Tagging froxlor 0.9.13

refs #377

COPYING

@@ -1,281 +1,281 @@
-		    GNU GENERAL PUBLIC LICENSE
+		    GNU GENERAL PUBLIC LICENSE
-		       Version 2, June 1991
+		       Version 2, June 1991
-
+
- Copyright (C) 1989, 1991 Free Software Foundation, Inc.
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
-                          675 Mass Ave, Cambridge, MA 02139, USA
+                          675 Mass Ave, Cambridge, MA 02139, USA
- Everyone is permitted to copy and distribute verbatim copies
+ Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
+ of this license document, but changing it is not allowed.
-
+
-			    Preamble
+			    Preamble
-
+
-  The licenses for most software are designed to take away your
+  The licenses for most software are designed to take away your
-freedom to share and change it.  By contrast, the GNU General Public
+freedom to share and change it.  By contrast, the GNU General Public
-License is intended to guarantee your freedom to share and change free
+License is intended to guarantee your freedom to share and change free
-software--to make sure the software is free for all its users.  This
+software--to make sure the software is free for all its users.  This
-General Public License applies to most of the Free Software
+General Public License applies to most of the Free Software
-Foundation's software and to any other program whose authors commit to
+Foundation's software and to any other program whose authors commit to
-using it.  (Some other Free Software Foundation software is covered by
+using it.  (Some other Free Software Foundation software is covered by
-the GNU Library General Public License instead.)  You can apply it to
+the GNU Library General Public License instead.)  You can apply it to
-your programs, too.
+your programs, too.
-
+
-  When we speak of free software, we are referring to freedom, not
+  When we speak of free software, we are referring to freedom, not
-price.  Our General Public Licenses are designed to make sure that you
+price.  Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
+have the freedom to distribute copies of free software (and charge for
-this service if you wish), that you receive source code or can get it
+this service if you wish), that you receive source code or can get it
-if you want it, that you can change the software or use pieces of it
+if you want it, that you can change the software or use pieces of it
-in new free programs; and that you know you can do these things.
+in new free programs; and that you know you can do these things.
-
+
-  To protect your rights, we need to make restrictions that forbid
+  To protect your rights, we need to make restrictions that forbid
-anyone to deny you these rights or to ask you to surrender the rights.
+anyone to deny you these rights or to ask you to surrender the rights.
-These restrictions translate to certain responsibilities for you if you
+These restrictions translate to certain responsibilities for you if you
-distribute copies of the software, or if you modify it.
+distribute copies of the software, or if you modify it.
-
+
-  For example, if you distribute copies of such a program, whether
+  For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must give the recipients all the rights that
+gratis or for a fee, you must give the recipients all the rights that
-you have.  You must make sure that they, too, receive or can get the
+you have.  You must make sure that they, too, receive or can get the
-source code.  And you must show them these terms so they know their
+source code.  And you must show them these terms so they know their
-rights.
+rights.
-
+
-  We protect your rights with two steps: (1) copyright the software, and
+  We protect your rights with two steps: (1) copyright the software, and
-(2) offer you this license which gives you legal permission to copy,
+(2) offer you this license which gives you legal permission to copy,
-distribute and/or modify the software.
+distribute and/or modify the software.
-
+
-  Also, for each author's protection and ours, we want to make certain
+  Also, for each author's protection and ours, we want to make certain
-that everyone understands that there is no warranty for this free
+that everyone understands that there is no warranty for this free
-software.  If the software is modified by someone else and passed on, we
+software.  If the software is modified by someone else and passed on, we
-want its recipients to know that what they have is not the original, so
+want its recipients to know that what they have is not the original, so
-that any problems introduced by others will not reflect on the original
+that any problems introduced by others will not reflect on the original
-authors' reputations.
+authors' reputations.
-
+
-  Finally, any free program is threatened constantly by software
+  Finally, any free program is threatened constantly by software
-patents.  We wish to avoid the danger that redistributors of a free
+patents.  We wish to avoid the danger that redistributors of a free
-program will individually obtain patent licenses, in effect making the
+program will individually obtain patent licenses, in effect making the
-program proprietary.  To prevent this, we have made it clear that any
+program proprietary.  To prevent this, we have made it clear that any
-patent must be licensed for everyone's free use or not licensed at all.
+patent must be licensed for everyone's free use or not licensed at all.
-
+
-  The precise terms and conditions for copying, distribution and
+  The precise terms and conditions for copying, distribution and
-modification follow.
+modification follow.
-
+
-		    GNU GENERAL PUBLIC LICENSE
+		    GNU GENERAL PUBLIC LICENSE
-   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
+
-  0. This License applies to any program or other work which contains
+  0. This License applies to any program or other work which contains
-a notice placed by the copyright holder saying it may be distributed
+a notice placed by the copyright holder saying it may be distributed
-under the terms of this General Public License.  The "Program", below,
+under the terms of this General Public License.  The "Program", below,
-refers to any such program or work, and a "work based on the Program"
+refers to any such program or work, and a "work based on the Program"
-means either the Program or any derivative work under copyright law:
+means either the Program or any derivative work under copyright law:
-that is to say, a work containing the Program or a portion of it,
+that is to say, a work containing the Program or a portion of it,
-either verbatim or with modifications and/or translated into another
+either verbatim or with modifications and/or translated into another
-language.  (Hereinafter, translation is included without limitation in
+language.  (Hereinafter, translation is included without limitation in
-the term "modification".)  Each licensee is addressed as "you".
+the term "modification".)  Each licensee is addressed as "you".
-
+
-Activities other than copying, distribution and modification are not
+Activities other than copying, distribution and modification are not
-covered by this License; they are outside its scope.  The act of
+covered by this License; they are outside its scope.  The act of
-running the Program is not restricted, and the output from the Program
+running the Program is not restricted, and the output from the Program
-is covered only if its contents constitute a work based on the
+is covered only if its contents constitute a work based on the
-Program (independent of having been made by running the Program).
+Program (independent of having been made by running the Program).
-Whether that is true depends on what the Program does.
+Whether that is true depends on what the Program does.
-
+
-  1. You may copy and distribute verbatim copies of the Program's
+  1. You may copy and distribute verbatim copies of the Program's
-source code as you receive it, in any medium, provided that you
+source code as you receive it, in any medium, provided that you
-conspicuously and appropriately publish on each copy an appropriate
+conspicuously and appropriately publish on each copy an appropriate
-copyright notice and disclaimer of warranty; keep intact all the
+copyright notice and disclaimer of warranty; keep intact all the
-notices that refer to this License and to the absence of any warranty;
+notices that refer to this License and to the absence of any warranty;
-and give any other recipients of the Program a copy of this License
+and give any other recipients of the Program a copy of this License
-along with the Program.
+along with the Program.
-
+
-You may charge a fee for the physical act of transferring a copy, and
+You may charge a fee for the physical act of transferring a copy, and
-you may at your option offer warranty protection in exchange for a fee.
+you may at your option offer warranty protection in exchange for a fee.
-
+
-  2. You may modify your copy or copies of the Program or any portion
+  2. You may modify your copy or copies of the Program or any portion
-of it, thus forming a work based on the Program, and copy and
+of it, thus forming a work based on the Program, and copy and
-distribute such modifications or work under the terms of Section 1
+distribute such modifications or work under the terms of Section 1
-above, provided that you also meet all of these conditions:
+above, provided that you also meet all of these conditions:
-
+
-    a) You must cause the modified files to carry prominent notices
+    a) You must cause the modified files to carry prominent notices
-    stating that you changed the files and the date of any change.
+    stating that you changed the files and the date of any change.
-
+
-    b) You must cause any work that you distribute or publish, that in
+    b) You must cause any work that you distribute or publish, that in
-    whole or in part contains or is derived from the Program or any
+    whole or in part contains or is derived from the Program or any
-    part thereof, to be licensed as a whole at no charge to all third
+    part thereof, to be licensed as a whole at no charge to all third
-    parties under the terms of this License.
+    parties under the terms of this License.
-
+
-    c) If the modified program normally reads commands interactively
+    c) If the modified program normally reads commands interactively
-    when run, you must cause it, when started running for such
+    when run, you must cause it, when started running for such
-    interactive use in the most ordinary way, to print or display an
+    interactive use in the most ordinary way, to print or display an
-    announcement including an appropriate copyright notice and a
+    announcement including an appropriate copyright notice and a
-    notice that there is no warranty (or else, saying that you provide
+    notice that there is no warranty (or else, saying that you provide
-    a warranty) and that users may redistribute the program under
+    a warranty) and that users may redistribute the program under
-    these conditions, and telling the user how to view a copy of this
+    these conditions, and telling the user how to view a copy of this
-    License.  (Exception: if the Program itself is interactive but
+    License.  (Exception: if the Program itself is interactive but
-    does not normally print such an announcement, your work based on
+    does not normally print such an announcement, your work based on
-    the Program is not required to print an announcement.)
+    the Program is not required to print an announcement.)
-
+
-These requirements apply to the modified work as a whole.  If
+These requirements apply to the modified work as a whole.  If
-identifiable sections of that work are not derived from the Program,
+identifiable sections of that work are not derived from the Program,
-and can be reasonably considered independent and separate works in
+and can be reasonably considered independent and separate works in
-themselves, then this License, and its terms, do not apply to those
+themselves, then this License, and its terms, do not apply to those
-sections when you distribute them as separate works.  But when you
+sections when you distribute them as separate works.  But when you
-distribute the same sections as part of a whole which is a work based
+distribute the same sections as part of a whole which is a work based
-on the Program, the distribution of the whole must be on the terms of
+on the Program, the distribution of the whole must be on the terms of
-this License, whose permissions for other licensees extend to the
+this License, whose permissions for other licensees extend to the
-entire whole, and thus to each and every part regardless of who wrote it.
+entire whole, and thus to each and every part regardless of who wrote it.
-
+
-Thus, it is not the intent of this section to claim rights or contest
+Thus, it is not the intent of this section to claim rights or contest
-your rights to work written entirely by you; rather, the intent is to
+your rights to work written entirely by you; rather, the intent is to
-exercise the right to control the distribution of derivative or
+exercise the right to control the distribution of derivative or
-collective works based on the Program.
+collective works based on the Program.
-
+
-In addition, mere aggregation of another work not based on the Program
+In addition, mere aggregation of another work not based on the Program
-with the Program (or with a work based on the Program) on a volume of
+with the Program (or with a work based on the Program) on a volume of
-a storage or distribution medium does not bring the other work under
+a storage or distribution medium does not bring the other work under
-the scope of this License.
+the scope of this License.
-
+
-  3. You may copy and distribute the Program (or a work based on it,
+  3. You may copy and distribute the Program (or a work based on it,
-under Section 2) in object code or executable form under the terms of
+under Section 2) in object code or executable form under the terms of
-Sections 1 and 2 above provided that you also do one of the following:
+Sections 1 and 2 above provided that you also do one of the following:
-
+
-    a) Accompany it with the complete corresponding machine-readable
+    a) Accompany it with the complete corresponding machine-readable
-    source code, which must be distributed under the terms of Sections
+    source code, which must be distributed under the terms of Sections
-    1 and 2 above on a medium customarily used for software interchange; or,
+    1 and 2 above on a medium customarily used for software interchange; or,
-
+
-    b) Accompany it with a written offer, valid for at least three
+    b) Accompany it with a written offer, valid for at least three
-    years, to give any third party, for a charge no more than your
+    years, to give any third party, for a charge no more than your
-    cost of physically performing source distribution, a complete
+    cost of physically performing source distribution, a complete
-    machine-readable copy of the corresponding source code, to be
+    machine-readable copy of the corresponding source code, to be
-    distributed under the terms of Sections 1 and 2 above on a medium
+    distributed under the terms of Sections 1 and 2 above on a medium
-    customarily used for software interchange; or,
+    customarily used for software interchange; or,
-
+
-    c) Accompany it with the information you received as to the offer
+    c) Accompany it with the information you received as to the offer
-    to distribute corresponding source code.  (This alternative is
+    to distribute corresponding source code.  (This alternative is
-    allowed only for noncommercial distribution and only if you
+    allowed only for noncommercial distribution and only if you
-    received the program in object code or executable form with such
+    received the program in object code or executable form with such
-    an offer, in accord with Subsection b above.)
+    an offer, in accord with Subsection b above.)
-
+
-The source code for a work means the preferred form of the work for
+The source code for a work means the preferred form of the work for
-making modifications to it.  For an executable work, complete source
+making modifications to it.  For an executable work, complete source
-code means all the source code for all modules it contains, plus any
+code means all the source code for all modules it contains, plus any
-associated interface definition files, plus the scripts used to
+associated interface definition files, plus the scripts used to
-control compilation and installation of the executable.  However, as a
+control compilation and installation of the executable.  However, as a
-special exception, the source code distributed need not include
+special exception, the source code distributed need not include
-anything that is normally distributed (in either source or binary
+anything that is normally distributed (in either source or binary
-form) with the major components (compiler, kernel, and so on) of the
+form) with the major components (compiler, kernel, and so on) of the
-operating system on which the executable runs, unless that component
+operating system on which the executable runs, unless that component
-itself accompanies the executable.
+itself accompanies the executable.
-
+
-If distribution of executable or object code is made by offering
+If distribution of executable or object code is made by offering
-access to copy from a designated place, then offering equivalent
+access to copy from a designated place, then offering equivalent
-access to copy the source code from the same place counts as
+access to copy the source code from the same place counts as
-distribution of the source code, even though third parties are not
+distribution of the source code, even though third parties are not
-compelled to copy the source along with the object code.
+compelled to copy the source along with the object code.
-
+
-  4. You may not copy, modify, sublicense, or distribute the Program
+  4. You may not copy, modify, sublicense, or distribute the Program
-except as expressly provided under this License.  Any attempt
+except as expressly provided under this License.  Any attempt
-otherwise to copy, modify, sublicense or distribute the Program is
+otherwise to copy, modify, sublicense or distribute the Program is
-void, and will automatically terminate your rights under this License.
+void, and will automatically terminate your rights under this License.
-However, parties who have received copies, or rights, from you under
+However, parties who have received copies, or rights, from you under
-this License will not have their licenses terminated so long as such
+this License will not have their licenses terminated so long as such
-parties remain in full compliance.
+parties remain in full compliance.
-
+
-  5. You are not required to accept this License, since you have not
+  5. You are not required to accept this License, since you have not
-signed it.  However, nothing else grants you permission to modify or
+signed it.  However, nothing else grants you permission to modify or
-distribute the Program or its derivative works.  These actions are
+distribute the Program or its derivative works.  These actions are
-prohibited by law if you do not accept this License.  Therefore, by
+prohibited by law if you do not accept this License.  Therefore, by
-modifying or distributing the Program (or any work based on the
+modifying or distributing the Program (or any work based on the
-Program), you indicate your acceptance of this License to do so, and
+Program), you indicate your acceptance of this License to do so, and
-all its terms and conditions for copying, distributing or modifying
+all its terms and conditions for copying, distributing or modifying
-the Program or works based on it.
+the Program or works based on it.
-
+
-  6. Each time you redistribute the Program (or any work based on the
+  6. Each time you redistribute the Program (or any work based on the
-Program), the recipient automatically receives a license from the
+Program), the recipient automatically receives a license from the
-original licensor to copy, distribute or modify the Program subject to
+original licensor to copy, distribute or modify the Program subject to
-these terms and conditions.  You may not impose any further
+these terms and conditions.  You may not impose any further
-restrictions on the recipients' exercise of the rights granted herein.
+restrictions on the recipients' exercise of the rights granted herein.
-You are not responsible for enforcing compliance by third parties to
+You are not responsible for enforcing compliance by third parties to
-this License.
+this License.
-
+
-  7. If, as a consequence of a court judgment or allegation of patent
+  7. If, as a consequence of a court judgment or allegation of patent
-infringement or for any other reason (not limited to patent issues),
+infringement or for any other reason (not limited to patent issues),
-conditions are imposed on you (whether by court order, agreement or
+conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
+otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot
+excuse you from the conditions of this License.  If you cannot
-distribute so as to satisfy simultaneously your obligations under this
+distribute so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you
+License and any other pertinent obligations, then as a consequence you
-may not distribute the Program at all.  For example, if a patent
+may not distribute the Program at all.  For example, if a patent
-license would not permit royalty-free redistribution of the Program by
+license would not permit royalty-free redistribution of the Program by
-all those who receive copies directly or indirectly through you, then
+all those who receive copies directly or indirectly through you, then
-the only way you could satisfy both it and this License would be to
+the only way you could satisfy both it and this License would be to
-refrain entirely from distribution of the Program.
+refrain entirely from distribution of the Program.
-
+
-If any portion of this section is held invalid or unenforceable under
+If any portion of this section is held invalid or unenforceable under
-any particular circumstance, the balance of the section is intended to
+any particular circumstance, the balance of the section is intended to
-apply and the section as a whole is intended to apply in other
+apply and the section as a whole is intended to apply in other
-circumstances.
+circumstances.
-
+
-It is not the purpose of this section to induce you to infringe any
+It is not the purpose of this section to induce you to infringe any
-patents or other property right claims or to contest validity of any
+patents or other property right claims or to contest validity of any
-such claims; this section has the sole purpose of protecting the
+such claims; this section has the sole purpose of protecting the
-integrity of the free software distribution system, which is
+integrity of the free software distribution system, which is
-implemented by public license practices.  Many people have made
+implemented by public license practices.  Many people have made
-generous contributions to the wide range of software distributed
+generous contributions to the wide range of software distributed
-through that system in reliance on consistent application of that
+through that system in reliance on consistent application of that
-system; it is up to the author/donor to decide if he or she is willing
+system; it is up to the author/donor to decide if he or she is willing
-to distribute software through any other system and a licensee cannot
+to distribute software through any other system and a licensee cannot
-impose that choice.
+impose that choice.
-
+
-This section is intended to make thoroughly clear what is believed to
+This section is intended to make thoroughly clear what is believed to
-be a consequence of the rest of this License.
+be a consequence of the rest of this License.
-
+
-  8. If the distribution and/or use of the Program is restricted in
+  8. If the distribution and/or use of the Program is restricted in
-certain countries either by patents or by copyrighted interfaces, the
+certain countries either by patents or by copyrighted interfaces, the
-original copyright holder who places the Program under this License
+original copyright holder who places the Program under this License
-may add an explicit geographical distribution limitation excluding
+may add an explicit geographical distribution limitation excluding
-those countries, so that distribution is permitted only in or among
+those countries, so that distribution is permitted only in or among
-countries not thus excluded.  In such case, this License incorporates
+countries not thus excluded.  In such case, this License incorporates
-the limitation as if written in the body of this License.
+the limitation as if written in the body of this License.
-
+
-  9. The Free Software Foundation may publish revised and/or new versions
+  9. The Free Software Foundation may publish revised and/or new versions
-of the General Public License from time to time.  Such new versions will
+of the General Public License from time to time.  Such new versions will
-be similar in spirit to the present version, but may differ in detail to
+be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
+address new problems or concerns.
-
+
-Each version is given a distinguishing version number.  If the Program
+Each version is given a distinguishing version number.  If the Program
-specifies a version number of this License which applies to it and "any
+specifies a version number of this License which applies to it and "any
-later version", you have the option of following the terms and conditions
+later version", you have the option of following the terms and conditions
-either of that version or of any later version published by the Free
+either of that version or of any later version published by the Free
-Software Foundation.  If the Program does not specify a version number of
+Software Foundation.  If the Program does not specify a version number of
-this License, you may choose any version ever published by the Free Software
+this License, you may choose any version ever published by the Free Software
-Foundation.
+Foundation.
-
+
-  10. If you wish to incorporate parts of the Program into other free
+  10. If you wish to incorporate parts of the Program into other free
-programs whose distribution conditions are different, write to the author
+programs whose distribution conditions are different, write to the author
-to ask for permission.  For software which is copyrighted by the Free
+to ask for permission.  For software which is copyrighted by the Free
-Software Foundation, write to the Free Software Foundation; we sometimes
+Software Foundation, write to the Free Software Foundation; we sometimes
-make exceptions for this.  Our decision will be guided by the two goals
+make exceptions for this.  Our decision will be guided by the two goals
-of preserving the free status of all derivatives of our free software and
+of preserving the free status of all derivatives of our free software and
-of promoting the sharing and reuse of software generally.
+of promoting the sharing and reuse of software generally.
-
+
-			    NO WARRANTY
+			    NO WARRANTY
-
+
-  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
-FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
-OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
-PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
-OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
-TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
-PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
-REPAIR OR CORRECTION.
+REPAIR OR CORRECTION.
-
+
-  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
-REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
-INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
-OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
-TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
-YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
-PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGES.
+POSSIBILITY OF SUCH DAMAGES.
-
+
-		     END OF TERMS AND CONDITIONS
+		     END OF TERMS AND CONDITIONS
-
+

actions/admin/settings/100.panel.php

@@ -77,6 +77,24 @@ return array(
 					'default' => '',
 					'save_method' => 'storeSettingField',
 					),
+				'panel_adminmail_defname' => array(
+					'label' => $lng['serversettings']['adminmail_defname'],
+					'settinggroup' => 'panel',
+					'varname' => 'adminmail_defname',
+					'type' => 'string',
+					'default' => 'Froxlor Administrator',
+					'save_method' => 'storeSettingField',
+					),
+				'panel_adminmail_return' => array(
+					'label' => $lng['serversettings']['adminmail_return'],
+					'settinggroup' => 'panel',
+					'varname' => 'adminmail_return',
+					'type' => 'string',
+					'string_type' => 'mail',
+					'string_emptyallowed' => true,
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					),
 				'panel_decimal_places' => array(
 					'label' => $lng['serversettings']['decimal_places'],
 					'settinggroup' => 'panel',

actions/admin/settings/110.accounts.php

@@ -54,6 +54,23 @@ return array(
 					'default' => 900,
 					'save_method' => 'storeSettingField',
 					),
+				'panel_password_min_length' => array(
+					'label' => $lng['serversettings']['panel_password_min_length'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_min_length',
+					'type' => 'int',
+					'default' => 0,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_regex' => array(
+					'label' => $lng['serversettings']['panel_password_regex'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_regex',
+					'type' => 'string',
+					'default' => '',
+					/* 'plausibility_check_method' => 'checkValidRegEx', */
+					'save_method' => 'storeSettingField',
+					),
 				'customer_accountprefix' => array(
 					'label' => $lng['serversettings']['accountprefix'],
 					'settinggroup' => 'customer',

actions/admin/settings/120.system.php

@@ -58,6 +58,22 @@ return array(
 					'default' => '',
 					'save_method' => 'storeSettingHostname',
 					),
+				'system_froxlordirectlyviahostname' => array(
+					'label' => $lng['serversettings']['froxlordirectlyviahostname'],
+					'settinggroup' => 'system',
+					'varname' => 'froxlordirectlyviahostname',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'system_stdsubdomain' => array(
+					'label' => $lng['serversettings']['stdsubdomainhost'],
+					'settinggroup' => 'system',
+					'varname' => 'stdsubdomain',
+					'type' => 'string',
+					'default' => '',
+					'save_method' => 'storeSettingHostname',
+					),
 				'system_mysql_access_host' => array(
 					'label' => $lng['serversettings']['mysql_access_host'],
 					'settinggroup' => 'system',
@@ -85,17 +101,13 @@ return array(
 					'default' => 'html',
 					'save_method' => 'storeSettingField',
 					),
-				'system_httpuser' => array(
+				'system_store_index_file_subs' => array(
+					'label' => $lng['serversettings']['system_store_index_file_subs'],
 					'settinggroup' => 'system',
-					'varname' => 'httpuser',
+					'varname' => 'store_index_file_subs',
-					'type' => 'hidden',
+					'type' => 'bool',
-					'default' => 'www-data',
+					'default' => true,
-					),
+					'save_method' => 'storeSettingField',
-				'system_httpgroup' => array(
-					'settinggroup' => 'system',
-					'varname' => 'httpgroup',
-					'type' => 'hidden',
-					'default' => 'www-data',
 					),
 				'system_debug_cron' => array(
 					'label' => $lng['serversettings']['cron']['debug'],

actions/admin/settings/130.webserver.php

@@ -31,6 +31,23 @@ return array(
 					'option_mode' => 'one',
 					'option_options' => array('apache2' => 'Apache 2', 'lighttpd' => 'ligHTTPd'),
 					'save_method' => 'storeSettingField',
+					'overview_option' => true
+					),
+				'system_httpuser' => array(
+					'label' => $lng['admin']['webserver_user'],
+					'settinggroup' => 'system',
+					'varname' => 'httpuser',
+					'type' => 'string',
+					'default' => 'www-data',
+					'save_method' => 'storeSettingField',
+					),
+				'system_httpgroup' => array(
+					'label' => $lng['admin']['webserver_group'],
+					'settinggroup' => 'system',
+					'varname' => 'httpgroup',
+					'type' => 'string',
+					'default' => 'www-data',
+					'save_method' => 'storeSettingField',
 					),
 				'system_apacheconf_vhost' => array(
 					'label' => $lng['serversettings']['apacheconf_vhost'],
@@ -111,6 +128,64 @@ return array(
 					'default' => '',
 					'save_method' => 'storeSettingField',
 					),
+				'defaultwebsrverrhandler_enabled' => array(
+					'label' => $lng['serversettings']['defaultwebsrverrhandler_enabled'],
+					'settinggroup' => 'defaultwebsrverrhandler',
+					'varname' => 'enabled',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'defaultwebsrverrhandler_err401' => array(
+					'label' => $lng['serversettings']['defaultwebsrverrhandler_err401'],
+					'settinggroup' => 'defaultwebsrverrhandler',
+					'varname' => 'err401',
+					'type' => 'string',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					),
+				'defaultwebsrverrhandler_err403' => array(
+					'label' => $lng['serversettings']['defaultwebsrverrhandler_err403'],
+					'settinggroup' => 'defaultwebsrverrhandler',
+					'varname' => 'err403',
+					'type' => 'string',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					),
+				'defaultwebsrverrhandler_err404' => array(
+					'label' => $lng['serversettings']['defaultwebsrverrhandler_err404'],
+					'settinggroup' => 'defaultwebsrverrhandler',
+					'varname' => 'err404',
+					'type' => 'string',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					),
+				'defaultwebsrverrhandler_err500' => array(
+					'label' => $lng['serversettings']['defaultwebsrverrhandler_err500'],
+					'settinggroup' => 'defaultwebsrverrhandler',
+					'varname' => 'err500',
+					'type' => 'string',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					),
+				'customredirect_enabled' => array(
+					'label' => $lng['serversettings']['customredirect_enabled'],
+					'settinggroup' => 'customredirect',
+					'varname' => 'enabled',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'customredirect_default' => array(
+					'label' => $lng['serversettings']['customredirect_default'],
+					'settinggroup' => 'customredirect',
+					'varname' => 'default',
+					'type' => 'option',
+					'default' => '1',
+					'option_mode' => 'one',
+					'option_options_method' => 'getRedirectCodes',
+					'save_method' => 'storeSettingField',
+					),
 				),
 			),
 		'ssl' => array(

actions/admin/settings/135.fcgid.php

@@ -0,0 +1,125 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ * @version    $Id$
+ */
+
+return array(
+	'groups' => array(
+		'fcgid' => array(
+			'title' => $lng['admin']['fcgid_settings'],
+			'fields' => array(
+				'system_mod_fcgid_enabled' => array(
+					'label' => $lng['serversettings']['mod_fcgid'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'overview_option' => true
+					),
+				'system_mod_fcgid_enabled_ownvhost' => array(
+					'label' => $lng['serversettings']['mod_fcgid_ownvhost'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_ownvhost',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'system_mod_fcgid_httpuser' => array(
+					'label' => $lng['admin']['mod_fcgid_user'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_httpuser',
+					'type' => 'string',
+					'default' => 'froxlorlocal',
+					'save_method' => 'storeSettingField',
+					),
+				'system_mod_fcgid_httpgroup' => array(
+					'label' => $lng['admin']['mod_fcgid_group'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_httpgroup',
+					'type' => 'string',
+					'default' => 'froxlorlocal',
+					'save_method' => 'storeSettingField',
+					),					
+				'system_mod_fcgid_configdir' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['configdir'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_configdir',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => '/var/www/php-fcgi-scripts/',
+					'save_method' => 'storeSettingField',
+					),
+				'system_mod_fcgid_tmpdir' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['tmpdir'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_tmpdir',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => '/var/customers/tmp/',
+					'save_method' => 'storeSettingField',
+					),
+				'system_mod_fcgid_peardir' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['peardir'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_peardir',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'string_delimiter' => ':',
+					'string_emptyallowed' => true,
+					'default' => '/usr/share/php/:/usr/share/php5/',
+					'save_method' => 'storeSettingField',
+					),
+				'system_mod_fcgid_wrapper' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['wrapper'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_wrapper',
+					'type' => 'option',
+					'option_options' => array(0 => 'ScriptAlias', 1=> 'FCGIWrapper'),
+					'default' => 1,
+					'save_method' => 'storeSettingField',
+					),
+				'system_mod_fcgid_starter' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['starter'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_starter',
+					'type' => 'int',
+					'default' => 0,
+					'save_method' => 'storeSettingField',
+					),
+				'system_mod_fcgid_maxrequests' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['maxrequests'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_maxrequests',
+					'type' => 'int',
+					'default' => 250,
+					'save_method' => 'storeSettingField',
+					),
+				'system_mod_fcgid_defaultini' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['defaultini'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_defaultini',
+					'type' => 'option',
+					'default' => '1',
+					'option_mode' => 'one',
+					'option_options_method' => 'getPhpConfigs',
+					'save_method' => 'storeSettingField',
+					),
+				),
+			),
+		),
+	);
+
+?>

actions/admin/settings/137.perl.php

@@ -0,0 +1,52 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ * @version    $Id$
+ */
+
+return array(
+	'groups' => array(
+		'perl' => array(
+			'title' => $lng['admin']['perl_settings'],
+			'fields' => array(
+				'perl_path' => array(
+					'label' => $lng['serversettings']['perl_path'],
+					'settinggroup' => 'system',
+					'varname' => 'perl_path',
+					'type' => 'string',
+					'default' => '/usr/bin/perl',
+					'save_method' => 'storeSettingField',
+					),	
+				'system_perl_suexecworkaround' => array(
+					'label' => $lng['serversettings']['perl']['suexecworkaround'],
+					'settinggroup' => 'perl',
+					'varname' => 'suexecworkaround',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'system_perl_suexeccgipath' => array(
+					'label' => $lng['serversettings']['perl']['suexeccgipath'],
+					'settinggroup' => 'perl',
+					'varname' => 'suexecpath',
+					'type' => 'string',
+					'default' => '/var/www/cgi-bin/',
+					'save_method' => 'storeSettingField',
+					),
+				),
+			),
+		),
+	);
+
+?>

actions/admin/settings/140.statistics.php

@@ -40,45 +40,36 @@ return array(
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
-				'system_awstats_domain_file' => array(
-					'label' => $lng['serversettings']['awstats_domain_file'],
-					'settinggroup' => 'system',
-					'varname' => 'awstats_domain_file',
-					'type' => 'string',
-					'string_type' => 'dir',
-					'default' => '/etc/awstats/',
-					'save_method' => 'storeSettingField',
-					),
-				'system_awstats_model_file' => array(
-					'label' => $lng['serversettings']['awstats_model_file'],
-					'settinggroup' => 'system',
-					'varname' => 'awstats_model_file',
-					'type' => 'string',
-					'string_type' => 'file',
-					'default' => '/etc/awstats/awstats.model.conf.syscp',
-					'save_method' => 'storeSettingField',
-					),
 				'system_awstats_path' => array(
 					'label' => $lng['serversettings']['awstats_path'],
 					'settinggroup' => 'system',
 					'varname' => 'awstats_path',
 					'type' => 'string',
 					'string_type' => 'dir',
-					'default' => '/usr/share/awstats/VERSION/webroot/cgi-bin/',
+					'default' => '/usr/bin/',
 					'save_method' => 'storeSettingField',
 					),
-				'system_awstats_updateall_command' => array(
+				'system_awstats_awstatspath' => array(
-					'label' => $lng['serversettings']['awstats_updateall_command'],
+					'label' => $lng['serversettings']['awstats_awstatspath'],
 					'settinggroup' => 'system',
-					'varname' => 'awstats_updateall_command',
+					'varname' => 'awstats_awstatspath',
 					'type' => 'string',
-					'string_type' => 'file',
+					'string_type' => 'dir',
-					'default' => '/usr/bin/awstats_updateall.pl',
+					'default' => '/usr/bin/',
 					'save_method' => 'storeSettingField',
 					),
-				),
+				'system_awstats_conf' => array(
-			),
+					'label' => $lng['serversettings']['awstats_conf'],
-		),
+					'settinggroup' => 'system',
+					'varname' => 'awstats_conf',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => '/etc/awstats/',
+					'save_method' => 'storeSettingField',
+					)
+				)
+			)
+		)
 	);
 
 ?>

actions/admin/settings/150.mail.php

@@ -75,7 +75,7 @@ return array(
 					'default' => 100,
 					'save_method' => 'storeSettingField',
 					),
-				'systen_autoresponder_enabled' => array(
+				'system_autoresponder_enabled' => array(
 					'label' => $lng['serversettings']['autoresponder_active'],
 					'settinggroup' => 'autoresponder',
 					'varname' => 'autoresponder_active',
@@ -84,7 +84,7 @@ return array(
 					'cronmodule' => 'froxlor/autoresponder',
 					'save_method' => 'storeSettingField',
 					),
-				'systen_last_autoresponder_run' => array(
+				'system_last_autoresponder_run' => array(
 					'settinggroup' => 'autoresponder',
 					'varname' => 'last_autoresponder_run',
 					'type' => 'hidden',

actions/admin/settings/155.ftpserver.php

@@ -0,0 +1,40 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ * @version    $Id: 220.ftpserver.php 1 2010-04-07 10:00:00Z monotek $
+ */
+
+return array(
+	'groups' => array(
+	'ftpserver' => array(
+			'title' => $lng['admin']['ftpserversettings'],
+			'fields' => array(
+				'ftpserver' => array(
+					'label' => $lng['admin']['ftpserver'],
+					'settinggroup' => 'system',
+					'varname' => 'ftpserver',
+					'type' => 'option',
+					'default' => 'proftpd',
+					'option_mode' => 'one',
+					'option_options' => array('proftpd' => 'Proftpd', 'pureftpd' => 'Pureftpd'),
+					'save_method' => 'storeSettingField',
+				),
+			),
+		),
+	)
+);
+
+?>

actions/admin/settings/160.nameserver.php

@@ -59,6 +59,24 @@ return array(
 					'default' => '',
 					'save_method' => 'storeSettingField',
 					),
+				'system_dns_createmailentry' => array(
+					'label' => $lng['serversettings']['mail_also_with_mxservers'],
+					'settinggroup' => 'system',
+					'varname' => 'dns_createmailentry',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField'
+					),
+				'system_defaultttl' => array(
+					'label' => $lng['serversettings']['defaultttl'],
+					'settinggroup' => 'system',
+					'varname' => 'defaultttl',
+					'type' => 'int',
+					'default' => 604800, /* 1 week */
+					'int_min' => 3600, /* 1 hour */
+					'int_max' => 2147483647, /* integer max */
+					'save_method' => 'storeSettingField',
+					),
 				),
 			),
 		),

actions/admin/settings/170.logger.php

@@ -29,6 +29,7 @@ return array(
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
+					'overview_option' => true
 					),
 				'logger_severity' => array(
 					'label' => $lng['serversettings']['logger']['severity'],

actions/admin/settings/180.dkim.php

@@ -28,7 +28,8 @@ return array(
 					'varname' => 'use_dkim',
 					'type' => 'bool',
 					'default' => false,
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingFieldInsertBindTask',
+					'overview_option' => true
 					),
 				'dkim_prefix' => array(
 					'label' => $lng['dkim']['dkim_prefix'],
@@ -56,6 +57,63 @@ return array(
 					'default' => 'dkim-keys.conf',
 					'save_method' => 'storeSettingField',
 					),
+				'dkim_algorithm' => array(
+					'label' => $lng['dkim']['dkim_algorithm'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_algorithm',
+					'type' => 'option',
+					'default' => 'all',
+					'option_mode' => 'multiple',
+					'option_options' => array('all' => 'All', 'sha1' => 'SHA1', 'sha256' => 'SHA256'),
+					'save_method' => 'storeSettingFieldInsertBindTask',
+					),
+				'dkim_servicetype' => array(
+					'label' => $lng['dkim']['dkim_servicetype'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_servicetype',
+					'type' => 'option',
+					'default' => '0',
+					'option_mode' => 'one',
+					'option_options' => array('0' => 'All', '1' => 'E-Mail'),
+					'save_method' => 'storeSettingFieldInsertBindTask',
+					),
+				'dkim_keylength' => array(
+					'label' => $lng['dkim']['dkim_keylength'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_keylength',
+					'type' => 'option',
+					'default' => '1024',
+					'option_mode' => 'one',
+					'option_options' => array('1024' => '1024 Bit', '2048' => '2048 Bit'),
+					'save_method' => 'storeSettingFieldInsertBindTask',
+					),
+				'dkim_notes' => array(
+					'label' => $lng['dkim']['dkim_notes'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_notes',
+					'type' => 'string',
+					'string_regexp' => '/^[a-z0-9\._]+$/i',
+					'default' => '',
+					'save_method' => 'storeSettingFieldInsertBindTask',
+					),
+				'dkim_add_adsp' => array(
+					'label' => $lng['dkim']['dkim_add_adsp'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_add_adsp',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingFieldInsertBindTask',
+					),
+				'dkim_add_adsppolicy' => array(
+					'label' => $lng['dkim']['dkim_add_adsppolicy'],
+					'settinggroup' => 'dkim',
+					'varname' => 'dkim_add_adsppolicy',
+					'type' => 'option',
+					'default' => '1',
+					'option_mode' => 'one',
+					'option_options' => array('0' => 'Unknown', '1' => 'All', '2' => 'Discardable'),
+					'save_method' => 'storeSettingFieldInsertBindTask',
+					),
 				'dkimrestart_command' => array(
 					'label' => $lng['dkim']['dkimrestart_command'],
 					'settinggroup' => 'dkim',

actions/admin/settings/185.spf.php

@@ -26,7 +26,8 @@ return array(
 					'varname' => 'use_spf',
 					'type' => 'bool',
 					'default' => false,
-					'save_method' => 'storeSettingField'
+					'save_method' => 'storeSettingField',
+					'overview_option' => true
 					),
 				'spf_entry' => array(
 					'label' => $lng['spf']['spf_entry'],

actions/admin/settings/190.ticket.php

@@ -30,6 +30,7 @@ return array(
 					'default' => false,
 					'cronmodule' => 'froxlor/ticket',
 					'save_method' => 'storeSettingField',
+					'overview_option' => true
 					),
 				'ticket_noreply_email' => array(
 					'label' => $lng['serversettings']['ticket']['noreply_email'],
@@ -124,6 +125,16 @@ return array(
 					'type' => 'hidden',
 					'default' => '',
 					),
+				'ticket_default_priority' => array(
+					'label' => $lng['serversettings']['ticket']['default_priority'],
+					'settinggroup' => 'ticket',
+					'varname' => 'default_priority',
+					'type' => 'option',
+					'default' => 2,
+					'option_mode' => 'one',
+					'option_options' => array(1 => $lng['ticket']['unf_high'], 2 => $lng['ticket']['unf_normal'], 3 => $lng['ticket']['unf_low']),
+					'save_method' => 'storeSettingField', 
+					),
 				),
 			),
 		)

actions/admin/settings/200.aps.php

@@ -30,6 +30,7 @@ return array(
 					'default' => false,
 					'cronmodule' => 'froxlor/aps',
 					'save_method' => 'storeSettingField',
+					'overview_option' => true
 					),
 				'aps_items_per_page' => array(
 					'label' => $lng['aps']['packages_per_page'],
@@ -58,7 +59,7 @@ return array(
 					'type' => 'option',
 					'default' => '',
 					'option_mode' => 'multiple',
-					'option_options' => array('gd' => 'GD Library', 'pcre' => 'PCRE', 'ioncube' => 'ionCube', 'ioncube loader' => 'ionCube Loader', 'curl' => 'curl', 'mcrypt' => 'mcrypt', 'imap' => 'imap'),
+					'option_options' => array('gd' => 'GD Library', 'pcre' => 'PCRE', 'ioncube' => 'ionCube', 'ioncube loader' => 'ionCube Loader', 'curl' => 'curl', 'mcrypt' => 'mcrypt', 'imap' => 'imap', 'json' => 'json', 'ldap' => 'LDAP', 'hash' => 'hash', 'mbstring' => 'mbstring'),
 					'save_method' => 'storeSettingApsPhpExtensions',
 					),
 				'aps_php-function' => array(

actions/admin/settings/210.security.php

@@ -38,68 +38,6 @@ return array(
 					'default' => true,
 					'save_method' => 'storeSettingField',
 					),
-				'system_mod_fcgid_enabled' => array(
-					'label' => $lng['serversettings']['mod_fcgid'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					),
-				'system_mod_fcgid_configdir' => array(
-					'label' => $lng['serversettings']['mod_fcgid']['configdir'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_configdir',
-					'type' => 'string',
-					'string_type' => 'dir',
-					'default' => '/var/www/php-fcgi-scripts/',
-					'save_method' => 'storeSettingField',
-					),
-				'system_mod_fcgid_tmpdir' => array(
-					'label' => $lng['serversettings']['mod_fcgid']['tmpdir'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_tmpdir',
-					'type' => 'string',
-					'string_type' => 'dir',
-					'default' => '/var/customers/tmp/',
-					'save_method' => 'storeSettingField',
-					),
-				'system_mod_fcgid_peardir' => array(
-					'label' => $lng['serversettings']['mod_fcgid']['peardir'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_peardir',
-					'type' => 'string',
-					'string_type' => 'dir',
-					'string_delimiter' => ':',
-					'string_emptyallowed' => true,
-					'default' => '/usr/share/php/:/usr/share/php5/',
-					'save_method' => 'storeSettingField',
-					),
-				'system_mod_fcgid_wrapper' => array(
-					'label' => $lng['serversettings']['mod_fcgid']['wrapper'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_wrapper',
-					'type' => 'option',
-					'option_options' => array(0 => 'ScriptAlias', 1=> 'FCGIWrapper'),
-					'default' => 0,
-					'save_method' => 'storeSettingField',
-					),
-				'system_mod_fcgid_starter' => array(
-					'label' => $lng['serversettings']['mod_fcgid']['starter'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_starter',
-					'type' => 'int',
-					'default' => 0,
-					'save_method' => 'storeSettingField',
-					),
-				'system_mod_fcgid_maxrequests' => array(
-					'label' => $lng['serversettings']['mod_fcgid']['maxrequests'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_maxrequests',
-					'type' => 'int',
-					'default' => 250,
-					'save_method' => 'storeSettingField',
-					),
 				),
 			),
 		),

admin_admins.php

@@ -63,6 +63,8 @@ if($page == 'admins'
 			'email_forwarders_used' => $lng['customer']['forwarders'] . ' (' . $lng['panel']['used'] . ')',
 			'email_quota' => $lng['customer']['email_quota'],
 			'email_quota_used' => $lng['customer']['email_quota'] . ' (' . $lng['panel']['used'] . ')',
+			'email_autoresponder' => $lng['customer']['autoresponder'],
+			'email_autoresponder_used' => $lng['customer']['autoresponder'] . ' (' . $lng['panel']['used'] . ')',
 			'deactivated' => $lng['admin']['deactivated']
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_ADMINS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
@@ -84,7 +86,7 @@ if($page == 'admins'
 				$row['traffic'] = round($row['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
 				$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
 				$row['diskspace'] = round($row['diskspace'] / 1024, $settings['panel']['decimal_places']);
-				$row = str_replace_array('-1', 'UL', $row, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps subdomains tickets');
+				$row = str_replace_array('-1', 'UL', $row, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps subdomains tickets');
 				$row = htmlentities_array($row);
 				eval("\$admins.=\"" . getTemplate("admins/admins_admin") . "\";");
 				$count++;
@@ -93,6 +95,7 @@ if($page == 'admins'
 			$i++;
 		}
 
+		$admincount = $db->num_rows($result);
 		eval("echo \"" . getTemplate("admins/admins") . "\";");
 	}
 	elseif($action == 'su')
@@ -154,6 +157,7 @@ if($page == 'admins'
 
 			$loginname = validate($_POST['loginname'], 'loginname');
 			$password = validate($_POST['admin_password'], 'password');
+			$password = validatePassword($password);
 			$def_language = validate($_POST['def_language'], 'default language');
 			$customers = intval_ressource($_POST['customers']);
 
@@ -211,6 +215,20 @@ if($page == 'admins'
 				$email_quota = - 1;
 			}
 
+			if($settings['autoresponder']['autoresponder_active'] == '1')
+			{
+				$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
+
+				if(isset($_POST['email_autoresponder_ul']))
+				{
+					$email_autoresponder = - 1;
+				}
+			}
+			else
+			{
+				$email_autoresponder = 0;
+			}
+
 			$ftps = intval_ressource($_POST['ftps']);
 
 			if(isset($_POST['ftps_ul']))
@@ -218,12 +236,18 @@ if($page == 'admins'
 				$ftps = - 1;
 			}
 
-			$tickets = intval_ressource($_POST['tickets']);
+			if($settings['ticket']['enabled'] == 1)
-
-			if(isset($_POST['tickets_ul'])
-			   && $settings['ticket']['enabled'] == '1')
 			{
-				$tickets = - 1;
+				$tickets = intval_ressource($_POST['tickets']);
+
+				if(isset($_POST['tickets_ul']))
+				{
+					$tickets = - 1;
+				}
+			}
+			else
+			{
+				$tickets = 0;
 			}
 
 			$mysqls = intval_ressource($_POST['mysqls']);
@@ -336,8 +360,8 @@ if($page == 'admins'
 					$change_serversettings = '0';
 				}
 
-				$result = $db->query("INSERT INTO `" . TABLE_PANEL_ADMINS . "` (`loginname`, `password`, `name`, `email`, `def_language`, `change_serversettings`, `customers`, `customers_see_all`, `domains`, `domains_see_all`, `caneditphpsettings`, `diskspace`, `traffic`, `subdomains`, `emails`, `email_accounts`, `email_forwarders`, `email_quota`, `ftps`, `tickets`, `mysqls`, `ip`, `can_manage_aps_packages`, `aps_packages`)
+				$result = $db->query("INSERT INTO `" . TABLE_PANEL_ADMINS . "` (`loginname`, `password`, `name`, `email`, `def_language`, `change_serversettings`, `customers`, `customers_see_all`, `domains`, `domains_see_all`, `caneditphpsettings`, `diskspace`, `traffic`, `subdomains`, `emails`, `email_accounts`, `email_forwarders`, `email_quota`, `ftps`, `tickets`, `mysqls`, `ip`, `can_manage_aps_packages`, `aps_packages`, `email_autoresponder`)
-					                   VALUES ('" . $db->escape($loginname) . "', '" . md5($password) . "', '" . $db->escape($name) . "', '" . $db->escape($email) . "','" . $db->escape($def_language) . "', '" . $db->escape($change_serversettings) . "', '" . $db->escape($customers) . "', '" . $db->escape($customers_see_all) . "', '" . $db->escape($domains) . "', '" . $db->escape($domains_see_all) . "', '" . (int)$caneditphpsettings . "', '" . $db->escape($diskspace) . "', '" . $db->escape($traffic) . "', '" . $db->escape($subdomains) . "', '" . $db->escape($emails) . "', '" . $db->escape($email_accounts) . "', '" . $db->escape($email_forwarders) . "', '" . $db->escape($email_quota) . "', '" . $db->escape($ftps) . "', '" . $db->escape($tickets) . "', '" . $db->escape($mysqls) . "', '" . (int)$ipaddress . "', " . (int)$can_manage_aps_packages . ", " . (int)$number_of_aps_packages . ")");
+					                   VALUES ('" . $db->escape($loginname) . "', '" . md5($password) . "', '" . $db->escape($name) . "', '" . $db->escape($email) . "','" . $db->escape($def_language) . "', '" . $db->escape($change_serversettings) . "', '" . $db->escape($customers) . "', '" . $db->escape($customers_see_all) . "', '" . $db->escape($domains) . "', '" . $db->escape($domains_see_all) . "', '" . (int)$caneditphpsettings . "', '" . $db->escape($diskspace) . "', '" . $db->escape($traffic) . "', '" . $db->escape($subdomains) . "', '" . $db->escape($emails) . "', '" . $db->escape($email_accounts) . "', '" . $db->escape($email_forwarders) . "', '" . $db->escape($email_quota) . "', '" . $db->escape($ftps) . "', '" . $db->escape($tickets) . "', '" . $db->escape($mysqls) . "', '" . (int)$ipaddress . "', " . (int)$can_manage_aps_packages . ", " . (int)$number_of_aps_packages . ", " . $db->escape($email_autoresponder) . ")");
 				$adminid = $db->insert_id();
 				$log->logAction(ADM_ACTION, LOG_INFO, "added admin '" . $loginname . "'");
 				redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -379,6 +403,7 @@ if($page == 'admins'
 			$email_accounts_ul = makecheckbox('email_accounts_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$email_forwarders_ul = makecheckbox('email_forwarders_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$email_quota_ul = makecheckbox('email_quota_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+			$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
@@ -417,6 +442,7 @@ if($page == 'admins'
 					$email_accounts = $result['email_accounts'];
 					$email_forwarders = $result['email_forwarders'];
 					$email_quota = $result['email_quota'];
+					$email_autoresponder = $result['email_autoresponder'];
 					$ftps = $result['ftps'];
 					$tickets = $result['tickets'];
 					$mysqls = $result['mysqls'];
@@ -491,18 +517,39 @@ if($page == 'admins'
 						$email_quota = - 1;
 					}
 
+					if($settings['autoresponder']['autoresponder_active'] == '1')
+					{
+						$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
+
+						if(isset($_POST['email_autoresponder_ul']))
+						{
+							$email_autoresponder = - 1;
+						}
+					}
+					else
+					{
+						$email_autoresponder = 0;
+					}
+
 					$ftps = intval_ressource($_POST['ftps']);
 
 					if(isset($_POST['ftps_ul']))
 					{
 						$ftps = - 1;
 					}
-
+					
-					$tickets = intval_ressource($_POST['tickets']);
+					if($settings['ticket']['enabled'] == 1)
-
-					if(isset($_POST['tickets_ul']))
 					{
-						$tickets = - 1;
+						$tickets = intval_ressource($_POST['tickets']);
+
+						if(isset($_POST['tickets_ul']))
+						{
+							$tickets = - 1;
+						}
+					}
+					else
+					{
+						$tickets = 0;
 					}
 
 					$mysqls = intval_ressource($_POST['mysqls']);
@@ -560,6 +607,7 @@ if($page == 'admins'
 				{
 					if($password != '')
 					{
+						$password = validatePassword($password);
 						$password = md5($password);
 					}
 					else
@@ -592,7 +640,7 @@ if($page == 'admins'
 						$change_serversettings = '0';
 					}
 
-					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `name`='" . $db->escape($name) . "', `email`='" . $db->escape($email) . "', `def_language`='" . $db->escape($def_language) . "', `change_serversettings` = '" . $db->escape($change_serversettings) . "', `customers` = '" . $db->escape($customers) . "', `customers_see_all` = '" . $db->escape($customers_see_all) . "', `domains` = '" . $db->escape($domains) . "', `domains_see_all` = '" . $db->escape($domains_see_all) . "', `caneditphpsettings` = '" . (int)$caneditphpsettings . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `email_quota`='" . $db->escape($email_quota) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `ip`='" . (int)$ipaddress . "', `deactivated`='" . $db->escape($deactivated) . "', `can_manage_aps_packages`=" . (int)$can_manage_aps_packages . ", `aps_packages`=" . (int)$number_of_aps_packages . " WHERE `adminid`='" . $db->escape($id) . "'");
+					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `name`='" . $db->escape($name) . "', `email`='" . $db->escape($email) . "', `def_language`='" . $db->escape($def_language) . "', `change_serversettings` = '" . $db->escape($change_serversettings) . "', `customers` = '" . $db->escape($customers) . "', `customers_see_all` = '" . $db->escape($customers_see_all) . "', `domains` = '" . $db->escape($domains) . "', `domains_see_all` = '" . $db->escape($domains_see_all) . "', `caneditphpsettings` = '" . (int)$caneditphpsettings . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `email_quota`='" . $db->escape($email_quota) . "', `email_autoresponder`='" . $db->escape($email_autoresponder) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `ip`='" . (int)$ipaddress . "', `deactivated`='" . $db->escape($deactivated) . "', `can_manage_aps_packages`=" . (int)$can_manage_aps_packages . ", `aps_packages`=" . (int)$number_of_aps_packages . " WHERE `adminid`='" . $db->escape($id) . "'");
 					$log->logAction(ADM_ACTION, LOG_INFO, "edited admin '#" . $id . "'");
 					$redirect_props = Array(
 						'page' => $page,
@@ -670,6 +718,13 @@ if($page == 'admins'
 					$result['email_quota'] = '';
 				}
 
