set version to 0.9.30-rc1

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
add note for apache2 + php-fpm users that they need to change the fastcgi.conf when updating to 0.9.30; minor improvements of Sparkle-Theme (update templates)
2013-10-14 16:12:34 +02:00 · 2013-10-14 15:47:08 +02:00 · 2013-10-14 10:08:15 +02:00 · 2013-10-14 09:50:55 +02:00 · 2013-10-14 09:49:47 +02:00 · 2013-10-13 16:43:46 +02:00
1710 changed files with 61821 additions and 38562 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,10 @@
-templates_c/*
-cache/*
 packages/*
+lib/classes/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/*/
 temp/*
+templates/*
+install/update.log
+.buildpath
+.project
+.settings/
+*.diff
+*~
--- a/11
+++ b/11
@@ -2,7 +2,7 @@
 		       Version 2, June 1991

 Copyright (C) 1989, 1991 Free Software Foundation, Inc.
-                          675 Mass Ave, Cambridge, MA 02139, USA
+                       51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 Everyone is permitted to copy and distribute verbatim copies
 of this license document, but changing it is not allowed.

@@ -55,7 +55,7 @@ patent must be licensed for everyone's free use or not licensed at all.

  The precise terms and conditions for copying, distribution and
 modification follow.
-
+
 		    GNU GENERAL PUBLIC LICENSE
   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION

@@ -110,7 +110,7 @@ above, provided that you also meet all of these conditions:
    License.  (Exception: if the Program itself is interactive but
    does not normally print such an announcement, your work based on
    the Program is not required to print an announcement.)
-
+
 These requirements apply to the modified work as a whole.  If
 identifiable sections of that work are not derived from the Program,
 and can be reasonably considered independent and separate works in
@@ -168,7 +168,7 @@ access to copy from a designated place, then offering equivalent
 access to copy the source code from the same place counts as
 distribution of the source code, even though third parties are not
 compelled to copy the source along with the object code.
-
+
  4. You may not copy, modify, sublicense, or distribute the Program
 except as expressly provided under this License.  Any attempt
 otherwise to copy, modify, sublicense or distribute the Program is
@@ -225,7 +225,7 @@ impose that choice.

 This section is intended to make thoroughly clear what is believed to
 be a consequence of the rest of this License.
-
+
  8. If the distribution and/or use of the Program is restricted in
 certain countries either by patents or by copyrighted interfaces, the
 original copyright holder who places the Program under this License
@@ -278,4 +278,3 @@ PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
 POSSIBILITY OF SUCH DAMAGES.

 		     END OF TERMS AND CONDITIONS
-
--- a/actions/admin/settings/100.panel.php
+++ b/actions/admin/settings/100.panel.php
@@ -33,15 +33,31 @@ return array(
 					'save_method' => 'storeSettingField',
 					),
 				'panel_default_theme' => array(
-					'label' => $lng['serversettings']['default_theme'],
+					'label' => array('title' => $lng['panel']['theme'], 'description' => $lng['serversettings']['default_theme']),
 					'settinggroup' => 'panel',
 					'varname' => 'default_theme',
 					'type' => 'option',
 					'default' => 'Froxlor',
 					'option_mode' => 'one',
 					'option_options_method' => 'getThemes',
+					'save_method' => 'storeSettingDefaultTheme',
+					),
+				'panel_allow_theme_change_customer' => array(
+					'label' => $lng['serversettings']['panel_allow_theme_change_customer'],
+					'settinggroup' => 'panel',
+					'varname' => 'allow_theme_change_customer',
+					'type' => 'bool',
+					'default' => true,
 					'save_method' => 'storeSettingField',
 					),
+				'panel_allow_theme_change_admin' => array(
+					'label' => $lng['serversettings']['panel_allow_theme_change_admin'],
+					'settinggroup' => 'panel',
+					'varname' => 'allow_theme_change_admin',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField'
+					),
 				'panel_natsorting' => array(
 					'label' => $lng['serversettings']['natsorting'],
 					'settinggroup' => 'panel',
@@ -77,6 +93,23 @@ return array(
 					'option_options' => array('Manual' => $lng['serversettings']['manual'], 'Dropdown' => $lng['serversettings']['dropdown']),
 					'save_method' => 'storeSettingField',
 					),
+				'use_webfonts' => array(
+					'label' => $lng['serversettings']['enablewebfonts'],
+					'settinggroup' => 'panel',
+					'varname' => 'use_webfonts',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'webfont' => array(
+					'label' => $lng['serversettings']['definewebfont']['title'],
+					'settinggroup' => 'panel',
+					'varname' => 'webfont',
+					'type' => 'string',
+					'default' => 'Numans',
+					'string_emptyallowed' => false,
+					'save_method' => 'storeSettingField',
+					),
 				'panel_adminmail' => array(
 					'label' => $lng['serversettings']['adminmail'],
 					'settinggroup' => 'panel',
@@ -177,6 +210,14 @@ return array(
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
+				'panel_phpconfigs_hidestdsubdomain' => array(
+					'label' => $lng['serversettings']['panel_phpconfigs_hidestdsubdomain'],
+					'settinggroup' => 'panel',
+					'varname' => 'phpconfigs_hidestdsubdomain',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
 				),
 			),
 		),
--- a/actions/admin/settings/120.system.php
+++ b/actions/admin/settings/120.system.php
@@ -32,6 +32,14 @@ return array(
 					'save_method' => 'storeSettingField',
 					'plausibility_check_method' => 'checkPathConflicts'
 					),
+				'system_documentroot_use_default_value' => array(
+					'label' => $lng['serversettings']['documentroot_use_default_value'],
+					'settinggroup' => 'system',
+					'varname' => 'documentroot_use_default_value',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
 				'system_ipaddress' => array(
 					'label' => $lng['serversettings']['ipaddress'],
 					'settinggroup' => 'system',
@@ -59,6 +67,7 @@ return array(
 					'type' => 'string',
 					'default' => '',
 					'save_method' => 'storeSettingHostname',
+					'plausibility_check_method' => 'checkHostname',
 					),
 				'system_froxlordirectlyviahostname' => array(
 					'label' => $lng['serversettings']['froxlordirectlyviahostname'],
@@ -137,7 +146,7 @@ return array(
 					'varname' => 'report_webmax',
 					'type' => 'int',
 					'int_min' => 1,
-					'int_max' => 99,
+					'int_max' => 150,
 					'default' => 90,
 					'save_method' => 'storeSettingField',
 					),
@@ -147,7 +156,7 @@ return array(
 					'varname' => 'report_trafficmax',
 					'type' => 'int',
 					'int_min' => 1,
-					'int_max' => 99,
+					'int_max' => 150,
 					'default' => 90,
 					'save_method' => 'storeSettingField',
 					),
@@ -158,10 +167,10 @@ return array(
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
-					),					
+					),
 				),
 			),
 		),
 	);

-?>
+?>
--- a/actions/admin/settings/130.webserver.php
+++ b/actions/admin/settings/130.webserver.php
@@ -33,6 +33,15 @@ return array(
 					'save_method' => 'storeSettingField',
 					'overview_option' => true
 					),
+				'system_apache_24' => array(
+					'label' => $lng['serversettings']['apache_24'],
+					'settinggroup' => 'system',
+					'varname' => 'apache24',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2')
+					),
 				'system_httpuser' => array(
 					'label' => $lng['admin']['webserver_user'],
 					'settinggroup' => 'system',
@@ -85,6 +94,15 @@ return array(
 					'default' => '/var/customers/logs/',
 					'save_method' => 'storeSettingField',
 					),
+				'system_customersslpath' => array(
+					'label' => $lng['serversettings']['customerssl_directory'],
+					'settinggroup' => 'system',
+					'varname' => 'customer_ssl_path',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => '/etc/apache2/ssl/',
+					'save_method' => 'storeSettingField',
+					),
 				'system_phpappendopenbasedir' => array(
 					'label' => $lng['serversettings']['phpappendopenbasedir'],
 					'settinggroup' => 'system',
@@ -124,7 +142,7 @@ return array(
 					'label' => $lng['serversettings']['phpreload_command'],
 					'settinggroup' => 'system',
 					'varname' => 'phpreload_command',
-					'type' => (getSetting('phpfpm', 'enabled') == '1') ? 'hidden' : 'string',
+					'type' => 'string',
 					'default' => '',
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('nginx')
@@ -133,19 +151,20 @@ return array(
 					'label' => $lng['serversettings']['nginx_php_backend'],
 					'settinggroup' => 'system',
 					'varname' => 'nginx_php_backend',
-					'type' => (getSetting('phpfpm', 'enabled') == '1') ? 'hidden' : 'string',
+					'type' => 'string',
 					'default' => '127.0.0.1:8888',
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('nginx')
 					),
-				'system_mod_log_sql' => array(
-					'label' => $lng['serversettings']['mod_log_sql'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_log_sql',
-					'type' => 'bool',
-					'default' => false,
+				'nginx_fastcgiparams' => array(
+					'label' => $lng['serversettings']['nginx_fastcgiparams'],
+					'settinggroup' => 'nginx',
+					'varname' => 'fastcgiparams',
+					'type' => 'string',
+					'string_type' => 'file',
+					'default' => '/etc/nginx/fastcgi_params',
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2')
+					'websrv_avail' => array('nginx')
 					),
 				'defaultwebsrverrhandler_enabled' => array(
 					'label' => $lng['serversettings']['defaultwebsrverrhandler_enabled'],
@@ -209,72 +228,8 @@ return array(
 					'option_options_method' => 'getRedirectCodes',
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('apache2', 'lighttpd')
-					),
-				),
-			),
-		'ssl' => array(
-			'title' => $lng['admin']['sslsettings'],
-			'fields' => array(
-				'system_ssl_enabled' => array(
-					'label' => $lng['serversettings']['ssl']['use_ssl'],
-					'settinggroup' => 'system',
-					'varname' => 'use_ssl',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					'overview_option' => true
-					),
-				'system_ssl_cert_file' => array(
-					'label' => $lng['serversettings']['ssl']['ssl_cert_file'],
-					'settinggroup' => 'system',
-					'varname' => 'ssl_cert_file',
-					'type' => 'string',
-					'string_type' => 'file',
-					'string_emptyallowed' => true,
-					'default' => '/etc/apache2/apache2.pem',
-					'save_method' => 'storeSettingField',
-					),
-				'system_ssl_key_file' => array(
-					'label' => $lng['serversettings']['ssl']['ssl_key_file'],
-					'settinggroup' => 'system',
-					'varname' => 'ssl_key_file',
-					'type' => 'string',
-					'string_type' => 'file',
-					'string_emptyallowed' => true,
-					'default' => '/etc/apache2/apache2.key',
-					'save_method' => 'storeSettingField',
-					),
-				'system_ssl_ca_file' => array(
-					'label' => $lng['serversettings']['ssl']['ssl_ca_file'],
-					'settinggroup' => 'system',
-					'varname' => 'ssl_ca_file',
-					'type' => 'string',
-					'string_type' => 'file',
-					'string_emptyallowed' => true,
-					'default' => '',
-					'save_method' => 'storeSettingField',
-					),
-				'system_ssl_cert_chainfile' => array(
-					'label' => $lng['admin']['ipsandports']['ssl_cert_chainfile'],
-					'settinggroup' => 'system',
-					'varname' => 'ssl_cert_chainfile',
-					'type' => 'string',
-					'string_type' => 'file',
-					'string_emptyallowed' => true,
-					'default' => '',
-					'save_method' => 'storeSettingField',
-					),
-				'system_ssl_openssl_cnf' => array(
-					'label' => $lng['serversettings']['ssl']['openssl_cnf'],
-					'settinggroup' => 'system',
-					'varname' => 'openssl_cnf',
-					'type' => 'text',
-					'default' => '',
-					'save_method' => 'storeSettingField',
-					),
-				),
-			),
-		),
+					)
+				)
+			)
+		)
 	);
-
-?>
--- a/actions/admin/settings/131.ssl.php
+++ b/actions/admin/settings/131.ssl.php
@@ -0,0 +1,77 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ *
+ */
+
+return array(
+	'groups' => array(
+			'ssl' => array(
+					'title' => $lng['admin']['sslsettings'],
+					'fields' => array(
+							'system_ssl_enabled' => array(
+									'label' => $lng['serversettings']['ssl']['use_ssl'],
+									'settinggroup' => 'system',
+									'varname' => 'use_ssl',
+									'type' => 'bool',
+									'default' => false,
+									'save_method' => 'storeSettingField',
+									'overview_option' => true
+							),
+							'system_ssl_cert_file' => array(
+									'label' => $lng['serversettings']['ssl']['ssl_cert_file'],
+									'settinggroup' => 'system',
+									'varname' => 'ssl_cert_file',
+									'type' => 'string',
+									'string_type' => 'file',
+									'string_emptyallowed' => true,
+									'default' => '/etc/apache2/apache2.pem',
+									'save_method' => 'storeSettingField',
+							),
+							'system_ssl_key_file' => array(
+									'label' => $lng['serversettings']['ssl']['ssl_key_file'],
+									'settinggroup' => 'system',
+									'varname' => 'ssl_key_file',
+									'type' => 'string',
+									'string_type' => 'file',
+									'string_emptyallowed' => true,
+									'default' => '/etc/apache2/apache2.key',
+									'save_method' => 'storeSettingField',
+							),
+							'system_ssl_ca_file' => array(
+									'label' => $lng['serversettings']['ssl']['ssl_ca_file'],
+									'settinggroup' => 'system',
+									'varname' => 'ssl_ca_file',
+									'type' => 'string',
+									'string_type' => 'file',
+									'string_emptyallowed' => true,
+									'default' => '',
+									'save_method' => 'storeSettingField',
+							),
+							'system_ssl_cert_chainfile' => array(
+									'label' => $lng['admin']['ipsandports']['ssl_cert_chainfile'],
+									'settinggroup' => 'system',
+									'varname' => 'ssl_cert_chainfile',
+									'type' => 'string',
+									'string_type' => 'file',
+									'string_emptyallowed' => true,
+									'default' => '',
+									'save_method' => 'storeSettingField',
+							)
+					)
+			)
+		)
+	);
--- a/actions/admin/settings/135.fcgid.php
+++ b/actions/admin/settings/135.fcgid.php
@@ -30,7 +30,7 @@ return array(
 					'save_method' => 'storeSettingField',
 					'plausibility_check_method' => 'checkFcgidPhpFpm',
 					'overview_option' => true
-					),					
+					),
 				'system_mod_fcgid_configdir' => array(
 					'label' => $lng['serversettings']['mod_fcgid']['configdir'],
 					'settinggroup' => 'system',
@@ -66,7 +66,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'mod_fcgid_wrapper',
 					'type' => 'option',
-					'option_options' => array(0 => 'ScriptAlias', 1=> 'FCGIWrapper'),
+					'option_options' => array(0 => 'ScriptAlias', 1=> 'FcgidWrapper'),
 					'default' => 1,
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('apache2')
@@ -135,6 +135,14 @@ return array(
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('apache2')
 					),
+				'system_mod_fcgid_idle_timeout' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['idle_timeout'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_idle_timeout',
+					'type' => 'int',
+					'default' => 30,
+					'save_method' => 'storeSettingField'
+					),
 				)
 			)
 		)
--- a/actions/admin/settings/136.phpfpm.php
+++ b/actions/admin/settings/136.phpfpm.php
@@ -54,9 +54,16 @@ return array(
 					'default' => 'froxlorlocal',
 					'save_method' => 'storeSettingField'
 					),
-				/*
-				 * @TODO implement if phpfpm knows custom php.ini files
-				 * 
+				'system_phpfpm_defaultini' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['defaultini'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'defaultini',
+					'type' => 'option',
+					'default' => '1',
+					'option_mode' => 'one',
+					'option_options_method' => 'getPhpConfigs',
+					'save_method' => 'storeSettingField',
+					),
 				'system_phpfpm_defaultini_ownvhost' => array(
 					'label' => $lng['serversettings']['mod_fcgid']['defaultini_ownvhost'],
 					'settinggroup' => 'phpfpm',
@@ -67,7 +74,6 @@ return array(
 					'option_options_method' => 'getPhpConfigs',
 					'save_method' => 'storeSettingField',
 					),
-				*/
 				'system_phpfpm_configdir' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['configdir'],
 					'settinggroup' => 'phpfpm',
@@ -77,6 +83,15 @@ return array(
 					'default' => '/etc/php-fpm.d/',
 					'save_method' => 'storeSettingField',
 					),
+				'system_phpfpm_aliasconfigdir' => array(
+					'label' => $lng['serversettings']['phpfpm_settings']['aliasconfigdir'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'aliasconfigdir',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => '/var/www/php-fpm/',
+					'save_method' => 'storeSettingField',
+					),
 				'system_phpfpm_tmpdir' => array(
 					'label' => $lng['serversettings']['mod_fcgid']['tmpdir'],
 					'settinggroup' => 'phpfpm',
@@ -110,7 +125,7 @@ return array(
 					'type' => 'option',
 					'default' => 'static',
 					'option_mode' => 'one',
-					'option_options' => array('static' => 'static', 'dynamic' => 'dynamic'),
+					'option_options' => array('static' => 'static', 'dynamic' => 'dynamic', 'ondemand' => 'ondemand'),
 					'save_method' => 'storeSettingField',
 					),
 				'system_phpfpm_max_children' => array(
@@ -153,6 +168,14 @@ return array(
 					'default' => 0,
 					'save_method' => 'storeSettingField',
 					),
+				'system_phpfpm_idle_timeout' => array(
+					'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'idle_timeout',
+					'type' => 'int',
+					'default' => 30,
+					'save_method' => 'storeSettingField'
+					),
 				),
 			),
 		),
--- a/actions/admin/settings/150.mail.php
+++ b/actions/admin/settings/150.mail.php
@@ -51,6 +51,16 @@ return array(
 					'default' => '/var/customers/mail/',
 					'save_method' => 'storeSettingField',
 					),
+				'system_vmail_maildirname' => array(
+					'label' => $lng['serversettings']['vmail_maildirname'],
+					'settinggroup' => 'system',
+					'varname' => 'vmail_maildirname',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => 'Maildir',
+					'string_emptyallowed' => true,
+					'save_method' => 'storeSettingField',
+					),
 				'panel_sendalternativemail' => array(
 					'label' => $lng['serversettings']['sendalternativemail'],
 					'settinggroup' => 'panel',
@@ -90,9 +100,17 @@ return array(
 					'type' => 'hidden',
 					'default' => 0,
 					),
+				'system_catchall_enabled' => array(
+					'label' => $lng['serversettings']['catchall_enabled'],
+					'settinggroup' => 'catchall',
+					'varname' => 'catchall_enabled',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingResetCatchall',
+					),
 				),
 			),
 		),
 	);

-?>
+?>
--- a/actions/admin/settings/160.nameserver.php
+++ b/actions/admin/settings/160.nameserver.php
@@ -22,6 +22,15 @@ return array(
 		'nameserver' => array(
 			'title' => $lng['admin']['nameserversettings'],
 			'fields' => array(
+				'nameserver_enable' => array(
+					'label' => $lng['serversettings']['bindenable'],
+					'settinggroup' => 'system',
+					'varname' => 'bind_enable',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					'overview_option' => true
+					),
 				'system_bindconf_directory' => array(
 					'label' => $lng['serversettings']['bindconf_directory'],
 					'settinggroup' => 'system',
@@ -59,6 +68,16 @@ return array(
 					'default' => '',
 					'save_method' => 'storeSettingField',
 					),
+				'system_axfrservers' => array(
+					'label' => $lng['serversettings']['axfrservers'],
+					'settinggroup' => 'system',
+					'varname' => 'axfrservers',
+					'type' => 'string',
+					'string_type' => 'validate_ip',
+					'string_emptyallowed' => true,
+					'default' => '',
+					'save_method' => 'storeSettingField',
+				),
 				'system_dns_createmailentry' => array(
 					'label' => $lng['serversettings']['mail_also_with_mxservers'],
 					'settinggroup' => 'system',
--- a/actions/admin/settings/180.dkim.php
+++ b/actions/admin/settings/180.dkim.php
@@ -17,6 +17,8 @@
 *
 */

+global $settings;
+
 return array(
 	'groups' => array(
 		'dkim' => array(
@@ -79,7 +81,10 @@ return array(
 					'save_method' => 'storeSettingFieldInsertBindTask',
 					),
 				'dkim_keylength' => array(
-					'label' => $lng['dkim']['dkim_keylength'],
+					'label' => array(
+						'title' => $lng['dkim']['dkim_keylength']['title'], 
+						'description' => sprintf($lng['dkim']['dkim_keylength']['description'],$settings['dkim']['dkim_prefix'])
+					),
 					'settinggroup' => 'dkim',
 					'varname' => 'dkim_keylength',
 					'type' => 'option',
--- a/actions/admin/settings/190.ticket.php
+++ b/actions/admin/settings/190.ticket.php
@@ -133,7 +133,7 @@ return array(
 					'type' => 'option',
 					'default' => 2,
 					'option_mode' => 'one',
-					'option_options' => array(1 => $lng['ticket']['unf_high'], 2 => $lng['ticket']['unf_normal'], 3 => $lng['ticket']['unf_low']),
+					'option_options' => array(1 => $lng['ticket']['high'], 2 => $lng['ticket']['normal'], 3 => $lng['ticket']['low']),
 					'save_method' => 'storeSettingField', 
 					),
 				),
@@ -141,4 +141,4 @@ return array(
 		)
 	);

-?>
+?>
--- a/actions/admin/settings/200.aps.php
+++ b/actions/admin/settings/200.aps.php
@@ -59,7 +59,7 @@ return array(
 					'type' => 'option',
 					'default' => '',
 					'option_mode' => 'multiple',
-					'option_options' => array('gd' => 'GD Library', 'pcre' => 'PCRE', 'ioncube' => 'ionCube', 'ioncube loader' => 'ionCube Loader', 'curl' => 'curl', 'mcrypt' => 'mcrypt', 'imap' => 'imap', 'json' => 'json', 'ldap' => 'LDAP', 'hash' => 'hash', 'mbstring' => 'mbstring'),
+					'option_options' => array('gd' => 'GD Library', 'pcre' => 'PCRE', 'ioncube' => 'ionCube', 'ioncube loader' => 'ionCube Loader', 'curl' => 'curl', 'mcrypt' => 'mcrypt', 'imap' => 'imap', 'json' => 'json', 'ldap' => 'LDAP', 'hash' => 'hash', 'mbstring' => 'mbstring', 'Zend Optimizer' => 'Zend Guard'),
 					'save_method' => 'storeSettingApsPhpExtensions',
 					),
 				'aps_php-function' => array(
--- a/actions/admin/settings/210.security.php
+++ b/actions/admin/settings/210.security.php
@@ -38,9 +38,17 @@ return array(
 					'default' => true,
 					'save_method' => 'storeSettingField',
 					),
-				),
-			),
-		),
+				'system_passwordcryptfunc' => array(
+					'label' => $lng['serversettings']['passwordcryptfunc'],
+					'settinggroup' => 'system',
+					'varname' => 'passwordcryptfunc',
+					'type' => 'option',
+					'default' => 0,
+					'option_mode' => 'one',
+					'option_options' => array(0 => $lng['serversettings']['systemdefault'], 1 => 'MD5', 2 => 'BLOWFISH', 3 => 'SHA-256', 4 => 'SHA-512'),
+					'save_method' => 'storeSettingField',
+					)
+				)
+			)
+		)
 	);
-
-?>
--- a/actions/admin/settings/215.backup.php
+++ b/actions/admin/settings/215.backup.php
@@ -28,6 +28,7 @@ return array(
 					'varname' => 'backup_enabled',
 					'type' => 'bool',
 					'default' => false,
+					'cronmodule' => 'froxlor/backup',
 					'save_method' => 'storeSettingField',
 					'overview_option' => true
 				),
@@ -38,7 +39,7 @@ return array(
 					'type' => 'string',
 					'string_type' => 'dir',
 					'default' => '/var/customers/backups/',
-					'string_regexp' => '/^/.*/$/',
+					'string_regexp' => '#^/.*/$#',
 					'save_method' => 'storeSettingField',
 				),
 				'backup_mysqldump_path' => array(
@@ -96,7 +97,7 @@ return array(
 					'label' => $lng['serversettings']['backup_ftp_pass'],
 					'settinggroup' => 'system',
 					'varname' => 'backup_ftp_pass',
-					'type' => 'string',
+					'type' => 'hiddenstring',
 					'default' => '',
 					'save_method' => 'storeSettingField',
 				),
--- a/actions/admin/settings/220.quota.php
+++ b/actions/admin/settings/220.quota.php
@@ -1,7 +1,7 @@
 <?php
 /**
 * This file is part of the Froxlor project.
- * Copyright (c) 2011 the Froxlor Team (see authors).
+ * Copyright (c) 2011- the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
 * file that was distributed with this source code. You can also view the
--- a/admin_admins.php
+++ b/admin_admins.php
@@ -47,26 +47,6 @@ if($page == 'admins'
 			'diskspace_used' => $lng['customer']['diskspace'] . ' (' . $lng['panel']['used'] . ')',
 			'traffic' => $lng['customer']['traffic'],
 			'traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')',
-/*
-			'mysqls' => $lng['customer']['mysqls'],
-			'mysqls_used' => $lng['customer']['mysqls'] . ' (' . $lng['panel']['used'] . ')',
-			'ftps' => $lng['customer']['ftps'],
-			'ftps_used' => $lng['customer']['ftps'] . ' (' . $lng['panel']['used'] . ')',
-			'tickets' => $lng['customer']['tickets'],
-			'tickets_used' => $lng['customer']['tickets'] . ' (' . $lng['panel']['used'] . ')',
-			'subdomains' => $lng['customer']['subdomains'],
-			'subdomains_used' => $lng['customer']['subdomains'] . ' (' . $lng['panel']['used'] . ')',
-			'emails' => $lng['customer']['emails'],
-			'emails_used' => $lng['customer']['emails'] . ' (' . $lng['panel']['used'] . ')',
-			'email_accounts' => $lng['customer']['accounts'],
-			'email_accounts_used' => $lng['customer']['accounts'] . ' (' . $lng['panel']['used'] . ')',
-			'email_forwarders' => $lng['customer']['forwarders'],
-			'email_forwarders_used' => $lng['customer']['forwarders'] . ' (' . $lng['panel']['used'] . ')',
-			'email_quota' => $lng['customer']['email_quota'],
-			'email_quota_used' => $lng['customer']['email_quota'] . ' (' . $lng['panel']['used'] . ')',
-			'email_autoresponder' => $lng['customer']['autoresponder'],
-			'email_autoresponder_used' => $lng['customer']['autoresponder'] . ' (' . $lng['panel']['used'] . ')',
-*/
 			'deactivated' => $lng['admin']['deactivated']
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_ADMINS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
@@ -92,13 +72,23 @@ if($page == 'admins'
 				/**
 				 * percent-values for progressbar
 				 */
-				if($row['diskspace'] > 0) {
-					$percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
-					$doublepercent = round($percent*2, 2);
-				} else {
-					$percent = 0;
-					$doublepercent = 0;
-				}
+                                //For Disk usage
+                                if ($row['diskspace'] > 0) {
+                                        $disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
+                                        $disk_doublepercent = round($disk_percent*2, 2);
+                                } else {
+                                        $disk_percent = 0;
+                                        $disk_doublepercent = 0;
+                                }
+
+				//For Traffic usage
+                                if ($row['traffic'] > 0) {
+                                        $traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 2);
+                                        $traffic_doublepercent = round($traffic_percent*2, 2);
+                                } else {
+                                        $traffic_percent = 0;
+                                        $traffic_doublepercent = 0;
+                                }
 				/* */

 				$row = str_replace_array('-1', 'UL', $row, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps subdomains tickets');
@@ -281,7 +271,7 @@ if($page == 'admins'
 					$number_of_aps_packages = - 1;
 				}

-				$can_manage_aps_packages = intval($_POST['can_manage_aps_packages']);
+				$can_manage_aps_packages = isset($_POST['can_manage_aps_packages']) ? 1 : 0;
 			}
 			else
 			{
@@ -319,6 +309,10 @@ if($page == 'admins'
 				$traffic = - 1;
 			}

+			$tickets_see_all = 0;
+			if(isset($_POST['tickets_see_all']))
+				$tickets_see_all = intval($_POST['tickets_see_all']);
+
 			$diskspace = $diskspace * 1024;
 			$traffic = $traffic * 1024 * 1024;
 			$ipaddress = intval_ressource($_POST['ipaddress']);
@@ -386,6 +380,10 @@ if($page == 'admins'
 					$change_serversettings = '0';
 				}

+				if ($tickets_see_all != '1') {
+					$tickets_see_all  = '0';
+				}
+
 				$_theme = $settings['panel']['default_theme'];

 				$result = $db->query("INSERT INTO 
@@ -411,6 +409,7 @@ if($page == 'admins'
 					`email_quota` = '" . $db->escape($email_quota) . "', 
 					`ftps` = '" . $db->escape($ftps) . "', 
 					`tickets` = '" . $db->escape($tickets) . "', 
+					`tickets_see_all` = '" . $db->escape($tickets_see_all) . "',
 					`mysqls` = '" . $db->escape($mysqls) . "', 
 					`ip` = '" . (int)$ipaddress . "', 
 					`can_manage_aps_packages` = '" . (int)$can_manage_aps_packages . "', 
@@ -463,11 +462,13 @@ if($page == 'admins'
 			$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
-			#$change_serversettings = makeyesno('change_serversettings', '1', '0', '0');
-			#$customers_see_all = makeyesno('customers_see_all', '1', '0', '0');
-			#$domains_see_all = makeyesno('domains_see_all', '1', '0', '0');
-			#$caneditphpsettings = makeyesno('caneditphpsettings', '1', '0', '0');
-			#$can_manage_aps_packages = makeyesno('can_manage_aps_packages', '1', '0', '0');
+			/*
+			$change_serversettings = makeyesno('change_serversettings', '1', '0', '0');
+			$customers_see_all = makeyesno('customers_see_all', '1', '0', '0');
+			$domains_see_all = makeyesno('domains_see_all', '1', '0', '0');
+			$caneditphpsettings = makeyesno('caneditphpsettings', '1', '0', '0');
+			$can_manage_aps_packages = makeyesno('can_manage_aps_packages', '1', '0', '0');
+			*/
 			$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);

 			$admin_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/admin/formfield.admin_add.php';
@@ -508,6 +509,7 @@ if($page == 'admins'
 					$ftps = $result['ftps'];
 					$tickets = $result['tickets'];
 					$mysqls = $result['mysqls'];
+					$tickets_see_all = $result['tickets_see_all'];
 					$customers_see_all = $result['customers_see_all'];
 					$domains_see_all = $result['domains_see_all'];
 					$caneditphpsettings = $result['caneditphpsettings'];
@@ -522,114 +524,85 @@ if($page == 'admins'
 				{
 					$password = validate($_POST['admin_password'], 'new password');
 					$def_language = validate($_POST['def_language'], 'default language');
-					$deactivated = intval($_POST['deactivated']);
-					$customers = intval_ressource($_POST['customers']);
+					$deactivated = isset($_POST['deactivated']) ? 1 : 0;

-					if(isset($_POST['customers_ul']))
-					{
-						$customers = - 1;
+					$customers = intval_ressource($_POST['customers']);
+					if (isset($_POST['customers_ul'])) {
+						$customers = -1;
 					}

 					$domains = intval_ressource($_POST['domains']);
-
-					if(isset($_POST['domains_ul']))
-					{
-						$domains = - 1;
+					if (isset($_POST['domains_ul'])) {
+						$domains = -1;
 					}

 					$subdomains = intval_ressource($_POST['subdomains']);
-
-					if(isset($_POST['subdomains_ul']))
-					{
-						$subdomains = - 1;
+					if (isset($_POST['subdomains_ul'])) {
+						$subdomains = -1;
 					}

 					$emails = intval_ressource($_POST['emails']);
-
-					if(isset($_POST['emails_ul']))
-					{
-						$emails = - 1;
+					if (isset($_POST['emails_ul'])) {
+						$emails = -1;
 					}

 					$email_accounts = intval_ressource($_POST['email_accounts']);
-
-					if(isset($_POST['email_accounts_ul']))
-					{
-						$email_accounts = - 1;
+					if (isset($_POST['email_accounts_ul'])) {
+						$email_accounts = -1;
 					}

 					$email_forwarders = intval_ressource($_POST['email_forwarders']);
-
-					if(isset($_POST['email_forwarders_ul']))
-					{
-						$email_forwarders = - 1;
+					if (isset($_POST['email_forwarders_ul'])) {
+						$email_forwarders = -1;
 					}

-					if($settings['system']['mail_quota_enabled'] == '1')
-					{
+					if ($settings['system']['mail_quota_enabled'] == '1') {
 						$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
-
-						if(isset($_POST['email_quota_ul']))
-						{
-							$email_quota = - 1;
+						if (isset($_POST['email_quota_ul'])) {
+							$email_quota = -1;
 						}
-					}
-					else
-					{
-						$email_quota = - 1;
+					} else {
+						$email_quota = -1;
 					}

-					if($settings['autoresponder']['autoresponder_active'] == '1')
-					{
+					if ($settings['autoresponder']['autoresponder_active'] == '1') {
 						$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
-
-						if(isset($_POST['email_autoresponder_ul']))
-						{
-							$email_autoresponder = - 1;
+						if (isset($_POST['email_autoresponder_ul'])) {
+							$email_autoresponder = -1;
 						}
-					}
-					else
-					{
+					} else {
 						$email_autoresponder = 0;
 					}

 					$ftps = intval_ressource($_POST['ftps']);
-
-					if(isset($_POST['ftps_ul']))
-					{
-						$ftps = - 1;
+					if (isset($_POST['ftps_ul'])) {
+						$ftps = -1;
 					}
 					
-					if($settings['ticket']['enabled'] == 1)
-					{
+					if ($settings['ticket']['enabled'] == 1) {
 						$tickets = intval_ressource($_POST['tickets']);
-
-						if(isset($_POST['tickets_ul']))
-						{
-							$tickets = - 1;
+						if (isset($_POST['tickets_ul'])) {
+							$tickets = -1;
 						}
-					}
-					else
-					{
+					} else {
 						$tickets = 0;
 					}

 					$mysqls = intval_ressource($_POST['mysqls']);
-
-					if(isset($_POST['mysqls_ul']))
-					{
+					if (isset($_POST['mysqls_ul'])) {
 						$mysqls = - 1;
 					}

