_customer',
-	'new_ticket_by_staff',
-	'new_reply_ticket_by_customer',
-	'new_reply_ticket_by_staff',
 	'new_database_by_customer',
 	'new_ftpaccount_by_customer',
 	'password_reset'
 );
+
+// only show templates of features that are enabled #1191
+if ((int)$settings['system']['report_enable'] == 1) {
+	array_push($available_templates,
+		'trafficmaxpercent',
+		'diskmaxpercent'
+	);
+}
+if ((int)$settings['ticket']['enabled'] == 1) {
+	array_push($available_templates,
+		'new_ticket_by_customer',
+		'new_ticket_for_customer',
+		'new_ticket_by_staff',
+		'new_reply_ticket_by_customer',
+		'new_reply_ticket_by_staff'
+	);
+}
+
 $file_templates = array(
 	'index_html'
 );
--- a/admin_tickets.php
+++ b/admin_tickets.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'admin');
@@ -32,6 +32,22 @@ if(isset($_POST['id']))
 elseif(isset($_GET['id']))
 {
 	$id = intval($_GET['id']);
+
+	// only check if this is not a category-id
+	if (!isset($_GET['page']) || (isset($_GET['page']) && $_GET['page'] != 'categories')) {
+		if (!$userinfo['customers_see_all']) {
+			/*
+			 * Check if the current user is allowed to see the current ticket.
+			 */
+			$sql = "SELECT `id` FROM `panel_tickets` WHERE `id` = '".$id."' AND `adminid` = '".$userinfo['admindid']."'";
+
+			$result = $db->query_first($sql);
+			if ($result == null) {
+				// no rights to see the requested ticket
+				standard_error(array('ticketnotaccessible'));
+			}
+		}
+	}
 }

 if($page == 'tickets'
@@ -41,7 +57,7 @@ if($page == 'tickets'

 	$countcustomers = $db->query_first("SELECT COUNT(`customerid`) as `countcustomers` FROM `" . TABLE_PANEL_CUSTOMERS . "` " . ($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = '" . (int)$userinfo['adminid'] . "' ") . "");
 	$countcustomers = (int)$countcustomers['countcustomers'];
-	
+
 	if($action == '')
 	{
 		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_tickets");
@@ -102,16 +118,20 @@ if($page == 'tickets'
 					if($_cid != $row['customerid'])
 					{
 						$cid = $row['customerid'];
-						$usr = $db->query_first('SELECT `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
                                     WHERE `customerid` = "' . (int)$cid . '"');
-						
-						if(isset($usr['loginname'])) {
-							$customer = getCorrectFullUserDetails($usr) . ' (' . $usr['loginname'] . ')';
-							//$customer = $usr['firstname'] . " " . $usr['name'] . " (" . $usr['loginname'] . ")";
-						} else {
+
+						if(isset($usr['loginname']))
+						{
+							$customer = getCorrectFullUserDetails($usr);
+							$customerloginname =  $usr['loginname'];
+							$customerid = $usr['customerid'];
+						}
+						else
+						{
 							$customer = $lng['ticket']['nonexistingcustomer'];
 						}
-						eval("\$tickets.=\"" . getTemplate("ticket/tickets_customer") . "\";");
+						eval("\$tickets.=\"" . getTemplate("tickets/tickets_customer") . "\";");
 					}

 					$tickets_count++;
@@ -146,7 +166,7 @@ if($page == 'tickets'
 						$row['subject'] = substr($row['subject'], 0, 17) . '...';
 					}

-					eval("\$tickets.=\"" . getTemplate("ticket/tickets_tickets") . "\";");
+					eval("\$tickets.=\"" . getTemplate("tickets/tickets_tickets") . "\";");
 					$count++;
 					$_cid = $row['customerid'];
 				}
@@ -155,7 +175,7 @@ if($page == 'tickets'
 			$i++;
 		}

-		eval("echo \"" . getTemplate("ticket/tickets") . "\";");
+		eval("echo \"" . getTemplate("tickets/tickets") . "\";");
 	}
 	elseif($action == 'new')
 	{
@@ -170,7 +190,7 @@ if($page == 'tickets'
 				$newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 				$newticket->Set('category', validate($_POST['category'], 'category'), true, false);
 				$newticket->Set('customer', (int)$_POST['customer'], true, false);
-				$newticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);
+				$newticket->Set('message', validate(htmlentities(str_replace("\r\n", "\n", $_POST['message'])), 'message', '/^[^\0]*$/'), true, false);

 				if($newticket->Get('subject') == null)
 				{
@@ -199,12 +219,16 @@ if($page == 'tickets'
 			else
 			{
 				$categories = '';
-				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
+				$where = '';
+				if ($userinfo['tickets_see_all'] != '1') {
+					$where = 'WHERE `adminid` = "' . $userinfo['adminid'] . '"';
+				}
+				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` '.$where.' ORDER BY `logicalorder`, `name` ASC');

 				if(isset($result['name'])
 				   && $result['name'] != '')
 				{
-					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
+					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` '.$where.' ORDER BY `logicalorder`, `name` ASC');

 					while($row = $db->fetch_array($result2))
 					{
@@ -224,17 +248,17 @@ if($page == 'tickets'
 					$customers.= makeoption(getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
 				}

-				$priorities = makeoption($lng['ticket']['unf_high'], '1', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_normal'], '2', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_low'], '3', $settings['ticket']['default_priority']);
+				$priorities = makeoption($lng['ticket']['high'], '1', $settings['ticket']['default_priority']);
+				$priorities.= makeoption($lng['ticket']['normal'], '2', $settings['ticket']['default_priority']);
+				$priorities.= makeoption($lng['ticket']['low'], '3', $settings['ticket']['default_priority']);

-				$ticket_new_data = include_once dirname(__FILE__).'/lib/formfields/admin/ticket/formfield.ticket_new.php';
+				$ticket_new_data = include_once dirname(__FILE__).'/lib/formfields/admin/tickets/formfield.ticket_new.php';
 				$ticket_new_form = htmlform::genHTMLForm($ticket_new_data);

 				$title = $ticket_new_data['ticket_new']['title'];
 				$image = $ticket_new_data['ticket_new']['image'];

-				eval("echo \"" . getTemplate("ticket/tickets_new") . "\";");
+				eval("echo \"" . getTemplate("tickets/tickets_new") . "\";");
 			}
 		}
 		else
@@ -251,7 +275,7 @@ if($page == 'tickets'
 			$replyticket = ticket::getInstanceOf($userinfo, $db, $settings, -1);
 			$replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 			$replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
-			$replyticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);
+			$replyticket->Set('message', validate(htmlentities(str_replace("\r\n", "\n", $_POST['message'])), 'message', '/^[^\0]*$/'), true, false);

 			if($replyticket->Get('message') == null)
 			{
@@ -302,18 +326,25 @@ if($page == 'tickets'
 				$isclosed = 1;
 			}

-			if($mainticket->Get('by') == '1')
+			if ($mainticket->Get('by') == '1')
 			{
 				$by = $lng['ticket']['staff'];
 			}
 			else
 			{
-				$by = $lng['ticket']['customer'];
+				$cid = $mainticket->Get('customer');
+				$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
+						FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						WHERE `customerid` = "' . (int)$cid . '"'
+				);
+				$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">';
+				$by .= getCorrectFullUserDetails($usr).'</a>';
+				//$by = $lng['ticket']['customer'];
 			}

 			$subject = $mainticket->Get('subject');
 			$message = $mainticket->Get('message');
-			eval("\$ticket_replies.=\"" . getTemplate("ticket/tickets_tickets_main") . "\";");
+			eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_main") . "\";");
 			$result = $db->query('SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
                                WHERE `id`="' . (int)$mainticket->Get('category') . '"');
 			$row = $db->fetch_array($result);
@@ -330,12 +361,19 @@ if($page == 'tickets'
 				}
 				else
 				{
-					$by = $lng['ticket']['customer'];
+					$cid = $subticket->Get('customer');
+					$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
+						FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						WHERE `customerid` = "' . (int)$cid . '"'
+					);
+					$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">';
+					$by .= getCorrectFullUserDetails($usr).'</a>';
+					//$by = $lng['ticket']['customer'];
 				}

 				$subject = $subticket->Get('subject');
 				$message = $subticket->Get('message');
-				eval("\$ticket_replies.=\"" . getTemplate("ticket/tickets_tickets_list") . "\";");
+				eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_list") . "\";");
 			}

 			$priorities = makeoption($lng['ticket']['high'], '1', $mainticket->Get('priority'), true, true);
@@ -345,13 +383,13 @@ if($page == 'tickets'
 			$ticket_replies_count = $db->num_rows($andere) + 1;

 			// don't forget the main-ticket!
-			$ticket_reply_data = include_once dirname(__FILE__).'/lib/formfields/admin/ticket/formfield.ticket_reply.php';
+			$ticket_reply_data = include_once dirname(__FILE__).'/lib/formfields/admin/tickets/formfield.ticket_reply.php';
 			$ticket_reply_form = htmlform::genHTMLForm($ticket_reply_data);
- 
+
 			$title = $ticket_reply_data['ticket_reply']['title'];
 			$image = $ticket_reply_data['ticket_reply']['image'];

-			eval("echo \"" . getTemplate("ticket/tickets_reply") . "\";");
+			eval("echo \"" . getTemplate("tickets/tickets_reply") . "\";");
 		}
 	}
 	elseif($action == 'close'
@@ -437,11 +475,16 @@ elseif($page == 'categories'
 			'name' => $lng['ticket']['category'],
 			'logicalorder' => $lng['ticket']['logicalorder']
 		);
+
+		$where = '1'; // WHERE 1 is like no 'where-clause'
+		if ($userinfo['tickets_see_all'] != '1') {
+			$where = " `main`.`adminid` = '" . (int)$userinfo['adminid'] . "'";
+		}
 		$paging = new paging($userinfo, $db, TABLE_PANEL_TICKET_CATS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 		$result = $db->query("SELECT `main`.`id`, `main`.`name`, `main`.`logicalorder`, (
                              SELECT COUNT(`sub`.`id`) FROM `" . TABLE_PANEL_TICKETS . "` `sub`
                              WHERE `sub`.`category` = `main`.`id`
-                              AND `sub`.`answerto` = '0' AND `sub`.`adminid` = '" . $userinfo['adminid'] . "')
+                              AND `sub`.`answerto` = '0'  AND `sub`.`adminid` = '" . $userinfo['adminid'] . "')
                              as `ticketcount`, (
                              SELECT COUNT(`sub2`.`id`) FROM `" . TABLE_PANEL_TICKETS . "` `sub2`
                              WHERE `sub2`.`category` = `main`.`id`
@@ -449,7 +492,7 @@ elseif($page == 'categories'
                              AND (`sub2`.`status` = '0' OR `sub2`.`status` = '1' OR `sub2`.`status` = '2')
                              AND `sub2`.`adminid` = '" . $userinfo['adminid'] . "'
                              ) as `ticketcountnotclosed`
-                              FROM `" . TABLE_PANEL_TICKET_CATS . "` `main` WHERE `main`.`adminid` = '" . (int)$userinfo['adminid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+                              FROM `" . TABLE_PANEL_TICKET_CATS . "` `main` WHERE " . $where . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -466,14 +509,14 @@ elseif($page == 'categories'
 			{
 				$row = htmlentities_array($row);
 				$closedtickets_count = ($row['ticketcount'] - $row['ticketcountnotclosed']);
-				eval("\$ticketcategories.=\"" . getTemplate("ticket/tickets_categories") . "\";");
+				eval("\$ticketcategories.=\"" . getTemplate("tickets/tickets_categories") . "\";");
 				$count++;
 			}

 			$i++;
 		}

-		eval("echo \"" . getTemplate("ticket/categories") . "\";");
+		eval("echo \"" . getTemplate("tickets/categories") . "\";");
 	}
 	elseif($action == 'addcategory')
 	{
@@ -482,11 +525,11 @@ elseif($page == 'categories'
 		{
 			$category = validate($_POST['category'], 'category');
 			$order = validate($_POST['logicalorder'], 'logicalorder');
-			
+
 			if($order < 1 || $order >= 1000)
 			{
 				// use the latest available
-				$order = ticket::getHighestOrderNumber($db) + 1;
+				$order = ticket::getHighestOrderNumber($db, $userinfo['adminid']) + 1;
 			}

 			if($category == '')
@@ -502,15 +545,15 @@ elseif($page == 'categories'
 		}
 		else
 		{
-			$order = ticket::getHighestOrderNumber($db) + 1;
+			$order = ticket::getHighestOrderNumber($db, $userinfo['adminid']) + 1;

-			$category_new_data = include_once dirname(__FILE__).'/lib/formfields/admin/ticket/formfield.category_new.php';
+			$category_new_data = include_once dirname(__FILE__).'/lib/formfields/admin/tickets/formfield.category_new.php';
 			$category_new_form = htmlform::genHTMLForm($category_new_data);

 			$title = $category_new_data['category_new']['title'];
 			$image = $category_new_data['category_new']['image'];

-			eval("echo \"" . getTemplate("ticket/tickets_newcategory") . "\";");
+			eval("echo \"" . getTemplate("tickets/tickets_newcategory") . "\";");
 		}
 	}
 	elseif($action == 'editcategory'
@@ -542,13 +585,13 @@ elseif($page == 'categories'
 		{
 			$row = $db->query_first('SELECT * FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `id` = "' . (int)$id . '"');

-			$category_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/ticket/formfield.category_edit.php';
+			$category_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/tickets/formfield.category_edit.php';
 			$category_edit_form = htmlform::genHTMLForm($category_edit_data);

 			$title = $category_edit_data['category_edit']['title'];
 			$image = $category_edit_data['category_edit']['image'];

-			eval("echo \"" . getTemplate("ticket/tickets_editcategory") . "\";");
+			eval("echo \"" . getTemplate("tickets/tickets_editcategory") . "\";");
 		}
 	}
 	elseif($action == 'deletecategory'
@@ -597,8 +640,7 @@ elseif($page == 'archive'
 			{
 				$categories[$x] = isset($_POST['category' . $x]) ? $_POST['category' . $x] : '';
 			}
-
-			$query = ticket::getArchiveSearchStatement($subject, $priority, $fromdate, $todate, $message, $customer, $userinfo['adminid'], $categories);
+			$query = ticket::getArchiveSearchStatement($db, $subject, $priority, $fromdate, $todate, $message, $customer, $userinfo['adminid'], $categories);
 			$fields = array(
 				'lastchange' => $lng['ticket']['lastchange'],
 				'ticket_answers' => $lng['ticket']['ticket_answers'],
@@ -656,25 +698,39 @@ elseif($page == 'archive'
 				{
 					if($paging->checkDisplay($i))
 					{
-						$ticket = htmlentities_array($ticket);
 						$ticket['lastchange'] = date("d.m.y H:i", $ticket['lastchange']);

 						if($_cid != $ticket['customerid'])
 						{
 							$cid = $ticket['customerid'];
-							$usr = $db->query_first('SELECT `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
+							$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
                                       WHERE `customerid` = "' . (int)$cid . '"');
-							
-							if(isset($usr['loginname'])) {
-								$customer = getCorrectFullUserDetails($usr) . ' (' . $usr['loginname'] . ')';
-							} else {
+
+							if(isset($usr['loginname']))
+							{
+								$customer = getCorrectFullUserDetails($usr);
+								$customerloginname =  $usr['loginname'];
+								$customerid = $usr['customerid'];
+							}
+							else
+							{
 								$customer = $lng['ticket']['nonexistingcustomer'];
 							}
-							
-							eval("\$tickets.=\"" . getTemplate("ticket/tickets_customer") . "\";");
+
+							eval("\$tickets.=\"" . getTemplate("tickets/tickets_customer") . "\";");
 						}

 						$tickets_count++;
+						switch ($ticket['priority'])
+						{
+							case 1: $ticket['display'] = 'high';
+							break;
+							case 2: $ticket['display'] = 'normal';
+							break;
+							case 3: $ticket['display'] = 'low';
+							break;
+							default: $ticket['display'] = 'unknown';
+						}
 						$ticket['priority'] = ticket::getPriorityText($lng, $ticket['priority']);

 						if($ticket['lastreplier'] == '1')
@@ -690,8 +746,8 @@ elseif($page == 'archive'
 						{
 							$ticket['subject'] = substr($ticket['subject'], 0, 17) . '...';
 						}
-
-						eval("\$tickets.=\"" . getTemplate("ticket/archived_tickets") . "\";");
+						$ticket = htmlentities_array($ticket);
+						eval("\$tickets.=\"" . getTemplate("tickets/archived_tickets") . "\";");
 						$count++;
 						$_cid = $ticket['customerid'];
 					}
@@ -700,7 +756,7 @@ elseif($page == 'archive'
 				$i++;
 			}

-			eval("echo \"" . getTemplate("ticket/archivesearch") . "\";");
+			eval("echo \"" . getTemplate("tickets/archivesearch") . "\";");
 		}
 		else
 		{
@@ -729,13 +785,13 @@ elseif($page == 'archive'
 						$ticket['subject'] = substr($ticket['subject'], 0, 17) . '...';
 					}

-					eval("\$tickets.=\"" . getTemplate("ticket/archived_tickets") . "\";");
+					eval("\$tickets.=\"" . getTemplate("tickets/archived_tickets") . "\";");
 				}
 			}

-			$priorities_options = makecheckbox('priority1', $lng['ticket']['unf_high'], '1');
-			$priorities_options.= makecheckbox('priority2', $lng['ticket']['unf_normal'], '2');
-			$priorities_options.= makecheckbox('priority3', $lng['ticket']['unf_low'], '3');
+			$priorities_options = makecheckbox('priority1', $lng['ticket']['high'], '1');
+			$priorities_options.= makecheckbox('priority2', $lng['ticket']['normal'], '2');
+			$priorities_options.= makecheckbox('priority3', $lng['ticket']['low'], '3');
 			$category_options = '';
 			$ccount = 0;
 			$result = $db->query('SELECT * FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `name` ASC');
@@ -754,7 +810,7 @@ elseif($page == 'archive'
 				$customers.= makeoption(getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
 			}

-			eval("echo \"" . getTemplate("ticket/archive") . "\";");
+			eval("echo \"" . getTemplate("tickets/archive") . "\";");
 		}
 	}
 	elseif($action == 'view'
@@ -774,12 +830,19 @@ elseif($page == 'archive'
 		}
 		else
 		{
-			$by = $lng['ticket']['customer'];
+			$cid = $mainticket->Get('customer');
+			$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
+						FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						WHERE `customerid` = "' . (int)$cid . '"'
+			);
+			$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">';
+			$by .= getCorrectFullUserDetails($usr).'</a>';
+			//$by = $lng['ticket']['customer'];
 		}