+				$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, $result['email_autoresponder'], true, true);
+
+				if($result['email_autoresponder'] == '-1')
+				{
+					$result['email_autoresponder'] = '';
+				}
+
 				$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, $result['ftps'], true, true);
 
 				if($result['ftps'] == '-1')

admin_configfiles.php

@@ -95,9 +95,9 @@ if($userinfo['change_serversettings'] == '1')
 			'<VIRTUAL_MAILBOX_BASE>' => $settings['system']['vmail_homedir'],
 			'<VIRTUAL_UID_MAPS>' => $settings['system']['vmail_uid'],
 			'<VIRTUAL_GID_MAPS>' => $settings['system']['vmail_gid'],
-			'<AWSTATS_PATH>' => $settings['system']['awstats_path'],
 			'<SSLPROTOCOLS>' => ($settings['system']['use_ssl'] == '1') ? 'imaps pop3s' : '',
-			'<REALTIME_PORT>' => $settings['system']['realtime_port']
+			'<REALTIME_PORT>' => $settings['system']['realtime_port'],
+			'<CUSTOMER_TMP>' => ($settings['system']['mod_fcgid_tmpdir'] != '') ? makeCorrectDir($settings['system']['mod_fcgid_tmpdir']) : '/tmp/'
 		);
 		$files = '';
 		$configpage = '';
@@ -110,6 +110,7 @@ if($userinfo['change_serversettings'] == '1')
 				if(is_array($value))
 				{
 					$commands = implode("\n", $value);
+					$commands = str_replace("\n\n", "\n", $commands);
 
 					if($commands != '')
 					{

admin_cronjobs.php

@@ -75,12 +75,6 @@ if($page == 'cronjobs'
 				
 				$description = $lng['crondesc'][$row['desc_lng_key']];
 				
-				/*
-				 * don't allow deletion of 'froxlor' cronjobs
-				 */
-				$vendor_a = explode('/', $row['module']);
-				$vendor = $vendor_a[0];
-				
 				eval("\$crons.=\"" . getTemplate("cronjobs/cronjobs_cronjob") . "\";");
 				$count++;
 			}
@@ -94,21 +88,68 @@ if($page == 'cronjobs'
 	elseif($action == 'new')
 	{
 		/*
-		 * @TODO Finish me
+		 * @TODO later
 		 */
 	}
 	elseif($action == 'edit'
 	&& $id != 0)
 	{
-		/*
+		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_CRONRUNS . "` WHERE `id`='" . (int)$id . "'");
-		 * @TODO Finish me
+		
-		 */
+		if ($result['cronfile'] != '')
+		{
+			if(isset($_POST['send'])
+			   && $_POST['send'] == 'send')
+			{
+				$isactive = intval($_POST['isactive']);
+				$interval_value = validate($_POST['interval_value'], 'interval_value', '/^([0-9]+)$/Di', 'stringisempty');
+				$interval_interval = validate($_POST['interval_interval'], 'interval_interval');
+				
+				if($isactive != 1)
+				{
+					$isactive = 0;
+				}
+				
+				$interval = $interval_value.' '.strtoupper($interval_interval);
+				
+				$db->query("UPDATE `" . TABLE_PANEL_CRONRUNS . "` 
+							SET `isactive` = '".(int)$isactive."',
+							`interval` = '".$interval."'
+							WHERE `id` = '" . (int)$id . "'");
+
+				redirectTo($filename, Array('page' => $page, 's' => $s));
+			}
+			else
+			{
+				$isactive = makeyesno('isactive', '1', '0', $result['isactive']);
+				// interval
+				$interval_nfo = explode(' ', $result['interval']);
+				$interval_value = $interval_nfo[0];
+
+				$interval_interval = '';
+				$interval_interval.= makeoption($lng['cronmgmt']['seconds'], 'SECOND', $interval_nfo[1]);
+				$interval_interval.= makeoption($lng['cronmgmt']['minutes'], 'MINUTE', $interval_nfo[1]);
+				$interval_interval.= makeoption($lng['cronmgmt']['hours'], 'HOUR', $interval_nfo[1]);
+				$interval_interval.= makeoption($lng['cronmgmt']['days'], 'DAY', $interval_nfo[1]);
+				$interval_interval.= makeoption($lng['cronmgmt']['weeks'], 'WEEK', $interval_nfo[1]);
+				$interval_interval.= makeoption($lng['cronmgmt']['months'], 'MONTH', $interval_nfo[1]);
+				// end of interval
+				
+				$change_cronfile = false;
+				if (substr($result['module'], 0, strpos($result['module'], '/')) != 'froxlor')
+				{
+					$change_cronfile = true;
+				}
+				
+				eval("echo \"" . getTemplate("cronjobs/cronjob_edit") . "\";");
+			}
+		}
 	}
 	elseif($action == 'delete'
 	&& $id != 0)
 	{
 		/*
-		 * @TODO Finish me
+		 * @TODO later
 		 */
 	}
 }

admin_customers.php

@@ -66,7 +66,9 @@ if($page == 'customers'
 			'c.email_quota' => $lng['customer']['email_quota'],
 			'c.email_quota_used' => $lng['customer']['email_quota'] . ' (' . $lng['panel']['used'] . ')',
 			'c.deactivated' => $lng['admin']['deactivated'],
-			'c.phpenabled' => $lng['admin']['phpenabled']
+			'c.lastlogin_succ' => $lng['admin']['lastlogin_succ'],
+			'c.phpenabled' => $lng['admin']['phpenabled'],
+			'c.perlenabled' => $lng['admin']['perlenabled']
 		);
 
 		if($settings['ticket']['enabled'] == 1)
@@ -74,6 +76,12 @@ if($page == 'customers'
 			$fields['c.tickets'] = $lng['customer']['tickets'];
 			$fields['c.tickets_used'] = $lng['customer']['tickets'] . ' (' . $lng['panel']['used'] . ')';
 		}
+		
+		if($settings['autoresponder']['autoresponder_active'] == 1)
+		{
+			$fields['c.email_autoresponder'] = $lng['customer']['autoresponder'];
+			$fields['c.email_autoresponder_used'] = $lng['customer']['autoresponder'] . ' (' . $lng['panel']['used'] . ')';			
+		}
 
 		$paging = new paging($userinfo, $db, TABLE_PANEL_CUSTOMERS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 		$customers = '';
@@ -96,7 +104,16 @@ if($page == 'customers'
 				$row['traffic'] = round($row['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
 				$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
 				$row['diskspace'] = round($row['diskspace'] / 1024, $settings['panel']['decimal_places']);
-				$row = str_replace_array('-1', 'UL', $row, 'diskspace traffic mysqls emails email_accounts email_forwarders ftps tickets subdomains');
+				$last_login = ((int)$row['lastlogin_succ'] == 0) ? $lng['panel']['neverloggedin'] : date('d.m.Y', $row['lastlogin_succ']);
+
+				$column_style = '';
+				if($row['loginfail_count'] >= $settings['login']['maxloginattempts']
+					&& $row['lastlogin_fail'] > (time() - $settings['login']['deactivatetime'])
+				) {
+					$column_style = ' style="background-color: #f99122;"';
+				}
+
+				$row = str_replace_array('-1', 'UL', $row, 'diskspace traffic mysqls emails email_accounts email_forwarders ftps tickets subdomains email_autoresponder');
 				$row = htmlentities_array($row);
 				eval("\$customers.=\"" . getTemplate("customers/customers_customer") . "\";");
 				$count++;
@@ -105,6 +122,7 @@ if($page == 'customers'
 			$i++;
 		}
 
+		$customercount = $db->num_rows($result);
 		eval("echo \"" . getTemplate("customers/customers") . "\";");
 	}
 	elseif($action == 'su'
@@ -174,9 +192,34 @@ if($page == 'customers'
 				$db->query("DELETE FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE `customerid`='" . (int)$id . "'");
 				$db->query("DELETE FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid`='" . (int)$id . "'");
 				$db->query("DELETE FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid`='" . (int)$id . "'");
+				$result2 = $db->query("SELECT `username` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$id . "'");
+				while($row = $db->fetch_array($result2))
+				{
+					$db->query("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name`='" . $row['username'] . "'");
+				}
 				$db->query("DELETE FROM `" . TABLE_FTP_GROUPS . "` WHERE `customerid`='" . (int)$id . "'");
 				$db->query("DELETE FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$id . "'");
 				$db->query("DELETE FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid`='" . (int)$id . "'");
+
+				// Delete all waiting "create user" -tasks for this user, #276
+				// Note: the WHERE selects part of a serialized array, but it should be safe this way
+				$db->query("DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '2' AND `data` LIKE '%:\"" . $db->escape($result['loginname']) . "\";%';");
+
+				// remove everything APS-related, #216
+				$apsresult = $db->query("SELECT `ID` FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID`='".(int)$id."'");
+				while($apsrow = $db->fetch_array($apsresult))
+				{
+					// remove all package related settings
+					$db->query("DELETE FROM `".TABLE_APS_SETTINGS."` WHERE `InstanceID` = '".(int)$apsrow['ID']."'");
+					// maybe some leftovers in the tasks
+					$db->query("DELETE FROM `".TABLE_APS_TASKS."` WHERE `InstanceID` = '".(int)$apsrow['ID']."'"); 
+				}
+				// now remove all user instances
+				$db->query("DELETE FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID`='".(int)$id."'");
+				// eventually some temp-setting-leftovers
+				$db->query("DELETE FROM `".TABLE_APS_TEMP_SETTINGS."` WHERE `CustomerID`='".(int)$id."'");
+				// eof APS-related removings, #216
+
 				$admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` - 1 ";
 				$admin_update_query.= ", `domains_used` = `domains_used` - 0" . (int)($domains_deleted - $result['subdomains_used']);
 
@@ -205,6 +248,11 @@ if($page == 'customers'
 					$admin_update_query.= ", `email_quota_used` = `email_quota_used` - 0" . (int)$result['email_quota'];
 				}
 
+				if($result['email_autoresponder'] != '-1')
+				{
+					$admin_update_query.= ", `email_autoresponder` = `email_autoresponder` - 0" . (int)$result['email_autoresponder'];
+				}
+
 				if($result['subdomains'] != '-1')
 				{
 					$admin_update_query.= ", `subdomains_used` = `subdomains_used` - 0" . (int)$result['subdomains'];
@@ -220,6 +268,11 @@ if($page == 'customers'
 					$admin_update_query.= ", `tickets_used` = `tickets_used` - 0" . (int)$result['tickets'];
 				}
 
+				if($result['aps_packages'] != '-1')
+				{
+					$admin_update_query.= ", `aps_packages` = `aps_packages` - 0" . (int)$result['aps_packages'];
+				}
+
 				if(($result['diskspace'] / 1024) != '-1')
 				{
 					$admin_update_query.= ", `diskspace_used` = `diskspace_used` - 0" . (int)$result['diskspace'];
@@ -338,6 +391,20 @@ if($page == 'customers'
 				{
 					$email_quota = - 1;
 				}
+				
+				if($settings['autoresponder']['autoresponder_active'] == '1')
+				{
+					$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
+
+					if(isset($_POST['email_autoresponder_ul']))
+					{
+						$email_autoresponder = - 1;
+					}
+				}
+				else
+				{
+					$email_autoresponder = 0;
+				}
 
 				$email_imap = intval_ressource($_POST['email_imap']);
 				$email_pop3 = intval_ressource($_POST['email_pop3']);
@@ -378,9 +445,12 @@ if($page == 'customers'
 				}
 
 				$createstdsubdomain = intval($_POST['createstdsubdomain']);
-				$password = validate($_POST['customer_password'], 'password');
+				$password = validate($_POST['new_customer_password'], 'password');
+				$password = validatePassword($password);
 				$sendpassword = intval($_POST['sendpassword']);
 				$phpenabled = intval($_POST['phpenabled']);
+				$perlenabled = intval($_POST['perlenabled']);
+				$store_defaultindex = intval($_POST['store_defaultindex']);
 				$diskspace = $diskspace * 1024;
 				$traffic = $traffic * 1024 * 1024;
 
@@ -390,6 +460,7 @@ if($page == 'customers'
 				   || ((($userinfo['email_accounts_used'] + $email_accounts) > $userinfo['email_accounts']) && $userinfo['email_accounts'] != '-1')
 				   || ((($userinfo['email_forwarders_used'] + $email_forwarders) > $userinfo['email_forwarders']) && $userinfo['email_forwarders'] != '-1')
 				   || ((($userinfo['email_quota_used'] + $email_quota) > $userinfo['email_quota']) && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
+				   || ((($userinfo['email_autoresponder_used'] + $email_autoresponder) > $userinfo['email_autoresponder']) && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
 				   || ((($userinfo['ftps_used'] + $ftps) > $userinfo['ftps']) && $userinfo['ftps'] != '-1')
 				   || ((($userinfo['tickets_used'] + $tickets) > $userinfo['tickets']) && $userinfo['tickets'] != '-1')
 				   || ((($userinfo['subdomains_used'] + $subdomains) > $userinfo['subdomains']) && $userinfo['subdomains'] != '-1')
@@ -400,6 +471,7 @@ if($page == 'customers'
 				   || ($email_accounts == '-1' && $userinfo['email_accounts'] != '-1')
 				   || ($email_forwarders == '-1' && $userinfo['email_forwarders'] != '-1')
 				   || ($email_quota == '-1' && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
+				   || ($email_autoresponder == '-1' && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
 				   || ($ftps == '-1' && $userinfo['ftps'] != '-1')
 				   || ($tickets == '-1' && $userinfo['tickets'] != '-1')
 				   || ($subdomains == '-1' && $userinfo['subdomains'] != '-1')
@@ -431,11 +503,11 @@ if($page == 'customers'
 				}
 				else
 				{
-					if(isset($_POST['loginname'])
+					if(isset($_POST['new_loginname'])
-					   && $_POST['loginname'] != '')
+					   && $_POST['new_loginname'] != '')
 					{
 						$accountnumber = intval($settings['system']['lastaccountnumber']);
-						$loginname = validate($_POST['loginname'], 'loginname', '/^[a-z0-9\-_]+$/i');
+						$loginname = validate($_POST['new_loginname'], 'loginname', '/^[a-z0-9\-_]+$/i');
 
 						// Accounts which match systemaccounts are not allowed, filtering them
 
@@ -483,12 +555,17 @@ if($page == 'customers'
 						$phpenabled = '1';
 					}
 
+					if($perlenabled != '0')
+					{
+						$perlenabled = '1';
+					}
+
 					if($password == '')
 					{
 						$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
 					}
 
-					$result = $db->query("INSERT INTO `" . TABLE_PANEL_CUSTOMERS . "` (`adminid`, `loginname`, `password`, `name`, `firstname`, `company`, `street`, `zipcode`, `city`, `phone`, `fax`, `email`, `customernumber`, `def_language`, `documentroot`, `guid`, `diskspace`, `traffic`, `subdomains`, `emails`, `email_accounts`, `email_forwarders`, `email_quota`, `ftps`, `tickets`, `mysqls`, `standardsubdomain`, `phpenabled`, `imap`, `pop3`, `aps_packages`)  VALUES ('" . (int)$userinfo['adminid'] . "', '" . $db->escape($loginname) . "', '" . md5($password) . "', '" . $db->escape($name) . "', '" . $db->escape($firstname) . "', '" . $db->escape($company) . "', '" . $db->escape($street) . "', '" . $db->escape($zipcode) . "', '" . $db->escape($city) . "', '" . $db->escape($phone) . "', '" . $db->escape($fax) . "', '" . $db->escape($email) . "', '" . $db->escape($customernumber) . "','" . $db->escape($def_language) . "', '" . $db->escape($documentroot) . "', '" . $db->escape($guid) . "', '" . $db->escape($diskspace) . "', '" . $db->escape($traffic) . "', '" . $db->escape($subdomains) . "', '" . $db->escape($emails) . "', '" . $db->escape($email_accounts) . "', '" . $db->escape($email_forwarders) . "', '" . $db->escape($email_quota) . "', '" . $db->escape($ftps) . "', '" . $db->escape($tickets) . "', '" . $db->escape($mysqls) . "', '0', '" . $db->escape($phpenabled) . "', '" . $db->escape($email_imap) . "', '" . $db->escape($email_pop3) . "', '" . (int)$number_of_aps_packages . "')");
+					$result = $db->query("INSERT INTO `" . TABLE_PANEL_CUSTOMERS . "` (`adminid`, `loginname`, `password`, `name`, `firstname`, `company`, `street`, `zipcode`, `city`, `phone`, `fax`, `email`, `customernumber`, `def_language`, `documentroot`, `guid`, `diskspace`, `traffic`, `subdomains`, `emails`, `email_accounts`, `email_forwarders`, `email_quota`, `ftps`, `tickets`, `mysqls`, `standardsubdomain`, `phpenabled`, `imap`, `pop3`, `aps_packages`, `perlenabled`, `email_autoresponder`)  VALUES ('" . (int)$userinfo['adminid'] . "', '" . $db->escape($loginname) . "', '" . md5($password) . "', '" . $db->escape($name) . "', '" . $db->escape($firstname) . "', '" . $db->escape($company) . "', '" . $db->escape($street) . "', '" . $db->escape($zipcode) . "', '" . $db->escape($city) . "', '" . $db->escape($phone) . "', '" . $db->escape($fax) . "', '" . $db->escape($email) . "', '" . $db->escape($customernumber) . "','" . $db->escape($def_language) . "', '" . $db->escape($documentroot) . "', '" . $db->escape($guid) . "', '" . $db->escape($diskspace) . "', '" . $db->escape($traffic) . "', '" . $db->escape($subdomains) . "', '" . $db->escape($emails) . "', '" . $db->escape($email_accounts) . "', '" . $db->escape($email_forwarders) . "', '" . $db->escape($email_quota) . "', '" . $db->escape($ftps) . "', '" . $db->escape($tickets) . "', '" . $db->escape($mysqls) . "', '0', '" . $db->escape($phpenabled) . "', '" . $db->escape($email_imap) . "', '" . $db->escape($email_pop3) . "', '" . (int)$number_of_aps_packages . "', '" . $db->escape($perlenabled) . "', '" . $db->escape($email_autoresponder) . "')");
 					$customerid = $db->insert_id();
 					$admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` + 1";
 
@@ -517,6 +594,12 @@ if($page == 'customers'
 						$admin_update_query.= ", `email_quota_used` = `email_quota_used` + 0" . (int)$email_quota;
 					}
 
+					if($email_autoresponder != '-1'
+						&& $settings['autoresponder']['autoresponder_active'] == 1)
+					{
+						$admin_update_query.= ", `email_autoresponder_used` = `email_autoresponder_used` + 0" . (int)$email_autoresponder;
+					}
+
 					if($subdomains != '-1')
 					{
 						$admin_update_query.= ", `subdomains_used` = `subdomains_used` + 0" . (int)$subdomains;
@@ -553,7 +636,7 @@ if($page == 'customers'
 					}
 
 					$log->logAction(ADM_ACTION, LOG_INFO, "added user '" . $loginname . "'");
-					inserttask('2', $loginname, $guid, $guid);
+					inserttask('2', $loginname, $guid, $guid, $store_defaultindex);
 
 					// Add htpasswd for the webalizer stats
 
@@ -567,24 +650,37 @@ if($page == 'customers'
 						$htpasswdPassword = crypt($password);
 					}
 
-					$db->query("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` " . "(`customerid`, `username`, `password`, `path`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($htpasswdPassword) . "', '" . $db->escape(makeCorrectDir($documentroot . '/webalizer/')) . "')");
-					$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added webalizer htpasswd for user '" . $loginname . "'");
-
 					if($settings['system']['awstats_enabled'] == '1')
 					{
 						$db->query("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` " . "(`customerid`, `username`, `password`, `path`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($htpasswdPassword) . "', '" . $db->escape(makeCorrectDir($documentroot . '/awstats/')) . "')");
 						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added awstats htpasswd for user '" . $loginname . "'");
 					}
+					else
+					{
+						$db->query("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` " . "(`customerid`, `username`, `password`, `path`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($htpasswdPassword) . "', '" . $db->escape(makeCorrectDir($documentroot . '/webalizer/')) . "')");
+						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added webalizer htpasswd for user '" . $loginname . "'");
+					}
 
 					inserttask('1');
 					$result = $db->query("INSERT INTO `" . TABLE_FTP_USERS . "` " . "(`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', ENCRYPT('" . $db->escape($password) . "'), '" . $db->escape($documentroot) . "', 'y', '" . (int)$guid . "', '" . (int)$guid . "')");
 					$result = $db->query("INSERT INTO `" . TABLE_FTP_GROUPS . "` " . "(`customerid`, `groupname`, `gid`, `members`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($guid) . "', '" . $db->escape($loginname) . "')");
+					$result = $db->query("INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` (`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`) VALUES ('" . $db->escape($loginname) . "', 'user', '0', '0', '0', '0', '0', '0')");
 					$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added ftp-account for user '" . $loginname . "'");
 
 					if($createstdsubdomain == '1')
 					{
+						if (isset($settings['system']['stdsubdomain'])
+							&& $settings['system']['stdsubdomain'] != ''
+						) {
+							$_stdsubdomain = $loginname . '.' . $settings['system']['stdsubdomain'];
+						}
+						else
+						{
+							$_stdsubdomain = $loginname . '.' . $settings['system']['hostname'];
+						}
+
 						$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET " . 
-							"`domain` = '". $db->escape($loginname . '.' . $settings['system']['hostname']) . "', " .
+							"`domain` = '". $db->escape($_stdsubdomain) . "', " .
 							"`customerid` = '" . (int)$customerid . "', " .
 							"`adminid` = '" . (int)$userinfo['adminid'] . "', " . 
 							"`parentdomainid` = '-1', " .
@@ -596,7 +692,8 @@ if($page == 'customers'
 							"`openbasedir` = '1', " .
 							"`safemode` = '1', " .
 							"`speciallogfile` = '0', " .
-							"`specialsettings` = ''");
+							"`specialsettings` = '', " .
+							"`add_date` = '".date('Y-m-d')."'");
 						$domainid = $db->insert_id();
 						$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `standardsubdomain`=\'' . (int)$domainid . '\' WHERE `customerid`=\'' . (int)$customerid . '\'');
 						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added standardsubdomain for user '" . $loginname . "'");
@@ -608,7 +705,6 @@ if($page == 'customers'
 						$replace_arr = array(
 							'FIRSTNAME' => $firstname,
 							'NAME' => $name,
-							'TITLE' => $title,
 							'COMPANY' => $company,
 							'SALUTATION' => getCorrectUserSalutation(array('firstname' => $firstname, 'name' => $name, 'company' => $company)),
 							'USERNAME' => $loginname,
@@ -622,23 +718,22 @@ if($page == 'customers'
 						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'createcustomer_mailbody\'');
 						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['createcustomer']['mailbody']), $replace_arr));
 
-						$mail->From = $userinfo['email'];
+						$_mailerror = false;
-						$mail->FromName = $userinfo['name'];
+						try {
-						$mail->Subject = $mail_subject;
+							$mail->Subject = $mail_subject;
-						$mail->Body = $mail_body;
+							$mail->AltBody = $mail_body;
-						$mail->AddAddress($email, getCorrectUserSalutation(array('firstname' => $firstname, 'name' => $name, 'company' => $company)));
+							$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
-
+							$mail->AddAddress($email, getCorrectUserSalutation(array('firstname' => $firstname, 'name' => $name, 'company' => $company)));
-						if(!$mail->Send())
+							$mail->Send();
-						{
+						} catch(phpmailerException $e) {
-							if($mail->ErrorInfo != '')
+							$mailerr_msg = $e->errorMessage();
-							{
+							$_mailerror = true;
-								$mailerr_msg = $mail->ErrorInfo;
+						} catch (Exception $e) {
-							}
+							$mailerr_msg = $e->getMessage();
-							else
+							$_mailerror = true;
-							{
+						}
-								$mailerr_msg = $email;
-							}
 
+						if ($_mailerror) {
 							$log->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
 							standard_error('errorsendingmail', $email);
 						}
@@ -666,6 +761,7 @@ if($page == 'customers'
 				$email_accounts_ul = makecheckbox('email_accounts_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$email_forwarders_ul = makecheckbox('email_forwarders_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$email_quota_ul = makecheckbox('email_quota_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+				$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
@@ -675,6 +771,8 @@ if($page == 'customers'
 				$email_pop3 = makeyesno('email_pop3', '1', '0', '1');
 				$sendpassword = makeyesno('sendpassword', '1', '0', '1');
 				$phpenabled = makeyesno('phpenabled', '1', '0', '1');
+				$perlenabled = makeyesno('perlenabled', '1', '0', '0');
+				$store_defaultindex = makeyesno('store_defaultindex', '1', '0', '1');
 				eval("echo \"" . getTemplate("customers/customers_add") . "\";");
 			}
 		}
@@ -700,7 +798,7 @@ if($page == 'customers'
 				$email = $idna_convert->encode(validate($_POST['email'], 'email'));
 				$customernumber = validate($_POST['customernumber'], 'customer number', '/^[A-Za-z0-9 \-]*$/Di');
 				$def_language = validate($_POST['def_language'], 'default language');
-				$password = validate($_POST['customer_password'], 'new password');
+				$password = validate($_POST['new_customer_password'], 'new password');
 				$diskspace = intval_ressource($_POST['diskspace']);
 
 				if(isset($_POST['diskspace_ul']))
@@ -757,6 +855,20 @@ if($page == 'customers'
 					$email_quota = - 1;
 				}
 
+				if($settings['autoresponder']['autoresponder_active'] == '1')
+				{
+					$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
+
+					if(isset($_POST['email_autoresponder_ul']))
+					{
+						$email_autoresponder = - 1;
+					}
+				}
+				else
+				{
+					$email_autoresponder = 0;
+				}				
+
 				$email_imap = intval_ressource($_POST['email_imap']);
 				$email_pop3 = intval_ressource($_POST['email_pop3']);
 				$ftps = intval_ressource($_POST['ftps']);
@@ -798,6 +910,7 @@ if($page == 'customers'
 				$createstdsubdomain = intval($_POST['createstdsubdomain']);
 				$deactivated = intval($_POST['deactivated']);
 				$phpenabled = intval($_POST['phpenabled']);
+				$perlenabled = intval($_POST['perlenabled']);
 				$diskspace = $diskspace * 1024;
 				$traffic = $traffic * 1024 * 1024;
 
@@ -807,6 +920,7 @@ if($page == 'customers'
 				   || ((($userinfo['email_accounts_used'] + $email_accounts - $result['email_accounts']) > $userinfo['email_accounts']) && $userinfo['email_accounts'] != '-1')
 				   || ((($userinfo['email_forwarders_used'] + $email_forwarders - $result['email_forwarders']) > $userinfo['email_forwarders']) && $userinfo['email_forwarders'] != '-1')
 				   || ((($userinfo['email_quota_used'] + $email_quota - $result['email_quota']) > $userinfo['email_quota']) && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
+				   || ((($userinfo['email_autoresponder_used'] + $email_autoresponder - $result['email_autoresponder']) > $userinfo['email_autoresponder']) && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
 				   || ((($userinfo['ftps_used'] + $ftps - $result['ftps']) > $userinfo['ftps']) && $userinfo['ftps'] != '-1')
 				   || ((($userinfo['tickets_used'] + $tickets - $result['tickets']) > $userinfo['tickets']) && $userinfo['tickets'] != '-1')
 				   || ((($userinfo['subdomains_used'] + $subdomains - $result['subdomains']) > $userinfo['subdomains']) && $userinfo['subdomains'] != '-1')
@@ -817,6 +931,7 @@ if($page == 'customers'
 				   || ($email_accounts == '-1' && $userinfo['email_accounts'] != '-1')
 				   || ($email_forwarders == '-1' && $userinfo['email_forwarders'] != '-1')
 				   || ($email_quota == '-1' && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
+				   || ($email_autoresponder == '-1' && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
 				   || ($ftps == '-1' && $userinfo['ftps'] != '-1')
 				   || ($tickets == '-1' && $userinfo['tickets'] != '-1')
 				   || ($subdomains == '-1' && $userinfo['subdomains'] != '-1')
@@ -850,6 +965,7 @@ if($page == 'customers'
 				{
 					if($password != '')
 					{
+						$password = validatePassword($password);
 						$password = md5($password);
 					}
 					else
@@ -865,7 +981,17 @@ if($page == 'customers'
 					if($createstdsubdomain == '1'
 					   && $result['standardsubdomain'] == '0')
 					{
-						$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` " . "(`domain`, `customerid`, `adminid`, `parentdomainid`, `ipandport`, `documentroot`, `zonefile`, `isemaildomain`, `caneditdomain`, `openbasedir`, `safemode`, `speciallogfile`, `specialsettings`) " . "VALUES ('" . $db->escape($result['loginname'] . '.' . $settings['system']['hostname']) . "', '" . (int)$result['customerid'] . "', '" . (int)$userinfo['adminid'] . "', '-1', '" . $db->escape($settings['system']['defaultip']) . "', '" . $db->escape($result['documentroot']) . "', '', '0', '0', '1', '1', '0', '')");
+						if (isset($settings['system']['stdsubdomain'])
+							&& $settings['system']['stdsubdomain'] != ''
+						) {
+							$_stdsubdomain = $result['loginname'] . '.' . $settings['system']['stdsubdomain'];
+						}
+						else
+						{
+							$_stdsubdomain = $result['loginname'] . '.' . $settings['system']['hostname'];
+						}
+
+						$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` " . "(`domain`, `customerid`, `adminid`, `parentdomainid`, `ipandport`, `documentroot`, `zonefile`, `isemaildomain`, `caneditdomain`, `openbasedir`, `safemode`, `speciallogfile`, `specialsettings`, `add_date`) " . "VALUES ('" . $db->escape($_stdsubdomain) . "', '" . (int)$result['customerid'] . "', '" . (int)$userinfo['adminid'] . "', '-1', '" . $db->escape($settings['system']['defaultip']) . "', '" . $db->escape($result['documentroot']) . "', '', '0', '0', '1', '1', '0', '', '".date('Y-m-d')."')");
 						$domainid = $db->insert_id();
 						$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `standardsubdomain`=\'' . (int)$domainid . '\' WHERE `customerid`=\'' . (int)$result['customerid'] . '\'');
 						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added standardsubdomain for user '" . $result['loginname'] . "'");
@@ -891,7 +1017,13 @@ if($page == 'customers'
 						$phpenabled = '1';
 					}
 
-					if($phpenabled != $result['phpenabled'])
+					if($perlenabled != '0')
+					{
+						$perlenabled = '1';
+					}
+
+					if($phpenabled != $result['phpenabled']
+						|| $perlenabled != $result['perlenabled'])
 					{
 						inserttask('1');
 					}
@@ -919,7 +1051,7 @@ if($page == 'customers'
 						$db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `imap`='" . (int)$email_imap . "' WHERE `customerid`='" . (int)$id . "'");
 					}
 
-					$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `name`='" . $db->escape($name) . "', `firstname`='" . $db->escape($firstname) . "', `company`='" . $db->escape($company) . "', `street`='" . $db->escape($street) . "', `zipcode`='" . $db->escape($zipcode) . "', `city`='" . $db->escape($city) . "', `phone`='" . $db->escape($phone) . "', `fax`='" . $db->escape($fax) . "', `email`='" . $db->escape($email) . "', `customernumber`='" . $db->escape($customernumber) . "', `def_language`='" . $db->escape($def_language) . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `deactivated`='" . $db->escape($deactivated) . "', `phpenabled`='" . $db->escape($phpenabled) . "', `email_quota`='" . $db->escape($email_quota) . "', `imap`='" . $db->escape($email_imap) . "', `pop3`='" . $db->escape($email_pop3) . "', `aps_packages`='" . (int)$number_of_aps_packages . "' WHERE `customerid`='" . (int)$id . "'");
+					$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `name`='" . $db->escape($name) . "', `firstname`='" . $db->escape($firstname) . "', `company`='" . $db->escape($company) . "', `street`='" . $db->escape($street) . "', `zipcode`='" . $db->escape($zipcode) . "', `city`='" . $db->escape($city) . "', `phone`='" . $db->escape($phone) . "', `fax`='" . $db->escape($fax) . "', `email`='" . $db->escape($email) . "', `customernumber`='" . $db->escape($customernumber) . "', `def_language`='" . $db->escape($def_language) . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `deactivated`='" . $db->escape($deactivated) . "', `phpenabled`='" . $db->escape($phpenabled) . "', `email_quota`='" . $db->escape($email_quota) . "', `imap`='" . $db->escape($email_imap) . "', `pop3`='" . $db->escape($email_pop3) . "', `aps_packages`='" . (int)$number_of_aps_packages . "', `perlenabled`='" . $db->escape($perlenabled) . "', `email_autoresponder`='" . $db->escape($email_autoresponder) . "' WHERE `customerid`='" . (int)$id . "'");
 					$admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` ";
 
 					if($mysqls != '-1'
@@ -1002,6 +1134,22 @@ if($page == 'customers'
 						}
 					}
 
+					if($email_autoresponder != '-1'
+					   || $result['email_autoresponder'] != '-1')
+					{
+						$admin_update_query.= ", `email_autoresponder_used` = `email_autoresponder_used` ";
+
+						if($email_autoresponder != '-1')
+						{
+							$admin_update_query.= " + 0" . (int)$email_autoresponder . " ";
+						}
+
+						if($result['email_autoresponder'] != '-1')
+						{
+							$admin_update_query.= " - 0" . (int)$result['email_autoresponder'] . " ";
+						}
+					}
+
 					if($subdomains != '-1'
 					   || $result['subdomains'] != '-1')
 					{
@@ -1154,6 +1302,13 @@ if($page == 'customers'
 					$result['email_quota'] = '';
 				}
 
+				$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, $result['email_autoresponder'], true, true);
+
+				if($result['email_autoresponder'] == '-1')
+				{
+					$result['email_autoresponder'] = '';
+				}
+
 				$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, $result['ftps'], true, true);
 
 				if($result['ftps'] == '-1')
@@ -1184,6 +1339,7 @@ if($page == 'customers'
 
 				$createstdsubdomain = makeyesno('createstdsubdomain', '1', '0', (($result['standardsubdomain'] != '0') ? '1' : '0'));
 				$phpenabled = makeyesno('phpenabled', '1', '0', $result['phpenabled']);
+				$perlenabled = makeyesno('perlenabled', '1', '0', $result['perlenabled']);
 				$deactivated = makeyesno('deactivated', '1', '0', $result['deactivated']);
 				$email_imap = makeyesno('email_imap', '1', '0', $result['imap']);
 				$email_pop3 = makeyesno('email_pop3', '1', '0', $result['pop3']);

admin_domains.php

@@ -130,6 +130,8 @@ if($page == 'domains'
 			$i++;
 		}
 
+		$domainscount = $db->num_rows($result);
+
 		// Display the list
 
 		eval("echo \"" . getTemplate("domains/domains") . "\";");
@@ -147,7 +149,23 @@ if($page == 'domains'
 			if(isset($_POST['send'])
 			   && $_POST['send'] == 'send')
 			{
-				$query = 'SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` WHERE (`id`="' . (int)$id . '" OR `parentdomainid`="' . (int)$id . '")  AND  `isemaildomain`="1"';
+				/*
+				 * check for APS packages used with this domain, #110
+				 */
+				if(domainHasApsInstances($id))
+				{
+					standard_error('domains_cantdeletedomainwithapsinstances');
+				}
+
+				// check for deletion of main-domains which are logically subdomains, #329
+				$rsd_sql = '';
+				$remove_subbutmain_domains = isset($_POST['delete_userfiles']) ? 1 : 0;
+				if($remove_subbutmain_domains == 1)
+				{
+					$rsd_sql .= ' OR `ismainbutsubto` = "'.(int)$id.'"';
+				}
+
+				$query = 'SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` WHERE (`id`="' . (int)$id . '" OR `parentdomainid`="' . (int)$id . '"'.$rsd_sql.')  AND  `isemaildomain`="1"';
 				$subResult = $db->query($query);
 				$idString = array();
 
@@ -167,11 +185,12 @@ if($page == 'domains'
 					$log->logAction(ADM_ACTION, LOG_NOTICE, "deleted domain/s from mail-tables");
 				}
 
-				$db->query("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `id`='" . (int)$id . "' OR `parentdomainid`='" . (int)$result['id'] . "'");
+				$db->query("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `id`='" . (int)$id . "' OR `parentdomainid`='" . (int)$result['id'] . "'".$rsd_sql);
 				$deleted_domains = (int)$db->affected_rows();
 				$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `subdomains_used` = `subdomains_used` - " . (int)($deleted_domains - 1) . " WHERE `customerid` = '" . (int)$result['customerid'] . "'");
 				$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` - 1 WHERE `adminid` = '" . (int)$userinfo['adminid'] . "'");
 				$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `standardsubdomain`=\'0\' WHERE `standardsubdomain`=\'' . (int)$result['id'] . '\' AND `customerid`=\'' . (int)$result['customerid'] . '\'');
+				$db->query("DELETE FROM `" . TABLE_PANEL_DOMAINREDIRECTS . "` WHERE `did` = '".(int)$id."'");
 				$log->logAction(ADM_ACTION, LOG_INFO, "deleted domain/subdomains (#" . $result['id'] . ")");
 				updateCounters();
 				inserttask('1');
@@ -180,7 +199,12 @@ if($page == 'domains'
 			}
 			else
 			{
-				ask_yesno('admin_domain_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['domain']));
+				$showcheck = false;
+				if(domainHasMainSubDomains($id))
+				{
+					$showcheck = true;
+				}
+				ask_yesno_withcheckbox('admin_domain_reallydelete', 'remove_subbutmain_domains', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['domain']), $showcheck);
 			}
 		}
 	}
@@ -205,6 +229,7 @@ if($page == 'domains'
 				$wwwserveralias = intval($_POST['wwwserveralias']);
 				$speciallogfile = intval($_POST['speciallogfile']);
 				$aliasdomain = intval($_POST['alias']);
+				$issubof = intval($_POST['issubof']);
 				$customerid = intval($_POST['customerid']);
 				$customer = $db->query_first("SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid`='" . (int)$customerid . "' " . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = '" . (int)$userinfo['adminid'] . "' ") . " ");
 
@@ -298,7 +323,7 @@ if($page == 'domains'
 					}
 					else
 					{
-						$phpsettingid = '1';
+						$phpsettingid = $settings['system']['mod_fcgid_defaultini'];
 						$mod_fcgid_starter = '-1';
 						$mod_fcgid_maxrequests = '-1';
 					}
@@ -307,7 +332,7 @@ if($page == 'domains'
 				{
 					$openbasedir = '1';
 					$safemode = '1';
-					$phpsettingid = '1';
+					$phpsettingid = $settings['system']['mod_fcgid_defaultini'];
 					$mod_fcgid_starter = '-1';
 					$mod_fcgid_maxrequests = '-1';
 				}
@@ -359,7 +384,14 @@ if($page == 'domains'
 
 				if(!preg_match('/^https?\:\/\//', $documentroot))
 				{
-					$documentroot = makeCorrectDir($documentroot);
+					if(strstr($documentroot, ":") !== FALSE)
+					{
+						standard_error('pathmaynotcontaincolon');
+					}
+					else
+					{
+						$documentroot = makeCorrectDir($documentroot);
+					}
 				}
 
 				$domain_check = $db->query_first("SELECT `id`, `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain` = '" . $db->escape(strtolower($domain)) . "'");
@@ -369,7 +401,8 @@ if($page == 'domains'
 
 				if($aliasdomain != 0)
 				{
-					$aliasdomain_check = $db->query_first('SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\'');
+					// also check ip/port combination to be the same, #176
+					$aliasdomain_check = $db->query_first('SELECT `d`.`id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\' AND `d`.`ipandport` = \''.(int)$ipandport.'\'');
 				}
 
 				if($openbasedir != '1')
@@ -427,6 +460,11 @@ if($page == 'domains'
 				{
 					$caneditdomain = '0';
 				}
+				
+				if($issubof <= '0')
+				{
+					$issubof = '0';
+				}
 
 				if($domain == '')
 				{
@@ -481,13 +519,15 @@ if($page == 'domains'
 						'mod_fcgid_starter' => $mod_fcgid_starter,
 						'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
 						'specialsettings' => $specialsettings,
-						'registration_date' => $registration_date
+						'registration_date' => $registration_date,
+						'issubof' => $issubof
 					);
 
 					$security_questions = array(
 						'reallydisablesecuritysetting' => (($openbasedir == '0' || $safemode == '0') && $userinfo['change_serversettings'] == '1'),
 						'reallydocrootoutofcustomerroot' => (substr($documentroot, 0, strlen($customer['documentroot'])) != $customer['documentroot'] && !preg_match('/^https?\:\/\//', $documentroot))
 					);
+					$question_nr = 1;
 					foreach($security_questions as $question_name => $question_launch)
 					{
 						if($question_launch !== false)
@@ -497,13 +537,14 @@ if($page == 'domains'
 							if(!isset($_POST[$question_name])
 							   || $_POST[$question_name] != $question_name)
 							{
-								ask_yesno('admin_domain_' . $question_name, $filename, $params);
+								ask_yesno('admin_domain_' . $question_name, $filename, $params, $question_nr);
 								exit;
 							}
 						}
+						$question_nr++;
 					}
 
-					$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` (`domain`, `customerid`, `adminid`, `documentroot`, `ipandport`,`aliasdomain`, `zonefile`, `dkim`, `wwwserveralias`, `isbinddomain`, `isemaildomain`, `email_only`, `subcanemaildomain`, `caneditdomain`, `openbasedir`, `safemode`,`speciallogfile`, `specialsettings`, `ssl`, `ssl_redirect`, `ssl_ipandport`, `add_date`, `registration_date`, `phpsettingid`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`) VALUES ('" . $db->escape($domain) . "', '" . (int)$customerid . "', '" . (int)$adminid . "', '" . $db->escape($documentroot) . "', '" . $db->escape($ipandport) . "', " . (($aliasdomain != 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ", '" . $db->escape($zonefile) . "', '" . $db->escape($dkim) . "', '" . $db->escape($wwwserveralias) . "', '" . $db->escape($isbinddomain) . "', '" . $db->escape($isemaildomain) . "', '" . $db->escape($email_only) . "', '" . $db->escape($subcanemaildomain) . "', '" . $db->escape($caneditdomain) . "', '" . $db->escape($openbasedir) . "', '" . $db->escape($safemode) . "', '" . $db->escape($speciallogfile) . "', '" . $db->escape($specialsettings) . "', '" . $ssl . "', '" . $ssl_redirect . "' , '" . $ssl_ipandport . "', '" . $db->escape(time()) . "', '" . $db->escape($registration_date) . "', '" . (int)$phpsettingid . "', '" . (int)$mod_fcgid_starter . "', '" . (int)$mod_fcgid_maxrequests . "')");
+					$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` (`domain`, `customerid`, `adminid`, `documentroot`, `ipandport`,`aliasdomain`, `zonefile`, `dkim`, `wwwserveralias`, `isbinddomain`, `isemaildomain`, `email_only`, `subcanemaildomain`, `caneditdomain`, `openbasedir`, `safemode`,`speciallogfile`, `specialsettings`, `ssl`, `ssl_redirect`, `ssl_ipandport`, `add_date`, `registration_date`, `phpsettingid`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`, `ismainbutsubto`) VALUES ('" . $db->escape($domain) . "', '" . (int)$customerid . "', '" . (int)$adminid . "', '" . $db->escape($documentroot) . "', '" . $db->escape($ipandport) . "', " . (($aliasdomain != 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ", '" . $db->escape($zonefile) . "', '" . $db->escape($dkim) . "', '" . $db->escape($wwwserveralias) . "', '" . $db->escape($isbinddomain) . "', '" . $db->escape($isemaildomain) . "', '" . $db->escape($email_only) . "', '" . $db->escape($subcanemaildomain) . "', '" . $db->escape($caneditdomain) . "', '" . $db->escape($openbasedir) . "', '" . $db->escape($safemode) . "', '" . $db->escape($speciallogfile) . "', '" . $db->escape($specialsettings) . "', '" . $ssl . "', '" . $ssl_redirect . "' , '" . $ssl_ipandport . "', '" . $db->escape(time()) . "', '" . $db->escape($registration_date) . "', '" . (int)$phpsettingid . "', '" . (int)$mod_fcgid_starter . "', '" . (int)$mod_fcgid_maxrequests . "', '".(int)$issubof."')");
 					$domainid = $db->insert_id();
 					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` + 1 WHERE `adminid` = '" . (int)$adminid . "'");
 					$log->logAction(ADM_ACTION, LOG_INFO, "added domain '" . $domain . "'");
@@ -555,7 +596,7 @@ if($page == 'domains'
 						$row_ipandport['ip'] = '[' . $row_ipandport['ip'] . ']';
 					}
 
-					$ipsandports.= makeoption($row_ipandport['ip'] . ':' . $row_ipandport['port'], $row_ipandport['id']);
+					$ipsandports.= makeoption($row_ipandport['ip'] . ':' . $row_ipandport['port'], $row_ipandport['id'], $settings['system']['defaultip']);
 				}
 
 				$ssl_ipsandports = '';
@@ -594,13 +635,21 @@ if($page == 'domains'
 				{
 					$domains.= makeoption($idna_convert->decode($row_domain['domain']) . ' (' . $row_domain['loginname'] . ')', $row_domain['id']);
 				}
+				
+				$subtodomains = makeoption($lng['domains']['nosubtomaindomain'], 0, NULL, true);
+				$result_domains = $db->query("SELECT `d`.`id`, `d`.`domain`, `c`.`loginname` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`parentdomainid`=0 AND `d`.`ismainbutsubto`=0 " . $standardsubdomains . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = '" . (int)$userinfo['adminid'] . "'") . " AND `d`.`customerid`=`c`.`customerid` ORDER BY `loginname`, `domain` ASC");
+
+				while($row_domain = $db->fetch_array($result_domains))
+				{
+					$subtodomains.= makeoption($idna_convert->decode($row_domain['domain']) . ' (' . $row_domain['loginname'] . ')', $row_domain['id']);
+				}
 
 				$phpconfigs = '';
 				$configs = $db->query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
 
 				while($row = $db->fetch_array($configs))
 				{
-					$phpconfigs.= makeoption($row['description'], $row['id'], '1', true, true);
+					$phpconfigs.= makeoption($row['description'], $row['id'], $settings['system']['mod_fcgid_defaultini'], true, true);
 				}
 
 				$isbinddomain = makeyesno('isbinddomain', '1', '0', '1');
@@ -624,8 +673,10 @@ if($page == 'domains'
 	elseif($action == 'edit'
 	       && $id != 0)
 	{
-		$result = $db->query_first("SELECT `d`.*, `c`.* FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) 
+		$result = $db->query_first("SELECT `d`.*, `c`.`customerid` FROM `" . TABLE_PANEL_DOMAINS . "` `d` 
-									WHERE `d`.`parentdomainid`='0' AND `d`.`id`='" . (int)$id . "'" 
+									LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) 
+									WHERE `d`.`parentdomainid`='0' 
+									AND `d`.`id`='" . (int)$id . "'" 
 									. ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = '" . (int)$userinfo['adminid'] . "' "));
 
 		if($result['domain'] != '')
@@ -703,6 +754,7 @@ if($page == 'domains'
 				}
 
 				$aliasdomain = intval($_POST['alias']);
+				$issubof = intval($_POST['issubof']);
 				$isemaildomain = intval($_POST['isemaildomain']);
 				$email_only = intval($_POST['email_only']);
 				$subcanemaildomain = intval($_POST['subcanemaildomain']);
@@ -731,6 +783,12 @@ if($page == 'domains'
 					{
 						$documentroot = $customer['documentroot'];
 					}
+
+					if(!preg_match('/^https?\:\/\//', $documentroot)
+						&& strstr($documentroot, ":") !== FALSE
+					) {
+						standard_error('pathmaynotcontaincolon');
+					}
 				}
 				else
 				{
@@ -880,13 +938,19 @@ if($page == 'domains'
 
 				if($aliasdomain != 0)
 				{
-					$aliasdomain_check = $db->query_first('SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$result['customerid'] . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$result['customerid'] . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\'');
+					// also check ip/port combination to be the same, #176
+					$aliasdomain_check = $db->query_first('SELECT `d`.`id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$result['customerid'] . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$result['customerid'] . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\' AND `d`.`ipandport` = \''.(int)$ipandport.'\'');
 				}
 
 				if($aliasdomain_check['id'] != $aliasdomain)
 				{
 					standard_error('domainisaliasorothercustomer');
 				}
+				
+				if($issubof <= '0')
+				{
+					$issubof = '0';
+				}
 
 				$params = array(
 					'id' => $id,
@@ -914,7 +978,8 @@ if($page == 'domains'
 					'mod_fcgid_starter' => $mod_fcgid_starter,
 					'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
 					'specialsettings' => $specialsettings,
-					'registration_date' => $registration_date
+					'registration_date' => $registration_date,
+					'issubof' => $issubof
 				);
 
 				$security_questions = array(
@@ -948,7 +1013,8 @@ if($page == 'domains'
 				   || $mod_fcgid_starter != $result['mod_fcgid_starter']
 				   || $mod_fcgid_maxrequests != $result['mod_fcgid_maxrequests']
 				   || $specialsettings != $result['specialsettings']
-				   || $aliasdomain != $result['aliasdomain'])
+				   || $aliasdomain != $result['aliasdomain']
+				   || $issubof != $result['ismainbutsubto'])
 				{
 					inserttask('1');
 				}
@@ -1010,7 +1076,7 @@ if($page == 'domains'
 					$log->logAction(ADM_ACTION, LOG_INFO, "removed specialsettings on all subdomains of domain #" . $id);
 				}
 				
-				$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `customerid` = '" . (int)$customerid . "', `adminid` = '" . (int)$adminid . "', `documentroot`='" . $db->escape($documentroot) . "', `ipandport`='" . $db->escape($ipandport) . "', `ssl`='" . (int)$ssl . "', `ssl_redirect`='" . (int)$ssl_redirect . "', `ssl_ipandport`='" . (int)$ssl_ipandport . "', `aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ", `isbinddomain`='" . $db->escape($isbinddomain) . "', `isemaildomain`='" . $db->escape($isemaildomain) . "', `email_only`='" . $db->escape($email_only) . "', `subcanemaildomain`='" . $db->escape($subcanemaildomain) . "', `dkim`='" . $db->escape($dkim) . "', `caneditdomain`='" . $db->escape($caneditdomain) . "', `zonefile`='" . $db->escape($zonefile) . "', `wwwserveralias`='" . $db->escape($wwwserveralias) . "', `openbasedir`='" . $db->escape($openbasedir) . "', `safemode`='" . $db->escape($safemode) . "', `phpsettingid`='" . $db->escape($phpsettingid) . "', `mod_fcgid_starter`='" . $db->escape($mod_fcgid_starter) . "', `mod_fcgid_maxrequests`='" . $db->escape($mod_fcgid_maxrequests) . "', `specialsettings`='" . $db->escape($specialsettings) . "', `registration_date`='" . $db->escape($registration_date) . "' WHERE `id`='" . (int)$id . "'");
+				$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `customerid` = '" . (int)$customerid . "', `adminid` = '" . (int)$adminid . "', `documentroot`='" . $db->escape($documentroot) . "', `ipandport`='" . $db->escape($ipandport) . "', `ssl`='" . (int)$ssl . "', `ssl_redirect`='" . (int)$ssl_redirect . "', `ssl_ipandport`='" . (int)$ssl_ipandport . "', `aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ", `isbinddomain`='" . $db->escape($isbinddomain) . "', `isemaildomain`='" . $db->escape($isemaildomain) . "', `email_only`='" . $db->escape($email_only) . "', `subcanemaildomain`='" . $db->escape($subcanemaildomain) . "', `dkim`='" . $db->escape($dkim) . "', `caneditdomain`='" . $db->escape($caneditdomain) . "', `zonefile`='" . $db->escape($zonefile) . "', `wwwserveralias`='" . $db->escape($wwwserveralias) . "', `openbasedir`='" . $db->escape($openbasedir) . "', `safemode`='" . $db->escape($safemode) . "', `phpsettingid`='" . $db->escape($phpsettingid) . "', `mod_fcgid_starter`='" . $db->escape($mod_fcgid_starter) . "', `mod_fcgid_maxrequests`='" . $db->escape($mod_fcgid_maxrequests) . "', `specialsettings`='" . $db->escape($specialsettings) . "', `registration_date`='" . $db->escape($registration_date) . "', `ismainbutsubto`='" . (int)$issubof . "' WHERE `id`='" . (int)$id . "'");
 				$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `customerid` = '" . (int)$customerid . "', `adminid` = '" . (int)$adminid . "', `ipandport`='" . $db->escape($ipandport) . "', `openbasedir`='" . $db->escape($openbasedir) . "', `safemode`='" . $db->escape($safemode) . "', `phpsettingid`='" . $db->escape($phpsettingid) . "', `mod_fcgid_starter`='" . $db->escape($mod_fcgid_starter) . "', `mod_fcgid_maxrequests`='" . $db->escape($mod_fcgid_maxrequests) . "'" . $upd_specialsettings . $updatechildren . " WHERE `parentdomainid`='" . (int)$id . "'");
 				$log->logAction(ADM_ACTION, LOG_INFO, "edited domain #" . $id);
 				$redirect_props = Array(
@@ -1066,6 +1132,14 @@ if($page == 'domains'
 					$domains.= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id'], $result['aliasdomain']);
 				}
 