-					$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
-
-					if(isset($_POST['number_of_aps_packages_ul']))
-					{
-						$number_of_aps_packages = - 1;
+					if ($settings['aps']['aps_active'] == '1') {
+						$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
+						if (isset($_POST['number_of_aps_packages_ul'])) {
+							$number_of_aps_packages = -1;
+						}
+						$can_manage_aps_packages = isset($_POST['can_manage_aps_packages']) ? 1 : 0;
+					} else {
+						$number_of_aps_packages = 0;
 					}

-					$can_manage_aps_packages = intval($_POST['can_manage_aps_packages']);
-
 					$customers_see_all = 0;
 					if(isset($_POST['customers_see_all']))
 						$customers_see_all = intval($_POST['customers_see_all']);
@@ -641,23 +614,23 @@ if($page == 'admins'
 					$caneditphpsettings = 0;
 					if(isset($_POST['caneditphpsettings']))
 						$caneditphpsettings = intval($_POST['caneditphpsettings']);
-					
+
 					$change_serversettings = 0;
 					if(isset($_POST['change_serversettings']))
-						$change_serversettings = intval($_POST['change_serversettings']);
-					
-					$diskspace = intval($_POST['diskspace']);
+						$change_serversettings = isset($_POST['change_serversettings']) ? 1 : 0;

-					if(isset($_POST['diskspace_ul']))
-					{
-						$diskspace = - 1;
+					$tickets_see_all = 0;
+					if (isset($_POST['tickets_see_all']))
+						$tickets_see_all = intval($_POST['tickets_see_all']);
+
+					$diskspace = intval($_POST['diskspace']);
+					if (isset($_POST['diskspace_ul'])) {
+						$diskspace = -1;
 					}

 					$traffic = doubleval_ressource($_POST['traffic']);
-
-					if(isset($_POST['traffic_ul']))
-					{
-						$traffic = - 1;
+					if (isset($_POST['traffic_ul'])) {
+						$traffic = -1;
 					}

 					$diskspace = $diskspace * 1024;
@@ -714,7 +687,88 @@ if($page == 'admins'
 						$change_serversettings = '0';
 					}

-					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `name`='" . $db->escape($name) . "', `email`='" . $db->escape($email) . "', `def_language`='" . $db->escape($def_language) . "', `change_serversettings` = '" . $db->escape($change_serversettings) . "', `customers` = '" . $db->escape($customers) . "', `customers_see_all` = '" . $db->escape($customers_see_all) . "', `domains` = '" . $db->escape($domains) . "', `domains_see_all` = '" . $db->escape($domains_see_all) . "', `caneditphpsettings` = '" . (int)$caneditphpsettings . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `email_quota`='" . $db->escape($email_quota) . "', `email_autoresponder`='" . $db->escape($email_autoresponder) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `ip`='" . (int)$ipaddress . "', `deactivated`='" . $db->escape($deactivated) . "', `can_manage_aps_packages`=" . (int)$can_manage_aps_packages . ", `aps_packages`=" . (int)$number_of_aps_packages . " WHERE `adminid`='" . $db->escape($id) . "'");
+					if ($tickets_see_all != '1') {
+						$tickets_see_all = '0';
+					}
+
+					// check if a resource was set to something lower
+					// than actually used by the admin/reseller
+					$res_warning = "";
+					if ($customers != $result['customers'] && $customers < $result['customers_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'customers');
+					}
+					if ($domains != $result['domains'] && $domains < $result['domains_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'domains');
+					}
+					if ($diskspace != $result['diskspace'] && ($diskspace / 1024) != -1 && $diskspace < $result['diskspace_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'diskspace');
+					}
+					if ($traffic != $result['traffic'] && ($traffic / 1024 / 1024) != -1 && $traffic < $result['traffic_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'traffic');
+					}
+					if ($emails != $result['emails'] && $emails < $result['emails_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'emails');
+					}
+					if ($email_accounts != $result['email_accounts'] && $email_accounts < $result['email_accounts_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email accounts');
+					}
+					if ($email_forwarders != $result['email_forwarders'] && $email_forwarders < $result['email_forwarders_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email forwarders');
+					}
+					if ($email_quota != $result['email_quota'] && $email_quota < $result['email_quota_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email quota');
+					}
+					if ($email_autoresponder != $result['email_autoresponder'] && $email_autoresponder < $result['email_autoresponder_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email autoresponder');
+					}
+					if ($ftps != $result['ftps'] && $ftps < $result['ftps_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'ftps');
+					}
+					if ($tickets != $result['tickets'] && $tickets < $result['tickets_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'tickets');
+					}
+					if ($mysqls != $result['mysqls'] && $mysqls < $result['mysqls_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'mysqls');
+					}
+					if ($number_of_aps_packages != $result['aps_packages'] && $number_of_aps_packages < $result['aps_packages_used']) {
+						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'aps packages');
+					}
+
+					if ($res_warning != "") {
+						$link = '';
+						$error = $res_warning;
+						eval("echo \"" . getTemplate('misc/error', '1') . "\";");
+						exit;
+					}
+
+					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET
+						`name`='" . $db->escape($name) . "',
+						`email`='" . $db->escape($email) . "',
+						`def_language`='" . $db->escape($def_language) . "',
+						`change_serversettings` = '" . $db->escape($change_serversettings) . "',
+						`customers` = '" . $db->escape($customers) . "',
+						`customers_see_all` = '" . $db->escape($customers_see_all) . "',
+						`domains` = '" . $db->escape($domains) . "',
+						`domains_see_all` = '" . $db->escape($domains_see_all) . "',
+						`caneditphpsettings` = '" . (int)$caneditphpsettings . "',
+						`password` = '" . $password . "',
+						`diskspace`='" . $db->escape($diskspace) . "',
+						`traffic`='" . $db->escape($traffic) . "',
+						`subdomains`='" . $db->escape($subdomains) . "',
+						`emails`='" . $db->escape($emails) . "',
+						`email_accounts` = '" . $db->escape($email_accounts) . "',
+						`email_forwarders`='" . $db->escape($email_forwarders) . "',
+						`email_quota`='" . $db->escape($email_quota) . "',
+						`email_autoresponder`='" . $db->escape($email_autoresponder) . "',
+						`ftps`='" . $db->escape($ftps) . "',
+						`tickets`='" . $db->escape($tickets) . "',
+						`tickets_see_all`='".$db->escape($tickets_see_all) . "',
+						`mysqls`='" . $db->escape($mysqls) . "',
+						`ip`='" . (int)$ipaddress . "',
+						`deactivated`='" . $db->escape($deactivated) . "',
+						`can_manage_aps_packages`=" . (int)$can_manage_aps_packages . ",
+						`aps_packages`=" . (int)$number_of_aps_packages . "
+						 WHERE `adminid`='" . $db->escape($id) . "'");
 					$log->logAction(ADM_ACTION, LOG_INFO, "edited admin '#" . $id . "'");
 					$redirect_props = Array(
 						'page' => $page,
@@ -852,13 +906,14 @@ if($page == 'admins'
 					}
 				}

-				#$change_serversettings = makeyesno('change_serversettings', '1', '0', $result['change_serversettings']);
-				#$customers_see_all = makeyesno('customers_see_all', '1', '0', $result['customers_see_all']);
-				#$domains_see_all = makeyesno('domains_see_all', '1', '0', $result['domains_see_all']);
-				#$caneditphpsettings = makeyesno('caneditphpsettings', '1', '0', $result['caneditphpsettings']);
-				#$deactivated = makeyesno('deactivated', '1', '0', $result['deactivated']);
-				#$can_manage_aps_packages = makeyesno('can_manage_aps_packages', '1', '0', $result['can_manage_aps_packages']);
-
+				/*
+				$change_serversettings = makeyesno('change_serversettings', '1', '0', $result['change_serversettings']);
+				$customers_see_all = makeyesno('customers_see_all', '1', '0', $result['customers_see_all']);
+				$domains_see_all = makeyesno('domains_see_all', '1', '0', $result['domains_see_all']);
+				$caneditphpsettings = makeyesno('caneditphpsettings', '1', '0', $result['caneditphpsettings']);
+				$deactivated = makeyesno('deactivated', '1', '0', $result['deactivated']);
+				$can_manage_aps_packages = makeyesno('can_manage_aps_packages', '1', '0', $result['can_manage_aps_packages']);
+				*/
 				$result = htmlentities_array($result);

 				$admin_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/admin/formfield.admin_edit.php';
--- a/admin_configfiles.php
+++ b/admin_configfiles.php
@@ -98,7 +98,9 @@ if($userinfo['change_serversettings'] == '1')
 			'<SSLPROTOCOLS>' => ($settings['system']['use_ssl'] == '1') ? 'imaps pop3s' : '',
 			'<CUSTOMER_TMP>' => ($settings['system']['mod_fcgid_tmpdir'] != '') ? makeCorrectDir($settings['system']['mod_fcgid_tmpdir']) : '/tmp/',
 			'<BASE_PATH>' => makeCorrectDir(dirname(__FILE__)),
-			'<BIND_CONFIG_PATH>' => makeCorrectDir($settings['system']['bindconf_directory'])
+			'<BIND_CONFIG_PATH>' => makeCorrectDir($settings['system']['bindconf_directory']),
+			'<WEBSERVER_RELOAD_CMD>' => $settings['system']['apachereload_command'],
+			'<CUSTOMER_LOGS>' => makeCorrectDir($settings['system']['logfiles_directory'])
 		);
 		$files = '';
 		$configpage = '';
--- a/admin_cronjobs.php
+++ b/admin_cronjobs.php
@@ -16,24 +16,17 @@
 */

 define('AREA', 'admin');
+require_once('./lib/init.php');

-require_once("./lib/init.php");
-
-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif(isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'cronjobs'
-  || $page == 'overview')
-{
-	if($action == '')
-	{
-		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_cronjobs");
+if ($page == 'cronjobs' || $page == 'overview') {
+	if ($action == '') {
+		$log->logAction(ADM_ACTION, LOG_NOTICE, 'viewed admin_cronjobs');

 		$fields = array(
 			'c.lastrun' => $lng['cron']['lastrun'],
@@ -56,88 +49,65 @@ if($page == 'cronjobs'
 		$i = 0;
 		$count = 0;

-		while($row = $db->fetch_array($result))
-		{
-			if($paging->checkDisplay($i))
-			{
+		while ($row = $db->fetch_array($result)) {
+			if ($paging->checkDisplay($i)) {
 				$row = htmlentities_array($row);
-				
+
 				$row['lastrun'] = date('d.m.Y H:i', $row['lastrun']);
-				
-				if((int)$row['isactive'] == 1)
-				{
-					$row['isactive'] = $lng['panel']['yes'];
-				}
-				else
-				{
-					$row['isactive'] = $lng['panel']['no'];
-				}
-				
+				$row['isactive'] = ((int)$row['isactive'] == 1) ? $lng['panel']['yes'] : $lng['panel']['no'];
+
 				$description = $lng['crondesc'][$row['desc_lng_key']];
-				
-				eval("\$crons.=\"" . getTemplate("cronjobs/cronjobs_cronjob") . "\";");
+
+				eval("\$crons.=\"" . getTemplate('cronjobs/cronjobs_cronjob') . "\";");
 				$count++;
 			}

 			$i++;
 		}

-		eval("echo \"" . getTemplate("cronjobs/cronjobs") . "\";");
+		eval("echo \"" . getTemplate('cronjobs/cronjobs') . "\";");

-	}
-	elseif($action == 'new')
-	{
+	} elseif ($action == 'new') {
 		/*
 		 * @TODO later
 		 */
-	}
-	elseif($action == 'edit'
-	&& $id != 0)
-	{
+	} elseif ($action == 'edit' && $id != 0) {
 		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_CRONRUNS . "` WHERE `id`='" . (int)$id . "'");
-		
-		if ($result['cronfile'] != '')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
-				$isactive = intval($_POST['isactive']);
+		if ($result['cronfile'] != '') {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				$isactive = isset($_POST['isactive']) ? 1 : 0;
 				$interval_value = validate($_POST['interval_value'], 'interval_value', '/^([0-9]+)$/Di', 'stringisempty');
 				$interval_interval = validate($_POST['interval_interval'], 'interval_interval');
-				
-				if($isactive != 1)
-				{
+
+				if ($isactive != 1) {
 					$isactive = 0;
 				}
-				
-				$interval = $interval_value.' '.strtoupper($interval_interval);
-				
+
+				$interval = $interval_value . ' ' . strtoupper($interval_interval);
+
 				$db->query("UPDATE `" . TABLE_PANEL_CRONRUNS . "` 
 							SET `isactive` = '".(int)$isactive."',
 							`interval` = '".$interval."'
 							WHERE `id` = '" . (int)$id . "'");

 				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
-				#$isactive = makeyesno('isactive', '1', '0', $result['isactive']);
+			} else {
+				//$isactive = makeyesno('isactive', '1', '0', $result['isactive']);
 				// interval
 				$interval_nfo = explode(' ', $result['interval']);
 				$interval_value = $interval_nfo[0];

 				$interval_interval = '';
-				$interval_interval.= makeoption($lng['cronmgmt']['seconds'], 'SECOND', $interval_nfo[1]);
-				$interval_interval.= makeoption($lng['cronmgmt']['minutes'], 'MINUTE', $interval_nfo[1]);
-				$interval_interval.= makeoption($lng['cronmgmt']['hours'], 'HOUR', $interval_nfo[1]);
-				$interval_interval.= makeoption($lng['cronmgmt']['days'], 'DAY', $interval_nfo[1]);
-				$interval_interval.= makeoption($lng['cronmgmt']['weeks'], 'WEEK', $interval_nfo[1]);
-				$interval_interval.= makeoption($lng['cronmgmt']['months'], 'MONTH', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['seconds'], 'SECOND', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['minutes'], 'MINUTE', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['hours'], 'HOUR', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['days'], 'DAY', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['weeks'], 'WEEK', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['months'], 'MONTH', $interval_nfo[1]);
 				// end of interval
-				
+
 				$change_cronfile = false;
-				if (substr($result['module'], 0, strpos($result['module'], '/')) != 'froxlor')
-				{
+				if (substr($result['module'], 0, strpos($result['module'], '/')) != 'froxlor') {
 					$change_cronfile = true;
 				}

@@ -147,17 +117,13 @@ if($page == 'cronjobs'
 				$title = $cronjobs_edit_data['cronjobs_edit']['title'];
 				$image = $cronjobs_edit_data['cronjobs_edit']['image'];

-				eval("echo \"" . getTemplate("cronjobs/cronjob_edit") . "\";");
+				eval("echo \"" . getTemplate('cronjobs/cronjob_edit') . "\";");
 			}
 		}
 	}
-	elseif($action == 'delete'
-	&& $id != 0)
-	{
+	elseif ($action == 'delete' && $id != 0) {
 		/*
 		 * @TODO later
 		 */
 	}
 }
-
-?>
--- a/admin_customers.php
+++ b/admin_customers.php
@@ -48,52 +48,22 @@ if($page == 'customers'
 			'c.loginname' => $lng['login']['username'],
 			'a.loginname' => $lng['admin']['admin'],
 			'c.name' => $lng['customer']['name'],
+			'c.email' => $lng['customer']['email'],
 			'c.firstname' => $lng['customer']['firstname'],
 			'c.company' => $lng['customer']['company'],
 			'c.diskspace' => $lng['customer']['diskspace'],
 			'c.diskspace_used' => $lng['customer']['diskspace'] . ' (' . $lng['panel']['used'] . ')',
 			'c.traffic' => $lng['customer']['traffic'],
-			'c.traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')',
-			'c.backup_allowed' => $lng['backup_allowed']
-/*
-			'c.mysqls' => $lng['customer']['mysqls'],
-			'c.mysqls_used' => $lng['customer']['mysqls'] . ' (' . $lng['panel']['used'] . ')',
-			'c.ftps' => $lng['customer']['ftps'],
-			'c.ftps_used' => $lng['customer']['ftps'] . ' (' . $lng['panel']['used'] . ')',
-			'c.subdomains' => $lng['customer']['subdomains'],
-			'c.subdomains_used' => $lng['customer']['subdomains'] . ' (' . $lng['panel']['used'] . ')',
-			'c.emails' => $lng['customer']['emails'],
-			'c.emails_used' => $lng['customer']['emails'] . ' (' . $lng['panel']['used'] . ')',
-			'c.email_accounts' => $lng['customer']['accounts'],
-			'c.email_accounts_used' => $lng['customer']['accounts'] . ' (' . $lng['panel']['used'] . ')',
-			'c.email_forwarders' => $lng['customer']['forwarders'],
-			'c.email_forwarders_used' => $lng['customer']['forwarders'] . ' (' . $lng['panel']['used'] . ')',
-			'c.email_quota' => $lng['customer']['email_quota'],
-			'c.email_quota_used' => $lng['customer']['email_quota'] . ' (' . $lng['panel']['used'] . ')',
-			'c.deactivated' => $lng['admin']['deactivated'],
-			'c.lastlogin_succ' => $lng['admin']['lastlogin_succ'],
-			'c.phpenabled' => $lng['admin']['phpenabled'],
-			'c.perlenabled' => $lng['admin']['perlenabled']
-*/
+			'c.traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')'
 		);

-/*
-		if($settings['ticket']['enabled'] == 1)
-		{
-			$fields['c.tickets'] = $lng['customer']['tickets'];
-			$fields['c.tickets_used'] = $lng['customer']['tickets'] . ' (' . $lng['panel']['used'] . ')';
+		if ($settings['system']['backup_enabled'] == '1') {
+			$field['c.backup_allowed'] = $lng['backup_allowed'];
 		}

-		if($settings['autoresponder']['autoresponder_active'] == 1)
-		{
-			$fields['c.email_autoresponder'] = $lng['customer']['autoresponder'];
-			$fields['c.email_autoresponder_used'] = $lng['customer']['autoresponder'] . ' (' . $lng['panel']['used'] . ')';
-		}
-*/
-
 		$paging = new paging($userinfo, $db, TABLE_PANEL_CUSTOMERS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 		$customers = '';
-		$result = $db->query("SELECT `c`.*, `a`.`loginname` AS `adminname` " . "FROM `" . TABLE_PANEL_CUSTOMERS . "` `c`, `" . TABLE_PANEL_ADMINS . "` `a` " . "WHERE " . ($userinfo['customers_see_all'] ? '' : " `c`.`adminid` = '" . (int)$userinfo['adminid'] . "' AND ") . "`c`.`adminid`=`a`.`adminid` " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy(false) . " " . $paging->getSqlLimit());
+		$result = $db->query("SELECT `c`.*, `a`.`loginname` AS `adminname` " . "FROM `" . TABLE_PANEL_CUSTOMERS . "` `c`, `" . TABLE_PANEL_ADMINS . "` `a` " . "WHERE " . ($userinfo['customers_see_all'] ? '' : " `c`.`adminid` = '" . (int)$userinfo['adminid'] . "' AND ") . "`c`.`adminid`=`a`.`adminid` " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy($settings['panel']['natsorting']) . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng, true);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -117,21 +87,28 @@ if($page == 'customers'
 				/**
 				 * percent-values for progressbar
 				 */
+				//For Disk usage
 				if ($row['diskspace'] > 0) {
-					$percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
-					$doublepercent = round($percent*2, 2);
+					$disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
+					$disk_doublepercent = round($disk_percent*2, 2);
 				} else {
-					$percent = 0;
-					$doublepercent = 0;
+					$disk_percent = 0;
+					$disk_doublepercent = 0;
 				}

-				$column_style = '';
-				$unlock_link = '';
+				if ($row['traffic'] > 0) {
+					$traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 2);
+					$traffic_doublepercent = round($traffic_percent*2, 2);
+				} else {
+					$traffic_percent = 0;
+					$traffic_doublepercent = 0;
+				}
+
+				$islocked = 0;
 				if($row['loginfail_count'] >= $settings['login']['maxloginattempts']
 					&& $row['lastlogin_fail'] > (time() - $settings['login']['deactivatetime'])
 				) {
-					$column_style = ' style="background-color: #f99122;"';
-					$unlock_link = '<a href="'.$filename.'?s='.$s.'&amp;page='.$page.'&amp;action=unlock&amp;id='.$row['customerid'].'">'.$lng['panel']['unlock'].'</a><br />';
+					$islocked = 1;
 				}

 				$row = str_replace_array('-1', 'UL', $row, 'diskspace traffic mysqls emails email_accounts email_forwarders ftps tickets subdomains email_autoresponder');
@@ -154,11 +131,14 @@ if($page == 'customers'

 		if($destination_user != '')
 		{
+			if ($result['deactivated'] == '1') {
+				standard_error("usercurrentlydeactivated", $destination_user);
+			}
 			$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid`='" . (int)$userinfo['userid'] . "' AND `hash`='" . $db->escape($s) . "'");
 			$s = md5(uniqid(microtime(), 1));
 			$db->query("INSERT INTO `" . TABLE_PANEL_SESSIONS . "` (`hash`, `userid`, `ipaddress`, `useragent`, `lastactivity`, `language`, `adminsession`) VALUES ('" . $db->escape($s) . "', '" . (int)$id . "', '" . $db->escape($result['ipaddress']) . "', '" . $db->escape($result['useragent']) . "', '" . time() . "', '" . $db->escape($result['language']) . "', '0')");
 			$log->logAction(ADM_ACTION, LOG_INFO, "switched user and is now '" . $destination_user . "'");
-			redirectTo('customer_index.php', Array('s' => $s));
+			redirectTo('customer_index.php', Array('s' => $s), true);
 		}
 		else
 		{
@@ -202,7 +182,6 @@ if($page == 'customers'
 			{
 				$databases = $db->query("SELECT * FROM " . TABLE_PANEL_DATABASES . " WHERE customerid='" . (int)$id . "' ORDER BY `dbserver`");
 				$db_root = new db($sql_root[0]['host'], $sql_root[0]['user'], $sql_root[0]['password'], '');
-				unset($db_root->password);
 				$last_dbserver = 0;

 				while($row_database = $db->fetch_array($databases))
@@ -212,16 +191,20 @@ if($page == 'customers'
 						$db_root->query('FLUSH PRIVILEGES;');
 						$db_root->close();
 						$db_root = new db($sql_root[$row_database['dbserver']]['host'], $sql_root[$row_database['dbserver']]['user'], $sql_root[$row_database['dbserver']]['password'], '');
-						unset($db_root->password);
 						$last_dbserver = $row_database['dbserver'];
 					}

-					foreach(array_unique(explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host)
+					if(mysql_get_server_info() < '5.0.2') {
+						// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
+						$db_root->query('REVOKE ALL PRIVILEGES, GRANT OPTION FROM \'' . $db_root->escape($row_database['databasename']) .'\'',false,true);
+					}
+
+					$host_res = $db_root->query("SELECT `Host` FROM `mysql`.`user` WHERE `User`='" . $db_root->escape($row_database['databasename']) . "'");
+					while($host = $db_root->fetch_array($host_res))
 					{
-						$mysql_access_host = trim($mysql_access_host);
-						$db_root->query('REVOKE ALL PRIVILEGES ON * . * FROM `' . $db_root->escape($row_database['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
-						$db_root->query('REVOKE ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($row_database['databasename'])) . '` . * FROM `' . $db_root->escape($row_database['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
-						$db_root->query('DELETE FROM `mysql`.`user` WHERE `User` = "' . $db_root->escape($row_database['databasename']) . '" AND `Host` = "' . $db_root->escape($mysql_access_host) . '"');
+						// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
+						$db_root->query('DROP USER \'' . $db_root->escape($row_database['databasename']). '\'@\'' . $db_root->escape($host['Host']) . '\'', false, true);
+						
 					}

 					$db_root->query('DROP DATABASE IF EXISTS `' . $db_root->escape($row_database['databasename']) . '`');
@@ -297,7 +280,7 @@ if($page == 'customers'

 				if($result['email_autoresponder'] != '-1')
 				{
-					$admin_update_query.= ", `email_autoresponder` = `email_autoresponder` - 0" . (int)$result['email_autoresponder'];
+					$admin_update_query.= ", `email_autoresponder_used` = `email_autoresponder_used` - 0" . (int)$result['email_autoresponder'];
 				}

 				if($result['subdomains'] != '-1')
@@ -317,7 +300,7 @@ if($page == 'customers'

 				if($result['aps_packages'] != '-1')
 				{
-					$admin_update_query.= ", `aps_packages` = `aps_packages` - 0" . (int)$result['aps_packages'];
+					$admin_update_query.= ", `aps_packages_used` = `aps_packages_used` - 0" . (int)$result['aps_packages'];
 				}

 				if(($result['diskspace'] / 1024) != '-1')
@@ -329,19 +312,18 @@ if($page == 'customers'
 				$db->query($admin_update_query);
 				$log->logAction(ADM_ACTION, LOG_INFO, "deleted user '" . $result['loginname'] . "'");
 				inserttask('1');
+
+				// Using nameserver, insert a task which rebuilds the server config
 				inserttask('4');

-				if(isset($_POST['delete_userfiles'])
-				  && (int)$_POST['delete_userfiles'] == 1)
-				{
+				if (isset($_POST['delete_userfiles'])
+						&& (int)$_POST['delete_userfiles'] == 1
+				) {
 					inserttask('6', $result['loginname']);
 				}

-				# Using filesystem - quota, insert a task which cleans the filesystem - quota
-				if ($settings['system']['diskquota_enabled'])
-				{
-					inserttask('10');
-				}
+				// Using filesystem - quota, insert a task which cleans the filesystem - quota
+				inserttask('10');

 				/*
 				 * move old tickets to archive
@@ -611,6 +593,11 @@ if($page == 'customers'
 						{
 							standard_error('loginnameissystemaccount', $settings['customer']['accountprefix']);
 						}
+						
+						//Additional filtering for Bug #962
+						if(function_exists('posix_getpwnam') && !in_array("posix_getpwnam",explode(",",ini_get('disable_functions'))) && posix_getpwnam($loginname)) {
+							standard_error('loginnameissystemaccount', $settings['customer']['accountprefix']);
+						}
 					}
 					else
 					{
@@ -774,13 +761,10 @@ if($page == 'customers'
 					$log->logAction(ADM_ACTION, LOG_INFO, "added user '" . $loginname . "'");
 					inserttask('2', $loginname, $guid, $guid, $store_defaultindex);

-					# Using filesystem - quota, insert a task which cleans the filesystem - quota
-					if ($settings['system']['diskquota_enabled'])
-					{
-						inserttask('10');
-					}
-					// Add htpasswd for the webalizer stats
+					// Using filesystem - quota, insert a task which cleans the filesystem - quota
+					inserttask('10');

+					// Add htpasswd for the webalizer stats
 					if(CRYPT_STD_DES == 1)
 					{
 						$saltfordescrypt = substr(md5(uniqid(microtime(), 1)), 4, 2);
@@ -803,7 +787,8 @@ if($page == 'customers'
 					}

 					inserttask('1');
-					$result = $db->query("INSERT INTO `" . TABLE_FTP_USERS . "` " . "(`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', ENCRYPT('" . $db->escape($password) . "'), '" . $db->escape($documentroot) . "', 'y', '" . (int)$guid . "', '" . (int)$guid . "')");
+					$cryptPassword = makeCryptPassword($password);
+					$result = $db->query("INSERT INTO `" . TABLE_FTP_USERS . "` " . "(`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($cryptPassword) . "', '" . $db->escape($documentroot) . "', 'y', '" . (int)$guid . "', '" . (int)$guid . "')");
 					$result = $db->query("INSERT INTO `" . TABLE_FTP_GROUPS . "` " . "(`customerid`, `groupname`, `gid`, `members`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($guid) . "', '" . $db->escape($loginname) . "')");
 					$result = $db->query("INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` (`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`) VALUES ('" . $db->escape($loginname) . "', 'user', '0', '0', '0', '0', '0', '0')");
 					$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added ftp-account for user '" . $loginname . "'");
@@ -825,17 +810,21 @@ if($page == 'customers'
 							"`customerid` = '" . (int)$customerid . "', " .
 							"`adminid` = '" . (int)$userinfo['adminid'] . "', " .
 							"`parentdomainid` = '-1', " .
-							"`ipandport` = '" . $db->escape($settings['system']['defaultip']) . "', " .
 							"`documentroot` = '" . $db->escape($documentroot) . "', " .
 							"`zonefile` = '', " .
 							"`isemaildomain` = '0', " .
 							"`caneditdomain` = '0', " .
 							"`openbasedir` = '1', " .
-							"`safemode` = '1', " .
 							"`speciallogfile` = '0', " .
 							"`specialsettings` = '', " .
 							"`add_date` = '".date('Y-m-d')."'");
 						$domainid = $db->insert_id();
+						// set ip <-> domain connection
+						$db->query("INSERT INTO `".TABLE_DOMAINTOIP."` SET
+							`id_domain` = '".$domainid."',
+							`id_ipandports` = '".(int)$settings['system']['defaultip']."'"
+						);
+
 						$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `standardsubdomain`=\'' . (int)$domainid . '\' WHERE `customerid`=\'' . (int)$customerid . '\'');
 						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added standardsubdomain for user '" . $loginname . "'");
 						inserttask('1');
@@ -907,14 +896,6 @@ if($page == 'customers'
 				$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
-				#$createstdsubdomain = makeyesno('createstdsubdomain', '1', '0', '1');
-				#$email_imap = makeyesno('email_imap', '1', '0', '1');
-				#$email_pop3 = makeyesno('email_pop3', '1', '0', '1');
-				#$sendpassword = makeyesno('sendpassword', '1', '0', '1');
-				#$phpenabled = makeyesno('phpenabled', '1', '0', '1');
-				#$perlenabled = makeyesno('perlenabled', '1', '0', '0');
-				#$store_defaultindex = makeyesno('store_defaultindex', '1', '0', '1');
-				$backup_allowed = makeyesno('backup_allowed', '1', '0', '0');

 				$gender_options = makeoption($lng['gender']['undef'], 0, true, true, true);
 				$gender_options .= makeoption($lng['gender']['male'], 1, null, true, true);
@@ -1179,9 +1160,30 @@ if($page == 'customers'
 							$_stdsubdomain = $result['loginname'] . '.' . $settings['system']['hostname'];
 						}

-						$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` " . "(`domain`, `customerid`, `adminid`, `parentdomainid`, `ipandport`, `documentroot`, `zonefile`, `isemaildomain`, `caneditdomain`, `openbasedir`, `safemode`, `speciallogfile`, `specialsettings`, `add_date`) " . "VALUES ('" . $db->escape($_stdsubdomain) . "', '" . (int)$result['customerid'] . "', '" . (int)$userinfo['adminid'] . "', '-1', '" . $db->escape($settings['system']['defaultip']) . "', '" . $db->escape($result['documentroot']) . "', '', '0', '0', '1', '1', '0', '', '".date('Y-m-d')."')");
+						$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
+							`domain` = '" . $db->escape($_stdsubdomain) . "',
+							`customerid` = '" . (int)$result['customerid'] . "',
+							`adminid` = '" . (int)$userinfo['adminid'] . "',
+							`parentdomainid` = '-1',
+							`documentroot` = '" . $db->escape($result['documentroot']) . "',
+							`zonefile` = '',
+							`isemaildomain` = '0',
+							`caneditdomain` = '0',
+							`openbasedir` = '1',
+							`speciallogfile` = '0',
+							`specialsettings` = '',
+							`add_date` = '".date('Y-m-d')."'"
+						);
 						$domainid = $db->insert_id();
-						$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `standardsubdomain`=\'' . (int)$domainid . '\' WHERE `customerid`=\'' . (int)$result['customerid'] . '\'');
+						// set ip <-> domain connection
+						$db->query("INSERT INTO `".TABLE_DOMAINTOIP."` SET
+							`id_domain` = '".$domainid."',
+							`id_ipandports` = '".(int)$settings['system']['defaultip']."'"
+						);
+						$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
+							`standardsubdomain`='" . (int)$domainid . "'
+							 WHERE `customerid`='" . (int)$result['customerid'] . "'"
+						);
 						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added standardsubdomain for user '" . $result['loginname'] . "'");
 						inserttask('1');
 					}
@@ -1189,8 +1191,12 @@ if($page == 'customers'
 					if($createstdsubdomain == '0'
 					   && $result['standardsubdomain'] != '0')
 					{
-						$db->query('DELETE FROM `' . TABLE_PANEL_DOMAINS . '` WHERE `id`=\'' . (int)$result['standardsubdomain'] . '\'');
-						$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `standardsubdomain`=\'0\' WHERE `customerid`=\'' . (int)$result['customerid'] . '\'');
+						$db->query("DELETE FROM `" . TABLE_PANEL_DOMAINS . "`
+							WHERE `id`='" . (int)$result['standardsubdomain'] . "'");
+						$db->query("DELETE FROM `" . TABLE_DOMAINTOIP . "`
+							WHERE `id_domain`='" . (int)$result['standardsubdomain'] . "'");
+						$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
+							`standardsubdomain`= '0' WHERE `customerid`= '" . (int)$result['customerid'] . "'");
 						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically deleted standardsubdomain for user '" . $result['loginname'] . "'");
 						inserttask('1');
 					}
@@ -1218,14 +1224,13 @@ if($page == 'customers'

 					if($deactivated != $result['deactivated'])
 					{
-						$db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `postfix`='" . (($deactivated) ? 'N' : 'Y') . "', `pop3`='" . (($deactivated) ? '0' : '1') . "', `imap`='" . (($deactivated) ? '0' : '1') . "' WHERE `customerid`='" . (int)$id . "'");
+						$db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `postfix`='" . (($deactivated) ? 'N' : 'Y') . "', `pop3`='" . (($deactivated) ? '0' : (int)$result['pop3']) . "', `imap`='" . (($deactivated) ? '0' : (int)$result['imap']) . "' WHERE `customerid`='" . (int)$id . "'");
 						$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `login_enabled`='" . (($deactivated) ? 'N' : 'Y') . "' WHERE `customerid`='" . (int)$id . "'");
 						$db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `deactivated`='" . (int)$deactivated . "' WHERE `customerid`='" . (int)$id . "'");

 						/* Retrieve customer's databases */
 						$databases = $db->query("SELECT * FROM " . TABLE_PANEL_DATABASES . " WHERE customerid='" . (int)$id . "' ORDER BY `dbserver`");
 						$db_root = new db($sql_root[0]['host'], $sql_root[0]['user'], $sql_root[0]['password'], '');
-						unset($db_root->password);
 						$last_dbserver = 0;

 						/* For each of them */
@@ -1236,7 +1241,6 @@ if($page == 'customers'
 								$db_root->query('FLUSH PRIVILEGES;');
 								$db_root->close();
 								$db_root = new db($sql_root[$row_database['dbserver']]['host'], $sql_root[$row_database['dbserver']]['user'], $sql_root[$row_database['dbserver']]['password'], '');
-								unset($db_root->password);
 								$last_dbserver = $row_database['dbserver'];
 							}