 		$subject = $mainticket->Get('subject');
 		$message = $mainticket->Get('message');
-		eval("\$ticket_replies.=\"" . getTemplate("ticket/tickets_tickets_main") . "\";");
+		eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_main") . "\";");
 		$result = $db->query('SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
                              WHERE `id`="' . (int)$mainticket->Get('category') . '"');
 		$row = $db->fetch_array($result);
@@ -796,23 +859,29 @@ elseif($page == 'archive'
 			}
 			else
 			{
-				$by = $lng['ticket']['customer'];
+				$cid = $subticket->Get('customer');
+				$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
+						FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						WHERE `customerid` = "' . (int)$cid . '"'
+				);
+				$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">';
+				$by .= getCorrectFullUserDetails($usr).'</a>';
+				//$by = $lng['ticket']['customer'];
 			}

 			$subject = $subticket->Get('subject');
 			$message = $subticket->Get('message');
-			eval("\$ticket_replies.=\"" . getTemplate("ticket/tickets_tickets_list") . "\";");
+			eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_list") . "\";");
 		}

-		$priorities = makeoption($lng['ticket']['high'], '1', $mainticket->Get('priority'), true, true);
-		$priorities.= makeoption($lng['ticket']['normal'], '2', $mainticket->Get('priority'), true, true);
-		$priorities.= makeoption($lng['ticket']['low'], '3', $mainticket->Get('priority'), true, true);
+		$priorities = makeoption($lng['ticket']['high'], '1', htmlentities($mainticket->Get('priority')), true, true);
+		$priorities.= makeoption($lng['ticket']['normal'], '2', htmlentities($mainticket->Get('priority')), true, true);
+		$priorities.= makeoption($lng['ticket']['low'], '3', htmlentities($mainticket->Get('priority')), true, true);
 		$subject = $mainticket->Get('subject');
 		$ticket_replies_count = $db->num_rows($andere) + 1;

 		// don't forget the main-ticket!
-
-		eval("echo \"" . getTemplate("ticket/tickets_view") . "\";");
+		eval("echo \"" . getTemplate("tickets/tickets_view") . "\";");
 	}
 	elseif($action == 'delete'
 	       && $id != 0)
@@ -831,6 +900,6 @@ elseif($page == 'archive'
 			ask_yesno('ticket_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}
 	}
+} else {
+	standard_error('nocustomerforticket');
 }
-
-?>
--- a/admin_traffic.php
+++ b/admin_traffic.php
@@ -0,0 +1,148 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Morton Jonuschat <m.jonuschat@chrome-it.de>
+ * @license    GPLv2 http://files.syscp.org/misc/COPYING.txt
+ * @package    Panel
+ *
+ */
+
+define('AREA', 'admin');
+
+/**
+ * Include our init.php, which manages Sessions, Language etc.
+ */
+
+require ("./lib/init.php");
+
+if($action == 'logout')
+{
+	$db->query("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = '" . (int)$userinfo['adminid'] . "' AND `adminsession` = '1'");
+	redirectTo('index.php');
+	exit;
+}
+
+if(isset($_POST['id']))
+{
+	$id = intval($_POST['id']);
+}
+elseif(isset($_GET['id']))
+{
+	$id = intval($_GET['id']);
+}
+
+$months = array(
+	'0' => 'empty',
+	'1' => 'jan',
+	'2' => 'feb',
+	'3' => 'mar',
+	'4' => 'apr',
+	'5' => 'may',
+	'6' => 'jun',
+	'7' => 'jul',
+	'8' => 'aug',
+	'9' => 'sep',
+	'10' => 'oct',
+	'11' => 'nov',
+	'12' => 'dec',
+);
+
+if($page == 'overview' || $page == 'customers') 
+{
+	if($action == 'su' && $id != 0)
+	{
+		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid`='" . (int)$id . "' " . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = '" . (int)$userinfo['adminid'] . "' "));
+
+		if($result['loginname'] != '')
+		{
+			$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid`='" . (int)$userinfo['userid'] . "'");
+			$s = md5(uniqid(microtime(), 1));
+			$db->query("INSERT INTO `" . TABLE_PANEL_SESSIONS . "` (`hash`, `userid`, `ipaddress`, `useragent`, `lastactivity`, `language`, `adminsession`) VALUES ('" . $db->escape($s) . "', '" . (int)$id . "', '" . $db->escape($result['ipaddress']) . "', '" . $db->escape($result['useragent']) . "', '" . time() . "', '" . $db->escape($result['language']) . "', '0')");
+			redirectTo('customer_traffic.php', Array(
+				's' => $s
+			));
+		}
+		else
+		{
+			redirectTo('index.php', Array(
+				'action' => 'login'
+			));
+		}
+	}
+	$customerview = 1;
+	$stats_tables = '';
+	$minyear = $db->query_first("SELECT `year` FROM `". TABLE_PANEL_TRAFFIC . "` ORDER BY `year` ASC LIMIT 1");
+	if (!isset($minyear['year']) || $minyear['year'] == 0)
+	{
+		$maxyears = 0;
+	}
+	else
+	{
+		$maxyears = date("Y") - $minyear['year'];
+	}
+	for($years = 0; $years<=$maxyears; $years++) {
+		$overview['year'] = date("Y")-$years;
+		$overview['type'] = $lng['traffic']['customer'];
+		$domain_list = '';
+		$customer_name_list = $db->query("SELECT `customerid`,`company`,`name`,`firstname` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `deactivated`='0'" . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = '" . (int)$userinfo['adminid'] . "' ") . " ORDER BY name");
+		$totals = array(
+			'jan' => 0,
+			'feb' => 0,
+			'mar' => 0,
+			'apr' => 0,
+			'may' => 0,
+			'jun' => 0,
+			'jul' => 0,
+			'aug' => 0,
+			'sep' => 0,
+			'oct' => 0,
+			'nov' => 0,
+			'dec' => 0,
+		);
+		while($customer_name = $db->fetch_array($customer_name_list)) {
+			$virtual_host = array(
+				'name' => ($customer_name['company'] == '' ? $customer_name['name'] . ", " . $customer_name['firstname'] : $customer_name['company']),
+				'customerid' => $customer_name['customerid'],
+				'jan' => '-',
+				'feb' => '-',
+				'mar' => '-',
+				'apr' => '-',
+				'may' => '-',
+				'jun' => '-',
+				'jul' => '-',
+				'aug' => '-',
+				'sep' => '-',
+				'oct' => '-',
+				'nov' => '-',
+				'dec' => '-',
+			);
+			
+			$traffic_list = $db->query("SELECT month, SUM(http+ftp_up+ftp_down+mail)*1024 AS traffic FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE year = " . (date("Y")-$years) . " AND `customerid` = '" . $customer_name['customerid'] . "' GROUP BY month ORDER BY month");
+			while($traffic_month = $db->fetch_array($traffic_list)) {
+				$virtual_host[$months[(int)$traffic_month['month']]] = size_readable($traffic_month['traffic'], 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
+				$totals[$months[(int)$traffic_month['month']]] += $traffic_month['traffic'];
+			}
+			eval("\$domain_list .= sprintf(\"%s\", \"" . getTemplate("traffic/index_table_row") . "\");");
+		}
+		// sum up totals
+		$virtual_host = array(
+			'name' => $lng['traffic']['months']['total'],
+		);
+		foreach($totals as $month => $bytes) {
+			$virtual_host[$month] = ($bytes == 0 ? '-' : size_readable($bytes, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s'));
+		}
+		$customerview = 0;
+		eval("\$total_list = sprintf(\"%s\", \"" . getTemplate("traffic/index_table_row") . "\");");
+		eval("\$stats_tables .= sprintf(\"%s\", \"" . getTemplate("traffic/index_table") . "\");");
+	}
+	eval("echo \"" . getTemplate("traffic/index") . "\";");
+}
--- a/admin_updates.php
+++ b/admin_updates.php
@@ -12,14 +12,13 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'admin');
-require ("./lib/init.php");
+require('./lib/init.php');

-if($page == 'overview')
-{
+if ($page == 'overview') {
 	$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_updates");

 	/**
@@ -29,13 +28,13 @@ if($page == 'overview')
 	 */
 	if (!isFroxlor()) {
 		if (!isset($settings['panel']['version'])
-		|| $settings['panel']['version'] == ''
+			|| $settings['panel']['version'] == ''
 		) {
 			$settings['panel']['version'] = '1.4.2.1';
 			$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('panel','version','".$settings['panel']['version']."')");
 		}
 		if (!isset($settings['system']['dbversion'])
-		|| $settings['system']['dbversion'] == ''
+			|| $settings['system']['dbversion'] == ''
 		) {
 			/**
 			 * for syscp-stable (1.4.2.1) this value has to be 0
@@ -43,11 +42,9 @@ if($page == 'overview')
 			 * and the svn-version has its value in the database
 			 * -> bug #54
 			 */
-			
 			$result = $db->query_first("SELECT `value` FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `varname` = 'dbversion'");
-			
-			if(isset($result['value']))
-			{
+
+			if (isset($result['value'])) {
 				$settings['system']['dbversion'] = (int)$result['value'];
 			} else {
 				$settings['system']['dbversion'] = 0;
@@ -55,40 +52,36 @@ if($page == 'overview')
 		}
 	}

-	if(hasUpdates($version))
-	{
+	if (hasUpdates($version)) {
 		$successful_update = false;
 		$message = '';

-		if(isset($_POST['send'])
-		&& $_POST['send'] == 'send')
-		{
-			if((isset($_POST['update_preconfig'])
+		if (isset($_POST['send'])
+			&& $_POST['send'] == 'send'
+		) {
+			if ((isset($_POST['update_preconfig'])
 				&& isset($_POST['update_changesagreed'])
 				&& intval($_POST['update_changesagreed']) != 0)
 				|| !isset($_POST['update_preconfig'])
 			) {
-				eval("echo \"" . getTemplate("update/update_start") . "\";");
+				eval("echo \"" . getTemplate('update/update_start') . "\";");
 	
 				include_once './install/updatesql.php';
 	
 				$redirect_url = 'admin_index.php?s=' . $s;
-				eval("echo \"" . getTemplate("update/update_end") . "\";");
+				eval("echo \"" . getTemplate('update/update_end') . "\";");
 	
 				updateCounters();
 				inserttask('1');
 				@chmod('./lib/userdata.inc.php', 0440);
 				
 				$successful_update = true;
-			}
-			else
-			{
-				$message = '<br /><strong style="color:#ff0000;">You have to agree that you have read the update notifications.</strong>';
+			} else {
+				$message = '<br /><strong style="color: red">You have to agree that you have read the update notifications.</strong>';
 			}
 		}

-		if(!$successful_update)
-		{
+		if (!$successful_update) {
 			$current_version = $settings['panel']['version'];
 			$new_version = $version;

@@ -96,29 +89,23 @@ if($page == 'overview')
 			$ui_text = str_replace('%curversion', $current_version, $ui_text);
 			$ui_text = str_replace('%newversion', $new_version, $ui_text);
 			$update_information = $ui_text;
-			
+
 			include_once './install/updates/preconfig.php';
 			$preconfig = getPreConfig($current_version);
-			if($preconfig != '')
-			{
-				$update_information .= '<br />'.$preconfig.$message;
+			if ($preconfig != '') {
+				$update_information .= '<br />' . $preconfig . $message;
 			}
-			
+
 			$update_information .= $lng['update']['update_information']['part_b'];

-			eval("echo \"" . getTemplate("update/index") . "\";");
+			eval("echo \"" . getTemplate('update/index') . "\";");
 		}
-	}
-	else
-	{
+	} else {
 		/*
 		 * @TODO version-webcheck check here
 		 */
-
 		$success_message = $lng['update']['noupdatesavail'];
 		$redirect_url = 'admin_index.php?s=' . $s;
-		eval("echo \"" . getTemplate("update/noupdatesavail") . "\";");
+		eval("echo \"" . getTemplate('update/noupdatesavail') . "\";");
 	}
 }
-
-?>
--- a/cache/.gitignore
+++ b/cache/.gitignore
@@ -0,0 +1 @@
+*
--- a/cache/.keep
+++ b/cache/.keep
--- a/css/jquery-ui.min.css
+++ b/css/jquery-ui.min.css
--- a/css/jquery.jqplot.min.css
+++ b/css/jquery.jqplot.min.css
@@ -0,0 +1 @@
+.jqplot-target{position:relative;color:#666;font-family:"Trebuchet MS",Arial,Helvetica,sans-serif;font-size:1em}.jqplot-axis{font-size:.75em}.jqplot-xaxis{margin-top:10px}.jqplot-x2axis{margin-bottom:10px}.jqplot-yaxis{margin-right:10px}.jqplot-y2axis,.jqplot-y3axis,.jqplot-y4axis,.jqplot-y5axis,.jqplot-y6axis,.jqplot-y7axis,.jqplot-y8axis,.jqplot-y9axis,.jqplot-yMidAxis{margin-left:10px;margin-right:10px}.jqplot-axis-tick,.jqplot-xaxis-tick,.jqplot-yaxis-tick,.jqplot-x2axis-tick,.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick,.jqplot-yMidAxis-tick{position:absolute;white-space:pre}.jqplot-xaxis-tick{top:0;left:15px;vertical-align:top}.jqplot-x2axis-tick{bottom:0;left:15px;vertical-align:bottom}.jqplot-yaxis-tick{right:0;top:15px;text-align:right}.jqplot-yaxis-tick.jqplot-breakTick{right:-20px;margin-right:0;padding:1px 5px 1px 5px;z-index:2;font-size:1.5em}.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick{left:0;top:15px;text-align:left}.jqplot-yMidAxis-tick{text-align:center;white-space:nowrap}.jqplot-xaxis-label{margin-top:10px;font-size:11pt;position:absolute}.jqplot-x2axis-label{margin-bottom:10px;font-size:11pt;position:absolute}.jqplot-yaxis-label{margin-right:10px;font-size:11pt;position:absolute}.jqplot-yMidAxis-label{font-size:11pt;position:absolute}.jqplot-y2axis-label,.jqplot-y3axis-label,.jqplot-y4axis-label,.jqplot-y5axis-label,.jqplot-y6axis-label,.jqplot-y7axis-label,.jqplot-y8axis-label,.jqplot-y9axis-label{font-size:11pt;margin-left:10px;position:absolute}.jqplot-meterGauge-tick{font-size:.75em;color:#999}.jqplot-meterGauge-label{font-size:1em;color:#999}table.jqplot-table-legend{margin-top:12px;margin-bottom:12px;margin-left:12px;margin-right:12px}table.jqplot-table-legend,table.jqplot-cursor-legend{background-color:rgba(255,255,255,0.6);border:1px solid #ccc;position:absolute;font-size:.75em}td.jqplot-table-legend{vertical-align:middle}td.jqplot-seriesToggle:hover,td.jqplot-seriesToggle:active{cursor:pointer}.jqplot-table-legend .jqplot-series-hidden{text-decoration:line-through}div.jqplot-table-legend-swatch-outline{border:1px solid #ccc;padding:1px}div.jqplot-table-legend-swatch{width:0;height:0;border-top-width:5px;border-bottom-width:5px;border-left-width:6px;border-right-width:6px;border-top-style:solid;border-bottom-style:solid;border-left-style:solid;border-right-style:solid}.jqplot-title{top:0;left:0;padding-bottom:.5em;font-size:1.2em}table.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em}.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px}.jqplot-highlighter-tooltip,.jqplot-canvasOverlay-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px}.jqplot-point-label{font-size:.75em;z-index:2}td.jqplot-cursor-legend-swatch{vertical-align:middle;text-align:center}div.jqplot-cursor-legend-swatch{width:1.2em;height:.7em}.jqplot-error{text-align:center}.jqplot-error-message{position:relative;top:46%;display:inline-block}div.jqplot-bubble-label{font-size:.8em;padding-left:2px;padding-right:2px;color:rgb(20%,20%,20%)}div.jqplot-bubble-label.jqplot-bubble-label-highlight{background:rgba(90%,90%,90%,0.7)}div.jqplot-noData-container{text-align:center;background-color:rgba(96%,96%,96%,0.3)}
--- a/customer_aps.php
+++ b/customer_aps.php
@@ -14,21 +14,21 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

-// Required code
-
 define('AREA', 'customer');
-require ("./lib/init.php");
+require ('./lib/init.php');
+
 $Id = 0;
+if (isset($_GET['id'])) {
+    $Id = (int)$_GET['id'];
+}
+if (isset($_POST['id'])) {
+    $Id = (int)$_POST['id'];
+}

-if(isset($_GET['id']))$Id = (int)$_GET['id'];
-
-if(isset($_POST['id']))$Id = (int)$_POST['id'];
-eval("echo \"" . getTemplate("aps/header") . "\";");
+eval("echo \"" . getTemplate('aps/header') . "\";");
 $Aps = new ApsParser($userinfo, $settings, $db);
 $Aps->MainHandler($action);
-eval("echo \"" . getTemplate("aps/footer") . "\";");
-
-?>
+eval("echo \"" . getTemplate('aps/footer') . "\";");
--- a/customer_autoresponder.php
+++ b/customer_autoresponder.php
@@ -14,67 +14,55 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

-// Required code
-
 define('AREA', 'customer');
-require ("./lib/init.php");
+require('./lib/init.php');

-// Create new autoresponder
-
-if($action == "add")
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+if ($action == 'add') {
+	// Create new autoresponder
+	if (isset($_POST['send'])
+	   && $_POST['send'] == 'send'
+	) {
 		$account = trim($_POST['account']);
 		$subject = trim($_POST['subject']);
 		$message = trim($_POST['message']);
-		
+
 		$date_from_off = isset($_POST['date_from_off']) ? -1 : 0;
 		$date_until_off = isset($_POST['date_until_off']) ? -1 : 0;
-		
+
 		/*
-		 * @TODO validate date (DD-MM-YYYY) 
-		 */	
+		 * @TODO validate date (DD-MM-YYYY)
+		 */
 		$ts_from = -1;
 		$ts_until = -1;

-		if($date_from_off > -1)
-		{
+		if ($date_from_off > -1) {
 			$date_from = $_POST['date_from'];
 			$ts_from = mktime(0, 0, 0, substr($date_from, 3, 2), substr($date_from, 0, 2), substr($date_from, 6, 4));
 		}
-		if($date_until_off > -1)
-		{
+		if ($date_until_off > -1) {
 			$date_until = $_POST['date_until'];
 			$ts_until = mktime(0, 0, 0, substr($date_until, 3, 2), substr($date_until, 0, 2), substr($date_until, 6, 4));
 		}

-		if(empty($account)
+		if (empty($account)
 		   || empty($subject)
-		   || empty($message))
-		{
+		   || empty($message)
+		) {
 			standard_error('missingfields');
 		}

 		// Does account exist?
-
 		$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
-
-		if($db->num_rows($result) == 0)
-		{
+		if ($db->num_rows($result) == 0) {
 			standard_error('accountnotexisting');
 		}

 		// Does autoresponder exist?
-
 		$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
-
-		if($db->num_rows($result) == 1)
-		{
+		if ($db->num_rows($result) == 1) {
 			standard_error('autoresponderalreadyexists');
 		}

@@ -92,106 +80,82 @@ if($action == "add")
 	}

 	// Get accounts
-
 	$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` NOT IN (SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "`) ORDER BY email ASC");
-
-	if($db->num_rows($result) == 0)
-	{
+	if ($db->num_rows($result) == 0) {
 		standard_error('noemailaccount');
 	}