+				$subtodomains = makeoption($lng['domains']['nosubtomaindomain'], 0, NULL, true);
+				$result_domains = $db->query("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`parentdomainid`=0 AND `d`.`id`<>'" . (int)$result['id'] . "' AND `c`.`standardsubdomain`<>`d`.`id` AND `c`.`customerid`=`d`.`customerid`". ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = '" . (int)$userinfo['adminid'] . "'") . " ORDER BY `d`.`domain` ASC");
+
+				while($row_domain = $db->fetch_array($result_domains))
+				{
+					$subtodomains.= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id'], $result['ismainbutsubto']);
+				}
+
 				if($userinfo['ip'] == "-1")
 				{
 					$result_ipsandports = $db->query("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='0' ORDER BY `ip`, `port` ASC");

admin_index.php

@@ -61,6 +61,7 @@ if($page == 'overview')
 				SUM(`email_accounts_used`) AS `email_accounts_used`,
 				SUM(`email_forwarders_used`) AS `email_forwarders_used`,
 				SUM(`email_quota_used`) AS `email_quota_used`,
+				SUM(`email_autoresponder_used`) AS `email_autoresponder_used`,
 				SUM(`ftps_used`) AS `ftps_used`,
 				SUM(`tickets_used`) AS `tickets_used`,
 				SUM(`subdomains_used`) AS `subdomains_used`,
@@ -100,7 +101,7 @@ if($page == 'overview')
 				&& count($latestversion) >= 1)
 				{
 					$_version = $latestversion[0];
-					$_message = $latestversion[1];
+					$_message = isset($latestversion[1]) ? $latestversion[1] : '';
 					$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
 
 					$lookfornewversion_lable = $_version;
@@ -140,7 +141,7 @@ if($page == 'overview')
 	$userinfo['diskspace_used'] = round($userinfo['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
 	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
 	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps tickets subdomains aps_packages');
+	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps tickets subdomains aps_packages');
 
 	$cron_last_runs = getCronjobsLastRun();
 	$outstanding_tasks = getOutstandingTasks();
@@ -185,7 +186,7 @@ if($page == 'overview')
 	}
 
 	// Try to get the uptime
-	// First: With exec (let's hope it's enabled for the SysCP - vHost)
+	// First: With exec (let's hope it's enabled for the Froxlor - vHost)
 
 	$uptime_array = explode(" ", @file_get_contents("/proc/uptime"));
 
@@ -281,9 +282,14 @@ elseif($page == 'change_language')
 	{
 		$language_options = '';
 
+		$default_lang = $settings['panel']['standardlanguage'];
+		if($userinfo['def_language'] != '') { 
+			$default_lang = $userinfo['def_language'];
+		}
+
 		while(list($language_file, $language_name) = each($languages))
 		{
-			$language_options.= makeoption($language_name, $language_file, $userinfo['def_language'], true);
+			$language_options.= makeoption($language_name, $language_file, $default_lang, true);
 		}
 
 		eval("echo \"" . getTemplate("index/change_language") . "\";");

admin_phpsettings.php

@@ -97,7 +97,7 @@ if($page == 'overview')
 
 				$db->query("INSERT INTO `" . TABLE_PANEL_PHPCONFIGS . "` SET `description` = '" . $db->escape($description) . "', `binary` = '" . $db->escape($binary) . "', `file_extensions` = '" . $db->escape($file_extensions) . "', `mod_fcgid_starter` = '" . $db->escape($mod_fcgid_starter) . "', `mod_fcgid_maxrequests` = '" . $db->escape($mod_fcgid_maxrequests) . "', `phpsettings` = '" . $db->escape($phpsettings) . "'");
 				inserttask('1');
-				$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with description '" . $value . "' has been created by '" . $userinfo['loginname'] . "'");
+				$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with description '" . $description . "' has been created by '" . $userinfo['loginname'] . "'");
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
 			else

admin_settings.php

@@ -31,20 +31,78 @@ if(($page == 'settings' || $page == 'overview')
    && $userinfo['change_serversettings'] == '1')
 {
 	$settings_data = loadConfigArrayDir('./actions/admin/settings/');
-	$settings = loadSettings(&$settings_data, &$db);
+	$settings = loadSettings($settings_data, $db);
 	
 	if(isset($_POST['send'])
 	   && $_POST['send'] == 'send')
 	{
-		if(processForm(&$settings_data, &$_POST, array('filename' => $filename, 'action' => $action, 'page' => $page)))
+		$_part = isset($_GET['part']) ? $_GET['part'] : '';
+
+		if($_part == '')
 		{
+			$_part = isset($_POST['part']) ? $_POST['part'] : '';
+		}
+
+		if($_part != '')
+		{
+			if($_part == 'all')
+			{
+				$settings_all = true;
+				$settings_part = false;
+			}
+			else
+			{
+				$settings_all = false;
+				$settings_part = true;
+			}
+
+			$only_enabledisable = false;
+		}
+		else
+		{
+			$settings_all = false;
+			$settings_part = false;
+			$only_enabledisable = true;
+		}
+		
+		if(processFormEx(
+			$settings_data, 
+			$_POST, 
+			array('filename' => $filename, 'action' => $action, 'page' => $page),
+			$_part,
+			$settings_all,
+			$settings_part,
+			$only_enabledisable
+			)
+		) {
 			standard_success('settingssaved', '', array('filename' => $filename, 'action' => $action, 'page' => $page));
 		}
 	}
 	else
 	{
-		$fields = buildForm(&$settings_data);
+		$_part = isset($_GET['part']) ? $_GET['part'] : '';
-		eval("echo \"" . getTemplate("settings/settings") . "\";");
+		
+		if($_part == '')
+		{
+			$_part = isset($_POST['part']) ? $_POST['part'] : '';
+		}
+
+		$fields = buildFormEx($settings_data, $_part);
+		
+		$settings_page = '';
+		if($_part == '')
+		{
+			eval("\$settings_page .= \"" . getTemplate("settings/settings_overview") . "\";");
+		} 
+		else
+		{
+			eval("\$settings_page .= \"" . getTemplate("settings/settings") . "\";");
+		}
+		
+		eval("echo \"" . getTemplate("settings/settings_form_begin") . "\";");
+		eval("echo \$settings_page;");
+		eval("echo \"" . getTemplate("settings/settings_form_end") . "\";");
+
 	}
 }
 elseif($page == 'rebuildconfigs'
@@ -156,6 +214,4 @@ elseif($page == 'enforcequotas'
 	{
 		ask_yesno('admin_quotas_reallyenforce', $filename, array('page' => $page));
 	}
-}
+}
-
-?>

admin_templates.php

@@ -53,7 +53,10 @@ $available_templates = array(
 	'new_ticket_for_customer',
 	'new_ticket_by_staff',
 	'new_reply_ticket_by_customer',
-	'new_reply_ticket_by_staff'
+	'new_reply_ticket_by_staff',
+	'new_database_by_customer',
+	'new_ftpaccount_by_customer',
+	'password_reset'
 );
 $file_templates = array(
 	'index_html'

admin_tickets.php

@@ -102,11 +102,12 @@ if($page == 'tickets'
 					if($_cid != $row['customerid'])
 					{
 						$cid = $row['customerid'];
-						$usr = $db->query_first('SELECT `firstname`, `name`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						$usr = $db->query_first('SELECT `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
                                      WHERE `customerid` = "' . (int)$cid . '"');
 						
 						if(isset($usr['loginname'])) {
-							$customer = $usr['firstname'] . " " . $usr['name'] . " (" . $usr['loginname'] . ")";
+							$customer = getCorrectFullUserDetails($usr) . ' (' . $usr['loginname'] . ')';
+							//$customer = $usr['firstname'] . " " . $usr['name'] . " (" . $usr['loginname'] . ")";
 						} else {
 							$customer = $lng['ticket']['nonexistingcustomer'];
 						}
@@ -167,7 +168,7 @@ if($page == 'tickets'
 				$newticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 				$newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 				$newticket->Set('category', validate($_POST['category'], 'category'), true, false);
-				$newticket->Set('customer', validate($_POST['customer'], 'customer'), true, false);
+				$newticket->Set('customer', (int)$_POST['customer'], true, false);
 				$newticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);
 
 				if($newticket->Get('subject') == null)
@@ -197,12 +198,12 @@ if($page == 'tickets'
 			else
 			{
 				$categories = '';
-				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `name` ASC');
+				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
 
 				if(isset($result['name'])
 				   && $result['name'] != '')
 				{
-					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `name` ASC');
+					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
 
 					while($row = $db->fetch_array($result2))
 					{
@@ -219,27 +220,12 @@ if($page == 'tickets'
 
 				while($row_customer = $db->fetch_array($result_customers))
 				{
-					if($row_customer['company'] == '')
+					$customers.= makeoption(getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
-					{
-						$customers.= makeoption($row_customer['name'] . ', ' . $row_customer['firstname'] . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
-					}
-					else
-					{
-						if($row_customer['name'] != ''
-						   && $row_customer['firstname'] != '')
-						{
-							$customers.= makeoption($row_customer['name'] . ', ' . $row_customer['firstname'] . ' | ' . $row_customer['company'] . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
-						}
-						else
-						{
-							$customers.= makeoption($row_customer['company'] . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
-						}
-					}
 				}
 
-				$priorities = makeoption($lng['ticket']['unf_high'], '1');
+				$priorities = makeoption($lng['ticket']['unf_high'], '1', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_normal'], '2');
+				$priorities.= makeoption($lng['ticket']['unf_normal'], '2', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_low'], '3');
+				$priorities.= makeoption($lng['ticket']['unf_low'], '3', $settings['ticket']['default_priority']);
 				eval("echo \"" . getTemplate("ticket/tickets_new") . "\";");
 			}
 		}
@@ -435,10 +421,11 @@ elseif($page == 'categories'
 	{
 		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_tickets::categories");
 		$fields = array(
-			'name' => $lng['ticket']['category']
+			'name' => $lng['ticket']['category'],
+			'logicalorder' => $lng['ticket']['logicalorder']
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_TICKET_CATS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result = $db->query("SELECT `main`.`id`, `main`.`name`, (
+		$result = $db->query("SELECT `main`.`id`, `main`.`name`, `main`.`logicalorder`, (
                               SELECT COUNT(`sub`.`id`) FROM `" . TABLE_PANEL_TICKETS . "` `sub`
                               WHERE `sub`.`category` = `main`.`id`
                               AND `sub`.`answerto` = '0' AND `sub`.`adminid` = '" . $userinfo['adminid'] . "')
@@ -481,6 +468,12 @@ elseif($page == 'categories'
 		   && $_POST['send'] == 'send')
 		{
 			$category = validate($_POST['category'], 'category');
+			$order = validate($_POST['logicalorder'], 'logicalorder');
+			
+			if($order < 1 || $order >= 1000)
+			{
+				$order = 1;
+			}
 
 			if($category == '')
 			{
@@ -488,7 +481,7 @@ elseif($page == 'categories'
 			}
 			else
 			{
-				ticket::addCategory($db, $category, $userinfo['adminid']);
+				ticket::addCategory($db, $category, $userinfo['adminid'], $order);
 				$log->logAction(ADM_ACTION, LOG_INFO, "added ticket-category '" . $category . "'");
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
@@ -505,6 +498,12 @@ elseif($page == 'categories'
 		   && $_POST['send'] == 'send')
 		{
 			$category = validate($_POST['category'], 'category');
+			$order = validate($_POST['logicalorder'], 'logicalorder');
+
+			if($order < 1 || $order >= 1000)
+			{
+				$order = 1;
+			}
 
 			if($category == '')
 			{
@@ -512,7 +511,7 @@ elseif($page == 'categories'
 			}
 			else
 			{
-				ticket::editCategory($db, $category, $id);
+				ticket::editCategory($db, $category, $id, $order);
 				$log->logAction(ADM_ACTION, LOG_INFO, "edited ticket-category '" . $category . "'");
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
@@ -634,14 +633,15 @@ elseif($page == 'archive'
 						if($_cid != $ticket['customerid'])
 						{
 							$cid = $ticket['customerid'];
-							$usr = $db->query_first('SELECT `firstname`, `name`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
+							$usr = $db->query_first('SELECT `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
                                        WHERE `customerid` = "' . (int)$cid . '"');
 							
 							if(isset($usr['loginname'])) {
-								$customer = $usr['firstname'] . " " . $usr['name'] . " (" . $usr['loginname'] . ")";
+								$customer = getCorrectFullUserDetails($usr) . ' (' . $usr['loginname'] . ')';
 							} else {
 								$customer = $lng['ticket']['nonexistingcustomer'];
 							}
+							
 							eval("\$tickets.=\"" . getTemplate("ticket/tickets_customer") . "\";");
 						}
 
@@ -718,18 +718,11 @@ elseif($page == 'archive'
 			}
 
 			$customers = makeoption($lng['ticket']['nocustomer'], '-1', '-1');
-			$result = $db->query_first('SELECT `customerid` FROM `' . TABLE_PANEL_CUSTOMERS . '` ' . ($userinfo['customers_see_all'] ? '' : ' WHERE `adminid` = "' . (int)$userinfo['adminid'] . '" ') . 'ORDER BY `name` ASC');
+			$result_customers = $db->query("SELECT `customerid`, `loginname`, `name`, `firstname`, `company` FROM `" . TABLE_PANEL_CUSTOMERS . "` " . ($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = '" . (int)$userinfo['adminid'] . "' ") . " ORDER BY `name` ASC");
 
-			if(isset($result['customerid'])
+			while($row_customer = $db->fetch_array($result_customers))
-			   && $result['customerid'] != '')
 			{
-				$result2 = $db->query('SELECT `customerid`, `loginname`, `firstname`, `name`
+				$customers.= makeoption(getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
-  									          FROM `' . TABLE_PANEL_CUSTOMERS . '` ' . ($userinfo['customers_see_all'] ? '' : ' WHERE `adminid` = "' . (int)$userinfo['adminid'] . '" ') . ' ORDER BY `name` ASC');
-
-				while($row = $db->fetch_array($result2))
-				{
-					$customers.= makeoption($row['name'] . ', ' . $row['firstname'] . ' (' . $row['loginname'] . ')', $row['customerid']);
-				}
 			}
 
 			eval("echo \"" . getTemplate("ticket/archive") . "\";");

admin_updates.php

@@ -37,36 +37,74 @@ if($page == 'overview')
 		if (!isset($settings['system']['dbversion'])
 		|| $settings['system']['dbversion'] == ''
 		) {
-			$settings['system']['dbversion'] = 2;
+			/**
+			 * for syscp-stable (1.4.2.1) this value has to be 0
+			 * so the required table-fields are added correctly
+			 * and the svn-version has its value in the database
+			 * -> bug #54
+			 */
+			
+			$result = $db->query_first("SELECT `value` FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `varname` = 'dbversion'");
+			
+			if(isset($result['value']))
+			{
+				$settings['system']['dbversion'] = (int)$result['value'];
+			} else {
+				$settings['system']['dbversion'] = 0;
+			}
 		}
 	}
 
 	if(hasUpdates($version))
 	{
+		$successful_update = false;
+		$message = '';
+
 		if(isset($_POST['send'])
 		&& $_POST['send'] == 'send')
 		{
-
+			if((isset($_POST['update_preconfig'])
-			eval("echo \"" . getTemplate("update/update_start") . "\";");
+				&& isset($_POST['update_changesagreed'])
-
+				&& intval($_POST['update_changesagreed']) != 0)
-			include_once('./install/updatesql.php');
+				|| !isset($_POST['update_preconfig'])
-
+			) {
-			$redirect_url = 'admin_index.php';
+				eval("echo \"" . getTemplate("update/update_start") . "\";");
-			eval("echo \"" . getTemplate("update/update_end") . "\";");
+	
-
+				include_once './install/updatesql.php';
-			updateCounters();
+	
-			inserttask('1');
+				$redirect_url = 'admin_index.php?s=' . $s;
-			@chmod('./lib/userdata.inc.php', 0440);
+				eval("echo \"" . getTemplate("update/update_end") . "\";");
+	
+				updateCounters();
+				inserttask('1');
+				@chmod('./lib/userdata.inc.php', 0440);
+				
+				$successful_update = true;
+			}
+			else
+			{
+				$message = '<br /><strong style="color:#ff0000;">You have to agree that you have read the update notifications.</strong>';
+			}
 		}
-		else
+
+		if(!$successful_update)
 		{
 			$current_version = $settings['panel']['version'];
 			$new_version = $version;
 
-			$ui_text = $lng['update']['update_information'];
+			$ui_text = $lng['update']['update_information']['part_a'];
 			$ui_text = str_replace('%curversion', $current_version, $ui_text);
 			$ui_text = str_replace('%newversion', $new_version, $ui_text);
 			$update_information = $ui_text;
+			
+			include_once './install/updates/preconfig.php';
+			$preconfig = getPreConfig($current_version);
+			if($preconfig != '')
+			{
+				$update_information .= '<br />'.$preconfig.$message;
+			}
+			
+			$update_information .= $lng['update']['update_information']['part_b'];
 
 			eval("echo \"" . getTemplate("update/index") . "\";");
 		}
@@ -78,7 +116,7 @@ if($page == 'overview')
 		 */
 
 		$success_message = $lng['update']['noupdatesavail'];
-		$redirect_url = 'admin_index.php';
+		$redirect_url = 'admin_index.php?s=' . $s;
 		eval("echo \"" . getTemplate("update/noupdatesavail") . "\";");
 	}
 }

customer_autoresponder.php

@@ -87,6 +87,7 @@ if($action == "add")
 			`subject` = '" . $db->escape($subject) . "',
 			`customerid` = '" . $db->escape((int)$userinfo['customerid']) . "'
 			");
+		$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_autoresponder_used` = `email_autoresponder_used` + 1 WHERE `customerid` = '" . $db->escape((int)$userinfo['customerid']). "'");
 		redirectTo($filename, Array('s' => $s));
 	}
 
@@ -107,7 +108,7 @@ if($action == "add")
 	}
 	
 	$date_from_off = makecheckbox('date_from_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
-	$date_until_off = makecheckbox('date_from_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
+	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
 
 	eval("echo \"" . getTemplate("email/autoresponder_add") . "\";");
 }
@@ -229,7 +230,7 @@ if($action == "edit")
 		$deactivated = '0';
 		$date_until = date('d-m-Y', $date_until);
 	}
-	$date_from_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, $deactivated, true, true);
+	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, $deactivated, true, true);
 
 	$checked = '';
 
@@ -265,6 +266,7 @@ if($action == "delete")
 			WHERE `email` = '" . $db->escape($account) . "'
 			AND `customerid` = '" . $db->escape((int)$userinfo['customerid']) . "'
 			");
+		$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_autoresponder_used` = `email_autoresponder_used` - 1 WHERE `customerid` = '" . $db->escape((int)$userinfo['customerid']). "'");
 		redirectTo($filename, Array('s' => $s));
 	}
 

customer_domains.php

@@ -68,13 +68,13 @@ elseif($page == 'domains')
 			$row['domainalias'] = $idna_convert->decode($row['domainalias']);
 
 			if($row['parentdomainid'] == '0'
-			   && $row['iswildcarddomain'] != '1'
 			   && $row['caneditdomain'] == '1')
 			{
 				$parentdomains_count++;
 			}
 
 			$domains_count++;
+/*
 			$domainparts = explode('.', $row['domain']);
 			$domainparts = array_reverse($domainparts);
 			$sortkey = '';
@@ -82,8 +82,9 @@ elseif($page == 'domains')
 			{
 				$sortkey.= $part . '.';
 			}
-
 			$domain_array[$sortkey] = $row;
+*/
+			$domain_array[$row['domain']] = $row;
 		}
 
 		ksort($domain_array);
@@ -125,6 +126,11 @@ elseif($page == 'domains')
 			if($paging->checkDisplay($i))
 			{
 				$row = htmlentities_array($domain_array[$sortkey]);
+				if($settings['system']['awstats_enabled'] == '1') {
+					$statsapp = 'awstats';
+				} else {
+					$statsapp = 'webalizer';
+				}
 				eval("\$domains.=\"" . getTemplate("domains/domains_delimiter") . "\";");
 
 				if($paging->sortfield == 'd.domain'
@@ -178,6 +184,14 @@ elseif($page == 'domains')
 					}
 				}
 
+				/*
+				 * check for APS packages used with this domain, #110
+				 */
+				if(domainHasApsInstances($id))
+				{
+					standard_error('domains_cantdeletedomainwithapsinstances');
+				}
+
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted subdomain '" . $idna_convert->decode($result['domain']) . "'");
 				$result = $db->query("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 				$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `subdomains_used`=`subdomains_used`-1 WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
@@ -205,17 +219,19 @@ elseif($page == 'domains')
 			{
 				$subdomain = $idna_convert->encode(preg_replace(Array('/\:(\d)+$/', '/^https?\:\/\//'), '', validate($_POST['subdomain'], 'subdomain', '', 'subdomainiswrong')));
 				$domain = $idna_convert->encode($_POST['domain']);
-				$domain_check = $db->query_first("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain`='" . $db->escape($domain) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "' AND `parentdomainid`='0' AND `email_only`='0' AND `iswildcarddomain`='0' AND `caneditdomain`='1' ");
+				$domain_check = $db->query_first("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain`='" . $db->escape($domain) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "' AND `parentdomainid`='0' AND `email_only`='0' AND `caneditdomain`='1' ");
 				$completedomain = $subdomain . '.' . $domain;
 				$completedomain_check = $db->query_first("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain`='" . $db->escape($completedomain) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "' AND `email_only`='0' AND `caneditdomain` = '1'");
 				$aliasdomain = intval($_POST['alias']);
 				$aliasdomain_check = array(
 					'id' => 0
 				);
+				$_doredirect = false;
 
 				if($aliasdomain != 0)
 				{
-					$aliasdomain_check = $db->query_first('SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\'');
+					// also check ip/port combination to be the same, #176
+					$aliasdomain_check = $db->query_first('SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\' AND `d`.`ipandport` = \''.(int)$domain_check['ipandport'].'\'');
 				}
 
 				if(isset($_POST['url'])
@@ -223,6 +239,7 @@ elseif($page == 'domains')
 				   && validateUrl($idna_convert->encode($_POST['url'])))
 				{
 					$path = $_POST['url'];
+					$_doredirect = true;
 				}
 				else
 				{
@@ -234,6 +251,14 @@ elseif($page == 'domains')
 				{
 					$path = $userinfo['documentroot'] . '/' . $path;
 					$path = makeCorrectDir($path);
+					if (strstr($path, ":") !== FALSE)
+					{
+						standard_error('pathmaynotcontaincolon');
+					}
+				}
+				else
+				{
+					$_doredirect = true;
 				}
 
 				if(isset($_POST['openbasedir_path'])
@@ -286,7 +311,38 @@ elseif($page == 'domains')
 				}
 				else
 				{
-					$result = $db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` (`customerid`, `domain`, `documentroot`, `ipandport`, `aliasdomain`, `parentdomainid`, `isemaildomain`, `openbasedir`, `openbasedir_path`, `safemode`, `speciallogfile`, `specialsettings`, `ssl_redirect`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($completedomain) . "', '" . $db->escape($path) . "', '" . $db->escape($domain_check['ipandport']) . "', " . (($aliasdomain != 0) ? "'" . $db->escape($aliasdomain) . "'" : "NULL") . ", '" . (int)$domain_check['id'] . "', '" . ($domain_check['subcanemaildomain'] == '3' ? '1' : '0') . "', '" . $db->escape($domain_check['openbasedir']) . "', '" . $db->escape($openbasedir_path) . "', '" . $db->escape($domain_check['safemode']) . "', '" . $db->escape($domain_check['speciallogfile']) . "', '" . $db->escape($domain_check['specialsettings']) . "', '" . $ssl_redirect . "')");
+					// get the phpsettingid from parentdomain, #107
+					$phpsid_result = $db->query_first("SELECT `phpsettingid` FROM `".TABLE_PANEL_DOMAINS."` WHERE `id` = '".(int)$domain_check['id']."'");
+					if(!isset($phpsid_result['phpsettingid'])
+						|| (int)$phpsid_result['phpsettingid'] <= 0
+					) {
+						// assign default config
+						$phpsid_result['phpsettingid'] = 1;
+					}
+
+					$result = $db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET 
+								`customerid` = '" . (int)$userinfo['customerid'] . "',
+								`domain` = '" . $db->escape($completedomain) . "', 
+								`documentroot` = '" . $db->escape($path) . "', 
+								`ipandport` = '" . $db->escape($domain_check['ipandport']) . "', 
+								`aliasdomain` = ".(($aliasdomain != 0) ? "'" . $db->escape($aliasdomain) . "'" : "NULL") .", 
+								`parentdomainid` = '" . (int)$domain_check['id'] . "', 
+								`isemaildomain` = '" . ($domain_check['subcanemaildomain'] == '3' ? '1' : '0') . "', 
+								`openbasedir` = '" . $db->escape($domain_check['openbasedir']) . "', 
+								`openbasedir_path` = '" . $db->escape($openbasedir_path) . "', 
+								`safemode` = '" . $db->escape($domain_check['safemode']) . "', 
+								`speciallogfile` = '" . $db->escape($domain_check['speciallogfile']) . "', 
+								`specialsettings` = '" . $db->escape($domain_check['specialsettings']) . "', 
+								`ssl_redirect` = '" . $ssl_redirect . "', 
+								`phpsettingid` = '" . $phpsid_result['phpsettingid'] . "'");
+
+					if($_doredirect)
+					{
+						$did = $db->insert_id();
+						$redirect = isset($_POST['redirectcode']) ? (int)$_POST['redirectcode'] : $settings['customredirect']['default'];
+						addRedirectToDomain($did, $redirect);
+					}
+
 					$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `subdomains_used`=`subdomains_used`+1 WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 					$log->logAction(USR_ACTION, LOG_INFO, "added subdomain '" . $completedomain . "'");
 					inserttask('1');
@@ -296,7 +352,7 @@ elseif($page == 'domains')
 			}
 			else
 			{
-				$result = $db->query("SELECT `id`, `domain`, `documentroot`, `ssl_redirect`,`isemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `parentdomainid`='0' AND `email_only`='0' AND `iswildcarddomain`='0' AND `caneditdomain`='1' ORDER BY `domain` ASC");
+				$result = $db->query("SELECT `id`, `domain`, `documentroot`, `ssl_redirect`,`isemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `parentdomainid`='0' AND `email_only`='0' AND `caneditdomain`='1' ORDER BY `domain` ASC");
 				$domains = '';
 
 				while($row = $db->fetch_array($result))
@@ -312,6 +368,16 @@ elseif($page == 'domains')
 					$aliasdomains.= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id']);
 				}
 
+				if($settings['customredirect']['enabled'] == '1')
+				{
+					$redirectcode = '';
+					$codes = getRedirectCodesArray();
+					foreach($codes as $rc)
+					{
+						$redirectcode .= makeoption($rc['code']. ' ('.$lng['redirect_desc'][$rc['desc']].')', $rc['id'], $settings['customredirect']['default']);
+					}
+				}
+
 				$ssl_redirect = makeyesno('ssl_redirect', '1', '0', $result['ssl_redirect']);
 				$openbasedir = makeoption($lng['domain']['docroot'], 0, NULL, true) . makeoption($lng['domain']['homedir'], 1, NULL, true);
 				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
@@ -322,9 +388,10 @@ elseif($page == 'domains')
 	elseif($action == 'edit'
 	       && $id != 0)
 	{
-		$result = $db->query_first("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir_path` ,`pd`.`subcanemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd` WHERE `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `d`.`id`='" . (int)$id . "' AND ((`d`.`parentdomainid`!='0' AND `pd`.`id`=`d`.`parentdomainid`) OR (`d`.`parentdomainid`='0' AND `pd`.`id`=`d`.`id`)) AND `d`.`caneditdomain`='1'");
+		$result = $db->query_first("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir_path`, `d`.`ipandport`, `pd`.`subcanemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd` WHERE `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `d`.`id`='" . (int)$id . "' AND ((`d`.`parentdomainid`!='0' AND `pd`.`id`=`d`.`parentdomainid`) OR (`d`.`parentdomainid`='0' AND `pd`.`id`=`d`.`id`)) AND `d`.`caneditdomain`='1'");
 		$alias_check = $db->query_first('SELECT COUNT(`id`) AS count FROM `' . TABLE_PANEL_DOMAINS . '` WHERE `aliasdomain`=\'' . (int)$result['id'] . '\'');
 		$alias_check = $alias_check['count'];
+		$_doredirect = false;
 
 		if(isset($result['customerid'])
 		   && $result['customerid'] == $userinfo['customerid'])
@@ -337,6 +404,7 @@ elseif($page == 'domains')
 				   && validateUrl($idna_convert->encode($_POST['url'])))
 				{
 					$path = $_POST['url'];
+					$_doredirect = true;
 				}
 				else
 				{
@@ -348,6 +416,14 @@ elseif($page == 'domains')
 				{
 					$path = $userinfo['documentroot'] . '/' . $path;
 					$path = makeCorrectDir($path);
+					if (strstr($path, ":") !== FALSE)
+					{
+						standard_error('pathmaynotcontaincolon');
+					}
+				}
+				else
+				{
+					$_doredirect = true;
 				}
 
 				$aliasdomain = intval($_POST['alias']);
@@ -355,16 +431,7 @@ elseif($page == 'domains')
 				if(isset($_POST['iswildcarddomain'])
 				   && $_POST['iswildcarddomain'] == '1'
 				   && $result['parentdomainid'] == '0'
-				   && $userinfo['subdomains'] != '0')
+				){
-				{
-					$wildcarddomaincheck = $db->query("SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `parentdomainid` = '" . (int)$result['id'] . "'");
-
-					if($db->num_rows($wildcarddomaincheck) != '0')
-					{
-						standard_error('firstdeleteallsubdomains');
-						exit;
-					}
-
 					$iswildcarddomain = '1';
 				}
 				else
@@ -431,6 +498,12 @@ elseif($page == 'domains')
 						$log->logAction(USR_ACTION, LOG_NOTICE, "automatically deleted mail-table entries for '" . $idna_convert->decode($result['domain']) . "'");
 					}
 
+					if($_doredirect)
+					{
+						$redirect = isset($_POST['redirectcode']) ? (int)$_POST['redirectcode'] : false;
+						updateRedirectOfDomain($id, $redirect);
+					}
+
 					if($path != $result['documentroot']
 					   || $isemaildomain != $result['isemaildomain']
 					   || $iswildcarddomain != $result['iswildcarddomain']
@@ -451,7 +524,8 @@ elseif($page == 'domains')
 			{
 				$result['domain'] = $idna_convert->decode($result['domain']);
 				$domains = makeoption($lng['domains']['noaliasdomain'], 0, $result['aliasdomain'], true);
-				$result_domains = $db->query("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`id`<>'" . (int)$result['id'] . "' AND `c`.`standardsubdomain`<>`d`.`id` AND `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `c`.`customerid`=`d`.`customerid` ORDER BY `d`.`domain` ASC");
+				// also check ip/port combination to be the same, #176
+				$result_domains = $db->query("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`id`<>'" . (int)$result['id'] . "' AND `c`.`standardsubdomain`<>`d`.`id` AND `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `c`.`customerid`=`d`.`customerid` AND `d`.`ipandport` = '".(int)$result['ipandport']."' ORDER BY `d`.`domain` ASC");
 
 				while($row_domain = $db->fetch_array($result_domains))
 				{
@@ -471,15 +545,29 @@ elseif($page == 'domains')
 					$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $result['documentroot']);
 				}
 
+				if($settings['customredirect']['enabled'] == '1')
+				{
+					$def_code = getDomainRedirectId($id);
+					$redirectcode = '';
+					$codes = getRedirectCodesArray();
+					foreach($codes as $rc)
+					{
+						$redirectcode .= makeoption($rc['code']. ' ('.$lng['redirect_desc'][$rc['desc']].')', $rc['id'], $def_code);
+					}
+				}
+
 				$ssl_redirect = makeyesno('ssl_redirect', '1', '0', $result['ssl_redirect']);
 				$iswildcarddomain = makeyesno('iswildcarddomain', '1', '0', $result['iswildcarddomain']);
 				$isemaildomain = makeyesno('isemaildomain', '1', '0', $result['isemaildomain']);
 				$openbasedir = makeoption($lng['domain']['docroot'], 0, $result['openbasedir_path'], true) . makeoption($lng['domain']['homedir'], 1, $result['openbasedir_path'], true);
-				$result = htmlentities_array($result);
 
-				if($settings['system']['use_ssl'] == "1")
+				$result_ipandport = $db->query_first("SELECT `ip` FROM `".TABLE_PANEL_IPSANDPORTS."` WHERE `id`='".(int)$result['ipandport']."'");
+				if(filter_var($result_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
 				{
+					$result_ipandport['ip'] = '[' . $result_ipandport['ip'] . ']';
 				}
+				$domainip = $result_ipandport['ip'];
+				$result = htmlentities_array($result);
 
 				eval("echo \"" . getTemplate("domains/domains_edit") . "\";");
 			}

customer_email.php

@@ -139,8 +139,10 @@ elseif($page == 'emails')
 			}
 		}
 
-		$emaildomains_count = $db->query_first("SELECT COUNT(`id`) AS `count` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . $userinfo['customerid'] . "' AND `isemaildomain`='1' ORDER BY `domain` ASC");
+		$emaildomains_count = $db->query_first("SELECT COUNT(`id`) AS `count` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `isemaildomain`='1' ORDER BY `domain` ASC");
 		$emaildomains_count = $emaildomains_count['count'];
+
+		$emailscount = $db->num_rows($result);
 		eval("echo \"" . getTemplate("email/emails") . "\";");
 	}
 	elseif($action == 'delete'
@@ -182,6 +184,12 @@ elseif($page == 'emails')
 					$number_forwarders = 0;
 				}
 
+				if(isset($_POST['delete_userfiles'])
+				  && (int)$_POST['delete_userfiles'] == 1)
+				{
+					inserttask('7', $userinfo['loginname'], $result['email_full']);
+				}
+
 				$db->query("DELETE FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 				$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `emails_used`=`emails_used` - 1 , `email_forwarders_used` = `email_forwarders_used` - " . (int)$number_forwarders . " $update_users_query_addon WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted email address '" . $result['email'] . "'");
@@ -189,7 +197,12 @@ elseif($page == 'emails')
 			}
 			else
 			{
-				ask_yesno('email_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['email_full']));
+				if(maildirExists($result))  {
+					$show_checkbox = true;
+				} else {
+					$show_checkbox = false;
+				}
+				ask_yesno_withcheckbox('email_reallydelete', 'admin_customer_alsoremovemail', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['email_full']), $show_checkbox);
 			}
 		}
 	}
@@ -372,6 +385,7 @@ elseif($page == 'accounts')
 					$email_full = $result['email_full'];
 					$username = $idna_convert->decode($email_full);
 					$password = validate($_POST['email_password'], 'password');
+					$password = validatePassword($password);
 
 					if($settings['panel']['sendalternativemail'] == 1)
 					{
@@ -427,25 +441,26 @@ elseif($page == 'accounts')
 						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['pop_success']['subject']), $replace_arr));
 						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($userinfo['def_language']) . '\' AND `templategroup`=\'mails\' AND `varname`=\'pop_success_mailbody\'');
 						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['pop_success']['mailbody']), $replace_arr));
-						$mail->From = $admin['email'];
+						
-						$mail->FromName = getCorrectUserSalutation($admin);
+						$_mailerror = false;
-						$mail->Subject = $mail_subject;
+						try {
-						$mail->Body = $mail_body;
+							$mail->SetFrom($admin['email'], getCorrectUserSalutation($admin));
-						$mail->AddAddress($email_full, getCorrectUserSalutation($userinfo));
+							$mail->Subject = $mail_subject;
-
+							$mail->AltBody = $mail_body;
-						if(!$mail->Send())
+							$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
-						{
+							$mail->AddAddress($email_full, getCorrectUserSalutation($userinfo));
-							if($mail->ErrorInfo != '')
+							$mail->Send();
-							{
+						} catch(phpmailerException $e) {
-								$mailerr_msg = $mail->ErrorInfo;
+							$mailerr_msg = $e->errorMessage();
-							}
+							$_mailerror = true;
-							else
+						} catch (Exception $e) {
-							{
+							$mailerr_msg = $e->getMessage();
-								$mailerr_msg = $email;
+							$_mailerror = true;
-							}
+						}
 
+						if ($_mailerror) {	
 							$log->logAction(USR_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
-							standard_error('errorsendingmail', $email);
+							standard_error('errorsendingmail', $email_full);
 						}
 
 						$mail->ClearAddresses();
@@ -457,23 +472,24 @@ elseif($page == 'accounts')
 							$mail_subject = replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['pop_success_alternative']['subject']), $replace_arr);
 							$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($userinfo['def_language']) . '\' AND `templategroup`=\'mails\' AND `varname`=\'pop_success_alternative_mailbody\'');
 							$mail_body = replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['pop_success_alternative']['mailbody']), $replace_arr);
-							$mail->From = $admin['email'];
+							
-							$mail->FromName = getCorrectUserSalutation($admin);
+							$_mailerror = false;
-							$mail->Subject = $mail_subject;
+							try {
-							$mail->Body = $mail_body;
+								$mail->SetFrom($admin['email'], getCorrectUserSalutation($admin));
-							$mail->AddAddress($idna_convert->encode($alternative_email), getCorrectUserSalutation($userinfo));
+								$mail->Subject = $mail_subject;
-
+								$mail->AltBody = $mail_body;
-							if(!$mail->Send())
+								$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
-							{
+								$mail->AddAddress($idna_convert->encode($alternative_email), getCorrectUserSalutation($userinfo));
-								if($mail->ErrorInfo != '')
+								$mail->Send();
-								{
+							} catch(phpmailerException $e) {
-									$mailerr_msg = $mail->ErrorInfo;
+								$mailerr_msg = $e->errorMessage();
-								}
+								$_mailerror = true;
-								else
+							} catch (Exception $e) {
-								{
+								$mailerr_msg = $e->getMessage();
-									$mailerr_msg = $alternative_email;
+								$_mailerror = true;
-								}
+							}
-
+	
+							if ($_mailerror) {	
 								$log->logAction(USR_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
 								standard_error(array('errorsendingmail', $alternative_email));
 							}
@@ -516,12 +532,12 @@ elseif($page == 'accounts')
 					standard_error(array('stringisempty', 'mypassword'));
 					exit;
 				}
-				else
+				
-				{
+				$password = validatePassword($password);
-					$log->logAction(USR_ACTION, LOG_NOTICE, "changed email password for '" . $result['email_full'] . "'");
+				
-					$result = $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET " . ($settings['system']['mailpwcleartext'] == '1' ? "`password` = '" . $db->escape($password) . "', " : '') . " `password_enc`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['popaccountid'] . "'");
+				$log->logAction(USR_ACTION, LOG_NOTICE, "changed email password for '" . $result['email_full'] . "'");
-					redirectTo($filename, Array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
+				$result = $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET " . ($settings['system']['mailpwcleartext'] == '1' ? "`password` = '" . $db->escape($password) . "', " : '') . " `password_enc`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['popaccountid'] . "'");
-				}
+				redirectTo($filename, Array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 			}
 			else
 			{
@@ -597,13 +613,19 @@ elseif($page == 'accounts')
 					$quota = 0;
 				}
 
+				if(isset($_POST['delete_userfiles'])
+				  && (int)$_POST['delete_userfiles'] == 1)
+				{
+					inserttask('7', $userinfo['loginname'], $result['email_full']);
+				}
+
 				$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_accounts_used` = `email_accounts_used` - 1, `email_quota_used` = `email_quota_used` - " . (int)$quota . " WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted email account for '" . $result['email_full'] . "'");
 				redirectTo($filename, Array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 			}
 			else
 			{
-				ask_yesno('email_reallydelete_account', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['email_full']));
+				ask_yesno_withcheckbox('email_reallydelete_account', 'admin_customer_alsoremovemail', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['email_full']));
 			}
 		}
 	}

customer_extras.php

@@ -49,7 +49,7 @@ elseif($page == 'htpasswds')
 			'path' => $lng['panel']['path']
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_HTPASSWDS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result = $db->query("SELECT `id`, `username`, `path` FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		$result = $db->query("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -81,7 +81,7 @@ elseif($page == 'htpasswds')
 	elseif($action == 'delete'
 	       && $id != 0)
 	{
-		$result = $db->query_first("SELECT `id`, `customerid`, `username`, `path` FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 
 		if(isset($result['username'])
 		   && $result['username'] != '')
@@ -114,6 +114,7 @@ elseif($page == 'htpasswds')
 			$userpath = $path;
 			$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
 			$username = validate($_POST['username'], 'username', '/^[a-zA-Z0-9][a-zA-Z0-9\-_]+\$?$/');
+			$authname = validate($_POST['directory_authname'], 'directory_authname', '/^[a-zA-Z0-9][a-zA-Z0-9\-_ ]+\$?$/');
 			validate($_POST['directory_password'], 'password');
 			$username_path_check = $db->query_first("SELECT `id`, `username`, `path` FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `username`='" . $db->escape($username) . "' AND `path`='" . $db->escape($path) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");
 
@@ -151,7 +152,7 @@ elseif($page == 'htpasswds')
 			}
 			else
 			{
-				$db->query("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` (`customerid`, `username`, `password`, `path`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', '" . $db->escape($password) . "', '" . $db->escape($path) . "')");
+				$db->query("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` (`customerid`, `username`, `password`, `path`, `authname`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', '" . $db->escape($password) . "', '" . $db->escape($path) . "', '" . $db->escape($authname) . "')");
 				$log->logAction(USR_ACTION, LOG_INFO, "added htpasswd for '" . $username . " (" . $path . ")'");
 				inserttask('1');
 				redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -166,7 +167,7 @@ elseif($page == 'htpasswds')
 	elseif($action == 'edit'
 	       && $id != 0)
 	{
-		$result = $db->query_first("SELECT `id`, `username`, `path` FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 
 		if(isset($result['username'])
 		   && $result['username'] != '')
@@ -175,6 +176,7 @@ elseif($page == 'htpasswds')
 			   && $_POST['send'] == 'send')
 			{
 				validate($_POST['directory_password'], 'password');
+				$authname = validate($_POST['directory_authname'], 'directory_authname', '/^[a-zA-Z0-9][a-zA-Z0-9\-_ ]+\$?$/');
 
 				if(CRYPT_STD_DES == 1)
 				{
@@ -186,13 +188,25 @@ elseif($page == 'htpasswds')
 					$password = crypt($_POST['directory_password']);
 				}
 
-				if($_POST['directory_password'] == '')
+				$pwd_sql = '';
+				if($_POST['directory_password'] != '')
 				{
-					standard_error(array('stringisempty', 'mypassword'));
+					$pwd_sql = "`password`='" . $db->escape($password) . "' ";
 				}
-				else
+				
+				$auth_sql = '';
+				if($authname != $result['authname'])
 				{
-					$db->query("UPDATE `" . TABLE_PANEL_HTPASSWDS . "` SET `password`='" . $db->escape($password) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+					$auth_sql = "`authname`='" . $db->escape($authname) . "' ";
+				}
+
+				if($pwd_sql != '' || $auth_sql != '')
+				{
+					if($pwd_sql !='' && $auth_sql != '') {
+						$pwd_sql.= ', ';
+					}
+
+					$db->query("UPDATE `" . TABLE_PANEL_HTPASSWDS . "` SET ".$pwd_sql.$auth_sql." WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 					$log->logAction(USR_ACTION, LOG_INFO, "edited htpasswd for '" . $result['username'] . " (" . $result['path'] . ")'");
 					inserttask('1');
 					redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -221,10 +235,11 @@ elseif($page == 'htaccess')
 			'options_indexes' => $lng['extras']['view_directory'],
 			'error404path' => $lng['extras']['error404path'],
 			'error403path' => $lng['extras']['error403path'],
-			'error500path' => $lng['extras']['error500path']
+			'error500path' => $lng['extras']['error500path'],
+			'options_cgi' => $lng['extras']['execute_perl']
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_HTACCESS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result = $db->query("SELECT `id`, `path`, `options_indexes`, `error404path`, `error403path`, `error500path` FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		$result = $db->query("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -234,6 +249,8 @@ elseif($page == 'htaccess')
 		$count = 0;
 		$htaccess = '';
 
+		$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
+
 		while($row = $db->fetch_array($result))
 		{
 			if($paging->checkDisplay($i))
@@ -241,10 +258,14 @@ elseif($page == 'htaccess')
 				if(strpos($row['path'], $userinfo['documentroot']) === 0)
 				{
 					$row['path'] = substr($row['path'], strlen($userinfo['documentroot']));
+					// don't show nothing wehn it's the docroot, show slash
+					if ($row['path'] == '') { $row['path'] = '/'; }
 				}
 
 				$row['options_indexes'] = str_replace('1', $lng['panel']['yes'], $row['options_indexes']);
 				$row['options_indexes'] = str_replace('0', $lng['panel']['no'], $row['options_indexes']);
+				$row['options_cgi'] = str_replace('1', $lng['panel']['yes'], $row['options_cgi']);
+				$row['options_cgi'] = str_replace('0', $lng['panel']['no'], $row['options_cgi']);
 				$row = htmlentities_array($row);
 				eval("\$htaccess.=\"" . getTemplate("extras/htaccess_htaccess") . "\";");
 				$count++;
@@ -293,35 +314,18 @@ elseif($page == 'htaccess')
 				standard_error('invalidpath');
 			}
 
-			if(($_POST['error404path'] === '')
+			if(isset($_POST['options_cgi']))
-			   || (validateUrl($idna_convert->encode($_POST['error404path']))))
 			{
-				$error404path = $_POST['error404path'];
+				$options_cgi = intval($_POST['options_cgi']);
 			}
 			else
 			{
-				standard_error('mustbeurl');
+				$options_cgi = '0';
-			}
+			} 
 
-			if(($_POST['error403path'] === '')
+			$error404path = correctErrorDocument($_POST['error404path']);
-			   || (validateUrl($idna_convert->encode($_POST['error403path']))))
+			$error403path = correctErrorDocument($_POST['error403path']);
-			{
+			$error500path = correctErrorDocument($_POST['error500path']);
-				$error403path = $_POST['error403path'];
-			}
-			else
-			{
-				standard_error('mustbeurl');
-			}
-
-			if(($_POST['error500path'] === '')
-			   || (validateUrl($idna_convert->encode($_POST['error500path']))))
-			{
-				$error500path = $_POST['error500path'];
-			}
-			else
-			{
-				standard_error('mustbeurl');
-			}
 
 			if($path_dupe_check['path'] == $path)
 			{
@@ -333,7 +337,15 @@ elseif($page == 'htaccess')
 			}
 			else
 			{
-				$db->query('INSERT INTO `' . TABLE_PANEL_HTACCESS . '`  (`customerid`,  `path`,  `options_indexes`,  `error404path`,  `error403path`,  `error500path`  ) VALUES ("' . (int)$userinfo['customerid'] . '",  "' . $db->escape($path) . '",  "' . $db->escape($_POST['options_indexes'] == '1' ? '1' : '0') . '",  "' . $db->escape($error404path) . '",  "' . $db->escape($error403path) . '",  "' . $db->escape($error500path) . '"  )');
+				$db->query('INSERT INTO `' . TABLE_PANEL_HTACCESS . '` SET
+							`customerid` = "'.(int)$userinfo['customerid'].'",
+							`path` = "'.$db->escape($path).'",
+							`options_indexes` = "'.$db->escape($_POST['options_indexes'] == '1' ? '1' : '0').'",
+							`error404path` = "'.$db->escape($error404path).'",
+							`error403path` = "'.$db->escape($error403path).'",
+							`error500path` = "'.$db->escape($error500path).'",
+							`options_cgi` = "'.$db->escape($options_cgi).'"');
+
 				$log->logAction(USR_ACTION, LOG_INFO, "added htaccess for '" . $path . "'");
 				inserttask('1');
 				redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -342,7 +354,9 @@ elseif($page == 'htaccess')
 		else
 		{
 			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
-			$options_indexes = makeyesno('options_indexes', '1', '0', '1');
+			$options_indexes = makeyesno('options_indexes', '1', '0', '0');
+			$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
+			$options_cgi = makeyesno('options_cgi', '1', '0', '0');
 			eval("echo \"" . getTemplate("extras/htaccess_add") . "\";");
 		}
 	}
@@ -359,49 +373,30 @@ elseif($page == 'htaccess')
 			   && $_POST['send'] == 'send')
 			{
 				$option_indexes = intval($_POST['options_indexes']);
+				$options_cgi = isset($_POST['options_cgi']) ? intval($_POST['options_cgi']) : 0;
 
 				if($option_indexes != '1')
 				{
 					$option_indexes = '0';
 				}
 
-				if(($_POST['error404path'] === '')
+				if($options_cgi != '1')
-				   || (validateUrl($idna_convert->encode($_POST['error404path']))))
 				{
-					$error404path = $_POST['error404path'];
+					$options_cgi = '0';
-				}
-				else
-				{
-					standard_error('mustbeurl');
 				}
 
-				if(($_POST['error403path'] === '')
+				$error404path = correctErrorDocument($_POST['error404path']);
-				   || (validateUrl($idna_convert->encode($_POST['error403path']))))
+				$error403path = correctErrorDocument($_POST['error403path']);
-				{
+				$error500path = correctErrorDocument($_POST['error500path']);
-					$error403path = $_POST['error403path'];
-				}
-				else
-				{
-					standard_error('mustbeurl');
-				}
-
-				if(($_POST['error500path'] === '')
-				   || (validateUrl($idna_convert->encode($_POST['error500path']))))
-				{
-					$error500path = $_POST['error500path'];
-				}
-				else
-				{
-					standard_error('mustbeurl');
-				}
 
 				if(($option_indexes != $result['options_indexes'])
 				   || ($error404path != $result['error404path'])
 				   || ($error403path != $result['error403path'])
-				   || ($error500path != $result['error500path']))
+				   || ($error500path != $result['error500path'])
+				   || ($options_cgi != $result['options_cgi']))
 				{
 					inserttask('1');
-					$db->query('UPDATE `' . TABLE_PANEL_HTACCESS . '` SET `options_indexes` = "' . $db->escape($option_indexes) . '", `error404path`    = "' . $db->escape($error404path) . '",  `error403path`    = "' . $db->escape($error403path) . '",  `error500path`    = "' . $db->escape($error500path) . '" WHERE `customerid` = "' . (int)$userinfo['customerid'] . '"  AND `id` = "' . (int)$id . '"');
+					$db->query('UPDATE `' . TABLE_PANEL_HTACCESS . '` SET `options_indexes` = "' . $db->escape($option_indexes) . '", `error404path`    = "' . $db->escape($error404path) . '",  `error403path`    = "' . $db->escape($error403path) . '",  `error500path`    = "' . $db->escape($error500path) . '", `options_cgi` = "' . $db->escape($options_cgi) . '" WHERE `customerid` = "' . (int)$userinfo['customerid'] . '"  AND `id` = "' . (int)$id . '"');
 					$log->logAction(USR_ACTION, LOG_INFO, "edited htaccess for '" . str_replace($userinfo['documentroot'], '', $result['path']) . "'");
 				}
 
@@ -412,12 +407,16 @@ elseif($page == 'htaccess')
 				if(strpos($result['path'], $userinfo['documentroot']) === 0)
 				{
 					$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
+					// don't show nothing wehn it's the docroot, show slash
+					if ($result['path'] == '') { $result['path'] = '/'; }
 				}
 
 				$result['error404path'] = $result['error404path'];
 				$result['error403path'] = $result['error403path'];
 				$result['error500path'] = $result['error500path'];
 				$options_indexes = makeyesno('options_indexes', '1', '0', $result['options_indexes']);
+				$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
+				$options_cgi = makeyesno('options_cgi', '1', '0', $result['options_cgi']);
 				$result = htmlentities_array($result);
 				eval("echo \"" . getTemplate("extras/htaccess_edit") . "\";");
 			}

customer_ftp.php

@@ -97,12 +97,15 @@ elseif($page == 'accounts')
 			   && $_POST['send'] == 'send')
 			{
 				$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `up_count`=`up_count`+'" . (int)$result['up_count'] . "', `up_bytes`=`up_bytes`+'" . (int)$result['up_bytes'] . "', `down_count`=`down_count`+'" . (int)$result['down_count'] . "', `down_bytes`=`down_bytes`+'" . (int)$result['down_bytes'] . "' WHERE `username`='" . $db->escape($userinfo['loginname']) . "'");
+				$result = $db->query("SELECT `username` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+				while($row = $db->fetch_array($result))
+				{
+					$db->query("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = '" . $db->escape($row['username']) . "'");
+				}
 				$db->query("DELETE FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted ftp-account '" . $result['username'] . "'");
 				$db->query("UPDATE `" . TABLE_FTP_GROUPS . "` SET `members`=REPLACE(`members`,'," . $db->escape($result['username']) . "','') WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 
-				//					$db->query("DELETE FROM `".TABLE_FTP_GROUPS."` WHERE `customerid`='".$userinfo['customerid']."' AND `id`='$id'");
-
 				if($userinfo['ftps_used'] == '1')
 				{
 					$resetaccnumber = " , `ftp_lastaccountnumber`='0'";
@@ -112,12 +115,19 @@ elseif($page == 'accounts')
 					$resetaccnumber = '';
 				}
 