@@ -1247,8 +1251,8 @@ if($page == 'customers'
 								/* Prevent access, if deactivated */
 								if($deactivated)
 								{
-									$db_root->query('REVOKE ALL PRIVILEGES ON * . * FROM `' . $db_root->escape($row_database['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
-									$db_root->query('REVOKE ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($row_database['databasename'])) . '` . * FROM `' . $db_root->escape($row_database['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
+									// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
+									$db_root->query('REVOKE ALL PRIVILEGES, GRANT OPTION FROM \'' . $db_root->escape($row_database['databasename']) .'\'',false,true);
 								}
 								else /* Otherwise grant access */
 								{
@@ -1284,11 +1288,8 @@ if($page == 'customers'
 					$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `name`='" . $db->escape($name) . "', `firstname`='" . $db->escape($firstname) . "', `gender`='" . $db->escape($gender) . "', `company`='" . $db->escape($company) . "', `street`='" . $db->escape($street) . "', `zipcode`='" . $db->escape($zipcode) . "', `city`='" . $db->escape($city) . "', `phone`='" . $db->escape($phone) . "', `fax`='" . $db->escape($fax) . "', `email`='" . $db->escape($email) . "', `customernumber`='" . $db->escape($customernumber) . "', `def_language`='" . $db->escape($def_language) . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `deactivated`='" . $db->escape($deactivated) . "', `phpenabled`='" . $db->escape($phpenabled) . "', `email_quota`='" . $db->escape($email_quota) . "', `imap`='" . $db->escape($email_imap) . "', `pop3`='" . $db->escape($email_pop3) . "', `aps_packages`='" . (int)$number_of_aps_packages . "', `perlenabled`='" . $db->escape($perlenabled) . "', `email_autoresponder`='" . $db->escape($email_autoresponder) . "', `backup_allowed`='" . $db->escape($backup_allowed) . "' WHERE `customerid`='" . (int)$id . "'");
 					$admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` ";

-					# Using filesystem - quota, insert a task which cleans the filesystem - quota
-					if ($settings['system']['diskquota_enabled'])
-					{
-						inserttask('10');
-					}
+					// Using filesystem - quota, insert a task which cleans the filesystem - quota
+					inserttask('10');

 					if($mysqls != '-1'
 					   || $result['mysqls'] != '-1')
@@ -1573,13 +1574,6 @@ if($page == 'customers'
 					$result['aps_packages'] = '';
 				}

-				#$createstdsubdomain = makeyesno('createstdsubdomain', '1', '0', (($result['standardsubdomain'] != '0') ? '1' : '0'));
-				#$phpenabled = makeyesno('phpenabled', '1', '0', $result['phpenabled']);
-				#$perlenabled = makeyesno('perlenabled', '1', '0', $result['perlenabled']);
-				#$deactivated = makeyesno('deactivated', '1', '0', $result['deactivated']);
-				#$email_imap = makeyesno('email_imap', '1', '0', $result['imap']);
-				#$email_pop3 = makeyesno('email_pop3', '1', '0', $result['pop3']);
-				$backup_allowed = makeyesno('backup_allowed', '1', '0', $result['backup_allowed']);
 				$result = htmlentities_array($result);

 				$gender_options = makeoption($lng['gender']['undef'], 0, ($result['gender'] == '0' ? true : false), true, true);
--- a/admin_domains.php
+++ b/admin_domains.php
@@ -47,8 +47,6 @@ if($page == 'domains'
 		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_domains");
 		$fields = array(
 			'd.domain' => $lng['domains']['domainname'],
-			'ip.ip' => $lng['admin']['ipsandports']['ip'],
-			'ip.port' => $lng['admin']['ipsandports']['port'],
 			'c.name' => $lng['customer']['name'],
 			'c.firstname' => $lng['customer']['firstname'],
 			'c.company' => $lng['customer']['company'],
@@ -57,7 +55,7 @@ if($page == 'domains'
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_DOMAINS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 		$domains = '';
-		$result = $db->query("SELECT `d`.*, `c`.`loginname`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`standardsubdomain`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`, `ip`.`id` AS `ipid`, `ip`.`ip`, `ip`.`port` " . "FROM `" . TABLE_PANEL_DOMAINS . "` `d` " . "LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) " . "LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id` " . "LEFT JOIN `" . TABLE_PANEL_IPSANDPORTS . "` `ip` ON (`d`.`ipandport` = `ip`.`id`) " . "WHERE `d`.`parentdomainid`='0' " . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = '" . (int)$userinfo['adminid'] . "' ") . " " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		$result = $db->query("SELECT `d`.*, `c`.`loginname`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`standardsubdomain`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain` " . "FROM `" . TABLE_PANEL_DOMAINS . "` `d` " . "LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) " . "LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id` WHERE `d`.`parentdomainid`='0' " . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = '" . (int)$userinfo['adminid'] . "' ") . " " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -70,14 +68,21 @@ if($page == 'domains'
 			$row['domain'] = $idna_convert->decode($row['domain']);
 			$row['aliasdomain'] = $idna_convert->decode($row['aliasdomain']);

-			if(filter_var($row['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
+			$resultips = $db->query("SELECT `ips`.* FROM `".TABLE_DOMAINTOIP . "` AS `dti`, `".TABLE_PANEL_IPSANDPORTS."` AS `ips` WHERE `dti`.`id_ipandports` = `ips`.`id` AND `dti`.`id_domain` = " . (int)$row['id']);
+
+			$row['ipandport'] = '';
+			while ($rowip = $db->fetch_array($resultips))
 			{
-				$row['ipandport'] = '[' . $row['ip'] . ']:' . $row['port'];
-			}
-			else
-			{
-				$row['ipandport'] = $row['ip'] . ':' . $row['port'];
+				if(filter_var($rowip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
+				{
+					$row['ipandport'] .= '[' . $rowip['ip'] . ']:' . $rowip['port'] . "\n";
+				}
+				else
+				{
+					$row['ipandport'] .= $rowip['ip'] . ':' . $rowip['port'] . "\n";
+				}
 			}
+			$row['ipandport'] = substr($row['ipandport'], 0, -1);

 			if(!isset($domain_array[$row['domain']]))
 			{
@@ -123,6 +128,8 @@ if($page == 'domains'
 			{
 				$row['customername'] = getCorrectFullUserDetails($row);
 				$row = htmlentities_array($row);
+				// display a nice list of IP's
+				$row['ipandport'] = str_replace("\n", "<br />", $row['ipandport']);
 				eval("\$domains.=\"" . getTemplate("domains/domains_domain") . "\";");
 				$count++;
 			}
@@ -190,11 +197,15 @@ if($page == 'domains'
 				$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `subdomains_used` = `subdomains_used` - " . (int)($deleted_domains - 1) . " WHERE `customerid` = '" . (int)$result['customerid'] . "'");
 				$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` - 1 WHERE `adminid` = '" . (int)$userinfo['adminid'] . "'");
 				$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `standardsubdomain`=\'0\' WHERE `standardsubdomain`=\'' . (int)$result['id'] . '\' AND `customerid`=\'' . (int)$result['customerid'] . '\'');
+				$db->query("DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = '" . (int)$id . "'");
 				$db->query("DELETE FROM `" . TABLE_PANEL_DOMAINREDIRECTS . "` WHERE `did` = '".(int)$id."'");
 				$log->logAction(ADM_ACTION, LOG_INFO, "deleted domain/subdomains (#" . $result['id'] . ")");
 				updateCounters();
 				inserttask('1');
+
+				// Using nameserver, insert a task which rebuilds the server config
 				inserttask('4');
+
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
 			elseif ($alias_check['count'] > 0) {
@@ -236,9 +247,9 @@ if($page == 'domains'
 				if(isset($_POST['email_only']))
 					$email_only = intval($_POST['email_only']);

-				$wwwserveralias = 0;
-				if(isset($_POST['wwwserveralias']))
-					$wwwserveralias = intval($_POST['wwwserveralias']);
+				$serveraliasoption = 0;
+				if(isset($_POST['selectserveralias']))
+					$serveraliasoption = intval($_POST['selectserveralias']);

 				$speciallogfile = 0;
 				if(isset($_POST['speciallogfile']))
@@ -278,9 +289,16 @@ if($page == 'domains'

 				if($userinfo['change_serversettings'] == '1')
 				{
-					$isbinddomain = intval($_POST['isbinddomain']);
-					$caneditdomain = intval($_POST['caneditdomain']);
-					$zonefile = validate($_POST['zonefile'], 'zonefile');
+					$caneditdomain = isset($_POST['caneditdomain']) ? intval($_POST['caneditdomain']) : 0;
+
+					$isbinddomain = '0';
+					$zonefile = '';
+					if ($settings['system']['bind_enable'] == '1') {
+						if (isset($_POST['isbinddomain'])) {
+							$isbinddomain = intval($_POST['isbinddomain']);
+						}
+						$zonefile = validate($_POST['zonefile'], 'zonefile');
+					}

 					if(isset($_POST['dkim']))
 					{
@@ -294,11 +312,13 @@ if($page == 'domains'
 					$specialsettings = validate(str_replace("\r\n", "\n", $_POST['specialsettings']), 'specialsettings', '/^[^\0]*$/');
 					validate($_POST['documentroot'], 'documentroot');

+					// If path is empty and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
+					// set default path to subdomain or domain name
 					if(isset($_POST['documentroot'])
-					   && $_POST['documentroot'] != '')
+						&& ($_POST['documentroot'] != ''))
 					{
 						if(substr($_POST['documentroot'], 0, 1) != '/'
-						   && !preg_match('/^https?\:\/\//', $_POST['documentroot']))
+							&& !preg_match('/^https?\:\/\//', $_POST['documentroot']))
 						{
 							$documentroot.= '/' . $_POST['documentroot'];
 						}
@@ -307,10 +327,19 @@ if($page == 'domains'
 							$documentroot = $_POST['documentroot'];
 						}
 					}
+					elseif (isset($_POST['documentroot'])
+						&& ($_POST['documentroot'] == '') 
+						&& ($settings['system']['documentroot_use_default_value'] == 1))
+					{
+						$documentroot = makeCorrectDir($customer['documentroot'] . '/' . $domain);
+					}
 				}
 				else
 				{
-					$isbinddomain = '1';
+					$isbinddomain = '0';
+					if ($settings['system']['bind_enable'] == '1') {
+						$isbinddomain = '1';
+					}
 					$caneditdomain = '1';
 					$zonefile = '';
 					$dkim = '1';
@@ -320,10 +349,9 @@ if($page == 'domains'
 				if($userinfo['caneditphpsettings'] == '1'
 				   || $userinfo['change_serversettings'] == '1')
 				{
-					$openbasedir = intval($_POST['openbasedir']);
-					$safemode = intval($_POST['safemode']);
+					$openbasedir = isset($_POST['openbasedir']) ? intval($_POST['openbasedir']) : 0;

-					if((int)$settings['system']['mod_fcgid'] == 1)
+					if((int)$settings['system']['mod_fcgid'] == 1 || (int)$settings['phpfpm']['enabled'] == 1)
 					{
 						$phpsettingid = (int)$_POST['phpsettingid'];
 						$phpsettingid_check = $db->query_first("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = " . (int)$phpsettingid);
@@ -335,12 +363,21 @@ if($page == 'domains'
 							standard_error('phpsettingidwrong');
 						}

-						$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
-						$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
+						if( (int)$settings['system']['mod_fcgid'] == 1) {
+							$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
+							$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
+						} else {
+							$mod_fcgid_starter = '-1';
+							$mod_fcgid_maxrequests = '-1';
+						}
 					}
 					else
 					{
-						$phpsettingid = $settings['system']['mod_fcgid_defaultini'];
+						if ((int)$settings['phpfpm']['enabled'] == 1) {
+							$phpsettingid = $settings['phpfpm']['defaultini'];
+						} else {
+							$phpsettingid = $settings['system']['mod_fcgid_defaultini'];
+						}
 						$mod_fcgid_starter = '-1';
 						$mod_fcgid_maxrequests = '-1';
 					}
@@ -348,8 +385,11 @@ if($page == 'domains'
 				else
 				{
 					$openbasedir = '1';
-					$safemode = '1';
-					$phpsettingid = $settings['system']['mod_fcgid_defaultini'];
+					if ((int)$settings['phpfpm']['enabled'] == 1) {
+						$phpsettingid = $settings['phpfpm']['defaultini'];
+					} else {
+						$phpsettingid = $settings['system']['mod_fcgid_defaultini'];
+					}
 					$mod_fcgid_starter = '-1';
 					$mod_fcgid_maxrequests = '-1';
 				}
@@ -364,42 +404,63 @@ if($page == 'domains'
 					$additional_ip_condition = '';
 				}

-				$ipandport = intval($_POST['ipandport']);
-				$ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ipandport) . "' AND `ssl` = '0'" . $additional_ip_condition);
-
-				if(!isset($ipandport_check['id'])
-				   || $ipandport_check['id'] == '0'
-				   || $ipandport_check['id'] != $ipandport)
-				{
-					standard_error('ipportdoesntexist');
+				$ipandports = array();
+				if (isset($_POST['ipandport']) && !is_array($_POST['ipandport'])) {
+					$_POST['ipandport'] = unserialize($_POST['ipandport']);
 				}

-				if($settings['system']['use_ssl'] == "1"
-				   && isset($_POST['ssl'])
-				   /*&& isset($_POST['ssl_redirect'])*/
-				   && isset($_POST['ssl_ipandport'])
-				   && $_POST['ssl'] != '0')
-				{
-					$ssl = (int)$_POST['ssl'];
+				if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) {
+					foreach($_POST['ipandport'] as $ipandport) {
+						$ipandport = intval($ipandport);
+						$ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ipandport) . "' " . $additional_ip_condition);
+						if(!isset($ipandport_check['id'])
+							|| $ipandport_check['id'] == '0'
+							|| $ipandport_check['id'] != $ipandport
+						) {
+							standard_error('ipportdoesntexist');
+						} else {
+							$ipandports[] = $ipandport;
+						}
+					}
+				}
+
+				if ($settings['system']['use_ssl'] == "1"
+					&& isset($_POST['ssl_ipandport'])
+				) {
 					$ssl_redirect = 0;
 					if (isset($_POST['ssl_redirect'])) {
 						$ssl_redirect = (int)$_POST['ssl_redirect'];
 					}
-					$ssl_ipandport = (int)$_POST['ssl_ipandport'];
-					$ssl_ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ssl_ipandport) . "' AND `ssl` = '1'" . $additional_ip_condition);

-					if(!isset($ssl_ipandport_check['id'])
-					   || $ssl_ipandport_check['id'] == '0'
-					   || $ssl_ipandport_check['id'] != $ssl_ipandport)
-					{
-						standard_error('ipportdoesntexist');
+					$ssl_ipandports = array();
+					if (isset($_POST['ssl_ipandport']) && !is_array($_POST['ssl_ipandport'])) {
+						$_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']);
 					}
-				}
-				else
-				{
-					$ssl = 0;
+
+					// Verify SSL-Ports
+					if (isset($_POST['ssl_ipandport']) && is_array($_POST['ssl_ipandport'])) {
+						foreach ($_POST['ssl_ipandport'] as $ssl_ipandport) {
+							$ssl_ipandport = intval($ssl_ipandport);
+							$ssl_ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ssl_ipandport) . "' " . $additional_ip_condition);
+							if (!isset($ssl_ipandport_check['id'])
+								|| $ssl_ipandport_check['id'] == '0'
+								|| $ssl_ipandport_check['id'] != $ssl_ipandport
+							) {
+								standard_error('ipportdoesntexist');
+							} else {
+								$ssl_ipandports[] = $ssl_ipandport;
+							}
+						}
+					} else {
+						// we need this for the serialize
+						// if ssl is disabled or no ssl-ip/port exists
+						$ssl_ipandports[] = -1;
+					}
+				} else {
 					$ssl_redirect = 0;
-					$ssl_ipandport = 0;
+					// we need this for the serialize
+					// if ssl is disabled or no ssl-ip/port exists
+					$ssl_ipandports[] = -1;
 				}

 				if(!preg_match('/^https?\:\/\//', $documentroot))
@@ -414,15 +475,35 @@ if($page == 'domains'
 					}
 				}

-				$domain_check = $db->query_first("SELECT `id`, `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain` = '" . $db->escape(strtolower($domain)) . "'");
+				$domain_check = $db->query_first("SELECT `id`, `domain`
+						FROM `" . TABLE_PANEL_DOMAINS . "`
+						WHERE `domain` = '" . $db->escape(strtolower($domain)) . "'"
+				);
 				$aliasdomain_check = array(
 					'id' => 0
 				);

-				if($aliasdomain != 0)
+				if ($aliasdomain != 0) {
+					// Overwrite given ipandports with these of the "main" domain
+					$ipandports = array();
+					$origipresult = $db->query("SELECT `id_ipandports`
+						FROM `" . TABLE_DOMAINTOIP ."`
+						WHERE `id_domain` = '" . (int)$aliasdomain . "'"
+					);
+					while ($origip = $db->fetch_array($origipresult)) {
+						$ipandports[] = $origip['id_ipandports'];
+					}
+					$aliasdomain_check = $db->query_first("SELECT `d`.`id` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c`
+							WHERE `d`.`customerid`='" . (int)$customerid . "'
+							AND `d`.`aliasdomain` IS NULL AND
+							`d`.`id` <> `c`.`standardsubdomain`
+							AND `c`.`customerid`='" . (int)$customerid . "'
+							AND `d`.`id`='" . (int)$aliasdomain . "'");
+				}
+
+				if(count($ipandports) == 0)
 				{
-					// also check ip/port combination to be the same, #176
-					$aliasdomain_check = $db->query_first('SELECT `d`.`id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\' AND `d`.`ipandport` = \''.(int)$ipandport.'\'');
+					standard_error('noipportgiven');
 				}

 				if($openbasedir != '1')
@@ -430,11 +511,6 @@ if($page == 'domains'
 					$openbasedir = '0';
 				}

-				if($safemode != '1')
-				{
-					$safemode = '0';
-				}
-
 				if($speciallogfile != '1')
 				{
 					$speciallogfile = '0';
@@ -471,9 +547,8 @@ if($page == 'domains'
 					$dkim = '0';
 				}

-				if($wwwserveralias != '1')
-				{
-					$wwwserveralias = '0';
+				if ($serveraliasoption != '1' && $serveraliasoption != '2') {
+					$serveraliasoption = '0';
 				}

 				if($caneditdomain != '1')
@@ -529,13 +604,11 @@ if($page == 'domains'
 						'zonefile' => $zonefile,
 						'dkim' => $dkim,
 						'speciallogfile' => $speciallogfile,
-						'wwwserveralias' => $wwwserveralias,
-						'ipandport' => $ipandport,
-						'ssl' => $ssl,
+						'selectserveralias' => $serveraliasoption,
+						'ipandport' => serialize($ipandports),
 						'ssl_redirect' => $ssl_redirect,
-						'ssl_ipandport' => $ssl_ipandport,
+						'ssl_ipandport' => serialize($ssl_ipandports),
 						'openbasedir' => $openbasedir,
-						'safemode' => $safemode,
 						'phpsettingid' => $phpsettingid,
 						'mod_fcgid_starter' => $mod_fcgid_starter,
 						'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
@@ -565,12 +638,57 @@ if($page == 'domains'
 						$question_nr++;
 					}

-					$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` (`domain`, `customerid`, `adminid`, `documentroot`, `ipandport`,`aliasdomain`, `zonefile`, `dkim`, `wwwserveralias`, `isbinddomain`, `isemaildomain`, `email_only`, `subcanemaildomain`, `caneditdomain`, `openbasedir`, `safemode`,`speciallogfile`, `specialsettings`, `ssl`, `ssl_redirect`, `ssl_ipandport`, `add_date`, `registration_date`, `phpsettingid`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`, `ismainbutsubto`) VALUES ('" . $db->escape($domain) . "', '" . (int)$customerid . "', '" . (int)$adminid . "', '" . $db->escape($documentroot) . "', '" . $db->escape($ipandport) . "', " . (($aliasdomain != 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ", '" . $db->escape($zonefile) . "', '" . $db->escape($dkim) . "', '" . $db->escape($wwwserveralias) . "', '" . $db->escape($isbinddomain) . "', '" . $db->escape($isemaildomain) . "', '" . $db->escape($email_only) . "', '" . $db->escape($subcanemaildomain) . "', '" . $db->escape($caneditdomain) . "', '" . $db->escape($openbasedir) . "', '" . $db->escape($safemode) . "', '" . $db->escape($speciallogfile) . "', '" . $db->escape($specialsettings) . "', '" . $ssl . "', '" . $ssl_redirect . "' , '" . $ssl_ipandport . "', '" . $db->escape(time()) . "', '" . $db->escape($registration_date) . "', '" . (int)$phpsettingid . "', '" . (int)$mod_fcgid_starter . "', '" . (int)$mod_fcgid_maxrequests . "', '".(int)$issubof."')");
+					$wwwserveralias = ($serveraliasoption == '1') ? '1' : '0';
+					$iswildcarddomain = ($serveraliasoption == '0') ? '1' : '0';
+
+					$db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
+						`domain` = '" . $db->escape($domain) . "',
+						`customerid` = '" . (int)$customerid . "',
+						`adminid` = '" . (int)$adminid . "',
+						`documentroot` = '" . $db->escape($documentroot) . "',
+						`aliasdomain` = " . (($aliasdomain != 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ",
+						`zonefile` = '" . $db->escape($zonefile) . "',
+						`dkim` = '" . $db->escape($dkim) . "',
+						`wwwserveralias` = '" . $db->escape($wwwserveralias) . "',
+						`iswildcarddomain` = '" . $db->escape($iswildcarddomain) . "',
+						`isbinddomain` = '" . $db->escape($isbinddomain) . "',
+						`isemaildomain` = '" . $db->escape($isemaildomain) . "',
+						`email_only` = '" . $db->escape($email_only) . "',
+						`subcanemaildomain` = '" . $db->escape($subcanemaildomain) . "',
+						`caneditdomain` = '" . $db->escape($caneditdomain) . "',
+						`openbasedir` = '" . $db->escape($openbasedir) . "',
+						`speciallogfile` = '" . $db->escape($speciallogfile) . "',
+						`specialsettings` = '" . $db->escape($specialsettings) . "',
+						`ssl_redirect` = '" . $ssl_redirect . "',
+						`add_date` = '" . $db->escape(time()) . "',
+						`registration_date` = '" . $db->escape($registration_date) . "',
+						`phpsettingid` = '" . (int)$phpsettingid . "',
+						`mod_fcgid_starter` = '" . (int)$mod_fcgid_starter . "',
+						`mod_fcgid_maxrequests` = '" . (int)$mod_fcgid_maxrequests . "',
+						`ismainbutsubto` = '".(int)$issubof."'
+					");
 					$domainid = $db->insert_id();
 					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` + 1 WHERE `adminid` = '" . (int)$adminid . "'");
+					foreach ($ipandports as $ipportid) {
+						$db->query("INSERT INTO `" . TABLE_DOMAINTOIP . "` SET
+								`id_domain` = '" . $domainid . "',
+								`id_ipandports` = '" . (int)$ipportid . "';
+						");
+					}
+					foreach ($ssl_ipandports as $ssl_ipportid) {
+						if ($ssl_ipportid > 0) {
+							$db->query("INSERT INTO `" . TABLE_DOMAINTOIP . "` SET
+									`id_domain` = '" . $domainid . "',
+									`id_ipandports` = '" . (int)$ssl_ipportid . "';
+							");
+						}
+					}
 					$log->logAction(ADM_ACTION, LOG_INFO, "added domain '" . $domain . "'");
 					inserttask('1');
+
+					// Using nameserver, insert a task which rebuilds the server config
 					inserttask('4');
+
 					redirectTo($filename, Array('page' => $page, 's' => $s));
 				}
 			}
@@ -608,8 +726,8 @@ if($page == 'domains'
 					$result_ssl_ipsandports = $db->query("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='1' AND `ip`='" . $admin_ip['ip'] . "' ORDER BY `ip`, `port` ASC");
 				}

-				$ipsandports = '';
-
+				// Build array holding all IPs and Ports available to this admin
+				$ipsandports = array();
 				while($row_ipandport = $db->fetch_array($result_ipsandports))
 				{
 					if(filter_var($row_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
@@ -617,11 +735,10 @@ if($page == 'domains'
 						$row_ipandport['ip'] = '[' . $row_ipandport['ip'] . ']';
 					}

-					$ipsandports.= makeoption($row_ipandport['ip'] . ':' . $row_ipandport['port'], $row_ipandport['id'], $settings['system']['defaultip']);
+					$ipsandports[] = array('label' => $row_ipandport['ip'] . ':' . $row_ipandport['port'], 'value' => $row_ipandport['id']);
 				}

-				$ssl_ipsandports = '';
-
+				$ssl_ipsandports = array();
 				while($row_ssl_ipandport = $db->fetch_array($result_ssl_ipsandports))
 				{
 					if(filter_var($row_ssl_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
@@ -629,7 +746,7 @@ if($page == 'domains'
 						$row_ssl_ipandport['ip'] = '[' . $row_ssl_ipandport['ip'] . ']';
 					}

-					$ssl_ipsandports.= makeoption($row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'], $row_ssl_ipandport['id'], $settings['system']['defaultip']);
+					$ssl_ipsandports[] = array('label' => $row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'], 'value' => $row_ssl_ipandport['id']);
 				}

 				$standardsubdomains = array();
@@ -670,21 +787,20 @@ if($page == 'domains'

 				while($row = $db->fetch_array($configs))
 				{
-					$phpconfigs.= makeoption($row['description'], $row['id'], $settings['system']['mod_fcgid_defaultini'], true, true);
+					if ((int)$settings['phpfpm']['enabled'] == 1) {
+						$phpconfigs.= makeoption($row['description'], $row['id'], $settings['phpfpm']['defaultini'], true, true);
+					} else {
+						$phpconfigs.= makeoption($row['description'], $row['id'], $settings['system']['mod_fcgid_defaultini'], true, true);
+					}
 				}

-				#$isbinddomain = makeyesno('isbinddomain', '1', '0', '1');
-				#$isemaildomain = makeyesno('isemaildomain', '1', '0', '1');
-				#$email_only = makeyesno('email_only', '1', '0', '0');
+				// create serveralias options
+				$serveraliasoptions = "";
+				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_wildcard'], '0', '0', true, true);
+				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_www'], '1', '0', true, true);
+				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_none'], '2', '0', true, true);
+
 				$subcanemaildomain = makeoption($lng['admin']['subcanemaildomain']['never'], '0', '0', true, true) . makeoption($lng['admin']['subcanemaildomain']['choosableno'], '1', '0', true, true) . makeoption($lng['admin']['subcanemaildomain']['choosableyes'], '2', '0', true, true) . makeoption($lng['admin']['subcanemaildomain']['always'], '3', '0', true, true);
-				#$dkim = makeyesno('dkim', '1', '0', '1');
-				#$wwwserveralias = makeyesno('wwwserveralias', '1', '0', '1');
-				#$caneditdomain = makeyesno('caneditdomain', '1', '0', '1');
-				#$openbasedir = makeyesno('openbasedir', '1', '0', '1');
-				#$safemode = makeyesno('safemode', '1', '0', '1');
-				#$speciallogfile = makeyesno('speciallogfile', '1', '0', '0');
-				#$ssl = makeyesno('ssl', '1', '0', '0');
-				#$ssl_redirect = makeyesno('ssl_redirect', '1', '0', '0');
 				$add_date = date('Y-m-d');

 				$domain_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/domains/formfield.domains_add.php';
@@ -732,6 +848,13 @@ if($page == 'domains'
 				}
 			}

+			$ipsresult = $db->query("SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = '" . (int)$result['id'] . "'");
+			$usedips = array();
+			while ($ipsresultrow = $db->fetch_array($ipsresult))
+			{
+				$usedips[] = $ipsresultrow['id_ipandports'];
+			}
+
 			if(isset($_POST['send'])
 			   && $_POST['send'] == 'send')
 			{
@@ -783,7 +906,7 @@ if($page == 'domains'
 				$aliasdomain = intval($_POST['alias']);
 				$issubof = intval($_POST['issubof']);
 				$subcanemaildomain = intval($_POST['subcanemaildomain']);
-				$caneditdomain = intval($_POST['caneditdomain']);
+				$caneditdomain = isset($_POST['caneditdomain']) ? intval($_POST['caneditdomain']) : 0;
 				$registration_date = trim($_POST['registration_date']);
 				$registration_date = validate($registration_date, 'registration_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', ''));

@@ -795,18 +918,37 @@ if($page == 'domains'
 				if(isset($_POST['email_only']))
 					$email_only = intval($_POST['email_only']);

-				$wwwserveralias = 0;
-				if(isset($_POST['wwwserveralias']))
-					$wwwserveralias = intval($_POST['wwwserveralias']);
+				$serveraliasoption = '2';
+				if ($result['iswildcarddomain'] == '1') {
+					$serveraliasoption = '0';
+				} elseif ($result['wwwserveralias'] == '1') {
+					$serveraliasoption = '1';
+				}
+				if (isset($_POST['selectserveralias'])) {
+					$serveraliasoption = intval($_POST['selectserveralias']);
+				}
+
+				$speciallogfile = 0;
+				if(isset($_POST['speciallogfile']))
+					$speciallogfile = intval($_POST['speciallogfile']);
+

 				if($userinfo['change_serversettings'] == '1')
 				{
-					$isbinddomain = intval($_POST['isbinddomain']);
-					$zonefile = validate($_POST['zonefile'], 'zonefile');
+					$isbinddomain = $result['isbinddomain'];
+					$zonefile = $result['zonefile'];
+					if ($settings['system']['bind_enable'] == '1') {
+						if (isset($_POST['isbinddomain'])) {
+							$isbinddomain = (int)$_POST['isbinddomain'];
+						} else {
+							$isbinddomain = 0;
+						}
+						$zonefile = validate($_POST['zonefile'], 'zonefile');
+					}

 					if($settings['dkim']['use_dkim'] == '1')
 					{
-						$dkim = intval($_POST['dkim']);
+						$dkim = isset($_POST['dkim']) ? 1 : 0;
 					}
 					else
 					{
@@ -818,7 +960,16 @@ if($page == 'domains'

 					if($documentroot == '')
 					{
-						$documentroot = $customer['documentroot'];
+						// If path is empty and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
+						// set default path to subdomain or domain name
+						if ($settings['system']['documentroot_use_default_value'] == 1)
+						{
+							$documentroot = makeCorrectDir($customer['documentroot'] . '/' . $result['domain']);
+						}
+						else
+						{
+							$documentroot = $customer['documentroot'];
+						}
 					}

 					if(!preg_match('/^https?\:\/\//', $documentroot)
@@ -836,13 +987,14 @@ if($page == 'domains'
 					$documentroot = $result['documentroot'];
 				}

+				$speciallogverified = (isset($_POST['speciallogverified']) ? (int)$_POST['speciallogverified'] : 0);
+
 				if($userinfo['caneditphpsettings'] == '1'
 				   || $userinfo['change_serversettings'] == '1')
 				{
-					$openbasedir = intval($_POST['openbasedir']);
-					$safemode = intval($_POST['safemode']);
+					$openbasedir = isset($_POST['openbasedir']) ? intval($_POST['openbasedir']) : 0;

-					if((int)$settings['system']['mod_fcgid'] == 1)
+					if((int)$settings['system']['mod_fcgid'] == 1 || (int)$settings['phpfpm']['enabled'] == 1)
 					{
 						$phpsettingid = (int)$_POST['phpsettingid'];
 						$phpsettingid_check = $db->query_first("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = " . (int)$phpsettingid);
@@ -854,8 +1006,13 @@ if($page == 'domains'
 							standard_error('phpsettingidwrong');
 						}

-						$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
-						$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
+						if ((int)$settings['system']['mod_fcgid'] == 1) {
+							$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
+							$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
+						} else {
+							$mod_fcgid_starter = $result['mod_fcgid_starter'];
+							$mod_fcgid_maxrequests = $result['mod_fcgid_maxrequests'];
+						}
 					}
 					else
 					{
@@ -867,58 +1024,70 @@ if($page == 'domains'
 				else
 				{
 					$openbasedir = $result['openbasedir'];
-					$safemode = $result['safemode'];
 					$phpsettingid = $result['phpsettingid'];
 					$mod_fcgid_starter = $result['mod_fcgid_starter'];
 					$mod_fcgid_maxrequests = $result['mod_fcgid_maxrequests'];
 				}

-				if($userinfo['ip'] != "-1")
-				{
-					$admin_ip = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id`='" . (int)$userinfo['ip'] . "' ORDER BY `ip`, `port` ASC");
-					$additional_ip_condition = ' AND `ip` = \'' . $admin_ip['ip'] . '\' ';
+				$ipandports = array();
+				if (isset($_POST['ipandport']) && !is_array($_POST['ipandport'])) {
+					$_POST['ipandport'] = unserialize($_POST['ipandport']);
 				}
-				else
-				{
-					$additional_ip_condition = '';
-				}
-
-				$ipandport = intval($_POST['ipandport']);
-				$ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ipandport) . "' AND `ssl` = '0'" . $additional_ip_condition);
-
-				if(!isset($ipandport_check['id'])
-				   || $ipandport_check['id'] == '0'
-				   || $ipandport_check['id'] != $ipandport)
-				{
-					standard_error('ipportdoesntexist');
+				if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) {
+					foreach($_POST['ipandport'] as $ipandport) {
+						if (trim($ipandport) == "") continue;
+						$ipandport = intval($ipandport);
+						$ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ipandport) . "' ");
+						if (!isset($ipandport_check['id'])
+							|| $ipandport_check['id'] == '0'
+							|| $ipandport_check['id'] != $ipandport
+						) {
+							standard_error('ipportdoesntexist');
+						} else {
+							$ipandports[] = $ipandport;
+						}
+					}
 				}

 				if($settings['system']['use_ssl'] == "1"
-				   && isset($_POST['ssl'])
-				   /*&& isset($_POST['ssl_redirect'])*/
-				   && isset($_POST['ssl_ipandport'])
-				   && $_POST['ssl'] != '0')
+				   && isset($_POST['ssl_ipandport']))
 				{
-					$ssl = (int)$_POST['ssl'];
+					$ssl = 1; // if ssl is set and != 0, it can only be 1
 					$ssl_redirect = 0;
 					if (isset($_POST['ssl_redirect'])) {
 						$ssl_redirect = (int)$_POST['ssl_redirect'];
 					}
-					$ssl_ipandport = (int)$_POST['ssl_ipandport'];
-					$ssl_ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ssl_ipandport) . "' AND `ssl` = '1'" . $additional_ip_condition);