 	$accounts = '';
-
-	while($row = $db->fetch_array($result))
-	{
-		$accounts.= "<option value=\"" . $row['email'] . "\">" . $row['email'] . "</option>";
+	while ($row = $db->fetch_array($result)) {
+		$accounts .= '<option value="' . $row['email'] . '">' . $row['email'] . '</option>';
 	}
-	
+
 	$date_from_off = makecheckbox('date_from_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
 	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
-	
-	$isactive = makeyesno('active', '1', '0', '1');

-	$autoresponder_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_addautoresponder.php';
+	//$isactive = makeyesno('active', '1', '0', '1');
+
+	$autoresponder_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/autoresponder/formfield.autoresponder_add.php';
 	$autoresponder_add_form = htmlform::genHTMLForm($autoresponder_add_data);

 	$title = $autoresponder_add_data['autoresponder_add']['title'];
 	$image = $autoresponder_add_data['autoresponder_add']['image'];
-	
-	eval("echo \"" . getTemplate("email/autoresponder_add") . "\";");
-}

-// Edit autoresponder
-
-else
-
-if($action == "edit")
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+	eval("echo \"" . getTemplate('autoresponder/autoresponder_add') . "\";");
+} elseif ($action == 'edit') {
+	// Edit autoresponder
+	if (isset($_POST['send'])
+	   && $_POST['send'] == 'send'
+	) {
 		$account = trim($_POST['account']);
 		$subject = trim($_POST['subject']);
 		$message = trim($_POST['message']);

 		$date_from_off = isset($_POST['date_from_off']) ? -1 : 0;
 		$date_until_off = isset($_POST['date_until_off']) ? -1 : 0;
-				
+
 		/*
-		 * @TODO validate date (DD-MM-YYYY) 
-		 */	
+		 * @TODO validate date (DD-MM-YYYY)
+		 */
 		$ts_from = -1;
 		$ts_until = -1;

-		if($date_from_off > -1)
-		{
+		if ($date_from_off > -1) {
 			$date_from = $_POST['date_from'];
 			$ts_from = mktime(0, 0, 0, substr($date_from, 3, 2), substr($date_from, 0, 2), substr($date_from, 6, 4));
 		}
-		if($date_until_off > -1)
-		{
+		if ($date_until_off > -1) {
 			$date_until = $_POST['date_until'];
 			$ts_until = mktime(0, 0, 0, substr($date_until, 3, 2), substr($date_until, 0, 2), substr($date_until, 6, 4));
-		}	
+		}

-		if(empty($account)
+		if (empty($account)
 		   || empty($subject)
-		   || empty($message))
-		{
+		   || empty($message)
+		) {
 			standard_error('missingfields');
 		}

 		// Does account exist?
-
 		$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
-
-		if($db->num_rows($result) == 0)
+		if ($db->num_rows($result) == 0)
 		{
 			standard_error('accountnotexisting');
 		}

 		// Does autoresponder exist?
-
 		$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
-
-		if($db->num_rows($result) == 0)
-		{
+		if ($db->num_rows($result) == 0) {
 			standard_error('invalidautoresponder');
 		}

-		$ResponderActive = 0;
-
-		if(isset($_POST['active'])
-		   && $_POST['active'] == '1')
-		{
-			$ResponderActive = 1;
-		}
+		$ResponderActive = (isset($_POST['active']) && $_POST['active'] == '1') ? 1 : 0;

 		$db->query("UPDATE `" . TABLE_MAIL_AUTORESPONDER . "`
 			SET `message` = '" . $db->escape($message) . "',
 			`enabled` = '" . (int)$ResponderActive . "',
 			`date_from` = '" . (int)$ts_from . "',
-			`date_until` = '" . (int)$ts_until . "',			
+			`date_until` = '" . (int)$ts_until . "',
 			`subject` = '" . $db->escape($subject) . "'
 			WHERE `email` = '" . $db->escape($account) . "'
 			AND `customerid` = '" . $db->escape((int)$userinfo['customerid']) . "'
@@ -202,73 +166,55 @@ if($action == "edit")
 	$email = trim(htmlspecialchars($_GET['email']));

 	// Get account data
-
 	$result = $db->query("SELECT * FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($email) . "' LIMIT 0,1");
-
-	if($db->num_rows($result) == 0)
-	{
+	if ($db->num_rows($result) == 0) {
 		standard_error('invalidautoresponder');
 	}

 	$row = $db->fetch_array($result);
 	$subject = htmlspecialchars($row['subject']);
 	$message = htmlspecialchars($row['message']);
-	
+
 	$date_from = (int)$row['date_from'];
 	$date_until = (int)$row['date_until'];
-	
-	if($date_from == -1)
-	{
+
+	if ($date_from == -1) {
 		$deactivated = '-1';
 		$date_from = '';
-	}
-	else
-	{
+	} else {
 		$deactivated = '0';
 		$date_from = date('d-m-Y', $date_from);
 	}
 	$date_from_off = makecheckbox('date_from_off', $lng['panel']['not_activated'], '-1', false, $deactivated, true, true);
-	
-	if($date_until == -1)
-	{
+
+	if ($date_until == -1) {
 		$deactivated = '-1';
 		$date_until = '';
-	}
-	else
-	{
+	} else {
 		$deactivated = '0';
 		$date_until = date('d-m-Y', $date_until);
 	}
 	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, $deactivated, true, true);
-	
-	$isactive = makeyesno('active', '1', '0', $row['enabled']);

-	$autoresponder_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_editautoresponder.php';
+	//$isactive = makeyesno('active', '1', '0', $row['enabled']);
+
+	$autoresponder_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/autoresponder/formfield.autoresponder_edit.php';
 	$autoresponder_edit_form = htmlform::genHTMLForm($autoresponder_edit_data);

 	$title = $autoresponder_edit_data['autoresponder_edit']['title'];
 	$image = $autoresponder_edit_data['autoresponder_edit']['image'];

-	eval("echo \"" . getTemplate("email/autoresponder_edit") . "\";");
-}
-
-// Delete autoresponder
-
-else
-
-if($action == "delete")
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+	eval("echo \"" . getTemplate('autoresponder/autoresponder_edit') . "\";");
+} elseif ($action == 'delete') {
+	// Delete autoresponder
+	if (isset($_POST['send'])
+	   && $_POST['send'] == 'send'
+	) {
 		$account = trim($_POST['account']);

 		// Does autoresponder exist?
-
 		$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
-
-		if($db->num_rows($result) == 0)
-		{
+		if ($db->num_rows($result) == 0) {
 			standard_error('invalidautoresponder');
 		}

@@ -282,37 +228,25 @@ if($action == "delete")

 	$email = trim(htmlspecialchars($_GET['email']));
 	ask_yesno('autoresponderdelete', $filename, array('action' => $action, 'account' => $email));
-}
-
-// List existing autoresponders
-
-else 
-{
+} else {
+	// List existing autoresponders
 	$autoresponder = '';
 	$count = 0;
 	$result = $db->query("SELECT * FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' ORDER BY email ASC");

-	while($row = $db->fetch_array($result))
-	{
-		if($row['date_from'] == -1 && $row['date_until'] == -1)
-		{
+	while ($row = $db->fetch_array($result)) {
+		if ($row['date_from'] == -1 && $row['date_until'] == -1) {
 			$activated_date = $lng['panel']['not_activated'];
-		}
-		elseif($row['date_from'] == -1 && $row['date_until'] != -1)
-		{
+		} elseif($row['date_from'] == -1 && $row['date_until'] != -1) {
 			$activated_date = $lng['autoresponder']['date_until'].': '.date('d-m-Y', $row['date_until']);
-		}
-		elseif($row['date_from'] != -1 && $row['date_until'] == -1)
-		{
+		} elseif($row['date_from'] != -1 && $row['date_until'] == -1) {
 			$activated_date = $lng['autoresponder']['date_from'].': '.date('d-m-Y', $row['date_from']);
-		}	
-		else
-		{
+		} else {
 			$activated_date = date('d-m-Y', $row['date_from']) . ' - ' . date('d-m-Y', $row['date_until']);
 		}
-		eval("\$autoresponder.=\"" . getTemplate("email/autoresponder_autoresponder") . "\";");
+		eval("\$autoresponder.=\"" . getTemplate('autoresponder/autoresponder_autoresponder') . "\";");
 		$count++;
-	}	
+	}

-	eval("echo \"" . getTemplate("email/autoresponder") . "\";");
+	eval("echo \"" . getTemplate('autoresponder/autoresponder') . "\";");
 }
--- a/customer_domains.php
+++ b/customer_domains.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'customer');
@@ -45,9 +45,7 @@ elseif($page == 'domains')
 	{
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_domains::domains");
 		$fields = array(
-			'd.domain' => $lng['domains']['domainname'],
-			'd.documentroot' => $lng['panel']['path'],
-			'd.aliasdomain' => $lng['domains']['aliasdomain']
+			'd.domain' => $lng['domains']['domainname']
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_DOMAINS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 		$result = $db->query("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`caneditdomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`, `da`.`id` AS `domainaliasid`, `da`.`domain` AS `domainalias` FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id` LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `da` ON `da`.`aliasdomain`=`d`.`id` WHERE `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `d`.`email_only`='0' AND `d`.`id` <> " . (int)$userinfo['standardsubdomain'] . " " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
@@ -73,17 +71,33 @@ elseif($page == 'domains')
 				$parentdomains_count++;
 			}

-			$domains_count++;
-/*
-			$domainparts = explode('.', $row['domain']);
-			$domainparts = array_reverse($domainparts);
-			$sortkey = '';
-			foreach($domainparts as $key => $part)
-			{
-				$sortkey.= $part . '.';
+			/**
+			 * check for set ssl-certs to show different state-icons
+			 */
+			// nothing (ssl_global)
+			$row['domain_hascert'] = 0;
+			$ssl_result = $db->query_first("SELECT * FROM `".TABLE_PANEL_DOMAIN_SSL_SETTINGS."` WHERE `domainid`='".(int)$row['id']."';");
+			if (is_array($ssl_result)
+				&& isset($ssl_result['ssl_cert_file'])
+				&& $ssl_result['ssl_cert_file'] != ''
+			) {
+				// own certificate (ssl_customer_green)
+				$row['domain_hascert'] = 1;
+			} else {
+				// check if it's parent has one set (shared)
+				if ($row['parentdomainid'] != 0) {
+					$ssl_result = $db->query_first("SELECT * FROM `".TABLE_PANEL_DOMAIN_SSL_SETTINGS."` WHERE `domainid`='".(int)$row['parentdomainid']."';");
+					if (is_array($ssl_result)
+							&& isset($ssl_result['ssl_cert_file'])
+							&& $ssl_result['ssl_cert_file'] != ''
+					) {
+						// parent has a certificate (ssl_shared)
+						$row['domain_hascert'] = 2;
+					}
+				}
 			}
-			$domain_array[$sortkey] = $row;
-*/
+
+			$domains_count++;
 			$domain_array[$row['domain']] = $row;
 		}

@@ -151,6 +165,14 @@ elseif($page == 'domains')
 						$row['documentroot'] = makeCorrectDir(substr($row['documentroot'], strlen($userinfo['documentroot'])));
 					}

+					// get ssl-ips if activated
+					$show_ssledit = false;
+					if ($settings['system']['use_ssl'] == '1'
+							&& domainHasSslIpPort($row['id'])
+							&& $row['caneditdomain'] == '1'
+					) {
+						$show_ssledit = true;
+					}
 					$row = htmlentities_array($row);
 					eval("\$domains.=\"" . getTemplate("domains/domains_domain") . "\";");
 				}
@@ -196,7 +218,10 @@ elseif($page == 'domains')
 				$result = $db->query("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 				$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `subdomains_used`=`subdomains_used`-1 WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 				inserttask('1');
+
+				// Using nameserver, insert a task which rebuilds the server config
 				inserttask('4');
+
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
 			else
@@ -229,9 +254,9 @@ elseif($page == 'domains')
 				$_doredirect = false;

 				if($aliasdomain != 0)
-				{
+				{ 
 					// also check ip/port combination to be the same, #176
-					$aliasdomain_check = $db->query_first('SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\' AND `d`.`ipandport` = \''.(int)$domain_check['ipandport'].'\'');
+					$aliasdomain_check = $db->query_first("SELECT `d`.`id` FROM `" . TABLE_PANEL_DOMAINS . "` `d` , `" . TABLE_PANEL_CUSTOMERS . "` `c` , `".TABLE_DOMAINTOIP."` `dip` WHERE `d`.`aliasdomain` IS NULL AND `d`.`id` = '".(int)$aliasdomain."' AND `c`.`standardsubdomain` <> `d`.`id` AND `d`.`customerid` = '" . (int)$userinfo['customerid'] . "' AND `c`.`customerid` = `d`.`customerid` AND `d`.`id` = `dip`.`id_domain` AND `dip`.`id_ipandports` IN (SELECT `id_ipandports` FROM `".TABLE_DOMAINTOIP."` WHERE `id_domain` = '".(int)$aliasdomain."') GROUP BY `d`.`domain` ORDER BY `d`.`domain` ASC;");
 				}

 				if(isset($_POST['url'])
@@ -249,8 +274,17 @@ elseif($page == 'domains')
 				if(!preg_match('/^https?\:\/\//', $path)
 				   || !validateUrl($idna_convert->encode($path)))
 				{
-					$path = $userinfo['documentroot'] . '/' . $path;
-					$path = makeCorrectDir($path);
+					// If path is empty or '/' and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
+					// set default path to subdomain or domain name
+					if((($path == '') || ($path == '/'))
+						&& $settings['system']['documentroot_use_default_value'] == 1)
+					{
+						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $completedomain);
+					}
+					else
+					{
+						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
+					}
 					if (strstr($path, ":") !== FALSE)
 					{
 						standard_error('pathmaynotcontaincolon');
@@ -324,18 +358,18 @@ elseif($page == 'domains')
 								`customerid` = '" . (int)$userinfo['customerid'] . "',
 								`domain` = '" . $db->escape($completedomain) . "', 
 								`documentroot` = '" . $db->escape($path) . "', 
-								`ipandport` = '" . $db->escape($domain_check['ipandport']) . "', 
 								`aliasdomain` = ".(($aliasdomain != 0) ? "'" . $db->escape($aliasdomain) . "'" : "NULL") .", 
 								`parentdomainid` = '" . (int)$domain_check['id'] . "', 
 								`isemaildomain` = '" . ($domain_check['subcanemaildomain'] == '3' ? '1' : '0') . "', 
 								`openbasedir` = '" . $db->escape($domain_check['openbasedir']) . "', 
-								`openbasedir_path` = '" . $db->escape($openbasedir_path) . "', 
-								`safemode` = '" . $db->escape($domain_check['safemode']) . "', 
+								`openbasedir_path` = '" . $db->escape($openbasedir_path) . "',
 								`speciallogfile` = '" . $db->escape($domain_check['speciallogfile']) . "', 
 								`specialsettings` = '" . $db->escape($domain_check['specialsettings']) . "', 
 								`ssl_redirect` = '" . $ssl_redirect . "', 
 								`phpsettingid` = '" . $phpsid_result['phpsettingid'] . "'");

+					$result = $db->query("INSERT INTO `".TABLE_DOMAINTOIP."` (`id_domain`, `id_ipandports`) SELECT LAST_INSERT_ID(), `id_ipandports` FROM `".TABLE_DOMAINTOIP."` WHERE `id_domain` = '" . (int)$domain_check['id'] . "';");
+
 					if($_doredirect)
 					{
 						$did = $db->insert_id();
@@ -346,7 +380,10 @@ elseif($page == 'domains')
 					$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `subdomains_used`=`subdomains_used`+1 WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 					$log->logAction(USR_ACTION, LOG_INFO, "added subdomain '" . $completedomain . "'");
 					inserttask('1');
+
+					// Using nameserver, insert a task which rebuilds the server config
 					inserttask('4');
+
 					redirectTo($filename, Array('page' => $page, 's' => $s));
 				}
 			}
@@ -378,7 +415,13 @@ elseif($page == 'domains')
 					}
 				}

-				$ssl_redirect = makeyesno('ssl_redirect', '1', '0', $result['ssl_redirect']);
+				// check if we at least have one ssl-ip/port, #1179
+				$ssl_ipsandports = '';
+				$resultX = $db->query_first("SELECT COUNT(*) as countSSL FROM `panel_ipsandports` WHERE `ssl`='1'");
+				if (isset($resultX['countSSL']) && (int)$resultX['countSSL'] > 0) {
+					$ssl_ipsandports = 'notempty';
+				}
+
 				$openbasedir = makeoption($lng['domain']['docroot'], 0, NULL, true) . makeoption($lng['domain']['homedir'], 1, NULL, true);
 				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);

@@ -395,7 +438,7 @@ elseif($page == 'domains')
 	elseif($action == 'edit'
 	       && $id != 0)
 	{
-		$result = $db->query_first("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir_path`, `d`.`ipandport`, `pd`.`subcanemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd` WHERE `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `d`.`id`='" . (int)$id . "' AND ((`d`.`parentdomainid`!='0' AND `pd`.`id`=`d`.`parentdomainid`) OR (`d`.`parentdomainid`='0' AND `pd`.`id`=`d`.`id`)) AND `d`.`caneditdomain`='1'");
+		$result = $db->query_first("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`wwwserveralias`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir`, `d`.`openbasedir_path`, `pd`.`subcanemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd` WHERE `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `d`.`id`='" . (int)$id . "' AND ((`d`.`parentdomainid`!='0' AND `pd`.`id`=`d`.`parentdomainid`) OR (`d`.`parentdomainid`='0' AND `pd`.`id`=`d`.`id`)) AND `d`.`caneditdomain`='1'");
 		$alias_check = $db->query_first('SELECT COUNT(`id`) AS count FROM `' . TABLE_PANEL_DOMAINS . '` WHERE `aliasdomain`=\'' . (int)$result['id'] . '\'');
 		$alias_check = $alias_check['count'];
 		$_doredirect = false;
@@ -421,8 +464,17 @@ elseif($page == 'domains')
 				if(!preg_match('/^https?\:\/\//', $path)
 				   || !validateUrl($idna_convert->encode($path)))
 				{
-					$path = $userinfo['documentroot'] . '/' . $path;
-					$path = makeCorrectDir($path);
+					// If path is empty or '/' and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
+					// set default path to subdomain or domain name
+					if((($path == '') || ($path == '/'))
+						&& $settings['system']['documentroot_use_default_value'] == 1)
+					{
+						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $result['domain']);
+					}
+					else
+					{
+						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
+					}
 					if (strstr($path, ":") !== FALSE)
 					{
 						standard_error('pathmaynotcontaincolon');
@@ -435,15 +487,14 @@ elseif($page == 'domains')

 				$aliasdomain = intval($_POST['alias']);