+				// refs #293
+				if(isset($_POST['delete_userfiles'])
+				  && (int)$_POST['delete_userfiles'] == 1)
+				{
+					inserttask('8', $userinfo['loginname'], $result['homedir']);
+				}
+
 				$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `ftps_used`=`ftps_used`-1 $resetaccnumber WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
 			else
 			{
-				ask_yesno('ftp_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username']);
+				ask_yesno_withcheckbox('ftp_reallydelete', 'admin_customer_alsoremoveftphomedir', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username']);
 			}
 		}
 		else
@@ -135,6 +145,13 @@ elseif($page == 'accounts')
 			{
 				$path = validate($_POST['path'], 'path');
 				$password = validate($_POST['ftp_password'], 'password');
+				$password = validatePassword($password);
+
+				$sendinfomail = intval($_POST['sendinfomail']);
+				if($sendinfomail != 1)
+				{
+					$sendinfomail = 0;
+				}
 
 				if($settings['customer']['ftpatdomain'] == '1')
 				{
@@ -172,26 +189,64 @@ elseif($page == 'accounts')
 				}
 				else
 				{
-					$userpath = makeCorrectDir($path);
 					$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
 					
 					$db->query("INSERT INTO `" . TABLE_FTP_USERS . "` (`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', ENCRYPT('" . $db->escape($password) . "'), '" . $db->escape($path) . "', 'y', '" . (int)$userinfo['guid'] . "', '" . (int)$userinfo['guid'] . "')");
+					$result = $db->query("SELECT `bytes_in_used` FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = '" . $userinfo['loginname'] . "'");
+					while($row = $db->fetch_array($result))
+					{
+						$db->query("INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` (`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`) VALUES ('" . $db->escape($username) . "', 'user', '" . $db->escape($row[bytes_in_used]) . "', '0', '0', '0', '0', '0')");
+					}
 					$db->query("UPDATE `" . TABLE_FTP_GROUPS . "` SET `members`=CONCAT_WS(',',`members`,'" . $db->escape($username) . "') WHERE `customerid`='" . $userinfo['customerid'] . "' AND `gid`='" . (int)$userinfo['guid'] . "'");
-
-					//						$db->query("INSERT INTO `".TABLE_FTP_GROUPS."` (`customerid`, `groupname`, `gid`, `members`) VALUES ('".$userinfo['customerid']."', '$username', '$uid', '$username')");
-
 					$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `ftps_used`=`ftps_used`+1, `ftp_lastaccountnumber`=`ftp_lastaccountnumber`+1 WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 
-					//						$db->query("UPDATE `".TABLE_PANEL_SETTINGS."` SET `value`='$uid' WHERE settinggroup='ftp' AND varname='lastguid'");
-
 					$log->logAction(USR_ACTION, LOG_INFO, "added ftp-account '" . $username . " (" . $path . ")'");
 					inserttask(5);
+
+					if($sendinfomail == 1)
+					{
+						$replace_arr = array(
+							'CUST_NAME' => getCorrectUserSalutation($userinfo),
+							'USR_NAME' => $username,
+							'USR_PASS' => $password,
+							'USR_PATH' => makeCorrectDir(substr($path, strlen($userinfo['documentroot'])))
+						);
+						
+						$def_language = $userinfo['def_language'];
+						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'new_ftpaccount_by_customer_subject\'');
+						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['ftp_add']['infomail_subject']), $replace_arr));
+						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'new_ftpaccount_by_customer_mailbody\'');
+						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['ftp_add']['infomail_body']['main']), $replace_arr));
+						
+						$_mailerror = false;
+						try {
+							$mail->Subject = $mail_subject;
+							$mail->AltBody = $mail_body;
+							$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
+							$mail->AddAddress($userinfo['email'], getCorrectUserSalutation($userinfo));
+							$mail->Send();
+						} catch(phpmailerException $e) {
+							$mailerr_msg = $e->errorMessage();
+							$_mailerror = true;
+						} catch (Exception $e) {
+							$mailerr_msg = $e->getMessage();
+							$_mailerror = true;
+						}
+
+						if ($_mailerror) {
+							$log->logAction(USR_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
+							standard_error('errorsendingmail', $userinfo['email']);
+						}
+
+						$mail->ClearAddresses();
+					}
+
 					redirectTo($filename, Array('page' => $page, 's' => $s));
 				}
 			}
 			else
 			{
-				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], '/');
 
 				if($settings['customer']['ftpatdomain'] == '1')
 				{
@@ -205,6 +260,8 @@ elseif($page == 'accounts')
 					}
 				}
 
+				$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');
+
 				eval("echo \"" . getTemplate("ftp/accounts_add") . "\";");
 			}
 		}
@@ -212,7 +269,7 @@ elseif($page == 'accounts')
 	elseif($action == 'edit'
 	       && $id != 0)
 	{
-		$result = $db->query_first("SELECT `id`, `username`, `homedir` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+		$result = $db->query_first("SELECT `id`, `username`, `homedir`, `uid`, `gid` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 
 		if(isset($result['username'])
 		   && $result['username'] != '')
@@ -220,26 +277,78 @@ elseif($page == 'accounts')
 			if(isset($_POST['send'])
 			   && $_POST['send'] == 'send')
 			{
-				$password = validate($_POST['ftp_password'], 'password');
+				$path = validate($_POST['path'], 'path');
+				
+				$_setnewpass = false;
+				if(isset($_POST['ftp_password']) && $_POST['ftp_password'] != '')
+				{
+					$password = validate($_POST['ftp_password'], 'password');
+					$password = validatePassword($password);
+					$_setnewpass = true;
+				}
 
-				if($password == '')
+				if($_setnewpass)
 				{
-					standard_error(array('stringisempty', 'mypassword'));
+					if($password == '')
-					exit;
+					{
+						standard_error(array('stringisempty', 'mypassword'));
+						exit;
+					}
+					else
+					{
+						$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account password for '" . $result['username'] . "'");
+						$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+					}
 				}
-				else
+				
+				if($path != '')
 				{
-					$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+					$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
-					$log->logAction(USR_ACTION, LOG_INFO, "edited ftp-account '" . $result['username'] . "'");
+					
-					redirectTo($filename, Array('page' => $page, 's' => $s));
+					if($path != $result['homedir'])
+					{
+						if(!file_exists($path))
+						{
+							mkDirWithCorrectOwnership($userinfo['documentroot'], $path, $result['uid'], $result['gid']);
+						}
+
+						$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account homdir for '" . $result['username'] . "'");
+						$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `homedir`= '" . $db->escape($path) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");						
+					}
 				}
+
+				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
 			else
 			{
+				if(strpos($result['homedir'], $userinfo['documentroot']) === 0)
+				{
+					$homedir = substr($result['homedir'], strlen($userinfo['documentroot']));
+				}
+				else
+				{
+					$homedir = $result['homedir'];
+				}
+				$homedir = makeCorrectDir($homedir);
+
+				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $homedir);
+
+				if($settings['customer']['ftpatdomain'] == '1')
+				{
+					$domains = '';
+
+					$result_domains = $db->query("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
+
+					while($row_domain = $db->fetch_array($result_domains))
+					{
+						$domains.= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['domain']);
+					}
+				}
+				
 				eval("echo \"" . getTemplate("ftp/accounts_edit") . "\";");
 			}
 		}
 	}
 }
 
-?>
+?>

customer_index.php

@@ -67,7 +67,7 @@ if($page == 'overview')
 	$userinfo['diskspace_used'] = round($userinfo['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
 	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
 	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps tickets subdomains aps_packages');
+	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps tickets subdomains aps_packages');
 	$opentickets = 0;
 	$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
                                    WHERE `customerid` = "' . $userinfo['customerid'] . '"
@@ -172,9 +172,14 @@ elseif($page == 'change_language')
 	{
 		$language_options = '';
 
+		$default_lang = $settings['panel']['standardlanguage'];
+		if($userinfo['def_language'] != '') { 
+			$default_lang = $userinfo['def_language'];
+		}
+
 		while(list($language_file, $language_name) = each($languages))
 		{
-			$language_options.= makeoption($language_name, $language_file, $userinfo['def_language'], true);
+			$language_options.= makeoption($language_name, $language_file, $default_lang, true);
 		}
 
 		eval("echo \"" . getTemplate("index/change_language") . "\";");

customer_mysql.php

@@ -52,7 +52,7 @@ elseif($page == 'mysqls')
 			'description' => $lng['mysql']['databasedescription']
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_DATABASES, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result = $db->query("SELECT `id`, `databasename`, `description`, `dbserver` FROM `" . TABLE_PANEL_DATABASES . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		$result = $db->query("SELECT * FROM `" . TABLE_PANEL_DATABASES . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -139,6 +139,13 @@ elseif($page == 'mysqls')
 			   && $_POST['send'] == 'send')
 			{
 				$password = validate($_POST['mysql_password'], 'password');
+				$password = validatePassword($password);
+
+				$sendinfomail = intval($_POST['sendinfomail']);
+				if($sendinfomail != 1)
+				{
+					$sendinfomail = 0;
+				}
 
 				if($password == '')
 				{
@@ -184,6 +191,53 @@ elseif($page == 'mysqls')
 					$databasedescription = validate($_POST['description'], 'description');
 					$result = $db->query('INSERT INTO `' . TABLE_PANEL_DATABASES . '` (`customerid`, `databasename`, `description`, `dbserver`) VALUES ("' . (int)$userinfo['customerid'] . '", "' . $db->escape($username) . '", "' . $db->escape($databasedescription) . '", "' . $db->escape($dbserver) . '")');
 					$result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`+1, `mysql_lastaccountnumber`=`mysql_lastaccountnumber`+1 WHERE `customerid`="' . (int)$userinfo['customerid'] . '"');
+
+					if($sendinfomail == 1)
+					{
+						$pma = $lng['admin']['notgiven'];
+						if($settings['panel']['phpmyadmin_url'] != '')
+						{
+							$pma = $settings['panel']['phpmyadmin_url'];
+						}
+
+						$replace_arr = array(
+							'CUST_NAME' => getCorrectUserSalutation($userinfo),
+							'DB_NAME' => $username,
+							'DB_PASS' => $password,
+							'DB_DESC' => $databasedescription,
+							'DB_SRV' => $sql_root[$dbserver]['host'],
+							'PMA_URI' => $pma 
+						);
+						
+						$def_language = $userinfo['def_language'];
+						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'new_database_by_customer_subject\'');
+						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['mysql_add']['infomail_subject']), $replace_arr));
+						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'new_database_by_customer_mailbody\'');
+						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['mysql_add']['infomail_body']['main']), $replace_arr));
+
+						$_mailerror = false;
+						try {
+							$mail->Subject = $mail_subject;
+							$mail->AltBody = $mail_body;
+							$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
+							$mail->AddAddress($userinfo['email'], getCorrectUserSalutation($userinfo));
+							$mail->Send();
+						} catch(phpmailerException $e) {
+							$mailerr_msg = $e->errorMessage();
+							$_mailerror = true;
+						} catch (Exception $e) {
+							$mailerr_msg = $e->getMessage();
+							$_mailerror = true;
+						}
+
+						if ($_mailerror) {
+							$log->logAction(USR_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
+							standard_error('errorsendingmail', $userinfo['email']);
+						}
+
+						$mail->ClearAddresses();
+					}
+
 					redirectTo($filename, Array('page' => $page, 's' => $s));
 				}
 			}
@@ -196,6 +250,8 @@ elseif($page == 'mysqls')
 					$mysql_servers .= makeoption($mysql_server_details['caption'], $mysql_server);
 				}
 
+				$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');
+
 				eval("echo \"" . getTemplate("mysql/mysqls_add") . "\";");
 			}
 		}
@@ -217,13 +273,14 @@ elseif($page == 'mysqls')
 			   && $_POST['send'] == 'send')
 			{
 				// Only change Password if it is set, do nothing if it is empty! -- PH 2004-11-29
-
 				$password = validate($_POST['mysql_password'], 'password');
 
 				if($password != '')
 				{
-					// Begin root-session
+					// validate password
+					$password = validatePassword($password);
 
+					// Begin root-session
 					$db_root = new db($sql_root[$result['dbserver']]['host'], $sql_root[$result['dbserver']]['user'], $sql_root[$result['dbserver']]['password'], '');
 					unset($db_root->password);
 					foreach(array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host)

customer_tickets.php

@@ -209,12 +209,12 @@ elseif($page == 'tickets')
 			else
 			{
 				$categories = '';
-				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `name` ASC');
+				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `logicalorder`, `name` ASC');
 
 				if(isset($result['name'])
 				   && $result['name'] != '')
 				{
-					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `name` ASC');
+					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `logicalorder`, `name` ASC');
 
 					while($row = $db->fetch_array($result2))
 					{
@@ -226,9 +226,9 @@ elseif($page == 'tickets')
 					$categories = makeoption($lng['ticket']['no_cat'], '0');
 				}
 
-				$priorities = makeoption($lng['ticket']['unf_high'], '1');
+				$priorities = makeoption($lng['ticket']['unf_high'], '1', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_normal'], '2');
+				$priorities.= makeoption($lng['ticket']['unf_normal'], '2', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_low'], '3');
+				$priorities.= makeoption($lng['ticket']['unf_low'], '3', $settings['ticket']['default_priority']);
 				$ticketsopen = 0;
 				$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
                                            WHERE `customerid` = "' . $userinfo['customerid'] . '"

customer_traffic.php

@@ -178,9 +178,18 @@ else
 	                     FROM `" . TABLE_PANEL_TRAFFIC . "`
 	                     WHERE `customerid`='" . $userinfo['customerid'] . "'
 	                     GROUP BY CONCAT(`year`,`month`) ORDER BY CONCAT(`year`,`month`) DESC LIMIT 12");
-	$row = mysql_fetch_row($result);
+	
-	rsort($row);
+	$nums = mysql_num_rows($result);
-	$traf['max'] = ($row[0] > $row[1] ? ($row[0] > $row[2] ? $row[0] : $row[2]) : ($row[1] > $row[2] ? $row[1] : $row[2]));
+	if($nums > 0)
+	{
+		$row = mysql_fetch_row($result);
+		rsort($row);
+		$traf['max'] = ($row[0] > $row[1] ? ($row[0] > $row[2] ? $row[0] : $row[2]) : ($row[1] > $row[2] ? $row[1] : $row[2]));
+	} else {
+		// no records yet
+		$traf['max'] = 0;
+	}
+	
 	$result = $db->query("SELECT `month`, `year`, SUM(`http`) AS http, SUM(`ftp_up`) AS ftp_up, SUM(`ftp_down`) AS ftp_down, SUM(`mail`) AS mail
 	                     FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE `customerid` = '" . $userinfo['customerid'] . "'
 	                     GROUP BY CONCAT(`year`,`month`) ORDER BY CONCAT(`year`,`month`) DESC LIMIT 12");

index.php

@@ -213,96 +213,126 @@ if($action == 'login')
 
 if($action == 'forgotpwd')
 {
+	$adminchecked = false;
+	$message = '';
+
 	if(isset($_POST['send'])
 	&& $_POST['send'] == 'send')
 	{
-		$adminchecked = false;
 		$loginname = validate($_POST['loginname'], 'loginname');
 		$email = validateEmail($_POST['loginemail'], 'email');
-		$sql = "SELECT `customerid`, `firstname`, `name`, `email`, `loginname` FROM `" . TABLE_PANEL_CUSTOMERS . "`
+		$sql = "SELECT `adminid`, `customerid`, `firstname`, `name`, `company`, `email`, `loginname`, `def_language` FROM `" . TABLE_PANEL_CUSTOMERS . "`
 				WHERE `loginname`='" . $db->escape($loginname) . "'
 				AND `email`='" . $db->escape($email) . "'";
 		$result = $db->query($sql);
 
 		if($db->num_rows() == 0)
 		{
-			$sql = "SELECT `adminid`, `name`, `email`, `loginname` FROM `" . TABLE_PANEL_ADMINS . "`
+			$sql = "SELECT `adminid`, `name`, `email`, `loginname`, `def_language` FROM `" . TABLE_PANEL_ADMINS . "`
 				WHERE `loginname`='" . $db->escape($loginname) . "'
 				AND `email`='" . $db->escape($email) . "'";
 			$result = $db->query($sql);
-			$adminchecked = true;
+				
-		}
+			if($db->num_rows() > 0)
-
-		$user = $db->fetch_array($result);
-
-		if(($adminchecked && $settings['panel']['allow_preset_admin'] == '1')
-		|| $adminchecked == false)
-		{
-			if($user !== false)
 			{
-				$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
+				$adminchecked = true;
-
-				if($adminchecked)
-				{
-					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `password`='" . md5($password) . "'
-							WHERE `loginname`='" . $user['loginname'] . "'
-							AND `email`='" . $user['email'] . "'");
-				}
-				else
-				{
-					$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `password`='" . md5($password) . "'
-							WHERE `loginname`='" . $user['loginname'] . "'
-							AND `email`='" . $user['email'] . "'");
-				}
-
-				$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $db, $settings);
-				$rstlog->logAction(USR_ACTION, LOG_WARNING, "Password for user '" . $user['loginname'] . "' has been reset!");
-				$body = strtr($lng['pwdreminder']['body'], array('%s' => $user['firstname'] . ' ' . $user['name'], '%p' => $password));
-				$mail->From = $settings['panel']['adminmail'];
-				$mail->FromName = 'Froxlor';
-				$mail->Subject = $lng['pwdreminder']['subject'];
-				$mail->Body = $body;
-				$mail->AddAddress($user['email'], $user['firstname'] . ' ' . $user['name']);
-
-				if(!$mail->Send())
-				{
-					if($mail->ErrorInfo != '')
-					{
-						$mailerr_msg = $mail->ErrorInfo;
-					}
-					else
-					{
-						$mailerr_msg = $email;
-					}
-
-					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $db, $settings);
-					$rstlog->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
-					redirectTo('index.php', Array('showmessage' => '4'), true);
-					exit;
-				}
-
-				$mail->ClearAddresses();
-				redirectTo('index.php', Array('showmessage' => '1'), true);
-				exit;
 			}
 			else
 			{
-				$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $db, $settings);
+				$result = null;
-				$rstlog->logAction(USR_ACTION, LOG_WARNING, "User '" . $loginname . "' tried to reset pwd but wasn't found in database!");
-				$message = $lng['login']['usernotfound'];
 			}
+		}
 
-			unset($user);
+		if($result !== null)
-		}
-		else
 		{
-			$message = '';
+			$user = $db->fetch_array($result);
+
+			if(($adminchecked && $settings['panel']['allow_preset_admin'] == '1')
+			|| $adminchecked == false)
+			{
+				if($user !== false)
+				{
+					if ($settings['panel']['password_min_length'] <= 6) {
+						$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
+					} else {
+						// make it two times larger than password_min_length
+						$rnd = '';
+						$minlength = $settings['panel']['password_min_length'];
+						while (strlen($rnd) < ($minlength * 2))
+						{
+							$rnd .= md5(uniqid(microtime(), 1));
+						}
+						$password = substr($rnd, (int)($minlength / 2), $minlength);
+					}
+
+					if($adminchecked)
+					{
+						$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `password`='" . md5($password) . "'
+								WHERE `loginname`='" . $user['loginname'] . "'
+								AND `email`='" . $user['email'] . "'");
+					}
+					else
+					{
+						$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `password`='" . md5($password) . "'
+								WHERE `loginname`='" . $user['loginname'] . "'
+								AND `email`='" . $user['email'] . "'");
+					}
+
+					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $db, $settings);
+					$rstlog->logAction(USR_ACTION, LOG_WARNING, "Password for user '" . $user['loginname'] . "' has been reset!");
+
+					$replace_arr = array(
+						'SALUTATION' => getCorrectUserSalutation($user),
+						'USERNAME' => $user['loginname'],
+						'PASSWORD' => $password
+					);
+
+					$body = strtr($lng['pwdreminder']['body'], array('%s' => $user['firstname'] . ' ' . $user['name'], '%p' => $password));
+
+					$def_language = ($user['def_language'] != '') ? $user['def_language'] : $settings['panel']['standardlanguage'];
+					$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$user['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'password_reset_subject\'');
+					$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['pwdreminder']['subject']), $replace_arr));
+					$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$user['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'password_reset_mailbody\'');
+					$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $body), $replace_arr));
+						
+					$_mailerror = false;
+					try {
+						$mail->Subject = $mail_subject;
+						$mail->AltBody = $mail_body;
+						$mail->MsgHTML(str_replace("\\n", "<br />", $mail_body));
+						$mail->AddAddress($user['email'], $user['firstname'] . ' ' . $user['name']);
+						$mail->Send();
+					} catch(phpmailerException $e) {
+						$mailerr_msg = $e->errorMessage();
+						$_mailerror = true;
+					} catch (Exception $e) {
+						$mailerr_msg = $e->getMessage();
+						$_mailerror = true;
+					}
+
+					if ($_mailerror) {
+						$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $db, $settings);
+						$rstlog->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
+						redirectTo('index.php', Array('showmessage' => '4'), true);
+						exit;
+					}
+
+					$mail->ClearAddresses();
+					redirectTo('index.php', Array('showmessage' => '1'), true);
+					exit;
+				}
+				else
+				{
+					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $db, $settings);
+					$rstlog->logAction(USR_ACTION, LOG_WARNING, "User '" . $loginname . "' tried to reset pwd but wasn't found in database!");
+					$message = $lng['login']['usernotfound'];
+				}
+
+				unset($user);
+			}
 		}
 	}
-	else
+
-	{
-		$message = '';
-	}
 
 	if($adminchecked)
 	{

install/froxlor.sql

@@ -164,6 +164,8 @@ CREATE TABLE `panel_admins` (
   `can_manage_aps_packages` tinyint(1) NOT NULL default '1',
   `aps_packages` int(5) NOT NULL default '0',
   `aps_packages_used` int(5) NOT NULL default '0',
+  `email_autoresponder` int(5) NOT NULL default '0',
+  `email_autoresponder_used` int(5) NOT NULL default '0',
    PRIMARY KEY  (`adminid`),
    UNIQUE KEY `loginname` (`loginname`)
 ) TYPE=MyISAM ;
@@ -227,6 +229,9 @@ CREATE TABLE `panel_customers` (
   `imap` tinyint(1) NOT NULL default '1',
   `aps_packages` int(5) NOT NULL default '0',
   `aps_packages_used` int(5) NOT NULL default '0',
+  `perlenabled` tinyint(1) NOT NULL default '0',
+  `email_autoresponder` int(5) NOT NULL default '0',
+  `email_autoresponder_used` int(5) NOT NULL default '0',
    PRIMARY KEY  (`customerid`),
    UNIQUE KEY `loginname` (`loginname`)
 ) TYPE=MyISAM ;
@@ -248,6 +253,7 @@ CREATE TABLE `panel_databases` (
   `databasename` varchar(255) NOT NULL default '',
   `description` varchar(255) NOT NULL default '',
   `dbserver` int(11) unsigned NOT NULL default '0',
+  `apsdb` tinyint(1) NOT NULL default '0',
   PRIMARY KEY  (`id`),
   KEY `customerid` (`customerid`)
 ) TYPE=MyISAM ;
@@ -274,7 +280,7 @@ CREATE TABLE `panel_domains` (
   `isbinddomain` tinyint(1) NOT NULL default '0',
   `isemaildomain` tinyint(1) NOT NULL default '0',
   `email_only` tinyint(1) NOT NULL default '0',
-  `iswildcarddomain` tinyint(1) NOT NULL default '0',
+  `iswildcarddomain` tinyint(1) NOT NULL default '1',
   `subcanemaildomain` tinyint(1) NOT NULL default '0',
   `caneditdomain` tinyint(1) NOT NULL default '1',
   `zonefile` varchar(255) NOT NULL default '',
@@ -299,6 +305,7 @@ CREATE TABLE `panel_domains` (
   `phpsettingid` INT( 11 ) UNSIGNED NOT NULL DEFAULT '1',
   `mod_fcgid_starter` int(4) default '-1',
   `mod_fcgid_maxrequests` int(4) default '-1',
+  `ismainbutsubto` int(11) unsigned NOT NULL default '0',
   PRIMARY KEY  (`id`),
   KEY `customerid` (`customerid`),
   KEY `parentdomain` (`parentdomainid`),
@@ -355,6 +362,7 @@ CREATE TABLE `panel_htaccess` (
   `error403path` varchar(255) NOT NULL default '',
   `error500path` varchar(255) NOT NULL default '',
   `error401path` varchar(255) NOT NULL default '',
+  `options_cgi` tinyint(1) NOT NULL default '0',
   PRIMARY KEY  (`id`)
 ) TYPE=MyISAM ;
 
@@ -376,6 +384,7 @@ CREATE TABLE `panel_htpasswds` (
   `path` varchar(255) NOT NULL default '',
   `username` varchar(255) NOT NULL default '',
   `password` varchar(255) NOT NULL default '',
+  `authname` varchar(255) NOT NULL default 'Restricted Area',
   PRIMARY KEY  (`id`),
   KEY `customerid` (`customerid`)
 ) TYPE=MyISAM ;
@@ -451,7 +460,7 @@ INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) V
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (18, 'system', 'vmail_homedir', '/var/customers/mail/');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (19, 'system', 'bindconf_directory', '/etc/bind/');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (20, 'system', 'bindreload_command', '/etc/init.d/bind9 reload');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (22, 'panel', 'version', '0.9.2');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (22, 'panel', 'version', '0.9.13');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (23, 'system', 'hostname', 'SERVERNAME');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (24, 'login', 'maxloginattempts', '3');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (25, 'login', 'deactivatetime', '900');
@@ -508,48 +517,78 @@ INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) V
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (77, 'dkim', 'use_dkim', '0');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (78, 'system', 'webalizer_enabled', '1');
 INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (79, 'system', 'awstats_enabled', '0');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (80, 'system', 'awstats_domain_file', '/etc/awstats/');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (80, 'dkim', 'dkim_prefix', '/etc/postfix/dkim/');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (81, 'system', 'awstats_model_file', '/etc/awstats/awstats.model.conf.froxlor');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (81, 'dkim', 'dkim_domains', 'domains');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (82, 'dkim', 'dkim_prefix', '/etc/postfix/dkim/');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (82, 'dkim', 'dkim_dkimkeys', 'dkim-keys.conf');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (83, 'dkim', 'dkim_domains', 'domains');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (83, 'dkim', 'dkimrestart_command', '/etc/init.d/dkim-filter restart');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (84, 'dkim', 'dkim_dkimkeys', 'dkim-keys.conf');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (84, 'panel', 'unix_names', '1');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (85, 'dkim', 'dkimrestart_command', '/etc/init.d/dkim-filter restart');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (85, 'panel', 'allow_preset', '1');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (86, 'panel', 'unix_names', '1');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (86, 'panel', 'allow_preset_admin', '0');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (87, 'panel', 'allow_preset', '1');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (87, 'system', 'httpuser', 'www-data');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (88, 'system', 'awstats_path', '/usr/share/awstats/VERSION/webroot/cgi-bin/');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (88, 'system', 'httpgroup', 'www-data');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (89, 'system', 'awstats_updateall_command', '/usr/bin/awstats_updateall.pl');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (89, 'system', 'webserver', 'apache2');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (90, 'panel', 'allow_preset_admin', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (90, 'autoresponder', 'autoresponder_active', '0');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (91, 'system', 'httpuser', 'www-data');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (91, 'autoresponder', 'last_autoresponder_run', '0');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (92, 'system', 'httpgroup', 'www-data');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (92, 'admin', 'show_version_login', '0');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (93, 'system', 'webserver', 'apache2');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (93, 'admin', 'show_version_footer', '0');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (94, 'autoresponder', 'autoresponder_active', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (94, 'admin', 'froxlor_graphic', 'images/header.gif');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (95, 'autoresponder', 'last_autoresponder_run', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (95, 'system', 'mod_fcgid_wrapper', '1');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (96, 'admin', 'show_version_login', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (96, 'system', 'mod_fcgid_starter', '0');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (97, 'admin', 'show_version_footer', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (97, 'system', 'mod_fcgid_peardir', '/usr/share/php/:/usr/share/php5/');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (98, 'admin', 'froxlor_graphic', 'images/header.gif');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (98, 'system', 'index_file_extension', 'html');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (99, 'system', 'mod_fcgid_wrapper', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (99, 'aps', 'items_per_page', '20');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (100, 'system', 'mod_fcgid_starter', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (100, 'aps', 'upload_fields', '5');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (101, 'system', 'mod_fcgid_peardir', '/usr/share/php/:/usr/share/php5/');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (101, 'aps', 'aps_active', '0');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (102, 'system', 'index_file_extension', 'html');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (102, 'aps', 'php-extension', '');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (103, 'aps', 'items_per_page', '20');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (103, 'aps', 'php-configuration', '');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (104, 'aps', 'upload_fields', '5');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (104, 'aps', 'webserver-htaccess', '');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (105, 'aps', 'aps_active', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (105, 'aps', 'php-function', '');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (1069, 'aps', 'php-extension', '');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (106, 'aps', 'webserver-module', '');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (107, 'aps', 'php-configuration', '');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (107, 'system', 'realtime_port', '0');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (108, 'aps', 'webserver-htaccess', '');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (108, 'session', 'allow_multiple_login', '0');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (109, 'aps', 'php-function', '');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (109, 'panel', 'allow_domain_change_admin', '0');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (110, 'aps', 'webserver-module', '');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (110, 'panel', 'allow_domain_change_customer', '0');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (111, 'system', 'realtime_port', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (111, 'system', 'mod_fcgid_maxrequests', '250');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (112, 'session', 'allow_multiple_login', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (112, 'system','ssl_key_file','/etc/apache2/apache2.key');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (113, 'panel', 'allow_domain_change_admin', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (113, 'system','ssl_ca_file','');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (114, 'panel', 'allow_domain_change_customer', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (114, 'panel', 'frontend', 'froxlor');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (115, 'system', 'mod_fcgid_maxrequests', '250');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (115, 'spf', 'use_spf', '0');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (116, 'system','ssl_key_file','/etc/apache2/apache2.key');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (116, 'spf', 'spf_entry', '@	IN	TXT	"v=spf1 a mx -all"');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (117, 'system','ssl_ca_file','');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (117, 'system', 'debug_cron', '0');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (118, 'panel', 'frontend', 'froxlor');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (118, 'panel', 'password_min_length', '0');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (119, 'spf', 'use_spf', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (119, 'system', 'store_index_file_subs', '1');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (120, 'spf', 'spf_entry', '@	IN	TXT	"v=spf1 a mx -all"');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (120, 'panel', 'adminmail_defname', 'Froxlor Administrator');
-INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (121, 'system', 'debug_cron', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (121, 'panel', 'adminmail_return', '');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (122, 'dkim', 'dkim_algorithm', 'all');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (123, 'dkim', 'dkim_add_adsp', '1');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (124, 'dkim', 'dkim_keylength', '1024');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (125, 'dkim', 'dkim_servicetype', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (126, 'dkim', 'dkim_add_adsppolicy', '1');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (127, 'dkim', 'dkim_notes', '');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (128, 'system', 'stdsubdomain', '');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (129, 'system', 'awstats_path', '/usr/bin/');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (130, 'system', 'awstats_conf', '/etc/awstats/');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (131, 'system', 'defaultttl', '604800');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (132, 'defaultwebsrverrhandler', 'enabled', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (133, 'defaultwebsrverrhandler', 'err401', '');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (134, 'defaultwebsrverrhandler', 'err403', '');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (135, 'defaultwebsrverrhandler', 'err404', '');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (136, 'defaultwebsrverrhandler', 'err500', '');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (137, 'ticket', 'default_priority', '2');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (138, 'system', 'mod_fcgid_defaultini', '1');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (139, 'system', 'ftpserver', 'proftpd');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (140, 'customredirect', 'enabled', '1');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (141, 'customredirect', 'default', '1');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (142, 'system', 'dns_createmailentry', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (143, 'system', 'froxlordirectlyviahostname', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (144, 'panel', 'password_regex', '');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (145, 'system', 'perl_path', '/usr/bin/perl');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (146, 'system', 'mod_fcgid_ownvhost', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (147, 'system', 'mod_fcgid_httpuser', 'froxlorlocal');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (148, 'system', 'mod_fcgid_httpgroup', 'froxlorlocal');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (149, 'perl', 'suexecworkaround', '0');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (150, 'perl', 'suexecpath', '/var/www/cgi-bin/');
+INSERT INTO `panel_settings` (`settingid`, `settinggroup`, `varname`, `value`) VALUES (151, 'system', 'awstats_awstatspath', '/usr/bin/');
 
 # --------------------------------------------------------
 
@@ -731,6 +770,7 @@ INSERT INTO `panel_languages` VALUES (13, 'Dutch', 'lng/dutch.lng.php');
 INSERT INTO `panel_languages` VALUES (14, 'Hungarian', 'lng/hungarian.lng.php');
 INSERT INTO `panel_languages` VALUES (15, 'Swedish', 'lng/swedish.lng.php');
 INSERT INTO `panel_languages` VALUES (16, 'Czech', 'lng/czech.lng.php');
+INSERT INTO `panel_languages` VALUES (17, 'Polski', 'lng/polish.lng.php');
 
 # --------------------------------------------------------
 
@@ -771,6 +811,7 @@ CREATE TABLE `panel_ticket_categories` (
   `id` smallint(5) unsigned NOT NULL auto_increment,
   `name` varchar(60) NOT NULL,
   `adminid` int(11) NOT NULL,
+  `logicalorder` int(3) NOT NULL default '1',
   PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM;
 
@@ -807,6 +848,7 @@ CREATE TABLE IF NOT EXISTS `panel_syslog` (
 # Table structure for table `mail_autoresponder`
 #
 
+DROP TABLE IF EXISTS `mail_autoresponder`;
 CREATE TABLE `mail_autoresponder` (
   `email` varchar(255) NOT NULL default '',
   `message` text NOT NULL,
@@ -831,6 +873,7 @@ CREATE TABLE `mail_autoresponder` (
 # Table structure for table `panel_phpconfigs`
 #
 
+DROP TABLE IF EXISTS `panel_phpconfigs`;
 CREATE TABLE `panel_phpconfigs` (
   `id` int(11) unsigned NOT NULL auto_increment,
   `description` varchar(50) NOT NULL,
@@ -854,6 +897,7 @@ INSERT INTO `panel_phpconfigs` (`id`, `description`, `binary`, `file_extensions`
 # Tabellenstruktur fuer Tabelle `aps_instances`
 #
 
+DROP TABLE IF EXISTS `aps_instances`;
 CREATE TABLE IF NOT EXISTS `aps_instances` (
   `ID` int(4) NOT NULL auto_increment,
   `CustomerID` int(4) NOT NULL,
@@ -868,6 +912,7 @@ CREATE TABLE IF NOT EXISTS `aps_instances` (
 # Tabellenstruktur fuer Tabelle `aps_packages`
 #
 
+DROP TABLE IF EXISTS `aps_packages`;
 CREATE TABLE IF NOT EXISTS `aps_packages` (
   `ID` int(4) NOT NULL auto_increment,
   `Path` varchar(500) NOT NULL,
@@ -884,6 +929,7 @@ CREATE TABLE IF NOT EXISTS `aps_packages` (
 # Tabellenstruktur fuer Tabelle `aps_settings`
 #
 
+DROP TABLE IF EXISTS `aps_settings`;
 CREATE TABLE IF NOT EXISTS `aps_settings` (
   `ID` int(4) NOT NULL auto_increment,
   `InstanceID` int(4) NOT NULL,
@@ -898,6 +944,7 @@ CREATE TABLE IF NOT EXISTS `aps_settings` (
 # Tabellenstruktur fuer Tabelle `aps_tasks`
 #
 
+DROP TABLE IF EXISTS `aps_tasks`;
 CREATE TABLE IF NOT EXISTS `aps_tasks` (
   `ID` int(4) NOT NULL auto_increment,
   `InstanceID` int(4) NOT NULL,
@@ -911,6 +958,7 @@ CREATE TABLE IF NOT EXISTS `aps_tasks` (
 # Tabellenstruktur fuer Tabelle `aps_temp_settings`
 #
 
+DROP TABLE IF EXISTS `aps_temp_settings`;
 CREATE TABLE IF NOT EXISTS `aps_temp_settings` (
   `ID` int(4) NOT NULL auto_increment,
   `PackageID` int(4) NOT NULL,
@@ -926,6 +974,7 @@ CREATE TABLE IF NOT EXISTS `aps_temp_settings` (
 # Tabellenstruktur fuer Tabelle `cronjobs_run`
 #
 
+DROP TABLE IF EXISTS `cronjobs_run`;
 CREATE TABLE IF NOT EXISTS `cronjobs_run` (
   `id` bigint(20) NOT NULL auto_increment,
   `module` varchar(250) NOT NULL,  
@@ -947,5 +996,87 @@ INSERT INTO `cronjobs_run` (`id`, `module`, `cronfile`, `interval`, `isactive`,
 INSERT INTO `cronjobs_run` (`id`, `module`, `cronfile`, `interval`, `isactive`, `desc_lng_key`) VALUES (4, 'froxlor/autoresponder', 'cron_autoresponder.php', '5 MINUTE', '0', 'cron_autoresponder');
 INSERT INTO `cronjobs_run` (`id`, `module`, `cronfile`, `interval`, `isactive`, `desc_lng_key`) VALUES (5, 'froxlor/aps', 'cron_apsupdater.php', '1 HOUR', '0', 'cron_apsupdater');
 INSERT INTO `cronjobs_run` (`id`, `module`, `cronfile`, `interval`, `isactive`, `desc_lng_key`) VALUES (6, 'froxlor/core', 'cron_traffic.php', '1 DAY', '1', 'cron_traffic');
-INSERT INTO `cronjobs_run` (`id`, `module`, `cronfile`, `interval`, `isactive`, `desc_lng_key`) VALUES (7, 'froxlor/ticket', 'cron_used_tickets_reset.php', '1 MONTH', '1', 'cron_ticketsreset');
+INSERT INTO `cronjobs_run` (`id`, `module`, `cronfile`, `interval`, `isactive`, `desc_lng_key`) VALUES (7, 'froxlor/ticket', 'cron_used_tickets_reset.php', '1 DAY', '1', 'cron_ticketsreset');
 INSERT INTO `cronjobs_run` (`id`, `module`, `cronfile`, `interval`, `isactive`, `desc_lng_key`) VALUES (8, 'froxlor/ticket', 'cron_ticketarchive.php', '1 MONTH', '1', 'cron_ticketarchive');
+
+# --------------------------------------------------------
+
+#
+# Tabellenstruktur fuer Tabelle `ftp_quotalimits`
+#
+
+DROP TABLE IF EXISTS `ftp_quotalimits`;
+CREATE TABLE IF NOT EXISTS `ftp_quotalimits` (
+  `name` varchar(30) default NULL,
+  `quota_type` enum('user','group','class','all') NOT NULL default 'user',
+  `per_session` enum('false','true') NOT NULL default 'false',
+  `limit_type` enum('soft','hard') NOT NULL default 'hard',
+  `bytes_in_avail` float NOT NULL,
+  `bytes_out_avail` float NOT NULL,
+  `bytes_xfer_avail` float NOT NULL,
+  `files_in_avail` int(10) unsigned NOT NULL,
+  `files_out_avail` int(10) unsigned NOT NULL,
+  `files_xfer_avail` int(10) unsigned NOT NULL
+) ENGINE=MyISAM;
+
+#
+# Dumping data for table `ftp_quotalimits`
+#
+
+INSERT INTO `ftp_quotalimits` (`name`, `quota_type`, `per_session`, `limit_type`, `bytes_in_avail`, `bytes_out_avail`, `bytes_xfer_avail`, `files_in_avail`, `files_out_avail`, `files_xfer_avail`) VALUES ('froxlor', 'user', 'false', 'hard', 0, 0, 0, 0, 0, 0);
+
+# --------------------------------------------------------
+
+#
+# Tabellenstruktur fuer Tabelle `ftp_quotatallies`
+#
+
+DROP TABLE IF EXISTS `ftp_quotatallies`;
+CREATE TABLE IF NOT EXISTS `ftp_quotatallies` (
+  `name` varchar(30) NOT NULL,
+  `quota_type` enum('user','group','class','all') NOT NULL,
+  `bytes_in_used` float NOT NULL,
+  `bytes_out_used` float NOT NULL,
+  `bytes_xfer_used` float NOT NULL,
+  `files_in_used` int(10) unsigned NOT NULL,
+  `files_out_used` int(10) unsigned NOT NULL,
+  `files_xfer_used` int(10) unsigned NOT NULL
+) ENGINE=MyISAM;
+
+# --------------------------------------------------------
+
+#
+# Tabellenstruktur fuer Tabelle `redirect_codes`
+#
+
+DROP TABLE IF EXISTS `redirect_codes`;
+CREATE TABLE IF NOT EXISTS `redirect_codes` (
+  `id` int(5) NOT NULL auto_increment,
+  `code` varchar(3) NOT NULL,
+  `desc` varchar(200) NOT NULL,
+  `enabled` tinyint(1) DEFAULT '1',
+  PRIMARY KEY  (`id`)
+) ENGINE=MyISAM;
+
+#
+# Dumping data for table `redirect_codes`
+#
+
+INSERT INTO `redirect_codes` (`id`, `code`, `desc`, `enabled`) VALUES (1, '---', 'rc_default', 1);
+INSERT INTO `redirect_codes` (`id`, `code`, `desc`, `enabled`) VALUES (2, '301', 'rc_movedperm', 1);
+INSERT INTO `redirect_codes` (`id`, `code`, `desc`, `enabled`) VALUES (3, '302', 'rc_found', 1);
+INSERT INTO `redirect_codes` (`id`, `code`, `desc`, `enabled`) VALUES (4, '303', 'rc_seeother', 1);
+INSERT INTO `redirect_codes` (`id`, `code`, `desc`, `enabled`) VALUES (5, '307', 'rc_tempred', 1);
+
+# --------------------------------------------------------
+
+#
+# Tabellenstruktur fuer Tabelle `domain_redirect_codes`
+#
+
+DROP TABLE IF EXISTS `domain_redirect_codes`;
+CREATE TABLE IF NOT EXISTS `domain_redirect_codes` (
+  `rid` int(5) NOT NULL,
+  `did` int(11) unsigned NOT NULL,
+  UNIQUE KEY `rc` (`rid`, `did`)
+) ENGINE=MyISAM;

install/install.php

@@ -156,6 +156,133 @@ function status_message($case, $text)
 	}
 }
 
+function requirement_checks()
+{
+	global $lng;
+	page_header();
+
+?>
+	<table cellpadding="5" cellspacing="4" border="0" align="center" class="maintable">
+		<tr>
+			<td class="maintitle"><b><img src="../images/title.gif" alt="" />&nbsp;Froxlor Installation</b></td>
+		</tr>
+<?php
+	$_die = false;
+	
+	// check for correct php version
+	status_message('begin', $lng['install']['phpversion']);
+
+	if(version_compare("5.2.0", PHP_VERSION, ">="))
+	{
+		status_message('red', $lng['install']['notinstalled']);
+		$_die = true;
+	}
+	else
+	{
+		status_message('green', 'OK');
+	}
+
+	// Check if magic_quotes_runtime is active
+	status_message('begin', $lng['install']['phpmagic_quotes_runtime']);	 
+	if(get_magic_quotes_runtime())
+	{
+	    // Deactivate
+	    set_magic_quotes_runtime(false);
+	    status_message('orange', $lng['install']['active'] . '<br />' . $lng['install']['phpmagic_quotes_runtime_description']);
+	}
+	else
+	{
+		status_message('green', 'OK');
+	}
+
+	status_message('begin', $lng['install']['phpmysql']);
+
+	if(!extension_loaded('mysql'))
+	{
+		status_message('red', $lng['install']['notinstalled']);
+		$_die = true;
+	}
+	else
+	{
+		status_message('green', 'OK');
+	}
+
+	status_message('begin', $lng['install']['phpfilter']);
+
+	if(!extension_loaded('filter'))
+	{
+		status_message('red', $lng['install']['notinstalled']);
+		$_die = true;
+	}
+	else
+	{
+		status_message('green', 'OK');
+	}
+
+	status_message('begin', $lng['install']['phpposix']);	
+
+	if(!extension_loaded('posix'))
+	{
+		status_message('red', $lng['install']['notinstalled']);
+		$_die = true;
+	}
+	else
+	{
+		status_message('green', 'OK');
+	}
+	
+	status_message('begin', $lng['install']['phpbcmath']);
+
+	if(!extension_loaded('bcmath'))
+	{
+		status_message('orange', $lng['install']['notinstalled'] . '<br />' . $lng['install']['bcmathdescription']);
+	}
+	else
+	{
+		status_message('green', 'OK');
+	}
+
+	status_message('begin', $lng['install']['openbasedir']);
+	$php_ob = @ini_get("open_basedir");
+
+	if(!empty($php_ob)
+	   && $php_ob != '')
+	{
+		status_message('orange', $lng['install']['openbasedirenabled']);
+	}
+	else
+	{
+		status_message('green', 'OK');
+	}
+
+	if($_die)
+	{
+?>
+		<tr>
+			<td class="main_field_display" align="center">
+				<?php echo $lng['install']['diedbecauseofrequirements']; ?><br />
+				<a href="install.php"><?php echo $lng['install']['click_here_to_refresh']; ?></a>
+			</td>
+		</tr>
+<?php 
+	} else {
+?>
+		<tr>
+			<td class="main_field_display" align="center">
+				<?php echo $lng['install']['froxlor_succ_checks']; ?><br />
+				<a href="install.php?check=1"><?php echo $lng['install']['click_here_to_continue']; ?></a>
+			</td>
+		</tr>
+<?php
+	}
+?>
+	</table>
+	<br />
+	<br />
+<?php 
+	page_footer();
+}
+
 /**
  * END FUNCTIONS ---------------------------------------------------
  */
@@ -174,7 +301,7 @@ else
 {
 	if(!empty($_SERVER['SERVER_NAME']))
 	{
-		if(validate_ip($_SERVER['SERVER_NAME'], true) == false)
+		if(preg_match('/^[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$/', $_SERVER['SERVER_NAME']) == false)
 		{
 			$servername = $_SERVER['SERVER_NAME'];
 		}
@@ -307,12 +434,12 @@ if(!empty($_POST['webserver']))
 else
 {
 	if(strtoupper(@php_sapi_name()) == "APACHE2HANDLER"
-	   || stristr($_SERVER[SERVER_SOFTWARE], "apache/2"))
+	   || stristr($_SERVER['SERVER_SOFTWARE'], "apache/2"))
 	{
 		$webserver = 'apache2';
 	}
 	elseif(substr(strtoupper(@php_sapi_name()), 0, 8) == "LIGHTTPD"
-	       || stristr($_SERVER[SERVER_SOFTWARE], "lighttpd"))
+	       || stristr($_SERVER['SERVER_SOFTWARE'], "lighttpd"))
 	{
 		$webserver = 'lighttpd';
 	}
@@ -371,89 +498,6 @@ if(isset($_POST['installstep'])
 			<td class="maintitle"><b><img src="../images/title.gif" alt="" />&nbsp;Froxlor Installation</b></td>
 		</tr>
 <?php
-	$_die = false;
-	
-	// check for correct php version
-	status_message('begin', $lng['install']['phpversion']);
-
-	if(version_compare("5.2.0", PHP_VERSION, ">="))
-	{
-		status_message('red', $lng['install']['notinstalled']);
-		$_die = true;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-
-	status_message('begin', $lng['install']['phpmysql']);
-
-	if(!extension_loaded('mysql'))
-	{
-		status_message('red', $lng['install']['notinstalled']);
-		$_die = true;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	status_message('begin', $lng['install']['phpfilter']);
-
-	if(!extension_loaded('filter'))
-	{
-		status_message('red', $lng['install']['notinstalled']);
-		$_die = true;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	status_message('begin', $lng['install']['phpposix']);	
-
-	if(!extension_loaded('posix'))
-	{
-		status_message('red', $lng['install']['notinstalled']);
-		$_die = true;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-	
-	status_message('begin', $lng['install']['phpbcmath']);
-
-	if(!extension_loaded('bcmath'))
-	{
-		status_message('orange', $lng['install']['notinstalled'] . '<br />' . $lng['install']['bcmathdescription']);
-		$_die = false;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	status_message('begin', $lng['install']['openbasedir']);
-	$php_ob = @ini_get("open_basedir");
-
-	if(!empty($php_ob)
-	   && $php_ob != '')
-	{
-		status_message('orange', $lng['install']['openbasedirenabled']);
-		$_die = false;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	if($_die)
-	{
-		status_message('begin', $lng['install']['diedbecauseofrequirements']);
-		die();
-	}
 
 	//first test if we can access the database server with the given root user and password
 
@@ -467,15 +511,45 @@ if(isset($_POST['installstep'])
 	//first we make a backup of the old DB if it exists
 
 	status_message('begin', $lng['install']['backup_old_db']);
-	$result = mysql_list_tables($mysql_database);
+	$tables_exist = false;
 
-	if($result)
+	$sql = "SHOW TABLES FROM $mysql_database";
+	$result = mysql_query($sql);
+
+	// check the first row
+	if($result !== false)
 	{
-		$filename = "/tmp/froxlor_backup_" . date(YmdHi) . ".sql";
+		$row = mysql_num_rows($result);
+	
+		if($row > 0)
+		{
+			$tables_exist = true;
+		}
+	}
+
+	if($tables_exist)
+	{
+		$filename = "/tmp/froxlor_backup_" . date('YmdHi') . ".sql";
 
 		if(is_file("/usr/bin/mysqldump"))
 		{
-			$command = "/usr/bin/mysqldump " . $mysql_database . " -u " . $mysql_root_user . " --password='" . $mysql_root_pass . "' --result-file=" . $filename;
+			$do_backup = true;
+			$mysql_dump = '/usr/bin/mysqldump';
+		}
+		elseif(is_file("/usr/local/bin/mysqldump"))
+		{
+			$do_backup = true;
+			$mysql_dump = '/usr/local/bin/mysqldump';
+		}
+		else
+		{
+			$do_backup = false;
+			status_message('red', $lng['install']['backing_up_binary_missing']);
+		}
+		
+		if($do_backup) {
+			
+			$command = $mysql_dump . " " . $mysql_database . " -u " . $mysql_root_user . " --password='" . $mysql_root_pass . "' --result-file=" . $filename;
 			$output = exec($command);
 
 			if(stristr($output, "error"))
@@ -486,10 +560,7 @@ if(isset($_POST['installstep'])
 			{
 				status_message('green', 'OK');
 			}
-		}
+
-		else
-		{
-			status_message('red', $lng['install']['backing_up_binary_missing']);
 		}
 	}
 
@@ -575,8 +646,6 @@ if(isset($_POST['installstep'])
 	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($webserver) . "' WHERE `settinggroup` = 'system' AND `varname` = 'webserver'");
 	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($webserver) . "' WHERE `settinggroup` = 'system' AND `varname` = 'webserver'");
 
-	//FIXME
-
 	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($httpuser) . "' WHERE `settinggroup` = 'system' AND `varname` = 'httpuser'");
 	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($httpgroup) . "' WHERE `settinggroup` = 'system' AND `varname` = 'httpgroup'");
 
@@ -594,6 +663,7 @@ if(isset($_POST['installstep'])
 		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/lighttpd/froxlor-htpasswd/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_htpasswddir'");
 		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/init.d/lighttpd reload' WHERE `settinggroup` = 'system' AND `varname` = 'apachereload_command'");
 		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/lighttpd/lighttpd.pem' WHERE `settinggroup` = 'system' AND `varname` = 'ssl_cert_file'");
+		$ssettings = '';
 	}
 
 	// insert the lastcronrun to be the installation date
@@ -601,11 +671,22 @@ if(isset($_POST['installstep'])
 	$query = 'UPDATE `%s` SET `value` = UNIX_TIMESTAMP() WHERE `settinggroup` = \'system\'  AND `varname` = \'lastcronrun\'';
 	$query = sprintf($query, TABLE_PANEL_SETTINGS);
 	$db->query($query);
+	
+	// set specific times for some crons (traffic only at night, etc.)
+	$ts = mktime(0, 0, 0, date('m', time()), date('d', time()), date('Y', time()));
+	$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_traffic.php';");
+	$ts = mktime(1, 0, 0, date('m', time()), date('d', time()), date('Y', time()));
+	$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_used_tickets_reset.php';");
+	$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_ticketarchive.php';");
 