-					if(!isset($ssl_ipandport_check['id'])
-					   || $ssl_ipandport_check['id'] == '0'
-					   || $ssl_ipandport_check['id'] != $ssl_ipandport)
-					{
-						standard_error('ipportdoesntexist');
+					$ssl_ipandports = array();
+					if (isset($_POST['ssl_ipandport']) && !is_array($_POST['ssl_ipandport'])) {
+						$_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']);
+					}
+					if (isset($_POST['ssl_ipandport']) && is_array($_POST['ssl_ipandport'])) {
+						foreach ($_POST['ssl_ipandport'] as $ssl_ipandport) {
+							if (trim($ssl_ipandport) == "") continue;
+							$ssl_ipandport = intval($ssl_ipandport);
+							$ssl_ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ssl_ipandport) . "' ");
+							if (!isset($ssl_ipandport_check['id'])
+								|| $ssl_ipandport_check['id'] == '0'
+								|| $ssl_ipandport_check['id'] != $ssl_ipandport
+							) {
+								standard_error('ipportdoesntexist');
+							} else {
+								$ssl_ipandports[] = $ssl_ipandport;
+							}
+						}
+					} else {
+						// we need this for the serialize
+						// if ssl is disabled or no ssl-ip/port exists
+						$ssl_ipandports[] = -1;
 					}
 				}
 				else
 				{
-					$ssl = 0;
 					$ssl_redirect = 0;
-					$ssl_ipandport = 0;
+					// we need this for the serialize
+					// if ssl is disabled or no ssl-ip/port exists
+					$ssl_ipandports[] = -1;
 				}

 				if(!preg_match('/^https?\:\/\//', $documentroot))
@@ -931,11 +1100,6 @@ if($page == 'domains'
 					$openbasedir = '0';
 				}

-				if($safemode != '1')
-				{
-					$safemode = '0';
-				}
-
 				if($isbinddomain != '1')
 				{
 					$isbinddomain = '0';
@@ -976,10 +1140,23 @@ if($page == 'domains'
 					'id' => 0
 				);

-				if($aliasdomain != 0)
-				{
-					// also check ip/port combination to be the same, #176
-					$aliasdomain_check = $db->query_first('SELECT `d`.`id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$result['customerid'] . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$result['customerid'] . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\' AND `d`.`ipandport` = \''.(int)$ipandport.'\'');
+				if ($aliasdomain != 0) {
+					// Overwrite given ipandports with these of the "main" domain
+					$ipandports = array();
+					$origipresult = $db->query("SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP ."` WHERE `id_domain` = '" . (int)$aliasdomain . "'");
+					while ($origip = $db->fetch_array($origipresult)) {
+						$ipandports[] = $origip['id_ipandports'];
+					}
+					$aliasdomain_check = $db->query_first("SELECT `d`.`id` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` 
+							WHERE `d`.`customerid`='" . (int)$customerid . "'
+							AND `d`.`aliasdomain` IS NULL AND
+							`d`.`id` <> `c`.`standardsubdomain`
+							AND `c`.`customerid`='" . (int)$customerid . "'
+							AND `d`.`id`='" . (int)$aliasdomain . "'");
+				}
+
+				if (count($ipandports) == 0) {
+					standard_error('noipportgiven');
 				}

 				if($aliasdomain_check['id'] != $aliasdomain)
@@ -992,6 +1169,10 @@ if($page == 'domains'
 					$issubof = '0';
 				}

+				if ($serveraliasoption != '1' && $serveraliasoption != '2') {
+					$serveraliasoption = '0';
+				}
+
 				$params = array(
 					'id' => $id,
 					'page' => $page,
@@ -1007,19 +1188,19 @@ if($page == 'domains'
 					'caneditdomain' => $caneditdomain,
 					'zonefile' => $zonefile,
 					'dkim' => $dkim,
-					'wwwserveralias' => $wwwserveralias,
-					'ipandport' => $ipandport,
-					'ssl' => $ssl,
+					'selectserveralias' => $serveraliasoption,
 					'ssl_redirect' => $ssl_redirect,
-					'ssl_ipandport' => $ssl_ipandport,
 					'openbasedir' => $openbasedir,
-					'safemode' => $safemode,
 					'phpsettingid' => $phpsettingid,
 					'mod_fcgid_starter' => $mod_fcgid_starter,
 					'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
 					'specialsettings' => $specialsettings,
 					'registration_date' => $registration_date,
-					'issubof' => $issubof
+					'issubof' => $issubof,
+					'speciallogfile' => $speciallogfile,
+					'speciallogverified' => $speciallogverified,
+					'ipandport' => serialize($ipandports),
+					'ssl_ipandport' => serialize($ssl_ipandports)
 				);

 				$security_questions = array(
@@ -1041,28 +1222,33 @@ if($page == 'domains'
 					}
 				}

+				$wwwserveralias = ($serveraliasoption == '1') ? '1' : '0';
+				$iswildcarddomain = ($serveraliasoption == '0') ? '1' : '0';
+
 				if($documentroot != $result['documentroot']
-				   || $ipandport != $result['ipandport']
-				   || $ssl != $result['ssl']
 				   || $ssl_redirect != $result['ssl_redirect']
-				   || $ssl_ipandport != $result['ssl_ipandport']
 				   || $wwwserveralias != $result['wwwserveralias']
+				   || $iswildcarddomain != $result['iswildcarddomain']
 				   || $openbasedir != $result['openbasedir']
-				   || $safemode != $result['safemode']
 				   || $phpsettingid != $result['phpsettingid']
 				   || $mod_fcgid_starter != $result['mod_fcgid_starter']
 				   || $mod_fcgid_maxrequests != $result['mod_fcgid_maxrequests']
 				   || $specialsettings != $result['specialsettings']
 				   || $aliasdomain != $result['aliasdomain']
-				   || $issubof != $result['ismainbutsubto'])
+				   || $issubof != $result['ismainbutsubto']
+				   || $email_only != $result['email_only']
+				   || ($speciallogfile != $result['speciallogfile'] && $speciallogverified == '1'))
 				{
 					inserttask('1');
 				}

+				if ($speciallogfile != $result['speciallogfile'] && $speciallogverified != '1') {
+					$speciallogfile = $result['speciallogfile'];
+				}
+
 				if($isbinddomain != $result['isbinddomain']
 				   || $zonefile != $result['zonefile']
-				   || $dkim != $result['dkim']
-				   || $ipandport != $result['ipandport'])
+				   || $dkim != $result['dkim'])
 				{
 					inserttask('4');
 				}
@@ -1104,7 +1290,7 @@ if($page == 'domains'
 					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` - 1 WHERE `adminid` = '" . (int)$result['adminid'] . "' ");
 				}

-				$ssfs = isset($_POST['specialsettingsforsubdomains']) ? intval($_POST['specialsettingsforsubdomains']) : 1;
+				$ssfs = isset($_POST['specialsettingsforsubdomains']) ? 1 : 0;
 				if($ssfs == 1)
 				{
 					$upd_specialsettings = ", `specialsettings`='" . $db->escape($specialsettings) . "' ";
@@ -1116,8 +1302,86 @@ if($page == 'domains'
 					$log->logAction(ADM_ACTION, LOG_INFO, "removed specialsettings on all subdomains of domain #" . $id);
 				}

-				$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `customerid` = '" . (int)$customerid . "', `adminid` = '" . (int)$adminid . "', `documentroot`='" . $db->escape($documentroot) . "', `ipandport`='" . $db->escape($ipandport) . "', `ssl`='" . (int)$ssl . "', `ssl_redirect`='" . (int)$ssl_redirect . "', `ssl_ipandport`='" . (int)$ssl_ipandport . "', `aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ", `isbinddomain`='" . $db->escape($isbinddomain) . "', `isemaildomain`='" . $db->escape($isemaildomain) . "', `email_only`='" . $db->escape($email_only) . "', `subcanemaildomain`='" . $db->escape($subcanemaildomain) . "', `dkim`='" . $db->escape($dkim) . "', `caneditdomain`='" . $db->escape($caneditdomain) . "', `zonefile`='" . $db->escape($zonefile) . "', `wwwserveralias`='" . $db->escape($wwwserveralias) . "', `openbasedir`='" . $db->escape($openbasedir) . "', `safemode`='" . $db->escape($safemode) . "', `phpsettingid`='" . $db->escape($phpsettingid) . "', `mod_fcgid_starter`='" . $db->escape($mod_fcgid_starter) . "', `mod_fcgid_maxrequests`='" . $db->escape($mod_fcgid_maxrequests) . "', `specialsettings`='" . $db->escape($specialsettings) . "', `registration_date`='" . $db->escape($registration_date) . "', `ismainbutsubto`='" . (int)$issubof . "' WHERE `id`='" . (int)$id . "'");
-				$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `customerid` = '" . (int)$customerid . "', `adminid` = '" . (int)$adminid . "', `ipandport`='" . $db->escape($ipandport) . "', `openbasedir`='" . $db->escape($openbasedir) . "', `safemode`='" . $db->escape($safemode) . "', `phpsettingid`='" . $db->escape($phpsettingid) . "', `mod_fcgid_starter`='" . $db->escape($mod_fcgid_starter) . "', `mod_fcgid_maxrequests`='" . $db->escape($mod_fcgid_maxrequests) . "'" . $upd_specialsettings . $updatechildren . " WHERE `parentdomainid`='" . (int)$id . "'");
+				$wwwserveralias = ($serveraliasoption == '1') ? '1' : '0';
+				$iswildcarddomain = ($serveraliasoption == '0') ? '1' : '0';
+
+				$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET 
+					`customerid` = '" . (int)$customerid . "',
+					`adminid` = '" . (int)$adminid . "',
+					`documentroot`='" . $db->escape($documentroot) . "',
+					`ssl_redirect`='" . (int)$ssl_redirect . "',
+					`aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ",
+					`isbinddomain`='" . $db->escape($isbinddomain) . "',
+					`isemaildomain`='" . $db->escape($isemaildomain) . "',
+					`email_only`='" . $db->escape($email_only) . "',
+					`subcanemaildomain`='" . $db->escape($subcanemaildomain) . "',
+					`dkim`='" . $db->escape($dkim) . "', 
+					`caneditdomain`='" . $db->escape($caneditdomain) . "',
+					`zonefile`='" . $db->escape($zonefile) . "',
+					`wwwserveralias`='" . $db->escape($wwwserveralias) . "',
+					`iswildcarddomain`='" . $db->escape($iswildcarddomain) . "',
+					`openbasedir`='" . $db->escape($openbasedir) . "',
+					`speciallogfile`='" . $db->escape($speciallogfile) . "',
+					`phpsettingid`='" . $db->escape($phpsettingid) . "',
+					`mod_fcgid_starter`='" . $db->escape($mod_fcgid_starter) . "',
+					`mod_fcgid_maxrequests`='" . $db->escape($mod_fcgid_maxrequests) . "',
+					`specialsettings`='" . $db->escape($specialsettings) . "',
+					`registration_date`='" . $db->escape($registration_date) . "',
+					`ismainbutsubto`='" . (int)$issubof . "' WHERE `id`='" . (int)$id . "'
+				");
+				$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET 
+					`customerid` = '" . (int)$customerid . "',
+					`adminid` = '" . (int)$adminid . "',
+					`openbasedir`='" . $db->escape($openbasedir) . "',
+					`phpsettingid`='" . $db->escape($phpsettingid) . "',
+					`mod_fcgid_starter`='" . $db->escape($mod_fcgid_starter) . "',
+					`mod_fcgid_maxrequests`='" . $db->escape($mod_fcgid_maxrequests) . "'
+					" . $upd_specialsettings . $updatechildren . " 
+					WHERE `parentdomainid`='" . (int)$id . "'
+				");
+
+				// FIXME check how many we got and if the amount of assigned IP's
+				// has changed so we can insert a config-rebuild task if only
+				// the ip's of this domain were changed
+
+				// Cleanup domain <-> ip mapping
+				$db->query("DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = '" . (int)$id . "'");
+
+				foreach ($ipandports as $ipportid) {
+					$db->query("INSERT INTO `" . TABLE_DOMAINTOIP . "` SET
+							`id_domain` = '" . (int)$id . "',
+							`id_ipandports` = '" . (int)$ipportid . "';
+					");
+				}
+				foreach ($ssl_ipandports as $ssl_ipportid) {
+					if ($ssl_ipportid > 0) {
+						$db->query("INSERT INTO `" . TABLE_DOMAINTOIP . "` SET
+								`id_domain` = '" . (int)$id . "',
+								`id_ipandports` = '" . (int)$ssl_ipportid . "';
+						");
+					}
+				}
+
+				// Cleanup domain <-> ip mapping for subdomains
+				$domainidsresult = $db->query("SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `parentdomainid`='" . (int)$id . "'");
+				while ($row = $db->fetch_array($domainidsresult)) {
+					$db->query("DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = '" . (int)$row['id'] . "'");
+					foreach ($ipandports as $ipportid) {
+						$db->query("INSERT INTO `" . TABLE_DOMAINTOIP . "` SET
+								`id_domain` = '" . (int)$row['id'] . "',
+								`id_ipandports` = '" . (int)$ipportid . "';
+						");
+					}
+					foreach ($ssl_ipandports as $ssl_ipportid) {
+						if ($ssl_ipportid > 0) {
+							$db->query("INSERT INTO `" . TABLE_DOMAINTOIP . "` SET
+									`id_domain` = '" . (int)$row['id'] . "',
+									`id_ipandports` = '" . (int)$ssl_ipportid . "';
+							");
+						}
+					}
+				}
+
 				$log->logAction(ADM_ACTION, LOG_INFO, "edited domain #" . $id);
 				$redirect_props = Array(
 					'page' => $page,
@@ -1192,8 +1456,7 @@ if($page == 'domains'
 					$result_ssl_ipsandports = $db->query("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='1' AND `ip`='" . $admin_ip['ip'] . "' ORDER BY `ip`, `port` ASC");
 				}

-				$ipsandports = '';
-
+				$ipsandports = array();
 				while($row_ipandport = $db->fetch_array($result_ipsandports))
 				{
 					if(filter_var($row_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
@@ -1201,11 +1464,10 @@ if($page == 'domains'
 						$row_ipandport['ip'] = '[' . $row_ipandport['ip'] . ']';
 					}

-					$ipsandports.= makeoption($row_ipandport['ip'] . ':' . $row_ipandport['port'], $row_ipandport['id'], $result['ipandport']);
+					$ipsandports[] = array('label' => $row_ipandport['ip'] . ':' . $row_ipandport['port'], 'value' => $row_ipandport['id']);
 				}

-				$ssl_ipsandports = '';
-
+				$ssl_ipsandports = array();
 				while($row_ssl_ipandport = $db->fetch_array($result_ssl_ipsandports))
 				{
 					if(filter_var($row_ssl_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
@@ -1213,37 +1475,37 @@ if($page == 'domains'
 						$row_ssl_ipandport['ip'] = '[' . $row_ssl_ipandport['ip'] . ']';
 					}

-					$ssl_ipsandports.= makeoption($row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'], $row_ssl_ipandport['id'], $result['ssl_ipandport']);
+					$ssl_ipsandports[] = array('label' => $row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'], 'value' => $row_ssl_ipandport['id']);
 				}

 				$result['specialsettings'] = $result['specialsettings'];
-				#$isbinddomain = makeyesno('isbinddomain', '1', '0', $result['isbinddomain']);
-				#$wwwserveralias = makeyesno('wwwserveralias', '1', '0', $result['wwwserveralias']);
-				#$isemaildomain = makeyesno('isemaildomain', '1', '0', $result['isemaildomain']);
-				#$email_only = makeyesno('email_only', '1', '0', $result['email_only']);
-				#$ssl = makeyesno('ssl', '1', '0', $result['ssl']);
-				#$ssl_redirect = makeyesno('ssl_redirect', '1', '0', $result['ssl_redirect']);
+
+				// create serveralias options
+				$serveraliasoptions = "";
+				$_value = '2';
+				if ($result['iswildcarddomain'] == '1') {
+					$_value = '0';
+				} elseif ($result['wwwserveralias'] == '1') {
+					$_value = '1';
+				}
+				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_wildcard'], '0', $_value, true, true);
+				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_www'], '1', $_value, true, true);
+				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_none'], '2', $_value, true, true);
+
 				$subcanemaildomain = makeoption($lng['admin']['subcanemaildomain']['never'], '0', $result['subcanemaildomain'], true, true);
 				$subcanemaildomain.= makeoption($lng['admin']['subcanemaildomain']['choosableno'], '1', $result['subcanemaildomain'], true, true);
 				$subcanemaildomain.= makeoption($lng['admin']['subcanemaildomain']['choosableyes'], '2', $result['subcanemaildomain'], true, true);
 				$subcanemaildomain.= makeoption($lng['admin']['subcanemaildomain']['always'], '3', $result['subcanemaildomain'], true, true);
-				#$dkim = makeyesno('dkim', '1', '0', $result['dkim']);
-				#$caneditdomain = makeyesno('caneditdomain', '1', '0', $result['caneditdomain']);
-				#$openbasedir = makeyesno('openbasedir', '1', '0', $result['openbasedir']);
-				#$safemode = makeyesno('safemode', '1', '0', $result['safemode']);
 				$speciallogfile = ($result['speciallogfile'] == 1 ? $lng['panel']['yes'] : $lng['panel']['no']);
 				$result['add_date'] = date('Y-m-d', $result['add_date']);

 				$phpconfigs = '';
 				$phpconfigs_result = $db->query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");

-				while($phpconfigs_row = $db->fetch_array($phpconfigs_result))
-				{
+				while ($phpconfigs_row = $db->fetch_array($phpconfigs_result)) {
 					$phpconfigs.= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], $result['phpsettingid'], true, true);
 				}

-				#$specialsettingsforsubdomains = makeyesno('specialsettingsforsubdomains', '1', '0', '1');
-
 				$result = htmlentities_array($result);

 				$domain_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/domains/formfield.domains_edit.php';
@@ -1252,10 +1514,10 @@ if($page == 'domains'
 				$title = $domain_edit_data['domain_edit']['title'];
 				$image = $domain_edit_data['domain_edit']['image'];

+				$speciallogwarning = sprintf($lng['admin']['speciallogwarning'], $lng['admin']['delete_statistics']);
+
 				eval("echo \"" . getTemplate("domains/domains_edit") . "\";");
 			}
 		}
 	}
 }
-
-?>
--- a/admin_index.php
+++ b/admin_index.php
@@ -104,11 +104,13 @@ if($page == 'overview')
 					$_message = isset($latestversion[1]) ? $latestversion[1] : '';
 					$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');

-					$lookfornewversion_lable = $_version;
+					// add the branding so debian guys are not gettings confused
+					// about their version-number
+					$lookfornewversion_lable = $_version.$branding;
 					$lookfornewversion_link = $_link;
 					$lookfornewversion_addinfo = $_message;

-					if (version_compare($version, $_version) == -1) {
+					if (version_compare2($version, $_version) == -1) {
 						$isnewerversion = 1;
 					} else {
 						$isnewerversion = 0;
--- a/admin_ipsandports.php
+++ b/admin_ipsandports.php
@@ -83,7 +83,7 @@ if($page == 'ipsandports'
 		if(isset($result['id'])
 		   && $result['id'] == $id)
 		{
-			$result_checkdomain = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `ipandport`='" . (int)$id . "'");
+			$result_checkdomain = $db->query_first("SELECT `id_domain` as `id` FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_ipandports`='" . (int)$id . "'");

 			if($result_checkdomain['id'] == '')
 			{
@@ -102,9 +102,16 @@ if($page == 'ipsandports'
 							   && $_POST['send'] == 'send')
 							{
 								$db->query("DELETE FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id`='" . (int)$id . "'");
+
+								// also, remove connections to domains (multi-stack)
+								$db->query("DELETE FROM `".TABLE_DOMAINTOIP."` WHERE `id_ipandports`='".(int)$id."'");
+
 								$log->logAction(ADM_ACTION, LOG_WARNING, "deleted IP/port '" . $result['ip'] . ":" . $result['port'] . "'");
 								inserttask('1');
+
+								// Using nameserver, insert a task which rebuilds the server config
 								inserttask('4');
+
 								redirectTo($filename, Array('page' => $page, 's' => $s));
 							}
 							else
@@ -136,11 +143,11 @@ if($page == 'ipsandports'
 		{
 			$ip = validate_ip($_POST['ip']);
 			$port = validate($_POST['port'], 'port', '/^(([1-9])|([1-9][0-9])|([1-9][0-9][0-9])|([1-9][0-9][0-9][0-9])|([1-5][0-9][0-9][0-9][0-9])|(6[0-4][0-9][0-9][0-9])|(65[0-4][0-9][0-9])|(655[0-2][0-9])|(6553[0-5]))$/Di', array('stringisempty', 'myport'));
-			$listen_statement = intval($_POST['listen_statement']);
-			$namevirtualhost_statement = intval($_POST['namevirtualhost_statement']);
-			$vhostcontainer = intval($_POST['vhostcontainer']);
+			$listen_statement = isset($_POST['listen_statement']) ? 1 : 0;
+			$namevirtualhost_statement = isset($_POST['namevirtualhost_statement']) ? 1 : 0;
+			$vhostcontainer = isset($_POST['vhostcontainer']) ? 1 : 0;
 			$specialsettings = validate(str_replace("\r\n", "\n", $_POST['specialsettings']), 'specialsettings', '/^[^\0]*$/');
-			$vhostcontainer_servername_statement = intval($_POST['vhostcontainer_servername_statement']);
+			$vhostcontainer_servername_statement = isset($_POST['vhostcontainer_servername_statement']) ? 1 : 0;
 			$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
 			$docroot = validate($_POST['docroot'], 'docroot');
 			if((int)$settings['system']['use_ssl'] == 1)
@@ -245,17 +252,22 @@ if($page == 'ipsandports'

 				$log->logAction(ADM_ACTION, LOG_WARNING, "added IP/port '" . $ip . ":" . $port . "'");
 				inserttask('1');
+
+				// Using nameserver, insert a task which rebuilds the server config
 				inserttask('4');
+
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
 		}
 		else
 		{
-			#$enable_ssl = makeyesno('ssl', '1', '0', '0');
-			#$listen_statement = makeyesno('listen_statement', '1', '0', '1');
-			#$namevirtualhost_statement = makeyesno('namevirtualhost_statement', '1', '0', '1');
-			#$vhostcontainer = makeyesno('vhostcontainer', '1', '0', '1');
-			#$vhostcontainer_servername_statement = makeyesno('vhostcontainer_servername_statement', '1', '0', '1');
+			/*
+			$enable_ssl = makeyesno('ssl', '1', '0', '0');
+			$listen_statement = makeyesno('listen_statement', '1', '0', '1');
+			$namevirtualhost_statement = makeyesno('namevirtualhost_statement', '1', '0', '1');
+			$vhostcontainer = makeyesno('vhostcontainer', '1', '0', '1');
+			$vhostcontainer_servername_statement = makeyesno('vhostcontainer_servername_statement', '1', '0', '1');
+			*/

 			$ipsandports_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/ipsandports/formfield.ipsandports_add.php';
 			$ipsandports_add_form = htmlform::genHTMLForm($ipsandports_add_data);
@@ -280,16 +292,23 @@ if($page == 'ipsandports'
 				$port = validate($_POST['port'], 'port', '/^(([1-9])|([1-9][0-9])|([1-9][0-9][0-9])|([1-9][0-9][0-9][0-9])|([1-5][0-9][0-9][0-9][0-9])|(6[0-4][0-9][0-9][0-9])|(65[0-4][0-9][0-9])|(655[0-2][0-9])|(6553[0-5]))$/Di', array('stringisempty', 'myport'));
 				$result_checkfordouble = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ip`='" . $db->escape($ip) . "' AND `port`='" . (int)$port . "'");
 				$result_sameipotherport = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ip`='" . $db->escape($result['ip']) . "' AND `id`!='" . (int)$id . "'");
-				$listen_statement = intval($_POST['listen_statement']);
-				$namevirtualhost_statement = intval($_POST['namevirtualhost_statement']);
-				$vhostcontainer = intval($_POST['vhostcontainer']);
+				$listen_statement = isset($_POST['listen_statement']) ? 1 : 0;
+				$namevirtualhost_statement = isset($_POST['namevirtualhost_statement']) ? 1 : 0;
+				$vhostcontainer = isset($_POST['vhostcontainer']) ? 1 : 0;
 				$specialsettings = validate(str_replace("\r\n", "\n", $_POST['specialsettings']), 'specialsettings', '/^[^\0]*$/');
-				$vhostcontainer_servername_statement = intval($_POST['vhostcontainer_servername_statement']);
+				$vhostcontainer_servername_statement = isset($_POST['vhostcontainer_servername_statement']) ? 1 : 0;
 				$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
 				$docroot =  validate($_POST['docroot'], 'docroot');
-				if((int)$settings['system']['use_ssl'] == 1)
-				{
-					$ssl = intval($_POST['ssl']);
+
+				if((int)$settings['system']['use_ssl'] == 1
+					/* 
+					 * check here if ssl is even checked, cause if not, we don't need
+					 * to validate and set all the $ssl_*_file vars
+					 */
+					&& isset($_POST['ssl'])
+					&& $_POST['ssl'] != 0
+				) {
+					$ssl = 1;
 					$ssl_cert_file = validate($_POST['ssl_cert_file'], 'ssl_cert_file');
 					$ssl_key_file = validate($_POST['ssl_key_file'], 'ssl_key_file');
 					$ssl_ca_file = validate($_POST['ssl_ca_file'], 'ssl_ca_file');
@@ -391,18 +410,23 @@ if($page == 'ipsandports'

 					$log->logAction(ADM_ACTION, LOG_WARNING, "changed IP/port from '" . $result['ip'] . ":" . $result['port'] . "' to '" . $ip . ":" . $port . "'");
 					inserttask('1');
+
+					// Using nameserver, insert a task which rebuilds the server config
 					inserttask('4');
+
 					redirectTo($filename, Array('page' => $page, 's' => $s));
 				}
 			}
 			else
 			{
-				#$enable_ssl = makeyesno('ssl', '1', '0', $result['ssl']);
 				$result = htmlentities_array($result);
-				#$listen_statement = makeyesno('listen_statement', '1', '0', $result['listen_statement']);
-				#$namevirtualhost_statement = makeyesno('namevirtualhost_statement', '1', '0', $result['namevirtualhost_statement']);
-				#$vhostcontainer = makeyesno('vhostcontainer', '1', '0', $result['vhostcontainer']);
-				#$vhostcontainer_servername_statement = makeyesno('vhostcontainer_servername_statement', '1', '0', $result['vhostcontainer_servername_statement']);
+				/*
+				$enable_ssl = makeyesno('ssl', '1', '0', $result['ssl']);
+				$listen_statement = makeyesno('listen_statement', '1', '0', $result['listen_statement']);
+				$namevirtualhost_statement = makeyesno('namevirtualhost_statement', '1', '0', $result['namevirtualhost_statement']);
+				$vhostcontainer = makeyesno('vhostcontainer', '1', '0', $result['vhostcontainer']);
+				$vhostcontainer_servername_statement = makeyesno('vhostcontainer_servername_statement', '1', '0', $result['vhostcontainer_servername_statement']);
+				*/

 				$ipsandports_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/ipsandports/formfield.ipsandports_edit.php';
 				$ipsandports_edit_form = htmlform::genHTMLForm($ipsandports_edit_data);
--- a/admin_logger.php
+++ b/admin_logger.php
@@ -22,14 +22,12 @@ define('AREA', 'admin');
 /**
 * Include our init.php, which manages Sessions, Language etc.
 */
+require('./lib/init.php');

-require ("./lib/init.php");
-
-if($page == 'log'
-   && $userinfo['change_serversettings'] == '1')
-{
-	if($action == '')
-	{
+if ($page == 'log'
+   && $userinfo['change_serversettings'] == '1'
+) {
+	if ($action == '') {
 		$fields = array(
 			'date' => $lng['logger']['date'],
 			'type' => $lng['logger']['type'],
@@ -47,24 +45,21 @@ if($page == 'log'
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$clog = array();

-		while($row = $db->fetch_array($result))
-		{
-			if(!isset($clog[$row['action']])
-			   || !is_array($clog[$row['action']]))
-			{
+		while ($row = $db->fetch_array($result)) {
+			if (!isset($clog[$row['action']])
+			   || !is_array($clog[$row['action']])
+			) {
 				$clog[$row['action']] = array();
 			}

 			$clog[$row['action']][$row['logid']] = $row;
 		}

-		if($paging->sortfield == 'date'
-		   && $paging->sortorder == 'desc')
-		{
+		if ($paging->sortfield == 'date'
+		   && $paging->sortorder == 'desc'
+		) {
 			krsort($clog);
-		}
-		else
-		{
+		} else {
 			ksort($clog);
 		}

@@ -72,20 +67,15 @@ if($page == 'log'
 		$count = 0;
 		$log_count = 0;
 		$log = '';
-		foreach($clog as $action => $logrows)
-		{
+		foreach ($clog as $action => $logrows) {
 			$_action = 0;
-			foreach($logrows as $row)
-			{
-				if($paging->checkDisplay($i))
-				{
+			foreach ($logrows as $row) {
+				if ($paging->checkDisplay($i)) {
 					$row = htmlentities_array($row);
 					$row['date'] = date("d.m.y H:i:s", $row['date']);

-					if($_action != $action)
-					{
-						switch($action)
-						{
+					if ($_action != $action) {
+						switch ($action) {
 							case USR_ACTION:
 								$_action = $lng['admin']['customer'];
 								break;
@@ -107,15 +97,14 @@ if($page == 'log'
 						}

 						$row['action'] = $_action;
-						eval("\$log.=\"" . getTemplate("logger/logger_action") . "\";");
+						eval("\$log.=\"" . getTemplate('logger/logger_action') . "\";");
 					}

 					$log_count++;
 					$type = $row['type'];
 					$_type = 'unknown';

-					switch($type)
-					{
+					switch ($type) {
 						case LOG_INFO:
 							$_type = 'Information';
 							break;
@@ -137,32 +126,27 @@ if($page == 'log'
 					}

 					$row['type'] = $_type;
-					eval("\$log.=\"" . getTemplate("logger/logger_log") . "\";");
+					eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";");
 					$count++;
 					$_action = $action;
 				}
 			}
-
 			$i++;
 		}

-		eval("echo \"" . getTemplate("logger/logger") . "\";");
-	}
-	elseif($action == 'truncate')
-	{
-		if(isset($_POST['send'])
-		   && $_POST['send'] == 'send')
-		{
+		eval("echo \"" . getTemplate('logger/logger') . "\";");
+	} elseif ($action == 'truncate') {
+		if (isset($_POST['send'])
+		   && $_POST['send'] == 'send'
+		) {
 			$yesterday = time() - (60 * 10);

 			/* (60*60*24); */

 			$db->query("DELETE FROM `" . TABLE_PANEL_LOG . "` WHERE `date` < '" . $yesterday . "'");
-			$log->logAction(ADM_ACTION, LOG_WARNING, "truncated the system-log (mysql)");
+			$log->logAction(ADM_ACTION, LOG_WARNING, 'truncated the system-log (mysql)');
 			redirectTo($filename, Array('page' => $page, 's' => $s));
-		}
-		else
-		{
+		} else {
 			ask_yesno('logger_reallytruncate', $filename, array('page' => $page, 'action' => $action), TABLE_PANEL_LOG);
 		}
 	}
--- a/admin_message.php
+++ b/admin_message.php
@@ -22,79 +22,60 @@ define('AREA', 'admin');
 /**
 * Include our init.php, which manages Sessions, Language etc.
 */
+require('./lib/init.php');

-require ("./lib/init.php");
-
-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif (isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'message')
-{
-	if($action == '')
-	{
-		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed panel_message");
+if ($page == 'message') {
+	if ($action == '') {
+		$log->logAction(ADM_ACTION, LOG_NOTICE, 'viewed panel_message');

-		if(isset($_POST['send'])
-		   && $_POST['send'] == 'send')
-		{
-			if($_POST['receipient'] == 0
-			   && $userinfo['customers_see_all'] == '1')
-			{
-				$log->logAction(ADM_ACTION, LOG_NOTICE, "sending messages to admins");
+		if (isset($_POST['send'])
+		   && $_POST['send'] == 'send'
+		) {
+			if ($_POST['receipient'] == 0
+			   && $userinfo['customers_see_all'] == '1'
+			) {
+				$log->logAction(ADM_ACTION, LOG_NOTICE, 'sending messages to admins');
 				$result = $db->query('SELECT `name`, `email`  FROM `' . TABLE_PANEL_ADMINS . "`");
-			}
-			elseif($_POST['receipient'] == 1)
-			{
-				if($userinfo['customers_see_all'] == "1")
-				{
-					$log->logAction(ADM_ACTION, LOG_NOTICE, "sending messages to ALL customers");
+			} elseif ($_POST['receipient'] == 1) {
+				if ($userinfo['customers_see_all'] == '1') {
+					$log->logAction(ADM_ACTION, LOG_NOTICE, 'sending messages to ALL customers');
 					$result = $db->query('SELECT `firstname`, `name`, `email`  FROM `' . TABLE_PANEL_CUSTOMERS . "`");
-				}
-				else
-				{
-					$log->logAction(ADM_ACTION, LOG_NOTICE, "sending messages to customers");
+				} else {
+					$log->logAction(ADM_ACTION, LOG_NOTICE, 'sending messages to customers');
 					$result = $db->query('SELECT `firstname`, `name`, `email`  FROM `' . TABLE_PANEL_CUSTOMERS . "` WHERE `adminid`='" . $userinfo['adminid'] . "'");
 				}
-			}
-			else
-			{
+			} else {
 				standard_error('noreceipientsgiven');
 			}

 			$subject = $_POST['subject'];
 			$message = wordwrap($_POST['message'], 70);

-			if(!empty($message))
-			{
+			if (!empty($message)) {
 				$mailcounter = 0;
 				$mail->Body = $message;
 				$mail->Subject = $subject;

-				while($row = $db->fetch_array($result))
-				{
+				while ($row = $db->fetch_array($result)) {
 					$mail->AddAddress($row['email'], (isset($row['firstname']) ? $row['firstname'] . ' ' : '') . $row['name']);
 					$mail->From = $userinfo['email'];
 					$mail->FromName = (isset($userinfo['firstname']) ? $userinfo['firstname'] . ' ' : '') . $userinfo['name'];

-					if(!$mail->Send())
-					{
-						if($mail->ErrorInfo != '')
-						{
+					if (!$mail->Send()) {
+						if ($mail->ErrorInfo != '') {
 							$mailerr_msg = $mail->ErrorInfo;
-						}
-						else
-						{
-							$mailerr_msg = $row["email"];
+						} else {
+							$mailerr_msg = $row['email'];
 						}