-				if(isset($_POST['iswildcarddomain'])
-				   && $_POST['iswildcarddomain'] == '1'
+				if(isset($_POST['selectserveralias'])
 				   && $result['parentdomainid'] == '0'
-				){
-					$iswildcarddomain = '1';
-				}
-				else
-				{
+				) {
+					$iswildcarddomain = ($_POST['selectserveralias'] == '0') ? '1' : '0';
+					$wwwserveralias = ($_POST['selectserveralias'] == '1') ? '1' : '0';
+				} else {
 					$iswildcarddomain = '0';
+					$wwwserveralias = '0';
 				}

 				if($result['parentdomainid'] != '0'
@@ -513,15 +564,28 @@ elseif($page == 'domains')

 					if($path != $result['documentroot']
 					   || $isemaildomain != $result['isemaildomain']
+					   || $wwwserveralias != $result['wwwserveralias']
 					   || $iswildcarddomain != $result['iswildcarddomain']
 					   || $aliasdomain != $result['aliasdomain']
 					   || $openbasedir_path != $result['openbasedir_path']
 					   || $ssl_redirect != $result['ssl_redirect'])
 					{
 						$log->logAction(USR_ACTION, LOG_INFO, "edited domain '" . $idna_convert->decode($result['domain']) . "'");
-						$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `documentroot`='" . $db->escape($path) . "', `isemaildomain`='" . (int)$isemaildomain . "', `iswildcarddomain`='" . (int)$iswildcarddomain . "', `aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ",`openbasedir_path`='" . $db->escape($openbasedir_path) . "', `ssl_redirect`='" . $ssl_redirect . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+						$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
+							`documentroot`='" . $db->escape($path) . "',
+							`isemaildomain`='" . (int)$isemaildomain . "',
+							`wwwserveralias`='" . (int)$wwwserveralias . "',
+							`iswildcarddomain`='" . (int)$iswildcarddomain . "',
+							`aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ",
+							`openbasedir_path`='" . $db->escape($openbasedir_path) . "',
+							`ssl_redirect`='" . $ssl_redirect . "'
+							WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'"
+						);
 						inserttask('1');
+
+						// Using nameserver, insert a task which rebuilds the server config
 						inserttask('4');
+
 					}

 					redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -530,9 +594,10 @@ elseif($page == 'domains')
 			else
 			{
 				$result['domain'] = $idna_convert->decode($result['domain']);
+  
 				$domains = makeoption($lng['domains']['noaliasdomain'], 0, $result['aliasdomain'], true);
 				// also check ip/port combination to be the same, #176
-				$result_domains = $db->query("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`id`<>'" . (int)$result['id'] . "' AND `c`.`standardsubdomain`<>`d`.`id` AND `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `c`.`customerid`=`d`.`customerid` AND `d`.`ipandport` = '".(int)$result['ipandport']."' ORDER BY `d`.`domain` ASC");
+				$result_domains = $db->query("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d` , `" . TABLE_PANEL_CUSTOMERS . "` `c` , `".TABLE_DOMAINTOIP."` `dip` WHERE `d`.`aliasdomain` IS NULL AND `d`.`id` <> '".(int)$result['id']."' AND `c`.`standardsubdomain` <> `d`.`id` AND `d`.`customerid` = '" . (int)$userinfo['customerid'] . "' AND `c`.`customerid` = `d`.`customerid` AND `d`.`id` = `dip`.`id_domain` AND `dip`.`id_ipandports` IN (SELECT `id_ipandports` FROM `".TABLE_DOMAINTOIP."` WHERE `id_domain` = '".(int)$result['id']."') GROUP BY `d`.`domain` ORDER BY `d`.`domain` ASC");

 				while($row_domain = $db->fetch_array($result_domains))
 				{
@@ -541,10 +606,17 @@ elseif($page == 'domains')

 				if(preg_match('/^https?\:\/\//', $result['documentroot'])
 				   && validateUrl($idna_convert->encode($result['documentroot']))
-				   && $settings['panel']['pathedit'] == 'Dropdown')
-				{
-					$urlvalue = $result['documentroot'];
-					$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+				) {
+					if($settings['panel']['pathedit'] == 'Dropdown')
+					{
+						$urlvalue = $result['documentroot'];
+						$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+					}
+					else
+					{
+						$urlvalue = '';
+						$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $result['documentroot'], true);						
+					}
 				}
 				else
 				{
@@ -563,16 +635,33 @@ elseif($page == 'domains')
 					}
 				}

-				$ssl_redirect = makeyesno('ssl_redirect', '1', '0', $result['ssl_redirect']);
-				$iswildcarddomain = makeyesno('iswildcarddomain', '1', '0', $result['iswildcarddomain']);
-				$isemaildomain = makeyesno('isemaildomain', '1', '0', $result['isemaildomain']);
+				// check if we at least have one ssl-ip/port, #1179
+				$ssl_ipsandports = '';
+				$resultX = $db->query_first("SELECT COUNT(*) as countSSL FROM `panel_ipsandports` WHERE `ssl`='1'");
+				if (isset($resultX['countSSL']) && (int)$resultX['countSSL'] > 0) {
+					$ssl_ipsandports = 'notempty';
+				}
+
 				$openbasedir = makeoption($lng['domain']['docroot'], 0, $result['openbasedir_path'], true) . makeoption($lng['domain']['homedir'], 1, $result['openbasedir_path'], true);

-				$result_ipandport = $db->query_first("SELECT `ip` FROM `".TABLE_PANEL_IPSANDPORTS."` WHERE `id`='".(int)$result['ipandport']."'");
-				if(filter_var($result_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
-				{
-					$result_ipandport['ip'] = '[' . $result_ipandport['ip'] . ']';
+				// create serveralias options
+				$serveraliasoptions = "";
+				$_value = '2';
+				if ($result['iswildcarddomain'] == '1') {
+					$_value = '0';
+				} elseif ($result['wwwserveralias'] == '1') {
+					$_value = '1';
 				}
+				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_wildcard'], '0', $_value, true, true);
+				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_www'], '1', $_value, true, true);
+				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_none'], '2', $_value, true, true);
+
+				$resultips = $db->query("SELECT `p`.`ip` AS `ip` FROM `".TABLE_PANEL_IPSANDPORTS."` `p` LEFT JOIN `".TABLE_DOMAINTOIP."` `dip` ON ( `dip`.`id_ipandports` = `p`.`id` ) WHERE `dip`.`id_domain` = '".(int)$result['id']."' GROUP BY `p`.`ip`");
+				$result_ipandport['ip'] = '';
+				while ($rowip = $db->fetch_array($resultips)) {
+					$result_ipandport['ip'] .= $rowip['ip'] . "<br />";
+				}
+
 				$domainip = $result_ipandport['ip'];
 				$result = htmlentities_array($result);

@@ -591,5 +680,126 @@ elseif($page == 'domains')
 		}
 	}
 }
+elseif ($page == 'domainssleditor') {

-?>
+	if ($action == ''
+			|| $action == 'view'
+	) {
+		if (isset($_POST['send'])
+				&& $_POST['send'] == 'send'
+		) {
+
+			$ssl_cert_file = isset($_POST['ssl_cert_file']) ? $_POST['ssl_cert_file'] : '';
+			$ssl_key_file = isset($_POST['ssl_key_file']) ? $_POST['ssl_key_file'] : '';
+			$ssl_ca_file = isset($_POST['ssl_ca_file']) ? $_POST['ssl_ca_file'] : '';
+			$ssl_cert_chainfile = isset($_POST['ssl_cert_chainfile']) ? $_POST['ssl_cert_chainfile'] : '';
+			$do_insert = isset($_POST['do_insert']) ? (($_POST['do_insert'] == 1) ? true : false) : false;
+
+			if ($ssl_cert_file != '' && $ssl_key_file == '') {
+				standard_error('sslcertificateismissingprivatekey');
+			}
+
+			$do_verify = true;
+
+			// no cert-file given -> forget everything
+			if ($ssl_cert_file == '') {
+				$ssl_key_file = '';
+				$ssl_ca_file = '';
+				$ssl_cert_chainfile = '';
+				$do_verify = false;
+			}
+
+			// verify certificate content
+			if ($do_verify) {
+				// array openssl_x509_parse ( mixed $x509cert [, bool $shortnames = true ] )
+				// openssl_x509_parse() returns information about the supplied x509cert, including fields such as 
+				// subject name, issuer name, purposes, valid from and valid to dates etc.
+				$cert_content = openssl_x509_parse($ssl_cert_file);
+
+				if (is_array($cert_content)
+						&& isset($cert_content['subject'])
+						&& isset($cert_content['subject']['CN'])
+				) {
+					// TODO self-signed certs might differ and don't need/want this
+					/*
+					$domain = $db->query_first("SELECT * FROM `".TABLE_PANEL_DOMAINS."` WHERE `id`='".(int)$id."'");
+					if (strtolower($cert_content['subject']['CN']) != strtolower($idna_convert->decode($domain['domain']))) {
+						standard_error('sslcertificatewrongdomain');
+					}
+					*/
+
+					// bool openssl_x509_check_private_key ( mixed $cert , mixed $key )
+					// Checks whether the given key is the private key that corresponds to cert.
+					if (openssl_x509_check_private_key($ssl_cert_file, $ssl_key_file) === false) {
+						standard_error('sslcertificateinvalidcertkeypair');
+					}
+
+					// check optional stuff
+					if ($ssl_ca_file != '') {
+						$ca_content = openssl_x509_parse($ssl_ca_file);
+						if (!is_array($ca_content)) {
+							// invalid
+							standard_error('sslcertificateinvalidca');
+						}
+					}
+					if ($ssl_cert_chainfile != '') {
+						$chain_content = openssl_x509_parse($ssl_cert_chainfile);
+						if (!is_array($chain_content)) {
+							// invalid
+							standard_error('sslcertificateinvalidchain');
+						}
+					}
+				} else {
+					standard_error('sslcertificateinvalidcert');
+				}
+			}
+
+			// Add/Update database entry
+			$qrystart = "UPDATE ";
+			$qrywhere = "WHERE ";
+			if ($do_insert) {
+				$qrystart = "INSERT INTO ";
+				$qrywhere = ", ";
+			}
+			$db->query($qrystart." `".TABLE_PANEL_DOMAIN_SSL_SETTINGS."` SET
+					`ssl_cert_file` = '".$db->escape($ssl_cert_file)."',
+					`ssl_key_file` = '".$db->escape($ssl_key_file)."',
+					`ssl_ca_file` = '".$db->escape($ssl_ca_file)."',
+					`ssl_cert_chainfile` = '".$db->escape($ssl_cert_chainfile)."'
+					".$qrywhere." `domainid`='".(int)$id."';"
+			);
+
+			// insert task to re-generate webserver-configs (#1260)
+			inserttask('1');
+
+			// back to domain overview
+			redirectTo($filename, array('page' => 'domains', 's' => $s));
+		}
+
+		$result = $db->query_first("SELECT * FROM `".TABLE_PANEL_DOMAIN_SSL_SETTINGS."`
+			WHERE `domainid`='".(int)$id."';"
+		);
+
+		$do_insert = false;
+		// if no entry can be found, behave like we have empty values
+		if (!is_array($result) || !isset($result['ssl_cert_file'])) {
+			$result = array(
+				'ssl_cert_file' => '',
+				'ssl_key_file' => '',
+				'ssl_ca_file' => '',
+				'ssl_cert_chainfile' => ''
+			);
+			$do_insert = true;
+		}
+
+		$result = htmlentities_array($result);
+
+		$ssleditor_data = include_once dirname(__FILE__).'/lib/formfields/customer/domains/formfield.domain_ssleditor.php';
+		$ssleditor_form = htmlform::genHTMLForm($ssleditor_data);
+
+		$title = $ssleditor_data['domain_ssleditor']['title'];
+		$image = $ssleditor_data['domain_ssleditor']['image'];
+
+		eval("echo \"" . getTemplate("domains/domain_ssleditor") . "\";");
+	}
+}
--- a/customer_email.php
+++ b/customer_email.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'customer');
@@ -50,7 +50,7 @@ elseif($page == 'emails')
 			'm.destination' => $lng['emails']['forwarders']
 		);
 		$paging = new paging($userinfo, $db, TABLE_MAIL_VIRTUAL, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result = $db->query('SELECT `m`.`id`, `m`.`domainid`, `m`.`email`, `m`.`email_full`, `m`.`iscatchall`, `u`.`quota`, `m`.`destination`, `m`.`popaccountid`, `d`.`domain` FROM `' . TABLE_MAIL_VIRTUAL . '` `m` LEFT JOIN `' . TABLE_PANEL_DOMAINS . '` `d` ON (`m`.`domainid` = `d`.`id`) LEFT JOIN `' . TABLE_MAIL_USERS . '` `u` ON (`m`.`popaccountid` = `u`.`id`) WHERE `m`.`customerid`="' . $db->escape($userinfo['customerid']) . '" ' . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		$result = $db->query('SELECT `m`.`id`, `m`.`domainid`, `m`.`email`, `m`.`email_full`, `m`.`iscatchall`, `u`.`quota`, `m`.`destination`, `m`.`popaccountid`, `d`.`domain`, `u`.`mboxsize` FROM `' . TABLE_MAIL_VIRTUAL . '` `m` LEFT JOIN `' . TABLE_PANEL_DOMAINS . '` `d` ON (`m`.`domainid` = `d`.`id`) LEFT JOIN `' . TABLE_MAIL_USERS . '` `u` ON (`m`.`popaccountid` = `u`.`id`) WHERE `m`.`customerid`="' . $db->escape($userinfo['customerid']) . '" ' . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -66,6 +66,7 @@ elseif($page == 'emails')
 				$emails[$row['domain']] = array();
 			}

+			$row['mboxsize'] = size_readable($row['mboxsize']);
 			$emails[$row['domain']][$row['email_full']] = $row;
 		}

@@ -237,7 +238,7 @@ elseif($page == 'emails')
 					standard_error('emailiswrong', $email_full);
 				}

-				$email_check = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE ( `email`='" . $db->escape($email) . "' OR `email_full` = '" . $db->escape($email_full) . "' ) AND `customerid`='" . (int)$userinfo['customerid'] . "'");
+				$email_check = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE (`email` = '" . strtolower($db->escape($email)) . "' OR `email_full` = '" . strtolower($db->escape($email_full)) . "') AND `customerid`='" . (int)$userinfo['customerid'] . "'");

 				if($email == ''
 				   || $email_full == ''
@@ -253,7 +254,7 @@ elseif($page == 'emails')
 				{
 					standard_error('maindomainnonexist', $domain);
 				}
-				elseif($email_check['email_full'] == $email_full)
+				elseif(strtolower($email_check['email_full']) == strtolower($email_full))
 				{
 					standard_error('emailexistalready', $email_full);
 				}
@@ -281,9 +282,15 @@ elseif($page == 'emails')
 					$domains.= makeoption($idna_convert->decode($row['domain']), $row['domain']);
 				}

-				$iscatchall = makeyesno('iscatchall', '1', '0', '0');
+				//$iscatchall = makeyesno('iscatchall', '1', '0', '0');

 				$email_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_add.php';
+
+				if ( $settings['catchall']['catchall_enabled'] != '1' )
+				{
+					unset($email_add_data['emails_add']['sections']['section_a']['fields']['iscatchall']);
+				}
+
 				$email_add_form = htmlform::genHTMLForm($email_add_data);

 				$title = $email_add_data['emails_add']['title'];
@@ -330,6 +337,12 @@ elseif($page == 'emails')
 			$result = htmlentities_array($result);

 			$email_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_edit.php';
+
+			if ( $settings['catchall']['catchall_enabled'] != '1' )
+			{
+				unset($email_edit_data['emails_edit']['sections']['section_a']['fields']['mail_catchall']);
+			}
+
 			$email_edit_form = htmlform::genHTMLForm($email_edit_data);

 			$title = $email_edit_data['emails_edit']['title'];
@@ -341,34 +354,41 @@ elseif($page == 'emails')
 	elseif($action == 'togglecatchall'
 	       && $id != 0)
 	{
-		$result = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `popaccountid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
-
-		if(isset($result['email'])
-		   && $result['email'] != '')
+		if ( $settings['catchall']['catchall_enabled'] == '1' )
 		{
-			if($result['iscatchall'] == '1')
-			{
-				$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `email` = '" . $db->escape($result['email_full']) . "', `iscatchall` = '0' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['id'] . "'");
-			}
-			else
-			{
-				$email_parts = explode('@', $result['email_full']);
-				$email = '@' . $email_parts[1];
-				$email_check = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `email`='" . $db->escape($email) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");
+			$result = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `popaccountid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");

-				if($email_check['email'] == $email)
+			if(isset($result['email'])
+			   && $result['email'] != '')
+			{
+				if($result['iscatchall'] == '1')
 				{
-					standard_error('youhavealreadyacatchallforthisdomain');
-					exit;
+					$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `email` = '" . $db->escape($result['email_full']) . "', `iscatchall` = '0' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['id'] . "'");
 				}
 				else
 				{
-					$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `email` = '$email' , `iscatchall` = '1' WHERE `customerid`='" . $userinfo['customerid'] . "' AND `id`='" . $result['id'] . "'");
-					$log->logAction(USR_ACTION, LOG_INFO, "edited email address '" . $email . "'");
-				}
-			}
+					$email_parts = explode('@', $result['email_full']);
+					$email = '@' . $email_parts[1];
+					$email_check = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `email`='" . $db->escape($email) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");

-			redirectTo($filename, Array('page' => $page, 'action' => 'edit', 'id' => $id, 's' => $s));
+					if($email_check['email'] == $email)
+					{
+						standard_error('youhavealreadyacatchallforthisdomain');
+						exit;
+					}
+					else
+					{
+						$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `email` = '$email' , `iscatchall` = '1' WHERE `customerid`='" . $userinfo['customerid'] . "' AND `id`='" . $result['id'] . "'");
+						$log->logAction(USR_ACTION, LOG_INFO, "edited email address '" . $email . "'");
+					}
+				}
+
+				redirectTo($filename, Array('page' => $page, 'action' => 'edit', 'id' => $id, 's' => $s));
+			}
+		}
+		else
+		{
+			standard_error(array('operationnotpermitted', 'featureisdisabled'), 'Catchall');
 		}
 	}
 }
@@ -439,11 +459,42 @@ elseif($page == 'accounts')
 							$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
 						}