 	// and lets insert the default ip and port
 
-	$query = 'INSERT INTO `%s`  SET `ip`   = \'%s\',  `port` = \'80\' ';
+	$query = "INSERT INTO `".TABLE_PANEL_IPSANDPORTS."` 
-	$query = sprintf($query, TABLE_PANEL_IPSANDPORTS, $db->escape($serverip));
+			 SET `ip`= '".$db->escape($serverip)."', 
+			 `port` = '80',
+			 `namevirtualhost_statement` = '1',
+			 `vhostcontainer` = '1', 
+			 `vhostcontainer_servername_statement` = '1'";
 	$db->query($query);
 	$defaultip = $db->insert_id();
 
@@ -653,7 +734,10 @@ if(isset($_POST['installstep'])
 		`traffic` = -1048576,
 		`traffic_used` = 0,
 		`deactivated` = 0,
-		`aps_packages` = -1");
+		`aps_packages` = -1,
+		`aps_packages_used` = 0,
+		`email_autoresponder` = -1,
+		`email_autoresponder_used` = 0");
 	status_message('green', 'OK');
 
 	//now we create the userdata.inc.php with the mysql-accounts
@@ -708,10 +792,17 @@ if(isset($_POST['installstep'])
 }
 else
 {
+	
+	if((isset($_GET['check'])
+		&& $_GET['check'] == '1')
+		|| (isset($_POST['installstep']) 
+		&& $_POST['installstep'] == '1')
+	) {
 	page_header();
 
 ?>
 	<form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']) ?>" method="get">
+		<input type="hidden" name="check" value="1" />
 		<table cellpadding="5" cellspacing="4" border="0" align="center" class="maintable_40">
 			<tr>
 				<td class="maintitle" colspan="2"><b><img src="../images/title.gif" alt="" />&nbsp;<?php echo $lng['install']['welcome']; ?></b></td>
@@ -746,6 +837,7 @@ else
 	</form>
 	<br />
 	<form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']) ?>" method="post">
+		<input type="hidden" name="check" value="1" />
 		<table cellpadding="5" cellspacing="4" border="0" align="center" class="maintable_40">
 			<tr>
 				<td class="maintitle" colspan="2"><b><img src="../images/title.gif" alt="" />&nbsp;<?php echo $lng['install']['database']; ?></b></td>
@@ -821,6 +913,11 @@ else
 	<br />
 <?php
 	page_footer();
+	}
+	else
+	{
+		requirement_checks();
+	}		
 }
 
 /**

install/lng/english.lng.php

@@ -84,4 +84,18 @@ $lng['install']['webserver'] = 'Webserver';
 $lng['install']['phpversion'] = 'Checking for PHP version >= 5.2';
 $lng['install']['phpposix'] = 'Testing if PHP posix-extension is installed...';
 
+/*
+ * Added in Froxlor 0.9.4
+ */
+$lng['install']['click_here_to_refresh'] = 'Re-check';
+$lng['install']['click_here_to_continue'] = 'Continue installation';
+$lng['install']['froxlor_succ_checks'] = 'All requirements are satisfied';
+
+/*
+ * Added in Froxlor 0.9.13
+ */
+$lng['install']['phpmagic_quotes_runtime'] = 'Checking whether magic_quotes_runtime is off';
+$lng['install']['active'] = 'no';
+$lng['install']['phpmagic_quotes_runtime_description'] = 'PHP setting "magic_quotes_runtime" must be set to "Off" in order to avoid strange behavior of Froxlor. Disabling it for now (this is only temporary, please fix our php.ini).';
+
 ?>

install/lng/german.lng.php

@@ -84,4 +84,18 @@ $lng['install']['webserver'] = 'Webserver';
 $lng['install']['phpversion'] = 'Prüfe PHP Version >= 5.2';
 $lng['install']['phpposix'] = 'Teste, ob die PHP Posix-Erweiterung installiert ist...';
 
+/*
+ * Added in Froxlor 0.9.4
+ */
+$lng['install']['click_here_to_refresh'] = 'Erneut prüfen';
+$lng['install']['click_here_to_continue'] = 'Installation fortführen';
+$lng['install']['froxlor_succ_checks'] = 'Alle Vorraussetzungen sind erfüllt';
+
+/*
+ * Added in Froxlor 0.9.13
+ */
+$lng['install']['phpmagic_quotes_runtime'] = 'Prüfe ob magic_quotes_runtime ausgeschalten ist';
+$lng['install']['active'] = 'nein';
+$lng['install']['phpmagic_quotes_runtime_description'] = 'Die PHP Einstellung "magic_quotes_runtime" muss deaktiviert sein ("Off"), um merkwürdige Verhalten von Froxlor zu umgehen. Sie wurde deaktiviert (nur temporär, bitte php.ini anpassen).';
+
 ?>

install/scripts/language-check.php

@@ -21,9 +21,7 @@ $baseLanguage = 'english.lng.php';
 
 // Check if we're in the CLI
 
-if(@php_sapi_name() != 'cli'
+if(@php_sapi_name() != 'cli')
-   && @php_sapi_name() != 'cgi'
-   && @php_sapi_name() != 'cgi-fcgi')
 {
 	die('This script will only work in the shell.');
 }
@@ -183,4 +181,4 @@ function compare($array1, $array2)
 	return $result;
 }
 
-?>
+?>

install/updates/froxlor/0.9/update_0.9.inc.php

@@ -29,8 +29,8 @@ if(isFroxlorVersion('0.9-r0'))
 	if(isset($settings['system']['dbversion']) && (int)$settings['system']['dbversion'] < 2)
 	{
 		$db->query("ALTER TABLE `panel_ipsandports` CHANGE `ssl_cert` `ssl_cert_file` VARCHAR( 255 ) NOT NULL,
-						ADD `ssl_key_file` VARCHAR( 255 ) NOT NULL, 
+						ADD `ssl_key_file` VARCHAR( 255 ) NOT NULL,
-						ADD `ssl_ca_file` VARCHAR( 255 ) NOT NULL, 
+						ADD `ssl_ca_file` VARCHAR( 255 ) NOT NULL,
 						ADD `default_vhostconf_domain` TEXT NOT NULL;");
 
 		$db->query("INSERT INTO `panel_settings` SET `settinggroup` = 'system', `varname` = 'ssl_key_file', `value` = '';");
@@ -177,9 +177,9 @@ if(isFroxlorVersion('0.9-r0'))
 	$db->query("ALTER TABLE `" . TABLE_PANEL_ADMINS . "`
 		  MODIFY `traffic` BIGINT(30),
 		  MODIFY `traffic_used` BIGINT(30)");
-	
+
 	lastStepStatus(0);
-	
+
 	updateToVersion('0.9-r1');
 }
 
@@ -187,12 +187,20 @@ if(isFroxlorVersion('0.9-r1'))
 {
 	showUpdateStep("Updating from 0.9-r1 to 0.9-r2", false);
 	showUpdateStep("Updating settings table");
-	
+
 	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('spf', 'use_spf', '0');");
 	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('spf', 'spf_entry', '@	IN	TXT	\"v=spf1 a mx -all\"');");
 	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `varname` = 'froxlor_graphic' WHERE `varname` = 'syscp_graphic'");
-	$settings['admin']['froxlor_graphic'] = $settings['admin']['syscp_graphic'];
+	if(isset($settings['admin']['syscp_graphic'])
-	
+		&& $settings['admin']['syscp_graphic'] != ''
+	){
+		$settings['admin']['froxlor_graphic'] = $settings['admin']['syscp_graphic'];
+	}
+	else
+	{
+		$settings['admin']['froxlor_graphic'] = 'images/header.gif';
+	}
+
 	lastStepStatus(0);
 
 	updateToVersion('0.9-r2');
@@ -201,7 +209,7 @@ if(isFroxlorVersion('0.9-r1'))
 if(isFroxlorVersion('0.9-r2'))
 {
 	showUpdateStep("Updating from 0.9-r2 to 0.9-r3", false);
-	showUpdateStep("Updating tables");	
+	showUpdateStep("Updating tables");
 
 	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'debug_cron', '0');");
 	$db->query("ALTER TABLE `" . TABLE_MAIL_AUTORESPONDER . "` ADD `date_from` int(15) NOT NULL default '-1' AFTER `enabled`");
@@ -215,11 +223,11 @@ if(isFroxlorVersion('0.9-r2'))
 if(isFroxlorVersion('0.9-r3'))
 {
 	showUpdateStep("Updating from 0.9-r3 to 0.9-r4", false);
-	showUpdateStep("Creating new table 'cronjobs_run'");		
+	showUpdateStep("Creating new table 'cronjobs_run'");
 
 	$db->query("CREATE TABLE IF NOT EXISTS `cronjobs_run` (
 				`id` bigint(20) NOT NULL auto_increment,
-				`module` varchar(250) NOT NULL,  
+				`module` varchar(250) NOT NULL,
 				`cronfile` varchar(250) NOT NULL,
 				`lastrun` int(15) NOT NULL DEFAULT '0',
 				`interval` varchar(100) NOT NULL DEFAULT '5 MINUTE',
@@ -230,28 +238,28 @@ if(isFroxlorVersion('0.9-r3'))
 
 	lastStepStatus(0);
 	showUpdateStep("Inserting new values into table");
-	
+
 	// checking for active ticket-module
 	$ticket_active = 0;
 	if((int)$settings['ticket']['enabled'] == 1)
 	{
 		$ticket_active = 1;
 	}
-	
+
 	// checking for active aps-module
 	$aps_active = 0;
 	if((int)$settings['aps']['aps_active'] == 1)
 	{
 		$aps_active = 1;
-	}	
+	}
-	
+
 	// checking for active autoresponder-module
 	$ar_active = 0;
 	if((int)$settings['autoresponder']['autoresponder_active'] == 1)
 	{
 		$ar_active = 1;
 	}
-	
+
 	$db->query("INSERT INTO `cronjobs_run` (`module`, `cronfile`, `interval`, `isactive`, `desc_lng_key`) VALUES ('froxlor/core', 'cron_tasks.php', '5 MINUTE', '1', 'cron_tasks');");
 	$db->query("INSERT INTO `cronjobs_run` (`module`, `cronfile`, `interval`, `isactive`, `desc_lng_key`) VALUES ('froxlor/core', 'cron_legacy.php', '5 MINUTE', '1', 'cron_legacy');");
 	$db->query("INSERT INTO `cronjobs_run` (`module`, `cronfile`, `interval`, `isactive`, `desc_lng_key`) VALUES ('froxlor/aps', 'cron_apsinstaller.php', '5 MINUTE', ".$aps_active.", 'cron_apsinstaller');");
@@ -260,29 +268,30 @@ if(isFroxlorVersion('0.9-r3'))
 	$db->query("INSERT INTO `cronjobs_run` (`module`, `cronfile`, `interval`, `isactive`, `desc_lng_key`) VALUES ('froxlor/core', 'cron_traffic.php', '1 DAY', '1', 'cron_traffic');");
 	$db->query("INSERT INTO `cronjobs_run` (`module`, `cronfile`, `interval`, `isactive`, `desc_lng_key`) VALUES ('froxlor/ticket', 'cron_used_tickets_reset.php', '1 MONTH', '".$ticket_active."', 'cron_ticketsreset');");
 	$db->query("INSERT INTO `cronjobs_run` (`module`, `cronfile`, `interval`, `isactive`, `desc_lng_key`) VALUES ('froxlor/ticket', 'cron_ticketarchive.php', '1 MONTH', '".$ticket_active."', 'cron_ticketarchive');");
-	
+
 	lastStepStatus(0);
 	showUpdateStep("Updating old settings values");
-	
+
 	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = 'Froxlor Support' WHERE `settinggroup`='ticket' AND `varname`='noreply_name' AND `value`='SysCP Support'");
 
-	lastStepStatus(0);	
+	lastStepStatus(0);
 	updateToVersion('0.9-r4');
 }
 
 if(isFroxlorVersion('0.9-r4'))
 {
-	showUpdateStep("Updating from 0.9-r4 to 0.9 final", false);
+	showUpdateStep("Updating from 0.9-r4 to 0.9 final");
+	lastStepStatus(0);
 	updateToVersion('0.9');
 }
 
 if(isFroxlorVersion('0.9'))
 {
 	showUpdateStep("Updating from 0.9 to 0.9.1", false);
-	
+
 	showUpdateStep("Updating settings values");
 	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = 'images/header.gif' WHERE `varname` = 'froxlor_graphic' AND `value` = 'images/header.png'");
-	
+
 	lastStepStatus(0);
 	updateToVersion('0.9.1');
 }
@@ -290,13 +299,13 @@ if(isFroxlorVersion('0.9'))
 if(isFroxlorVersion('0.9.1'))
 {
 	showUpdateStep("Updating from 0.9.1 to 0.9.2", false);
-	
+
 	showUpdateStep("Checking whether last-system-guid is sane");
-	
+
 	$result = $db->query_first("SELECT MAX(`guid`) as `latestguid` FROM `".TABLE_PANEL_CUSTOMERS."`");
-	
+
-	if (isset($result['latestguid']) 
+	if (isset($result['latestguid'])
-		&& (int)$result['latestguid'] > 0 
+		&& (int)$result['latestguid'] > 0
 		&& $result['latestguid'] != $settings['system']['lastguid']
 	) {
 		checkLastGuid();
@@ -307,4 +316,759 @@ if(isFroxlorVersion('0.9.1'))
 	updateToVersion('0.9.2');
 }
 
-?>
+if(isFroxlorVersion('0.9.2'))
+{
+	showUpdateStep("Updating from 0.9.2 to 0.9.3");
+	lastStepStatus(0);
+	updateToVersion('0.9.3');
+}
+
+if(isFroxlorVersion('0.9.3'))
+{
+	showUpdateStep("Updating from 0.9.3 to 0.9.3-svn1", false);
+
+	showUpdateStep("Updating tables");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('panel', 'password_min_length', '0');");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'store_index_file_subs', '1');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.3-svn1');
+}
+
+if(isFroxlorVersion('0.9.3-svn1'))
+{
+	showUpdateStep("Updating from 0.9.3-svn1 to 0.9.3-svn2", false);
+
+	showUpdateStep("Updating tables");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('panel', 'adminmail_defname', 'Froxlor Administrator');");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('panel', 'adminmail_return', '');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.3-svn2');
+}
+
+if(isFroxlorVersion('0.9.3-svn2'))
+{
+	showUpdateStep("Updating from 0.9.3-svn2 to 0.9.3-svn3", false);
+
+	showUpdateStep("Correcting cron start-times");
+	// set specific times for some crons (traffic only at night, etc.)
+	$ts = mktime(0, 0, 0, date('m', time()), date('d', time()), date('Y', time()));
+	$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_traffic.php';");
+	$ts = mktime(1, 0, 0, date('m', time()), date('d', time()), date('Y', time()));
+	$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_used_tickets_reset.php';");
+	$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_ticketarchive.php';");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding new language: Polish");
+	$db->query("INSERT INTO `".TABLE_PANEL_LANGUAGE."` SET `language` = 'Polski', `file` = 'lng/polish.lng.php'");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.3-svn3');
+}
+
+if(isFroxlorVersion('0.9.3-svn3'))
+{
+	showUpdateStep("Updating from 0.9.3-svn3 to 0.9.3-svn4", false);
+
+	showUpdateStep("Adding new DKIM settings");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('dkim', 'dkim_algorithm', 'all');");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('dkim', 'dkim_add_adsp', '1');");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('dkim', 'dkim_keylength', '1024');");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('dkim', 'dkim_servicetype', '0');");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('dkim', 'dkim_add_adsppolicy', '1');");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('dkim', 'dkim_notes', '');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.3-svn4');
+}
+
+if(isFroxlorVersion('0.9.3-svn4'))
+{
+	showUpdateStep("Updating from 0.9.3-svn4 to 0.9.3-svn5", false);
+
+	showUpdateStep("Adding new settings");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'stdsubdomain', '');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.3-svn5');
+}
+
+if(isFroxlorVersion('0.9.3-svn5'))
+{
+	showUpdateStep("Updating from 0.9.3-svn5 to 0.9.4 final");
+	lastStepStatus(0);
+	updateToVersion('0.9.4');
+}
+
+if(isFroxlorVersion('0.9.4'))
+{
+	showUpdateStep("Updating from 0.9.4 to 0.9.4-svn1", false);
+
+	/**
+	 * some users might still have the setting in their database
+	 * because we already had this back in older versions.
+	 * To not confuse Froxlor, we just update old settings.
+	 */
+	if(isset($settings['system']['awstats_path'])
+		&& $settings['system']['awstats_path'] != ''
+	) {
+		showUpdateStep("Updating awstats path setting");
+		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/usr/bin/' WHERE `settinggroup` = 'system' AND `varname` = 'awstats_path';");
+		lastStepStatus(0);
+	}
+	elseif(!isset($settings['system']['awstats_path']))
+	{
+		showUpdateStep("Adding new awstats path setting");
+		$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'awstats_path', '/usr/bin/');");
+		lastStepStatus(0);
+	}
+
+	if(isset($settings['system']['awstats_domain_file'])
+		&& $settings['system']['awstats_domain_file'] != ''
+	) {
+		showUpdateStep("Updating awstats configuration path setting");
+		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `varname` = 'awstats_conf' WHERE `varname` = 'awstats_domain_file';");
+	}
+	else
+	{
+		showUpdateStep("Adding awstats configuration path settings");
+		$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'awstats_conf', '/etc/awstats/');");
+	}
+	lastStepStatus(0);
+
+	updateToVersion('0.9.4-svn1');
+}
+
+if(isFroxlorVersion('0.9.4-svn1'))
+{
+	showUpdateStep("Updating from 0.9.4-svn1 to 0.9.4-svn2", false);
+
+	$update_domains = isset($_POST['update_domainwildcardentry']) ? intval($_POST['update_domainwildcardentry']) : 0;
+
+	if($update_domains != 1)
+	{
+		$update_domains = 0;
+	}
+
+	if($update_domains == 1)
+	{
+		showUpdateStep("Updating domains with iswildcarddomain=yes");
+		$query = "SELECT `d`.`id` FROM `".TABLE_PANEL_DOMAINS."` `d`, `".TABLE_PANEL_CUSTOMERS."` `c` ";
+		$query.= "WHERE `parentdomainid`='0' AND `email_only` = '0' AND `d`.`customerid` = `c`.`customerid` AND `d`.`id` <> `c`.`standardsubdomain`";
+		$result = $db->query($query);
+		$updated_domains = 0;
+		while($domain = $db->fetch_array($result))
+		{
+			$db->query("UPDATE `".TABLE_PANEL_DOMAINS."` SET `iswildcarddomain` = '1' WHERE `id` ='".(int)$domain['id']."'");
+			$updated_domains++;
+		}
+		lastStepStatus(0, 'Updated '.$updated_domains.' domain(s)');
+	} else {
+		showUpdateStep("Won't update domains with iswildcarddomain=yes as requested");
+		lastStepStatus(1);
+	}
+
+	showUpdateStep("Updating database table definition for panel_domains");
+	$db->query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` MODIFY `iswildcarddomain` tinyint(1) NOT NULL default '1';");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.4-svn2');
+}
+
+if(isFroxlorVersion('0.9.4-svn2'))
+{
+	showUpdateStep("Updating from 0.9.4-svn2 to 0.9.5 final");
+	lastStepStatus(0);
+	updateToVersion('0.9.5');
+}
+
+if(isFroxlorVersion('0.9.5'))
+{
+	showUpdateStep("Updating from 0.9.5 to 0.9.6-svn1", false);
+
+	showUpdateStep("Adding time-to-live configuration setting");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'defaultttl', '604800');");
+	lastStepStatus(0);
+
+	showUpdateStep("Updating database table structure for panel_ticket_categories");
+	$db->query("ALTER TABLE `" . TABLE_PANEL_TICKET_CATS . "` ADD `logicalorder` int(3) NOT NULL default '1' AFTER `adminid`;");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.6-svn1');
+}
+
+if(isFroxlorVersion('0.9.6-svn1'))
+{
+	showUpdateStep("Updating from 0.9.6-svn1 to 0.9.6-svn2", false);
+
+	$update_adminmail = isset($_POST['update_adminmail']) ? validate($_POST['update_adminmail'], 'update_adminmail') : false;
+	$do_update = true;
+
+	if($update_adminmail !== false)
+	{
+		showUpdateStep("Checking newly entered admin-mail");
+		if(!PHPMailer::ValidateAddress($update_adminmail))
+		{
+			$do_update = false;
+			lastStepStatus(2, 'E-Mail still not valid, go back and try again');
+		}
+		else
+		{
+			$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '".$db->escape($update_adminmail)."' WHERE `settinggroup` = 'panel' AND `varname` = 'adminmail';");
+			lastStepStatus(0);
+		}
+	}
+
+	if($do_update)
+	{
+		updateToVersion('0.9.6-svn2');
+	}
+}
+
+if(isFroxlorVersion('0.9.6-svn2'))
+{
+	showUpdateStep("Updating from 0.9.6-svn2 to 0.9.6-svn3", false);
+
+	$update_deferr_enable = isset($_POST['update_deferr_enable']) ? true : false;
+
+	$err500 = false;
+	$err401 = false;
+	$err403 = false;
+	$err404 = false;
+
+	showUpdateStep("Adding new webserver configurations to database");
+	if($update_deferr_enable == true)
+	{
+		$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'enabled', '1');");
+
+		if(isset($_POST['update_deferr_500'])
+			&& trim($_POST['update_deferr_500']) != ''
+		) {
+			$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'err500', '".$db->escape($_POST['update_deferr_500'])."');");
+			$err500 = true;
+		}
+
+		if(isset($_POST['update_deferr_401'])
+			&& trim($_POST['update_deferr_401']) != ''
+		) {
+			$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'err401', '".$db->escape($_POST['update_deferr_401'])."');");
+			$err401 = true;
+		}
+
+		if(isset($_POST['update_deferr_403'])
+			&& trim($_POST['update_deferr_403']) != ''
+		) {
+			$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'err403', '".$db->escape($_POST['update_deferr_403'])."');");
+			$err403 = true;
+		}
+
+		if(isset($_POST['update_deferr_404'])
+			&& trim($_POST['update_deferr_404']) != ''
+		) {
+			$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'err404', '".$db->escape($_POST['update_deferr_404'])."');");
+			$err404 = true;
+		}
+	}
+
+	if(!$update_deferr_enable) {
+		$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'enabled', '0');");
+	}
+	if(!$err401) {
+		$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'err401', '');");
+	}
+	if(!$err403) {
+		$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'err403', '');");
+	}
+	if(!$err404) {
+		$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'err404', '');");
+	}
+	if(!$err500) {
+		$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'err500', '');");
+	}
+
+	lastStepStatus(0);
+
+	updateToVersion('0.9.6-svn3');
+}
+
+if(isFroxlorVersion('0.9.6-svn3'))
+{
+	showUpdateStep("Updating from 0.9.6-svn3 to 0.9.6-svn4", false);
+
+	$update_deftic_priority = isset($_POST['update_deftic_priority']) ? intval($_POST['update_deftic_priority']) : 2;
+
+	showUpdateStep("Setting default support-ticket priority");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('ticket', 'default_priority', '".(int)$update_deftic_priority."');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.6-svn4');
+}
+
+if(isFroxlorVersion('0.9.6-svn4'))
+{
+	showUpdateStep("Updating from 0.9.6-svn4 to 0.9.6-svn5", false);
+
+	$update_defsys_phpconfig = isset($_POST['update_defsys_phpconfig']) ? intval($_POST['update_defsys_phpconfig']) : 1;
+
+	if($update_defsys_phpconfig != 1) {
+		showUpdateStep("Setting default php-configuration to user defined config #".$update_defsys_phpconfig);
+	} else {
+		showUpdateStep("Adding default php-configuration setting to the database");
+	}
+
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'mod_fcgid_defaultini', '".(int)$update_defsys_phpconfig."');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.6-svn5');
+}
+
+if(isFroxlorVersion('0.9.6-svn5'))
+{
+	showUpdateStep("Updating from 0.9.6-svn5 to 0.9.6-svn6", false);
+
+	showUpdateStep("Adding new FTP-quota settings");
+
+	$update_defsys_ftpserver = isset($_POST['update_defsys_ftpserver']) ? intval($_POST['update_defsys_ftpserver']) : 'proftpd';
+
+	// add ftp server setting
+	$db->query("INSERT INTO `panel_settings` SET `settinggroup` = 'system', `varname` = 'ftpserver', `value` = '".$db->escape($update_defsys_ftpserver)."';");
+
+	// add proftpd quota
+	$db->query("CREATE TABLE `ftp_quotalimits` (`name` varchar(30) default NULL, `quota_type` enum('user','group','class','all') NOT NULL default 'user', `per_session` enum('false','true') NOT NULL default 'false', `limit_type` enum('soft','hard') NOT NULL default 'hard', `bytes_in_avail` float NOT NULL, `bytes_out_avail` float NOT NULL, `bytes_xfer_avail` float NOT NULL, `files_in_avail` int(10) unsigned NOT NULL, `files_out_avail` int(10) unsigned NOT NULL, `files_xfer_avail` int(10) unsigned NOT NULL) ENGINE=MyISAM;");
+
+	$db->query("INSERT INTO `ftp_quotalimits` (`name`, `quota_type`, `per_session`, `limit_type`, `bytes_in_avail`, `bytes_out_avail`, `bytes_xfer_avail`, `files_in_avail`, `files_out_avail`, `files_xfer_avail`) VALUES ('froxlor', 'user', 'false', 'hard', 0, 0, 0, 0, 0, 0);");
+
+	$db->query("CREATE TABLE `ftp_quotatallies` (`name` varchar(30) NOT NULL, `quota_type` enum('user','group','class','all') NOT NULL, `bytes_in_used` float NOT NULL, `bytes_out_used` float NOT NULL, `bytes_xfer_used` float NOT NULL, `files_in_used` int(10) unsigned NOT NULL, `files_out_used` int(10) unsigned NOT NULL, `files_xfer_used` int(10) unsigned NOT NULL ) ENGINE=MyISAM;");
+
+	// fill quota tallies
+	$result_ftp_users = $db->query("SELECT username FROM `" . TABLE_FTP_USERS . "` WHERE 1;");
+
+	while($row_ftp_users = $db->fetch_array($result_ftp_users))
+	{
+		$result_ftp_quota = $db->query("SELECT diskspace_used FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE loginname = SUBSTRING_INDEX('" . $row_ftp_users['username'] . "', '" . $settings['customer']['ftpprefix'] . "', 1);");
+		$row_ftp_quota = mysql_fetch_row($result_ftp_quota);
+		$db->query("INSERT INTO `ftp_quotatallies` (`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`) VALUES ('" . $row_ftp_users['username'] . "', 'user', '" . $row_ftp_quota[0] . "'*1024, '0', '0', '0', '0', '0');");
+	}
+
+	lastStepStatus(0);
+
+	updateToVersion('0.9.6-svn6');
+}
+
+if(isFroxlorVersion('0.9.6-svn6'))
+{
+	showUpdateStep("Updating from 0.9.6-svn6 to 0.9.6 final");
+	lastStepStatus(0);
+	updateToVersion('0.9.6');
+}
+
+if(isFroxlorVersion('0.9.6'))
+{
+	showUpdateStep("Updating from 0.9.6 to 0.9.7-svn1", false);
+
+	$update_customredirect_enable = isset($_POST['update_customredirect_enable']) ? 1 : 0;
+	$update_customredirect_default = isset($_POST['update_customredirect_default']) ? (int)$_POST['update_customredirect_default'] : 1;
+
+	showUpdateStep("Adding new tables to database");
+	$db->query("CREATE TABLE IF NOT EXISTS `redirect_codes` (
+  `id` int(5) NOT NULL auto_increment,
+  `code` varchar(3) NOT NULL,
+  `enabled` tinyint(1) DEFAULT '1',
+  PRIMARY KEY  (`id`)
+) ENGINE=MyISAM;");
+
+	$db->query("CREATE TABLE IF NOT EXISTS `domain_redirect_codes` (
+  `rid` int(5) NOT NULL,
+  `did` int(11) unsigned NOT NULL,
+  UNIQUE KEY `rc` (`rid`, `did`)
+) ENGINE=MyISAM;");
+	lastStepStatus(0);
+
+	showUpdateStep("Filling new tables with default data");
+	$db->query("INSERT INTO `redirect_codes` (`id`, `code`, `enabled`) VALUES (1, '---', 1);");
+	$db->query("INSERT INTO `redirect_codes` (`id`, `code`, `enabled`) VALUES (2, '301', 1);");
+	$db->query("INSERT INTO `redirect_codes` (`id`, `code`, `enabled`) VALUES (3, '302', 1);");
+	$db->query("INSERT INTO `redirect_codes` (`id`, `code`, `enabled`) VALUES (4, '303', 1);");
+	$db->query("INSERT INTO `redirect_codes` (`id`, `code`, `enabled`) VALUES (5, '307', 1);");
+	lastStepStatus(0);
+
+	showUpdateStep("Updating domains");
+	$res = $db->query("SELECT `id` FROM `".TABLE_PANEL_DOMAINS."` ORDER BY `id` ASC");
+	$updated_domains = 0;
+	while($d = $db->fetch_array($res))
+	{
+		$db->query("INSERT INTO `domain_redirect_codes` (`rid`, `did`) VALUES ('".(int)$update_customredirect_default."', '".(int)$d['id']."');");
+		$updated_domains++;
+	}
+	lastStepStatus(0, 'Updated '.$updated_domains.' domain(s)');
+
+	showUpdateStep("Adding new settings");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('customredirect', 'enabled', '".(int)$update_customredirect_enable."');");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('customredirect', 'default', '".(int)$update_customredirect_default."');");
+	lastStepStatus(0);
+
+	// need to fix default-error-copy-and-paste-shizzle
+	showUpdateStep("Checking if anything is ok with the default-error-handler");
+	if(!isset($settings['defaultwebsrverrhandler']['err404']))
+	{
+		$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'err404', '');");
+	}
+	if(!isset($settings['defaultwebsrverrhandler']['err403']))
+	{
+		$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'err403', '');");
+	}
+	if(!isset($settings['defaultwebsrverrhandler']['err401']))
+	{
+		$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'err401', '');");
+	}
+	lastStepStatus(0);
+
+	updateToVersion('0.9.7-svn1');
+}
+
+if(isFroxlorVersion('0.9.7-svn1'))
+{
+	showUpdateStep("Updating from 0.9.7-svn1 to 0.9.7-svn2", false);
+
+	showUpdateStep("Updating open_basedir due to security - issue");
+	$result = $db->query("SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `documentroot` LIKE '%:%' AND `documentroot` NOT LIKE 'http://%' AND `openbasedir_path` = '0' AND `openbasedir` = '1'");
+	while($row = $db->fetch_array($result))
+	{
+		$db->query("UPDATE `".TABLE_PANEL_DOMAINS."` SET `openbasedir_path` = '1' WHERE `id` = " . $row['id']);
+	}
+	lastStepStatus(0);
+
+	updateToVersion('0.9.7-svn2');
+}
+
+if(isFroxlorVersion('0.9.7-svn2'))
+{
+	showUpdateStep("Updating from 0.9.7-svn2 to 0.9.7-svn3", false);
+
+	showUpdateStep("Updating database tables");
+	$db->query("ALTER TABLE `redirect_codes` ADD `desc` varchar(200) NOT NULL AFTER `code`;");
+	lastStepStatus(0);
+	
+	showUpdateStep("Updating field-values");
+	$db->query("UPDATE `redirect_codes` SET `desc` = 'rc_default' WHERE `code` = '---';");
+	$db->query("UPDATE `redirect_codes` SET `desc` = 'rc_movedperm' WHERE `code` = '301';");
+	$db->query("UPDATE `redirect_codes` SET `desc` = 'rc_found' WHERE `code` = '302';");
+	$db->query("UPDATE `redirect_codes` SET `desc` = 'rc_seeother' WHERE `code` = '303';");
+	$db->query("UPDATE `redirect_codes` SET `desc` = 'rc_tempred' WHERE `code` = '307';");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.7-svn3');
+}
+
+if(isFroxlorVersion('0.9.7-svn3'))
+{
+	showUpdateStep("Updating from 0.9.7-svn3 to 0.9.7 final");
+	lastStepStatus(0);
+	updateToVersion('0.9.7');
+}
+
+if(isFroxlorVersion('0.9.7'))
+{
+	showUpdateStep("Updating from 0.9.7 to 0.9.8 final");
+	lastStepStatus(0);
+	updateToVersion('0.9.8');
+}
+
+if(isFroxlorVersion('0.9.8'))
+{
+	showUpdateStep("Updating from 0.9.8 to 0.9.9-svn1", false);
+
+	$update_defdns_mailentry = isset($_POST['update_defdns_mailentry']) ? '1' : '0';
+
+	showUpdateStep("Adding new settings");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'dns_createmailentry', '".(int)$update_defdns_mailentry."');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.9-svn1');
+}
+
+if(isFroxlorVersion('0.9.9-svn1'))
+{
+	showUpdateStep("Updating from 0.9.9-svn1 to 0.9.9 final");
+	lastStepStatus(0);
+	updateToVersion('0.9.9');
+}
+
+if(isFroxlorVersion('0.9.9'))
+{
+	showUpdateStep("Updating from 0.9.9 to 0.9.10-svn1", false);
+	
+	showUpdateStep("Checking whether you are missing any settings", false);
+	$nonefound = true;
+	
+	$update_httpuser = isset($_POST['update_httpuser']) ? $_POST['update_httpuser'] : false;
+	$update_httpgroup = isset($_POST['update_httpgroup']) ? $_POST['update_httpgroup'] : false;
+
+	if($update_httpuser !== false)
+	{
+		$nonefound = false;
+		showUpdateStep("Adding missing setting 'httpuser'");
+		$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'httpuser', '".$update_httpuser."');");
+		lastStepStatus(0);
+	}
+
+	if($update_httpgroup !== false)
+	{
+		$nonefound = false;
+		showUpdateStep("Adding missing setting 'httpgroup'");
+		$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'httpgroup', '".$update_httpgroup."');");
+		lastStepStatus(0);
+	}
+
+	$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'system' AND `varname` = 'debug_cron'");
+	if(!isset($result) || !isset($result['value']))
+	{
+		$nonefound = false;
+		showUpdateStep("Adding missing setting 'debug_cron'");
+		$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'debug_cron', '0');");
+		lastStepStatus(0);
+	}
+	
+	if($nonefound) {
+		showUpdateStep("No missing settings found");
+		lastStepStatus(0);
+	}
+
+	updateToVersion('0.9.10-svn1');
+}
+
+if(isFroxlorVersion('0.9.10-svn1'))
+{
+	showUpdateStep("Updating from 0.9.10-svn1 to 0.9.10-svn2", false);
+	
+	showUpdateStep("Updating database table definition for panel_databases");
+	$db->query("ALTER TABLE `" . TABLE_PANEL_DATABASES . "` ADD `apsdb` tinyint(1) NOT NULL default '0' AFTER `dbserver`;");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding APS databases to customers overview");
+	$count_dbupdates = 0;
+	$db_root = null;
+	openRootDB();
+	$result = $db_root->query("SHOW DATABASES;");
+	while($row = $db_root->fetch_array($result))
+	{	
+		if(preg_match('/^web([0-9]+)aps([0-9]+)$/', $row['Database'], $matches))
+		{
+			$cid = $matches[1];
+			$databasedescription = 'APS DB';
+			$result = $db->query('INSERT INTO `' . TABLE_PANEL_DATABASES . '` (`customerid`, `databasename`, `description`, `dbserver`, `apsdb`) VALUES ("' . (int)$cid . '", "' . $db->escape($row['Database']) . '", "' . $db->escape($databasedescription) . '", "0", "1")');
+			$result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`+1 WHERE `customerid`="' . (int)$cid . '"');
+			$count_dbupdates++;
+		}
+	}
+	closeRootDB();
+	if($count_dbupdates > 0) {
+		lastStepStatus(0, "Found ".$count_dbupdates." customer APS databases");
+	} else {
+		lastStepStatus(0, "None found");
+	}
+
+	updateToVersion('0.9.10-svn2');
+}
+
+if(isFroxlorVersion('0.9.10-svn2'))
+{
+	showUpdateStep("Updating from 0.9.10-svn2 to 0.9.10", false);
+
+	$update_directlyviahostname = isset($_POST['update_directlyviahostname']) ? (int)$_POST['update_directlyviahostname'] : '0';
+
+	showUpdateStep("Adding new settings");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'froxlordirectlyviahostname', '".(int)$update_directlyviahostname."');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.10');
+}
+
+if(isFroxlorVersion('0.9.10'))
+{
+	showUpdateStep("Updating from 0.9.10 to 0.9.11-svn1", false);
+
+	$update_pwdregex = isset($_POST['update_pwdregex']) ? $_POST['update_pwdregex'] : '';
+
+	showUpdateStep("Adding new settings");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('panel', 'password_regex', '".$db->escape($update_pwdregex)."');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.11-svn1');
+}
+
+if(isFroxlorVersion('0.9.11-svn1'))
+{
+	showUpdateStep("Updating from 0.9.11-svn1 to 0.9.11-svn2", false);
+
+	showUpdateStep("Adding perl/CGI directory fields");
+	$db->query("ALTER TABLE `".TABLE_PANEL_HTACCESS."` ADD `options_cgi` tinyint(1) NOT NULL default '0' AFTER `error401path`;");
+	$db->query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` ADD `perlenabled` tinyint(1) NOT NULL default '0' AFTER `aps_packages_used`;");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.11-svn2');
+}
+
+if(isFroxlorVersion('0.9.11-svn2'))
+{
+	showUpdateStep("Updating from 0.9.11-svn2 to 0.9.11-svn3", false);
+
+	$update_perlpath = isset($_POST['update_perlpath']) ? $_POST['update_perlpath'] : '/usr/bin/perl';
+
+	showUpdateStep("Adding new settings");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'perl_path', '".$db->escape($update_perlpath)."');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.11-svn3');
+}
+
+if(isFroxlorVersion('0.9.11-svn3'))
+{
+	showUpdateStep("Updating from 0.9.11-svn3 to 0.9.11 final");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.11');
+}
+
+if(isFroxlorVersion('0.9.11'))
+{
+	showUpdateStep("Updating from 0.9.11 to 0.9.12-svn1", false);
+
+	$update_fcgid_ownvhost = isset($_POST['update_fcgid_ownvhost']) ? (int)$_POST['update_fcgid_ownvhost'] : '0';
+	$update_fcgid_httpuser = isset($_POST['update_fcgid_httpuser']) ? $_POST['update_fcgid_httpuser'] : 'froxlorlocal';
+	$update_fcgid_httpgroup = isset($_POST['update_fcgid_ownvhost']) ? $_POST['update_fcgid_ownvhost'] : 'froxlorlocal';
+
+	if($update_fcgid_httpuser == '') {
+		$update_fcgid_httpuser = 'froxlorlocal';
+	}
+	if($update_fcgid_httpgroup == '') {
+		$update_fcgid_httpgroup = 'froxlorlocal';
+	}
+	
+	showUpdateStep("Adding new settings");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'mod_fcgid_ownvhost', '".$db->escape($update_fcgid_ownvhost)."');");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'mod_fcgid_httpuser', '".$db->escape($update_fcgid_httpuser)."');");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'mod_fcgid_httpgroup', '".$db->escape($update_fcgid_httpgroup)."');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.12-svn1');
+}
+
+if(isFroxlorVersion('0.9.12-svn1'))
+{
+	showUpdateStep("Updating from 0.9.12-svn1 to 0.9.12-svn2", false);
+
+	$update_perl_suexecworkaround = isset($_POST['update_perl_suexecworkaround']) ? (int)$_POST['update_perl_suexecworkaround'] : '0';
+	$update_perl_suexecpath = isset($_POST['update_perl_suexecpath']) ? makeCorrectDir($_POST['update_perl_suexecpath']) : '/var/www/cgi-bin/';
+
+	if($update_perl_suexecpath == '') {
+		$update_perl_suexecpath = '/var/www/cgi-bin/';
+	}
+	
+	showUpdateStep("Adding new settings for perl/CGI");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('perl', 'suexecworkaround', '".$db->escape($update_perl_suexecworkaround)."');");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('perl', 'suexecpath', '".$db->escape($update_perl_suexecpath)."');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.12-svn2');
+}
+
+if(isFroxlorVersion('0.9.12-svn2'))
+{
+	showUpdateStep("Updating from 0.9.12-svn2 to 0.9.12-svn3", false);
+
+	showUpdateStep("Adding new field to domain table");
+	$db->query("ALTER TABLE `".TABLE_PANEL_DOMAINS."` ADD `ismainbutsubto` int(11) unsigned NOT NULL default '0' AFTER `mod_fcgid_maxrequests`;");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.12-svn3');
+}
+
+if(isFroxlorVersion('0.9.12-svn3'))
+{
+	showUpdateStep("Updating from 0.9.12-svn3 to 0.9.12-svn4", false);
+	
+	$update_awstats_awstatspath = isset($_POST['update_awstats_awstatspath']) ? makeCorrectDir($_POST['update_awstats_awstatspath']) : $settings['system']['awstats_path'];	
+
+	showUpdateStep("Adding new settings for awstats");
+	$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'awstats_awstatspath', '".$db->escape($update_awstats_awstatspath)."');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.12-svn4');
+}
+
+if(isFroxlorVersion('0.9.12-svn4'))
+{
+	showUpdateStep("Updating from 0.9.12-svn4 to 0.9.12-svn5", false);	
+
+	showUpdateStep("Setting ticket-usage-reset cronjob interval to 1 day");
+	$db->query("UPDATE `cronjobs_run` SET `interval`='1 DAY' WHERE `cronfile`='cron_used_tickets_reset.php';");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.12-svn5');
+}
+
+if(isFroxlorVersion('0.9.12-svn5'))
+{
+	showUpdateStep("Updating from 0.9.12-svn5 to 0.9.12-svn6", false);	
+
+	showUpdateStep("Adding new field to table 'panel_htpasswds'");
+	$db->query("ALTER TABLE `".TABLE_PANEL_HTPASSWDS."` ADD `authname` varchar(255) NOT NULL default 'Restricted Area' AFTER `password`;");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.12-svn6');
+}
+
+if(isFroxlorVersion('0.9.12-svn6'))
+{
+	showUpdateStep("Updating from 0.9.12-svn6 to 0.9.12 final");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.12');
+}
+
+if(isFroxlorVersion('0.9.12'))
+{
+	showUpdateStep("Updating from 0.9.12 to 0.9.13-svn1", false);
+
+	showUpdateStep("Adding new fields to admin-table");
+	$db->query("ALTER TABLE `".TABLE_PANEL_ADMINS."` ADD `email_autoresponder` int(5) NOT NULL default '0' AFTER `aps_packages_used`;");
+	$db->query("ALTER TABLE `".TABLE_PANEL_ADMINS."` ADD `email_autoresponder_used` int(5) NOT NULL default '0' AFTER `email_autoresponder`;");
+	lastStepStatus(0);
+	
+	showUpdateStep("Adding new fields to customer-table");
+	$db->query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` ADD `email_autoresponder` int(5) NOT NULL default '0' AFTER `perlenabled`;");
+	$db->query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` ADD `email_autoresponder_used` int(5) NOT NULL default '0' AFTER `email_autoresponder`;");
+	lastStepStatus(0);
+	
+	if((int)$settings['autoresponder']['autoresponder_active'] == 1)
+	{
+		$update_autoresponder_default = isset($_POST['update_autoresponder_default']) ? intval_ressource($_POST['update_autoresponder_default']) : 0;
+
+		if(isset($_POST['update_autoresponder_default_ul'])) {
+			$update_autoresponder_default = -1;
+		}
+	}
+	else
+	{
+		$update_autoresponder_default = 0;
+	}
+
+	showUpdateStep("Setting default amount of autoresponders");
+	// admin gets unlimited
+	$db->query("UPDATE `".TABLE_PANEL_ADMINS."` SET `email_autoresponder`='-1' WHERE `adminid` = '".(int)$userinfo['adminid']."'");
+	// customers
+	$db->query("UPDATE `".TABLE_PANEL_CUSTOMERS."` SET `email_autoresponder`='".(int)$update_autoresponder_default."' WHERE `deactivated` = '0'");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.13-svn1');
+}
+
+if(isFroxlorVersion('0.9.13-svn1'))
+{
+	showUpdateStep("Updating from 0.9.13-svn1 to 0.9.13 final");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.13');
+}

install/updates/preconfig.php

@@ -0,0 +1,62 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Language
+ * @version    $Id$
+ */
+
+/**
+ * Function getPreConfig
+ *
+ * outputs various content before the update process
+ * can be continued (askes for agreement whatever is being asked)
+ *
+ * @param string version
+ *
+ * @return string
+ */
+function getPreConfig($current_version)
+{
+	$has_preconfig = false;
+	$return = '<div class="preconfig"><h3 style="color:#ff0000;">PLEASE NOTE - Important update notifications</h3>';
+
+	include_once makeCorrectFile(dirname(__FILE__).'/preconfig/0.9/preconfig_0.9.inc.php');
+	parseAndOutputPreconfig($has_preconfig, $return, $current_version);
+
+	$return .= '<br /><br />'.makecheckbox('update_changesagreed', '<strong>I have read the update notifications above and I am aware of the changes made to my system.</strong>', '1', true, '0', true);
+	$return .= '</div>';
+	$return .= '<input type="hidden" name="update_preconfig" value="1" />';
+
+	if($has_preconfig) {
+		return $return;
+	} else {
+		return '';
+	}
+}
+
+function versionInUpdate($current_version, $version_to_check)
+{
+	if (!isFroxlor()) {
+		return true;
+	}
+	$pos_a = strpos($current_version, '-svn');
+	$pos_b = strpos($version_to_check, '-svn');
+	// if we compare svn-versions, we have to add -svn0 to the version
+	// to compare it correctly	
+	if($pos_a === false && $pos_b !== false)
+	{
+		$current_version.= '-svn9999';
+	}
+	
+	return version_compare($current_version, $version_to_check, '<');
+}

install/updates/preconfig/0.9/preconfig_0.9.inc.php

@@ -0,0 +1,294 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Language
+ * @version    $Id$
+ */
+
+/**
+ * checks if the new-version has some updating to do
+ *
+ * @param boolean $has_preconfig   pointer to check if any preconfig has to be output
+ * @param string  $return          pointer to output string
+ * @param string  $current_version current froxlor version
+ *
+ * @return null
+ */
+function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
+{
+	global $settings, $lng, $db;
+
+	if(versionInUpdate($current_version, '0.9.4-svn2'))
+	{
+		$has_preconfig = true;
+		$description = 'Froxlor now enables the usage of a domain-wildcard entry and subdomains for this domain at the same time (subdomains are parsed before the main-domain vhost container).';
+		$description.= 'This makes it possible to catch all non-existing subdomains with the main vhost but also have the ability to use subdomains for that domain.<br />';
+		$description.= 'If you would like Froxlor to do so with your domains, the update script can set the correct values for existing domains for you. Note: future domains will have wildcard-entries enabled by default no matter how you decide here.';
+		$question = '<strong>Do you want to use wildcard-entries for existing domains?:</strong>&nbsp;';
+		$question.= makeyesno('update_domainwildcardentry', '1', '0', '1');
+
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if(versionInUpdate($current_version, '0.9.6-svn2'))
+	{
+		if(!PHPMailer::ValidateAddress($settings['panel']['adminmail']))
+		{
+			$has_preconfig = true;
+			$description = 'Froxlor uses a newer version of the phpMailerClass and determined that your current admin-mail address is invalid.';
+			$question = '<strong>Please specify a new admin-email address:</strong>&nbsp;<input type="text" class="text" name="update_adminmail" value="'.$settings['panel']['adminmail'].'" />';
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		}
+	}
+
+	if(versionInUpdate($current_version, '0.9.6-svn3'))
+	{
+		$has_preconfig = true;
+		$description = 'You now have the possibility to define default error-documents for your webserver which replace the default webserver error-messages.';
+		$question = '<strong>Do you want to enable default error-documents?:</strong>&nbsp;';
+		$question .= makeyesno('update_deferr_enable', '1', '0', '0').'<br /><br />';
+		if($settings['system']['webserver'] == 'apache2')
+		{
+			$question .= 'Path/URL for error 500:&nbsp;<input type="text" class="text" name="update_deferr_500" /><br /><br />';
+			$question .= 'Path/URL for error 401:&nbsp;<input type="text" class="text" name="update_deferr_401" /><br /><br />';
+			$question .= 'Path/URL for error 403:&nbsp;<input type="text" class="text" name="update_deferr_403" /><br /><br />';
+		}
+		$question .= 'Path/URL for error 404:&nbsp;<input type="text" class="text" name="update_deferr_404" />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if(versionInUpdate($current_version, '0.9.6-svn4'))
+	{
+		$has_preconfig = true;
+		$description = 'You can define a default support-ticket priority level which is pre-selected for new support-tickets.';
+		$question = '<strong>Which should be the default ticket-priority?:</strong>&nbsp;';
+		$question .= '<select name="update_deftic_priority">';
+		$priorities = makeoption($lng['ticket']['unf_high'], '1', '2');
+		$priorities.= makeoption($lng['ticket']['unf_normal'], '2', '2');
+		$priorities.= makeoption($lng['ticket']['unf_low'], '3', '2');
+		$question .= $priorities.'</select>';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if(versionInUpdate($current_version, '0.9.6-svn5'))
+	{
+		$has_preconfig = true;
+		$description = 'If you have more than one PHP configurations defined in Froxlor you can now set a default one which will be used for every domain.';
+		$question = '<strong>Select default PHP configuration:</strong>&nbsp;';
+		$question .= '<select name="update_defsys_phpconfig">';
+		$configs_array = getPhpConfigs();
+		$configs = '';
+		foreach($configs_array as $idx => $desc)
+		{
+			$configs .= makeoption($desc, $idx, '1');
+		}
+		$question .= $configs.'</select>';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if(versionInUpdate($current_version, '0.9.6-svn6'))
+	{
+		$has_preconfig = true;
+		$description = 'For the new FTP-quota feature, you can now chose the currently used ftpd-software.';
+		$question = '<strong>Used FTPd-software:</strong>&nbsp;';
+		$question .= '<select name="update_defsys_ftpserver">';
+		$question .= makeoption('ProFTPd', 'proftpd', 'proftpd');
+		$question .= makeoption('PureFTPd', 'pureftpd', 'proftpd');
+		$question .= '</select>';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if(versionInUpdate($current_version, '0.9.7-svn1'))
+	{
+		$has_preconfig = true;
+		$description = 'You can now choose whether customers can select the http-redirect code and which of them acts as default.';
+		$question = '<strong>Allow customer chosen redirects?:</strong>&nbsp;';
+		$question.= makeyesno('update_customredirect_enable', '1', '0', '1').'<br /><br />';
+		$question.= '<strong>Select default redirect code (default: empty):</strong>&nbsp;';
+		$question.= '<select name="update_customredirect_default">';
+		$redirects = makeoption('--- ('.$lng['redirect_desc']['rc_default'].')', 1, '1');
+		$redirects.= makeoption('301 ('.$lng['redirect_desc']['rc_movedperm'].')', 2, '1');
+		$redirects.= makeoption('302 ('.$lng['redirect_desc']['rc_found'].')', 3, '1');
+		$redirects.= makeoption('303 ('.$lng['redirect_desc']['rc_seeother'].')', 4, '1');
+		$redirects.= makeoption('307 ('.$lng['redirect_desc']['rc_tempred'].')', 5, '1');
+		$question .= $redirects.'</select>';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if(versionInUpdate($current_version, '0.9.7-svn2'))
+	{
+		$result = $db->query("SELECT `domain` FROM " . TABLE_PANEL_DOMAINS . " WHERE `documentroot` LIKE '%:%' AND `documentroot` NOT LIKE 'http://%' AND `openbasedir_path` = '0' AND `openbasedir` = '1'");
+		$wrongOpenBasedirDomain = array();
+		while($row = $db->fetch_array($result))
+		{
+			$wrongOpenBasedirDomain[] = $row['domain'];
+		}
+
+		if(count($wrongOpenBasedirDomain) > 0)
+		{
+			$has_preconfig = true;
+			$description = 'Resetting the open_basedir to customer - root';
+			$question = '<strong>Due to a security - issue regarding open_basedir, Froxlor will set the open_basedir for the following domains to the customers root instead of the chosen documentroot:</strong><br />&nbsp;';
+			$question.= '<ul>';
+			$idna_convert = new idna_convert_wrapper();
+			foreach($wrongOpenBasedirDomain as $domain)
+			{
+				$question.= '<li>' . $idna_convert->decode($domain) . '</li>';
+			}
+			$question.= '</ul>';
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		}
+	}
+
+	if(versionInUpdate($current_version, '0.9.9-svn1'))
+	{
+		$has_preconfig = true;
+		$description = 'When entering MX servers to Froxlor there was no mail-, imap-, pop3- and smtp-"A record" created. You can now chose whether this should be done or not.';
+		$question = '<strong>Do you want these A-records to be created even with MX servers given?:</strong>&nbsp;';
+		$question.= makeyesno('update_defdns_mailentry', '1', '0', '0');
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+	
+	if(versionInUpdate($current_version, '0.9.10-svn1'))
+	{
+		$has_nouser = false;
+		$has_nogroup = false;
+
+		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'system' AND `varname` = 'httpuser'");
+		if(!isset($result) || !isset($result['value']))
+		{
+			$has_preconfig = true;
+			$has_nouser = true;
+			$guessed_user = 'www-data';
+			if(function_exists('posix_getuid')
+				&& function_exists('posix_getpwuid')
+			) {
+				$_httpuser = posix_getpwuid(posix_getuid());
+				$guessed_user = $_httpuser['name'];
+			}
+		}
+		
+		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'system' AND `varname` = 'httpgroup'");
+		if(!isset($result) || !isset($result['value']))
+		{
+			$has_preconfig = true;
+			$has_nogroup = true;
+			$guessed_group = 'www-data';
+			if(function_exists('posix_getgid')
+				&& function_exists('posix_getgrgid')
+			) {
+				$_httpgroup = posix_getgrgid(posix_getgid());
+				$guessed_group = $_httpgroup['name'];
+			}
+		}
+
+		if($has_nouser || $has_nogroup)
+		{
+			$description = 'Please enter the correct username/groupname of the webserver on your system We\'re guessing the user but it might not be correct, so please check.';
+			if($has_nouser)
+			{
+				$question = '<strong>Please enter the webservers username:</strong>&nbsp;<input type="text" class="text" name="update_httpuser" value="'.$guessed_user.'" />';
+			} 
+			elseif($has_nogroup) 
+			{
+				$question2 = '<strong>Please enter the webservers groupname:</strong>&nbsp;<input type="text" class="text" name="update_httpgroup" value="'.$guessed_group.'" />';
+				if($has_nouser) {
+					$question .= '<br /><br />'.$question2;
+				} else {
+					$question = $question2;
+				}
+			}
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		}
+	}
+
+	if(versionInUpdate($current_version, '0.9.10'))
+	{
+		$has_preconfig = true;
+		$description = 'you can now decide whether Froxlor should be reached via hostname/froxlor or directly via the hostname.';
+		$question = '<strong>Do you want Froxlor to be reached directly via the hostname?:</strong>&nbsp;';
+		$question.= makeyesno('update_directlyviahostname', '1', '0', '0');
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if(versionInUpdate($current_version, '0.9.11-svn1'))
+	{
+		$has_preconfig = true;
+		$description = 'It is possible to enhance security with setting a regular expression to force your customers to enter more complex passwords.';
+		$question = '<strong>Enter a regular expression to force a higher password complexity (leave empty for none):</strong>&nbsp;';
+		$question.= '<input type="text" class="text" name="update_pwdregex" value="" />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if(versionInUpdate($current_version, '0.9.11-svn3'))
+	{
+		$has_preconfig = true;
+		$description = 'As Froxlor can now handle perl, you have to specify where the perl executable is (only if you\'re running lighttpd, else just leave empty).';
+		$question = '<strong>Path to perl (default \'/usr/bin/perl\'):</strong>&nbsp;';
+		$question.= '<input type="text" class="text" name="update_perlpath" value="/usr/bin/perl" />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+	
+	if(versionInUpdate($current_version, '0.9.12-svn1'))
+	{
+		if($settings['system']['mod_fcgid'] == 1)
+		{
+			$has_preconfig = true;
+			$description = 'You can chose whether you want Froxlor to use FCGID itself too now.';
+			$question = '<strong>Use FCGID for the Froxlor Panel?:</strong>&nbsp;';
+			$question.= makeyesno('update_fcgid_ownvhost', '1', '0', '0').'<br /><br />';
+			$question.= '<strong>If \'yes\', please specify local user/group (have to exist, Froxlor does not add them automatically):</strong><br /><br />';
+			$question.= 'Local user:&nbsp;';
+			$question.= '<input type="text" class="text" name="update_fcgid_httpuser" value="froxlorlocal" /><br /><br />';
+			$question.= 'Local group:&nbsp;';
+			$question.= '<input type="text" class="text" name="update_fcgid_ownvhost" value="froxlorlocal" /><br />';
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		}
+	}
+
+	if(versionInUpdate($current_version, '0.9.12-svn2'))
+	{
+		$has_preconfig = true;
+		$description = 'Many apache user will have problems using perl/CGI as the customer docroots are not within the suexec path. Froxlor provides a simple workaround for that.';
+		$question = '<strong>Enable Apache/SuExec/Perl workaround?:</strong>&nbsp;';
+		$question.= makeyesno('update_perl_suexecworkaround', '1', '0', '0').'<br /><br />';
+		$question.= '<strong>If \'yes\', please specify a path within the suexec path where Froxlor will create symlinks to customer perl-enabled paths:</strong><br /><br />';
+		$question.= 'Path for symlinks (must be within suexec path):&nbsp;';
+		$question.= '<input type="text" class="text" name="update_perl_suexecpath" value="/var/www/cgi-bin/" /><br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if(versionInUpdate($current_version, '0.9.12-svn4'))
+	{
+		if((int)$settings['system']['awstats_enabled'] == 1)
+		{
+			$has_preconfig = true;
+			$description = 'Due to different paths of awstats_buildstaticpages.pl and awstats.pl you can set a different path for awstats.pl now.';
+			$question = '<strong>Path to \'awstats.pl\'?:</strong>&nbsp;';
+			$question.= '<input type="text" class="text" name="update_awstats_awstatspath" value="'.$settings['system']['awstats_path'].'" /><br />';
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		}
+	}
+
+	if(versionInUpdate($current_version, '0.9.13-svn1'))
+	{
+		if((int)$settings['autoresponder']['autoresponder_active'] == 1)
+		{
+			$has_preconfig = true;
+			$description = 'Froxlor can now limit the number of autoresponder-entries for each user. Here you can set the value which will be available for each customer (Of course you can change the value for each customer separately after the update).';
+			$question = '<strong>How many autoresponders should your customers be able to add?:</strong>&nbsp;';
+			$question.= '<input type="text" class="text" name="update_autoresponder_default" value="0" />&nbsp;'.makecheckbox('update_autoresponder_default', $lng['customer']['unlimited'], '-1', false, 0, true, true).'<br />';
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		}
+	}
+}

install/updatesql.php

@@ -19,6 +19,18 @@
 
 $updatelog = FroxlorLogger::getInstanceOf(array('loginname' => 'updater'), $db, $settings);
 