-						$log->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
-						standard_error('errorsendingmail', $row["email"]);
+						$log->logAction(ADM_ACTION, LOG_ERR, 'Error sending mail: ' . $mailerr_msg);
+						standard_error('errorsendingmail', $row['email']);
 					}

 					$mailcounter++;
@@ -102,47 +83,34 @@ if($page == 'message')
 				}

 				redirectTo($filename, Array('page' => $page, 's' => $s, 'action' => 'showsuccess', 'sentitems' => $mailcounter));
-			}
-			else
-			{
+			} else {
 				standard_error('nomessagetosend');
 			}
 		}
 	}

-	if($action == 'showsuccess')
-	{
+	if ($action == 'showsuccess') {
 		$success = 1;
 		$sentitems = isset($_GET['sentitems']) ? (int)$_GET['sentitems'] : 0;

-		if($sentitems == 0)
-		{
+		if ($sentitems == 0) {
 			$successmessage = $lng['message']['noreceipients'];
-		}
-		else
-		{
+		} else {
 			$successmessage = str_replace('%s', $sentitems, $lng['message']['success']);
 		}
-
-		$action = '';
-	}
-	else
-	{
+	} else {
 		$success = 0;
 		$sentitems = 0;
 		$successmessage = '';
-		$action = '';
 	}
+	$action = '';

 	$receipients = '';

-	if($userinfo['customers_see_all'] == "1")
-	{
+	if ($userinfo['customers_see_all'] == '1') {
 		$receipients.= makeoption($lng['panel']['reseller'], 0);
 	}

-	$receipients.= makeoption($lng['panel']['customer'], 1);
-	eval("echo \"" . getTemplate("message/message") . "\";");
+	$receipients .= makeoption($lng['panel']['customer'], 1);
+	eval("echo \"" . getTemplate('message/message') . "\";");
 }
-
-?>
--- a/admin_phpsettings.php
+++ b/admin_phpsettings.php
@@ -25,47 +25,54 @@ define('AREA', 'admin');

 require ("./lib/init.php");

-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif (isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'overview')
-{
-	if($action == '')
-	{
+if ($page == 'overview') {
+
+	if ($action == '') {
+
 		$tablecontent = '';
 		$count = 0;
 		$result = $db->query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");

-		while($row = $db->fetch_array($result))
-		{
+		while ($row = $db->fetch_array($result)) {
+
 			$domainresult = false;

-			if((int)$userinfo['domains_see_all'] == 0)
-			{
-				$domainresult = $db->query("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `adminid` = " . (int)$userinfo['userid'] . " AND `phpsettingid` = " . (int)$row['id']);
-			}
-			else
-			{
-				$domainresult = $db->query("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `phpsettingid` = " . (int)$row['id']);
+			$query = "SELECT * FROM `".TABLE_PANEL_DOMAINS."`
+					WHERE `phpsettingid` = '".(int)$row['id']."'
+					AND `parentdomainid` = '0'";
+
+			if ((int)$userinfo['domains_see_all'] == 0) {
+				$query .= " AND `adminid` = '".(int)$userinfo['userid']."'";
 			}

-			$domains = '';
-
-			if($db->num_rows($domainresult) > 0)
-			{
-				while($row2 = $db->fetch_array($domainresult))
-				{
-					$domains.= $row2['domain'] . '<br/>';
+			if ((int)$settings['panel']['phpconfigs_hidestdsubdomain'] == 1) {
+				$query2 = "SELECT DISTINCT `standardsubdomain`
+						FROM `".TABLE_PANEL_CUSTOMERS."`
+						WHERE `standardsubdomain` > 0 ORDER BY `standardsubdomain` ASC;";
+				$ssdids_res = $db->query($query2);
+				$ssdids = array();
+				while ($ssd = $db->fetch_array($ssdids_res)) {
+					$ssdids[] = $ssd['standardsubdomain'];
+				}
+				if (count($ssdids) > 0) {
+					$query .= " AND `id` NOT IN (".implode(', ', $ssdids).")";
 				}
 			}
-			else
-			{
+
+			$domainresult = $db->query($query);
+
+			$domains = '';
+			if ($db->num_rows($domainresult) > 0) {
+				while ($row2 = $db->fetch_array($domainresult)) {
+					$domains.= $row2['domain'] . '<br/>';
+				}
+			} else {
 				$domains = $lng['admin']['phpsettings']['notused'];
 			}

--- a/admin_settings.php
+++ b/admin_settings.php
@@ -82,9 +82,9 @@ if(($page == 'settings' || $page == 'overview')
 		) {
 			$log->logAction(ADM_ACTION, LOG_INFO, "rebuild configfiles due to changed setting");
 			inserttask('1');
+			// Using nameserver, insert a task which rebuilds the server config
 			inserttask('4');
-			inserttask('5');
-			inserttask('9');
+
 			standard_success('settingssaved', '', array('filename' => $filename, 'action' => $action, 'page' => $page));
 		}
 	}
@@ -115,6 +115,50 @@ if(($page == 'settings' || $page == 'overview')

 	}
 }
+elseif($page == 'phpinfo'
+	&& $userinfo['change_serversettings'] == '1'
+) {
+		ob_start();
+		phpinfo();
+		$phpinfo = array('phpinfo' => array());
+		if (preg_match_all(
+				'#(?:<h2>(?:<a name=".*?">)?(.*?)(?:</a>)?</h2>)|(?:<tr(?: class=".*?")?><t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>(?:<t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>(?:<t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>)?)?</tr>)#s',
+				ob_get_clean(), $matches, PREG_SET_ORDER
+			)
+		) {
+		foreach ($matches as $match) {
+			$end = array_keys($phpinfo);
+			$end = end($end);
+			if (strlen($match[1])) {
+				$phpinfo[$match[1]] = array();
+			} elseif (isset($match[3])) {
+				$phpinfo[$end][$match[2]] = isset($match[4]) ? array($match[3], $match[4]) : $match[3];
+			} else {
+				$phpinfo[$end][] = $match[2];
+			}
+		}
+		$phpinfohtml = '';
+		foreach ($phpinfo as $name => $section) {
+			$phpinfoentries = "";
+			foreach ($section as $key => $val) {
+				if (is_array($val)) {
+					eval("\$phpinfoentries .= \"" . getTemplate("settings/phpinfo/phpinfo_3") . "\";");
+				} elseif (is_string($key)) {
+					eval("\$phpinfoentries .= \"" . getTemplate("settings/phpinfo/phpinfo_2") . "\";");
+				} else {
+					eval("\$phpinfoentries .= \"" . getTemplate("settings/phpinfo/phpinfo_1") . "\";");
+				}
+			}
+			// first header -> show actual php version
+			if (strtolower($name) == "phpinfo") {
+				$name = "PHP ".PHP_VERSION;
+			}
+			eval("\$phpinfohtml .= \"" . getTemplate("settings/phpinfo/phpinfo_table") . "\";");
+		}
+		$phpinfo = $phpinfohtml;
+	}
+	eval("echo \"" . getTemplate("settings/phpinfo") . "\";");
+}
 elseif($page == 'rebuildconfigs'
       && $userinfo['change_serversettings'] == '1')
 {
@@ -123,10 +167,10 @@ elseif($page == 'rebuildconfigs'
 	{
 		$log->logAction(ADM_ACTION, LOG_INFO, "rebuild configfiles");
 		inserttask('1');
-		inserttask('4');
-		inserttask('5');
-		inserttask('9');
 		inserttask('10');
+		// Using nameserver, insert a task which rebuilds the server config
+		inserttask('4');
+
 		standard_success('rebuildingconfigs', '', array('filename' => 'admin_index.php'));
 	}
 	else
--- a/admin_templates.php
+++ b/admin_templates.php
@@ -48,17 +48,28 @@ elseif(isset($_GET['id']))
 $available_templates = array(
 	'createcustomer',
 	'pop_success',
-	'trafficmaxpercent',
-	'diskmaxpercent',
-	'new_ticket_by_customer',
-	'new_ticket_for_customer',
-	'new_ticket_by_staff',
-	'new_reply_ticket_by_customer',
-	'new_reply_ticket_by_staff',
 	'new_database_by_customer',
 	'new_ftpaccount_by_customer',
 	'password_reset'
 );
+
+// only show templates of features that are enabled #1191
+if ((int)$settings['system']['report_enable'] == 1) {
+	array_push($available_templates,
+		'trafficmaxpercent',
+		'diskmaxpercent'
+	);
+}
+if ((int)$settings['ticket']['enabled'] == 1) {
+	array_push($available_templates,
+		'new_ticket_by_customer',
+		'new_ticket_for_customer',
+		'new_ticket_by_staff',
+		'new_reply_ticket_by_customer',
+		'new_reply_ticket_by_staff'
+	);
+}
+
 $file_templates = array(
 	'index_html'
 );
--- a/admin_tickets.php
+++ b/admin_tickets.php
@@ -32,6 +32,22 @@ if(isset($_POST['id']))
 elseif(isset($_GET['id']))
 {
 	$id = intval($_GET['id']);
+
+	// only check if this is not a category-id
+	if (!isset($_GET['page']) || (isset($_GET['page']) && $_GET['page'] != 'categories')) {
+		if (!$userinfo['customers_see_all']) {
+			/*
+			 * Check if the current user is allowed to see the current ticket.
+			 */
+			$sql = "SELECT `id` FROM `panel_tickets` WHERE `id` = '".$id."' AND `adminid` = '".$userinfo['admindid']."'";
+
+			$result = $db->query_first($sql);
+			if ($result == null) {
+				// no rights to see the requested ticket
+				standard_error(array('ticketnotaccessible'));
+			}
+		}
+	}
 }

 if($page == 'tickets'
@@ -102,13 +118,17 @@ if($page == 'tickets'
 					if($_cid != $row['customerid'])
 					{
 						$cid = $row['customerid'];
-						$usr = $db->query_first('SELECT `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
                                     WHERE `customerid` = "' . (int)$cid . '"');

-						if(isset($usr['loginname'])) {
-							$customer = getCorrectFullUserDetails($usr) . ' (' . $usr['loginname'] . ')';
-							//$customer = $usr['firstname'] . " " . $usr['name'] . " (" . $usr['loginname'] . ")";
-						} else {
+						if(isset($usr['loginname']))
+						{
+							$customer = getCorrectFullUserDetails($usr);
+							$customerloginname =  $usr['loginname'];
+							$customerid = $usr['customerid'];
+						}
+						else
+						{
 							$customer = $lng['ticket']['nonexistingcustomer'];
 						}
 						eval("\$tickets.=\"" . getTemplate("tickets/tickets_customer") . "\";");
@@ -170,7 +190,7 @@ if($page == 'tickets'
 				$newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 				$newticket->Set('category', validate($_POST['category'], 'category'), true, false);
 				$newticket->Set('customer', (int)$_POST['customer'], true, false);
-				$newticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);
+				$newticket->Set('message', validate(htmlentities(str_replace("\r\n", "\n", $_POST['message'])), 'message', '/^[^\0]*$/'), true, false);

 				if($newticket->Get('subject') == null)
 				{
@@ -199,12 +219,16 @@ if($page == 'tickets'
 			else
 			{
 				$categories = '';
-				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
+				$where = '';
+				if ($userinfo['tickets_see_all'] != '1') {
+					$where = 'WHERE `adminid` = "' . $userinfo['adminid'] . '"';
+				}
+				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` '.$where.' ORDER BY `logicalorder`, `name` ASC');

 				if(isset($result['name'])
 				   && $result['name'] != '')
 				{
-					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
+					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` '.$where.' ORDER BY `logicalorder`, `name` ASC');

 					while($row = $db->fetch_array($result2))
 					{
@@ -224,9 +248,9 @@ if($page == 'tickets'
 					$customers.= makeoption(getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
 				}

-				$priorities = makeoption($lng['ticket']['unf_high'], '1', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_normal'], '2', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_low'], '3', $settings['ticket']['default_priority']);
+				$priorities = makeoption($lng['ticket']['high'], '1', $settings['ticket']['default_priority']);
+				$priorities.= makeoption($lng['ticket']['normal'], '2', $settings['ticket']['default_priority']);
+				$priorities.= makeoption($lng['ticket']['low'], '3', $settings['ticket']['default_priority']);

 				$ticket_new_data = include_once dirname(__FILE__).'/lib/formfields/admin/tickets/formfield.ticket_new.php';
 				$ticket_new_form = htmlform::genHTMLForm($ticket_new_data);
@@ -251,7 +275,7 @@ if($page == 'tickets'
 			$replyticket = ticket::getInstanceOf($userinfo, $db, $settings, -1);
 			$replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 			$replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
-			$replyticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);
+			$replyticket->Set('message', validate(htmlentities(str_replace("\r\n", "\n", $_POST['message'])), 'message', '/^[^\0]*$/'), true, false);

 			if($replyticket->Get('message') == null)
 			{
@@ -302,13 +326,20 @@ if($page == 'tickets'
 				$isclosed = 1;
 			}

-			if($mainticket->Get('by') == '1')
+			if ($mainticket->Get('by') == '1')
 			{
 				$by = $lng['ticket']['staff'];
 			}
 			else
 			{
-				$by = $lng['ticket']['customer'];
+				$cid = $mainticket->Get('customer');
+				$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
+						FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						WHERE `customerid` = "' . (int)$cid . '"'
+				);
+				$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">';
+				$by .= getCorrectFullUserDetails($usr).'</a>';
+				//$by = $lng['ticket']['customer'];
 			}

 			$subject = $mainticket->Get('subject');
@@ -330,7 +361,14 @@ if($page == 'tickets'
 				}
 				else
 				{
-					$by = $lng['ticket']['customer'];
+					$cid = $subticket->Get('customer');
+					$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
+						FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						WHERE `customerid` = "' . (int)$cid . '"'
+					);
+					$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">';
+					$by .= getCorrectFullUserDetails($usr).'</a>';
+					//$by = $lng['ticket']['customer'];
 				}

 				$subject = $subticket->Get('subject');
@@ -437,11 +475,16 @@ elseif($page == 'categories'
 			'name' => $lng['ticket']['category'],
 			'logicalorder' => $lng['ticket']['logicalorder']
 		);
+
+		$where = '1'; // WHERE 1 is like no 'where-clause'
+		if ($userinfo['tickets_see_all'] != '1') {
+			$where = " `main`.`adminid` = '" . (int)$userinfo['adminid'] . "'";
+		}
 		$paging = new paging($userinfo, $db, TABLE_PANEL_TICKET_CATS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 		$result = $db->query("SELECT `main`.`id`, `main`.`name`, `main`.`logicalorder`, (
                              SELECT COUNT(`sub`.`id`) FROM `" . TABLE_PANEL_TICKETS . "` `sub`
                              WHERE `sub`.`category` = `main`.`id`
-                              AND `sub`.`answerto` = '0' AND `sub`.`adminid` = '" . $userinfo['adminid'] . "')
+                              AND `sub`.`answerto` = '0'  AND `sub`.`adminid` = '" . $userinfo['adminid'] . "')
                              as `ticketcount`, (
                              SELECT COUNT(`sub2`.`id`) FROM `" . TABLE_PANEL_TICKETS . "` `sub2`
                              WHERE `sub2`.`category` = `main`.`id`
@@ -449,7 +492,7 @@ elseif($page == 'categories'
                              AND (`sub2`.`status` = '0' OR `sub2`.`status` = '1' OR `sub2`.`status` = '2')
                              AND `sub2`.`adminid` = '" . $userinfo['adminid'] . "'
                              ) as `ticketcountnotclosed`
-                              FROM `" . TABLE_PANEL_TICKET_CATS . "` `main` WHERE `main`.`adminid` = '" . (int)$userinfo['adminid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+                              FROM `" . TABLE_PANEL_TICKET_CATS . "` `main` WHERE " . $where . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -486,7 +529,7 @@ elseif($page == 'categories'
 			if($order < 1 || $order >= 1000)
 			{
 				// use the latest available
-				$order = ticket::getHighestOrderNumber($db) + 1;
+				$order = ticket::getHighestOrderNumber($db, $userinfo['adminid']) + 1;
 			}

 			if($category == '')
@@ -502,7 +545,7 @@ elseif($page == 'categories'
 		}
 		else
 		{
-			$order = ticket::getHighestOrderNumber($db) + 1;
+			$order = ticket::getHighestOrderNumber($db, $userinfo['adminid']) + 1;

 			$category_new_data = include_once dirname(__FILE__).'/lib/formfields/admin/tickets/formfield.category_new.php';
 			$category_new_form = htmlform::genHTMLForm($category_new_data);
@@ -660,12 +703,17 @@ elseif($page == 'archive'
 						if($_cid != $ticket['customerid'])
 						{
 							$cid = $ticket['customerid'];
-							$usr = $db->query_first('SELECT `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
+							$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
                                       WHERE `customerid` = "' . (int)$cid . '"');

-							if(isset($usr['loginname'])) {
-								$customer = getCorrectFullUserDetails($usr) . ' (' . $usr['loginname'] . ')';
-							} else {
+							if(isset($usr['loginname']))
+							{
+								$customer = getCorrectFullUserDetails($usr);
+								$customerloginname =  $usr['loginname'];
+								$customerid = $usr['customerid'];
+							}
+							else
+							{
 								$customer = $lng['ticket']['nonexistingcustomer'];
 							}

@@ -673,6 +721,16 @@ elseif($page == 'archive'
 						}

 						$tickets_count++;
+						switch ($ticket['priority'])
+						{
+							case 1: $ticket['display'] = 'high';
+							break;
+							case 2: $ticket['display'] = 'normal';
+							break;
+							case 3: $ticket['display'] = 'low';
+							break;
+							default: $ticket['display'] = 'unknown';
+						}
 						$ticket['priority'] = ticket::getPriorityText($lng, $ticket['priority']);

 						if($ticket['lastreplier'] == '1')
@@ -688,9 +746,7 @@ elseif($page == 'archive'
 						{
 							$ticket['subject'] = substr($ticket['subject'], 0, 17) . '...';
 						}
-
 						$ticket = htmlentities_array($ticket);
-
 						eval("\$tickets.=\"" . getTemplate("tickets/archived_tickets") . "\";");
 						$count++;
 						$_cid = $ticket['customerid'];
@@ -733,9 +789,9 @@ elseif($page == 'archive'
 				}
 			}

-			$priorities_options = makecheckbox('priority1', $lng['ticket']['unf_high'], '1');
-			$priorities_options.= makecheckbox('priority2', $lng['ticket']['unf_normal'], '2');
-			$priorities_options.= makecheckbox('priority3', $lng['ticket']['unf_low'], '3');
+			$priorities_options = makecheckbox('priority1', $lng['ticket']['high'], '1');
+			$priorities_options.= makecheckbox('priority2', $lng['ticket']['normal'], '2');
+			$priorities_options.= makecheckbox('priority3', $lng['ticket']['low'], '3');
 			$category_options = '';
 			$ccount = 0;
 			$result = $db->query('SELECT * FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `name` ASC');
@@ -774,11 +830,18 @@ elseif($page == 'archive'
 		}
 		else
 		{
-			$by = $lng['ticket']['customer'];
+			$cid = $mainticket->Get('customer');
+			$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
+						FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						WHERE `customerid` = "' . (int)$cid . '"'
+			);
+			$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">';
+			$by .= getCorrectFullUserDetails($usr).'</a>';
+			//$by = $lng['ticket']['customer'];
 		}

-		$subject = htmlentities($mainticket->Get('subject'));
-		$message = htmlentities($mainticket->Get('message'));
+		$subject = $mainticket->Get('subject');
+		$message = $mainticket->Get('message');
 		eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_main") . "\";");
 		$result = $db->query('SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
                              WHERE `id`="' . (int)$mainticket->Get('category') . '"');
@@ -796,22 +859,28 @@ elseif($page == 'archive'
 			}
 			else
 			{
-				$by = $lng['ticket']['customer'];
+				$cid = $subticket->Get('customer');
+				$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
+						FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						WHERE `customerid` = "' . (int)$cid . '"'
+				);
+				$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">';
+				$by .= getCorrectFullUserDetails($usr).'</a>';
+				//$by = $lng['ticket']['customer'];
 			}

-			$subject = htmlentities($subticket->Get('subject'));
-			$message = htmlentities($subticket->Get('message'));
+			$subject = $subticket->Get('subject');
+			$message = $subticket->Get('message');
 			eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_list") . "\";");
 		}

 		$priorities = makeoption($lng['ticket']['high'], '1', htmlentities($mainticket->Get('priority')), true, true);
 		$priorities.= makeoption($lng['ticket']['normal'], '2', htmlentities($mainticket->Get('priority')), true, true);
 		$priorities.= makeoption($lng['ticket']['low'], '3', htmlentities($mainticket->Get('priority')), true, true);
-		$subject = htmlentities($mainticket->Get('subject'));
+		$subject = $mainticket->Get('subject');
 		$ticket_replies_count = $db->num_rows($andere) + 1;

 		// don't forget the main-ticket!
-
 		eval("echo \"" . getTemplate("tickets/tickets_view") . "\";");
 	}
 	elseif($action == 'delete'
@@ -831,6 +900,6 @@ elseif($page == 'archive'
 			ask_yesno('ticket_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}
 	}
+} else {
+	standard_error('nocustomerforticket');
 }
-
-?>
--- a/admin_traffic.php
+++ b/admin_traffic.php
@@ -128,7 +128,7 @@ if($page == 'overview' || $page == 'customers')
 			
 			$traffic_list = $db->query("SELECT month, SUM(http+ftp_up+ftp_down+mail)*1024 AS traffic FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE year = " . (date("Y")-$years) . " AND `customerid` = '" . $customer_name['customerid'] . "' GROUP BY month ORDER BY month");
 			while($traffic_month = $db->fetch_array($traffic_list)) {
-				$virtual_host[$months[(int)$traffic_month['month']]] = size_readable($traffic_month['traffic'], 'GiB', 'bi', '%01.3f %s');
+				$virtual_host[$months[(int)$traffic_month['month']]] = size_readable($traffic_month['traffic'], 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
 				$totals[$months[(int)$traffic_month['month']]] += $traffic_month['traffic'];
 			}
 			eval("\$domain_list .= sprintf(\"%s\", \"" . getTemplate("traffic/index_table_row") . "\");");
@@ -138,7 +138,7 @@ if($page == 'overview' || $page == 'customers')
 			'name' => $lng['traffic']['months']['total'],
 		);
 		foreach($totals as $month => $bytes) {
-			$virtual_host[$month] = ($bytes == 0 ? '-' : size_readable($bytes, 'GiB', 'bi', '%01.3f %s'));
+			$virtual_host[$month] = ($bytes == 0 ? '-' : size_readable($bytes, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s'));
 		}
 		$customerview = 0;
 		eval("\$total_list = sprintf(\"%s\", \"" . getTemplate("traffic/index_table_row") . "\");");
--- a/admin_updates.php
+++ b/admin_updates.php
@@ -16,10 +16,9 @@
 */

 define('AREA', 'admin');
-require ("./lib/init.php");
+require('./lib/init.php');

-if($page == 'overview')
-{
+if ($page == 'overview') {
 	$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_updates");

 	/**
@@ -29,13 +28,13 @@ if($page == 'overview')
 	 */
 	if (!isFroxlor()) {
 		if (!isset($settings['panel']['version'])
-		|| $settings['panel']['version'] == ''
+			|| $settings['panel']['version'] == ''
 		) {
 			$settings['panel']['version'] = '1.4.2.1';
 			$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('panel','version','".$settings['panel']['version']."')");
 		}
 		if (!isset($settings['system']['dbversion'])
-		|| $settings['system']['dbversion'] == ''
+			|| $settings['system']['dbversion'] == ''
 		) {
 			/**
 			 * for syscp-stable (1.4.2.1) this value has to be 0
@@ -43,11 +42,9 @@ if($page == 'overview')
 			 * and the svn-version has its value in the database
 			 * -> bug #54
 			 */
-			
 			$result = $db->query_first("SELECT `value` FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `varname` = 'dbversion'");
-			
-			if(isset($result['value']))
-			{
+
+			if (isset($result['value'])) {
 				$settings['system']['dbversion'] = (int)$result['value'];
 			} else {
 				$settings['system']['dbversion'] = 0;
@@ -55,40 +52,36 @@ if($page == 'overview')
 		}
 	}

-	if(hasUpdates($version))
-	{
+	if (hasUpdates($version)) {
 		$successful_update = false;
 		$message = '';

-		if(isset($_POST['send'])
-		&& $_POST['send'] == 'send')
-		{
-			if((isset($_POST['update_preconfig'])
+		if (isset($_POST['send'])
+			&& $_POST['send'] == 'send'
+		) {
+			if ((isset($_POST['update_preconfig'])
 				&& isset($_POST['update_changesagreed'])
 				&& intval($_POST['update_changesagreed']) != 0)
 				|| !isset($_POST['update_preconfig'])
 			) {
-				eval("echo \"" . getTemplate("update/update_start") . "\";");
+				eval("echo \"" . getTemplate('update/update_start') . "\";");
 	
 				include_once './install/updatesql.php';
 	
 				$redirect_url = 'admin_index.php?s=' . $s;
-				eval("echo \"" . getTemplate("update/update_end") . "\";");
+				eval("echo \"" . getTemplate('update/update_end') . "\";");
 	
 				updateCounters();
 				inserttask('1');
 				@chmod('./lib/userdata.inc.php', 0440);
 				
 				$successful_update = true;
-			}
-			else
-			{
-				$message = '<br /><strong style="color:#ff0000;">You have to agree that you have read the update notifications.</strong>';
+			} else {
+				$message = '<br /><strong style="color: red">You have to agree that you have read the update notifications.</strong>';
 			}
 		}

-		if(!$successful_update)
-		{
+		if (!$successful_update) {
 			$current_version = $settings['panel']['version'];
 			$new_version = $version;

@@ -96,29 +89,23 @@ if($page == 'overview')
 			$ui_text = str_replace('%curversion', $current_version, $ui_text);
 			$ui_text = str_replace('%newversion', $new_version, $ui_text);
 			$update_information = $ui_text;
-			
+
 			include_once './install/updates/preconfig.php';
 			$preconfig = getPreConfig($current_version);
-			if($preconfig != '')
-			{
-				$update_information .= '<br />'.$preconfig.$message;
+			if ($preconfig != '') {
+				$update_information .= '<br />' . $preconfig . $message;
 			}
-			
+
 			$update_information .= $lng['update']['update_information']['part_b'];

-			eval("echo \"" . getTemplate("update/index") . "\";");
+			eval("echo \"" . getTemplate('update/index') . "\";");
 		}
-	}
-	else
-	{
+	} else {
 		/*
 		 * @TODO version-webcheck check here
 		 */
-
 		$success_message = $lng['update']['noupdatesavail'];
 		$redirect_url = 'admin_index.php?s=' . $s;
-		eval("echo \"" . getTemplate("update/noupdatesavail") . "\";");
+		eval("echo \"" . getTemplate('update/noupdatesavail') . "\";");
 	}
 }
-
-?>
--- a/cache/.gitignore
+++ b/cache/.gitignore
@@ -0,0 +1 @@
+*
--- a/cache/.keep
+++ b/cache/.keep
--- a/css/jquery-ui.min.css
+++ b/css/jquery-ui.min.css
--- a/css/jquery.jqplot.min.css
+++ b/css/jquery.jqplot.min.css
@@ -0,0 +1 @@
+.jqplot-target{position:relative;color:#666;font-family:"Trebuchet MS",Arial,Helvetica,sans-serif;font-size:1em}.jqplot-axis{font-size:.75em}.jqplot-xaxis{margin-top:10px}.jqplot-x2axis{margin-bottom:10px}.jqplot-yaxis{margin-right:10px}.jqplot-y2axis,.jqplot-y3axis,.jqplot-y4axis,.jqplot-y5axis,.jqplot-y6axis,.jqplot-y7axis,.jqplot-y8axis,.jqplot-y9axis,.jqplot-yMidAxis{margin-left:10px;margin-right:10px}.jqplot-axis-tick,.jqplot-xaxis-tick,.jqplot-yaxis-tick,.jqplot-x2axis-tick,.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick,.jqplot-yMidAxis-tick{position:absolute;white-space:pre}.jqplot-xaxis-tick{top:0;left:15px;vertical-align:top}.jqplot-x2axis-tick{bottom:0;left:15px;vertical-align:bottom}.jqplot-yaxis-tick{right:0;top:15px;text-align:right}.jqplot-yaxis-tick.jqplot-breakTick{right:-20px;margin-right:0;padding:1px 5px 1px 5px;z-index:2;font-size:1.5em}.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick{left:0;top:15px;text-align:left}.jqplot-yMidAxis-tick{text-align:center;white-space:nowrap}.jqplot-xaxis-label{margin-top:10px;font-size:11pt;position:absolute}.jqplot-x2axis-label{margin-bottom:10px;font-size:11pt;position:absolute}.jqplot-yaxis-label{margin-right:10px;font-size:11pt;position:absolute}.jqplot-yMidAxis-label{font-size:11pt;position:absolute}.jqplot-y2axis-label,.jqplot-y3axis-label,.jqplot-y4axis-label,.jqplot-y5axis-label,.jqplot-y6axis-label,.jqplot-y7axis-label,.jqplot-y8axis-label,.jqplot-y9axis-label{font-size:11pt;margin-left:10px;position:absolute}.jqplot-meterGauge-tick{font-size:.75em;color:#999}.jqplot-meterGauge-label{font-size:1em;color:#999}table.jqplot-table-legend{margin-top:12px;margin-bottom:12px;margin-left:12px;margin-right:12px}table.jqplot-table-legend,table.jqplot-cursor-legend{background-color:rgba(255,255,255,0.6);border:1px solid #ccc;position:absolute;font-size:.75em}td.jqplot-table-legend{vertical-align:middle}td.jqplot-seriesToggle:hover,td.jqplot-seriesToggle:active{cursor:pointer}.jqplot-table-legend .jqplot-series-hidden{text-decoration:line-through}div.jqplot-table-legend-swatch-outline{border:1px solid #ccc;padding:1px}div.jqplot-table-legend-swatch{width:0;height:0;border-top-width:5px;border-bottom-width:5px;border-left-width:6px;border-right-width:6px;border-top-style:solid;border-bottom-style:solid;border-left-style:solid;border-right-style:solid}.jqplot-title{top:0;left:0;padding-bottom:.5em;font-size:1.2em}table.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em}.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px}.jqplot-highlighter-tooltip,.jqplot-canvasOverlay-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px}.jqplot-point-label{font-size:.75em;z-index:2}td.jqplot-cursor-legend-swatch{vertical-align:middle;text-align:center}div.jqplot-cursor-legend-swatch{width:1.2em;height:.7em}.jqplot-error{text-align:center}.jqplot-error-message{position:relative;top:46%;display:inline-block}div.jqplot-bubble-label{font-size:.8em;padding-left:2px;padding-right:2px;color:rgb(20%,20%,20%)}div.jqplot-bubble-label.jqplot-bubble-label-highlight{background:rgba(90%,90%,90%,0.7)}div.jqplot-noData-container{text-align:center;background-color:rgba(96%,96%,96%,0.3)}
--- a/customer_aps.php
+++ b/customer_aps.php
@@ -17,18 +17,18 @@
 *
 */

-// Required code
-
 define('AREA', 'customer');
-require ("./lib/init.php");
+require ('./lib/init.php');
+
 $Id = 0;
+if (isset($_GET['id'])) {
+    $Id = (int)$_GET['id'];
+}
+if (isset($_POST['id'])) {
+    $Id = (int)$_POST['id'];
+}

-if(isset($_GET['id']))$Id = (int)$_GET['id'];
-
-if(isset($_POST['id']))$Id = (int)$_POST['id'];
-eval("echo \"" . getTemplate("aps/header") . "\";");
+eval("echo \"" . getTemplate('aps/header') . "\";");
 $Aps = new ApsParser($userinfo, $settings, $db);
 $Aps->MainHandler($action);
-eval("echo \"" . getTemplate("aps/footer") . "\";");
-
-?>
+eval("echo \"" . getTemplate('aps/footer') . "\";");
--- a/customer_autoresponder.php
+++ b/customer_autoresponder.php
@@ -17,18 +17,14 @@
 *
 */

-// Required code
-
 define('AREA', 'customer');
-require ("./lib/init.php");
+require('./lib/init.php');

-// Create new autoresponder
-
-if($action == "add")
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+if ($action == 'add') {
+	// Create new autoresponder
+	if (isset($_POST['send'])
+	   && $_POST['send'] == 'send'
+	) {
 		$account = trim($_POST['account']);
 		$subject = trim($_POST['subject']);
 		$message = trim($_POST['message']);
@@ -42,39 +38,31 @@ if($action == "add")
 		$ts_from = -1;
 		$ts_until = -1;

-		if($date_from_off > -1)
-		{
+		if ($date_from_off > -1) {
 			$date_from = $_POST['date_from'];
 			$ts_from = mktime(0, 0, 0, substr($date_from, 3, 2), substr($date_from, 0, 2), substr($date_from, 6, 4));
 		}
-		if($date_until_off > -1)
-		{
+		if ($date_until_off > -1) {
 			$date_until = $_POST['date_until'];
 			$ts_until = mktime(0, 0, 0, substr($date_until, 3, 2), substr($date_until, 0, 2), substr($date_until, 6, 4));
 		}

-		if(empty($account)
+		if (empty($account)
 		   || empty($subject)
-		   || empty($message))
-		{
+		   || empty($message)
+		) {
 			standard_error('missingfields');
 		}

 		// Does account exist?
-
 		$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
-
-		if($db->num_rows($result) == 0)
-		{
+		if ($db->num_rows($result) == 0) {
 			standard_error('accountnotexisting');
 		}

 		// Does autoresponder exist?
-
 		$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
-
-		if($db->num_rows($result) == 1)
-		{
+		if ($db->num_rows($result) == 1) {
 			standard_error('autoresponderalreadyexists');
 		}

@@ -92,25 +80,20 @@ if($action == "add")
 	}

 	// Get accounts
-
 	$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` NOT IN (SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "`) ORDER BY email ASC");
-
-	if($db->num_rows($result) == 0)
-	{
+	if ($db->num_rows($result) == 0) {
 		standard_error('noemailaccount');
 	}

 	$accounts = '';
-
-	while($row = $db->fetch_array($result))
-	{
-		$accounts.= "<option value=\"" . $row['email'] . "\">" . $row['email'] . "</option>";
+	while ($row = $db->fetch_array($result)) {
+		$accounts .= '<option value="' . $row['email'] . '">' . $row['email'] . '</option>';
 	}