-						$db->query("INSERT INTO `" . TABLE_MAIL_USERS . "` (`customerid`, `email`, `username`, " . ($settings['system']['mailpwcleartext'] == '1' ? '`password`, ' : '') . " `password_enc`, `homedir`, `maildir`, `uid`, `gid`, `domainid`, `postfix`, `quota`, `imap`, `pop3`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($email_full) . "', '" . $db->escape($username) . "', " . ($settings['system']['mailpwcleartext'] == '1' ? "'" . $db->escape($password) . "'," : '') . " ENCRYPT('" . $db->escape($password) . "'), '" . $db->escape($settings['system']['vmail_homedir']) . "', '" . $db->escape($userinfo['loginname'] . '/' . $email_full . '/') . "', '" . (int)$settings['system']['vmail_uid'] . "', '" . (int)$settings['system']['vmail_gid'] . "', '" . (int)$result['domainid'] . "', 'y', '" . (int)$quota . "', '" . (int)$userinfo['imap'] . "', '" . (int)$userinfo['pop3'] . "')");
+						$cryptPassword = makeCryptPassword($password);
+
+						$email_user=substr($email_full,0,strrpos($email_full,"@"));
+						$email_domain=substr($email_full,strrpos($email_full,"@")+1);
+						$maildirname=trim($settings['system']['vmail_maildirname']);
+						// Add trailing slash to Maildir if needed
+						$maildirpath=$maildirname;
+						if (!empty($maildirname) and substr($maildirname,-1) != "/") $maildirpath.="/";
+
+						$db->query("INSERT INTO `" . TABLE_MAIL_USERS . 
+							"` (`customerid`, `email`, `username`, " . ($settings['system']['mailpwcleartext'] == '1' ? '`password`, ' : '') . " `password_enc`, `homedir`, `maildir`, `uid`, `gid`, `domainid`, `postfix`, `quota`, `imap`, `pop3`) ".
+							"VALUES (".
+							"'" . (int)$userinfo['customerid'] . "', ".
+							"'" . $db->escape($email_full) . "', ".
+							"'" . $db->escape($username) . "', " .
+							($settings['system']['mailpwcleartext'] == '1' ? "'" . $db->escape($password) . "', " : '') .
+							"'" . $db->escape($cryptPassword) . "', ".
+							"'" . $db->escape($settings['system']['vmail_homedir']) . "', '" . $db->escape($userinfo['loginname'] . '/' . $email_domain . "/" . $email_user . "/" . $maildirpath) . "', ".
+							"'" . (int)$settings['system']['vmail_uid'] . "', ".
+							"'" . (int)$settings['system']['vmail_gid'] . "', ".
+							"'" . (int)$result['domainid'] . "', ".
+							"'y', ".
+							"'" . (int)$quota . "', ".
+							"'" . (int)$userinfo['imap'] . "', ".
+							"'" . (int)$userinfo['pop3'] . "')");
+
 						$popaccountid = $db->insert_id();
 						$result['destination'].= ' ' . $email_full;
-						$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `destination` = '" . $db->escape(makeCorrectDestination($result['destination'])) . "', `popaccountid` = '" . (int)$popaccountid . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
-						$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_accounts_used`=`email_accounts_used`+1, `email_quota_used`=`email_quota_used`+" . (int)$quota . " WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
+						$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET ".
+							"`destination` = '" . $db->escape(makeCorrectDestination($result['destination'])) . "', ".
+							"`popaccountid` = '" . (int)$popaccountid . "' ".
+							"WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+						$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET ".
+							"`email_accounts_used`=`email_accounts_used`+1, ".
+							"`email_quota_used`=`email_quota_used`+" . (int)$quota . " ".
+							"WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 						$log->logAction(USR_ACTION, LOG_INFO, "added email account for '" . $email_full . "'");
 						$replace_arr = array(
 							'EMAIL' => $email_full,
@@ -462,7 +513,7 @@ elseif($page == 'accounts')
 							$mail->Subject = $mail_subject;
 							$mail->AltBody = $mail_body;
 							$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
-							$mail->AddAddress($email_full, getCorrectUserSalutation($userinfo));
+							$mail->AddAddress($email_full);
 							$mail->Send();
 						} catch(phpmailerException $e) {
 							$mailerr_msg = $e->errorMessage();
@@ -557,7 +608,8 @@ elseif($page == 'accounts')
 				$password = validatePassword($password);
 				
 				$log->logAction(USR_ACTION, LOG_NOTICE, "changed email password for '" . $result['email_full'] . "'");
-				$result = $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET " . ($settings['system']['mailpwcleartext'] == '1' ? "`password` = '" . $db->escape($password) . "', " : '') . " `password_enc`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['popaccountid'] . "'");
+				$cryptPassword = makeCryptPassword($password);
+				$result = $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET " . ($settings['system']['mailpwcleartext'] == '1' ? "`password` = '" . $db->escape($password) . "', " : '') . " `password_enc`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['popaccountid'] . "'");
 				redirectTo($filename, Array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 			}
 			else
--- a/customer_extras.php
+++ b/customer_extras.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'customer');
@@ -39,6 +39,30 @@ if($page == 'overview')
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras");
 	eval("echo \"" . getTemplate("extras/extras") . "\";");
 }
+elseif($page == 'backup')
+{
+    $log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras_backup");
+
+    $result = $db->query("SELECT `backup_enabled` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
+    $row = $db->fetch_array($result);
+
+    $backup_enabled = makeyesno('backup_enabled', '1', '0', $row['backup_enabled']);
+
+    if(isset($_POST['send']) && $_POST['send'] == 'send'){
+	$backup_enabled = ($_POST['backup_enabled'] == '1' ? '1' : '0');
+	
+        $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `backup_enabled`='" . $backup_enabled . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
+	redirectTo($filename, Array('page' => $page, 's' => $s));
+    }
+
+    $backup_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.backup.php';
+	$backup_form = htmlform::genHTMLForm($backup_data);
+
+	$title = $backup_data['backup']['title'];
+	$image = $backup_data['backup']['image'];
+    
+    eval("echo \"" . getTemplate("extras/backup") . "\";");
+}
 elseif($page == 'htpasswds')
 {
 	if($action == '')
@@ -328,18 +352,28 @@ elseif($page == 'htaccess')
 				standard_error('invalidpath');
 			}

-			if(isset($_POST['options_cgi']))
-			{
-				$options_cgi = intval($_POST['options_cgi']);
+			if(isset($_POST['options_cgi'])
+				&& (int)$_POST['options_cgi'] != 0
+			) {
+				$options_cgi = '1';
 			}
 			else
 			{
 				$options_cgi = '0';
 			} 

-			$error404path = correctErrorDocument($_POST['error404path']);
-			$error403path = correctErrorDocument($_POST['error403path']);
-			$error500path = correctErrorDocument($_POST['error500path']);
+			$error404path = '';
+			if (isset($_POST['error404path'])) {
+				$error404path = correctErrorDocument($_POST['error404path']);
+			}
+			$error403path = '';
+			if (isset($_POST['error403path'])) {
+				$error403path = correctErrorDocument($_POST['error403path']);
+			}
+			$error500path = '';
+			if (isset($_POST['error500path'])) {
+				$error500path = correctErrorDocument($_POST['error500path']);
+			}

 			if($path_dupe_check['path'] == $path)
 			{
@@ -368,9 +402,11 @@ elseif($page == 'htaccess')
 		else
 		{
 			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
-			$options_indexes = makeyesno('options_indexes', '1', '0', '0');
 			$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
+			/*
+			$options_indexes = makeyesno('options_indexes', '1', '0', '0');
 			$options_cgi = makeyesno('options_cgi', '1', '0', '0');
+			*/

 			$htaccess_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htaccess_add.php';
 			$htaccess_add_form = htmlform::genHTMLForm($htaccess_add_data);
@@ -435,9 +471,11 @@ elseif($page == 'htaccess')
 				$result['error404path'] = $result['error404path'];
 				$result['error403path'] = $result['error403path'];
 				$result['error500path'] = $result['error500path'];
-				$options_indexes = makeyesno('options_indexes', '1', '0', $result['options_indexes']);
 				$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
+				/*
+				$options_indexes = makeyesno('options_indexes', '1', '0', $result['options_indexes']);
 				$options_cgi = makeyesno('options_cgi', '1', '0', $result['options_cgi']);
+				*/
 				$result = htmlentities_array($result);

 				$htaccess_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htaccess_edit.php';
--- a/customer_ftp.php
+++ b/customer_ftp.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'customer');
@@ -22,34 +22,27 @@ define('AREA', 'customer');
 /**
 * Include our init.php, which manages Sessions, Language etc.
 */
+require('./lib/init.php');

-require ("./lib/init.php");
-
-if(isset($_POST['id']))
-{
+$id = 0;
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif(isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'overview')
-{
+if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_ftp");
-	eval("echo \"" . getTemplate("ftp/ftp") . "\";");
-}
-elseif($page == 'accounts')
-{
-	if($action == '')
-	{
+	eval("echo \"" . getTemplate('ftp/ftp') . "\";");
+} elseif ($page == 'accounts') {
+	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_ftp::accounts");
 		$fields = array(
 			'username' => $lng['login']['username'],
 			'homedir' => $lng['panel']['path']
 		);
 		$paging = new paging($userinfo, $db, TABLE_FTP_USERS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result = $db->query("SELECT `id`, `username`, `homedir` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . $userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		$result = $db->query("SELECT `id`, `username`, `homedir` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . $userinfo['customerid'] . "'  AND `username` NOT LIKE '%_backup'" . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -59,23 +52,18 @@ elseif($page == 'accounts')
 		$count = 0;
 		$accounts = '';

-		while($row = $db->fetch_array($result))
-		{
-			if($paging->checkDisplay($i))
-			{
-				if(strpos($row['homedir'], $userinfo['documentroot']) === 0)
-				{
+		while ($row = $db->fetch_array($result)) {
+			if ($paging->checkDisplay($i)) {
+				if (strpos($row['homedir'], $userinfo['documentroot']) === 0) {
 					$row['documentroot'] = substr($row['homedir'], strlen($userinfo['documentroot']));
-				}
-				else
-				{
+				} else {
 					$row['documentroot'] = $row['homedir'];
 				}

 				$row['documentroot'] = makeCorrectDir($row['documentroot']);
 				
 				$row = htmlentities_array($row);
-				eval("\$accounts.=\"" . getTemplate("ftp/accounts_account") . "\";");
+				eval("\$accounts.=\"" . getTemplate('ftp/accounts_account') . "\";");
 				$count++;
 			}

@@ -83,19 +71,16 @@ elseif($page == 'accounts')
 		}

 		$ftps_count = $db->num_rows($result);
-		eval("echo \"" . getTemplate("ftp/accounts") . "\";");
-	}
-	elseif($action == 'delete'
-	       && $id != 0)
-	{
+		eval("echo \"" . getTemplate('ftp/accounts') . "\";");
+	} elseif ($action == 'delete' && $id != 0) {
 		$result = $db->query_first("SELECT `id`, `username`, `homedir`, `up_count`, `up_bytes`, `down_count`, `down_bytes` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");

-		if(isset($result['username'])
-		   && $result['username'] != $userinfo['loginname'])
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+		if (isset($result['username'])
+		   && $result['username'] != $userinfo['loginname']
+		) {
+			if (isset($_POST['send'])
+			   && $_POST['send'] == 'send'
+			) {
 				$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `up_count`=`up_count`+'" . (int)$result['up_count'] . "', `up_bytes`=`up_bytes`+'" . (int)$result['up_bytes'] . "', `down_count`=`down_count`+'" . (int)$result['down_count'] . "', `down_bytes`=`down_bytes`+'" . (int)$result['down_bytes'] . "' WHERE `username`='" . $db->escape($userinfo['loginname']) . "'");
 				$result = $db->query_first("SELECT `username`, `homedir` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 				$db->query("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = '" . $db->escape($result['username']) . "'");
@@ -103,95 +88,70 @@ elseif($page == 'accounts')
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted ftp-account '" . $result['username'] . "'");
 				$db->query("UPDATE `" . TABLE_FTP_GROUPS . "` SET `members`=REPLACE(`members`,'," . $db->escape($result['username']) . "','') WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");

-				if($userinfo['ftps_used'] == '1')
-				{
-					$resetaccnumber = " , `ftp_lastaccountnumber`='0'";
-				}
-				else
-				{
-					$resetaccnumber = '';
-				}
+				$resetaccnumber = ($userinfo['ftps_used'] == '1') ? " , `ftp_lastaccountnumber`='0'" : '';

 				// refs #293
-				if(isset($_POST['delete_userfiles'])
-				  && (int)$_POST['delete_userfiles'] == 1)
-				{
+				if (isset($_POST['delete_userfiles'])
+				  && (int)$_POST['delete_userfiles'] == 1
+				) {
 					inserttask('8', $userinfo['loginname'], $result['homedir']);
 				}

 				$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `ftps_used`=`ftps_used`-1 $resetaccnumber WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
+			} else {
 				ask_yesno_withcheckbox('ftp_reallydelete', 'admin_customer_alsoremoveftphomedir', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username']);
 			}
-		}
-		else
-		{
+		} else {
 			standard_error('ftp_cantdeletemainaccount');
 		}
-	}
-	elseif($action == 'add')
-	{
-		if($userinfo['ftps_used'] < $userinfo['ftps']
-		   || $userinfo['ftps'] == '-1')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+	} elseif ($action == 'add') {
+		if ($userinfo['ftps_used'] < $userinfo['ftps']
+		   || $userinfo['ftps'] == '-1'
+		) {
+			if (isset($_POST['send'])
+			   && $_POST['send'] == 'send'
+			) {
+				// @FIXME use a good path-validating regex here (refs #1231)
 				$path = validate($_POST['path'], 'path');
 				$password = validate($_POST['ftp_password'], 'password');
 				$password = validatePassword($password);

-				$sendinfomail = intval($_POST['sendinfomail']);
-				if($sendinfomail != 1)
-				{
+				$sendinfomail = isset($_POST['sendinfomail']) ? 1 : 0;
+				if ($sendinfomail != 1) {
 					$sendinfomail = 0;
 				}

-				if($settings['customer']['ftpatdomain'] == '1')
-				{
+				if ($settings['customer']['ftpatdomain'] == '1') {
 					$ftpusername = validate($_POST['ftp_username'], 'username', '/^[a-zA-Z0-9][a-zA-Z0-9\-_]+\$?$/');
-					if($ftpusername == '')
-					{
+					if ($ftpusername == '') {
 						standard_error(array('stringisempty', 'username'));
 					}
 					$ftpdomain = $idna_convert->encode(validate($_POST['ftp_domain'], 'domain'));
 					$ftpdomain_check = $db->query_first("SELECT `id`, `domain`, `customerid` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain`='" . $db->escape($ftpdomain) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");
-					if($ftpdomain_check['domain'] != $ftpdomain)
-					{
+					if ($ftpdomain_check['domain'] != $ftpdomain) {
 						standard_error('maindomainnonexist', $domain);
 					}
 					$username = $ftpusername . "@" . $ftpdomain;
-				}
-				else
-				{
+				} else {
 					$username = $userinfo['loginname'] . $settings['customer']['ftpprefix'] . (intval($userinfo['ftp_lastaccountnumber']) + 1);
 				}
 				
 				$username_check = $db->query_first('SELECT * FROM `' . TABLE_FTP_USERS .'` WHERE `username` = \'' . $db->escape($username) . '\'');
 				
-				if(!empty($username_check) && $username_check['username'] = $username)
-				{
+				if (!empty($username_check) && $username_check['username'] = $username) {
 					standard_error('usernamealreadyexists', $username);
-				}
-				elseif($password == '')
-				{
+				} elseif ($password == '') {
 					standard_error(array('stringisempty', 'mypassword'));
-				}
-				elseif($path == '')
-				{
+				} elseif ($path == '') {
 					standard_error('patherror');
-				}
-				else
-				{
+				} else {
 					$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
-					
-					$db->query("INSERT INTO `" . TABLE_FTP_USERS . "` (`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', ENCRYPT('" . $db->escape($password) . "'), '" . $db->escape($path) . "', 'y', '" . (int)$userinfo['guid'] . "', '" . (int)$userinfo['guid'] . "')");
+
+					$cryptPassword = makeCryptPassword($password);
+					$db->query("INSERT INTO `" . TABLE_FTP_USERS . "` (`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', '" . $db->escape($cryptPassword) . "', '" . $db->escape($path) . "', 'y', '" . (int)$userinfo['guid'] . "', '" . (int)$userinfo['guid'] . "')");
 					$result = $db->query("SELECT `bytes_in_used` FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = '" . $userinfo['loginname'] . "'");
-					while($row = $db->fetch_array($result))
-					{
+					while ($row = $db->fetch_array($result)) {
 						$db->query("INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` (`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`) VALUES ('" . $db->escape($username) . "', 'user', '" . $db->escape($row['bytes_in_used']) . "', '0', '0', '0', '0', '0')");
 					}
 					$db->query("UPDATE `" . TABLE_FTP_GROUPS . "` SET `members`=CONCAT_WS(',',`members`,'" . $db->escape($username) . "') WHERE `customerid`='" . $userinfo['customerid'] . "' AND `gid`='" . (int)$userinfo['guid'] . "'");
@@ -200,10 +160,10 @@ elseif($page == 'accounts')
 					$log->logAction(USR_ACTION, LOG_INFO, "added ftp-account '" . $username . " (" . $path . ")'");
 					inserttask(5);

-					if($sendinfomail == 1)
-					{
+					if ($sendinfomail == 1) {
 						$replace_arr = array(
-							'CUST_NAME' => getCorrectUserSalutation($userinfo),
+							'SALUTATION' => getCorrectUserSalutation($userinfo),
+							'CUST_NAME' => getCorrectUserSalutation($userinfo), // < keep this for compatibility
 							'USR_NAME' => $username,
 							'USR_PASS' => $password,
 							'USR_PATH' => makeCorrectDir(substr($path, strlen($userinfo['documentroot'])))
@@ -240,35 +200,29 @@ elseif($page == 'accounts')

 					redirectTo($filename, Array('page' => $page, 's' => $s));
 				}
-			}
-			else
-			{
+			} else {
 				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], '/');

-				if($settings['customer']['ftpatdomain'] == '1')
-				{
+				if ($settings['customer']['ftpatdomain'] == '1') {
 					$domainlist = array();
 					$domains = '';

 					$result_domains = $db->query("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");

-					while($row_domain = $db->fetch_array($result_domains))
-					{
+					while ($row_domain = $db->fetch_array($result_domains)) {
 						$domainlist[] =  $row_domain['domain'];
 					}

 					sort($domainlist);

-					if(isset($domainlist[0]) && $domainlist[0] != '')
-					{
-						foreach($domainlist as $dom)
-						{
+					if (isset($domainlist[0]) && $domainlist[0] != '') {
+						foreach ($domainlist as $dom) {
 							$domains .= makeoption($idna_convert->decode($dom), $dom);
 						}
 					}
 				}

-				$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');
+				//$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');

 				$ftp_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/ftp/formfield.ftp_add.php';
 				$ftp_add_form = htmlform::genHTMLForm($ftp_add_data);
@@ -276,54 +230,51 @@ elseif($page == 'accounts')
 				$title = $ftp_add_data['ftp_add']['title'];
 				$image = $ftp_add_data['ftp_add']['image'];

-				eval("echo \"" . getTemplate("ftp/accounts_add") . "\";");
+				eval("echo \"" . getTemplate('ftp/accounts_add') . "\";");
 			}
 		}
-	}
-	elseif($action == 'edit'
-	       && $id != 0)
-	{
+	} elseif ($action == 'edit' && $id != 0) {
 		$result = $db->query_first("SELECT `id`, `username`, `homedir`, `uid`, `gid` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");

-		if(isset($result['username'])
-		   && $result['username'] != '')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+		if (isset($result['username'])
+		   && $result['username'] != ''
+		) {
+			if (isset($_POST['send'])
+			   && $_POST['send'] == 'send'
+			) {
+				// @FIXME use a good path-validating regex here (refs #1231)
 				$path = validate($_POST['path'], 'path');
 				