+$updatelogfile = validateUpdateLogFile(makeCorrectFile(dirname(__FILE__).'/update.log'));
+$filelog = FileLogger::getInstanceOf(array('loginname' => 'updater'), $settings);
+$filelog->setLogFile($updatelogfile);
+
+// if first writing does not work we'll stop, tell the user to fix it
+// and then let him try again.
+try {
+	$filelog->logAction(ADM_ACTION, LOG_WARNING, '-------------- START LOG --------------');
+} catch(Exception $e) {
+	standard_error('exception', $e->getMessage());
+}
+
 /*
  * since froxlor, we have to check if there's still someone
  * out there using syscp and needs to upgrade
@@ -90,6 +102,8 @@ if(!isFroxlor())
 if(isFroxlor())
 {
 	include_once (makeCorrectFile(dirname(__FILE__).'/updates/froxlor/0.9/update_0.9.inc.php'));
+	$filelog->logAction(ADM_ACTION, LOG_WARNING, '--------------- END LOG ---------------');
+	unset($filelog);
 }
 
 ?>

lib/classes/aps/class.ApsInstaller.php

@@ -32,6 +32,7 @@ class ApsInstaller extends ApsParser
 	private $RealPath = '';
 	private $RootDir = '';
 	private $Hosts = '';
+	private $aps_version = '1.0';
 
 	/**
 	 * constructor of class. setup some basic variables
@@ -72,6 +73,8 @@ class ApsInstaller extends ApsParser
 
 			$XmlContent = file_get_contents($this->RootDir . 'packages/' . $Row['Path'] . '/APP-META.xml');
 			$Xml = new SimpleXMLElement($XmlContent);
+			
+			$this->aps_version = isset($Xml->attributes()->version) ? (string)$Xml->attributes()->version : '1.0';
 
 			//check for unparseable xml data
 
@@ -146,9 +149,16 @@ class ApsInstaller extends ApsParser
 			$ReturnStatus = 0;
 
 			// make configure-script executable
-			chmod($this->RealPath . $this->DomainPath . '/install_scripts/configure', 0755);
+			if($this->aps_version != '1.0')
+			{
+				$scriptname = (string)$Xml->service->provision->{'configuration-script'}['name'];
+			} else {
+				$scriptname = 'configure';
+			}
 
-			$Return = safe_exec('php ' . escapeshellarg($this->RealPath . $this->DomainPath . '/install_scripts/configure') . ' install', $ReturnStatus);
+			chmod($this->RealPath . $this->DomainPath . '/install_scripts/'.$scriptname, 0755);
+
+			$Return = safe_exec('php ' . escapeshellarg($this->RealPath . $this->DomainPath . '/install_scripts/'.$scriptname) . ' install', $ReturnStatus);
 
 			if($ReturnStatus != 0)
 			{
@@ -209,16 +219,24 @@ class ApsInstaller extends ApsParser
 		}
 		elseif($Task == TASK_REMOVE)
 		{
-			//FIXME cleanup installation
+			// check for database
-			//remove files from: $this->RealPath . $this->DomainPath . '/'
+			if ($this->aps_version == '1.0')
-			//remove permissions
+			{
-			//drop database
+				// the good ole way
-
+				$XmlDb = $Xml->requirements->children('http://apstandard.com/ns/1/db');
-			$XmlDb = $Xml->requirements->children('http://apstandard.com/ns/1/db');
+			} 
+			else 
+			{
+				// since 1.1
+				$Xml->registerXPathNamespace('db', 'http://apstandard.com/ns/1/db');
+	
+				$XmlDb = new DynamicProperties;
+				$XmlDb->db->id = getXPathValue($Xml, '//db:id');
+			}
 
 			if($XmlDb->db->id)
 			{
-				//database management
+				//drop database permissions
 
 				$Database = 'web' . $Row['CustomerID'] . 'aps' . $Row['InstanceID'];
 				foreach(array_map('trim', explode(',', $this->Hosts)) as $DatabaseHost)
@@ -228,8 +246,15 @@ class ApsInstaller extends ApsParser
 					$this->db_root->query('DELETE FROM `mysql`.`user` WHERE `User` = "' . $this->db->escape($Database) . '" AND `Host` = "' . $this->db->escape($DatabaseHost) . '"');
 				}
 
+				//drop database
 				$this->db_root->query('DROP DATABASE IF EXISTS `' . $this->db->escape($Database) . '`');
 				$this->db_root->query('FLUSH PRIVILEGES');
+
+				/*
+				 * remove database from customer-mysql overview, #272
+				 */
+				$this->db->query('DELETE FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int)$Row['CustomerID'] . '" AND `databasename`="' . $this->db->escape($Database) . '" AND `apsdb`="1"');
+				$result = $this->db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`-1 WHERE `customerid`="' . (int)$Row['CustomerID'] . '"');
 			}
 
 			//remove task & delete package instance + settings
@@ -237,6 +262,20 @@ class ApsInstaller extends ApsParser
 			$this->db->query('DELETE FROM `' . TABLE_APS_TASKS . '` WHERE `Task` = ' . TASK_REMOVE . ' AND `InstanceID` = ' . $this->db->escape($Row['InstanceID']));
 			$this->db->query('DELETE FROM `' . TABLE_APS_INSTANCES . '` WHERE `ID` = ' . $this->db->escape($Row['InstanceID']));
 			$this->db->query('DELETE FROM `' . TABLE_APS_SETTINGS . '` WHERE `InstanceID` = ' . $this->db->escape($Row['InstanceID']));
+
+			//remove data,  #273
+			if($this->DomainPath != '' && $this->DomainPath != '/') {
+				self::UnlinkRecursive($this->RealPath . $this->DomainPath . '/');
+			} else {
+				// save awstats/webalizer folder if it's the docroot
+				self::UnlinkRecursive($this->RealPath . $this->DomainPath . '/', true);
+				// place standard-index file
+				$loginname = getLoginNameByUid($Row['CustomerID']);
+				if($loginname !== false)
+				{
+					storeDefaultIndex($loginname, $this->RealPath . $this->DomainPath . '/');
+				}
+			}
 		}
 	}
 
@@ -278,6 +317,19 @@ class ApsInstaller extends ApsParser
 
 	private function PrepareFiles($Xml, $Row, $Task)
 	{
+		if($this->aps_version != '1.0')
+		{
+			$mapping = $Xml->service->provision->{'url-mapping'}->mapping;
+			$mapping_path = $Xml->service->provision->{'url-mapping'}->mapping['path'];
+			$mapping_url = $Xml->service->provision->{'url-mapping'}->mapping['url'];
+		}
+		else 
+		{
+			$mapping = $Xml->mapping;
+			$mapping_path = $Xml->mapping['path'];
+			$mapping_url = $Xml->mapping['url'];
+		}
+		
 		if($Task == TASK_INSTALL)
 		{
 			//FIXME truncate customer directory
@@ -287,7 +339,7 @@ class ApsInstaller extends ApsParser
 
 			//extract all files and chown them to the customer guid
 
-			if(self::ExtractZip($this->RootDir . 'packages/' . $Row['Path'] . '/' . $Row['Path'], $Xml->mapping['path'], $this->RealPath . $this->DomainPath . '/') == false
+			if(self::ExtractZip($this->RootDir . 'packages/' . $Row['Path'] . '/' . $Row['Path'], $mapping_path, $this->RealPath . $this->DomainPath . '/') == false
 			|| self::ExtractZip($this->RootDir . 'packages/' . $Row['Path'] . '/' . $Row['Path'], 'scripts', $this->RealPath . $this->DomainPath . '/install_scripts/') == false)
 			{
 				$this->db->query('UPDATE `' . TABLE_APS_INSTANCES . '` SET `Status` = ' . INSTANCE_ERROR . ' WHERE `ID` = ' . $this->db->escape($Row['InstanceID']));
@@ -319,7 +371,7 @@ class ApsInstaller extends ApsParser
 
 		//recursive mappings
 
-		self::PrepareMappings($Xml->mapping, $Xml->mapping['url'], $this->RealPath . $this->DomainPath . '/');
+		self::PrepareMappings($mapping, $mapping_url, $this->RealPath . $this->DomainPath . '/');
 		return true;
 	}
 
@@ -336,34 +388,37 @@ class ApsInstaller extends ApsParser
 		//check for special PHP permissions
 		//must be done with xpath otherwise check not possible (XML parser problem with attributes)
 
-		$ParentMapping->registerXPathNamespace('p', 'http://apstandard.com/ns/1/php');
+		if($ParentMapping && $ParentMapping !== null)
-		$Result = $ParentMapping->xpath('p:permissions');
-
-		if($Result[0]['writable'] == 'true')
 		{
-			//fixing file permissions to writeable
+			$ParentMapping->registerXPathNamespace('p', 'http://apstandard.com/ns/1/php');
-
+			$Result = $ParentMapping->xpath('p:permissions');
-			if(is_dir($Path))
+	
+			if($Result[0]['writable'] == 'true')
 			{
-				chmod($Path, 0775);
+				//fixing file permissions to writeable
+	
+				if(is_dir($Path))
+				{
+					chmod($Path, 0775);
+				}
+				else
+				{
+					chmod($Path, 0664);
+				}
 			}
-			else
+	
+			if($Result[0]['readable'] == 'false')
 			{
-				chmod($Path, 0664);
+				//fixing file permissions to non readable
-			}
+	
-		}
+				if(is_dir($Path))
-
+				{
-		if($Result[0]['readable'] == 'false')
+					chmod($Path, 0333);
-		{
+				}
-			//fixing file permissions to non readable
+				else
-
+				{
-			if(is_dir($Path))
+					chmod($Path, 0222);
-			{
+				}
-				chmod($Path, 0333);
-			}
-			else
-			{
-				chmod($Path, 0222);
 			}
 		}
 
@@ -373,18 +428,20 @@ class ApsInstaller extends ApsParser
 		putenv('WEB_' . $EnvVariable . '_DIR=' . $Path);
 
 		//resolve deeper mappings
-
+		if($ParentMapping && $ParentMapping !== null)
-		foreach($ParentMapping->mapping as $Mapping)
 		{
-			//recursive check of other mappings
+			foreach($ParentMapping->mapping as $Mapping)
-
-			if($Url == '/')
 			{
-				self::PrepareMappings($Mapping, $Url . $Mapping['url'], $Path . $Mapping['url']);
+				//recursive check of other mappings
-			}
+	
-			else
+				if($Url == '/')
-			{
+				{
-				self::PrepareMappings($Mapping, $Url . '/' . $Mapping['url'], $Path . '/' . $Mapping['url']);
+					self::PrepareMappings($Mapping, $Url . $Mapping['url'], $Path . $Mapping['url']);
+				}
+				else
+				{
+					self::PrepareMappings($Mapping, $Url . '/' . $Mapping['url'], $Path . '/' . $Mapping['url']);
+				}
 			}
 		}
 	}
@@ -433,9 +490,22 @@ class ApsInstaller extends ApsParser
 
 	private function PrepareDatabase($Xml, $Row, $Task)
 	{
-		global $db_root;
 		$XmlDb = $Xml->requirements->children('http://apstandard.com/ns/1/db');
 
+		if ($this->aps_version == '1.0')
+		{
+			// the good ole way
+			$XmlDb = $Xml->requirements->children('http://apstandard.com/ns/1/db');
+		} 
+		else
+		{
+			// since 1.1
+			$Xml->registerXPathNamespace('db', 'http://apstandard.com/ns/1/db');
+
+			$XmlDb = new DynamicProperties;
+			$XmlDb->db->id = getXPathValue($Xml, '//db:id');
+		}
+
 		if($XmlDb->db->id)
 		{
 			//database management
@@ -456,6 +526,13 @@ class ApsInstaller extends ApsParser
 				}
 
 				$this->db_root->query('FLUSH PRIVILEGES');
+
+				/*
+				 * add database to customers databases, #272
+				 */
+				$databasedescription = $Xml->name.' '.$Xml->version.' (Release ' . $Xml->release . ')'; 
+				$result = $this->db->query('INSERT INTO `' . TABLE_PANEL_DATABASES . '` (`customerid`, `databasename`, `description`, `dbserver`, `apsdb`) VALUES ("' . (int)$Row['CustomerID'] . '", "' . $this->db->escape($NewDatabase) . '", "' . $this->db->escape($databasedescription) . '", "0", "1")');
+				$result = $this->db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`+1 WHERE `customerid`="' . (int)$Row['CustomerID'] . '"');	
 			}
 
 			//get first mysql access host
@@ -576,5 +653,3 @@ class ApsInstaller extends ApsParser
 		return false;
 	}
 }
-
-?>

lib/classes/aps/class.ApsParser.php

@@ -38,6 +38,7 @@ class ApsParser
 	private $settings = array();
 	private $db = false;
 	private $RootDir = '';
+	private $aps_version = '1.0';
 
 	/**
 	 * Constructor of class, setup basic variables needed by the class
@@ -399,9 +400,9 @@ class ApsParser
 	 * unlink files recursively
 	 *
 	 * @param	dir			directory to delete recursive
+	 * @param   boolean     whether the base-directory should be kept or not
 	 */
-
+	protected function UnlinkRecursive($Dir, $save_base = false)
-	protected function UnlinkRecursive($Dir)
 	{
 		if(!$DirHandle = @opendir($Dir))return;
 
@@ -410,6 +411,12 @@ class ApsParser
 			if($Object == '.'
 			   || $Object == '..')continue;
 
+			if($save_base  
+				&& (strtoupper($Object) == 'AWSTATS' || strtoupper($Object) == 'WEBALIZER')
+			) {
+				continue;
+			}
+
 			if(!@unlink($Dir . '/' . $Object))
 			{
 				self::UnlinkRecursive($Dir . '/' . $Object);
@@ -417,7 +424,10 @@ class ApsParser
 		}
 
 		closedir($DirHandle);
-		@rmdir($Dir);
+		if(!$save_base)
+		{
+			@rmdir($Dir);
+		}
 	}
 
 	/**
@@ -988,14 +998,26 @@ class ApsParser
 			if($Xml == false)continue;
 			$Icon = './images/default.png';
 
+			$this->aps_version = isset($Xml->attributes()->version) ? (string)$Xml->attributes()->version : '1.0';
+
 			//show data and status of package
 
-			if($Xml->icon['path'])
+			if($this->aps_version != '1.0')
 			{
-				$Icon = './packages/' . $Row2['Path'] . '/' . basename($Xml->icon['path']);
+				$iconpath = $Xml->presentation->icon['path'];
+				$Summary = htmlspecialchars($Xml->presentation->summary);
+			} 
+			else
+			{
+				$iconpath = $Xml->icon['path'];
+				$Summary = htmlspecialchars($Xml->summary);
+			}
+
+			if($iconpath)
+			{
+				$Icon = './packages/' . $Row2['Path'] . '/' . basename($iconpath);
 			}
 
-			$Summary = $Xml->summary;
 			$Fieldname = $lng['aps']['version'];
 			$Fieldvalue = $Xml->version . ' (Release ' . $Xml->release . ')';
 			eval("\$Data.=\"" . getTemplate("aps/data") . "\";");
@@ -1292,12 +1314,14 @@ class ApsParser
 
 		//check for special CGI url handlers within mappings
 
+		/**
+		 * as of 0.9.13 we can handle CGI ;-), #404
+		 *
 		$XmlCgiMapping = $ParentMapping->children('http://apstandard.com/ns/1/cgi');
-
+		if($XmlCgiMapping->handler) {
-		if($XmlCgiMapping->handler)
-		{
 			$Error[] = $lng['aps']['cgi'];
 		}
+		*/
 
 		//resolve deeper mappings
 
@@ -1338,23 +1362,43 @@ class ApsParser
 
 	private function InstallNewPackage($Filename)
 	{
-		global $lng;
+		global $lng, $userinfo;
 
 		if(file_exists($Filename)
 		   && $Xml = self::GetXmlFromZip($Filename))
 		{
 			$Error = array();
 
+			$this->aps_version = isset($Xml->attributes()->version) ? (string)$Xml->attributes()->version : '1.0';
+
 			//check alot of stuff if package is supported
 			//php modules
 
-			$XmlPhp = $Xml->requirements->children('http://apstandard.com/ns/1/php');
+			if ($this->aps_version == '1.0')
+			{
+				// the good ole way
+				$XmlPhp = $Xml->requirements->children('http://apstandard.com/ns/1/php');
+			} 
+			else 
+			{
+				// since 1.1
+				$Xml->registerXPathNamespace('php', 'http://apstandard.com/ns/1/php');
+
+				$XmlPhp = new DynamicProperties;
+				$XmlPhp->extension = getXPathValue($Xml, '//php:extension', false);
+				$XmlPhp->function = getXPathValue($Xml, '//php:function', false);
+			}
 
 			if($XmlPhp->extension)
 			{
 				$ExtensionsLoaded = get_loaded_extensions();
 				foreach($XmlPhp->extension as $Extension)
 				{
+					if(strtolower($Extension) == 'php')
+					{
+						continue;
+					}
+
 					if(!in_array($Extension, $ExtensionsLoaded)
 					   && !self::CheckException('php', 'extension', $Extension))
 					{
@@ -1389,6 +1433,11 @@ class ApsParser
 			);
 			foreach($PhpValues as $Value)
 			{
+				if ($this->aps_version != '1.0')
+				{
+					$XmlPhp->{$Value} = getXPathValue($Xml, '//php:'.$Value);
+				}
+
 				if($XmlPhp->{$Value})
 				{
 					if(self::TrueFalseIniGet($Value) != $XmlPhp->{$Value}
@@ -1399,6 +1448,11 @@ class ApsParser
 				}
 			}
 
+			if ($this->aps_version != '1.0')
+			{
+				$XmlPhp->{'post-max-size'} = getXPathValue($Xml, '//php:post-max-size');
+			}
+
 			if($XmlPhp->{'post-max-size'})
 			{
 				if(self::PhpMemorySizeToBytes(ini_get('post_max_size')) < intval($XmlPhp->{'post-max-size'})
@@ -1408,6 +1462,11 @@ class ApsParser
 				}
 			}
 
+			if ($this->aps_version != '1.0')
+			{
+				$XmlPhp->{'memory-limit'} = getXPathValue($Xml, '//php:memory-limit');
+			}
+
 			if($XmlPhp->{'memory-limit'})
 			{
 				if(self::PhpMemorySizeToBytes(ini_get('memory_limit')) < intval($XmlPhp->{'memory-limit'})
@@ -1417,6 +1476,11 @@ class ApsParser
 				}
 			}
 
+			if ($this->aps_version != '1.0')
+			{
+				$XmlPhp->{'max-execution-time'} = getXPathValue($Xml, '//php:max-execution-time');
+			}
+
 			if($XmlPhp->{'max-execution-time'})
 			{
 				if(ini_get('max_execution_time') < intval($XmlPhp->{'max-execution-time'})
@@ -1450,7 +1514,21 @@ class ApsParser
 
 			//database
 
-			$XmlDb = $Xml->requirements->children('http://apstandard.com/ns/1/db');
+			if ($this->aps_version == '1.0')
+			{
+				// the good ole way
+				$XmlDb = $Xml->requirements->children('http://apstandard.com/ns/1/db');
+			} 
+			else 
+			{
+				// since 1.1
+				$Xml->registerXPathNamespace('db', 'http://apstandard.com/ns/1/db');
+
+				$XmlDb = new DynamicProperties;
+				$XmlDb->db->id = getXPathValue($Xml, '//db:id');
+				$XmlDb->db->{'server-type'} = getXPathValue($Xml, '//db:server-type');
+				$XmlDb->db->{'server-min-version'} = getXPathValue($Xml, '//db:server-min-version');
+			}
 
 			if($XmlDb->db->id)
 			{
@@ -1467,7 +1545,21 @@ class ApsParser
 
 			//ASP.NET
 
-			$XmlAsp = $Xml->requirements->children('http://apstandard.com/ns/1/aspnet');
+			if ($this->aps_version == '1.0')
+			{
+				// the good ole way
+				$XmlAsp = $Xml->requirements->children('http://apstandard.com/ns/1/aspnet');
+			} 
+			else 
+			{
+				// since 1.1
+				$Xml->registerXPathNamespace('aspnet', 'http://apstandard.com/ns/1/aspnet');
+
+				$XmlAsp = new DynamicProperties;
+				$XmlAsp->handler = getXPathValue($Xml, '//aspnet:handler');
+				$XmlAsp->permissions = getXPathValue($Xml, '//aspnet:permissions');
+				$XmlAsp->version = getXPathValue($Xml, '//aspnet:version');
+			}
 
 			if($XmlAsp->handler
 			   || $XmlAsp->permissions
@@ -1477,17 +1569,45 @@ class ApsParser
 			}
 
 			//CGI
+			/**
+			 * as of 0.9.13 we can handle CGI ;-), #404
+			 *
+			if ($this->aps_version == '1.0')
+			{
+				// the good ole way
+				$XmlCgi = $Xml->requirements->children('http://apstandard.com/ns/1/cgi');
+			} 
+			else 
+			{
+				// since 1.1
+				$Xml->registerXPathNamespace('cgi', 'http://apstandard.com/ns/1/cgi');
 
-			$XmlCgi = $Xml->requirements->children('http://apstandard.com/ns/1/cgi');
+				$XmlCgi = new DynamicProperties;
+				$XmlCgi->handler = getXPathValue($Xml, '//cgi:handler');
+			}
 
 			if($XmlCgi->handler)
 			{
 				$Error[] = $lng['aps']['cgi'];
 			}
+			*/
 
 			//webserver modules
 
-			$XmlWebserver = $Xml->requirements->children('http://apstandard.com/ns/1/apache');
+			if ($this->aps_version == '1.0')
+			{
+				// the good ole way
+				$XmlWebserver = $Xml->requirements->children('http://apstandard.com/ns/1/apache');
+			} 
+			else
+			{
+				// since 1.1
+				$Xml->registerXPathNamespace('apache', 'http://apstandard.com/ns/1/apache');
+
+				$XmlWebserver = new DynamicProperties;
+				$XmlWebserver->{'required-module'} = getXPathValue($Xml, '//apache:required-module');
+				$XmlWebserver->htaccess = getXPathValue($Xml, '//apache:htaccess');
+			}
 
 			if($XmlWebserver->{'required-module'})
 			{
@@ -1527,7 +1647,21 @@ class ApsParser
 
 			//validation against a charset not possible in current version
 
-			foreach($Xml->settings->group as $Group)
+			if ($this->aps_version == '1.0')
+			{
+				// the good ole way
+				$aps_settings_array = $Xml->settings->group;
+			} 
+			else
+			{
+				// since 1.1
+				$aps_settings_array = $Xml->{'global-settings'}->setting;
+				if(!is_array($aps_settings_array)) {
+					$aps_settings_array = $Xml->service->settings->group;
+				}
+			}
+			
+			foreach($aps_settings_array as $Group)
 			{
 				foreach($Group->setting as $Setting)
 				{
@@ -1544,13 +1678,16 @@ class ApsParser
 
 			//check different errors/features in submappings
 
-			$Return = self::CheckSubmappings($Xml->mapping, $Xml->mapping['url']);
+			if ($this->aps_version == '1.0')
+			{			
+				$Return = self::CheckSubmappings($Xml->mapping, $Xml->mapping['url']);
 
-			if(count($Return) != 0)
+				if(count($Return) != 0)
-			{
-				foreach($Return as $Value)
 				{
-					if(!in_array($Value, $Error))$Error[] = $Value;
+					foreach($Return as $Value)
+					{
+						if(!in_array($Value, $Error))$Error[] = $Value;
+					}
 				}
 			}
 
@@ -1616,28 +1753,57 @@ class ApsParser
 				self::GetContentFromZip($Filename, 'APP-META.xml', $Destination . 'APP-META.xml');
 
 				//copy screenshots
-
+				
-				if($Xml->screenshot)
+				if ($this->aps_version != '1.0')
 				{
-					foreach($Xml->screenshot as $Screenshot)
+					$xml_screenshots = $Xml->presentation->screenshot;;
+				}
+				else
+				{
+					$xml_screenshots = $Xml->screenshot;
+				}
+				
+
+				if($xml_screenshots)
+				{
+					foreach($xml_screenshots as $Screenshot)
 					{
 						self::GetContentFromZip($Filename, $Screenshot['path'], $Destination . basename($Screenshot['path']));
 					}
 				}
 
 				//copy icon
-
+				
-				if($Xml->icon['path'])
+				if ($this->aps_version != '1.0')
 				{
-					self::GetContentFromZip($Filename, $Xml->icon['path'], $Destination . basename($Xml->icon['path']));
+					$xml_iconpath = $Xml->presentation->icon['path'];
+				}
+				else
+				{
+					$xml_iconpath = $Xml->icon['path'];
+				}
+
+				if($xml_iconpath)
+				{
+					self::GetContentFromZip($Filename, $xml_iconpath, $Destination . basename($xml_iconpath));
 				}
 
 				//copy license
-
+				
-				if($Xml->license
+				if ($this->aps_version != '1.0')
-				   && $Xml->license->text->file)
 				{
-					self::GetContentFromZip($Filename, $Xml->license->text->file, $Destination . 'license.txt');
+					$xml_license = $Xml->service->license;
+				}
+				else
+				{
+					$xml_license = $Xml->license;
+				}				
+				
+
+				if($xml_license
+				   && $xml_license->text->file)
+				{
+					self::GetContentFromZip($Filename, $xml_license->text->file, $Destination . 'license.txt');
 				}
 
 				//insert package to database
@@ -1679,7 +1845,7 @@ class ApsParser
 
 	public function MainHandler($Action)
 	{
-		global $lng, $filename, $s, $page, $action, $Id;
+		global $lng, $filename, $s, $page, $action, $Id, $userinfo;
 
 		//check for basic functions, classes and permissions
 
@@ -2030,6 +2196,13 @@ class ApsParser
 					return;
 				}
 
+				// no more contingent, #278
+				if($userinfo['aps_packages'] == $userinfo['aps_packages_used'] 
+					&& $userinfo['aps_packages'] != '-1'
+				){
+					self::InfoBox($lng['aps']['nocontingent']);
+				}
+
 				//show packages
 
 				while($Row3 = $this->db->fetch_array($result2))
@@ -2363,10 +2536,26 @@ class ApsParser
 
 		if($Xml == false)return false;
 
+		$this->aps_version = isset($Xml->attributes()->version) ? (string)$Xml->attributes()->version : '1.0';		
+
 		//check all data fields of xml file against inut of customer
 
+		if ($this->aps_version == '1.0')
+		{
+			// the good ole way
+			$aps_settings_array = $Xml->settings->group;
+		} 
+		else
+		{
+			// since 1.1
+			$aps_settings_array = $Xml->{'global-settings'}->setting;
+			if(!is_array($aps_settings_array)) {
+				$aps_settings_array = $Xml->service->settings->group;
+			}			
+		}
+		
 		$Error = array();
-		foreach($Xml->settings->group as $Group)
+		foreach($aps_settings_array as $Group)
 		{
 			foreach($Group->setting as $Setting)
 			{
@@ -2415,7 +2604,8 @@ class ApsParser
 				{
 					if(isset($_POST[$FieldId]))
 					{
-						if(!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/", $_POST[$FieldId]))
+						$email = strtolower($_POST[$FieldId]);
+						if(filter_var($email, FILTER_VALIDATE_EMAIL) === false)
 						{
 							if(!in_array($FieldId, $Error))$Error[] = $FieldId;
 						}
@@ -2541,7 +2731,19 @@ class ApsParser
 
 		//database required?
 
-		$XmlDb = $Xml->requirements->children('http://apstandard.com/ns/1/db');
+		if ($this->aps_version == '1.0')
+		{
+			// the good ole way
+			$XmlDb = $Xml->requirements->children('http://apstandard.com/ns/1/db');
+		} 
+		else 
+		{
+			// since 1.1
+			$Xml->registerXPathNamespace('db', 'http://apstandard.com/ns/1/db');
+
+			$XmlDb = new DynamicProperties;
+			$XmlDb->db->id = getXPathValue($Xml, '//db:id');
+		}
 
 		if($XmlDb->db->id)
 		{
@@ -2663,10 +2865,19 @@ class ApsParser
 			self::SetInstallationValue($PackageId, $CustomerId, 'main_location', '');
 		}
 
-		if($Xml->license)
+		if ($this->aps_version != '1.0')
 		{
-			if($Xml->license['must-accept']
+			$xml_license = $Xml->service->license;
-			   && $Xml->license['must-accept'] == 'true')
+		}
+		else
+		{
+			$xml_license = $Xml->license;
+		}
+		
+		if($xml_license)
+		{
+			if($xml_license['must-accept']
+			   && $xml_license['must-accept'] == 'true')
 			{
 				if(isset($_POST['license'])
 				   && $_POST['license'] == 'true')
@@ -2711,6 +2922,8 @@ class ApsParser
 
 		if($Xml == false)return false;
 
+		$this->aps_version = isset($Xml->attributes()->version) ? (string)$Xml->attributes()->version : '1.0';
+		
 		//show notifcation if customer has reached his installation limit
 
 		if($this->userinfo['aps_packages'] != '-1'
@@ -2723,10 +2936,19 @@ class ApsParser
 		//icon for package
 
 		$Icon = './images/default.png';
-
+		
-		if($Xml->icon['path'])
+		if($this->aps_version != '1.0')
 		{
-			$Icon = './packages/' . $Row['Path'] . '/' . basename($Xml->icon['path']);
+			$iconpath = $Xml->presentation->icon['path'];		
+		} 
+		else
+		{
+			$iconpath = $Xml->icon['path'];
+		}
+
+		if($iconpath)
+		{
+			$Icon = './packages/' . $Row['Path'] . '/' . basename($iconpath);
 		}
 
 		//show error message if some input was wrong
@@ -2760,7 +2982,7 @@ class ApsParser
 			{
 				if($Value)
 				{
-					if($Row3['ID'] == $Value)
+					if($Row3['id'] == $Value)
 					{
 						$Temp.= '<option selected="selected" value="' . $Row3['id'] . '">' . $Row3['domain'] . '</option>';
 					}
@@ -2812,7 +3034,19 @@ class ApsParser
 
 		//database required?
 
-		$XmlDb = $Xml->requirements->children('http://apstandard.com/ns/1/db');
+		if ($this->aps_version == '1.0')
+		{
+			// the good ole way
+			$XmlDb = $Xml->requirements->children('http://apstandard.com/ns/1/db');
+		} 
+		else 
+		{
+			// since 1.1
+			$Xml->registerXPathNamespace('db', 'http://apstandard.com/ns/1/db');
+
+			$XmlDb = new DynamicProperties;
+			$XmlDb->db->id = getXPathValue($Xml, '//db:id');
+		}
 
 		if($XmlDb->db->id)
 		{
@@ -2830,8 +3064,22 @@ class ApsParser
 			$Fieldvalue = $Temp;
 			eval("\$Data.=\"" . getTemplate("aps/data") . "\";");
 		}
+		
+		if ($this->aps_version == '1.0')
+		{
+			// the good ole way
+			$aps_settings_array = $Xml->settings->group;
+		} 
+		else
+		{
+			// since 1.1
+			$aps_settings_array = $Xml->{'global-settings'}->setting;
+			if(!is_array($aps_settings_array)) {
+				$aps_settings_array = $Xml->service->settings->group;
+			}
+		}		
 
-		foreach($Xml->settings->group as $Group)
+		foreach($aps_settings_array as $Group)
 		{
 			$GroupPrinted = false;
 			foreach($Group->setting as $Setting)
@@ -3014,16 +3262,25 @@ class ApsParser
 			}
 		}
 
-		if($Xml->license)
+		if ($this->aps_version != '1.0')
+		{
+			$xml_license = $Xml->service->license;
+		}
+		else
+		{
+			$xml_license = $Xml->license;
+		}
+		
+		if($xml_license)
 		{
 			$Temp = '';
 
-			if($Xml->license['must-accept']
+			if($xml_license['must-accept']
-			   && $Xml->license['must-accept'] == 'true')
+			   && $xml_license['must-accept'] == 'true')
 			{
-				if($Xml->license->text->name)$Temp.= $Xml->license->text->name . '<br/>';
+				if($xml_license->text->name)$Temp.= $xml_license->text->name . '<br/>';
 
-				if($Xml->license->text->file)
+				if($xml_license->text->file)
 				{
 					$Temp.= '<textarea name="text" rows="10" cols="55">';
 					$FileContent = file_get_contents('./packages/' . $Row['Path'] . '/license.txt');
@@ -3036,7 +3293,7 @@ class ApsParser
 				}
 				else
 				{
-					$Temp.= '<a target="_blank" href="' . htmlspecialchars($Xml->license->text->url) . '">' . $lng['aps']['error_license'] . '</a>';
+					$Temp.= '<a target="_blank" href="' . htmlspecialchars($xml_license->text->url) . '">' . $lng['aps']['error_license'] . '</a>';
 					$Groupname = $lng['aps']['license'];
 					$Fieldname = $lng['aps']['license'];
 					$Fieldvalue = $Temp;
@@ -3087,14 +3344,37 @@ class ApsParser
 		if($Xml == false)return false;
 		$Icon = './images/default.png';
 
-		//show icon and basic data
+		$this->aps_version = isset($Xml->attributes()->version) ? (string)$Xml->attributes()->version : '1.0';
 
-		if($Xml->icon['path'])
+		//show icon and basic data
+		if($this->aps_version != '1.0')
 		{
-			$Icon = './packages/' . $Row['Path'] . '/' . basename($Xml->icon['path']);
+			$iconpath = $Xml->presentation->icon['path'];
+			$Summary = htmlspecialchars($Xml->presentation->summary);
+			$categories = $Xml->presentation->categories;
+			$languages =  $Xml->presentation->languages;
+			$description = $Xml->presentation->description;
+			$changelogs = $Xml->presentation->changelog;
+			$license = $Xml->service->license;
+			$screenshots = $Xml->presentation->screenshot;			
+		} 
+		else
+		{
+			$iconpath = $Xml->icon['path'];
+			$Summary = htmlspecialchars($Xml->summary);
+			$categories = $Xml->categories;
+			$languages =  $Xml->languages;
+			$description = $Xml->description;
+			$changelogs = $Xml->changelog;
+			$license = $Xml->license;
+			$screenshots = $Xml->screenshot;
+		}
+
+		if($iconpath)
+		{
+			$Icon = './packages/' . $Row['Path'] . '/' . basename($iconpath);
 		}
 
-		$Summary = htmlspecialchars($Xml->summary);
 		$Fieldname = $lng['aps']['version'];
 		$Fieldvalue = $Xml->version . ' (Release ' . $Xml->release . ')';
 		eval("\$Data.=\"" . getTemplate("aps/data") . "\";");
@@ -3119,12 +3399,12 @@ class ApsParser
 
 		//show categories
 
-		if($Xml->categories)
+		if($categories)
 		{
 			$Temp = '';
-			foreach($Xml->categories->category as $Categories)
+			foreach($categories->category as $_categories)
 			{
-				$Temp.= htmlspecialchars($Categories[0]) . '<br/>';
+				$Temp.= htmlspecialchars($_categories[0]) . '<br/>';
 			}
 
 			$Fieldname = $lng['aps']['categories'];
@@ -3134,12 +3414,12 @@ class ApsParser
 
 		//show available languages
 
-		if($Xml->languages)
+		if($languages)
 		{
 			$Temp = '';
-			foreach($Xml->languages->language as $Languages)
+			foreach($languages->language as $_languages)
 			{
-				$Temp.= $Languages[0] . ' ';
+				$Temp.= $_languages[0] . ' ';
 			}
 
 			$Fieldname = $lng['aps']['languages'];
@@ -3152,7 +3432,7 @@ class ApsParser
 		if($All == true)
 		{
 			$Fieldname = $lng['aps']['long_description'];
-			$Fieldvalue = htmlspecialchars($Xml->description);
+			$Fieldvalue = htmlspecialchars($description);
 			eval("\$Data.=\"" . getTemplate("aps/data") . "\";");
 
 			//show config script language
@@ -3167,7 +3447,7 @@ class ApsParser
 			//show changelog
 
 			$Temp = '<ul>';
-			foreach($Xml->changelog->version as $Versions)
+			foreach($changelogs->version as $Versions)
 			{
 				$Temp.= '<li><strong>' . $Versions['version'] . ' (Release ' . $Versions['release'] . ')</strong>';
 				$Temp.= '<ul>';
@@ -3186,13 +3466,13 @@ class ApsParser
 
 			//show license
 
-			if($Xml->license)
+			if($license)
 			{
-				if($Xml->license->text->file)
+				if($license->text->file)
 				{
 					$Temp = '';
 
-					if($Xml->license->text->name)$Temp = $Xml->license->text->name . '<br/>';
+					if($license->text->name)$Temp = $license->text->name . '<br/>';
 					$Temp.= '<form name="license" action="#"><textarea name="text" rows="10" cols="70">';
 					$FileContent = file_get_contents('./packages/' . $Row['Path'] . '/license.txt');
 					$Temp.= htmlentities($FileContent, ENT_QUOTES, 'ISO-8859-1');
@@ -3204,23 +3484,23 @@ class ApsParser
 				else
 				{
 					$Fieldname = $lng['aps']['license'];
-					$Fieldvalue = '<a target="_blank" href="' . htmlspecialchars($Xml->license->text->url) . '">' . $lng['aps']['linktolicense'] . '</a>';
+					$Fieldvalue = '<a target="_blank" href="' . htmlspecialchars($license->text->url) . '">' . $lng['aps']['linktolicense'] . '</a>';
 					eval("\$Data.=\"" . getTemplate("aps/data") . "\";");
 				}
 			}
 
 			//show screenshots
 
-			if($Xml->screenshot)
+			if($screenshots)
 			{
 				$Count = 0;
 				$Temp = '';
-				foreach($Xml->screenshot as $Screenshot)
+				foreach($screenshots as $Screenshot)
 				{
 					$Count+= 1;
 					$Temp.= '<img src="./packages/' . $Row['Path'] . '/' . basename($Screenshot['path']) . '" alt="' . $Screenshot->description . '"/><br/><em>' . $Screenshot->description . '</em><br/>';
 
-					if(count($Xml->screenshot) != $Count)$Temp.= '<br/>';
+					if(count($screenshots) != $Count)$Temp.= '<br/>';
 				}
 
 				$Fieldname = $lng['aps']['screenshots'];
@@ -3229,6 +3509,41 @@ class ApsParser
 			}
 		}
 
+		/*
+		 * check if packages needs a database
+		 * and if the customer has contingent for that, #272
+		 */
+		if ($this->aps_version == '1.0')
+		{
+			// the good ole way
+			$XmlDb = $Xml->requirements->children('http://apstandard.com/ns/1/db');
+		}
+		else 
+		{
+			// since 1.1
+			$Xml->registerXPathNamespace('db', 'http://apstandard.com/ns/1/db');
+
+			$XmlDb = new DynamicProperties;
+			$XmlDb->db->id = getXPathValue($Xml, '//db:id');
+		}
+
+		if($XmlDb->db->id)
+		{
+			if($userinfo['mysqls_used'] < $userinfo['mysqls']
+				|| $userinfo['mysqls'] == '-1'
+			){
+				$can_use_db = true;
+			} else {
+				$can_use_db = false;
+			}
+		} else { $can_use_db = true; }
+
+		$db_info = '';
+		if(!$can_use_db)
+		{
+			$db_info = $lng['aps']['packageneedsdb'];
+		}
+
 		eval("echo \"" . getTemplate("aps/package") . "\";");
 		unset($Xml);
 	}

lib/classes/aps/class.DynamicProperties.php

@@ -0,0 +1,18 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    APS
+ * @version    $Id$
+ */
+
+class DynamicProperties { /* empty class for some magic */ }

lib/classes/htmlpurifier/CREDITS

@@ -0,0 +1,9 @@
+
+CREDITS
+
+Almost everything written by Edward Z. Yang (Ambush Commander).  Lots of thanks
+to the DevNetwork Community for their help (see docs/ref-devnetwork.html for
+more details), Feyd especially (namely IPv6 and optimization).  Thanks to RSnake
+for letting me package his fantastic XSS cheatsheet for a smoketest.
+
+    vim: et sw=4 sts=4