 	$date_from_off = makecheckbox('date_from_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
 	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);

-	#$isactive = makeyesno('active', '1', '0', '1');
+	//$isactive = makeyesno('active', '1', '0', '1');

 	$autoresponder_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/autoresponder/formfield.autoresponder_add.php';
 	$autoresponder_add_form = htmlform::genHTMLForm($autoresponder_add_data);
@@ -118,18 +101,12 @@ if($action == "add")
 	$title = $autoresponder_add_data['autoresponder_add']['title'];
 	$image = $autoresponder_add_data['autoresponder_add']['image'];

-	eval("echo \"" . getTemplate("autoresponder/autoresponder_add") . "\";");
-}
-
-// Edit autoresponder
-
-else
-
-if($action == "edit")
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+	eval("echo \"" . getTemplate('autoresponder/autoresponder_add') . "\";");
+} elseif ($action == 'edit') {
+	// Edit autoresponder
+	if (isset($_POST['send'])
+	   && $_POST['send'] == 'send'
+	) {
 		$account = trim($_POST['account']);
 		$subject = trim($_POST['subject']);
 		$message = trim($_POST['message']);
@@ -143,49 +120,36 @@ if($action == "edit")
 		$ts_from = -1;
 		$ts_until = -1;

-		if($date_from_off > -1)
-		{
+		if ($date_from_off > -1) {
 			$date_from = $_POST['date_from'];
 			$ts_from = mktime(0, 0, 0, substr($date_from, 3, 2), substr($date_from, 0, 2), substr($date_from, 6, 4));
 		}
-		if($date_until_off > -1)
-		{
+		if ($date_until_off > -1) {
 			$date_until = $_POST['date_until'];
 			$ts_until = mktime(0, 0, 0, substr($date_until, 3, 2), substr($date_until, 0, 2), substr($date_until, 6, 4));
 		}

-		if(empty($account)
+		if (empty($account)
 		   || empty($subject)
-		   || empty($message))
-		{
+		   || empty($message)
+		) {
 			standard_error('missingfields');
 		}

 		// Does account exist?
-
 		$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
-
-		if($db->num_rows($result) == 0)
+		if ($db->num_rows($result) == 0)
 		{
 			standard_error('accountnotexisting');
 		}

 		// Does autoresponder exist?
-
 		$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
-
-		if($db->num_rows($result) == 0)
-		{
+		if ($db->num_rows($result) == 0) {
 			standard_error('invalidautoresponder');
 		}

-		$ResponderActive = 0;
-
-		if(isset($_POST['active'])
-		   && $_POST['active'] == '1')
-		{
-			$ResponderActive = 1;
-		}
+		$ResponderActive = (isset($_POST['active']) && $_POST['active'] == '1') ? 1 : 0;

 		$db->query("UPDATE `" . TABLE_MAIL_AUTORESPONDER . "`
 			SET `message` = '" . $db->escape($message) . "',
@@ -202,11 +166,8 @@ if($action == "edit")
 	$email = trim(htmlspecialchars($_GET['email']));

 	// Get account data
-
 	$result = $db->query("SELECT * FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($email) . "' LIMIT 0,1");
-
-	if($db->num_rows($result) == 0)
-	{
+	if ($db->num_rows($result) == 0) {
 		standard_error('invalidautoresponder');
 	}

@@ -217,31 +178,25 @@ if($action == "edit")
 	$date_from = (int)$row['date_from'];
 	$date_until = (int)$row['date_until'];

-	if($date_from == -1)
-	{
+	if ($date_from == -1) {
 		$deactivated = '-1';
 		$date_from = '';
-	}
-	else
-	{
+	} else {
 		$deactivated = '0';
 		$date_from = date('d-m-Y', $date_from);
 	}
 	$date_from_off = makecheckbox('date_from_off', $lng['panel']['not_activated'], '-1', false, $deactivated, true, true);

-	if($date_until == -1)
-	{
+	if ($date_until == -1) {
 		$deactivated = '-1';
 		$date_until = '';
-	}
-	else
-	{
+	} else {
 		$deactivated = '0';
 		$date_until = date('d-m-Y', $date_until);
 	}
 	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, $deactivated, true, true);

-	#$isactive = makeyesno('active', '1', '0', $row['enabled']);
+	//$isactive = makeyesno('active', '1', '0', $row['enabled']);

 	$autoresponder_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/autoresponder/formfield.autoresponder_edit.php';
 	$autoresponder_edit_form = htmlform::genHTMLForm($autoresponder_edit_data);
@@ -249,26 +204,17 @@ if($action == "edit")
 	$title = $autoresponder_edit_data['autoresponder_edit']['title'];
 	$image = $autoresponder_edit_data['autoresponder_edit']['image'];

-	eval("echo \"" . getTemplate("autoresponder/autoresponder_edit") . "\";");
-}
-
-// Delete autoresponder
-
-else
-
-if($action == "delete")
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+	eval("echo \"" . getTemplate('autoresponder/autoresponder_edit') . "\";");
+} elseif ($action == 'delete') {
+	// Delete autoresponder
+	if (isset($_POST['send'])
+	   && $_POST['send'] == 'send'
+	) {
 		$account = trim($_POST['account']);

 		// Does autoresponder exist?
-
 		$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
-
-		if($db->num_rows($result) == 0)
-		{
+		if ($db->num_rows($result) == 0) {
 			standard_error('invalidautoresponder');
 		}

@@ -282,37 +228,25 @@ if($action == "delete")

 	$email = trim(htmlspecialchars($_GET['email']));
 	ask_yesno('autoresponderdelete', $filename, array('action' => $action, 'account' => $email));
-}
-
-// List existing autoresponders
-
-else
-{
+} else {
+	// List existing autoresponders
 	$autoresponder = '';
 	$count = 0;
 	$result = $db->query("SELECT * FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' ORDER BY email ASC");

-	while($row = $db->fetch_array($result))
-	{
-		if($row['date_from'] == -1 && $row['date_until'] == -1)
-		{
+	while ($row = $db->fetch_array($result)) {
+		if ($row['date_from'] == -1 && $row['date_until'] == -1) {
 			$activated_date = $lng['panel']['not_activated'];
-		}
-		elseif($row['date_from'] == -1 && $row['date_until'] != -1)
-		{
+		} elseif($row['date_from'] == -1 && $row['date_until'] != -1) {
 			$activated_date = $lng['autoresponder']['date_until'].': '.date('d-m-Y', $row['date_until']);
-		}
-		elseif($row['date_from'] != -1 && $row['date_until'] == -1)
-		{
+		} elseif($row['date_from'] != -1 && $row['date_until'] == -1) {
 			$activated_date = $lng['autoresponder']['date_from'].': '.date('d-m-Y', $row['date_from']);
-		}
-		else
-		{
+		} else {
 			$activated_date = date('d-m-Y', $row['date_from']) . ' - ' . date('d-m-Y', $row['date_until']);
 		}
-		eval("\$autoresponder.=\"" . getTemplate("autoresponder/autoresponder_autoresponder") . "\";");
+		eval("\$autoresponder.=\"" . getTemplate('autoresponder/autoresponder_autoresponder') . "\";");
 		$count++;
 	}

-	eval("echo \"" . getTemplate("autoresponder/autoresponder") . "\";");
+	eval("echo \"" . getTemplate('autoresponder/autoresponder') . "\";");
 }
--- a/customer_domains.php
+++ b/customer_domains.php
@@ -45,9 +45,7 @@ elseif($page == 'domains')
 	{
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_domains::domains");
 		$fields = array(
-			'd.domain' => $lng['domains']['domainname'],
-			'd.documentroot' => $lng['panel']['path'],
-			'd.aliasdomain' => $lng['domains']['aliasdomain']
+			'd.domain' => $lng['domains']['domainname']
 		);
 		$paging = new paging($userinfo, $db, TABLE_PANEL_DOMAINS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 		$result = $db->query("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`caneditdomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`, `da`.`id` AS `domainaliasid`, `da`.`domain` AS `domainalias` FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id` LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `da` ON `da`.`aliasdomain`=`d`.`id` WHERE `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `d`.`email_only`='0' AND `d`.`id` <> " . (int)$userinfo['standardsubdomain'] . " " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
@@ -73,17 +71,33 @@ elseif($page == 'domains')
 				$parentdomains_count++;
 			}

-			$domains_count++;
-/*
-			$domainparts = explode('.', $row['domain']);
-			$domainparts = array_reverse($domainparts);
-			$sortkey = '';
-			foreach($domainparts as $key => $part)
-			{
-				$sortkey.= $part . '.';
+			/**
+			 * check for set ssl-certs to show different state-icons
+			 */
+			// nothing (ssl_global)
+			$row['domain_hascert'] = 0;
+			$ssl_result = $db->query_first("SELECT * FROM `".TABLE_PANEL_DOMAIN_SSL_SETTINGS."` WHERE `domainid`='".(int)$row['id']."';");
+			if (is_array($ssl_result)
+				&& isset($ssl_result['ssl_cert_file'])
+				&& $ssl_result['ssl_cert_file'] != ''
+			) {
+				// own certificate (ssl_customer_green)
+				$row['domain_hascert'] = 1;
+			} else {
+				// check if it's parent has one set (shared)
+				if ($row['parentdomainid'] != 0) {
+					$ssl_result = $db->query_first("SELECT * FROM `".TABLE_PANEL_DOMAIN_SSL_SETTINGS."` WHERE `domainid`='".(int)$row['parentdomainid']."';");
+					if (is_array($ssl_result)
+							&& isset($ssl_result['ssl_cert_file'])
+							&& $ssl_result['ssl_cert_file'] != ''
+					) {
+						// parent has a certificate (ssl_shared)
+						$row['domain_hascert'] = 2;
+					}
+				}
 			}
-			$domain_array[$sortkey] = $row;
-*/
+
+			$domains_count++;
 			$domain_array[$row['domain']] = $row;
 		}

@@ -151,6 +165,14 @@ elseif($page == 'domains')
 						$row['documentroot'] = makeCorrectDir(substr($row['documentroot'], strlen($userinfo['documentroot'])));
 					}

+					// get ssl-ips if activated
+					$show_ssledit = false;
+					if ($settings['system']['use_ssl'] == '1'
+							&& domainHasSslIpPort($row['id'])
+							&& $row['caneditdomain'] == '1'
+					) {
+						$show_ssledit = true;
+					}
 					$row = htmlentities_array($row);
 					eval("\$domains.=\"" . getTemplate("domains/domains_domain") . "\";");
 				}
@@ -196,7 +218,10 @@ elseif($page == 'domains')
 				$result = $db->query("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 				$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `subdomains_used`=`subdomains_used`-1 WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 				inserttask('1');
+
+				// Using nameserver, insert a task which rebuilds the server config
 				inserttask('4');
+
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
 			else
@@ -229,9 +254,9 @@ elseif($page == 'domains')
 				$_doredirect = false;

 				if($aliasdomain != 0)
-				{
+				{ 
 					// also check ip/port combination to be the same, #176
-					$aliasdomain_check = $db->query_first('SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\' AND `d`.`ipandport` = \''.(int)$domain_check['ipandport'].'\'');
+					$aliasdomain_check = $db->query_first("SELECT `d`.`id` FROM `" . TABLE_PANEL_DOMAINS . "` `d` , `" . TABLE_PANEL_CUSTOMERS . "` `c` , `".TABLE_DOMAINTOIP."` `dip` WHERE `d`.`aliasdomain` IS NULL AND `d`.`id` = '".(int)$aliasdomain."' AND `c`.`standardsubdomain` <> `d`.`id` AND `d`.`customerid` = '" . (int)$userinfo['customerid'] . "' AND `c`.`customerid` = `d`.`customerid` AND `d`.`id` = `dip`.`id_domain` AND `dip`.`id_ipandports` IN (SELECT `id_ipandports` FROM `".TABLE_DOMAINTOIP."` WHERE `id_domain` = '".(int)$aliasdomain."') GROUP BY `d`.`domain` ORDER BY `d`.`domain` ASC;");
 				}

 				if(isset($_POST['url'])
@@ -249,8 +274,17 @@ elseif($page == 'domains')
 				if(!preg_match('/^https?\:\/\//', $path)
 				   || !validateUrl($idna_convert->encode($path)))
 				{
-					$path = $userinfo['documentroot'] . '/' . $path;
-					$path = makeCorrectDir($path);
+					// If path is empty or '/' and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
+					// set default path to subdomain or domain name
+					if((($path == '') || ($path == '/'))
+						&& $settings['system']['documentroot_use_default_value'] == 1)
+					{
+						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $completedomain);
+					}
+					else
+					{
+						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
+					}
 					if (strstr($path, ":") !== FALSE)
 					{
 						standard_error('pathmaynotcontaincolon');
@@ -324,18 +358,18 @@ elseif($page == 'domains')
 								`customerid` = '" . (int)$userinfo['customerid'] . "',
 								`domain` = '" . $db->escape($completedomain) . "', 
 								`documentroot` = '" . $db->escape($path) . "', 
-								`ipandport` = '" . $db->escape($domain_check['ipandport']) . "', 
 								`aliasdomain` = ".(($aliasdomain != 0) ? "'" . $db->escape($aliasdomain) . "'" : "NULL") .", 
 								`parentdomainid` = '" . (int)$domain_check['id'] . "', 
 								`isemaildomain` = '" . ($domain_check['subcanemaildomain'] == '3' ? '1' : '0') . "', 
 								`openbasedir` = '" . $db->escape($domain_check['openbasedir']) . "', 
-								`openbasedir_path` = '" . $db->escape($openbasedir_path) . "', 
-								`safemode` = '" . $db->escape($domain_check['safemode']) . "', 
+								`openbasedir_path` = '" . $db->escape($openbasedir_path) . "',
 								`speciallogfile` = '" . $db->escape($domain_check['speciallogfile']) . "', 
 								`specialsettings` = '" . $db->escape($domain_check['specialsettings']) . "', 
 								`ssl_redirect` = '" . $ssl_redirect . "', 
 								`phpsettingid` = '" . $phpsid_result['phpsettingid'] . "'");

+					$result = $db->query("INSERT INTO `".TABLE_DOMAINTOIP."` (`id_domain`, `id_ipandports`) SELECT LAST_INSERT_ID(), `id_ipandports` FROM `".TABLE_DOMAINTOIP."` WHERE `id_domain` = '" . (int)$domain_check['id'] . "';");
+
 					if($_doredirect)
 					{
 						$did = $db->insert_id();
@@ -346,7 +380,10 @@ elseif($page == 'domains')
 					$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `subdomains_used`=`subdomains_used`+1 WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 					$log->logAction(USR_ACTION, LOG_INFO, "added subdomain '" . $completedomain . "'");
 					inserttask('1');
+
+					// Using nameserver, insert a task which rebuilds the server config
 					inserttask('4');
+
 					redirectTo($filename, Array('page' => $page, 's' => $s));
 				}
 			}
@@ -378,7 +415,13 @@ elseif($page == 'domains')
 					}
 				}

-				#$ssl_redirect = makeyesno('ssl_redirect', '1', '0', $result['ssl_redirect']);
+				// check if we at least have one ssl-ip/port, #1179
+				$ssl_ipsandports = '';
+				$resultX = $db->query_first("SELECT COUNT(*) as countSSL FROM `panel_ipsandports` WHERE `ssl`='1'");
+				if (isset($resultX['countSSL']) && (int)$resultX['countSSL'] > 0) {
+					$ssl_ipsandports = 'notempty';
+				}
+
 				$openbasedir = makeoption($lng['domain']['docroot'], 0, NULL, true) . makeoption($lng['domain']['homedir'], 1, NULL, true);
 				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);

@@ -395,7 +438,7 @@ elseif($page == 'domains')
 	elseif($action == 'edit'
 	       && $id != 0)
 	{
-		$result = $db->query_first("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir_path`, `d`.`ipandport`, `pd`.`subcanemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd` WHERE `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `d`.`id`='" . (int)$id . "' AND ((`d`.`parentdomainid`!='0' AND `pd`.`id`=`d`.`parentdomainid`) OR (`d`.`parentdomainid`='0' AND `pd`.`id`=`d`.`id`)) AND `d`.`caneditdomain`='1'");
+		$result = $db->query_first("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`wwwserveralias`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir`, `d`.`openbasedir_path`, `pd`.`subcanemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd` WHERE `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `d`.`id`='" . (int)$id . "' AND ((`d`.`parentdomainid`!='0' AND `pd`.`id`=`d`.`parentdomainid`) OR (`d`.`parentdomainid`='0' AND `pd`.`id`=`d`.`id`)) AND `d`.`caneditdomain`='1'");
 		$alias_check = $db->query_first('SELECT COUNT(`id`) AS count FROM `' . TABLE_PANEL_DOMAINS . '` WHERE `aliasdomain`=\'' . (int)$result['id'] . '\'');
 		$alias_check = $alias_check['count'];
 		$_doredirect = false;
@@ -421,8 +464,17 @@ elseif($page == 'domains')
 				if(!preg_match('/^https?\:\/\//', $path)
 				   || !validateUrl($idna_convert->encode($path)))
 				{
-					$path = $userinfo['documentroot'] . '/' . $path;
-					$path = makeCorrectDir($path);
+					// If path is empty or '/' and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
+					// set default path to subdomain or domain name
+					if((($path == '') || ($path == '/'))
+						&& $settings['system']['documentroot_use_default_value'] == 1)
+					{
+						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $result['domain']);
+					}
+					else
+					{
+						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
+					}
 					if (strstr($path, ":") !== FALSE)
 					{
 						standard_error('pathmaynotcontaincolon');
@@ -435,15 +487,14 @@ elseif($page == 'domains')

 				$aliasdomain = intval($_POST['alias']);

-				if(isset($_POST['iswildcarddomain'])
-				   && $_POST['iswildcarddomain'] == '1'
+				if(isset($_POST['selectserveralias'])
 				   && $result['parentdomainid'] == '0'
-				){
-					$iswildcarddomain = '1';
-				}
-				else
-				{
+				) {
+					$iswildcarddomain = ($_POST['selectserveralias'] == '0') ? '1' : '0';
+					$wwwserveralias = ($_POST['selectserveralias'] == '1') ? '1' : '0';
+				} else {
 					$iswildcarddomain = '0';
+					$wwwserveralias = '0';
 				}

 				if($result['parentdomainid'] != '0'
@@ -513,15 +564,28 @@ elseif($page == 'domains')

 					if($path != $result['documentroot']
 					   || $isemaildomain != $result['isemaildomain']
+					   || $wwwserveralias != $result['wwwserveralias']
 					   || $iswildcarddomain != $result['iswildcarddomain']
 					   || $aliasdomain != $result['aliasdomain']
 					   || $openbasedir_path != $result['openbasedir_path']
 					   || $ssl_redirect != $result['ssl_redirect'])
 					{
 						$log->logAction(USR_ACTION, LOG_INFO, "edited domain '" . $idna_convert->decode($result['domain']) . "'");
-						$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `documentroot`='" . $db->escape($path) . "', `isemaildomain`='" . (int)$isemaildomain . "', `iswildcarddomain`='" . (int)$iswildcarddomain . "', `aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ",`openbasedir_path`='" . $db->escape($openbasedir_path) . "', `ssl_redirect`='" . $ssl_redirect . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+						$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
+							`documentroot`='" . $db->escape($path) . "',
+							`isemaildomain`='" . (int)$isemaildomain . "',
+							`wwwserveralias`='" . (int)$wwwserveralias . "',
+							`iswildcarddomain`='" . (int)$iswildcarddomain . "',
+							`aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ",
+							`openbasedir_path`='" . $db->escape($openbasedir_path) . "',
+							`ssl_redirect`='" . $ssl_redirect . "'
+							WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'"
+						);
 						inserttask('1');
+
+						// Using nameserver, insert a task which rebuilds the server config
 						inserttask('4');
+
 					}

 					redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -530,9 +594,10 @@ elseif($page == 'domains')
 			else
 			{
 				$result['domain'] = $idna_convert->decode($result['domain']);
+  
 				$domains = makeoption($lng['domains']['noaliasdomain'], 0, $result['aliasdomain'], true);
 				// also check ip/port combination to be the same, #176
-				$result_domains = $db->query("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`id`<>'" . (int)$result['id'] . "' AND `c`.`standardsubdomain`<>`d`.`id` AND `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `c`.`customerid`=`d`.`customerid` AND `d`.`ipandport` = '".(int)$result['ipandport']."' ORDER BY `d`.`domain` ASC");
+				$result_domains = $db->query("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d` , `" . TABLE_PANEL_CUSTOMERS . "` `c` , `".TABLE_DOMAINTOIP."` `dip` WHERE `d`.`aliasdomain` IS NULL AND `d`.`id` <> '".(int)$result['id']."' AND `c`.`standardsubdomain` <> `d`.`id` AND `d`.`customerid` = '" . (int)$userinfo['customerid'] . "' AND `c`.`customerid` = `d`.`customerid` AND `d`.`id` = `dip`.`id_domain` AND `dip`.`id_ipandports` IN (SELECT `id_ipandports` FROM `".TABLE_DOMAINTOIP."` WHERE `id_domain` = '".(int)$result['id']."') GROUP BY `d`.`domain` ORDER BY `d`.`domain` ASC");

 				while($row_domain = $db->fetch_array($result_domains))
 				{
@@ -570,16 +635,33 @@ elseif($page == 'domains')
 					}
 				}

-				#$ssl_redirect = makeyesno('ssl_redirect', '1', '0', $result['ssl_redirect']);
-				#$iswildcarddomain = makeyesno('iswildcarddomain', '1', '0', $result['iswildcarddomain']);
-				#$isemaildomain = makeyesno('isemaildomain', '1', '0', $result['isemaildomain']);
+				// check if we at least have one ssl-ip/port, #1179
+				$ssl_ipsandports = '';
+				$resultX = $db->query_first("SELECT COUNT(*) as countSSL FROM `panel_ipsandports` WHERE `ssl`='1'");
+				if (isset($resultX['countSSL']) && (int)$resultX['countSSL'] > 0) {
+					$ssl_ipsandports = 'notempty';
+				}
+
 				$openbasedir = makeoption($lng['domain']['docroot'], 0, $result['openbasedir_path'], true) . makeoption($lng['domain']['homedir'], 1, $result['openbasedir_path'], true);

-				$result_ipandport = $db->query_first("SELECT `ip` FROM `".TABLE_PANEL_IPSANDPORTS."` WHERE `id`='".(int)$result['ipandport']."'");
-				if(filter_var($result_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
-				{
-					$result_ipandport['ip'] = '[' . $result_ipandport['ip'] . ']';
+				// create serveralias options
+				$serveraliasoptions = "";
+				$_value = '2';
+				if ($result['iswildcarddomain'] == '1') {
+					$_value = '0';
+				} elseif ($result['wwwserveralias'] == '1') {
+					$_value = '1';
 				}
+				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_wildcard'], '0', $_value, true, true);
+				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_www'], '1', $_value, true, true);
+				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_none'], '2', $_value, true, true);
+
+				$resultips = $db->query("SELECT `p`.`ip` AS `ip` FROM `".TABLE_PANEL_IPSANDPORTS."` `p` LEFT JOIN `".TABLE_DOMAINTOIP."` `dip` ON ( `dip`.`id_ipandports` = `p`.`id` ) WHERE `dip`.`id_domain` = '".(int)$result['id']."' GROUP BY `p`.`ip`");
+				$result_ipandport['ip'] = '';
+				while ($rowip = $db->fetch_array($resultips)) {
+					$result_ipandport['ip'] .= $rowip['ip'] . "<br />";
+				}
+
 				$domainip = $result_ipandport['ip'];
 				$result = htmlentities_array($result);

@@ -598,5 +680,126 @@ elseif($page == 'domains')
 		}
 	}
 }
+elseif ($page == 'domainssleditor') {

-?>
+	if ($action == ''
+			|| $action == 'view'
+	) {
+		if (isset($_POST['send'])
+				&& $_POST['send'] == 'send'
+		) {
+
+			$ssl_cert_file = isset($_POST['ssl_cert_file']) ? $_POST['ssl_cert_file'] : '';
+			$ssl_key_file = isset($_POST['ssl_key_file']) ? $_POST['ssl_key_file'] : '';
+			$ssl_ca_file = isset($_POST['ssl_ca_file']) ? $_POST['ssl_ca_file'] : '';
+			$ssl_cert_chainfile = isset($_POST['ssl_cert_chainfile']) ? $_POST['ssl_cert_chainfile'] : '';
+			$do_insert = isset($_POST['do_insert']) ? (($_POST['do_insert'] == 1) ? true : false) : false;
+
+			if ($ssl_cert_file != '' && $ssl_key_file == '') {
+				standard_error('sslcertificateismissingprivatekey');
+			}
+
+			$do_verify = true;
+
+			// no cert-file given -> forget everything
+			if ($ssl_cert_file == '') {
+				$ssl_key_file = '';
+				$ssl_ca_file = '';
+				$ssl_cert_chainfile = '';
+				$do_verify = false;
+			}
+
+			// verify certificate content
+			if ($do_verify) {
+				// array openssl_x509_parse ( mixed $x509cert [, bool $shortnames = true ] )
+				// openssl_x509_parse() returns information about the supplied x509cert, including fields such as 
+				// subject name, issuer name, purposes, valid from and valid to dates etc.
+				$cert_content = openssl_x509_parse($ssl_cert_file);
+
+				if (is_array($cert_content)
+						&& isset($cert_content['subject'])
+						&& isset($cert_content['subject']['CN'])
+				) {
+					// TODO self-signed certs might differ and don't need/want this
+					/*
+					$domain = $db->query_first("SELECT * FROM `".TABLE_PANEL_DOMAINS."` WHERE `id`='".(int)$id."'");
+					if (strtolower($cert_content['subject']['CN']) != strtolower($idna_convert->decode($domain['domain']))) {
+						standard_error('sslcertificatewrongdomain');
+					}
+					*/
+
+					// bool openssl_x509_check_private_key ( mixed $cert , mixed $key )
+					// Checks whether the given key is the private key that corresponds to cert.
+					if (openssl_x509_check_private_key($ssl_cert_file, $ssl_key_file) === false) {
+						standard_error('sslcertificateinvalidcertkeypair');
+					}
+
+					// check optional stuff
+					if ($ssl_ca_file != '') {
+						$ca_content = openssl_x509_parse($ssl_ca_file);
+						if (!is_array($ca_content)) {
+							// invalid
+							standard_error('sslcertificateinvalidca');
+						}
+					}
+					if ($ssl_cert_chainfile != '') {
+						$chain_content = openssl_x509_parse($ssl_cert_chainfile);
+						if (!is_array($chain_content)) {
+							// invalid
+							standard_error('sslcertificateinvalidchain');
+						}
+					}
+				} else {
+					standard_error('sslcertificateinvalidcert');
+				}
+			}
+
+			// Add/Update database entry
+			$qrystart = "UPDATE ";
+			$qrywhere = "WHERE ";
+			if ($do_insert) {
+				$qrystart = "INSERT INTO ";
+				$qrywhere = ", ";
+			}
+			$db->query($qrystart." `".TABLE_PANEL_DOMAIN_SSL_SETTINGS."` SET
+					`ssl_cert_file` = '".$db->escape($ssl_cert_file)."',
+					`ssl_key_file` = '".$db->escape($ssl_key_file)."',
+					`ssl_ca_file` = '".$db->escape($ssl_ca_file)."',
+					`ssl_cert_chainfile` = '".$db->escape($ssl_cert_chainfile)."'
+					".$qrywhere." `domainid`='".(int)$id."';"
+			);
+
+			// insert task to re-generate webserver-configs (#1260)
+			inserttask('1');
+
+			// back to domain overview
+			redirectTo($filename, array('page' => 'domains', 's' => $s));
+		}
+
+		$result = $db->query_first("SELECT * FROM `".TABLE_PANEL_DOMAIN_SSL_SETTINGS."`
+			WHERE `domainid`='".(int)$id."';"
+		);
+
+		$do_insert = false;
+		// if no entry can be found, behave like we have empty values
+		if (!is_array($result) || !isset($result['ssl_cert_file'])) {
+			$result = array(
+				'ssl_cert_file' => '',
+				'ssl_key_file' => '',
+				'ssl_ca_file' => '',
+				'ssl_cert_chainfile' => ''
+			);
+			$do_insert = true;
+		}
+
+		$result = htmlentities_array($result);
+
+		$ssleditor_data = include_once dirname(__FILE__).'/lib/formfields/customer/domains/formfield.domain_ssleditor.php';
+		$ssleditor_form = htmlform::genHTMLForm($ssleditor_data);
+
+		$title = $ssleditor_data['domain_ssleditor']['title'];
+		$image = $ssleditor_data['domain_ssleditor']['image'];
+
+		eval("echo \"" . getTemplate("domains/domain_ssleditor") . "\";");
+	}
+}
--- a/customer_email.php
+++ b/customer_email.php
@@ -50,7 +50,7 @@ elseif($page == 'emails')
 			'm.destination' => $lng['emails']['forwarders']
 		);
 		$paging = new paging($userinfo, $db, TABLE_MAIL_VIRTUAL, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result = $db->query('SELECT `m`.`id`, `m`.`domainid`, `m`.`email`, `m`.`email_full`, `m`.`iscatchall`, `u`.`quota`, `m`.`destination`, `m`.`popaccountid`, `d`.`domain` FROM `' . TABLE_MAIL_VIRTUAL . '` `m` LEFT JOIN `' . TABLE_PANEL_DOMAINS . '` `d` ON (`m`.`domainid` = `d`.`id`) LEFT JOIN `' . TABLE_MAIL_USERS . '` `u` ON (`m`.`popaccountid` = `u`.`id`) WHERE `m`.`customerid`="' . $db->escape($userinfo['customerid']) . '" ' . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		$result = $db->query('SELECT `m`.`id`, `m`.`domainid`, `m`.`email`, `m`.`email_full`, `m`.`iscatchall`, `u`.`quota`, `m`.`destination`, `m`.`popaccountid`, `d`.`domain`, `u`.`mboxsize` FROM `' . TABLE_MAIL_VIRTUAL . '` `m` LEFT JOIN `' . TABLE_PANEL_DOMAINS . '` `d` ON (`m`.`domainid` = `d`.`id`) LEFT JOIN `' . TABLE_MAIL_USERS . '` `u` ON (`m`.`popaccountid` = `u`.`id`) WHERE `m`.`customerid`="' . $db->escape($userinfo['customerid']) . '" ' . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -66,6 +66,7 @@ elseif($page == 'emails')
 				$emails[$row['domain']] = array();
 			}

+			$row['mboxsize'] = size_readable($row['mboxsize']);
 			$emails[$row['domain']][$row['email_full']] = $row;
 		}

@@ -237,7 +238,7 @@ elseif($page == 'emails')
 					standard_error('emailiswrong', $email_full);
 				}

-				$email_check = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE ( `email`='" . $db->escape($email) . "' OR `email_full` = '" . $db->escape($email_full) . "' ) AND `customerid`='" . (int)$userinfo['customerid'] . "'");
+				$email_check = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE (`email` = '" . strtolower($db->escape($email)) . "' OR `email_full` = '" . strtolower($db->escape($email_full)) . "') AND `customerid`='" . (int)$userinfo['customerid'] . "'");

 				if($email == ''
 				   || $email_full == ''
@@ -253,7 +254,7 @@ elseif($page == 'emails')
 				{
 					standard_error('maindomainnonexist', $domain);
 				}
-				elseif($email_check['email_full'] == $email_full)
+				elseif(strtolower($email_check['email_full']) == strtolower($email_full))
 				{
 					standard_error('emailexistalready', $email_full);
 				}
@@ -281,9 +282,15 @@ elseif($page == 'emails')
 					$domains.= makeoption($idna_convert->decode($row['domain']), $row['domain']);
 				}

-				#$iscatchall = makeyesno('iscatchall', '1', '0', '0');
+				//$iscatchall = makeyesno('iscatchall', '1', '0', '0');

 				$email_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_add.php';
+
+				if ( $settings['catchall']['catchall_enabled'] != '1' )
+				{
+					unset($email_add_data['emails_add']['sections']['section_a']['fields']['iscatchall']);
+				}
+
 				$email_add_form = htmlform::genHTMLForm($email_add_data);

 				$title = $email_add_data['emails_add']['title'];
@@ -330,6 +337,12 @@ elseif($page == 'emails')
 			$result = htmlentities_array($result);

 			$email_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_edit.php';
+
+			if ( $settings['catchall']['catchall_enabled'] != '1' )
+			{
+				unset($email_edit_data['emails_edit']['sections']['section_a']['fields']['mail_catchall']);
+			}
+
 			$email_edit_form = htmlform::genHTMLForm($email_edit_data);

 			$title = $email_edit_data['emails_edit']['title'];
@@ -341,34 +354,41 @@ elseif($page == 'emails')
 	elseif($action == 'togglecatchall'
 	       && $id != 0)
 	{
-		$result = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `popaccountid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
-
-		if(isset($result['email'])
-		   && $result['email'] != '')
+		if ( $settings['catchall']['catchall_enabled'] == '1' )
 		{
-			if($result['iscatchall'] == '1')
-			{
-				$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `email` = '" . $db->escape($result['email_full']) . "', `iscatchall` = '0' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['id'] . "'");
-			}
-			else
-			{
-				$email_parts = explode('@', $result['email_full']);
-				$email = '@' . $email_parts[1];
-				$email_check = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `email`='" . $db->escape($email) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");
+			$result = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `popaccountid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");

-				if($email_check['email'] == $email)
+			if(isset($result['email'])
+			   && $result['email'] != '')
+			{
+				if($result['iscatchall'] == '1')
 				{
-					standard_error('youhavealreadyacatchallforthisdomain');
-					exit;
+					$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `email` = '" . $db->escape($result['email_full']) . "', `iscatchall` = '0' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['id'] . "'");
 				}
 				else
 				{
-					$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `email` = '$email' , `iscatchall` = '1' WHERE `customerid`='" . $userinfo['customerid'] . "' AND `id`='" . $result['id'] . "'");
-					$log->logAction(USR_ACTION, LOG_INFO, "edited email address '" . $email . "'");
-				}
-			}
+					$email_parts = explode('@', $result['email_full']);
+					$email = '@' . $email_parts[1];
+					$email_check = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `email`='" . $db->escape($email) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");