 				$_setnewpass = false;
-				if(isset($_POST['ftp_password']) && $_POST['ftp_password'] != '')
-				{
+				if (isset($_POST['ftp_password']) && $_POST['ftp_password'] != '') {
 					$password = validate($_POST['ftp_password'], 'password');
 					$password = validatePassword($password);
 					$_setnewpass = true;
 				}

-				if($_setnewpass)
-				{
-					if($password == '')
-					{
+				if ($_setnewpass) {
+					if ($password == '') {
 						standard_error(array('stringisempty', 'mypassword'));
 						exit;
 					}
-					else
-					{
-						$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account password for '" . $result['username'] . "'");
-						$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+					$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account password for '" . $result['username'] . "'");
+					$cryptPassword = makeCryptPassword($password);
+					$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+						
+					// also update customers backup user password if password of main ftp user is changed
+					if(!preg_match('/' . $settings['customer']['ftpprefix'] . '/', $result['username'])){
+					    $db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `username`='" . $result['username'] . "_backup'");
 					}
 				}
 				
-				if($path != '')
-				{
+				if ($path != '') {
 					$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
-					
-					if($path != $result['homedir'])
-					{
-						if(!file_exists($path))
-						{
-							mkDirWithCorrectOwnership($userinfo['documentroot'], $path, $result['uid'], $result['gid']);
+
+					if ($path != $result['homedir']) {
+						if (!file_exists($path)) {
+							// it's the task for "new ftp" but that will 
+							// create all directories and correct their permissions
+							inserttask(5);
 						}

 						$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account homdir for '" . $result['username'] . "'");
@@ -332,30 +283,23 @@ elseif($page == 'accounts')
 				}

 				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
-				if(strpos($result['homedir'], $userinfo['documentroot']) === 0)
-				{
+			} else {
+				if (strpos($result['homedir'], $userinfo['documentroot']) === 0) {
 					$homedir = substr($result['homedir'], strlen($userinfo['documentroot']));
-				}
-				else
-				{
+				} else {
 					$homedir = $result['homedir'];
 				}
 				$homedir = makeCorrectDir($homedir);

 				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $homedir);

-				if($settings['customer']['ftpatdomain'] == '1')
-				{
+				if ($settings['customer']['ftpatdomain'] == '1') {
 					$domains = '';

 					$result_domains = $db->query("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");

-					while($row_domain = $db->fetch_array($result_domains))
-					{
-						$domains.= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['domain']);
+					while ($row_domain = $db->fetch_array($result_domains)) {
+						$domains .= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['domain']);
 					}
 				}

@@ -365,10 +309,8 @@ elseif($page == 'accounts')
 				$title = $ftp_edit_data['ftp_edit']['title'];
 				$image = $ftp_edit_data['ftp_edit']['image'];

-				eval("echo \"" . getTemplate("ftp/accounts_edit") . "\";");
+				eval("echo \"" . getTemplate('ftp/accounts_edit') . "\";");
 			}
 		}
 	}
 }
-
-?>
--- a/customer_index.php
+++ b/customer_index.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'customer');
@@ -22,40 +22,32 @@ define('AREA', 'customer');
 /**
 * Include our init.php, which manages Sessions, Language etc.
 */
+require('./lib/init.php');

-require ("./lib/init.php");
+if ($action == 'logout') {
+	$log->logAction(USR_ACTION, LOG_NOTICE, 'logged out');

-if($action == 'logout')
-{
-	$log->logAction(USR_ACTION, LOG_NOTICE, "logged out");
-
-	if($settings['session']['allow_multiple_login'] == '1')
-	{
-		$db->query("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = '" . (int)$userinfo['customerid'] . "' AND `adminsession` = '0' AND `hash` = '" . $s . "'");
+        $query = "DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = '" . (int)$userinfo['customerid'] . "' AND `adminsession` = '0'";
+	if ($settings['session']['allow_multiple_login'] == '1') {
+		$query .= " AND `hash` = '" . $s . "'";
 	}
-	else
-	{
-		$db->query("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = '" . (int)$userinfo['customerid'] . "' AND `adminsession` = '0'");
-	}
-
+	$db->query($query);
 	redirectTo('index.php');
 	exit;
 }

-if($page == 'overview')
-{
+if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_index");
 	$domains = '';
 	$result = $db->query("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `parentdomainid`='0' AND `id` <> '" . (int)$userinfo['standardsubdomain'] . "' ");
 	$domainArray = array();

-	while($row = $db->fetch_array($result))
-	{
+	while ($row = $db->fetch_array($result)) {
 		$domainArray[] = $idna_convert->decode($row['domain']);
 	}

 	natsort($domainArray);
-	$domains = implode(', ', $domainArray);
+	$domains = implode(',<br />', $domainArray);
 	$userinfo['email'] = $idna_convert->decode($userinfo['email']);
 	$yesterday = time() - (60 * 60 * 24);
 	$month = date('M Y', $yesterday);
@@ -68,76 +60,46 @@ if($page == 'overview')
 	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
 	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
 	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps tickets subdomains aps_packages');
-	$opentickets = 0;
-	$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
-                                   WHERE `customerid` = "' . $userinfo['customerid'] . '"
-                                   AND `answerto` = "0"
-                                   AND (`status` = "0" OR `status` = "2")
-                                   AND `lastreplier`="1"');
-	$awaitingtickets = $opentickets['count'];
-	$awaitingtickets_text = '';

-	if($opentickets > 0)
-	{
-		$awaitingtickets_text = strtr($lng['ticket']['awaitingticketreply'], array('%s' => '<a href="customer_tickets.php?page=tickets&amp;s=' . $s . '">' . $opentickets['count'] . '</a>'));
-	}
-
-	eval("echo \"" . getTemplate("index/index") . "\";");
-}
-elseif($page == 'change_password')
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+	eval("echo \"" . getTemplate('index/index') . "\";");
+} elseif ($page == 'change_password') {
+	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$old_password = validate($_POST['old_password'], 'old password');
-
-		if(md5($old_password) != $userinfo['password'])
-		{
+		if (md5($old_password) != $userinfo['password']) {
 			standard_error('oldpasswordnotcorrect');
 			exit;
 		}

-		$new_password = validate($_POST['new_password'], 'new password');
-		$new_password_confirm = validate($_POST['new_password_confirm'], 'new password confirm');
+		$new_password = validatePassword($_POST['new_password'], 'new password');
+		$new_password_confirm = validatePassword($_POST['new_password_confirm'], 'new password confirm');

-		if($old_password == '')
-		{
+		if ($old_password == '') {
 			standard_error(array('stringisempty', 'oldpassword'));
-		}
-		elseif($new_password == '')
-		{
+		} elseif($new_password == '') {
 			standard_error(array('stringisempty', 'newpassword'));
-		}
-		elseif($new_password_confirm == '')
-		{
+		} elseif($new_password_confirm == '') {
 			standard_error(array('stringisempty', 'newpasswordconfirm'));
-		}
-		elseif($new_password != $new_password_confirm)
-		{
+		} elseif($new_password != $new_password_confirm) {
 			standard_error('newpasswordconfirmerror');
-		}
-		else
-		{
+		} else {
 			$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `password`='" . md5($new_password) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `password`='" . md5($old_password) . "'");
 			$log->logAction(USR_ACTION, LOG_NOTICE, 'changed password');

-			if(isset($_POST['change_main_ftp'])
-			   && $_POST['change_main_ftp'] == 'true')
-			{
-				$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`=ENCRYPT('" . $db->escape($new_password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `username`='" . $db->escape($userinfo['loginname']) . "'");
+			if (isset($_POST['change_main_ftp'])
+			   && $_POST['change_main_ftp'] == 'true'
+			) {
+				$cryptPassword = makeCryptPassword($new_password);
+				$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `username`='" . $db->escape($userinfo['loginname']) . "'");
 				$log->logAction(USR_ACTION, LOG_NOTICE, 'changed main ftp password');
 			}

-			if(isset($_POST['change_webalizer'])
-			   && $_POST['change_webalizer'] == 'true')
-			{
-				if(CRYPT_STD_DES == 1)
-				{
+			if (isset($_POST['change_webalizer'])
+			   && $_POST['change_webalizer'] == 'true'
+			) {
+				if (CRYPT_STD_DES == 1) {
 					$saltfordescrypt = substr(md5(uniqid(microtime(), 1)), 4, 2);
 					$new_webalizer_password = crypt($new_password, $saltfordescrypt);
-				}
-				else
-				{
+				} else {
 					$new_webalizer_password = crypt($new_password);
 				}

@@ -146,72 +108,52 @@ elseif($page == 'change_password')

 			redirectTo($filename, Array('s' => $s));
 		}
+	} else {
+		eval("echo \"" . getTemplate('index/change_password') . "\";");
 	}
-	else
-	{
-		eval("echo \"" . getTemplate("index/change_password") . "\";");
-	}
-}
-elseif($page == 'change_language')
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+} elseif ($page == 'change_language') {
+	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$def_language = validate($_POST['def_language'], 'default language');
-
-		if(isset($languages[$def_language]))
-		{
+		if (isset($languages[$def_language])) {
 			$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `def_language`='" . $db->escape($def_language) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 			$db->query("UPDATE `" . TABLE_PANEL_SESSIONS . "` SET `language`='" . $db->escape($def_language) . "' WHERE `hash`='" . $db->escape($s) . "'");
 			$log->logAction(USR_ACTION, LOG_NOTICE, "changed default language to '" . $def_language . "'");
 		}

 		redirectTo($filename, Array('s' => $s));
-	}
-	else
-	{
-		$language_options = '';
-
+	} else {
 		$default_lang = $settings['panel']['standardlanguage'];
-		if($userinfo['def_language'] != '') { 
+		if ($userinfo['def_language'] != '') { 
 			$default_lang = $userinfo['def_language'];
 		}

-		while(list($language_file, $language_name) = each($languages))
-		{
-			$language_options.= makeoption($language_name, $language_file, $default_lang, true);
+		$language_options = '';
+		while (list($language_file, $language_name) = each($languages)) {
+			$language_options .= makeoption($language_name, $language_file, $default_lang, true);
 		}

-		eval("echo \"" . getTemplate("index/change_language") . "\";");
+		eval("echo \"" . getTemplate('index/change_language') . "\";");
 	}
-}
-elseif($page == 'change_theme')
-{
-	if(isset($_POST['send'])
-		&& $_POST['send'] == 'send'
-	) {
+} elseif ($page == 'change_theme') {
+	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$theme = validate($_POST['theme'], 'theme');
 
 		$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `theme`='" . $db->escape($theme) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 		$db->query("UPDATE `" . TABLE_PANEL_SESSIONS . "` SET `theme`='" . $db->escape($theme) . "' WHERE `hash`='" . $db->escape($s) . "'");
 		$log->logAction(USR_ACTION, LOG_NOTICE, "changed default theme to '" . $theme . "'");
 		redirectTo($filename, Array('s' => $s));
-	}
-	else
-	{
-		$theme_options = '';
-
+	} else {
 		$default_theme = $settings['panel']['default_theme'];
-		if($userinfo['theme'] != '') {
+		if ($userinfo['theme'] != '') {
 			$default_theme = $userinfo['theme'];
 		}

+		$theme_options = '';
 		$themes_avail = getThemes();
-		foreach($themes_avail as $t)
-		{
-			$theme_options.= makeoption($t, $t, $default_theme, true);
+		foreach ($themes_avail as $t) {
+			$theme_options .= makeoption($t, $t, $default_theme, true);
 		}

-		eval("echo \"" . getTemplate("index/change_theme") . "\";");
+		eval("echo \"" . getTemplate('index/change_theme') . "\";");
 	}
 }
--- a/customer_mysql.php
+++ b/customer_mysql.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'customer');
@@ -22,30 +22,22 @@ define('AREA', 'customer');
 /**
 * Include our init.php, which manages Sessions, Language etc.
 */
-
 $need_db_sql_data = true;
 $need_root_db_sql_data = true;
-require ("./lib/init.php");
+require('./lib/init.php');

-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif(isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'overview')
-{
+if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_mysql");
 	$lng['mysql']['description'] = str_replace('<SQL_HOST>', $sql['host'], $lng['mysql']['description']);
-	eval("echo \"" . getTemplate("mysql/mysql") . "\";");
-}
-elseif($page == 'mysqls')
-{
-	if($action == '')
-	{
+	eval("echo \"" . getTemplate('mysql/mysql') . "\";");
+} elseif($page == 'mysqls') {
+	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_mysql::mysqls");
 		$fields = array(
 			'databasename' => $lng['mysql']['databasename'],
@@ -62,125 +54,117 @@ elseif($page == 'mysqls')
 		$count = 0;
 		$mysqls = '';

-		while($row = $db->fetch_array($result))
-		{
-			if($paging->checkDisplay($i))
-			{
+		// Begin root-session
+		$db_root = new db($sql_root[0]['host'], $sql_root[0]['user'], $sql_root[0]['password'], '');
+		while ($row = $db->fetch_array($result)) {
+			if ($paging->checkDisplay($i)) {
 				$row = htmlentities_array($row);
-				eval("\$mysqls.=\"" . getTemplate("mysql/mysqls_database") . "\";");
+				$mbdata = $db_root->query_first("SELECT SUM( data_length + index_length) / 1024 / 1024 'MB' FROM information_schema.TABLES WHERE table_schema = '" . $db_root->escape($row['databasename']) . "' GROUP BY table_schema ;");
+				$row['size'] = number_format($mbdata['MB'], 3, '.', '');
+				eval("\$mysqls.=\"" . getTemplate('mysql/mysqls_database') . "\";");
 				$count++;
 			}
-
 			$i++;
 		}
+		$db_root->close();
+		// End root-session

 		$mysqls_count = $db->num_rows($result);
-		eval("echo \"" . getTemplate("mysql/mysqls") . "\";");
-	}
-	elseif($action == 'delete'
-	       && $id != 0)
-	{
+		eval("echo \"" . getTemplate('mysql/mysqls') . "\";");
+	} elseif($action == 'delete' && $id != 0) {
 		$result = $db->query_first('SELECT `id`, `databasename`, `description`, `dbserver` FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int)$userinfo['customerid'] . '" AND `id`="' . (int)$id . '"');

-		if(isset($result['databasename'])
-		   && $result['databasename'] != '')
-		{
-			if(!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']]))
-			{
+		if (isset($result['databasename'])
+		   && $result['databasename'] != ''
+		) {
+			if (!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']])) {
 				$result['dbserver'] = 0;
 			}

-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+			if (isset($_POST['send'])
+			   && $_POST['send'] == 'send'
+			) {
 				// Begin root-session
-
 				$db_root = new db($sql_root[$result['dbserver']]['host'], $sql_root[$result['dbserver']]['user'], $sql_root[$result['dbserver']]['password'], '');
-				unset($db_root->password);
-				foreach(array_map('trim', array_unique(explode(',', $settings['system']['mysql_access_host']))) as $mysql_access_host)
-				{
-					$db_root->query('REVOKE ALL PRIVILEGES ON * . * FROM `' . $db_root->escape($result['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
-					$db_root->query('REVOKE ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($result['databasename'])) . '` . * FROM `' . $db_root->escape($result['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
-					$db_root->query('DELETE FROM `mysql`.`user` WHERE `User` = "' . $db_root->escape($result['databasename']) . '" AND `Host` = "' . $db_root->escape($mysql_access_host) . '"');
+				$log->logAction(USR_ACTION, LOG_INFO, "deleted database '" . $result['databasename'] . "'");
+				if (mysql_get_server_info() < '5.0.2') { 
+					// Revoke privileges (only required for MySQL 4.1.2 - 5.0.1)
+					$db_root->query('REVOKE ALL PRIVILEGES, GRANT OPTION FROM \'' . $db_root->escape($result['databasename']) .'\'',false,true);
+				}
+
+				$host_res = $db_root->query("SELECT `Host` FROM `mysql`.`user` WHERE `User`='" . $db_root->escape($result['databasename']) . "'");
+				while ($host = $db_root->fetch_array($host_res)) {
+					// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
+					$db_root->query('DROP USER \'' . $db_root->escape($result['databasename']). '\'@\'' . $db_root->escape($host['Host']) . '\'', false, true);
 				}

 				$db_root->query('DROP DATABASE IF EXISTS `' . $db_root->escape($result['databasename']) . '`');
 				$db_root->query('FLUSH PRIVILEGES');
 				$db_root->close();
-
 				// End root-session

 				$db->query('DELETE FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int)$userinfo['customerid'] . '" AND `id`="' . (int)$id . '"');

-				if($userinfo['mysqls_used'] == '1')
-				{
-					$resetaccnumber = " , `mysql_lastaccountnumber`='0' ";
-				}
-				else
-				{
-					$resetaccnumber = '';
-				}
+				$resetaccnumber = ($userinfo['mysqls_used'] == '1') ? " , `mysql_lastaccountnumber`='0' " : '';

 				$result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`-1 ' . $resetaccnumber . 'WHERE `customerid`="' . (int)$userinfo['customerid'] . '"');
 				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
+			} else {
 				$dbnamedesc = $result['databasename'];
-				if(isset($result['description']) && $result['description'] != '') {
-					$dbnamedesc.= ' ('.$result['description'].')';
+				if (isset($result['description']) && $result['description'] != '') {
+					$dbnamedesc .= ' ('.$result['description'].')';
 				}
 				ask_yesno('mysql_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $dbnamedesc);
 			}
 		}
-	}
-	elseif($action == 'add')
-	{
-		if($userinfo['mysqls_used'] < $userinfo['mysqls']
-		   || $userinfo['mysqls'] == '-1')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+	} elseif ($action == 'add') {
+		if ($userinfo['mysqls_used'] < $userinfo['mysqls']
+		   || $userinfo['mysqls'] == '-1'
+		) {
+			if (isset($_POST['send'])
+			   && $_POST['send'] == 'send'
+			) {
 				$password = validate($_POST['mysql_password'], 'password');
 				$password = validatePassword($password);

-				$sendinfomail = intval($_POST['sendinfomail']);
-				if($sendinfomail != 1)
-				{
+				$sendinfomail = isset($_POST['sendinfomail']) ? 1 : 0;
+				if ($sendinfomail != 1) {
 					$sendinfomail = 0;
 				}

-				if($password == '')
-				{
+				if ($password == '') {
 					standard_error(array('stringisempty', 'mypassword'));
-				}
-				else
-				{
-					$username = $userinfo['loginname'] . $settings['customer']['mysqlprefix'] . (intval($userinfo['mysql_lastaccountnumber']) + 1);
-
-					if(count($sql_root) > 1)
-					{
+				} else {
+					$dbserver = 0;
+					if (count($sql_root) > 1) {
 						$dbserver = validate($_POST['mysql_server'], html_entity_decode($lng['mysql']['mysql_server']), '', '', 0);
-
-						if(!isset($sql_root[$dbserver]) || !is_array($sql_root[$dbserver]))
-						{
+						if (!isset($sql_root[$dbserver]) || !is_array($sql_root[$dbserver])) {
 							$dbserver = 0;
 						}
 					}
-					else
-					{
-						$dbserver = 0;
-					}
+					
+					// validate description before actual adding the database, #1052
+					$databasedescription = validate(trim($_POST['description']), 'description');