lib/classes/htmlpurifier/LICENSE

@@ -0,0 +1,504 @@
+		  GNU LESSER GENERAL PUBLIC LICENSE
+		       Version 2.1, February 1999
+
+ Copyright (C) 1991, 1999 Free Software Foundation, Inc.
+ 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+[This is the first released version of the Lesser GPL.  It also counts
+ as the successor of the GNU Library Public License, version 2, hence
+ the version number 2.1.]
+
+			    Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+Licenses are intended to guarantee your freedom to share and change
+free software--to make sure the software is free for all its users.
+
+  This license, the Lesser General Public License, applies to some
+specially designated software packages--typically libraries--of the
+Free Software Foundation and other authors who decide to use it.  You
+can use it too, but we suggest you first think carefully about whether
+this license or the ordinary General Public License is the better
+strategy to use in any particular case, based on the explanations below.
+
+  When we speak of free software, we are referring to freedom of use,
+not price.  Our General Public Licenses are designed to make sure that
+you have the freedom to distribute copies of free software (and charge
+for this service if you wish); that you receive source code or can get
+it if you want it; that you can change the software and use pieces of
+it in new free programs; and that you are informed that you can do
+these things.
+
+  To protect your rights, we need to make restrictions that forbid
+distributors to deny you these rights or to ask you to surrender these
+rights.  These restrictions translate to certain responsibilities for
+you if you distribute copies of the library or if you modify it.
+
+  For example, if you distribute copies of the library, whether gratis
+or for a fee, you must give the recipients all the rights that we gave
+you.  You must make sure that they, too, receive or can get the source
+code.  If you link other code with the library, you must provide
+complete object files to the recipients, so that they can relink them
+with the library after making changes to the library and recompiling
+it.  And you must show them these terms so they know their rights.
+
+  We protect your rights with a two-step method: (1) we copyright the
+library, and (2) we offer you this license, which gives you legal
+permission to copy, distribute and/or modify the library.
+
+  To protect each distributor, we want to make it very clear that
+there is no warranty for the free library.  Also, if the library is
+modified by someone else and passed on, the recipients should know
+that what they have is not the original version, so that the original
+author's reputation will not be affected by problems that might be
+introduced by others.
+
+  Finally, software patents pose a constant threat to the existence of
+any free program.  We wish to make sure that a company cannot
+effectively restrict the users of a free program by obtaining a
+restrictive license from a patent holder.  Therefore, we insist that
+any patent license obtained for a version of the library must be
+consistent with the full freedom of use specified in this license.
+
+  Most GNU software, including some libraries, is covered by the
+ordinary GNU General Public License.  This license, the GNU Lesser
+General Public License, applies to certain designated libraries, and
+is quite different from the ordinary General Public License.  We use
+this license for certain libraries in order to permit linking those
+libraries into non-free programs.
+
+  When a program is linked with a library, whether statically or using
+a shared library, the combination of the two is legally speaking a
+combined work, a derivative of the original library.  The ordinary
+General Public License therefore permits such linking only if the
+entire combination fits its criteria of freedom.  The Lesser General
+Public License permits more lax criteria for linking other code with
+the library.
+
+  We call this license the "Lesser" General Public License because it
+does Less to protect the user's freedom than the ordinary General
+Public License.  It also provides other free software developers Less
+of an advantage over competing non-free programs.  These disadvantages
+are the reason we use the ordinary General Public License for many
+libraries.  However, the Lesser license provides advantages in certain
+special circumstances.
+
+  For example, on rare occasions, there may be a special need to
+encourage the widest possible use of a certain library, so that it becomes
+a de-facto standard.  To achieve this, non-free programs must be
+allowed to use the library.  A more frequent case is that a free
+library does the same job as widely used non-free libraries.  In this
+case, there is little to gain by limiting the free library to free
+software only, so we use the Lesser General Public License.
+
+  In other cases, permission to use a particular library in non-free
+programs enables a greater number of people to use a large body of
+free software.  For example, permission to use the GNU C Library in
+non-free programs enables many more people to use the whole GNU
+operating system, as well as its variant, the GNU/Linux operating
+system.
+
+  Although the Lesser General Public License is Less protective of the
+users' freedom, it does ensure that the user of a program that is
+linked with the Library has the freedom and the wherewithal to run
+that program using a modified version of the Library.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.  Pay close attention to the difference between a
+"work based on the library" and a "work that uses the library".  The
+former contains code derived from the library, whereas the latter must
+be combined with the library in order to run.
+
+		  GNU LESSER GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License Agreement applies to any software library or other
+program which contains a notice placed by the copyright holder or
+other authorized party saying it may be distributed under the terms of
+this Lesser General Public License (also called "this License").
+Each licensee is addressed as "you".
+
+  A "library" means a collection of software functions and/or data
+prepared so as to be conveniently linked with application programs
+(which use some of those functions and data) to form executables.
+
+  The "Library", below, refers to any such software library or work
+which has been distributed under these terms.  A "work based on the
+Library" means either the Library or any derivative work under
+copyright law: that is to say, a work containing the Library or a
+portion of it, either verbatim or with modifications and/or translated
+straightforwardly into another language.  (Hereinafter, translation is
+included without limitation in the term "modification".)
+
+  "Source code" for a work means the preferred form of the work for
+making modifications to it.  For a library, complete source code means
+all the source code for all modules it contains, plus any associated
+interface definition files, plus the scripts used to control compilation
+and installation of the library.
+
+  Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running a program using the Library is not restricted, and output from
+such a program is covered only if its contents constitute a work based
+on the Library (independent of the use of the Library in a tool for
+writing it).  Whether that is true depends on what the Library does
+and what the program that uses the Library does.
+
+  1. You may copy and distribute verbatim copies of the Library's
+complete source code as you receive it, in any medium, provided that
+you conspicuously and appropriately publish on each copy an
+appropriate copyright notice and disclaimer of warranty; keep intact
+all the notices that refer to this License and to the absence of any
+warranty; and distribute a copy of this License along with the
+Library.
+
+  You may charge a fee for the physical act of transferring a copy,
+and you may at your option offer warranty protection in exchange for a
+fee.
+
+  2. You may modify your copy or copies of the Library or any portion
+of it, thus forming a work based on the Library, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) The modified work must itself be a software library.
+
+    b) You must cause the files modified to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    c) You must cause the whole of the work to be licensed at no
+    charge to all third parties under the terms of this License.
+
+    d) If a facility in the modified Library refers to a function or a
+    table of data to be supplied by an application program that uses
+    the facility, other than as an argument passed when the facility
+    is invoked, then you must make a good faith effort to ensure that,
+    in the event an application does not supply such function or
+    table, the facility still operates, and performs whatever part of
+    its purpose remains meaningful.
+
+    (For example, a function in a library to compute square roots has
+    a purpose that is entirely well-defined independent of the
+    application.  Therefore, Subsection 2d requires that any
+    application-supplied function or table used by this function must
+    be optional: if the application does not supply it, the square
+    root function must still compute square roots.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Library,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Library, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote
+it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Library.
+
+In addition, mere aggregation of another work not based on the Library
+with the Library (or with a work based on the Library) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may opt to apply the terms of the ordinary GNU General Public
+License instead of this License to a given copy of the Library.  To do
+this, you must alter all the notices that refer to this License, so
+that they refer to the ordinary GNU General Public License, version 2,
+instead of to this License.  (If a newer version than version 2 of the
+ordinary GNU General Public License has appeared, then you can specify
+that version instead if you wish.)  Do not make any other change in
+these notices.
+
+  Once this change is made in a given copy, it is irreversible for
+that copy, so the ordinary GNU General Public License applies to all
+subsequent copies and derivative works made from that copy.
+
+  This option is useful when you wish to copy part of the code of
+the Library into a program that is not a library.
+
+  4. You may copy and distribute the Library (or a portion or
+derivative of it, under Section 2) in object code or executable form
+under the terms of Sections 1 and 2 above provided that you accompany
+it with the complete corresponding machine-readable source code, which
+must be distributed under the terms of Sections 1 and 2 above on a
+medium customarily used for software interchange.
+
+  If distribution of object code is made by offering access to copy
+from a designated place, then offering equivalent access to copy the
+source code from the same place satisfies the requirement to
+distribute the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  5. A program that contains no derivative of any portion of the
+Library, but is designed to work with the Library by being compiled or
+linked with it, is called a "work that uses the Library".  Such a
+work, in isolation, is not a derivative work of the Library, and
+therefore falls outside the scope of this License.
+
+  However, linking a "work that uses the Library" with the Library
+creates an executable that is a derivative of the Library (because it
+contains portions of the Library), rather than a "work that uses the
+library".  The executable is therefore covered by this License.
+Section 6 states terms for distribution of such executables.
+
+  When a "work that uses the Library" uses material from a header file
+that is part of the Library, the object code for the work may be a
+derivative work of the Library even though the source code is not.
+Whether this is true is especially significant if the work can be
+linked without the Library, or if the work is itself a library.  The
+threshold for this to be true is not precisely defined by law.
+
+  If such an object file uses only numerical parameters, data
+structure layouts and accessors, and small macros and small inline
+functions (ten lines or less in length), then the use of the object
+file is unrestricted, regardless of whether it is legally a derivative
+work.  (Executables containing this object code plus portions of the
+Library will still fall under Section 6.)
+
+  Otherwise, if the work is a derivative of the Library, you may
+distribute the object code for the work under the terms of Section 6.
+Any executables containing that work also fall under Section 6,
+whether or not they are linked directly with the Library itself.
+
+  6. As an exception to the Sections above, you may also combine or
+link a "work that uses the Library" with the Library to produce a
+work containing portions of the Library, and distribute that work
+under terms of your choice, provided that the terms permit
+modification of the work for the customer's own use and reverse
+engineering for debugging such modifications.
+
+  You must give prominent notice with each copy of the work that the
+Library is used in it and that the Library and its use are covered by
+this License.  You must supply a copy of this License.  If the work
+during execution displays copyright notices, you must include the
+copyright notice for the Library among them, as well as a reference
+directing the user to the copy of this License.  Also, you must do one
+of these things:
+
+    a) Accompany the work with the complete corresponding
+    machine-readable source code for the Library including whatever
+    changes were used in the work (which must be distributed under
+    Sections 1 and 2 above); and, if the work is an executable linked
+    with the Library, with the complete machine-readable "work that
+    uses the Library", as object code and/or source code, so that the
+    user can modify the Library and then relink to produce a modified
+    executable containing the modified Library.  (It is understood
+    that the user who changes the contents of definitions files in the
+    Library will not necessarily be able to recompile the application
+    to use the modified definitions.)
+
+    b) Use a suitable shared library mechanism for linking with the
+    Library.  A suitable mechanism is one that (1) uses at run time a
+    copy of the library already present on the user's computer system,
+    rather than copying library functions into the executable, and (2)
+    will operate properly with a modified version of the library, if
+    the user installs one, as long as the modified version is
+    interface-compatible with the version that the work was made with.
+
+    c) Accompany the work with a written offer, valid for at
+    least three years, to give the same user the materials
+    specified in Subsection 6a, above, for a charge no more
+    than the cost of performing this distribution.
+
+    d) If distribution of the work is made by offering access to copy
+    from a designated place, offer equivalent access to copy the above
+    specified materials from the same place.
+
+    e) Verify that the user has already received a copy of these
+    materials or that you have already sent this user a copy.
+
+  For an executable, the required form of the "work that uses the
+Library" must include any data and utility programs needed for
+reproducing the executable from it.  However, as a special exception,
+the materials to be distributed need not include anything that is
+normally distributed (in either source or binary form) with the major
+components (compiler, kernel, and so on) of the operating system on
+which the executable runs, unless that component itself accompanies
+the executable.
+
+  It may happen that this requirement contradicts the license
+restrictions of other proprietary libraries that do not normally
+accompany the operating system.  Such a contradiction means you cannot
+use both them and the Library together in an executable that you
+distribute.
+
+  7. You may place library facilities that are a work based on the
+Library side-by-side in a single library together with other library
+facilities not covered by this License, and distribute such a combined
+library, provided that the separate distribution of the work based on
+the Library and of the other library facilities is otherwise
+permitted, and provided that you do these two things:
+
+    a) Accompany the combined library with a copy of the same work
+    based on the Library, uncombined with any other library
+    facilities.  This must be distributed under the terms of the
+    Sections above.
+
+    b) Give prominent notice with the combined library of the fact
+    that part of it is a work based on the Library, and explaining
+    where to find the accompanying uncombined form of the same work.
+
+  8. You may not copy, modify, sublicense, link with, or distribute
+the Library except as expressly provided under this License.  Any
+attempt otherwise to copy, modify, sublicense, link with, or
+distribute the Library is void, and will automatically terminate your
+rights under this License.  However, parties who have received copies,
+or rights, from you under this License will not have their licenses
+terminated so long as such parties remain in full compliance.
+
+  9. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Library or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Library (or any work based on the
+Library), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Library or works based on it.
+
+  10. Each time you redistribute the Library (or any work based on the
+Library), the recipient automatically receives a license from the
+original licensor to copy, distribute, link with or modify the Library
+subject to these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties with
+this License.
+
+  11. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Library at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Library by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Library.
+
+If any portion of this section is held invalid or unenforceable under any
+particular circumstance, the balance of the section is intended to apply,
+and the section as a whole is intended to apply in other circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  12. If the distribution and/or use of the Library is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Library under this License may add
+an explicit geographical distribution limitation excluding those countries,
+so that distribution is permitted only in or among countries not thus
+excluded.  In such case, this License incorporates the limitation as if
+written in the body of this License.
+
+  13. The Free Software Foundation may publish revised and/or new
+versions of the Lesser General Public License from time to time.
+Such new versions will be similar in spirit to the present version,
+but may differ in detail to address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Library
+specifies a version number of this License which applies to it and
+"any later version", you have the option of following the terms and
+conditions either of that version or of any later version published by
+the Free Software Foundation.  If the Library does not specify a
+license version number, you may choose any version ever published by
+the Free Software Foundation.
+
+  14. If you wish to incorporate parts of the Library into other free
+programs whose distribution conditions are incompatible with these,
+write to the author to ask for permission.  For software which is
+copyrighted by the Free Software Foundation, write to the Free
+Software Foundation; we sometimes make exceptions for this.  Our
+decision will be guided by the two goals of preserving the free status
+of all derivatives of our free software and of promoting the sharing
+and reuse of software generally.
+
+			    NO WARRANTY
+
+  15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
+WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
+EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
+OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
+KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
+LIBRARY IS WITH YOU.  SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
+THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+  16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
+WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
+AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
+FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
+CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
+LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
+RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
+FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
+SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
+DAMAGES.
+
+		     END OF TERMS AND CONDITIONS
+
+           How to Apply These Terms to Your New Libraries
+
+  If you develop a new library, and you want it to be of the greatest
+possible use to the public, we recommend making it free software that
+everyone can redistribute and change.  You can do so by permitting
+redistribution under these terms (or, alternatively, under the terms of the
+ordinary General Public License).
+
+  To apply these terms, attach the following notices to the library.  It is
+safest to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least the
+"copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the library's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This library is free software; you can redistribute it and/or
+    modify it under the terms of the GNU Lesser General Public
+    License as published by the Free Software Foundation; either
+    version 2.1 of the License, or (at your option) any later version.
+
+    This library is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+    Lesser General Public License for more details.
+
+    You should have received a copy of the GNU Lesser General Public
+    License along with this library; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+
+Also add information on how to contact you by electronic and paper mail.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the library, if
+necessary.  Here is a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the
+  library `Frob' (a library for tweaking knobs) written by James Random Hacker.
+
+  <signature of Ty Coon>, 1 April 1990
+  Ty Coon, President of Vice
+
+That's all there is to it!
+
+    vim: et sw=4 sts=4

lib/classes/htmlpurifier/VERSION

@@ -0,0 +1 @@
+4.2.0

lib/classes/htmlpurifier/library/HTMLPurifier.auto.php

@@ -0,0 +1,11 @@
+<?php
+
+/**
+ * This is a stub include that automatically configures the include path.
+ */
+
+set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path() );
+require_once 'HTMLPurifier/Bootstrap.php';
+require_once 'HTMLPurifier.autoload.php';
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier.autoload.php

@@ -0,0 +1,21 @@
+<?php
+
+/**
+ * @file
+ * Convenience file that registers autoload handler for HTML Purifier.
+ */
+
+if (function_exists('spl_autoload_register') && function_exists('spl_autoload_unregister')) {
+    // We need unregister for our pre-registering functionality
+    HTMLPurifier_Bootstrap::registerAutoload();
+    if (function_exists('__autoload')) {
+        // Be polite and ensure that userland autoload gets retained
+        spl_autoload_register('__autoload');
+    }
+} elseif (!function_exists('__autoload')) {
+    function __autoload($class) {
+        return HTMLPurifier_Bootstrap::autoload($class);
+    }
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier.func.php

@@ -0,0 +1,23 @@
+<?php
+
+/**
+ * @file
+ * Defines a function wrapper for HTML Purifier for quick use.
+ * @note ''HTMLPurifier()'' is NOT the same as ''new HTMLPurifier()''
+ */
+
+/**
+ * Purify HTML.
+ * @param $html String HTML to purify
+ * @param $config Configuration to use, can be any value accepted by
+ *        HTMLPurifier_Config::create()
+ */
+function HTMLPurifier($html, $config = null) {
+    static $purifier = false;
+    if (!$purifier) {
+        $purifier = new HTMLPurifier();
+    }
+    return $purifier->purify($html, $config);
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier.includes.php

@@ -0,0 +1,212 @@
+<?php
+
+/**
+ * @file
+ * This file was auto-generated by generate-includes.php and includes all of
+ * the core files required by HTML Purifier. Use this if performance is a
+ * primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
+ * FILE, changes will be overwritten the next time the script is run.
+ *
+ * @version 4.2.0
+ *
+ * @warning
+ *      You must *not* include any other HTML Purifier files before this file,
+ *      because 'require' not 'require_once' is used.
+ *
+ * @warning
+ *      This file requires that the include path contains the HTML Purifier
+ *      library directory; this is not auto-set.
+ */
+
+require 'HTMLPurifier.php';
+require 'HTMLPurifier/AttrCollections.php';
+require 'HTMLPurifier/AttrDef.php';
+require 'HTMLPurifier/AttrTransform.php';
+require 'HTMLPurifier/AttrTypes.php';
+require 'HTMLPurifier/AttrValidator.php';
+require 'HTMLPurifier/Bootstrap.php';
+require 'HTMLPurifier/Definition.php';
+require 'HTMLPurifier/CSSDefinition.php';
+require 'HTMLPurifier/ChildDef.php';
+require 'HTMLPurifier/Config.php';
+require 'HTMLPurifier/ConfigSchema.php';
+require 'HTMLPurifier/ContentSets.php';
+require 'HTMLPurifier/Context.php';
+require 'HTMLPurifier/DefinitionCache.php';
+require 'HTMLPurifier/DefinitionCacheFactory.php';
+require 'HTMLPurifier/Doctype.php';
+require 'HTMLPurifier/DoctypeRegistry.php';
+require 'HTMLPurifier/ElementDef.php';
+require 'HTMLPurifier/Encoder.php';
+require 'HTMLPurifier/EntityLookup.php';
+require 'HTMLPurifier/EntityParser.php';
+require 'HTMLPurifier/ErrorCollector.php';
+require 'HTMLPurifier/ErrorStruct.php';
+require 'HTMLPurifier/Exception.php';
+require 'HTMLPurifier/Filter.php';
+require 'HTMLPurifier/Generator.php';
+require 'HTMLPurifier/HTMLDefinition.php';
+require 'HTMLPurifier/HTMLModule.php';
+require 'HTMLPurifier/HTMLModuleManager.php';
+require 'HTMLPurifier/IDAccumulator.php';
+require 'HTMLPurifier/Injector.php';
+require 'HTMLPurifier/Language.php';
+require 'HTMLPurifier/LanguageFactory.php';
+require 'HTMLPurifier/Length.php';
+require 'HTMLPurifier/Lexer.php';
+require 'HTMLPurifier/PercentEncoder.php';
+require 'HTMLPurifier/PropertyList.php';
+require 'HTMLPurifier/PropertyListIterator.php';
+require 'HTMLPurifier/Strategy.php';
+require 'HTMLPurifier/StringHash.php';
+require 'HTMLPurifier/StringHashParser.php';
+require 'HTMLPurifier/TagTransform.php';
+require 'HTMLPurifier/Token.php';
+require 'HTMLPurifier/TokenFactory.php';
+require 'HTMLPurifier/URI.php';
+require 'HTMLPurifier/URIDefinition.php';
+require 'HTMLPurifier/URIFilter.php';
+require 'HTMLPurifier/URIParser.php';
+require 'HTMLPurifier/URIScheme.php';
+require 'HTMLPurifier/URISchemeRegistry.php';
+require 'HTMLPurifier/UnitConverter.php';
+require 'HTMLPurifier/VarParser.php';
+require 'HTMLPurifier/VarParserException.php';
+require 'HTMLPurifier/AttrDef/CSS.php';
+require 'HTMLPurifier/AttrDef/Enum.php';
+require 'HTMLPurifier/AttrDef/Integer.php';
+require 'HTMLPurifier/AttrDef/Lang.php';
+require 'HTMLPurifier/AttrDef/Switch.php';
+require 'HTMLPurifier/AttrDef/Text.php';
+require 'HTMLPurifier/AttrDef/URI.php';
+require 'HTMLPurifier/AttrDef/CSS/Number.php';
+require 'HTMLPurifier/AttrDef/CSS/AlphaValue.php';
+require 'HTMLPurifier/AttrDef/CSS/Background.php';
+require 'HTMLPurifier/AttrDef/CSS/BackgroundPosition.php';
+require 'HTMLPurifier/AttrDef/CSS/Border.php';
+require 'HTMLPurifier/AttrDef/CSS/Color.php';
+require 'HTMLPurifier/AttrDef/CSS/Composite.php';
+require 'HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php';
+require 'HTMLPurifier/AttrDef/CSS/Filter.php';
+require 'HTMLPurifier/AttrDef/CSS/Font.php';
+require 'HTMLPurifier/AttrDef/CSS/FontFamily.php';
+require 'HTMLPurifier/AttrDef/CSS/ImportantDecorator.php';
+require 'HTMLPurifier/AttrDef/CSS/Length.php';
+require 'HTMLPurifier/AttrDef/CSS/ListStyle.php';
+require 'HTMLPurifier/AttrDef/CSS/Multiple.php';
+require 'HTMLPurifier/AttrDef/CSS/Percentage.php';
+require 'HTMLPurifier/AttrDef/CSS/TextDecoration.php';
+require 'HTMLPurifier/AttrDef/CSS/URI.php';
+require 'HTMLPurifier/AttrDef/HTML/Bool.php';
+require 'HTMLPurifier/AttrDef/HTML/Nmtokens.php';
+require 'HTMLPurifier/AttrDef/HTML/Class.php';
+require 'HTMLPurifier/AttrDef/HTML/Color.php';
+require 'HTMLPurifier/AttrDef/HTML/FrameTarget.php';
+require 'HTMLPurifier/AttrDef/HTML/ID.php';
+require 'HTMLPurifier/AttrDef/HTML/Pixels.php';
+require 'HTMLPurifier/AttrDef/HTML/Length.php';
+require 'HTMLPurifier/AttrDef/HTML/LinkTypes.php';
+require 'HTMLPurifier/AttrDef/HTML/MultiLength.php';
+require 'HTMLPurifier/AttrDef/URI/Email.php';
+require 'HTMLPurifier/AttrDef/URI/Host.php';
+require 'HTMLPurifier/AttrDef/URI/IPv4.php';
+require 'HTMLPurifier/AttrDef/URI/IPv6.php';
+require 'HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php';
+require 'HTMLPurifier/AttrTransform/Background.php';
+require 'HTMLPurifier/AttrTransform/BdoDir.php';
+require 'HTMLPurifier/AttrTransform/BgColor.php';
+require 'HTMLPurifier/AttrTransform/BoolToCSS.php';
+require 'HTMLPurifier/AttrTransform/Border.php';
+require 'HTMLPurifier/AttrTransform/EnumToCSS.php';
+require 'HTMLPurifier/AttrTransform/ImgRequired.php';
+require 'HTMLPurifier/AttrTransform/ImgSpace.php';
+require 'HTMLPurifier/AttrTransform/Input.php';
+require 'HTMLPurifier/AttrTransform/Lang.php';
+require 'HTMLPurifier/AttrTransform/Length.php';
+require 'HTMLPurifier/AttrTransform/Name.php';
+require 'HTMLPurifier/AttrTransform/NameSync.php';
+require 'HTMLPurifier/AttrTransform/SafeEmbed.php';
+require 'HTMLPurifier/AttrTransform/SafeObject.php';
+require 'HTMLPurifier/AttrTransform/SafeParam.php';
+require 'HTMLPurifier/AttrTransform/ScriptRequired.php';
+require 'HTMLPurifier/AttrTransform/Textarea.php';
+require 'HTMLPurifier/ChildDef/Chameleon.php';
+require 'HTMLPurifier/ChildDef/Custom.php';
+require 'HTMLPurifier/ChildDef/Empty.php';
+require 'HTMLPurifier/ChildDef/Required.php';
+require 'HTMLPurifier/ChildDef/Optional.php';
+require 'HTMLPurifier/ChildDef/StrictBlockquote.php';
+require 'HTMLPurifier/ChildDef/Table.php';
+require 'HTMLPurifier/DefinitionCache/Decorator.php';
+require 'HTMLPurifier/DefinitionCache/Null.php';
+require 'HTMLPurifier/DefinitionCache/Serializer.php';
+require 'HTMLPurifier/DefinitionCache/Decorator/Cleanup.php';
+require 'HTMLPurifier/DefinitionCache/Decorator/Memory.php';
+require 'HTMLPurifier/HTMLModule/Bdo.php';
+require 'HTMLPurifier/HTMLModule/CommonAttributes.php';
+require 'HTMLPurifier/HTMLModule/Edit.php';
+require 'HTMLPurifier/HTMLModule/Forms.php';
+require 'HTMLPurifier/HTMLModule/Hypertext.php';
+require 'HTMLPurifier/HTMLModule/Image.php';
+require 'HTMLPurifier/HTMLModule/Legacy.php';
+require 'HTMLPurifier/HTMLModule/List.php';
+require 'HTMLPurifier/HTMLModule/Name.php';
+require 'HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php';
+require 'HTMLPurifier/HTMLModule/Object.php';
+require 'HTMLPurifier/HTMLModule/Presentation.php';
+require 'HTMLPurifier/HTMLModule/Proprietary.php';
+require 'HTMLPurifier/HTMLModule/Ruby.php';
+require 'HTMLPurifier/HTMLModule/SafeEmbed.php';
+require 'HTMLPurifier/HTMLModule/SafeObject.php';
+require 'HTMLPurifier/HTMLModule/Scripting.php';
+require 'HTMLPurifier/HTMLModule/StyleAttribute.php';
+require 'HTMLPurifier/HTMLModule/Tables.php';
+require 'HTMLPurifier/HTMLModule/Target.php';
+require 'HTMLPurifier/HTMLModule/Text.php';
+require 'HTMLPurifier/HTMLModule/Tidy.php';
+require 'HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
+require 'HTMLPurifier/HTMLModule/Tidy/Name.php';
+require 'HTMLPurifier/HTMLModule/Tidy/Proprietary.php';
+require 'HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php';
+require 'HTMLPurifier/HTMLModule/Tidy/Strict.php';
+require 'HTMLPurifier/HTMLModule/Tidy/Transitional.php';
+require 'HTMLPurifier/HTMLModule/Tidy/XHTML.php';
+require 'HTMLPurifier/Injector/AutoParagraph.php';
+require 'HTMLPurifier/Injector/DisplayLinkURI.php';
+require 'HTMLPurifier/Injector/Linkify.php';
+require 'HTMLPurifier/Injector/PurifierLinkify.php';
+require 'HTMLPurifier/Injector/RemoveEmpty.php';
+require 'HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php';
+require 'HTMLPurifier/Injector/SafeObject.php';
+require 'HTMLPurifier/Lexer/DOMLex.php';
+require 'HTMLPurifier/Lexer/DirectLex.php';
+require 'HTMLPurifier/Strategy/Composite.php';
+require 'HTMLPurifier/Strategy/Core.php';
+require 'HTMLPurifier/Strategy/FixNesting.php';
+require 'HTMLPurifier/Strategy/MakeWellFormed.php';
+require 'HTMLPurifier/Strategy/RemoveForeignElements.php';
+require 'HTMLPurifier/Strategy/ValidateAttributes.php';
+require 'HTMLPurifier/TagTransform/Font.php';
+require 'HTMLPurifier/TagTransform/Simple.php';
+require 'HTMLPurifier/Token/Comment.php';
+require 'HTMLPurifier/Token/Tag.php';
+require 'HTMLPurifier/Token/Empty.php';
+require 'HTMLPurifier/Token/End.php';
+require 'HTMLPurifier/Token/Start.php';
+require 'HTMLPurifier/Token/Text.php';
+require 'HTMLPurifier/URIFilter/DisableExternal.php';
+require 'HTMLPurifier/URIFilter/DisableExternalResources.php';
+require 'HTMLPurifier/URIFilter/DisableResources.php';
+require 'HTMLPurifier/URIFilter/HostBlacklist.php';
+require 'HTMLPurifier/URIFilter/MakeAbsolute.php';
+require 'HTMLPurifier/URIFilter/Munge.php';
+require 'HTMLPurifier/URIScheme/data.php';
+require 'HTMLPurifier/URIScheme/file.php';
+require 'HTMLPurifier/URIScheme/ftp.php';
+require 'HTMLPurifier/URIScheme/http.php';
+require 'HTMLPurifier/URIScheme/https.php';
+require 'HTMLPurifier/URIScheme/mailto.php';
+require 'HTMLPurifier/URIScheme/news.php';
+require 'HTMLPurifier/URIScheme/nntp.php';
+require 'HTMLPurifier/VarParser/Flexible.php';
+require 'HTMLPurifier/VarParser/Native.php';

lib/classes/htmlpurifier/library/HTMLPurifier.kses.php

@@ -0,0 +1,30 @@
+<?php
+
+/**
+ * @file
+ * Emulation layer for code that used kses(), substituting in HTML Purifier.
+ */
+
+require_once dirname(__FILE__) . '/HTMLPurifier.auto.php';
+
+function kses($string, $allowed_html, $allowed_protocols = null) {
+    $config = HTMLPurifier_Config::createDefault();
+    $allowed_elements = array();
+    $allowed_attributes = array();
+    foreach ($allowed_html as $element => $attributes) {
+        $allowed_elements[$element] = true;
+        foreach ($attributes as $attribute => $x) {
+            $allowed_attributes["$element.$attribute"] = true;
+        }
+    }
+    $config->set('HTML.AllowedElements', $allowed_elements);
+    $config->set('HTML.AllowedAttributes', $allowed_attributes);
+    $allowed_schemes = array();
+    if ($allowed_protocols !== null) {
+        $config->set('URI.AllowedSchemes', $allowed_protocols);
+    }
+    $purifier = new HTMLPurifier($config);
+    return $purifier->purify($string);
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier.path.php

@@ -0,0 +1,11 @@
+<?php
+
+/**
+ * @file
+ * Convenience stub file that adds HTML Purifier's library file to the path
+ * without any other side-effects.
+ */
+
+set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path() );
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier.php

@@ -0,0 +1,237 @@
+<?php
+
+/*! @mainpage
+ *
+ * HTML Purifier is an HTML filter that will take an arbitrary snippet of
+ * HTML and rigorously test, validate and filter it into a version that
+ * is safe for output onto webpages. It achieves this by:
+ *
+ *  -# Lexing (parsing into tokens) the document,
+ *  -# Executing various strategies on the tokens:
+ *      -# Removing all elements not in the whitelist,
+ *      -# Making the tokens well-formed,
+ *      -# Fixing the nesting of the nodes, and
+ *      -# Validating attributes of the nodes; and
+ *  -# Generating HTML from the purified tokens.
+ *
+ * However, most users will only need to interface with the HTMLPurifier
+ * and HTMLPurifier_Config.
+ */
+
+/*
+    HTML Purifier 4.2.0 - Standards Compliant HTML Filtering
+    Copyright (C) 2006-2008 Edward Z. Yang
+
+    This library is free software; you can redistribute it and/or
+    modify it under the terms of the GNU Lesser General Public
+    License as published by the Free Software Foundation; either
+    version 2.1 of the License, or (at your option) any later version.
+
+    This library is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+    Lesser General Public License for more details.
+
+    You should have received a copy of the GNU Lesser General Public
+    License along with this library; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+ */
+
+/**
+ * Facade that coordinates HTML Purifier's subsystems in order to purify HTML.
+ *
+ * @note There are several points in which configuration can be specified
+ *       for HTML Purifier.  The precedence of these (from lowest to
+ *       highest) is as follows:
+ *          -# Instance: new HTMLPurifier($config)
+ *          -# Invocation: purify($html, $config)
+ *       These configurations are entirely independent of each other and
+ *       are *not* merged (this behavior may change in the future).
+ *
+ * @todo We need an easier way to inject strategies using the configuration
+ *       object.
+ */
+class HTMLPurifier
+{
+
+    /** Version of HTML Purifier */
+    public $version = '4.2.0';
+
+    /** Constant with version of HTML Purifier */
+    const VERSION = '4.2.0';
+
+    /** Global configuration object */
+    public $config;
+
+    /** Array of extra HTMLPurifier_Filter objects to run on HTML, for backwards compatibility */
+    private $filters = array();
+
+    /** Single instance of HTML Purifier */
+    private static $instance;
+
+    protected $strategy, $generator;
+
+    /**
+     * Resultant HTMLPurifier_Context of last run purification. Is an array
+     * of contexts if the last called method was purifyArray().
+     */
+    public $context;
+
+    /**
+     * Initializes the purifier.
+     * @param $config Optional HTMLPurifier_Config object for all instances of
+     *                the purifier, if omitted, a default configuration is
+     *                supplied (which can be overridden on a per-use basis).
+     *                The parameter can also be any type that
+     *                HTMLPurifier_Config::create() supports.
+     */
+    public function __construct($config = null) {
+
+        $this->config = HTMLPurifier_Config::create($config);
+
+        $this->strategy     = new HTMLPurifier_Strategy_Core();
+
+    }
+
+    /**
+     * Adds a filter to process the output. First come first serve
+     * @param $filter HTMLPurifier_Filter object
+     */
+    public function addFilter($filter) {
+        trigger_error('HTMLPurifier->addFilter() is deprecated, use configuration directives in the Filter namespace or Filter.Custom', E_USER_WARNING);
+        $this->filters[] = $filter;
+    }
+
+    /**
+     * Filters an HTML snippet/document to be XSS-free and standards-compliant.
+     *
+     * @param $html String of HTML to purify
+     * @param $config HTMLPurifier_Config object for this operation, if omitted,
+     *                defaults to the config object specified during this
+     *                object's construction. The parameter can also be any type
+     *                that HTMLPurifier_Config::create() supports.
+     * @return Purified HTML
+     */
+    public function purify($html, $config = null) {
+
+        // :TODO: make the config merge in, instead of replace
+        $config = $config ? HTMLPurifier_Config::create($config) : $this->config;
+
+        // implementation is partially environment dependant, partially
+        // configuration dependant
+        $lexer = HTMLPurifier_Lexer::create($config);
+
+        $context = new HTMLPurifier_Context();
+
+        // setup HTML generator
+        $this->generator = new HTMLPurifier_Generator($config, $context);
+        $context->register('Generator', $this->generator);
+
+        // set up global context variables
+        if ($config->get('Core.CollectErrors')) {
+            // may get moved out if other facilities use it
+            $language_factory = HTMLPurifier_LanguageFactory::instance();
+            $language = $language_factory->create($config, $context);
+            $context->register('Locale', $language);
+
+            $error_collector = new HTMLPurifier_ErrorCollector($context);
+            $context->register('ErrorCollector', $error_collector);
+        }
+
+        // setup id_accumulator context, necessary due to the fact that
+        // AttrValidator can be called from many places
+        $id_accumulator = HTMLPurifier_IDAccumulator::build($config, $context);
+        $context->register('IDAccumulator', $id_accumulator);
+
+        $html = HTMLPurifier_Encoder::convertToUTF8($html, $config, $context);
+
+        // setup filters
+        $filter_flags = $config->getBatch('Filter');
+        $custom_filters = $filter_flags['Custom'];
+        unset($filter_flags['Custom']);
+        $filters = array();
+        foreach ($filter_flags as $filter => $flag) {
+            if (!$flag) continue;
+            if (strpos($filter, '.') !== false) continue;
+            $class = "HTMLPurifier_Filter_$filter";
+            $filters[] = new $class;
+        }
+        foreach ($custom_filters as $filter) {
+            // maybe "HTMLPurifier_Filter_$filter", but be consistent with AutoFormat
+            $filters[] = $filter;
+        }
+        $filters = array_merge($filters, $this->filters);
+        // maybe prepare(), but later
+
+        for ($i = 0, $filter_size = count($filters); $i < $filter_size; $i++) {
+            $html = $filters[$i]->preFilter($html, $config, $context);
+        }
+
+        // purified HTML
+        $html =
+            $this->generator->generateFromTokens(
+                // list of tokens
+                $this->strategy->execute(
+                    // list of un-purified tokens
+                    $lexer->tokenizeHTML(
+                        // un-purified HTML
+                        $html, $config, $context
+                    ),
+                    $config, $context
+                )
+            );
+
+        for ($i = $filter_size - 1; $i >= 0; $i--) {
+            $html = $filters[$i]->postFilter($html, $config, $context);
+        }
+
+        $html = HTMLPurifier_Encoder::convertFromUTF8($html, $config, $context);
+        $this->context =& $context;
+        return $html;
+    }
+
+    /**
+     * Filters an array of HTML snippets
+     * @param $config Optional HTMLPurifier_Config object for this operation.
+     *                See HTMLPurifier::purify() for more details.
+     * @return Array of purified HTML
+     */
+    public function purifyArray($array_of_html, $config = null) {
+        $context_array = array();
+        foreach ($array_of_html as $key => $html) {
+            $array_of_html[$key] = $this->purify($html, $config);
+            $context_array[$key] = $this->context;
+        }
+        $this->context = $context_array;
+        return $array_of_html;
+    }
+
+    /**
+     * Singleton for enforcing just one HTML Purifier in your system
+     * @param $prototype Optional prototype HTMLPurifier instance to
+     *                   overload singleton with, or HTMLPurifier_Config
+     *                   instance to configure the generated version with.
+     */
+    public static function instance($prototype = null) {
+        if (!self::$instance || $prototype) {
+            if ($prototype instanceof HTMLPurifier) {
+                self::$instance = $prototype;
+            } elseif ($prototype) {
+                self::$instance = new HTMLPurifier($prototype);
+            } else {
+                self::$instance = new HTMLPurifier();
+            }
+        }
+        return self::$instance;
+    }
+
+    /**
+     * @note Backwards compatibility, see instance()
+     */
+    public static function getInstance($prototype = null) {
+        return HTMLPurifier::instance($prototype);
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier.safe-includes.php

@@ -0,0 +1,206 @@
+<?php
+
+/**
+ * @file
+ * This file was auto-generated by generate-includes.php and includes all of
+ * the core files required by HTML Purifier. This is a convenience stub that
+ * includes all files using dirname(__FILE__) and require_once. PLEASE DO NOT
+ * EDIT THIS FILE, changes will be overwritten the next time the script is run.
+ *
+ * Changes to include_path are not necessary.
+ */
+
+$__dir = dirname(__FILE__);
+
+require_once $__dir . '/HTMLPurifier.php';
+require_once $__dir . '/HTMLPurifier/AttrCollections.php';
+require_once $__dir . '/HTMLPurifier/AttrDef.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform.php';
+require_once $__dir . '/HTMLPurifier/AttrTypes.php';
+require_once $__dir . '/HTMLPurifier/AttrValidator.php';
+require_once $__dir . '/HTMLPurifier/Bootstrap.php';
+require_once $__dir . '/HTMLPurifier/Definition.php';
+require_once $__dir . '/HTMLPurifier/CSSDefinition.php';
+require_once $__dir . '/HTMLPurifier/ChildDef.php';
+require_once $__dir . '/HTMLPurifier/Config.php';
+require_once $__dir . '/HTMLPurifier/ConfigSchema.php';
+require_once $__dir . '/HTMLPurifier/ContentSets.php';
+require_once $__dir . '/HTMLPurifier/Context.php';
+require_once $__dir . '/HTMLPurifier/DefinitionCache.php';
+require_once $__dir . '/HTMLPurifier/DefinitionCacheFactory.php';
+require_once $__dir . '/HTMLPurifier/Doctype.php';
+require_once $__dir . '/HTMLPurifier/DoctypeRegistry.php';
+require_once $__dir . '/HTMLPurifier/ElementDef.php';
+require_once $__dir . '/HTMLPurifier/Encoder.php';
+require_once $__dir . '/HTMLPurifier/EntityLookup.php';
+require_once $__dir . '/HTMLPurifier/EntityParser.php';
+require_once $__dir . '/HTMLPurifier/ErrorCollector.php';
+require_once $__dir . '/HTMLPurifier/ErrorStruct.php';
+require_once $__dir . '/HTMLPurifier/Exception.php';
+require_once $__dir . '/HTMLPurifier/Filter.php';
+require_once $__dir . '/HTMLPurifier/Generator.php';
+require_once $__dir . '/HTMLPurifier/HTMLDefinition.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule.php';
+require_once $__dir . '/HTMLPurifier/HTMLModuleManager.php';
+require_once $__dir . '/HTMLPurifier/IDAccumulator.php';
+require_once $__dir . '/HTMLPurifier/Injector.php';
+require_once $__dir . '/HTMLPurifier/Language.php';
+require_once $__dir . '/HTMLPurifier/LanguageFactory.php';
+require_once $__dir . '/HTMLPurifier/Length.php';
+require_once $__dir . '/HTMLPurifier/Lexer.php';
+require_once $__dir . '/HTMLPurifier/PercentEncoder.php';
+require_once $__dir . '/HTMLPurifier/PropertyList.php';
+require_once $__dir . '/HTMLPurifier/PropertyListIterator.php';
+require_once $__dir . '/HTMLPurifier/Strategy.php';
+require_once $__dir . '/HTMLPurifier/StringHash.php';
+require_once $__dir . '/HTMLPurifier/StringHashParser.php';
+require_once $__dir . '/HTMLPurifier/TagTransform.php';
+require_once $__dir . '/HTMLPurifier/Token.php';
+require_once $__dir . '/HTMLPurifier/TokenFactory.php';
+require_once $__dir . '/HTMLPurifier/URI.php';
+require_once $__dir . '/HTMLPurifier/URIDefinition.php';
+require_once $__dir . '/HTMLPurifier/URIFilter.php';
+require_once $__dir . '/HTMLPurifier/URIParser.php';
+require_once $__dir . '/HTMLPurifier/URIScheme.php';
+require_once $__dir . '/HTMLPurifier/URISchemeRegistry.php';
+require_once $__dir . '/HTMLPurifier/UnitConverter.php';
+require_once $__dir . '/HTMLPurifier/VarParser.php';
+require_once $__dir . '/HTMLPurifier/VarParserException.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/Enum.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/Integer.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/Lang.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/Switch.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/Text.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/URI.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Number.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/AlphaValue.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Background.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Border.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Color.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Composite.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Filter.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Font.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/FontFamily.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Length.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ListStyle.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Multiple.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Percentage.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/TextDecoration.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/URI.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Bool.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Nmtokens.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Class.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Color.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/FrameTarget.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/ID.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Pixels.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Length.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/LinkTypes.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/MultiLength.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/URI/Host.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv4.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv6.php';
+require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/Background.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/BdoDir.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/BgColor.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/BoolToCSS.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/Border.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/EnumToCSS.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/ImgRequired.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/ImgSpace.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/Input.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/Lang.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/Length.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/Name.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/NameSync.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/SafeEmbed.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/SafeObject.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/SafeParam.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/ScriptRequired.php';
+require_once $__dir . '/HTMLPurifier/AttrTransform/Textarea.php';
+require_once $__dir . '/HTMLPurifier/ChildDef/Chameleon.php';
+require_once $__dir . '/HTMLPurifier/ChildDef/Custom.php';
+require_once $__dir . '/HTMLPurifier/ChildDef/Empty.php';
+require_once $__dir . '/HTMLPurifier/ChildDef/Required.php';
+require_once $__dir . '/HTMLPurifier/ChildDef/Optional.php';
+require_once $__dir . '/HTMLPurifier/ChildDef/StrictBlockquote.php';
+require_once $__dir . '/HTMLPurifier/ChildDef/Table.php';
+require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator.php';
+require_once $__dir . '/HTMLPurifier/DefinitionCache/Null.php';
+require_once $__dir . '/HTMLPurifier/DefinitionCache/Serializer.php';
+require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php';
+require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Memory.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Bdo.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/CommonAttributes.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Edit.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Forms.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Hypertext.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Image.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Legacy.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/List.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Name.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Object.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Presentation.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Proprietary.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Ruby.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/SafeEmbed.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/SafeObject.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Scripting.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/StyleAttribute.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tables.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Target.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Text.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Name.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Proprietary.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Strict.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Transitional.php';
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTML.php';
+require_once $__dir . '/HTMLPurifier/Injector/AutoParagraph.php';
+require_once $__dir . '/HTMLPurifier/Injector/DisplayLinkURI.php';
+require_once $__dir . '/HTMLPurifier/Injector/Linkify.php';
+require_once $__dir . '/HTMLPurifier/Injector/PurifierLinkify.php';
+require_once $__dir . '/HTMLPurifier/Injector/RemoveEmpty.php';
+require_once $__dir . '/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php';
+require_once $__dir . '/HTMLPurifier/Injector/SafeObject.php';
+require_once $__dir . '/HTMLPurifier/Lexer/DOMLex.php';
+require_once $__dir . '/HTMLPurifier/Lexer/DirectLex.php';
+require_once $__dir . '/HTMLPurifier/Strategy/Composite.php';
+require_once $__dir . '/HTMLPurifier/Strategy/Core.php';
+require_once $__dir . '/HTMLPurifier/Strategy/FixNesting.php';
+require_once $__dir . '/HTMLPurifier/Strategy/MakeWellFormed.php';
+require_once $__dir . '/HTMLPurifier/Strategy/RemoveForeignElements.php';
+require_once $__dir . '/HTMLPurifier/Strategy/ValidateAttributes.php';
+require_once $__dir . '/HTMLPurifier/TagTransform/Font.php';
+require_once $__dir . '/HTMLPurifier/TagTransform/Simple.php';
+require_once $__dir . '/HTMLPurifier/Token/Comment.php';
+require_once $__dir . '/HTMLPurifier/Token/Tag.php';
+require_once $__dir . '/HTMLPurifier/Token/Empty.php';
+require_once $__dir . '/HTMLPurifier/Token/End.php';
+require_once $__dir . '/HTMLPurifier/Token/Start.php';
+require_once $__dir . '/HTMLPurifier/Token/Text.php';
+require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternal.php';
+require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternalResources.php';
+require_once $__dir . '/HTMLPurifier/URIFilter/DisableResources.php';
+require_once $__dir . '/HTMLPurifier/URIFilter/HostBlacklist.php';
+require_once $__dir . '/HTMLPurifier/URIFilter/MakeAbsolute.php';
+require_once $__dir . '/HTMLPurifier/URIFilter/Munge.php';
+require_once $__dir . '/HTMLPurifier/URIScheme/data.php';
+require_once $__dir . '/HTMLPurifier/URIScheme/file.php';
+require_once $__dir . '/HTMLPurifier/URIScheme/ftp.php';
+require_once $__dir . '/HTMLPurifier/URIScheme/http.php';
+require_once $__dir . '/HTMLPurifier/URIScheme/https.php';
+require_once $__dir . '/HTMLPurifier/URIScheme/mailto.php';
+require_once $__dir . '/HTMLPurifier/URIScheme/news.php';
+require_once $__dir . '/HTMLPurifier/URIScheme/nntp.php';
+require_once $__dir . '/HTMLPurifier/VarParser/Flexible.php';
+require_once $__dir . '/HTMLPurifier/VarParser/Native.php';

lib/classes/htmlpurifier/library/HTMLPurifier/AttrCollections.php

@@ -0,0 +1,128 @@
+<?php
+
+/**
+ * Defines common attribute collections that modules reference
+ */
+
+class HTMLPurifier_AttrCollections
+{
+
+    /**
+     * Associative array of attribute collections, indexed by name
+     */
+    public $info = array();
+
+    /**
+     * Performs all expansions on internal data for use by other inclusions
+     * It also collects all attribute collection extensions from
+     * modules
+     * @param $attr_types HTMLPurifier_AttrTypes instance
+     * @param $modules Hash array of HTMLPurifier_HTMLModule members
+     */
+    public function __construct($attr_types, $modules) {
+        // load extensions from the modules
+        foreach ($modules as $module) {
+            foreach ($module->attr_collections as $coll_i => $coll) {
+                if (!isset($this->info[$coll_i])) {
+                    $this->info[$coll_i] = array();
+                }
+                foreach ($coll as $attr_i => $attr) {
+                    if ($attr_i === 0 && isset($this->info[$coll_i][$attr_i])) {
+                        // merge in includes
+                        $this->info[$coll_i][$attr_i] = array_merge(
+                            $this->info[$coll_i][$attr_i], $attr);
+                        continue;
+                    }
+                    $this->info[$coll_i][$attr_i] = $attr;
+                }
+            }
+        }
+        // perform internal expansions and inclusions
+        foreach ($this->info as $name => $attr) {
+            // merge attribute collections that include others
+            $this->performInclusions($this->info[$name]);
+            // replace string identifiers with actual attribute objects
+            $this->expandIdentifiers($this->info[$name], $attr_types);
+        }
+    }
+
+    /**
+     * Takes a reference to an attribute associative array and performs
+     * all inclusions specified by the zero index.
+     * @param &$attr Reference to attribute array
+     */
+    public function performInclusions(&$attr) {
+        if (!isset($attr[0])) return;
+        $merge = $attr[0];
+        $seen  = array(); // recursion guard
+        // loop through all the inclusions
+        for ($i = 0; isset($merge[$i]); $i++) {
+            if (isset($seen[$merge[$i]])) continue;
+            $seen[$merge[$i]] = true;
+            // foreach attribute of the inclusion, copy it over
+            if (!isset($this->info[$merge[$i]])) continue;
+            foreach ($this->info[$merge[$i]] as $key => $value) {
+                if (isset($attr[$key])) continue; // also catches more inclusions
+                $attr[$key] = $value;
+            }
+            if (isset($this->info[$merge[$i]][0])) {
+                // recursion
+                $merge = array_merge($merge, $this->info[$merge[$i]][0]);
+            }
+        }
+        unset($attr[0]);
+    }
+
+    /**
+     * Expands all string identifiers in an attribute array by replacing
+     * them with the appropriate values inside HTMLPurifier_AttrTypes
+     * @param &$attr Reference to attribute array
+     * @param $attr_types HTMLPurifier_AttrTypes instance
+     */
+    public function expandIdentifiers(&$attr, $attr_types) {
+
+        // because foreach will process new elements we add, make sure we
+        // skip duplicates
+        $processed = array();
+
+        foreach ($attr as $def_i => $def) {
+            // skip inclusions
+            if ($def_i === 0) continue;
+
+            if (isset($processed[$def_i])) continue;
+
+            // determine whether or not attribute is required
+            if ($required = (strpos($def_i, '*') !== false)) {
+                // rename the definition
+                unset($attr[$def_i]);
+                $def_i = trim($def_i, '*');
+                $attr[$def_i] = $def;
+            }
+
+            $processed[$def_i] = true;
+
+            // if we've already got a literal object, move on
+            if (is_object($def)) {
+                // preserve previous required
+                $attr[$def_i]->required = ($required || $attr[$def_i]->required);
+                continue;
+            }
+
+            if ($def === false) {
+                unset($attr[$def_i]);
+                continue;
+            }
+
+            if ($t = $attr_types->get($def)) {
+                $attr[$def_i] = $t;
+                $attr[$def_i]->required = $required;
+            } else {
+                unset($attr[$def_i]);
+            }
+        }
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef.php

@@ -0,0 +1,123 @@
+<?php
+
+/**
+ * Base class for all validating attribute definitions.
+ *
+ * This family of classes forms the core for not only HTML attribute validation,
+ * but also any sort of string that needs to be validated or cleaned (which
+ * means CSS properties and composite definitions are defined here too).
+ * Besides defining (through code) what precisely makes the string valid,
+ * subclasses are also responsible for cleaning the code if possible.
+ */
+
+abstract class HTMLPurifier_AttrDef
+{
+
+    /**
+     * Tells us whether or not an HTML attribute is minimized. Has no
+     * meaning in other contexts.
+     */
+    public $minimized = false;
+
+    /**
+     * Tells us whether or not an HTML attribute is required. Has no
+     * meaning in other contexts
+     */
+    public $required = false;
+
+    /**
+     * Validates and cleans passed string according to a definition.
+     *
+     * @param $string String to be validated and cleaned.
+     * @param $config Mandatory HTMLPurifier_Config object.
+     * @param $context Mandatory HTMLPurifier_AttrContext object.
+     */
+    abstract public function validate($string, $config, $context);
+
+    /**
+     * Convenience method that parses a string as if it were CDATA.
+     *
+     * This method process a string in the manner specified at
+     * <http://www.w3.org/TR/html4/types.html#h-6.2> by removing
+     * leading and trailing whitespace, ignoring line feeds, and replacing
+     * carriage returns and tabs with spaces.  While most useful for HTML
+     * attributes specified as CDATA, it can also be applied to most CSS
+     * values.
+     *
+     * @note This method is not entirely standards compliant, as trim() removes
+     *       more types of whitespace than specified in the spec. In practice,
+     *       this is rarely a problem, as those extra characters usually have
+     *       already been removed by HTMLPurifier_Encoder.
+     *
+     * @warning This processing is inconsistent with XML's whitespace handling
+     *          as specified by section 3.3.3 and referenced XHTML 1.0 section
+     *          4.7.  However, note that we are NOT necessarily
+     *          parsing XML, thus, this behavior may still be correct. We
+     *          assume that newlines have been normalized.
+     */
+    public function parseCDATA($string) {
+        $string = trim($string);
+        $string = str_replace(array("\n", "\t", "\r"), ' ', $string);
+        return $string;
+    }
+
+    /**
+     * Factory method for creating this class from a string.
+     * @param $string String construction info
+     * @return Created AttrDef object corresponding to $string
+     */
+    public function make($string) {
+        // default implementation, return a flyweight of this object.
+        // If $string has an effect on the returned object (i.e. you
+        // need to overload this method), it is best
+        // to clone or instantiate new copies. (Instantiation is safer.)
+        return $this;
+    }
+
+    /**
+     * Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work
+     * properly. THIS IS A HACK!
+     */
+    protected function mungeRgb($string) {
+        return preg_replace('/rgb\((\d+)\s*,\s*(\d+)\s*,\s*(\d+)\)/', 'rgb(\1,\2,\3)', $string);
+    }
+
+    /**
+     * Parses a possibly escaped CSS string and returns the "pure" 
+     * version of it.
+     */
+    protected function expandCSSEscape($string) {
+        // flexibly parse it
+        $ret = '';
+        for ($i = 0, $c = strlen($string); $i < $c; $i++) {
+            if ($string[$i] === '\\') {
+                $i++;
+                if ($i >= $c) {
+                    $ret .= '\\';
+                    break;
+                }
+                if (ctype_xdigit($string[$i])) {
+                    $code = $string[$i];
+                    for ($a = 1, $i++; $i < $c && $a < 6; $i++, $a++) {
+                        if (!ctype_xdigit($string[$i])) break;
+                        $code .= $string[$i];
+                    }
+                    // We have to be extremely careful when adding
+                    // new characters, to make sure we're not breaking
+                    // the encoding.
+                    $char = HTMLPurifier_Encoder::unichr(hexdec($code));
+                    if (HTMLPurifier_Encoder::cleanUTF8($char) === '') continue;
+                    $ret .= $char;
+                    if ($i < $c && trim($string[$i]) !== '') $i--;
+                    continue;
+                }
+                if ($string[$i] === "\n") continue;
+            }
+            $ret .= $string[$i];
+        }
+        return $ret;
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS.php

@@ -0,0 +1,87 @@
+<?php
+
+/**
+ * Validates the HTML attribute style, otherwise known as CSS.
+ * @note We don't implement the whole CSS specification, so it might be
+ *       difficult to reuse this component in the context of validating
+ *       actual stylesheet declarations.
+ * @note If we were really serious about validating the CSS, we would
+ *       tokenize the styles and then parse the tokens. Obviously, we
+ *       are not doing that. Doing that could seriously harm performance,
+ *       but would make these components a lot more viable for a CSS
+ *       filtering solution.
+ */
+class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
+{
+
+    public function validate($css, $config, $context) {
+
+        $css = $this->parseCDATA($css);
+
+        $definition = $config->getCSSDefinition();
+
+        // we're going to break the spec and explode by semicolons.
+        // This is because semicolon rarely appears in escaped form
+        // Doing this is generally flaky but fast
+        // IT MIGHT APPEAR IN URIs, see HTMLPurifier_AttrDef_CSSURI
+        // for details
+
+        $declarations = explode(';', $css);
+        $propvalues = array();
+
+        /**
+         * Name of the current CSS property being validated.
+         */
+        $property = false;
+        $context->register('CurrentCSSProperty', $property);
+
+        foreach ($declarations as $declaration) {
+            if (!$declaration) continue;
+            if (!strpos($declaration, ':')) continue;
+            list($property, $value) = explode(':', $declaration, 2);
+            $property = trim($property);
+            $value    = trim($value);
+            $ok = false;
+            do {
+                if (isset($definition->info[$property])) {
+                    $ok = true;
+                    break;
+                }
+                if (ctype_lower($property)) break;
+                $property = strtolower($property);
+                if (isset($definition->info[$property])) {
+                    $ok = true;
+                    break;
+                }
+            } while(0);
+            if (!$ok) continue;
+            // inefficient call, since the validator will do this again
+            if (strtolower(trim($value)) !== 'inherit') {
+                // inherit works for everything (but only on the base property)
+                $result = $definition->info[$property]->validate(
+                    $value, $config, $context );
+            } else {
+                $result = 'inherit';
+            }
+            if ($result === false) continue;
+            $propvalues[$property] = $result;
+        }
+
+        $context->destroy('CurrentCSSProperty');
+
+        // procedure does not write the new CSS simultaneously, so it's
+        // slightly inefficient, but it's the only way of getting rid of
+        // duplicates. Perhaps config to optimize it, but not now.
+
+        $new_declarations = '';
+        foreach ($propvalues as $prop => $value) {
+            $new_declarations .= "$prop:$value;";
+        }
+
+        return $new_declarations ? $new_declarations : false;
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/AlphaValue.php

@@ -0,0 +1,21 @@
+<?php
+
+class HTMLPurifier_AttrDef_CSS_AlphaValue extends HTMLPurifier_AttrDef_CSS_Number
+{
+
+    public function __construct() {
+        parent::__construct(false); // opacity is non-negative, but we will clamp it
+    }
+
+    public function validate($number, $config, $context) {
+        $result = parent::validate($number, $config, $context);
+        if ($result === false) return $result;
+        $float = (float) $result;
+        if ($float < 0.0) $result = '0';
+        if ($float > 1.0) $result = '1';
+        return $result;
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Background.php