-			redirectTo($filename, Array('page' => $page, 'action' => 'edit', 'id' => $id, 's' => $s));
+					if($email_check['email'] == $email)
+					{
+						standard_error('youhavealreadyacatchallforthisdomain');
+						exit;
+					}
+					else
+					{
+						$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `email` = '$email' , `iscatchall` = '1' WHERE `customerid`='" . $userinfo['customerid'] . "' AND `id`='" . $result['id'] . "'");
+						$log->logAction(USR_ACTION, LOG_INFO, "edited email address '" . $email . "'");
+					}
+				}
+
+				redirectTo($filename, Array('page' => $page, 'action' => 'edit', 'id' => $id, 's' => $s));
+			}
+		}
+		else
+		{
+			standard_error(array('operationnotpermitted', 'featureisdisabled'), 'Catchall');
 		}
 	}
 }
@@ -439,11 +459,42 @@ elseif($page == 'accounts')
 							$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
 						}

-						$db->query("INSERT INTO `" . TABLE_MAIL_USERS . "` (`customerid`, `email`, `username`, " . ($settings['system']['mailpwcleartext'] == '1' ? '`password`, ' : '') . " `password_enc`, `homedir`, `maildir`, `uid`, `gid`, `domainid`, `postfix`, `quota`, `imap`, `pop3`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($email_full) . "', '" . $db->escape($username) . "', " . ($settings['system']['mailpwcleartext'] == '1' ? "'" . $db->escape($password) . "'," : '') . " ENCRYPT('" . $db->escape($password) . "'), '" . $db->escape($settings['system']['vmail_homedir']) . "', '" . $db->escape($userinfo['loginname'] . '/' . $email_full . '/') . "', '" . (int)$settings['system']['vmail_uid'] . "', '" . (int)$settings['system']['vmail_gid'] . "', '" . (int)$result['domainid'] . "', 'y', '" . (int)$quota . "', '" . (int)$userinfo['imap'] . "', '" . (int)$userinfo['pop3'] . "')");
+						$cryptPassword = makeCryptPassword($password);
+
+						$email_user=substr($email_full,0,strrpos($email_full,"@"));
+						$email_domain=substr($email_full,strrpos($email_full,"@")+1);
+						$maildirname=trim($settings['system']['vmail_maildirname']);
+						// Add trailing slash to Maildir if needed
+						$maildirpath=$maildirname;
+						if (!empty($maildirname) and substr($maildirname,-1) != "/") $maildirpath.="/";
+
+						$db->query("INSERT INTO `" . TABLE_MAIL_USERS . 
+							"` (`customerid`, `email`, `username`, " . ($settings['system']['mailpwcleartext'] == '1' ? '`password`, ' : '') . " `password_enc`, `homedir`, `maildir`, `uid`, `gid`, `domainid`, `postfix`, `quota`, `imap`, `pop3`) ".
+							"VALUES (".
+							"'" . (int)$userinfo['customerid'] . "', ".
+							"'" . $db->escape($email_full) . "', ".
+							"'" . $db->escape($username) . "', " .
+							($settings['system']['mailpwcleartext'] == '1' ? "'" . $db->escape($password) . "', " : '') .
+							"'" . $db->escape($cryptPassword) . "', ".
+							"'" . $db->escape($settings['system']['vmail_homedir']) . "', '" . $db->escape($userinfo['loginname'] . '/' . $email_domain . "/" . $email_user . "/" . $maildirpath) . "', ".
+							"'" . (int)$settings['system']['vmail_uid'] . "', ".
+							"'" . (int)$settings['system']['vmail_gid'] . "', ".
+							"'" . (int)$result['domainid'] . "', ".
+							"'y', ".
+							"'" . (int)$quota . "', ".
+							"'" . (int)$userinfo['imap'] . "', ".
+							"'" . (int)$userinfo['pop3'] . "')");
+
 						$popaccountid = $db->insert_id();
 						$result['destination'].= ' ' . $email_full;
-						$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `destination` = '" . $db->escape(makeCorrectDestination($result['destination'])) . "', `popaccountid` = '" . (int)$popaccountid . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
-						$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_accounts_used`=`email_accounts_used`+1, `email_quota_used`=`email_quota_used`+" . (int)$quota . " WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
+						$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET ".
+							"`destination` = '" . $db->escape(makeCorrectDestination($result['destination'])) . "', ".
+							"`popaccountid` = '" . (int)$popaccountid . "' ".
+							"WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+						$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET ".
+							"`email_accounts_used`=`email_accounts_used`+1, ".
+							"`email_quota_used`=`email_quota_used`+" . (int)$quota . " ".
+							"WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 						$log->logAction(USR_ACTION, LOG_INFO, "added email account for '" . $email_full . "'");
 						$replace_arr = array(
 							'EMAIL' => $email_full,
@@ -462,7 +513,7 @@ elseif($page == 'accounts')
 							$mail->Subject = $mail_subject;
 							$mail->AltBody = $mail_body;
 							$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
-							$mail->AddAddress($email_full, getCorrectUserSalutation($userinfo));
+							$mail->AddAddress($email_full);
 							$mail->Send();
 						} catch(phpmailerException $e) {
 							$mailerr_msg = $e->errorMessage();
@@ -557,7 +608,8 @@ elseif($page == 'accounts')
 				$password = validatePassword($password);
 				
 				$log->logAction(USR_ACTION, LOG_NOTICE, "changed email password for '" . $result['email_full'] . "'");
-				$result = $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET " . ($settings['system']['mailpwcleartext'] == '1' ? "`password` = '" . $db->escape($password) . "', " : '') . " `password_enc`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['popaccountid'] . "'");
+				$cryptPassword = makeCryptPassword($password);
+				$result = $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET " . ($settings['system']['mailpwcleartext'] == '1' ? "`password` = '" . $db->escape($password) . "', " : '') . " `password_enc`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['popaccountid'] . "'");
 				redirectTo($filename, Array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 			}
 			else
--- a/customer_extras.php
+++ b/customer_extras.php
@@ -50,7 +50,6 @@ elseif($page == 'backup')

    if(isset($_POST['send']) && $_POST['send'] == 'send'){
 	$backup_enabled = ($_POST['backup_enabled'] == '1' ? '1' : '0');
-	$backup_ftp_enabled = ($_POST['backup_ftp_enabled'] == '1' ? '1' : '0');
 	
        $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `backup_enabled`='" . $backup_enabled . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 	redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -353,18 +352,28 @@ elseif($page == 'htaccess')
 				standard_error('invalidpath');
 			}

-			if(isset($_POST['options_cgi']))
-			{
-				$options_cgi = intval($_POST['options_cgi']);
+			if(isset($_POST['options_cgi'])
+				&& (int)$_POST['options_cgi'] != 0
+			) {
+				$options_cgi = '1';
 			}
 			else
 			{
 				$options_cgi = '0';
 			} 

-			$error404path = correctErrorDocument($_POST['error404path']);
-			$error403path = correctErrorDocument($_POST['error403path']);
-			$error500path = correctErrorDocument($_POST['error500path']);
+			$error404path = '';
+			if (isset($_POST['error404path'])) {
+				$error404path = correctErrorDocument($_POST['error404path']);
+			}
+			$error403path = '';
+			if (isset($_POST['error403path'])) {
+				$error403path = correctErrorDocument($_POST['error403path']);
+			}
+			$error500path = '';
+			if (isset($_POST['error500path'])) {
+				$error500path = correctErrorDocument($_POST['error500path']);
+			}

 			if($path_dupe_check['path'] == $path)
 			{
@@ -393,9 +402,11 @@ elseif($page == 'htaccess')
 		else
 		{
 			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
-			#$options_indexes = makeyesno('options_indexes', '1', '0', '0');
 			$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
-			#$options_cgi = makeyesno('options_cgi', '1', '0', '0');
+			/*
+			$options_indexes = makeyesno('options_indexes', '1', '0', '0');
+			$options_cgi = makeyesno('options_cgi', '1', '0', '0');
+			*/

 			$htaccess_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htaccess_add.php';
 			$htaccess_add_form = htmlform::genHTMLForm($htaccess_add_data);
@@ -460,9 +471,11 @@ elseif($page == 'htaccess')
 				$result['error404path'] = $result['error404path'];
 				$result['error403path'] = $result['error403path'];
 				$result['error500path'] = $result['error500path'];
-				#$options_indexes = makeyesno('options_indexes', '1', '0', $result['options_indexes']);
 				$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
-				#$options_cgi = makeyesno('options_cgi', '1', '0', $result['options_cgi']);
+				/*
+				$options_indexes = makeyesno('options_indexes', '1', '0', $result['options_indexes']);
+				$options_cgi = makeyesno('options_cgi', '1', '0', $result['options_cgi']);
+				*/
 				$result = htmlentities_array($result);

 				$htaccess_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htaccess_edit.php';
--- a/customer_ftp.php
+++ b/customer_ftp.php
@@ -22,27 +22,20 @@ define('AREA', 'customer');
 /**
 * Include our init.php, which manages Sessions, Language etc.
 */
+require('./lib/init.php');

-require ("./lib/init.php");
-
-if(isset($_POST['id']))
-{
+$id = 0;
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif(isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'overview')
-{
+if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_ftp");
-	eval("echo \"" . getTemplate("ftp/ftp") . "\";");
-}
-elseif($page == 'accounts')
-{
-	if($action == '')
-	{
+	eval("echo \"" . getTemplate('ftp/ftp') . "\";");
+} elseif ($page == 'accounts') {
+	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_ftp::accounts");
 		$fields = array(
 			'username' => $lng['login']['username'],
@@ -59,23 +52,18 @@ elseif($page == 'accounts')
 		$count = 0;
 		$accounts = '';

-		while($row = $db->fetch_array($result))
-		{
-			if($paging->checkDisplay($i))
-			{
-				if(strpos($row['homedir'], $userinfo['documentroot']) === 0)
-				{
+		while ($row = $db->fetch_array($result)) {
+			if ($paging->checkDisplay($i)) {
+				if (strpos($row['homedir'], $userinfo['documentroot']) === 0) {
 					$row['documentroot'] = substr($row['homedir'], strlen($userinfo['documentroot']));
-				}
-				else
-				{
+				} else {
 					$row['documentroot'] = $row['homedir'];
 				}

 				$row['documentroot'] = makeCorrectDir($row['documentroot']);
 				
 				$row = htmlentities_array($row);
-				eval("\$accounts.=\"" . getTemplate("ftp/accounts_account") . "\";");
+				eval("\$accounts.=\"" . getTemplate('ftp/accounts_account') . "\";");
 				$count++;
 			}

@@ -83,19 +71,16 @@ elseif($page == 'accounts')
 		}

 		$ftps_count = $db->num_rows($result);
-		eval("echo \"" . getTemplate("ftp/accounts") . "\";");
-	}
-	elseif($action == 'delete'
-	       && $id != 0)
-	{
+		eval("echo \"" . getTemplate('ftp/accounts') . "\";");
+	} elseif ($action == 'delete' && $id != 0) {
 		$result = $db->query_first("SELECT `id`, `username`, `homedir`, `up_count`, `up_bytes`, `down_count`, `down_bytes` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");

-		if(isset($result['username'])
-		   && $result['username'] != $userinfo['loginname'])
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+		if (isset($result['username'])
+		   && $result['username'] != $userinfo['loginname']
+		) {
+			if (isset($_POST['send'])
+			   && $_POST['send'] == 'send'
+			) {
 				$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `up_count`=`up_count`+'" . (int)$result['up_count'] . "', `up_bytes`=`up_bytes`+'" . (int)$result['up_bytes'] . "', `down_count`=`down_count`+'" . (int)$result['down_count'] . "', `down_bytes`=`down_bytes`+'" . (int)$result['down_bytes'] . "' WHERE `username`='" . $db->escape($userinfo['loginname']) . "'");
 				$result = $db->query_first("SELECT `username`, `homedir` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 				$db->query("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = '" . $db->escape($result['username']) . "'");
@@ -103,95 +88,70 @@ elseif($page == 'accounts')
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted ftp-account '" . $result['username'] . "'");
 				$db->query("UPDATE `" . TABLE_FTP_GROUPS . "` SET `members`=REPLACE(`members`,'," . $db->escape($result['username']) . "','') WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");

-				if($userinfo['ftps_used'] == '1')
-				{
-					$resetaccnumber = " , `ftp_lastaccountnumber`='0'";
-				}
-				else
-				{
-					$resetaccnumber = '';
-				}
+				$resetaccnumber = ($userinfo['ftps_used'] == '1') ? " , `ftp_lastaccountnumber`='0'" : '';

 				// refs #293
-				if(isset($_POST['delete_userfiles'])
-				  && (int)$_POST['delete_userfiles'] == 1)
-				{
+				if (isset($_POST['delete_userfiles'])
+				  && (int)$_POST['delete_userfiles'] == 1
+				) {
 					inserttask('8', $userinfo['loginname'], $result['homedir']);
 				}

 				$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `ftps_used`=`ftps_used`-1 $resetaccnumber WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
+			} else {
 				ask_yesno_withcheckbox('ftp_reallydelete', 'admin_customer_alsoremoveftphomedir', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username']);
 			}
-		}
-		else
-		{
+		} else {
 			standard_error('ftp_cantdeletemainaccount');
 		}
-	}
-	elseif($action == 'add')
-	{
-		if($userinfo['ftps_used'] < $userinfo['ftps']
-		   || $userinfo['ftps'] == '-1')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+	} elseif ($action == 'add') {
+		if ($userinfo['ftps_used'] < $userinfo['ftps']
+		   || $userinfo['ftps'] == '-1'
+		) {
+			if (isset($_POST['send'])
+			   && $_POST['send'] == 'send'
+			) {
+				// @FIXME use a good path-validating regex here (refs #1231)
 				$path = validate($_POST['path'], 'path');
 				$password = validate($_POST['ftp_password'], 'password');
 				$password = validatePassword($password);

-				$sendinfomail = intval($_POST['sendinfomail']);
-				if($sendinfomail != 1)
-				{
+				$sendinfomail = isset($_POST['sendinfomail']) ? 1 : 0;
+				if ($sendinfomail != 1) {
 					$sendinfomail = 0;
 				}

-				if($settings['customer']['ftpatdomain'] == '1')
-				{
+				if ($settings['customer']['ftpatdomain'] == '1') {
 					$ftpusername = validate($_POST['ftp_username'], 'username', '/^[a-zA-Z0-9][a-zA-Z0-9\-_]+\$?$/');
-					if($ftpusername == '')
-					{
+					if ($ftpusername == '') {
 						standard_error(array('stringisempty', 'username'));
 					}
 					$ftpdomain = $idna_convert->encode(validate($_POST['ftp_domain'], 'domain'));
 					$ftpdomain_check = $db->query_first("SELECT `id`, `domain`, `customerid` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain`='" . $db->escape($ftpdomain) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");
-					if($ftpdomain_check['domain'] != $ftpdomain)
-					{
+					if ($ftpdomain_check['domain'] != $ftpdomain) {
 						standard_error('maindomainnonexist', $domain);
 					}
 					$username = $ftpusername . "@" . $ftpdomain;
-				}
-				else
-				{
+				} else {
 					$username = $userinfo['loginname'] . $settings['customer']['ftpprefix'] . (intval($userinfo['ftp_lastaccountnumber']) + 1);
 				}
 				
 				$username_check = $db->query_first('SELECT * FROM `' . TABLE_FTP_USERS .'` WHERE `username` = \'' . $db->escape($username) . '\'');
 				
-				if(!empty($username_check) && $username_check['username'] = $username)
-				{
+				if (!empty($username_check) && $username_check['username'] = $username) {
 					standard_error('usernamealreadyexists', $username);
-				}
-				elseif($password == '')
-				{
+				} elseif ($password == '') {
 					standard_error(array('stringisempty', 'mypassword'));
-				}
-				elseif($path == '')
-				{
+				} elseif ($path == '') {
 					standard_error('patherror');
-				}
-				else
-				{
+				} else {
 					$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
-					
-					$db->query("INSERT INTO `" . TABLE_FTP_USERS . "` (`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', ENCRYPT('" . $db->escape($password) . "'), '" . $db->escape($path) . "', 'y', '" . (int)$userinfo['guid'] . "', '" . (int)$userinfo['guid'] . "')");
+
+					$cryptPassword = makeCryptPassword($password);
+					$db->query("INSERT INTO `" . TABLE_FTP_USERS . "` (`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', '" . $db->escape($cryptPassword) . "', '" . $db->escape($path) . "', 'y', '" . (int)$userinfo['guid'] . "', '" . (int)$userinfo['guid'] . "')");
 					$result = $db->query("SELECT `bytes_in_used` FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = '" . $userinfo['loginname'] . "'");
-					while($row = $db->fetch_array($result))
-					{
+					while ($row = $db->fetch_array($result)) {
 						$db->query("INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` (`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`) VALUES ('" . $db->escape($username) . "', 'user', '" . $db->escape($row['bytes_in_used']) . "', '0', '0', '0', '0', '0')");
 					}
 					$db->query("UPDATE `" . TABLE_FTP_GROUPS . "` SET `members`=CONCAT_WS(',',`members`,'" . $db->escape($username) . "') WHERE `customerid`='" . $userinfo['customerid'] . "' AND `gid`='" . (int)$userinfo['guid'] . "'");
@@ -200,10 +160,10 @@ elseif($page == 'accounts')
 					$log->logAction(USR_ACTION, LOG_INFO, "added ftp-account '" . $username . " (" . $path . ")'");
 					inserttask(5);

-					if($sendinfomail == 1)
-					{
+					if ($sendinfomail == 1) {
 						$replace_arr = array(
-							'CUST_NAME' => getCorrectUserSalutation($userinfo),
+							'SALUTATION' => getCorrectUserSalutation($userinfo),
+							'CUST_NAME' => getCorrectUserSalutation($userinfo), // < keep this for compatibility
 							'USR_NAME' => $username,
 							'USR_PASS' => $password,
 							'USR_PATH' => makeCorrectDir(substr($path, strlen($userinfo['documentroot'])))
@@ -240,35 +200,29 @@ elseif($page == 'accounts')

 					redirectTo($filename, Array('page' => $page, 's' => $s));
 				}
-			}
-			else
-			{
+			} else {
 				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], '/');

-				if($settings['customer']['ftpatdomain'] == '1')
-				{
+				if ($settings['customer']['ftpatdomain'] == '1') {
 					$domainlist = array();
 					$domains = '';

 					$result_domains = $db->query("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");

-					while($row_domain = $db->fetch_array($result_domains))
-					{
+					while ($row_domain = $db->fetch_array($result_domains)) {
 						$domainlist[] =  $row_domain['domain'];
 					}

 					sort($domainlist);

-					if(isset($domainlist[0]) && $domainlist[0] != '')
-					{
-						foreach($domainlist as $dom)
-						{
+					if (isset($domainlist[0]) && $domainlist[0] != '') {
+						foreach ($domainlist as $dom) {
 							$domains .= makeoption($idna_convert->decode($dom), $dom);
 						}
 					}
 				}

-				#$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');
+				//$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');

 				$ftp_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/ftp/formfield.ftp_add.php';
 				$ftp_add_form = htmlform::genHTMLForm($ftp_add_data);
@@ -276,60 +230,51 @@ elseif($page == 'accounts')
 				$title = $ftp_add_data['ftp_add']['title'];
 				$image = $ftp_add_data['ftp_add']['image'];

-				eval("echo \"" . getTemplate("ftp/accounts_add") . "\";");
+				eval("echo \"" . getTemplate('ftp/accounts_add') . "\";");
 			}
 		}
-	}
-	elseif($action == 'edit'
-	       && $id != 0)
-	{
+	} elseif ($action == 'edit' && $id != 0) {
 		$result = $db->query_first("SELECT `id`, `username`, `homedir`, `uid`, `gid` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");

-		if(isset($result['username'])
-		   && $result['username'] != '')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+		if (isset($result['username'])
+		   && $result['username'] != ''
+		) {
+			if (isset($_POST['send'])
+			   && $_POST['send'] == 'send'
+			) {
+				// @FIXME use a good path-validating regex here (refs #1231)
 				$path = validate($_POST['path'], 'path');
 				
 				$_setnewpass = false;
-				if(isset($_POST['ftp_password']) && $_POST['ftp_password'] != '')
-				{
+				if (isset($_POST['ftp_password']) && $_POST['ftp_password'] != '') {
 					$password = validate($_POST['ftp_password'], 'password');
 					$password = validatePassword($password);
 					$_setnewpass = true;
 				}

-				if($_setnewpass)
-				{
-					if($password == '')
-					{
+				if ($_setnewpass) {
+					if ($password == '') {
 						standard_error(array('stringisempty', 'mypassword'));
 						exit;
 					}
-					else
-					{
-						$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account password for '" . $result['username'] . "'");
-						$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+					$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account password for '" . $result['username'] . "'");
+					$cryptPassword = makeCryptPassword($password);
+					$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 						
-						// also update customers backup user password if password of main ftp user is changed
-						if(!preg_match('/' . $settings['customer']['ftpprefix'] . '/', $result['username'])){
-						    $db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `username`='" . $result['username'] . "_backup'");
-						}
+					// also update customers backup user password if password of main ftp user is changed
+					if(!preg_match('/' . $settings['customer']['ftpprefix'] . '/', $result['username'])){
+					    $db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `username`='" . $result['username'] . "_backup'");
 					}
 				}
 				
-				if($path != '')
-				{
+				if ($path != '') {
 					$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
-					
-					if($path != $result['homedir'])
-					{
-						if(!file_exists($path))
-						{
-							mkDirWithCorrectOwnership($userinfo['documentroot'], $path, $result['uid'], $result['gid']);
-							inserttask(5); /* Let the cronjob do the rest */
+
+					if ($path != $result['homedir']) {
+						if (!file_exists($path)) {
+							// it's the task for "new ftp" but that will 
+							// create all directories and correct their permissions
+							inserttask(5);
 						}

 						$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account homdir for '" . $result['username'] . "'");
@@ -338,30 +283,23 @@ elseif($page == 'accounts')
 				}

 				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
-				if(strpos($result['homedir'], $userinfo['documentroot']) === 0)
-				{
+			} else {
+				if (strpos($result['homedir'], $userinfo['documentroot']) === 0) {
 					$homedir = substr($result['homedir'], strlen($userinfo['documentroot']));
-				}
-				else
-				{
+				} else {
 					$homedir = $result['homedir'];
 				}
 				$homedir = makeCorrectDir($homedir);

 				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $homedir);

-				if($settings['customer']['ftpatdomain'] == '1')
-				{
+				if ($settings['customer']['ftpatdomain'] == '1') {
 					$domains = '';

 					$result_domains = $db->query("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");

-					while($row_domain = $db->fetch_array($result_domains))
-					{
-						$domains.= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['domain']);
+					while ($row_domain = $db->fetch_array($result_domains)) {
+						$domains .= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['domain']);
 					}
 				}

@@ -371,10 +309,8 @@ elseif($page == 'accounts')
 				$title = $ftp_edit_data['ftp_edit']['title'];
 				$image = $ftp_edit_data['ftp_edit']['image'];

-				eval("echo \"" . getTemplate("ftp/accounts_edit") . "\";");
+				eval("echo \"" . getTemplate('ftp/accounts_edit') . "\";");
 			}
 		}
 	}
 }
-
-?>
--- a/customer_index.php
+++ b/customer_index.php
@@ -22,40 +22,32 @@ define('AREA', 'customer');
 /**
 * Include our init.php, which manages Sessions, Language etc.
 */
+require('./lib/init.php');

-require ("./lib/init.php");
+if ($action == 'logout') {
+	$log->logAction(USR_ACTION, LOG_NOTICE, 'logged out');

-if($action == 'logout')
-{
-	$log->logAction(USR_ACTION, LOG_NOTICE, "logged out");
-
-	if($settings['session']['allow_multiple_login'] == '1')
-	{
-		$db->query("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = '" . (int)$userinfo['customerid'] . "' AND `adminsession` = '0' AND `hash` = '" . $s . "'");
+        $query = "DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = '" . (int)$userinfo['customerid'] . "' AND `adminsession` = '0'";
+	if ($settings['session']['allow_multiple_login'] == '1') {
+		$query .= " AND `hash` = '" . $s . "'";
 	}
-	else
-	{
-		$db->query("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = '" . (int)$userinfo['customerid'] . "' AND `adminsession` = '0'");
-	}
-
+	$db->query($query);
 	redirectTo('index.php');
 	exit;
 }

-if($page == 'overview')
-{
+if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_index");
 	$domains = '';
 	$result = $db->query("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `parentdomainid`='0' AND `id` <> '" . (int)$userinfo['standardsubdomain'] . "' ");
 	$domainArray = array();

-	while($row = $db->fetch_array($result))
-	{
+	while ($row = $db->fetch_array($result)) {
 		$domainArray[] = $idna_convert->decode($row['domain']);
 	}

 	natsort($domainArray);
-	$domains = implode(', ', $domainArray);
+	$domains = implode(',<br />', $domainArray);
 	$userinfo['email'] = $idna_convert->decode($userinfo['email']);
 	$yesterday = time() - (60 * 60 * 24);
 	$month = date('M Y', $yesterday);
@@ -77,67 +69,49 @@ if($page == 'overview')
 	$awaitingtickets = $opentickets['count'];
 	$awaitingtickets_text = '';

-	if($opentickets > 0)
-	{
+	if ($opentickets > 0) {
 		$awaitingtickets_text = strtr($lng['ticket']['awaitingticketreply'], array('%s' => '<a href="customer_tickets.php?page=tickets&amp;s=' . $s . '">' . $opentickets['count'] . '</a>'));
 	}

-	eval("echo \"" . getTemplate("index/index") . "\";");
-}
-elseif($page == 'change_password')
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+	eval("echo \"" . getTemplate('index/index') . "\";");
+} elseif ($page == 'change_password') {
+	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$old_password = validate($_POST['old_password'], 'old password');
-
-		if(md5($old_password) != $userinfo['password'])
-		{
+		if (md5($old_password) != $userinfo['password']) {
 			standard_error('oldpasswordnotcorrect');
 			exit;
 		}

-		$new_password = validate($_POST['new_password'], 'new password');
-		$new_password_confirm = validate($_POST['new_password_confirm'], 'new password confirm');
+		$new_password = validatePassword($_POST['new_password'], 'new password');
+		$new_password_confirm = validatePassword($_POST['new_password_confirm'], 'new password confirm');

-		if($old_password == '')
-		{
+		if ($old_password == '') {
 			standard_error(array('stringisempty', 'oldpassword'));
-		}
-		elseif($new_password == '')
-		{
+		} elseif($new_password == '') {
 			standard_error(array('stringisempty', 'newpassword'));
-		}
-		elseif($new_password_confirm == '')
-		{
+		} elseif($new_password_confirm == '') {
 			standard_error(array('stringisempty', 'newpasswordconfirm'));
-		}
-		elseif($new_password != $new_password_confirm)
-		{
+		} elseif($new_password != $new_password_confirm) {
 			standard_error('newpasswordconfirmerror');
-		}
-		else
-		{
+		} else {
 			$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `password`='" . md5($new_password) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `password`='" . md5($old_password) . "'");
 			$log->logAction(USR_ACTION, LOG_NOTICE, 'changed password');

-			if(isset($_POST['change_main_ftp'])
-			   && $_POST['change_main_ftp'] == 'true')
-			{
-				$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`=ENCRYPT('" . $db->escape($new_password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `username`='" . $db->escape($userinfo['loginname']) . "'");
+			if (isset($_POST['change_main_ftp'])
+			   && $_POST['change_main_ftp'] == 'true'
+			) {
+				$cryptPassword = makeCryptPassword($new_password);
+				$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `username`='" . $db->escape($userinfo['loginname']) . "'");
 				$log->logAction(USR_ACTION, LOG_NOTICE, 'changed main ftp password');
 			}

-			if(isset($_POST['change_webalizer'])
-			   && $_POST['change_webalizer'] == 'true')
-			{
-				if(CRYPT_STD_DES == 1)
-				{
+			if (isset($_POST['change_webalizer'])
+			   && $_POST['change_webalizer'] == 'true'
+			) {
+				if (CRYPT_STD_DES == 1) {
 					$saltfordescrypt = substr(md5(uniqid(microtime(), 1)), 4, 2);
 					$new_webalizer_password = crypt($new_password, $saltfordescrypt);
-				}
-				else
-				{
+				} else {
 					$new_webalizer_password = crypt($new_password);
 				}

@@ -146,72 +120,52 @@ elseif($page == 'change_password')

 			redirectTo($filename, Array('s' => $s));
 		}
+	} else {
+		eval("echo \"" . getTemplate('index/change_password') . "\";");
 	}
-	else
-	{
-		eval("echo \"" . getTemplate("index/change_password") . "\";");
-	}
-}
-elseif($page == 'change_language')
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+} elseif ($page == 'change_language') {
+	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$def_language = validate($_POST['def_language'], 'default language');
-
-		if(isset($languages[$def_language]))
-		{
+		if (isset($languages[$def_language])) {
 			$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `def_language`='" . $db->escape($def_language) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 			$db->query("UPDATE `" . TABLE_PANEL_SESSIONS . "` SET `language`='" . $db->escape($def_language) . "' WHERE `hash`='" . $db->escape($s) . "'");
 			$log->logAction(USR_ACTION, LOG_NOTICE, "changed default language to '" . $def_language . "'");
 		}

 		redirectTo($filename, Array('s' => $s));
-	}
-	else
-	{
-		$language_options = '';
-
+	} else {
 		$default_lang = $settings['panel']['standardlanguage'];
-		if($userinfo['def_language'] != '') { 
+		if ($userinfo['def_language'] != '') { 
 			$default_lang = $userinfo['def_language'];
 		}

-		while(list($language_file, $language_name) = each($languages))
-		{
-			$language_options.= makeoption($language_name, $language_file, $default_lang, true);
+		$language_options = '';
+		while (list($language_file, $language_name) = each($languages)) {
+			$language_options .= makeoption($language_name, $language_file, $default_lang, true);
 		}

-		eval("echo \"" . getTemplate("index/change_language") . "\";");
+		eval("echo \"" . getTemplate('index/change_language') . "\";");
 	}
-}
-elseif($page == 'change_theme')
-{
-	if(isset($_POST['send'])
-		&& $_POST['send'] == 'send'
-	) {
+} elseif ($page == 'change_theme') {
+	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$theme = validate($_POST['theme'], 'theme');
 
 		$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `theme`='" . $db->escape($theme) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 		$db->query("UPDATE `" . TABLE_PANEL_SESSIONS . "` SET `theme`='" . $db->escape($theme) . "' WHERE `hash`='" . $db->escape($s) . "'");
 		$log->logAction(USR_ACTION, LOG_NOTICE, "changed default theme to '" . $theme . "'");
 		redirectTo($filename, Array('s' => $s));
-	}
-	else
-	{
-		$theme_options = '';
-
+	} else {
 		$default_theme = $settings['panel']['default_theme'];
-		if($userinfo['theme'] != '') {
+		if ($userinfo['theme'] != '') {
 			$default_theme = $userinfo['theme'];
 		}

+		$theme_options = '';
 		$themes_avail = getThemes();
-		foreach($themes_avail as $t)
-		{
-			$theme_options.= makeoption($t, $t, $default_theme, true);
+		foreach ($themes_avail as $t) {
+			$theme_options .= makeoption($t, $t, $default_theme, true);
 		}

-		eval("echo \"" . getTemplate("index/change_theme") . "\";");
+		eval("echo \"" . getTemplate('index/change_theme') . "\";");
 	}
 }
--- a/customer_mysql.php
+++ b/customer_mysql.php
@@ -22,30 +22,22 @@ define('AREA', 'customer');
 /**
 * Include our init.php, which manages Sessions, Language etc.
 */
-
 $need_db_sql_data = true;
 $need_root_db_sql_data = true;
-require ("./lib/init.php");
+require('./lib/init.php');

-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif(isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'overview')
-{
+if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_mysql");
 	$lng['mysql']['description'] = str_replace('<SQL_HOST>', $sql['host'], $lng['mysql']['description']);
-	eval("echo \"" . getTemplate("mysql/mysql") . "\";");
-}
-elseif($page == 'mysqls')
-{
-	if($action == '')
-	{
+	eval("echo \"" . getTemplate('mysql/mysql') . "\";");
+} elseif($page == 'mysqls') {
+	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_mysql::mysqls");
 		$fields = array(
 			'databasename' => $lng['mysql']['databasename'],
@@ -62,125 +54,117 @@ elseif($page == 'mysqls')
 		$count = 0;
 		$mysqls = '';

-		while($row = $db->fetch_array($result))
-		{
-			if($paging->checkDisplay($i))
-			{
+		// Begin root-session
+		$db_root = new db($sql_root[0]['host'], $sql_root[0]['user'], $sql_root[0]['password'], '');
+		while ($row = $db->fetch_array($result)) {
+			if ($paging->checkDisplay($i)) {
 				$row = htmlentities_array($row);
-				eval("\$mysqls.=\"" . getTemplate("mysql/mysqls_database") . "\";");
+				$mbdata = $db_root->query_first("SELECT SUM( data_length + index_length) / 1024 / 1024 'MB' FROM information_schema.TABLES WHERE table_schema = '" . $db_root->escape($row['databasename']) . "' GROUP BY table_schema ;");
+				$row['size'] = number_format($mbdata['MB'], 3, '.', '');
+				eval("\$mysqls.=\"" . getTemplate('mysql/mysqls_database') . "\";");
 				$count++;
 			}
-
 			$i++;
 		}
+		$db_root->close();
+		// End root-session

 		$mysqls_count = $db->num_rows($result);
-		eval("echo \"" . getTemplate("mysql/mysqls") . "\";");
-	}
-	elseif($action == 'delete'
-	       && $id != 0)
-	{
+		eval("echo \"" . getTemplate('mysql/mysqls') . "\";");
+	} elseif($action == 'delete' && $id != 0) {
 		$result = $db->query_first('SELECT `id`, `databasename`, `description`, `dbserver` FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int)$userinfo['customerid'] . '" AND `id`="' . (int)$id . '"');

-		if(isset($result['databasename'])
-		   && $result['databasename'] != '')
-		{
-			if(!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']]))
-			{
+		if (isset($result['databasename'])
+		   && $result['databasename'] != ''
+		) {
+			if (!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']])) {
 				$result['dbserver'] = 0;
 			}