 					// Begin root-session
-
 					$db_root = new db($sql_root[$dbserver]['host'], $sql_root[$dbserver]['user'], $sql_root[$dbserver]['password'], '');
-					unset($db_root->password);
+
+					if (strtoupper($settings['customer']['mysqlprefix']) == 'RANDOM') {
+						$result = $db_root->query('SELECT `User` FROM mysql.user');
+						while ($row = $db_root->fetch_array($result)) {
+							$allsqlusers[] = $row[User];
+						}
+						$username = $userinfo['loginname'] . '-' . substr(md5(uniqid(microtime(), 1)), 20, 3);
+						while (in_array($username , $allsqlusers)) {
+							$username = $userinfo['loginname'] . '-' . substr(md5(uniqid(microtime(), 1)), 20, 3);
+						}
+					} else {
+						$username = $userinfo['loginname'] . $settings['customer']['mysqlprefix'] . (intval($userinfo['mysql_lastaccountnumber']) + 1);
+					}
+
 					$db_root->query('CREATE DATABASE `' . $db_root->escape($username) . '`');
 					$log->logAction(USR_ACTION, LOG_INFO, "created database '" . $username . "'");
-					foreach(array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host)
-					{
+					foreach (array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host) {
 						$db_root->query('GRANT ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($username)) . '`.* TO `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '` IDENTIFIED BY \'password\'');
 						$db_root->query('SET PASSWORD FOR `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '` = PASSWORD(\'' . $db_root->escape($password) . '\')');
 						$log->logAction(USR_ACTION, LOG_NOTICE, "grant all privileges for '" . $username . "'@'" . $mysql_access_host . "'");
@@ -188,24 +172,21 @@ elseif($page == 'mysqls')

 					$db_root->query('FLUSH PRIVILEGES');
 					$db_root->close();
-
 					// End root-session
-					// Statement modifyed for Database description -- PH 2004-11-29

-					$databasedescription = validate($_POST['description'], 'description');
+					// Statement modified for Database description -- PH 2004-11-29
 					$result = $db->query('INSERT INTO `' . TABLE_PANEL_DATABASES . '` (`customerid`, `databasename`, `description`, `dbserver`) VALUES ("' . (int)$userinfo['customerid'] . '", "' . $db->escape($username) . '", "' . $db->escape($databasedescription) . '", "' . $db->escape($dbserver) . '")');
 					$result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`+1, `mysql_lastaccountnumber`=`mysql_lastaccountnumber`+1 WHERE `customerid`="' . (int)$userinfo['customerid'] . '"');

-					if($sendinfomail == 1)
-					{
+					if ($sendinfomail == 1) {
 						$pma = $lng['admin']['notgiven'];
-						if($settings['panel']['phpmyadmin_url'] != '')
-						{
+						if ($settings['panel']['phpmyadmin_url'] != '') {
 							$pma = $settings['panel']['phpmyadmin_url'];
 						}

 						$replace_arr = array(
-							'CUST_NAME' => getCorrectUserSalutation($userinfo),
+							'SALUTATION' => getCorrectUserSalutation($userinfo),
+							'CUST_NAME' => getCorrectUserSalutation($userinfo), // < keep this for compatibility
 							'DB_NAME' => $username,
 							'DB_PASS' => $password,
 							'DB_DESC' => $databasedescription,
@@ -244,17 +225,14 @@ elseif($page == 'mysqls')

 					redirectTo($filename, Array('page' => $page, 's' => $s));
 				}
-			}
-			else
-			{
+			} else {
 				$mysql_servers = '';

-				foreach($sql_root as $mysql_server => $mysql_server_details)
-				{
+				foreach ($sql_root as $mysql_server => $mysql_server_details) {
 					$mysql_servers .= makeoption($mysql_server_details['caption'], $mysql_server);
 				}

-				$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');
+				//$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');

 				$mysql_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/mysql/formfield.mysql_add.php';
 				$mysql_add_form = htmlform::genHTMLForm($mysql_add_data);
@@ -262,67 +240,53 @@ elseif($page == 'mysqls')
 				$title = $mysql_add_data['mysql_add']['title'];
 				$image = $mysql_add_data['mysql_add']['image'];

-				eval("echo \"" . getTemplate("mysql/mysqls_add") . "\";");
+				eval("echo \"" . getTemplate('mysql/mysqls_add') . "\";");
 			}
 		}
-	}
-	elseif($action == 'edit'
-	       && $id != 0)
-	{
+	} elseif ($action == 'edit' && $id != 0) {
 		$result = $db->query_first('SELECT `id`, `databasename`, `description`, `dbserver` FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . $userinfo['customerid'] . '" AND `id`="' . $id . '"');

-		if(isset($result['databasename'])
-		   && $result['databasename'] != '')
-		{
-			if(!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']]))
-			{
+		if (isset($result['databasename'])
+		   && $result['databasename'] != ''
+		) {
+			if (!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']])) {
 				$result['dbserver'] = 0;
 			}

-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+			if (isset($_POST['send'])
+			   && $_POST['send'] == 'send'
+			) {
 				// Only change Password if it is set, do nothing if it is empty! -- PH 2004-11-29
 				$password = validate($_POST['mysql_password'], 'password');
-
-				if($password != '')
-				{
+				if ($password != '') {
 					// validate password
 					$password = validatePassword($password);

 					// Begin root-session
 					$db_root = new db($sql_root[$result['dbserver']]['host'], $sql_root[$result['dbserver']]['user'], $sql_root[$result['dbserver']]['password'], '');
-					unset($db_root->password);
-					foreach(array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host)
-					{
+					foreach (array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host) {
 						$db_root->query('SET PASSWORD FOR `' . $db_root->escape($result['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '` = PASSWORD(\'' . $db_root->escape($password) . '\')');
 					}

 					$db_root->query('FLUSH PRIVILEGES');
 					$db_root->close();
-
 					// End root-session
 				}

 				// Update the Database description -- PH 2004-11-29
-
 				$log->logAction(USR_ACTION, LOG_INFO, "edited database '" . $result['databasename'] . "'");
 				$databasedescription = validate($_POST['description'], 'description');
 				$result = $db->query('UPDATE `' . TABLE_PANEL_DATABASES . '` SET `description`="' . $db->escape($databasedescription) . '" WHERE `customerid`="' . (int)$userinfo['customerid'] . '" AND `id`="' . (int)$id . '"');
 				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
+			} else {
 				$mysql_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/mysql/formfield.mysql_edit.php';
 				$mysql_edit_form = htmlform::genHTMLForm($mysql_edit_data);

 				$title = $mysql_edit_data['mysql_edit']['title'];
 				$image = $mysql_edit_data['mysql_edit']['image'];

-				eval("echo \"" . getTemplate("mysql/mysqls_edit") . "\";");
+				eval("echo \"" . getTemplate('mysql/mysqls_edit') . "\";");
 			}
 		}
 	}
 }
-
-?>
--- a/customer_tickets.php
+++ b/customer_tickets.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'customer');
@@ -28,6 +28,17 @@ require ("./lib/init.php");
 if(isset($_POST['id']))
 {
 	$id = intval($_POST['id']);
+	
+	/*
+	 * Check if the current user is allowed to see the current ticket.
+	 */
+	$sql = "SELECT `id` FROM `panel_tickets` WHERE `id` = '".$id."' AND `customerid` = '".$userinfo['customerid']."'";
+	
+	$result = $db->query_first($sql);
+	if ($result == null) {
+		// no rights to see the requested ticket
+		standard_error(array('ticketnotaccessible'));
+	}
 }
 elseif(isset($_GET['id']))
 {
@@ -37,7 +48,7 @@ elseif(isset($_GET['id']))
 if($page == 'overview')
 {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_tickets");
-	eval("echo \"" . getTemplate("ticket/ticket") . "\";");
+	eval("echo \"" . getTemplate("tickets/ticket") . "\";");
 }
 elseif($page == 'tickets')
 {
@@ -55,7 +66,7 @@ elseif($page == 'tickets')
 		$paging = new paging($userinfo, $db, TABLE_PANEL_TICKETS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 		$paging->sortfield = 'lastchange';
 		$paging->sortorder = 'desc';
-		$result = $db->query('SELECT `main`.`id`, (SELECT COUNT(`sub`.`id`) FROM `' . TABLE_PANEL_TICKETS . '` `sub` WHERE `sub`.`answerto` = `main`.`id`) as `ticket_answers`, `main`.`lastchange`, `main`.`subject`, `main`.`status`, `main`.`lastreplier`, `main`.`priority` FROM `' . TABLE_PANEL_TICKETS . '` as `main` WHERE `main`.`answerto` = "0" AND `archived` = "0" AND `customerid`="' . (int)$userinfo['customerid'] . '" AND `adminid`="' . (int)$userinfo['adminid'] . '" ' . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		$result = $db->query('SELECT `main`.`id`, (SELECT COUNT(`sub`.`id`) FROM `' . TABLE_PANEL_TICKETS . '` `sub` WHERE `sub`.`answerto` = `main`.`id`) as `ticket_answers`, `main`.`lastchange`, `main`.`subject`, `main`.`status`, `main`.`lastreplier`, `main`.`priority` FROM `' . TABLE_PANEL_TICKETS . '` as `main` WHERE `main`.`answerto` = "0" AND `archived` = "0" AND `customerid`="' . (int)$userinfo['customerid'] . '" ' . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -104,7 +115,7 @@ elseif($page == 'tickets')
 					$row['subject'] = substr($row['subject'], 0, 17) . '...';
 				}

-				eval("\$tickets.=\"" . getTemplate("ticket/tickets_tickets") . "\";");
+				eval("\$tickets.=\"" . getTemplate("tickets/tickets_tickets") . "\";");
 				$count++;
 			}

@@ -157,7 +168,7 @@ elseif($page == 'tickets')
 		}

 		$ticketsopen = (int)$opentickets['count'];
-		eval("echo \"" . getTemplate("ticket/tickets") . "\";");
+		eval("echo \"" . getTemplate("tickets/tickets") . "\";");
 	}
 	elseif($action == 'new')
 	{
@@ -210,12 +221,12 @@ elseif($page == 'tickets')
 			else
 			{
 				$categories = '';
-				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `logicalorder`, `name` ASC');
+				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');

 				if(isset($result['name'])
 				   && $result['name'] != '')
 				{
-					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `logicalorder`, `name` ASC');
+					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');

 					while($row = $db->fetch_array($result2))
 					{
@@ -227,9 +238,9 @@ elseif($page == 'tickets')
 					$categories = makeoption($lng['ticket']['no_cat'], '0');
 				}

-				$priorities = makeoption($lng['ticket']['unf_high'], '1', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_normal'], '2', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_low'], '3', $settings['ticket']['default_priority']);
+				$priorities = makeoption($lng['ticket']['high'], '1', $settings['ticket']['default_priority']);
+				$priorities.= makeoption($lng['ticket']['normal'], '2', $settings['ticket']['default_priority']);
+				$priorities.= makeoption($lng['ticket']['low'], '3', $settings['ticket']['default_priority']);
 				$ticketsopen = 0;
 				$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
                                           WHERE `customerid` = "' . $userinfo['customerid'] . '"
@@ -248,13 +259,13 @@ elseif($page == 'tickets')

 				$ticketsopen = (int)$opentickets['count'];

-				$ticket_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/ticket/formfield.ticket_add.php';
+				$ticket_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/tickets/formfield.ticket_add.php';
 				$ticket_add_form = htmlform::genHTMLForm($ticket_add_data);

 				$title = $ticket_add_data['ticket_add']['title'];
 				$image = $ticket_add_data['ticket_add']['image'];

-				eval("echo \"" . getTemplate("ticket/tickets_new") . "\";");
+				eval("echo \"" . getTemplate("tickets/tickets_new") . "\";");
 			}
 		}
 		else
@@ -329,12 +340,18 @@ elseif($page == 'tickets')
 			}
 			else
 			{
-				$by = $lng['ticket']['customer'];
+				$cid = $mainticket->Get('customer');
+				$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
+						FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						WHERE `customerid` = "' . (int)$cid . '"'
+				);
+				$by = getCorrectFullUserDetails($usr);
+				//$by = $lng['ticket']['customer'];
 			}

 			$subject = $mainticket->Get('subject');
 			$message = $mainticket->Get('message');
-			eval("\$ticket_replies.=\"" . getTemplate("ticket/tickets_tickets_main") . "\";");
+			eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_main") . "\";");
 			$result = $db->query('SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
                                WHERE `id`="' . (int)$mainticket->Get('category') . '"');
 			$row = $db->fetch_array($result);
@@ -351,12 +368,13 @@ elseif($page == 'tickets')
 				}
 				else
 				{
-					$by = $lng['ticket']['customer'];
+					$by = getCorrectFullUserDetails($usr);
+					//$by = $lng['ticket']['customer'];
 				}

 				$subject = $subticket->Get('subject');
 				$message = $subticket->Get('message');
-				eval("\$ticket_replies.=\"" . getTemplate("ticket/tickets_tickets_list") . "\";");
+				eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_list") . "\";");
 			}

 			$priorities = makeoption($lng['ticket']['high'], '1', $mainticket->Get('priority'), true, true);
@@ -367,13 +385,13 @@ elseif($page == 'tickets')

 			// don't forget the main-ticket!

-			$ticket_reply_data = include_once dirname(__FILE__).'/lib/formfields/customer/ticket/formfield.ticket_reply.php';
+			$ticket_reply_data = include_once dirname(__FILE__).'/lib/formfields/customer/tickets/formfield.ticket_reply.php';
 			$ticket_reply_form = htmlform::genHTMLForm($ticket_reply_data);

 			$title = $ticket_reply_data['ticket_reply']['title'];
 			$image = $ticket_reply_data['ticket_reply']['image'];

-			eval("echo \"" . getTemplate("ticket/tickets_reply") . "\";");
+			eval("echo \"" . getTemplate("tickets/tickets_reply") . "\";");
 		}
 	}
 	elseif($action == 'close'
--- a/customer_traffic.php
+++ b/customer_traffic.php
@@ -14,7 +14,7 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
- * @version    $Id$
+ *
 */

 define('AREA', 'customer');
@@ -22,21 +22,20 @@ define('AREA', 'customer');
 /**
 * Include our init.php, which manages Sessions, Language etc.
 */
-
-require ("./lib/init.php");
+$intrafficpage = 1;
+require('./lib/init.php');
 $traffic = '';
 $month = null;
 $year = null;

-if(isset($_POST['month'])
-   && isset($_POST['year']))
-{
+if (isset($_POST['month'])
+	&& isset($_POST['year'])
+) {
 	$month = intval($_POST['month']);
 	$year = intval($_POST['year']);
-}
-elseif(isset($_GET['month'])
-       && isset($_GET['year']))
-{
+} elseif (isset($_GET['month'])
+	&& isset($_GET['year'])
+) {
 	$month = intval($_GET['month']);
 	$year = intval($_GET['year']);
 }
@@ -44,40 +43,25 @@ elseif(isset($_GET['month'])
 //BAM! $_GET???

 elseif (isset($_GET['page'])
-       && $_GET['page'] == "current")
-{
-	if(date('d') != '01')
-	{
+	&& $_GET['page'] == 'current'
+) {
+	if (date('d') != '01') {
 		$month = date('m');
 		$year = date('Y');
-	}
-	else
-	{
-		if(date('m') == '01')
-		{
+	} else {
+		if (date('m') == '01') {
 			$month = 12;
 			$year = date('Y') - 1;
-		}
-		else
-		{
+		} else {
 			$month = date('m') - 1;
 			$year = date('Y');
 		}
 	}
 }

-if(!is_null($month)
-   && !is_null($year))
-{
+if (!is_null($month)
+	&& !is_null($year)) {
 	$traf['byte'] = 0;
-	$result = $db->query("SELECT MAX(`http`), MAX(`ftp_up`+`ftp_down`), MAX(`mail`)
-	                     FROM `" . TABLE_PANEL_TRAFFIC . "`
-	                     WHERE `customerid`='" . $userinfo['customerid'] . "'
-	                     AND `month` = '" . $month . "'
-	                     AND `year` = '" . $year . "'");
-	$row = mysql_fetch_row($result);
-	rsort($row);
-	$traf['max'] = ($row[0] > $row[1] ? ($row[0] > $row[2] ? $row[0] : $row[2]) : ($row[1] > $row[2] ? $row[1] : $row[2]));;
 	$result = $db->query("SELECT
                                SUM(`http`) as 'http', SUM(`ftp_up`) AS 'ftp_up', SUM(`ftp_down`) as 'ftp_down', SUM(`mail`) as 'mail',
                                `day`, `month`, `year`
@@ -90,106 +74,50 @@ if(!is_null($month)
 	$traffic_complete['mail'] = 0;
 	$show = '';

-	while($row = $db->fetch_array($result))
-	{
+	while ($row = $db->fetch_array($result)) {
 		$http = $row['http'];
 		$ftp = $row['ftp_up'] + $row['ftp_down'];
 		$mail = $row['mail'];
 		$traf['byte'] = $http + $ftp + $mail;
-		$traffic_complete['http']+= $http;
-		$traffic_complete['ftp']+= $ftp;
-		$traffic_complete['mail']+= $mail;
-		$traf['day'] = $row['day'];
+		$traffic_complete['http'] += $http;
+		$traffic_complete['ftp'] += $ftp;
+		$traffic_complete['mail'] += $mail;
+		$traf['day'] = $row['day'] . '.';

-		if(extension_loaded('bcmath'))
-		{
+		if (extension_loaded('bcmath')) {
 			$traf['ftptext'] = bcdiv($row['ftp_up'], 1024, $settings['panel']['decimal_places']) . " MB up/ " . bcdiv($row['ftp_down'], 1024, $settings['panel']['decimal_places']) . " MB down (FTP)";
 			$traf['httptext'] = bcdiv($http, 1024, $settings['panel']['decimal_places']) . " MB (HTTP)";
 			$traf['mailtext'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']) . " MB (Mail)";
-		}
-		else
-		{
+			$traf['ftp'] = bcdiv($ftp, 1024, $settings['panel']['decimal_places']);
+			$traf['http'] = bcdiv($http, 1024, $settings['panel']['decimal_places']);
+			$traf['mail'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']);
+			$traf['byte'] = bcdiv($traf['byte'], 1024, $settings['panel']['decimal_places']);
+		} else {
 			$traf['ftptext'] = round($row['ftp_up'] / 1024, $settings['panel']['decimal_places']) . " MB up/ " . round($row['ftp_down'] / 1024, $settings['panel']['decimal_places']) . " MB down (FTP)";
 			$traf['httptext'] = round($http / 1024, $settings['panel']['decimal_places']) . " MB (HTTP)";
 			$traf['mailtext'] = round($mail / 1024, $settings['panel']['decimal_places']) . " MB (Mail)";
-		}
-
-		if($traf['byte'] != 0
-		   && $traf['max'] != 0)
-		{
-			$proz = $traf['max'] / 100;
-			$traf['http'] = round($http / $proz, 0);
-			$traf['ftp'] = round($ftp / $proz, 0);
-			$traf['mail'] = round($mail / $proz, 0);
-
-			if($traf['http'] == 0)
-			{
-				$traf['http'] = 1;
-			}
-
-			if($traf['ftp'] == 0)
-			{
-				$traf['ftp'] = 1;
-			}
-
-			if($traf['mail'] == 0)
-			{
-				$traf['mail'] = 1;
-			}
-		}
-		else
-		{
-			$traf['http'] = 0;
-			$traf['ftp'] = 0;
-			$traf['mail'] = 0;
-		}
-
-		if(extension_loaded('bcmath'))
-		{
-			$traf['byte'] = bcdiv($traf['byte'], 1024, $settings['panel']['decimal_places']);
-		}
-		else
-		{
+			$traf['http'] = round($http, $settings['panel']['decimal_places']);
+			$traf['ftp'] = round($ftp, $settings['panel']['decimal_places']);
+			$traf['mail'] = round($mail, $settings['panel']['decimal_places']);
 			$traf['byte'] = round($traf['byte'] / 1024, $settings['panel']['decimal_places']);
 		}