@@ -0,0 +1,87 @@
+<?php
+
+/**
+ * Validates shorthand CSS property background.
+ * @warning Does not support url tokens that have internal spaces.
+ */
+class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef
+{
+
+    /**
+     * Local copy of component validators.
+     * @note See HTMLPurifier_AttrDef_Font::$info for a similar impl.
+     */
+    protected $info;
+
+    public function __construct($config) {
+        $def = $config->getCSSDefinition();
+        $this->info['background-color'] = $def->info['background-color'];
+        $this->info['background-image'] = $def->info['background-image'];
+        $this->info['background-repeat'] = $def->info['background-repeat'];
+        $this->info['background-attachment'] = $def->info['background-attachment'];
+        $this->info['background-position'] = $def->info['background-position'];
+    }
+
+    public function validate($string, $config, $context) {
+
+        // regular pre-processing
+        $string = $this->parseCDATA($string);
+        if ($string === '') return false;
+
+        // munge rgb() decl if necessary
+        $string = $this->mungeRgb($string);
+
+        // assumes URI doesn't have spaces in it
+        $bits = explode(' ', strtolower($string)); // bits to process
+
+        $caught = array();
+        $caught['color']    = false;
+        $caught['image']    = false;
+        $caught['repeat']   = false;
+        $caught['attachment'] = false;
+        $caught['position'] = false;
+
+        $i = 0; // number of catches
+        $none = false;
+
+        foreach ($bits as $bit) {
+            if ($bit === '') continue;
+            foreach ($caught as $key => $status) {
+                if ($key != 'position') {
+                    if ($status !== false) continue;
+                    $r = $this->info['background-' . $key]->validate($bit, $config, $context);
+                } else {
+                    $r = $bit;
+                }
+                if ($r === false) continue;
+                if ($key == 'position') {
+                    if ($caught[$key] === false) $caught[$key] = '';
+                    $caught[$key] .= $r . ' ';
+                } else {
+                    $caught[$key] = $r;
+                }
+                $i++;
+                break;
+            }
+        }
+
+        if (!$i) return false;
+        if ($caught['position'] !== false) {
+            $caught['position'] = $this->info['background-position']->
+                validate($caught['position'], $config, $context);
+        }
+
+        $ret = array();
+        foreach ($caught as $value) {
+            if ($value === false) continue;
+            $ret[] = $value;
+        }
+
+        if (empty($ret)) return false;
+        return implode(' ', $ret);
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php

@@ -0,0 +1,133 @@
+<?php
+
+/* W3C says:
+    [ // adjective and number must be in correct order, even if
+      // you could switch them without introducing ambiguity.
+      // some browsers support that syntax
+        [
+            <percentage> | <length> | left | center | right
+        ]
+        [
+            <percentage> | <length> | top | center | bottom
+        ]?
+    ] |
+    [ // this signifies that the vertical and horizontal adjectives
+      // can be arbitrarily ordered, however, there can only be two,
+      // one of each, or none at all
+        [
+            left | center | right
+        ] ||
+        [
+            top | center | bottom
+        ]
+    ]
+    top, left = 0%
+    center, (none) = 50%
+    bottom, right = 100%
+*/
+
+/* QuirksMode says:
+    keyword + length/percentage must be ordered correctly, as per W3C
+
+    Internet Explorer and Opera, however, support arbitrary ordering. We
+    should fix it up.
+
+    Minor issue though, not strictly necessary.
+*/
+
+// control freaks may appreciate the ability to convert these to
+// percentages or something, but it's not necessary
+
+/**
+ * Validates the value of background-position.
+ */
+class HTMLPurifier_AttrDef_CSS_BackgroundPosition extends HTMLPurifier_AttrDef
+{
+
+    protected $length;
+    protected $percentage;
+
+    public function __construct() {
+        $this->length     = new HTMLPurifier_AttrDef_CSS_Length();
+        $this->percentage = new HTMLPurifier_AttrDef_CSS_Percentage();
+    }
+
+    public function validate($string, $config, $context) {
+        $string = $this->parseCDATA($string);
+        $bits = explode(' ', $string);
+
+        $keywords = array();
+        $keywords['h'] = false; // left, right
+        $keywords['v'] = false; // top, bottom
+        $keywords['ch'] = false; // center (first word)
+        $keywords['cv'] = false; // center (second word)
+        $measures = array();
+
+        $i = 0;
+
+        $lookup = array(
+            'top' => 'v',
+            'bottom' => 'v',
+            'left' => 'h',
+            'right' => 'h',
+            'center' => 'c'
+        );
+
+        foreach ($bits as $bit) {
+            if ($bit === '') continue;
+
+            // test for keyword
+            $lbit = ctype_lower($bit) ? $bit : strtolower($bit);
+            if (isset($lookup[$lbit])) {
+                $status = $lookup[$lbit];
+                if ($status == 'c') {
+                    if ($i == 0) {
+                        $status = 'ch';
+                    } else {
+                        $status = 'cv';
+                    }
+                }
+                $keywords[$status] = $lbit;
+                $i++;
+            }
+
+            // test for length
+            $r = $this->length->validate($bit, $config, $context);
+            if ($r !== false) {
+                $measures[] = $r;
+                $i++;
+            }
+
+            // test for percentage
+            $r = $this->percentage->validate($bit, $config, $context);
+            if ($r !== false) {
+                $measures[] = $r;
+                $i++;
+            }
+
+        }
+
+        if (!$i) return false; // no valid values were caught
+
+        $ret = array();
+
+        // first keyword
+        if     ($keywords['h'])     $ret[] = $keywords['h'];
+        elseif ($keywords['ch']) {
+            $ret[] = $keywords['ch'];
+            $keywords['cv'] = false; // prevent re-use: center = center center
+        }
+        elseif (count($measures))   $ret[] = array_shift($measures);
+
+        if     ($keywords['v'])     $ret[] = $keywords['v'];
+        elseif ($keywords['cv'])    $ret[] = $keywords['cv'];
+        elseif (count($measures))   $ret[] = array_shift($measures);
+
+        if (empty($ret)) return false;
+        return implode(' ', $ret);
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Border.php

@@ -0,0 +1,43 @@
+<?php
+
+/**
+ * Validates the border property as defined by CSS.
+ */
+class HTMLPurifier_AttrDef_CSS_Border extends HTMLPurifier_AttrDef
+{
+
+    /**
+     * Local copy of properties this property is shorthand for.
+     */
+    protected $info = array();
+
+    public function __construct($config) {
+        $def = $config->getCSSDefinition();
+        $this->info['border-width'] = $def->info['border-width'];
+        $this->info['border-style'] = $def->info['border-style'];
+        $this->info['border-top-color'] = $def->info['border-top-color'];
+    }
+
+    public function validate($string, $config, $context) {
+        $string = $this->parseCDATA($string);
+        $string = $this->mungeRgb($string);
+        $bits = explode(' ', $string);
+        $done = array(); // segments we've finished
+        $ret = ''; // return value
+        foreach ($bits as $bit) {
+            foreach ($this->info as $propname => $validator) {
+                if (isset($done[$propname])) continue;
+                $r = $validator->validate($bit, $config, $context);
+                if ($r !== false) {
+                    $ret .= $r . ' ';
+                    $done[$propname] = true;
+                    break;
+                }
+            }
+        }
+        return rtrim($ret);
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Color.php

@@ -0,0 +1,78 @@
+<?php
+
+/**
+ * Validates Color as defined by CSS.
+ */
+class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef
+{
+
+    public function validate($color, $config, $context) {
+
+        static $colors = null;
+        if ($colors === null) $colors = $config->get('Core.ColorKeywords');
+
+        $color = trim($color);
+        if ($color === '') return false;
+
+        $lower = strtolower($color);
+        if (isset($colors[$lower])) return $colors[$lower];
+
+        if (strpos($color, 'rgb(') !== false) {
+            // rgb literal handling
+            $length = strlen($color);
+            if (strpos($color, ')') !== $length - 1) return false;
+            $triad = substr($color, 4, $length - 4 - 1);
+            $parts = explode(',', $triad);
+            if (count($parts) !== 3) return false;
+            $type = false; // to ensure that they're all the same type
+            $new_parts = array();
+            foreach ($parts as $part) {
+                $part = trim($part);
+                if ($part === '') return false;
+                $length = strlen($part);
+                if ($part[$length - 1] === '%') {
+                    // handle percents
+                    if (!$type) {
+                        $type = 'percentage';
+                    } elseif ($type !== 'percentage') {
+                        return false;
+                    }
+                    $num = (float) substr($part, 0, $length - 1);
+                    if ($num < 0) $num = 0;
+                    if ($num > 100) $num = 100;
+                    $new_parts[] = "$num%";
+                } else {
+                    // handle integers
+                    if (!$type) {
+                        $type = 'integer';
+                    } elseif ($type !== 'integer') {
+                        return false;
+                    }
+                    $num = (int) $part;
+                    if ($num < 0) $num = 0;
+                    if ($num > 255) $num = 255;
+                    $new_parts[] = (string) $num;
+                }
+            }
+            $new_triad = implode(',', $new_parts);
+            $color = "rgb($new_triad)";
+        } else {
+            // hexadecimal handling
+            if ($color[0] === '#') {
+                $hex = substr($color, 1);
+            } else {
+                $hex = $color;
+                $color = '#' . $color;
+            }
+            $length = strlen($hex);
+            if ($length !== 3 && $length !== 6) return false;
+            if (!ctype_xdigit($hex)) return false;
+        }
+
+        return $color;
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Composite.php

@@ -0,0 +1,38 @@
+<?php
+
+/**
+ * Allows multiple validators to attempt to validate attribute.
+ *
+ * Composite is just what it sounds like: a composite of many validators.
+ * This means that multiple HTMLPurifier_AttrDef objects will have a whack
+ * at the string.  If one of them passes, that's what is returned.  This is
+ * especially useful for CSS values, which often are a choice between
+ * an enumerated set of predefined values or a flexible data type.
+ */
+class HTMLPurifier_AttrDef_CSS_Composite extends HTMLPurifier_AttrDef
+{
+
+    /**
+     * List of HTMLPurifier_AttrDef objects that may process strings
+     * @todo Make protected
+     */
+    public $defs;
+
+    /**
+     * @param $defs List of HTMLPurifier_AttrDef objects
+     */
+    public function __construct($defs) {
+        $this->defs = $defs;
+    }
+
+    public function validate($string, $config, $context) {
+        foreach ($this->defs as $i => $def) {
+            $result = $this->defs[$i]->validate($string, $config, $context);
+            if ($result !== false) return $result;
+        }
+        return false;
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php

@@ -0,0 +1,28 @@
+<?php
+
+/**
+ * Decorator which enables CSS properties to be disabled for specific elements.
+ */
+class HTMLPurifier_AttrDef_CSS_DenyElementDecorator extends HTMLPurifier_AttrDef
+{
+    public $def, $element;
+
+    /**
+     * @param $def Definition to wrap
+     * @param $element Element to deny
+     */
+    public function __construct($def, $element) {
+        $this->def = $def;
+        $this->element = $element;
+    }
+    /**
+     * Checks if CurrentToken is set and equal to $this->element
+     */
+    public function validate($string, $config, $context) {
+        $token = $context->get('CurrentToken', true);
+        if ($token && $token->name == $this->element) return false;
+        return $this->def->validate($string, $config, $context);
+    }
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Filter.php

@@ -0,0 +1,54 @@
+<?php
+
+/**
+ * Microsoft's proprietary filter: CSS property
+ * @note Currently supports the alpha filter. In the future, this will
+ *       probably need an extensible framework
+ */
+class HTMLPurifier_AttrDef_CSS_Filter extends HTMLPurifier_AttrDef
+{
+
+    protected $intValidator;
+
+    public function __construct() {
+        $this->intValidator = new HTMLPurifier_AttrDef_Integer();
+    }
+
+    public function validate($value, $config, $context) {
+        $value = $this->parseCDATA($value);
+        if ($value === 'none') return $value;
+        // if we looped this we could support multiple filters
+        $function_length = strcspn($value, '(');
+        $function = trim(substr($value, 0, $function_length));
+        if ($function !== 'alpha' &&
+            $function !== 'Alpha' &&
+            $function !== 'progid:DXImageTransform.Microsoft.Alpha'
+            ) return false;
+        $cursor = $function_length + 1;
+        $parameters_length = strcspn($value, ')', $cursor);
+        $parameters = substr($value, $cursor, $parameters_length);
+        $params = explode(',', $parameters);
+        $ret_params = array();
+        $lookup = array();
+        foreach ($params as $param) {
+            list($key, $value) = explode('=', $param);
+            $key   = trim($key);
+            $value = trim($value);
+            if (isset($lookup[$key])) continue;
+            if ($key !== 'opacity') continue;
+            $value = $this->intValidator->validate($value, $config, $context);
+            if ($value === false) continue;
+            $int = (int) $value;
+            if ($int > 100) $value = '100';
+            if ($int < 0) $value = '0';
+            $ret_params[] = "$key=$value";
+            $lookup[$key] = true;
+        }
+        $ret_parameters = implode(',', $ret_params);
+        $ret_function = "$function($ret_parameters)";
+        return $ret_function;
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Font.php

@@ -0,0 +1,149 @@
+<?php
+
+/**
+ * Validates shorthand CSS property font.
+ */
+class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef
+{
+
+    /**
+     * Local copy of component validators.
+     *
+     * @note If we moved specific CSS property definitions to their own
+     *       classes instead of having them be assembled at run time by
+     *       CSSDefinition, this wouldn't be necessary.  We'd instantiate
+     *       our own copies.
+     */
+    protected $info = array();
+
+    public function __construct($config) {
+        $def = $config->getCSSDefinition();
+        $this->info['font-style']   = $def->info['font-style'];
+        $this->info['font-variant'] = $def->info['font-variant'];
+        $this->info['font-weight']  = $def->info['font-weight'];
+        $this->info['font-size']    = $def->info['font-size'];
+        $this->info['line-height']  = $def->info['line-height'];
+        $this->info['font-family']  = $def->info['font-family'];
+    }
+
+    public function validate($string, $config, $context) {
+
+        static $system_fonts = array(
+            'caption' => true,
+            'icon' => true,
+            'menu' => true,
+            'message-box' => true,
+            'small-caption' => true,
+            'status-bar' => true
+        );
+
+        // regular pre-processing
+        $string = $this->parseCDATA($string);
+        if ($string === '') return false;
+
+        // check if it's one of the keywords
+        $lowercase_string = strtolower($string);
+        if (isset($system_fonts[$lowercase_string])) {
+            return $lowercase_string;
+        }
+
+        $bits = explode(' ', $string); // bits to process
+        $stage = 0; // this indicates what we're looking for
+        $caught = array(); // which stage 0 properties have we caught?
+        $stage_1 = array('font-style', 'font-variant', 'font-weight');
+        $final = ''; // output
+
+        for ($i = 0, $size = count($bits); $i < $size; $i++) {
+            if ($bits[$i] === '') continue;
+            switch ($stage) {
+
+                // attempting to catch font-style, font-variant or font-weight
+                case 0:
+                    foreach ($stage_1 as $validator_name) {
+                        if (isset($caught[$validator_name])) continue;
+                        $r = $this->info[$validator_name]->validate(
+                                                $bits[$i], $config, $context);
+                        if ($r !== false) {
+                            $final .= $r . ' ';
+                            $caught[$validator_name] = true;
+                            break;
+                        }
+                    }
+                    // all three caught, continue on
+                    if (count($caught) >= 3) $stage = 1;
+                    if ($r !== false) break;
+
+                // attempting to catch font-size and perhaps line-height
+                case 1:
+                    $found_slash = false;
+                    if (strpos($bits[$i], '/') !== false) {
+                        list($font_size, $line_height) =
+                                                    explode('/', $bits[$i]);
+                        if ($line_height === '') {
+                            // ooh, there's a space after the slash!
+                            $line_height = false;
+                            $found_slash = true;
+                        }
+                    } else {
+                        $font_size = $bits[$i];
+                        $line_height = false;
+                    }
+                    $r = $this->info['font-size']->validate(
+                                              $font_size, $config, $context);
+                    if ($r !== false) {
+                        $final .= $r;
+                        // attempt to catch line-height
+                        if ($line_height === false) {
+                            // we need to scroll forward
+                            for ($j = $i + 1; $j < $size; $j++) {
+                                if ($bits[$j] === '') continue;
+                                if ($bits[$j] === '/') {
+                                    if ($found_slash) {
+                                        return false;
+                                    } else {
+                                        $found_slash = true;
+                                        continue;
+                                    }
+                                }
+                                $line_height = $bits[$j];
+                                break;
+                            }
+                        } else {
+                            // slash already found
+                            $found_slash = true;
+                            $j = $i;
+                        }
+                        if ($found_slash) {
+                            $i = $j;
+                            $r = $this->info['line-height']->validate(
+                                              $line_height, $config, $context);
+                            if ($r !== false) {
+                                $final .= '/' . $r;
+                            }
+                        }
+                        $final .= ' ';
+                        $stage = 2;
+                        break;
+                    }
+                    return false;
+
+                // attempting to catch font-family
+                case 2:
+                    $font_family =
+                        implode(' ', array_slice($bits, $i, $size - $i));
+                    $r = $this->info['font-family']->validate(
+                                              $font_family, $config, $context);
+                    if ($r !== false) {
+                        $final .= $r . ' ';
+                        // processing completed successfully
+                        return rtrim($final);
+                    }
+                    return false;
+            }
+        }
+        return false;
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/FontFamily.php

@@ -0,0 +1,72 @@
+<?php
+
+/**
+ * Validates a font family list according to CSS spec
+ * @todo whitelisting allowed fonts would be nice
+ */
+class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
+{
+
+    public function validate($string, $config, $context) {
+        static $generic_names = array(
+            'serif' => true,
+            'sans-serif' => true,
+            'monospace' => true,
+            'fantasy' => true,
+            'cursive' => true
+        );
+
+        // assume that no font names contain commas in them
+        $fonts = explode(',', $string);
+        $final = '';
+        foreach($fonts as $font) {
+            $font = trim($font);
+            if ($font === '') continue;
+            // match a generic name
+            if (isset($generic_names[$font])) {
+                $final .= $font . ', ';
+                continue;
+            }
+            // match a quoted name
+            if ($font[0] === '"' || $font[0] === "'") {
+                $length = strlen($font);
+                if ($length <= 2) continue;
+                $quote = $font[0];
+                if ($font[$length - 1] !== $quote) continue;
+                $font = substr($font, 1, $length - 2);
+            }
+
+            $font = $this->expandCSSEscape($font);
+
+            // $font is a pure representation of the font name
+
+            if (ctype_alnum($font) && $font !== '') {
+                // very simple font, allow it in unharmed
+                $final .= $font . ', ';
+                continue;
+            }
+
+            // bugger out on whitespace.  form feed (0C) really
+            // shouldn't show up regardless
+            $font = str_replace(array("\n", "\t", "\r", "\x0C"), ' ', $font);
+
+            // These ugly transforms don't pose a security
+            // risk (as \\ and \" might).  We could try to be clever and
+            // use single-quote wrapping when there is a double quote
+            // present, but I have choosen not to implement that.
+            // (warning: this code relies on the selection of quotation
+            // mark below)
+            $font = str_replace('\\', '\\5C ', $font);
+            $font = str_replace('"',  '\\22 ', $font);
+
+            // complicated font, requires quoting
+            $final .= "\"$font\", "; // note that this will later get turned into &quot;
+        }
+        $final = rtrim($final, ', ');
+        if ($final === '') return false;
+        return $final;
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php

@@ -0,0 +1,40 @@
+<?php
+
+/**
+ * Decorator which enables !important to be used in CSS values.
+ */
+class HTMLPurifier_AttrDef_CSS_ImportantDecorator extends HTMLPurifier_AttrDef
+{
+    public $def, $allow;
+
+    /**
+     * @param $def Definition to wrap
+     * @param $allow Whether or not to allow !important
+     */
+    public function __construct($def, $allow = false) {
+        $this->def = $def;
+        $this->allow = $allow;
+    }
+    /**
+     * Intercepts and removes !important if necessary
+     */
+    public function validate($string, $config, $context) {
+        // test for ! and important tokens
+        $string = trim($string);
+        $is_important = false;
+        // :TODO: optimization: test directly for !important and ! important
+        if (strlen($string) >= 9 && substr($string, -9) === 'important') {
+            $temp = rtrim(substr($string, 0, -9));
+            // use a temp, because we might want to restore important
+            if (strlen($temp) >= 1 && substr($temp, -1) === '!') {
+                $string = rtrim(substr($temp, 0, -1));
+                $is_important = true;
+            }
+        }
+        $string = $this->def->validate($string, $config, $context);
+        if ($this->allow && $is_important) $string .= ' !important';
+        return $string;
+    }
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Length.php

@@ -0,0 +1,47 @@
+<?php
+
+/**
+ * Represents a Length as defined by CSS.
+ */
+class HTMLPurifier_AttrDef_CSS_Length extends HTMLPurifier_AttrDef
+{
+
+    protected $min, $max;
+
+    /**
+     * @param HTMLPurifier_Length $max Minimum length, or null for no bound. String is also acceptable.
+     * @param HTMLPurifier_Length $max Maximum length, or null for no bound. String is also acceptable.
+     */
+    public function __construct($min = null, $max = null) {
+        $this->min = $min !== null ? HTMLPurifier_Length::make($min) : null;
+        $this->max = $max !== null ? HTMLPurifier_Length::make($max) : null;
+    }
+
+    public function validate($string, $config, $context) {
+        $string = $this->parseCDATA($string);
+
+        // Optimizations
+        if ($string === '') return false;
+        if ($string === '0') return '0';
+        if (strlen($string) === 1) return false;
+
+        $length = HTMLPurifier_Length::make($string);
+        if (!$length->isValid()) return false;
+
+        if ($this->min) {
+            $c = $length->compareTo($this->min);
+            if ($c === false) return false;
+            if ($c < 0) return false;
+        }
+        if ($this->max) {
+            $c = $length->compareTo($this->max);
+            if ($c === false) return false;
+            if ($c > 0) return false;
+        }
+
+        return $length->toString();
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/ListStyle.php

@@ -0,0 +1,78 @@
+<?php
+
+/**
+ * Validates shorthand CSS property list-style.
+ * @warning Does not support url tokens that have internal spaces.
+ */
+class HTMLPurifier_AttrDef_CSS_ListStyle extends HTMLPurifier_AttrDef
+{
+
+    /**
+     * Local copy of component validators.
+     * @note See HTMLPurifier_AttrDef_CSS_Font::$info for a similar impl.
+     */
+    protected $info;
+
+    public function __construct($config) {
+        $def = $config->getCSSDefinition();
+        $this->info['list-style-type']     = $def->info['list-style-type'];
+        $this->info['list-style-position'] = $def->info['list-style-position'];
+        $this->info['list-style-image'] = $def->info['list-style-image'];
+    }
+
+    public function validate($string, $config, $context) {
+
+        // regular pre-processing
+        $string = $this->parseCDATA($string);
+        if ($string === '') return false;
+
+        // assumes URI doesn't have spaces in it
+        $bits = explode(' ', strtolower($string)); // bits to process
+
+        $caught = array();
+        $caught['type']     = false;
+        $caught['position'] = false;
+        $caught['image']    = false;
+
+        $i = 0; // number of catches
+        $none = false;
+
+        foreach ($bits as $bit) {
+            if ($i >= 3) return; // optimization bit
+            if ($bit === '') continue;
+            foreach ($caught as $key => $status) {
+                if ($status !== false) continue;
+                $r = $this->info['list-style-' . $key]->validate($bit, $config, $context);
+                if ($r === false) continue;
+                if ($r === 'none') {
+                    if ($none) continue;
+                    else $none = true;
+                    if ($key == 'image') continue;
+                }
+                $caught[$key] = $r;
+                $i++;
+                break;
+            }
+        }
+
+        if (!$i) return false;
+
+        $ret = array();
+
+        // construct type
+        if ($caught['type']) $ret[] = $caught['type'];
+
+        // construct image
+        if ($caught['image']) $ret[] = $caught['image'];
+
+        // construct position
+        if ($caught['position']) $ret[] = $caught['position'];
+
+        if (empty($ret)) return false;
+        return implode(' ', $ret);
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Multiple.php

@@ -0,0 +1,58 @@
+<?php
+
+/**
+ * Framework class for strings that involve multiple values.
+ *
+ * Certain CSS properties such as border-width and margin allow multiple
+ * lengths to be specified.  This class can take a vanilla border-width
+ * definition and multiply it, usually into a max of four.
+ *
+ * @note Even though the CSS specification isn't clear about it, inherit
+ *       can only be used alone: it will never manifest as part of a multi
+ *       shorthand declaration.  Thus, this class does not allow inherit.
+ */
+class HTMLPurifier_AttrDef_CSS_Multiple extends HTMLPurifier_AttrDef
+{
+
+    /**
+     * Instance of component definition to defer validation to.
+     * @todo Make protected
+     */
+    public $single;
+
+    /**
+     * Max number of values allowed.
+     * @todo Make protected
+     */
+    public $max;
+
+    /**
+     * @param $single HTMLPurifier_AttrDef to multiply
+     * @param $max Max number of values allowed (usually four)
+     */
+    public function __construct($single, $max = 4) {
+        $this->single = $single;
+        $this->max = $max;
+    }
+
+    public function validate($string, $config, $context) {
+        $string = $this->parseCDATA($string);
+        if ($string === '') return false;
+        $parts = explode(' ', $string); // parseCDATA replaced \r, \t and \n
+        $length = count($parts);
+        $final = '';
+        for ($i = 0, $num = 0; $i < $length && $num < $this->max; $i++) {
+            if (ctype_space($parts[$i])) continue;
+            $result = $this->single->validate($parts[$i], $config, $context);
+            if ($result !== false) {
+                $final .= $result . ' ';
+                $num++;
+            }
+        }
+        if ($final === '') return false;
+        return rtrim($final);
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Number.php

@@ -0,0 +1,69 @@
+<?php
+
+/**
+ * Validates a number as defined by the CSS spec.
+ */
+class HTMLPurifier_AttrDef_CSS_Number extends HTMLPurifier_AttrDef
+{
+
+    /**
+     * Bool indicating whether or not only positive values allowed.
+     */
+    protected $non_negative = false;
+
+    /**
+     * @param $non_negative Bool indicating whether negatives are forbidden
+     */
+    public function __construct($non_negative = false) {
+        $this->non_negative = $non_negative;
+    }
+
+    /**
+     * @warning Some contexts do not pass $config, $context. These
+     *          variables should not be used without checking HTMLPurifier_Length
+     */
+    public function validate($number, $config, $context) {
+
+        $number = $this->parseCDATA($number);
+
+        if ($number === '') return false;
+        if ($number === '0') return '0';
+
+        $sign = '';
+        switch ($number[0]) {
+            case '-':
+                if ($this->non_negative) return false;
+                $sign = '-';
+            case '+':
+                $number = substr($number, 1);
+        }
+
+        if (ctype_digit($number)) {
+            $number = ltrim($number, '0');
+            return $number ? $sign . $number : '0';
+        }
+
+        // Period is the only non-numeric character allowed
+        if (strpos($number, '.') === false) return false;
+
+        list($left, $right) = explode('.', $number, 2);
+
+        if ($left === '' && $right === '') return false;
+        if ($left !== '' && !ctype_digit($left)) return false;
+
+        $left  = ltrim($left,  '0');
+        $right = rtrim($right, '0');
+
+        if ($right === '') {
+            return $left ? $sign . $left : '0';
+        } elseif (!ctype_digit($right)) {
+            return false;
+        }
+
+        return $sign . $left . '.' . $right;
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Percentage.php

@@ -0,0 +1,40 @@
+<?php
+
+/**
+ * Validates a Percentage as defined by the CSS spec.
+ */
+class HTMLPurifier_AttrDef_CSS_Percentage extends HTMLPurifier_AttrDef
+{
+
+    /**
+     * Instance of HTMLPurifier_AttrDef_CSS_Number to defer number validation
+     */
+    protected $number_def;
+
+    /**
+     * @param Bool indicating whether to forbid negative values
+     */
+    public function __construct($non_negative = false) {
+        $this->number_def = new HTMLPurifier_AttrDef_CSS_Number($non_negative);
+    }
+
+    public function validate($string, $config, $context) {
+
+        $string = $this->parseCDATA($string);
+
+        if ($string === '') return false;
+        $length = strlen($string);
+        if ($length === 1) return false;
+        if ($string[$length - 1] !== '%') return false;
+
+        $number = substr($string, 0, $length - 1);
+        $number = $this->number_def->validate($number, $config, $context);
+
+        if ($number === false) return false;
+        return "$number%";
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/TextDecoration.php

@@ -0,0 +1,38 @@
+<?php
+
+/**
+ * Validates the value for the CSS property text-decoration
+ * @note This class could be generalized into a version that acts sort of
+ *       like Enum except you can compound the allowed values.
+ */
+class HTMLPurifier_AttrDef_CSS_TextDecoration extends HTMLPurifier_AttrDef
+{
+
+    public function validate($string, $config, $context) {
+
+        static $allowed_values = array(
+            'line-through' => true,
+            'overline' => true,
+            'underline' => true,
+        );
+
+        $string = strtolower($this->parseCDATA($string));
+
+        if ($string === 'none') return $string;
+
+        $parts = explode(' ', $string);
+        $final = '';
+        foreach ($parts as $part) {
+            if (isset($allowed_values[$part])) {
+                $final .= $part . ' ';
+            }
+        }
+        $final = rtrim($final);
+        if ($final === '') return false;
+        return $final;
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/URI.php

@@ -0,0 +1,52 @@
+<?php
+
+/**
+ * Validates a URI in CSS syntax, which uses url('http://example.com')
+ * @note While theoretically speaking a URI in a CSS document could
+ *       be non-embedded, as of CSS2 there is no such usage so we're
+ *       generalizing it. This may need to be changed in the future.
+ * @warning Since HTMLPurifier_AttrDef_CSS blindly uses semicolons as
+ *          the separator, you cannot put a literal semicolon in
+ *          in the URI. Try percent encoding it, in that case.
+ */
+class HTMLPurifier_AttrDef_CSS_URI extends HTMLPurifier_AttrDef_URI
+{
+
+    public function __construct() {
+        parent::__construct(true); // always embedded
+    }
+
+    public function validate($uri_string, $config, $context) {
+        // parse the URI out of the string and then pass it onto
+        // the parent object
+
+        $uri_string = $this->parseCDATA($uri_string);
+        if (strpos($uri_string, 'url(') !== 0) return false;
+        $uri_string = substr($uri_string, 4);
+        $new_length = strlen($uri_string) - 1;
+        if ($uri_string[$new_length] != ')') return false;
+        $uri = trim(substr($uri_string, 0, $new_length));
+
+        if (!empty($uri) && ($uri[0] == "'" || $uri[0] == '"')) {
+            $quote = $uri[0];
+            $new_length = strlen($uri) - 1;
+            if ($uri[$new_length] !== $quote) return false;
+            $uri = substr($uri, 1, $new_length - 1);
+        }
+
+        $uri = $this->expandCSSEscape($uri);
+
+        $result = parent::validate($uri, $config, $context);
+
+        if ($result === false) return false;
+
+        // extra sanity check; should have been done by URI
+        $result = str_replace(array('"', "\\", "\n", "\x0c", "\r"), "", $result);
+
+        return "url(\"$result\")";
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/Enum.php

@@ -0,0 +1,65 @@
+<?php
+
+// Enum = Enumerated
+/**
+ * Validates a keyword against a list of valid values.
+ * @warning The case-insensitive compare of this function uses PHP's
+ *          built-in strtolower and ctype_lower functions, which may
+ *          cause problems with international comparisons
+ */
+class HTMLPurifier_AttrDef_Enum extends HTMLPurifier_AttrDef
+{
+
+    /**
+     * Lookup table of valid values.
+     * @todo Make protected
+     */
+    public $valid_values   = array();
+
+    /**
+     * Bool indicating whether or not enumeration is case sensitive.
+     * @note In general this is always case insensitive.
+     */
+    protected $case_sensitive = false; // values according to W3C spec
+
+    /**
+     * @param $valid_values List of valid values
+     * @param $case_sensitive Bool indicating whether or not case sensitive
+     */
+    public function __construct(
+        $valid_values = array(), $case_sensitive = false
+    ) {
+        $this->valid_values = array_flip($valid_values);
+        $this->case_sensitive = $case_sensitive;
+    }
+
+    public function validate($string, $config, $context) {
+        $string = trim($string);
+        if (!$this->case_sensitive) {
+            // we may want to do full case-insensitive libraries
+            $string = ctype_lower($string) ? $string : strtolower($string);
+        }
+        $result = isset($this->valid_values[$string]);
+
+        return $result ? $string : false;
+    }
+
+    /**
+     * @param $string In form of comma-delimited list of case-insensitive
+     *      valid values. Example: "foo,bar,baz". Prepend "s:" to make
+     *      case sensitive
+     */
+    public function make($string) {
+        if (strlen($string) > 2 && $string[0] == 's' && $string[1] == ':') {
+            $string = substr($string, 2);
+            $sensitive = true;
+        } else {
+            $sensitive = false;
+        }
+        $values = explode(',', $string);
+        return new HTMLPurifier_AttrDef_Enum($values, $sensitive);
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/HTML/Bool.php

@@ -0,0 +1,28 @@
+<?php
+
+/**
+ * Validates a boolean attribute
+ */
+class HTMLPurifier_AttrDef_HTML_Bool extends HTMLPurifier_AttrDef
+{
+
+    protected $name;
+    public $minimized = true;
+
+    public function __construct($name = false) {$this->name = $name;}
+
+    public function validate($string, $config, $context) {
+        if (empty($string)) return false;
+        return $this->name;
+    }
+
+    /**
+     * @param $string Name of attribute
+     */
+    public function make($string) {
+        return new HTMLPurifier_AttrDef_HTML_Bool($string);
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/HTML/Class.php

@@ -0,0 +1,34 @@
+<?php
+
+/**
+ * Implements special behavior for class attribute (normally NMTOKENS)
+ */
+class HTMLPurifier_AttrDef_HTML_Class extends HTMLPurifier_AttrDef_HTML_Nmtokens
+{
+    protected function split($string, $config, $context) {
+        // really, this twiddle should be lazy loaded
+        $name = $config->getDefinition('HTML')->doctype->name;
+        if ($name == "XHTML 1.1" || $name == "XHTML 2.0") {
+            return parent::split($string, $config, $context);
+        } else {
+            return preg_split('/\s+/', $string);
+        }
+    }
+    protected function filter($tokens, $config, $context) {
+        $allowed = $config->get('Attr.AllowedClasses');
+        $forbidden = $config->get('Attr.ForbiddenClasses');
+        $ret = array();
+        foreach ($tokens as $token) {
+            if (
+                ($allowed === null || isset($allowed[$token])) &&
+                !isset($forbidden[$token]) &&
+                // We need this O(n) check because of PHP's array
+                // implementation that casts -0 to 0.
+                !in_array($token, $ret, true)
+            ) {
+                $ret[] = $token;
+            }
+        }
+        return $ret;
+    }
+}

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/HTML/Color.php

@@ -0,0 +1,32 @@
+<?php
+
+/**
+ * Validates a color according to the HTML spec.
+ */
+class HTMLPurifier_AttrDef_HTML_Color extends HTMLPurifier_AttrDef
+{
+
+    public function validate($string, $config, $context) {
+
+        static $colors = null;
+        if ($colors === null) $colors = $config->get('Core.ColorKeywords');
+
+        $string = trim($string);
+
+        if (empty($string)) return false;
+        if (isset($colors[$string])) return $colors[$string];
+        if ($string[0] === '#') $hex = substr($string, 1);
+        else $hex = $string;
+
+        $length = strlen($hex);
+        if ($length !== 3 && $length !== 6) return false;
+        if (!ctype_xdigit($hex)) return false;
+        if ($length === 3) $hex = $hex[0].$hex[0].$hex[1].$hex[1].$hex[2].$hex[2];
+
+        return "#$hex";
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/HTML/FrameTarget.php

@@ -0,0 +1,21 @@
+<?php
+
+/**
+ * Special-case enum attribute definition that lazy loads allowed frame targets
+ */
+class HTMLPurifier_AttrDef_HTML_FrameTarget extends HTMLPurifier_AttrDef_Enum
+{
+
+    public $valid_values = false; // uninitialized value
+    protected $case_sensitive = false;
+
+    public function __construct() {}
+
+    public function validate($string, $config, $context) {
+        if ($this->valid_values === false) $this->valid_values = $config->get('Attr.AllowedFrameTargets');
+        return parent::validate($string, $config, $context);
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/HTML/ID.php

@@ -0,0 +1,70 @@
+<?php
+
+/**
+ * Validates the HTML attribute ID.
+ * @warning Even though this is the id processor, it
+ *          will ignore the directive Attr:IDBlacklist, since it will only
+ *          go according to the ID accumulator. Since the accumulator is
+ *          automatically generated, it will have already absorbed the
+ *          blacklist. If you're hacking around, make sure you use load()!
+ */
+
+class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef
+{
+
+    // ref functionality disabled, since we also have to verify
+    // whether or not the ID it refers to exists
+
+    public function validate($id, $config, $context) {
+
+        if (!$config->get('Attr.EnableID')) return false;
+
+        $id = trim($id); // trim it first
+
+        if ($id === '') return false;
+
+        $prefix = $config->get('Attr.IDPrefix');
+        if ($prefix !== '') {
+            $prefix .= $config->get('Attr.IDPrefixLocal');
+            // prevent re-appending the prefix
+            if (strpos($id, $prefix) !== 0) $id = $prefix . $id;
+        } elseif ($config->get('Attr.IDPrefixLocal') !== '') {
+            trigger_error('%Attr.IDPrefixLocal cannot be used unless '.
+                '%Attr.IDPrefix is set', E_USER_WARNING);
+        }
+
+        //if (!$this->ref) {
+            $id_accumulator =& $context->get('IDAccumulator');
+            if (isset($id_accumulator->ids[$id])) return false;
+        //}
+
+        // we purposely avoid using regex, hopefully this is faster
+
+        if (ctype_alpha($id)) {
+            $result = true;
+        } else {
+            if (!ctype_alpha(@$id[0])) return false;
+            $trim = trim( // primitive style of regexps, I suppose
+                $id,
+                'A..Za..z0..9:-._'
+              );
+            $result = ($trim === '');
+        }
+
+        $regexp = $config->get('Attr.IDBlacklistRegexp');
+        if ($regexp && preg_match($regexp, $id)) {
+            return false;
+        }
+
+        if (/*!$this->ref && */$result) $id_accumulator->add($id);
+
+        // if no change was made to the ID, return the result
+        // else, return the new id if stripping whitespace made it
+        //     valid, or return false.
+        return $result ? $id : false;
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/HTML/Length.php

@@ -0,0 +1,41 @@
+<?php
+
+/**
+ * Validates the HTML type length (not to be confused with CSS's length).
+ *
+ * This accepts integer pixels or percentages as lengths for certain
+ * HTML attributes.
+ */
+
+class HTMLPurifier_AttrDef_HTML_Length extends HTMLPurifier_AttrDef_HTML_Pixels
+{
+
+    public function validate($string, $config, $context) {
+
+        $string = trim($string);
+        if ($string === '') return false;
+
+        $parent_result = parent::validate($string, $config, $context);
+        if ($parent_result !== false) return $parent_result;
+
+        $length = strlen($string);
+        $last_char = $string[$length - 1];
+
+        if ($last_char !== '%') return false;
+
+        $points = substr($string, 0, $length - 1);
+
+        if (!is_numeric($points)) return false;
+
+        $points = (int) $points;
+
+        if ($points < 0) return '0%';
+        if ($points > 100) return '100%';
+
+        return ((string) $points) . '%';
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/HTML/LinkTypes.php

@@ -0,0 +1,53 @@
+<?php
+
+/**
+ * Validates a rel/rev link attribute against a directive of allowed values
+ * @note We cannot use Enum because link types allow multiple
+ *       values.
+ * @note Assumes link types are ASCII text
+ */
+class HTMLPurifier_AttrDef_HTML_LinkTypes extends HTMLPurifier_AttrDef
+{
+
+    /** Name config attribute to pull. */
+    protected $name;
+
+    public function __construct($name) {
+        $configLookup = array(
+            'rel' => 'AllowedRel',
+            'rev' => 'AllowedRev'
+        );
+        if (!isset($configLookup[$name])) {
+            trigger_error('Unrecognized attribute name for link '.
+                'relationship.', E_USER_ERROR);
+            return;
+        }
+        $this->name = $configLookup[$name];
+    }
+
+    public function validate($string, $config, $context) {
+
+        $allowed = $config->get('Attr.' . $this->name);
+        if (empty($allowed)) return false;
+
+        $string = $this->parseCDATA($string);
+        $parts = explode(' ', $string);
+
+        // lookup to prevent duplicates
+        $ret_lookup = array();
+        foreach ($parts as $part) {
+            $part = strtolower(trim($part));
+            if (!isset($allowed[$part])) continue;
+            $ret_lookup[$part] = true;
+        }
+
+        if (empty($ret_lookup)) return false;
+        $string = implode(' ', array_keys($ret_lookup));
+
+        return $string;
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/HTML/MultiLength.php

@@ -0,0 +1,41 @@
+<?php
+
+/**
+ * Validates a MultiLength as defined by the HTML spec.
+ *
+ * A multilength is either a integer (pixel count), a percentage, or
+ * a relative number.
+ */
+class HTMLPurifier_AttrDef_HTML_MultiLength extends HTMLPurifier_AttrDef_HTML_Length
+{
+
+    public function validate($string, $config, $context) {
+
+        $string = trim($string);
+        if ($string === '') return false;
+
+        $parent_result = parent::validate($string, $config, $context);
+        if ($parent_result !== false) return $parent_result;
+
+        $length = strlen($string);
+        $last_char = $string[$length - 1];
+
+        if ($last_char !== '*') return false;
+
+        $int = substr($string, 0, $length - 1);
+
+        if ($int == '') return '*';
+        if (!is_numeric($int)) return false;
+
+        $int = (int) $int;
+
+        if ($int < 0) return false;
+        if ($int == 0) return '0';
+        if ($int == 1) return '*';
+        return ((string) $int) . '*';
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/HTML/Nmtokens.php

@@ -0,0 +1,52 @@
+<?php
+
+/**
+ * Validates contents based on NMTOKENS attribute type.
+ */
+class HTMLPurifier_AttrDef_HTML_Nmtokens extends HTMLPurifier_AttrDef
+{
+
+    public function validate($string, $config, $context) {
+
+        $string = trim($string);
+
+        // early abort: '' and '0' (strings that convert to false) are invalid
+        if (!$string) return false;
+
+        $tokens = $this->split($string, $config, $context);
+        $tokens = $this->filter($tokens, $config, $context);
+        if (empty($tokens)) return false;
+        return implode(' ', $tokens);
+
+    }
+
+    /**
+     * Splits a space separated list of tokens into its constituent parts.
+     */
+    protected function split($string, $config, $context) {
+        // OPTIMIZABLE!
+        // do the preg_match, capture all subpatterns for reformulation
+
+        // we don't support U+00A1 and up codepoints or
+        // escaping because I don't know how to do that with regexps
+        // and plus it would complicate optimization efforts (you never
+        // see that anyway).
+        $pattern = '/(?:(?<=\s)|\A)'. // look behind for space or string start
+                   '((?:--|-?[A-Za-z_])[A-Za-z_\-0-9]*)'.
+                   '(?:(?=\s)|\z)/'; // look ahead for space or string end
+        preg_match_all($pattern, $string, $matches);
+        return $matches[1];
+    }
+
+    /**
+     * Template method for removing certain tokens based on arbitrary criteria.
+     * @note If we wanted to be really functional, we'd do an array_filter
+     *       with a callback. But... we're not.
+     */
+    protected function filter($tokens, $config, $context) {
+        return $tokens;
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/HTML/Pixels.php

@@ -0,0 +1,48 @@
+<?php
+
+/**
+ * Validates an integer representation of pixels according to the HTML spec.
+ */
+class HTMLPurifier_AttrDef_HTML_Pixels extends HTMLPurifier_AttrDef
+{
+
+    protected $max;
+
+    public function __construct($max = null) {
+        $this->max = $max;
+    }
+
+    public function validate($string, $config, $context) {
+
+        $string = trim($string);
+        if ($string === '0') return $string;
+        if ($string === '')  return false;
+        $length = strlen($string);
+        if (substr($string, $length - 2) == 'px') {
+            $string = substr($string, 0, $length - 2);
+        }
+        if (!is_numeric($string)) return false;
+        $int = (int) $string;
+
+        if ($int < 0) return '0';
+
+        // upper-bound value, extremely high values can
+        // crash operating systems, see <http://ha.ckers.org/imagecrash.html>
+        // WARNING, above link WILL crash you if you're using Windows
+
+        if ($this->max !== null && $int > $this->max) return (string) $this->max;
+
+        return (string) $int;
+
+    }
+
+    public function make($string) {
+        if ($string === '') $max = null;
+        else $max = (int) $string;
+        $class = get_class($this);
+        return new $class($max);
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/Integer.php

@@ -0,0 +1,73 @@
+<?php
+
+/**
+ * Validates an integer.
+ * @note While this class was modeled off the CSS definition, no currently
+ *       allowed CSS uses this type.  The properties that do are: widows,
+ *       orphans, z-index, counter-increment, counter-reset.  Some of the
+ *       HTML attributes, however, find use for a non-negative version of this.
+ */
+class HTMLPurifier_AttrDef_Integer extends HTMLPurifier_AttrDef
+{
+
+    /**
+     * Bool indicating whether or not negative values are allowed
+     */
+    protected $negative = true;
+
+    /**
+     * Bool indicating whether or not zero is allowed
+     */
+    protected $zero = true;
+
+    /**
+     * Bool indicating whether or not positive values are allowed
+     */
+    protected $positive = true;
+
+    /**
+     * @param $negative Bool indicating whether or not negative values are allowed
+     * @param $zero Bool indicating whether or not zero is allowed
+     * @param $positive Bool indicating whether or not positive values are allowed
+     */
+    public function __construct(
+        $negative = true, $zero = true, $positive = true
+    ) {
+        $this->negative = $negative;
+        $this->zero     = $zero;
+        $this->positive = $positive;
+    }
+
+    public function validate($integer, $config, $context) {
+
+        $integer = $this->parseCDATA($integer);
+        if ($integer === '') return false;
+
+        // we could possibly simply typecast it to integer, but there are
+        // certain fringe cases that must not return an integer.
+
+        // clip leading sign
+        if ( $this->negative && $integer[0] === '-' ) {
+            $digits = substr($integer, 1);
+            if ($digits === '0') $integer = '0'; // rm minus sign for zero
+        } elseif( $this->positive && $integer[0] === '+' ) {
+            $digits = $integer = substr($integer, 1); // rm unnecessary plus
+        } else {
+            $digits = $integer;
+        }
+
+        // test if it's numeric
+        if (!ctype_digit($digits)) return false;
+
+        // perform scope tests
+        if (!$this->zero     && $integer == 0) return false;
+        if (!$this->positive && $integer > 0) return false;
+        if (!$this->negative && $integer < 0) return false;
+
+        return $integer;
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/Lang.php

@@ -0,0 +1,73 @@
+<?php
+
+/**
+ * Validates the HTML attribute lang, effectively a language code.
+ * @note Built according to RFC 3066, which obsoleted RFC 1766
+ */
+class HTMLPurifier_AttrDef_Lang extends HTMLPurifier_AttrDef
+{
+
+    public function validate($string, $config, $context) {
+
+        $string = trim($string);
+        if (!$string) return false;
+
+        $subtags = explode('-', $string);
+        $num_subtags = count($subtags);
+
+        if ($num_subtags == 0) return false; // sanity check
+
+        // process primary subtag : $subtags[0]
+        $length = strlen($subtags[0]);
+        switch ($length) {
+            case 0:
+                return false;
+            case 1:
+                if (! ($subtags[0] == 'x' || $subtags[0] == 'i') ) {
+                    return false;
+                }
+                break;
+            case 2:
+            case 3:
+                if (! ctype_alpha($subtags[0]) ) {
+                    return false;
+                } elseif (! ctype_lower($subtags[0]) ) {
+                    $subtags[0] = strtolower($subtags[0]);
+                }
+                break;
+            default:
+                return false;
+        }
+
+        $new_string = $subtags[0];
+        if ($num_subtags == 1) return $new_string;
+
+        // process second subtag : $subtags[1]
+        $length = strlen($subtags[1]);
+        if ($length == 0 || ($length == 1 && $subtags[1] != 'x') || $length > 8 || !ctype_alnum($subtags[1])) {
+            return $new_string;
+        }
+        if (!ctype_lower($subtags[1])) $subtags[1] = strtolower($subtags[1]);
+
+        $new_string .= '-' . $subtags[1];
+        if ($num_subtags == 2) return $new_string;
+
+        // process all other subtags, index 2 and up
+        for ($i = 2; $i < $num_subtags; $i++) {
+            $length = strlen($subtags[$i]);
+            if ($length == 0 || $length > 8 || !ctype_alnum($subtags[$i])) {
+                return $new_string;
+            }
+            if (!ctype_lower($subtags[$i])) {
+                $subtags[$i] = strtolower($subtags[$i]);
+            }
+            $new_string .= '-' . $subtags[$i];
+        }
+
+        return $new_string;
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/Switch.php

@@ -0,0 +1,34 @@
+<?php
+
+/**
+ * Decorator that, depending on a token, switches between two definitions.
+ */
+class HTMLPurifier_AttrDef_Switch
+{
+
+    protected $tag;
+    protected $withTag, $withoutTag;
+
+    /**
+     * @param string $tag Tag name to switch upon
+     * @param HTMLPurifier_AttrDef $with_tag Call if token matches tag
+     * @param HTMLPurifier_AttrDef $without_tag Call if token doesn't match, or there is no token
+     */
+    public function __construct($tag, $with_tag, $without_tag) {
+        $this->tag = $tag;
+        $this->withTag = $with_tag;
+        $this->withoutTag = $without_tag;
+    }
+
+    public function validate($string, $config, $context) {
+        $token = $context->get('CurrentToken', true);
+        if (!$token || $token->name !== $this->tag) {
+            return $this->withoutTag->validate($string, $config, $context);
+        } else {
+            return $this->withTag->validate($string, $config, $context);
+        }
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/Text.php

@@ -0,0 +1,15 @@
+<?php
+
+/**
+ * Validates arbitrary text according to the HTML spec.
+ */
+class HTMLPurifier_AttrDef_Text extends HTMLPurifier_AttrDef
+{
+
+    public function validate($string, $config, $context) {
+        return $this->parseCDATA($string);
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/URI.php

@@ -0,0 +1,77 @@
+<?php
+
+/**
+ * Validates a URI as defined by RFC 3986.
+ * @note Scheme-specific mechanics deferred to HTMLPurifier_URIScheme
+ */
+class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
+{
+
+    protected $parser;
+    protected $embedsResource;
+
+    /**
+     * @param $embeds_resource_resource Does the URI here result in an extra HTTP request?
+     */
+    public function __construct($embeds_resource = false) {
+        $this->parser = new HTMLPurifier_URIParser();
+        $this->embedsResource = (bool) $embeds_resource;
+    }
+
+    public function make($string) {
+        $embeds = (bool) $string;
+        return new HTMLPurifier_AttrDef_URI($embeds);
+    }
+
+    public function validate($uri, $config, $context) {
+
+        if ($config->get('URI.Disable')) return false;
+
+        $uri = $this->parseCDATA($uri);
+
+        // parse the URI
+        $uri = $this->parser->parse($uri);
+        if ($uri === false) return false;
+
+        // add embedded flag to context for validators
+        $context->register('EmbeddedURI', $this->embedsResource);
+
+        $ok = false;
+        do {
+
+            // generic validation
+            $result = $uri->validate($config, $context);
+            if (!$result) break;
+
+            // chained filtering
+            $uri_def = $config->getDefinition('URI');
+            $result = $uri_def->filter($uri, $config, $context);
+            if (!$result) break;
+
+            // scheme-specific validation
+            $scheme_obj = $uri->getSchemeObj($config, $context);
+            if (!$scheme_obj) break;
+            if ($this->embedsResource && !$scheme_obj->browsable) break;
+            $result = $scheme_obj->validate($uri, $config, $context);
+            if (!$result) break;
+
+            // Post chained filtering
+            $result = $uri_def->postFilter($uri, $config, $context);
+            if (!$result) break;
+
+            // survived gauntlet
+            $ok = true;
+
+        } while (false);
+
+        $context->destroy('EmbeddedURI');
+        if (!$ok) return false;
+
+        // back to string
+        return $uri->toString();
+
+    }
+
+}
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/URI/Email.php

@@ -0,0 +1,17 @@
+<?php
+
+abstract class HTMLPurifier_AttrDef_URI_Email extends HTMLPurifier_AttrDef
+{
+
+    /**
+     * Unpacks a mailbox into its display-name and address
+     */
+    function unpack($string) {
+        // needs to be implemented
+    }
+
+}
+
+// sub-implementations
+
+// vim: et sw=4 sts=4

lib/classes/htmlpurifier/library/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php

@@ -0,0 +1,21 @@
+<?php
+
+/**
+ * Primitive email validation class based on the regexp found at
+ * http://www.regular-expressions.info/email.html
+ */
+class HTMLPurifier_AttrDef_URI_Email_SimpleCheck extends HTMLPurifier_AttrDef_URI_Email
+{
+
+    public function validate($string, $config, $context) {
+        // no support for named mailboxes i.e. "Bob <bob@example.com>"
+        // that needs more percent encoding to be done
+        if ($string == '') return false;
+        $string = trim($string);
+        $result = preg_match('/^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i', $string);
+        return $result ? $string : false;
+    }
+
+}
+
+// vim: et sw=4 sts=4