-		eval("\$traffic.=\"" . getTemplate("traffic/traffic_month") . "\";");
-		$show = $lng['traffic']['months'][intval($row['month'])] . " " . $row['year'];
+		eval("\$traffic.=\"" . getTemplate('traffic/traffic_month') . "\";");
+		$show = $lng['traffic']['months'][intval($row['month'])] . ' ' . $row['year'];
 	}

-	if(extension_loaded('bcmath'))
-	{
+	if (extension_loaded('bcmath')) {
 		$traffic_complete['http'] = bcdiv($traffic_complete['http'], 1024, $settings['panel']['decimal_places']);
 		$traffic_complete['ftp'] = bcdiv($traffic_complete['ftp'], 1024, $settings['panel']['decimal_places']);
 		$traffic_complete['mail'] = bcdiv($traffic_complete['mail'], 1024, $settings['panel']['decimal_places']);
-	}
-	else
-	{
+	} else {
 		$traffic_complete['http'] = round($traffic_complete['http'] / 1024, $settings['panel']['decimal_places']);
 		$traffic_complete['ftp'] = round($traffic_complete['ftp'] / 1024, $settings['panel']['decimal_places']);
 		$traffic_complete['mail'] = round($traffic_complete['mail'] / 1024, $settings['panel']['decimal_places']);
 	}

-	eval("echo \"" . getTemplate("traffic/traffic_details") . "\";");
-}
-else
-{
-	$result = $db->query("SELECT MAX(`http`), MAX(`ftp_up`+`ftp_down`), MAX(`mail`)
-	                     FROM `" . TABLE_PANEL_TRAFFIC . "`
-	                     WHERE `customerid`='" . $userinfo['customerid'] . "'
-	                     GROUP BY CONCAT(`year`,`month`) ORDER BY CONCAT(`year`,`month`) DESC LIMIT 12");
-	
-	$nums = mysql_num_rows($result);
-	if($nums > 0)
-	{
-		$row = mysql_fetch_row($result);
-		rsort($row);
-		$traf['max'] = ($row[0] > $row[1] ? ($row[0] > $row[2] ? $row[0] : $row[2]) : ($row[1] > $row[2] ? $row[1] : $row[2]));
-	} else {
-		// no records yet
-		$traf['max'] = 0;
-	}
-	
+	eval("echo \"" . getTemplate('traffic/traffic_details') . "\";");
+} else {
 	$result = $db->query("SELECT `month`, `year`, SUM(`http`) AS http, SUM(`ftp_up`) AS ftp_up, SUM(`ftp_down`) AS ftp_down, SUM(`mail`) AS mail
 	                     FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE `customerid` = '" . $userinfo['customerid'] . "'
 	                     GROUP BY CONCAT(`year`,`month`) ORDER BY CONCAT(`year`,`month`) DESC LIMIT 12");
@@ -197,88 +125,49 @@ else
 	$traffic_complete['ftp'] = 0;
 	$traffic_complete['mail'] = 0;

-	while($row = $db->fetch_array($result))
-	{
+	while ($row = $db->fetch_array($result)) {
 		$http = $row['http'];
 		$ftp_up = $row['ftp_up'];
 		$ftp_down = $row['ftp_down'];
 		$mail = $row['mail'];
-		$traffic_complete['http']+= $http;
-		$traffic_complete['ftp']+= $ftp_up + $ftp_down;
-		$traffic_complete['mail']+= $mail;
+		$traffic_complete['http'] += $http;
+		$traffic_complete['ftp'] += $ftp_up + $ftp_down;
+		$traffic_complete['mail'] += $mail;
 		$traf['month'] = $row['month'];
 		$traf['year'] = $row['year'];
 		$traf['monthname'] = $lng['traffic']['months'][intval($row['month'])] . " " . $row['year'];
 		$traf['byte'] = $http + $ftp_up + $ftp_down + $mail;

-		if(extension_loaded('bcmath'))
-		{
-			$traf['ftptext'] = bcdiv($ftp_up, 1024 * 1024, $settings['panel']['decimal_places']) . " GB up/ " . bcdiv($ftp_down, 1024 * 1024, $settings['panel']['decimal_places']) . " GB down (FTP)";
-			$traf['httptext'] = bcdiv($http, 1024 * 1024, $settings['panel']['decimal_places']) . " GB (HTTP)";
-			$traf['mailtext'] = bcdiv($mail, 1024 * 1024, $settings['panel']['decimal_places']) . " GB (Mail)";
-		}
-		else
-		{
-			$traf['ftptext'] = round($ftp_up / 1024 * 1024, $settings['panel']['decimal_places']) . " GB up/ " . round($ftp_down / 1024 * 1024, $settings['panel']['decimal_places']) . " GB down (FTP)";
-			$traf['httptext'] = round($http / 1024 * 1024, $settings['panel']['decimal_places']) . " GB (HTTP)";
-			$traf['mailtext'] = round($mail / 1024 * 1024, $settings['panel']['decimal_places']) . " GB (Mail)";
+		if (extension_loaded('bcmath')) {
+			$traf['ftptext'] = bcdiv($ftp_up, 1024, $settings['panel']['decimal_places']) . " MB up/ " . bcdiv($ftp_down, 1024, $settings['panel']['decimal_places']) . " MB down (FTP)";
+			$traf['httptext'] = bcdiv($http, 1024, $settings['panel']['decimal_places']) . " MB (HTTP)";
+			$traf['mailtext'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']) . " MB (Mail)";
+			$traf['ftp'] = bcdiv(($ftp_up + $ftp_down), 1024, $settings['panel']['decimal_places']);
+			$traf['http'] = bcdiv($http, 1024, $settings['panel']['decimal_places']);
+			$traf['mail'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']);
+			$traf['byte'] = bcdiv($traf['byte'], 1024 * 1024, $settings['panel']['decimal_places']);
+		} else {
+			$traf['ftptext'] = round($ftp_up / 1024, $settings['panel']['decimal_places']) . " MB up/ " . round($ftp_down / 1024, $settings['panel']['decimal_places']) . " MB down (FTP)";
+			$traf['httptext'] = round($http / 1024, $settings['panel']['decimal_places']) . " MB (HTTP)";
+			$traf['mailtext'] = round($mail / 1024, $settings['panel']['decimal_places']) . " MB (Mail)";
+			$traf['ftp'] = round(($ftp_up + $ftp_down) / 1024, $settings['panel']['decimal_places']);
+			$traf['http'] = round($http / 1024, $settings['panel']['decimal_places']);
+			$traf['mail'] = round($mail / 1024, $settings['panel']['decimal_places']);
+			$traf['byte'] = round($traf['byte'] / (1024 * 1024), $settings['panel']['decimal_places']);
 		}

-		if($traf['max'] != 0)
-		{
-			$proz = $traf['max'] / 100;
-			$traf['ftp'] = round(($ftp_up + $ftp_down) / $proz, 0);
-			$traf['http'] = round($http / $proz, 0);
-			$traf['mail'] = round($mail / $proz, 0);
-
-			if($traf['http'] == 0)
-			{
-				$traf['http'] = 1;
-			}
-
-			if($traf['ftp'] == 0)
-			{
-				$traf['ftp'] = 1;
-			}
-
-			if($traf['mail'] == 0)
-			{
-				$traf['mail'] = 1;
-			}
-		}
-		else
-		{
-			$traf['ftp'] = 0;
-			$traf['http'] = 0;
-			$traf['mail'] = 0;
-		}
-
-		if(extension_loaded('bcmath'))
-		{
-			$traf['byte'] = bcadd($traf['byte'] / (1024 * 1024), 0.0000, 4);
-		}
-		else
-		{
-			$traf['byte'] = round($traf['byte'] + (1024 * 1024), 4);
-		}
-
-		eval("\$traffic.=\"" . getTemplate("traffic/traffic_traffic") . "\";");
+		eval("\$traffic.=\"" . getTemplate('traffic/traffic_traffic') . "\";");
 	}

-	if(extension_loaded('bcmath'))
-	{
+	if (extension_loaded('bcmath')) {
 		$traffic_complete['http'] = bcdiv($traffic_complete['http'], 1024 * 1024, $settings['panel']['decimal_places']);
 		$traffic_complete['ftp'] = bcdiv($traffic_complete['ftp'], 1024 * 1024, $settings['panel']['decimal_places']);
 		$traffic_complete['mail'] = bcdiv($traffic_complete['mail'], 1024 * 1024, $settings['panel']['decimal_places']);
-	}
-	else
-	{
-		$traffic_complete['http'] = round($traffic_complete['http'] / 1024 * 1024, $settings['panel']['decimal_places']);
-		$traffic_complete['ftp'] = round($traffic_complete['ftp'] / 1024 * 1024, $settings['panel']['decimal_places']);
-		$traffic_complete['mail'] = round($traffic_complete['mail'] / 1024 * 1024, $settings['panel']['decimal_places']);
+	} else {
+		$traffic_complete['http'] = round($traffic_complete['http'] / (1024 * 1024), $settings['panel']['decimal_places']);
+		$traffic_complete['ftp'] = round($traffic_complete['ftp'] / (1024 * 1024), $settings['panel']['decimal_places']);
+		$traffic_complete['mail'] = round($traffic_complete['mail'] / (1024 * 1024), $settings['panel']['decimal_places']);
 	}

-	eval("echo \"" . getTemplate("traffic/traffic") . "\";");
+	eval("echo \"" . getTemplate('traffic/traffic') . "\";");
 }
-
-?>
--- a/images/Classic/ball.gif
+++ b/images/Classic/ball.gif
--- a/images/Classic/changelanguage.gif
+++ b/images/Classic/changelanguage.gif
--- a/images/Classic/changetheme.png
+++ b/images/Classic/changetheme.png
--- a/images/Classic/default.png
+++ b/images/Classic/default.png
--- a/images/Classic/endsection.gif
+++ b/images/Classic/endsection.gif
--- a/images/Classic/error.gif
+++ b/images/Classic/error.gif
--- a/images/Classic/error.png
+++ b/images/Classic/error.png
--- a/images/Classic/footer.gif
+++ b/images/Classic/footer.gif
--- a/images/Classic/header_r.gif
+++ b/images/Classic/header_r.gif
--- a/images/Classic/info.png
+++ b/images/Classic/info.png
--- a/images/Classic/login.gif
+++ b/images/Classic/login.gif
--- a/images/Classic/logininternal.gif
+++ b/images/Classic/logininternal.gif
--- a/images/Classic/logo.png
+++ b/images/Classic/logo.png
--- a/images/Classic/multiserver/deploy_dis.png
+++ b/images/Classic/multiserver/deploy_dis.png
--- a/images/Classic/multiserver/refresh.png
+++ b/images/Classic/multiserver/refresh.png
--- a/images/Classic/multiserver/refresh_dis.png
+++ b/images/Classic/multiserver/refresh_dis.png
--- a/images/Classic/multiserver/server.png
+++ b/images/Classic/multiserver/server.png
--- a/images/Classic/multiserver/settings.png
+++ b/images/Classic/multiserver/settings.png
--- a/images/Classic/multiserver/settings_dis.png
+++ b/images/Classic/multiserver/settings_dis.png
--- a/images/Classic/multiserver/trash.png
+++ b/images/Classic/multiserver/trash.png
--- a/images/Classic/order_asc.gif
+++ b/images/Classic/order_asc.gif
--- a/images/Classic/order_desc.gif
+++ b/images/Classic/order_desc.gif
--- a/images/Classic/section.gif
+++ b/images/Classic/section.gif
--- a/images/Classic/shadow.gif
+++ b/images/Classic/shadow.gif
--- a/images/Classic/subsection.gif
+++ b/images/Classic/subsection.gif
--- a/images/Classic/title.gif
+++ b/images/Classic/title.gif
--- a/images/Froxlor/header_g.png
+++ b/images/Froxlor/header_g.png
--- a/images/Froxlor/icons/aps.png
+++ b/images/Froxlor/icons/aps.png
--- a/images/Froxlor/icons/aps_upload.png
+++ b/images/Froxlor/icons/aps_upload.png
--- a/images/Froxlor/icons/archive_ticket.png
+++ b/images/Froxlor/icons/archive_ticket.png
--- a/images/Froxlor/icons/autoresponder.png
+++ b/images/Froxlor/icons/autoresponder.png
--- a/images/Froxlor/icons/autoresponder_add.png
+++ b/images/Froxlor/icons/autoresponder_add.png
--- a/images/Froxlor/icons/bad.png
+++ b/images/Froxlor/icons/bad.png
--- a/images/Froxlor/icons/categories.png
+++ b/images/Froxlor/icons/categories.png
--- a/images/Froxlor/icons/category_add.png
+++ b/images/Froxlor/icons/category_add.png
--- a/images/Froxlor/icons/category_add_big.png
+++ b/images/Froxlor/icons/category_add_big.png
--- a/images/Froxlor/icons/category_edit.png
+++ b/images/Froxlor/icons/category_edit.png
--- a/images/Froxlor/icons/category_edit_big.png
+++ b/images/Froxlor/icons/category_edit_big.png
--- a/images/Froxlor/icons/category_new.png
+++ b/images/Froxlor/icons/category_new.png
--- a/images/Froxlor/icons/clock.png
+++ b/images/Froxlor/icons/clock.png
--- a/images/Froxlor/icons/clock_add.png
+++ b/images/Froxlor/icons/clock_add.png
--- a/images/Froxlor/icons/clock_delete.png
+++ b/images/Froxlor/icons/clock_delete.png
--- a/images/Froxlor/icons/clock_edit.png
+++ b/images/Froxlor/icons/clock_edit.png
--- a/images/Froxlor/icons/clock_error.png
+++ b/images/Froxlor/icons/clock_error.png
--- a/images/Froxlor/icons/clock_go.png
+++ b/images/Froxlor/icons/clock_go.png
--- a/images/Froxlor/icons/clock_pause.png
+++ b/images/Froxlor/icons/clock_pause.png
--- a/images/Froxlor/icons/clock_play.png
+++ b/images/Froxlor/icons/clock_play.png
--- a/Show More
+++ b/Show More
				`@@ -0,0 +1 @@`
				.jqplot-target{position:relative;color:#666;font-family:"Trebuchet MS",Arial,Helvetica,sans-serif;font-size:1em}.jqplot-axis{font-size:.75em}.jqplot-xaxis{margin-top:10px}.jqplot-x2axis{margin-bottom:10px}.jqplot-yaxis{margin-right:10px}.jqplot-y2axis,.jqplot-y3axis,.jqplot-y4axis,.jqplot-y5axis,.jqplot-y6axis,.jqplot-y7axis,.jqplot-y8axis,.jqplot-y9axis,.jqplot-yMidAxis{margin-left:10px;margin-right:10px}.jqplot-axis-tick,.jqplot-xaxis-tick,.jqplot-yaxis-tick,.jqplot-x2axis-tick,.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick,.jqplot-yMidAxis-tick{position:absolute;white-space:pre}.jqplot-xaxis-tick{top:0;left:15px;vertical-align:top}.jqplot-x2axis-tick{bottom:0;left:15px;vertical-align:bottom}.jqplot-yaxis-tick{right:0;top:15px;text-align:right}.jqplot-yaxis-tick.jqplot-breakTick{right:-20px;margin-right:0;padding:1px 5px 1px 5px;z-index:2;font-size:1.5em}.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick{left:0;top:15px;text-align:left}.jqplot-yMidAxis-tick{text-align:center;white-space:nowrap}.jqplot-xaxis-label{margin-top:10px;font-size:11pt;position:absolute}.jqplot-x2axis-label{margin-bottom:10px;font-size:11pt;position:absolute}.jqplot-yaxis-label{margin-right:10px;font-size:11pt;position:absolute}.jqplot-yMidAxis-label{font-size:11pt;position:absolute}.jqplot-y2axis-label,.jqplot-y3axis-label,.jqplot-y4axis-label,.jqplot-y5axis-label,.jqplot-y6axis-label,.jqplot-y7axis-label,.jqplot-y8axis-label,.jqplot-y9axis-label{font-size:11pt;margin-left:10px;position:absolute}.jqplot-meterGauge-tick{font-size:.75em;color:#999}.jqplot-meterGauge-label{font-size:1em;color:#999}table.jqplot-table-legend{margin-top:12px;margin-bottom:12px;margin-left:12px;margin-right:12px}table.jqplot-table-legend,table.jqplot-cursor-legend{background-color:rgba(255,255,255,0.6);border:1px solid #ccc;position:absolute;font-size:.75em}td.jqplot-table-legend{vertical-align:middle}td.jqplot-seriesToggle:hover,td.jqplot-seriesToggle:active{cursor:pointer}.jqplot-table-legend .jqplot-series-hidden{text-decoration:line-through}div.jqplot-table-legend-swatch-outline{border:1px solid #ccc;padding:1px}div.jqplot-table-legend-swatch{width:0;height:0;border-top-width:5px;border-bottom-width:5px;border-left-width:6px;border-right-width:6px;border-top-style:solid;border-bottom-style:solid;border-left-style:solid;border-right-style:solid}.jqplot-title{top:0;left:0;padding-bottom:.5em;font-size:1.2em}table.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em}.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px}.jqplot-highlighter-tooltip,.jqplot-canvasOverlay-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px}.jqplot-point-label{font-size:.75em;z-index:2}td.jqplot-cursor-legend-swatch{vertical-align:middle;text-align:center}div.jqplot-cursor-legend-swatch{width:1.2em;height:.7em}.jqplot-error{text-align:center}.jqplot-error-message{position:relative;top:46%;display:inline-block}div.jqplot-bubble-label{font-size:.8em;padding-left:2px;padding-right:2px;color:rgb(20%,20%,20%)}div.jqplot-bubble-label.jqplot-bubble-label-highlight{background:rgba(90%,90%,90%,0.7)}div.jqplot-noData-container{text-align:center;background-color:rgba(96%,96%,96%,0.3)}