-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+			if (isset($_POST['send'])
+			   && $_POST['send'] == 'send'
+			) {
 				// Begin root-session
-
 				$db_root = new db($sql_root[$result['dbserver']]['host'], $sql_root[$result['dbserver']]['user'], $sql_root[$result['dbserver']]['password'], '');
-				unset($db_root->password);
-				foreach(array_map('trim', array_unique(explode(',', $settings['system']['mysql_access_host']))) as $mysql_access_host)
-				{
-					$db_root->query('REVOKE ALL PRIVILEGES ON * . * FROM `' . $db_root->escape($result['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
-					$db_root->query('REVOKE ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($result['databasename'])) . '` . * FROM `' . $db_root->escape($result['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
-					$db_root->query('DELETE FROM `mysql`.`user` WHERE `User` = "' . $db_root->escape($result['databasename']) . '" AND `Host` = "' . $db_root->escape($mysql_access_host) . '"');
+				$log->logAction(USR_ACTION, LOG_INFO, "deleted database '" . $result['databasename'] . "'");
+				if (mysql_get_server_info() < '5.0.2') { 
+					// Revoke privileges (only required for MySQL 4.1.2 - 5.0.1)
+					$db_root->query('REVOKE ALL PRIVILEGES, GRANT OPTION FROM \'' . $db_root->escape($result['databasename']) .'\'',false,true);
+				}
+
+				$host_res = $db_root->query("SELECT `Host` FROM `mysql`.`user` WHERE `User`='" . $db_root->escape($result['databasename']) . "'");
+				while ($host = $db_root->fetch_array($host_res)) {
+					// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
+					$db_root->query('DROP USER \'' . $db_root->escape($result['databasename']). '\'@\'' . $db_root->escape($host['Host']) . '\'', false, true);
 				}

 				$db_root->query('DROP DATABASE IF EXISTS `' . $db_root->escape($result['databasename']) . '`');
 				$db_root->query('FLUSH PRIVILEGES');
 				$db_root->close();
-
 				// End root-session

 				$db->query('DELETE FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int)$userinfo['customerid'] . '" AND `id`="' . (int)$id . '"');

-				if($userinfo['mysqls_used'] == '1')
-				{
-					$resetaccnumber = " , `mysql_lastaccountnumber`='0' ";
-				}
-				else
-				{
-					$resetaccnumber = '';
-				}
+				$resetaccnumber = ($userinfo['mysqls_used'] == '1') ? " , `mysql_lastaccountnumber`='0' " : '';

 				$result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`-1 ' . $resetaccnumber . 'WHERE `customerid`="' . (int)$userinfo['customerid'] . '"');
 				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
+			} else {
 				$dbnamedesc = $result['databasename'];
-				if(isset($result['description']) && $result['description'] != '') {
-					$dbnamedesc.= ' ('.$result['description'].')';
+				if (isset($result['description']) && $result['description'] != '') {
+					$dbnamedesc .= ' ('.$result['description'].')';
 				}
 				ask_yesno('mysql_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $dbnamedesc);
 			}
 		}
-	}
-	elseif($action == 'add')
-	{
-		if($userinfo['mysqls_used'] < $userinfo['mysqls']
-		   || $userinfo['mysqls'] == '-1')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+	} elseif ($action == 'add') {
+		if ($userinfo['mysqls_used'] < $userinfo['mysqls']
+		   || $userinfo['mysqls'] == '-1'
+		) {
+			if (isset($_POST['send'])
+			   && $_POST['send'] == 'send'
+			) {
 				$password = validate($_POST['mysql_password'], 'password');
 				$password = validatePassword($password);

-				$sendinfomail = intval($_POST['sendinfomail']);
-				if($sendinfomail != 1)
-				{
+				$sendinfomail = isset($_POST['sendinfomail']) ? 1 : 0;
+				if ($sendinfomail != 1) {
 					$sendinfomail = 0;
 				}

-				if($password == '')
-				{
+				if ($password == '') {
 					standard_error(array('stringisempty', 'mypassword'));
-				}
-				else
-				{
-					$username = $userinfo['loginname'] . $settings['customer']['mysqlprefix'] . (intval($userinfo['mysql_lastaccountnumber']) + 1);
-
-					if(count($sql_root) > 1)
-					{
+				} else {
+					$dbserver = 0;
+					if (count($sql_root) > 1) {
 						$dbserver = validate($_POST['mysql_server'], html_entity_decode($lng['mysql']['mysql_server']), '', '', 0);
-
-						if(!isset($sql_root[$dbserver]) || !is_array($sql_root[$dbserver]))
-						{
+						if (!isset($sql_root[$dbserver]) || !is_array($sql_root[$dbserver])) {
 							$dbserver = 0;
 						}
 					}
-					else
-					{
-						$dbserver = 0;
-					}
+					
+					// validate description before actual adding the database, #1052
+					$databasedescription = validate(trim($_POST['description']), 'description');

 					// Begin root-session
-
 					$db_root = new db($sql_root[$dbserver]['host'], $sql_root[$dbserver]['user'], $sql_root[$dbserver]['password'], '');
-					unset($db_root->password);
+
+					if (strtoupper($settings['customer']['mysqlprefix']) == 'RANDOM') {
+						$result = $db_root->query('SELECT `User` FROM mysql.user');
+						while ($row = $db_root->fetch_array($result)) {
+							$allsqlusers[] = $row[User];
+						}
+						$username = $userinfo['loginname'] . '-' . substr(md5(uniqid(microtime(), 1)), 20, 3);
+						while (in_array($username , $allsqlusers)) {
+							$username = $userinfo['loginname'] . '-' . substr(md5(uniqid(microtime(), 1)), 20, 3);
+						}
+					} else {
+						$username = $userinfo['loginname'] . $settings['customer']['mysqlprefix'] . (intval($userinfo['mysql_lastaccountnumber']) + 1);
+					}
+
 					$db_root->query('CREATE DATABASE `' . $db_root->escape($username) . '`');
 					$log->logAction(USR_ACTION, LOG_INFO, "created database '" . $username . "'");
-					foreach(array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host)
-					{
+					foreach (array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host) {
 						$db_root->query('GRANT ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($username)) . '`.* TO `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '` IDENTIFIED BY \'password\'');
 						$db_root->query('SET PASSWORD FOR `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '` = PASSWORD(\'' . $db_root->escape($password) . '\')');
 						$log->logAction(USR_ACTION, LOG_NOTICE, "grant all privileges for '" . $username . "'@'" . $mysql_access_host . "'");
@@ -188,24 +172,21 @@ elseif($page == 'mysqls')

 					$db_root->query('FLUSH PRIVILEGES');
 					$db_root->close();
-
 					// End root-session
-					// Statement modifyed for Database description -- PH 2004-11-29

-					$databasedescription = validate($_POST['description'], 'description');
+					// Statement modified for Database description -- PH 2004-11-29
 					$result = $db->query('INSERT INTO `' . TABLE_PANEL_DATABASES . '` (`customerid`, `databasename`, `description`, `dbserver`) VALUES ("' . (int)$userinfo['customerid'] . '", "' . $db->escape($username) . '", "' . $db->escape($databasedescription) . '", "' . $db->escape($dbserver) . '")');
 					$result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`+1, `mysql_lastaccountnumber`=`mysql_lastaccountnumber`+1 WHERE `customerid`="' . (int)$userinfo['customerid'] . '"');

-					if($sendinfomail == 1)
-					{
+					if ($sendinfomail == 1) {
 						$pma = $lng['admin']['notgiven'];
-						if($settings['panel']['phpmyadmin_url'] != '')
-						{
+						if ($settings['panel']['phpmyadmin_url'] != '') {
 							$pma = $settings['panel']['phpmyadmin_url'];
 						}

 						$replace_arr = array(
-							'CUST_NAME' => getCorrectUserSalutation($userinfo),
+							'SALUTATION' => getCorrectUserSalutation($userinfo),
+							'CUST_NAME' => getCorrectUserSalutation($userinfo), // < keep this for compatibility
 							'DB_NAME' => $username,
 							'DB_PASS' => $password,
 							'DB_DESC' => $databasedescription,
@@ -244,17 +225,14 @@ elseif($page == 'mysqls')

 					redirectTo($filename, Array('page' => $page, 's' => $s));
 				}
-			}
-			else
-			{
+			} else {
 				$mysql_servers = '';

-				foreach($sql_root as $mysql_server => $mysql_server_details)
-				{
+				foreach ($sql_root as $mysql_server => $mysql_server_details) {
 					$mysql_servers .= makeoption($mysql_server_details['caption'], $mysql_server);
 				}

-				#$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');
+				//$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');

 				$mysql_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/mysql/formfield.mysql_add.php';
 				$mysql_add_form = htmlform::genHTMLForm($mysql_add_data);
@@ -262,67 +240,53 @@ elseif($page == 'mysqls')
 				$title = $mysql_add_data['mysql_add']['title'];
 				$image = $mysql_add_data['mysql_add']['image'];

-				eval("echo \"" . getTemplate("mysql/mysqls_add") . "\";");
+				eval("echo \"" . getTemplate('mysql/mysqls_add') . "\";");
 			}
 		}
-	}
-	elseif($action == 'edit'
-	       && $id != 0)
-	{
+	} elseif ($action == 'edit' && $id != 0) {
 		$result = $db->query_first('SELECT `id`, `databasename`, `description`, `dbserver` FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . $userinfo['customerid'] . '" AND `id`="' . $id . '"');

-		if(isset($result['databasename'])
-		   && $result['databasename'] != '')
-		{
-			if(!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']]))
-			{
+		if (isset($result['databasename'])
+		   && $result['databasename'] != ''
+		) {
+			if (!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']])) {
 				$result['dbserver'] = 0;
 			}

-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+			if (isset($_POST['send'])
+			   && $_POST['send'] == 'send'
+			) {
 				// Only change Password if it is set, do nothing if it is empty! -- PH 2004-11-29
 				$password = validate($_POST['mysql_password'], 'password');
-
-				if($password != '')
-				{
+				if ($password != '') {
 					// validate password
 					$password = validatePassword($password);

 					// Begin root-session
 					$db_root = new db($sql_root[$result['dbserver']]['host'], $sql_root[$result['dbserver']]['user'], $sql_root[$result['dbserver']]['password'], '');
-					unset($db_root->password);
-					foreach(array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host)
-					{
+					foreach (array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host) {
 						$db_root->query('SET PASSWORD FOR `' . $db_root->escape($result['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '` = PASSWORD(\'' . $db_root->escape($password) . '\')');
 					}

 					$db_root->query('FLUSH PRIVILEGES');
 					$db_root->close();
-
 					// End root-session
 				}

 				// Update the Database description -- PH 2004-11-29
-
 				$log->logAction(USR_ACTION, LOG_INFO, "edited database '" . $result['databasename'] . "'");
 				$databasedescription = validate($_POST['description'], 'description');
 				$result = $db->query('UPDATE `' . TABLE_PANEL_DATABASES . '` SET `description`="' . $db->escape($databasedescription) . '" WHERE `customerid`="' . (int)$userinfo['customerid'] . '" AND `id`="' . (int)$id . '"');
 				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
+			} else {
 				$mysql_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/mysql/formfield.mysql_edit.php';
 				$mysql_edit_form = htmlform::genHTMLForm($mysql_edit_data);

 				$title = $mysql_edit_data['mysql_edit']['title'];
 				$image = $mysql_edit_data['mysql_edit']['image'];

-				eval("echo \"" . getTemplate("mysql/mysqls_edit") . "\";");
+				eval("echo \"" . getTemplate('mysql/mysqls_edit') . "\";");
 			}
 		}
 	}
 }
-
-?>
--- a/customer_tickets.php
+++ b/customer_tickets.php
@@ -28,6 +28,17 @@ require ("./lib/init.php");
 if(isset($_POST['id']))
 {
 	$id = intval($_POST['id']);
+	
+	/*
+	 * Check if the current user is allowed to see the current ticket.
+	 */
+	$sql = "SELECT `id` FROM `panel_tickets` WHERE `id` = '".$id."' AND `customerid` = '".$userinfo['customerid']."'";
+	
+	$result = $db->query_first($sql);
+	if ($result == null) {
+		// no rights to see the requested ticket
+		standard_error(array('ticketnotaccessible'));
+	}
 }
 elseif(isset($_GET['id']))
 {
@@ -55,7 +66,7 @@ elseif($page == 'tickets')
 		$paging = new paging($userinfo, $db, TABLE_PANEL_TICKETS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 		$paging->sortfield = 'lastchange';
 		$paging->sortorder = 'desc';
-		$result = $db->query('SELECT `main`.`id`, (SELECT COUNT(`sub`.`id`) FROM `' . TABLE_PANEL_TICKETS . '` `sub` WHERE `sub`.`answerto` = `main`.`id`) as `ticket_answers`, `main`.`lastchange`, `main`.`subject`, `main`.`status`, `main`.`lastreplier`, `main`.`priority` FROM `' . TABLE_PANEL_TICKETS . '` as `main` WHERE `main`.`answerto` = "0" AND `archived` = "0" AND `customerid`="' . (int)$userinfo['customerid'] . '" AND `adminid`="' . (int)$userinfo['adminid'] . '" ' . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		$result = $db->query('SELECT `main`.`id`, (SELECT COUNT(`sub`.`id`) FROM `' . TABLE_PANEL_TICKETS . '` `sub` WHERE `sub`.`answerto` = `main`.`id`) as `ticket_answers`, `main`.`lastchange`, `main`.`subject`, `main`.`status`, `main`.`lastreplier`, `main`.`priority` FROM `' . TABLE_PANEL_TICKETS . '` as `main` WHERE `main`.`answerto` = "0" AND `archived` = "0" AND `customerid`="' . (int)$userinfo['customerid'] . '" ' . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -210,12 +221,12 @@ elseif($page == 'tickets')
 			else
 			{
 				$categories = '';
-				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `logicalorder`, `name` ASC');
+				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');

 				if(isset($result['name'])
 				   && $result['name'] != '')
 				{
-					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `logicalorder`, `name` ASC');
+					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');

 					while($row = $db->fetch_array($result2))
 					{
@@ -227,9 +238,9 @@ elseif($page == 'tickets')
 					$categories = makeoption($lng['ticket']['no_cat'], '0');
 				}

-				$priorities = makeoption($lng['ticket']['unf_high'], '1', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_normal'], '2', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['unf_low'], '3', $settings['ticket']['default_priority']);
+				$priorities = makeoption($lng['ticket']['high'], '1', $settings['ticket']['default_priority']);
+				$priorities.= makeoption($lng['ticket']['normal'], '2', $settings['ticket']['default_priority']);
+				$priorities.= makeoption($lng['ticket']['low'], '3', $settings['ticket']['default_priority']);
 				$ticketsopen = 0;
 				$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
                                           WHERE `customerid` = "' . $userinfo['customerid'] . '"
@@ -329,7 +340,13 @@ elseif($page == 'tickets')
 			}
 			else
 			{
-				$by = $lng['ticket']['customer'];
+				$cid = $mainticket->Get('customer');
+				$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
+						FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						WHERE `customerid` = "' . (int)$cid . '"'
+				);
+				$by = getCorrectFullUserDetails($usr);
+				//$by = $lng['ticket']['customer'];
 			}

 			$subject = $mainticket->Get('subject');
@@ -351,7 +368,8 @@ elseif($page == 'tickets')
 				}
 				else
 				{
-					$by = $lng['ticket']['customer'];
+					$by = getCorrectFullUserDetails($usr);
+					//$by = $lng['ticket']['customer'];
 				}

 				$subject = $subticket->Get('subject');
--- a/customer_traffic.php
+++ b/customer_traffic.php
@@ -22,21 +22,20 @@ define('AREA', 'customer');
 /**
 * Include our init.php, which manages Sessions, Language etc.
 */
-
-require ("./lib/init.php");
+$intrafficpage = 1;
+require('./lib/init.php');
 $traffic = '';
 $month = null;
 $year = null;

-if(isset($_POST['month'])
-   && isset($_POST['year']))
-{
+if (isset($_POST['month'])
+	&& isset($_POST['year'])
+) {
 	$month = intval($_POST['month']);
 	$year = intval($_POST['year']);
-}
-elseif(isset($_GET['month'])
-       && isset($_GET['year']))
-{
+} elseif (isset($_GET['month'])
+	&& isset($_GET['year'])
+) {
 	$month = intval($_GET['month']);
 	$year = intval($_GET['year']);
 }
@@ -44,40 +43,25 @@ elseif(isset($_GET['month'])
 //BAM! $_GET???

 elseif (isset($_GET['page'])
-       && $_GET['page'] == "current")
-{
-	if(date('d') != '01')
-	{
+	&& $_GET['page'] == 'current'
+) {
+	if (date('d') != '01') {
 		$month = date('m');
 		$year = date('Y');
-	}
-	else
-	{
-		if(date('m') == '01')
-		{
+	} else {
+		if (date('m') == '01') {
 			$month = 12;
 			$year = date('Y') - 1;
-		}
-		else
-		{
+		} else {
 			$month = date('m') - 1;
 			$year = date('Y');
 		}
 	}
 }

-if(!is_null($month)
-   && !is_null($year))
-{
+if (!is_null($month)
+	&& !is_null($year)) {
 	$traf['byte'] = 0;
-	$result = $db->query("SELECT MAX(`http`), MAX(`ftp_up`+`ftp_down`), MAX(`mail`)
-	                     FROM `" . TABLE_PANEL_TRAFFIC . "`
-	                     WHERE `customerid`='" . $userinfo['customerid'] . "'
-	                     AND `month` = '" . $month . "'
-	                     AND `year` = '" . $year . "'");
-	$row = mysql_fetch_row($result);
-	rsort($row);
-	$traf['max'] = ($row[0] > $row[1] ? ($row[0] > $row[2] ? $row[0] : $row[2]) : ($row[1] > $row[2] ? $row[1] : $row[2]));;
 	$result = $db->query("SELECT
                                SUM(`http`) as 'http', SUM(`ftp_up`) AS 'ftp_up', SUM(`ftp_down`) as 'ftp_down', SUM(`mail`) as 'mail',
                                `day`, `month`, `year`
@@ -90,106 +74,50 @@ if(!is_null($month)
 	$traffic_complete['mail'] = 0;
 	$show = '';

-	while($row = $db->fetch_array($result))
-	{
+	while ($row = $db->fetch_array($result)) {
 		$http = $row['http'];
 		$ftp = $row['ftp_up'] + $row['ftp_down'];
 		$mail = $row['mail'];
 		$traf['byte'] = $http + $ftp + $mail;
-		$traffic_complete['http']+= $http;
-		$traffic_complete['ftp']+= $ftp;
-		$traffic_complete['mail']+= $mail;
-		$traf['day'] = $row['day'];
+		$traffic_complete['http'] += $http;
+		$traffic_complete['ftp'] += $ftp;
+		$traffic_complete['mail'] += $mail;
+		$traf['day'] = $row['day'] . '.';

-		if(extension_loaded('bcmath'))
-		{
+		if (extension_loaded('bcmath')) {
 			$traf['ftptext'] = bcdiv($row['ftp_up'], 1024, $settings['panel']['decimal_places']) . " MB up/ " . bcdiv($row['ftp_down'], 1024, $settings['panel']['decimal_places']) . " MB down (FTP)";
 			$traf['httptext'] = bcdiv($http, 1024, $settings['panel']['decimal_places']) . " MB (HTTP)";
 			$traf['mailtext'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']) . " MB (Mail)";
-		}
-		else
-		{
+			$traf['ftp'] = bcdiv($ftp, 1024, $settings['panel']['decimal_places']);
+			$traf['http'] = bcdiv($http, 1024, $settings['panel']['decimal_places']);
+			$traf['mail'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']);
+			$traf['byte'] = bcdiv($traf['byte'], 1024, $settings['panel']['decimal_places']);
+		} else {
 			$traf['ftptext'] = round($row['ftp_up'] / 1024, $settings['panel']['decimal_places']) . " MB up/ " . round($row['ftp_down'] / 1024, $settings['panel']['decimal_places']) . " MB down (FTP)";
 			$traf['httptext'] = round($http / 1024, $settings['panel']['decimal_places']) . " MB (HTTP)";
 			$traf['mailtext'] = round($mail / 1024, $settings['panel']['decimal_places']) . " MB (Mail)";
-		}
-
-		if($traf['byte'] != 0
-		   && $traf['max'] != 0)
-		{
-			$proz = $traf['max'] / 100;
-			$traf['http'] = round($http / $proz, 0);
-			$traf['ftp'] = round($ftp / $proz, 0);
-			$traf['mail'] = round($mail / $proz, 0);
-
-			if($traf['http'] == 0)
-			{
-				$traf['http'] = 1;
-			}
-
-			if($traf['ftp'] == 0)
-			{
-				$traf['ftp'] = 1;
-			}
-
-			if($traf['mail'] == 0)
-			{
-				$traf['mail'] = 1;
-			}
-		}
-		else
-		{
-			$traf['http'] = 0;
-			$traf['ftp'] = 0;
-			$traf['mail'] = 0;
-		}
-
-		if(extension_loaded('bcmath'))
-		{
-			$traf['byte'] = bcdiv($traf['byte'], 1024, $settings['panel']['decimal_places']);
-		}
-		else
-		{
+			$traf['http'] = round($http, $settings['panel']['decimal_places']);
+			$traf['ftp'] = round($ftp, $settings['panel']['decimal_places']);
+			$traf['mail'] = round($mail, $settings['panel']['decimal_places']);
 			$traf['byte'] = round($traf['byte'] / 1024, $settings['panel']['decimal_places']);
 		}

-		eval("\$traffic.=\"" . getTemplate("traffic/traffic_month") . "\";");
-		$show = $lng['traffic']['months'][intval($row['month'])] . " " . $row['year'];
+		eval("\$traffic.=\"" . getTemplate('traffic/traffic_month') . "\";");
+		$show = $lng['traffic']['months'][intval($row['month'])] . ' ' . $row['year'];
 	}

-	if(extension_loaded('bcmath'))
-	{
+	if (extension_loaded('bcmath')) {
 		$traffic_complete['http'] = bcdiv($traffic_complete['http'], 1024, $settings['panel']['decimal_places']);
 		$traffic_complete['ftp'] = bcdiv($traffic_complete['ftp'], 1024, $settings['panel']['decimal_places']);
 		$traffic_complete['mail'] = bcdiv($traffic_complete['mail'], 1024, $settings['panel']['decimal_places']);
-	}
-	else
-	{
+	} else {
 		$traffic_complete['http'] = round($traffic_complete['http'] / 1024, $settings['panel']['decimal_places']);
 		$traffic_complete['ftp'] = round($traffic_complete['ftp'] / 1024, $settings['panel']['decimal_places']);
 		$traffic_complete['mail'] = round($traffic_complete['mail'] / 1024, $settings['panel']['decimal_places']);
 	}

-	eval("echo \"" . getTemplate("traffic/traffic_details") . "\";");
-}
-else
-{
-	$result = $db->query("SELECT MAX(`http`), MAX(`ftp_up`+`ftp_down`), MAX(`mail`)
-	                     FROM `" . TABLE_PANEL_TRAFFIC . "`
-	                     WHERE `customerid`='" . $userinfo['customerid'] . "'
-	                     GROUP BY CONCAT(`year`,`month`) ORDER BY CONCAT(`year`,`month`) DESC LIMIT 12");
-	
-	$nums = mysql_num_rows($result);
-	if($nums > 0)
-	{
-		$row = mysql_fetch_row($result);
-		rsort($row);
-		$traf['max'] = ($row[0] > $row[1] ? ($row[0] > $row[2] ? $row[0] : $row[2]) : ($row[1] > $row[2] ? $row[1] : $row[2]));
-	} else {
-		// no records yet
-		$traf['max'] = 0;
-	}
-	
+	eval("echo \"" . getTemplate('traffic/traffic_details') . "\";");
+} else {
 	$result = $db->query("SELECT `month`, `year`, SUM(`http`) AS http, SUM(`ftp_up`) AS ftp_up, SUM(`ftp_down`) AS ftp_down, SUM(`mail`) AS mail
 	                     FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE `customerid` = '" . $userinfo['customerid'] . "'
 	                     GROUP BY CONCAT(`year`,`month`) ORDER BY CONCAT(`year`,`month`) DESC LIMIT 12");
@@ -197,88 +125,49 @@ else
 	$traffic_complete['ftp'] = 0;
 	$traffic_complete['mail'] = 0;

-	while($row = $db->fetch_array($result))
-	{
+	while ($row = $db->fetch_array($result)) {
 		$http = $row['http'];
 		$ftp_up = $row['ftp_up'];
 		$ftp_down = $row['ftp_down'];
 		$mail = $row['mail'];
-		$traffic_complete['http']+= $http;
-		$traffic_complete['ftp']+= $ftp_up + $ftp_down;
-		$traffic_complete['mail']+= $mail;
+		$traffic_complete['http'] += $http;
+		$traffic_complete['ftp'] += $ftp_up + $ftp_down;
+		$traffic_complete['mail'] += $mail;
 		$traf['month'] = $row['month'];
 		$traf['year'] = $row['year'];
 		$traf['monthname'] = $lng['traffic']['months'][intval($row['month'])] . " " . $row['year'];
 		$traf['byte'] = $http + $ftp_up + $ftp_down + $mail;

-		if(extension_loaded('bcmath'))
-		{
-			$traf['ftptext'] = bcdiv($ftp_up, 1024 * 1024, $settings['panel']['decimal_places']) . " GB up/ " . bcdiv($ftp_down, 1024 * 1024, $settings['panel']['decimal_places']) . " GB down (FTP)";
-			$traf['httptext'] = bcdiv($http, 1024 * 1024, $settings['panel']['decimal_places']) . " GB (HTTP)";
-			$traf['mailtext'] = bcdiv($mail, 1024 * 1024, $settings['panel']['decimal_places']) . " GB (Mail)";
-		}
-		else
-		{
-			$traf['ftptext'] = round($ftp_up / 1024 * 1024, $settings['panel']['decimal_places']) . " GB up/ " . round($ftp_down / 1024 * 1024, $settings['panel']['decimal_places']) . " GB down (FTP)";
-			$traf['httptext'] = round($http / 1024 * 1024, $settings['panel']['decimal_places']) . " GB (HTTP)";
-			$traf['mailtext'] = round($mail / 1024 * 1024, $settings['panel']['decimal_places']) . " GB (Mail)";
+		if (extension_loaded('bcmath')) {
+			$traf['ftptext'] = bcdiv($ftp_up, 1024, $settings['panel']['decimal_places']) . " MB up/ " . bcdiv($ftp_down, 1024, $settings['panel']['decimal_places']) . " MB down (FTP)";
+			$traf['httptext'] = bcdiv($http, 1024, $settings['panel']['decimal_places']) . " MB (HTTP)";
+			$traf['mailtext'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']) . " MB (Mail)";
+			$traf['ftp'] = bcdiv(($ftp_up + $ftp_down), 1024, $settings['panel']['decimal_places']);
+			$traf['http'] = bcdiv($http, 1024, $settings['panel']['decimal_places']);
+			$traf['mail'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']);
+			$traf['byte'] = bcdiv($traf['byte'], 1024 * 1024, $settings['panel']['decimal_places']);
+		} else {
+			$traf['ftptext'] = round($ftp_up / 1024, $settings['panel']['decimal_places']) . " MB up/ " . round($ftp_down / 1024, $settings['panel']['decimal_places']) . " MB down (FTP)";
+			$traf['httptext'] = round($http / 1024, $settings['panel']['decimal_places']) . " MB (HTTP)";
+			$traf['mailtext'] = round($mail / 1024, $settings['panel']['decimal_places']) . " MB (Mail)";
+			$traf['ftp'] = round(($ftp_up + $ftp_down) / 1024, $settings['panel']['decimal_places']);
+			$traf['http'] = round($http / 1024, $settings['panel']['decimal_places']);
+			$traf['mail'] = round($mail / 1024, $settings['panel']['decimal_places']);
+			$traf['byte'] = round($traf['byte'] / (1024 * 1024), $settings['panel']['decimal_places']);
 		}

-		if($traf['max'] != 0)
-		{
-			$proz = $traf['max'] / 100;
-			$traf['ftp'] = round(($ftp_up + $ftp_down) / $proz, 0);
-			$traf['http'] = round($http / $proz, 0);
-			$traf['mail'] = round($mail / $proz, 0);
-
-			if($traf['http'] == 0)
-			{
-				$traf['http'] = 1;
-			}
-
-			if($traf['ftp'] == 0)
-			{
-				$traf['ftp'] = 1;
-			}
-
-			if($traf['mail'] == 0)
-			{
-				$traf['mail'] = 1;
-			}
-		}
-		else
-		{
-			$traf['ftp'] = 0;
-			$traf['http'] = 0;
-			$traf['mail'] = 0;
-		}
-
-		if(extension_loaded('bcmath'))
-		{
-			$traf['byte'] = bcadd($traf['byte'] / (1024 * 1024), 0.0000, 4);
-		}
-		else
-		{
-			$traf['byte'] = round($traf['byte'] + (1024 * 1024), 4);
-		}
-
-		eval("\$traffic.=\"" . getTemplate("traffic/traffic_traffic") . "\";");
+		eval("\$traffic.=\"" . getTemplate('traffic/traffic_traffic') . "\";");
 	}

-	if(extension_loaded('bcmath'))
-	{
+	if (extension_loaded('bcmath')) {
 		$traffic_complete['http'] = bcdiv($traffic_complete['http'], 1024 * 1024, $settings['panel']['decimal_places']);
 		$traffic_complete['ftp'] = bcdiv($traffic_complete['ftp'], 1024 * 1024, $settings['panel']['decimal_places']);
 		$traffic_complete['mail'] = bcdiv($traffic_complete['mail'], 1024 * 1024, $settings['panel']['decimal_places']);
-	}
-	else
-	{
-		$traffic_complete['http'] = round($traffic_complete['http'] / 1024 * 1024, $settings['panel']['decimal_places']);
-		$traffic_complete['ftp'] = round($traffic_complete['ftp'] / 1024 * 1024, $settings['panel']['decimal_places']);
-		$traffic_complete['mail'] = round($traffic_complete['mail'] / 1024 * 1024, $settings['panel']['decimal_places']);
+	} else {
+		$traffic_complete['http'] = round($traffic_complete['http'] / (1024 * 1024), $settings['panel']['decimal_places']);
+		$traffic_complete['ftp'] = round($traffic_complete['ftp'] / (1024 * 1024), $settings['panel']['decimal_places']);
+		$traffic_complete['mail'] = round($traffic_complete['mail'] / (1024 * 1024), $settings['panel']['decimal_places']);
 	}

-	eval("echo \"" . getTemplate("traffic/traffic") . "\";");
+	eval("echo \"" . getTemplate('traffic/traffic') . "\";");
 }
-
-?>
--- a/images/Classic/ball.gif
+++ b/images/Classic/ball.gif
--- a/images/Classic/changelanguage.gif
+++ b/images/Classic/changelanguage.gif
--- a/images/Classic/changetheme.png
+++ b/images/Classic/changetheme.png
--- a/images/Classic/endsection.gif
+++ b/images/Classic/endsection.gif
--- a/images/Classic/error.gif
+++ b/images/Classic/error.gif
--- a/images/Classic/error.png
+++ b/images/Classic/error.png
--- a/images/Classic/footer.gif
+++ b/images/Classic/footer.gif
--- a/images/Classic/header_r.gif
+++ b/images/Classic/header_r.gif
--- a/images/Classic/info.png
+++ b/images/Classic/info.png
--- a/images/Classic/login.gif
+++ b/images/Classic/login.gif
--- a/images/Classic/logininternal.gif
+++ b/images/Classic/logininternal.gif
--- a/images/Classic/logo.png
+++ b/images/Classic/logo.png
--- a/images/Classic/order_asc.gif
+++ b/images/Classic/order_asc.gif
--- a/images/Classic/order_desc.gif
+++ b/images/Classic/order_desc.gif
--- a/images/Classic/section.gif
+++ b/images/Classic/section.gif
--- a/images/Classic/shadow.gif
+++ b/images/Classic/shadow.gif
--- a/images/Classic/subsection.gif
+++ b/images/Classic/subsection.gif
--- a/images/Classic/title.gif
+++ b/images/Classic/title.gif
--- a/images/Froxlor/traffic_blue.gif
+++ b/images/Froxlor/traffic_blue.gif
--- a/images/Froxlor/traffic_green.gif
+++ b/images/Froxlor/traffic_green.gif
--- a/images/Froxlor/traffic_red.gif
+++ b/images/Froxlor/traffic_red.gif
--- a/images/Froxlor/traffic_yellow.gif
+++ b/images/Froxlor/traffic_yellow.gif
--- a/index.php
+++ b/index.php
@@ -22,106 +22,74 @@ define('AREA', 'login');
 /**
 * Include our init.php, which manages Sessions, Language etc.
 */
+require ('./lib/init.php');

-require ("./lib/init.php");
-
-if($action == '')
-{
+if ($action == '') {
 	$action = 'login';
 }

-if($action == 'login')
-{
-	if(isset($_POST['send'])
-	&& $_POST['send'] == 'send')
-	{
+if ($action == 'login') {
+	if (isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {
 		$loginname = validate($_POST['loginname'], 'loginname');
 		$password = validate($_POST['password'], 'password');

 		$row = $db->query_first("SELECT `loginname` AS `customer` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `loginname`='" . $db->escape($loginname) . "'");

-		if($row['customer'] == $loginname)
-		{
+		if ($row['customer'] == $loginname) {
 			$table = "`" . TABLE_PANEL_CUSTOMERS . "`";
 			$uid = 'customerid';
 			$adminsession = '0';
 			$is_admin = false;
-		}
-		else
-		{
-			if((int)$settings['login']['domain_login'] == 1)
-			{
+		} else {
+			$is_admin = true;
+			if ((int)$settings['login']['domain_login'] == 1) {
 				/**
 				 * check if the customer tries to login with a domain, #374
 				 */
 				$domainname = $idna_convert->encode(preg_replace(Array('/\:(\d)+$/', '/^https?\:\/\//'), '', $loginname));
 				$row2 = $db->query_first("SELECT `customerid` FROM `".TABLE_PANEL_DOMAINS."` WHERE `domain` = '".$db->escape($domainname)."'");
 	
-				if(isset($row2['customerid']) && $row2['customerid'] > 0)
-				{
+				if (isset($row2['customerid']) && $row2['customerid'] > 0) {
 					$loginname = getCustomerDetail($row2['customerid'], 'loginname');
-					
-					if($loginname !== false)
-					{
+					if ($loginname !== false) {
 						$row3 = $db->query_first("SELECT `loginname` AS `customer` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `loginname`='" . $db->escape($loginname) . "'");
-		
-						if($row3['customer'] == $loginname)
-						{
+						if ($row3['customer'] == $loginname) {
 							$table = "`" . TABLE_PANEL_CUSTOMERS . "`";
 							$uid = 'customerid';
 							$adminsession = '0';
 							$is_admin = false;
 						}
 					}
-					else
-					{
-						$is_admin = true;
-					}
 				}
-				else
-				{
-					$is_admin = true;
-				}
-			}
-			else
-			{
-				$is_admin = true;
 			}
 		}

-		if(hasUpdates($version) && $is_admin == false)
-		{
+		if (hasUpdates($version) && $is_admin == false) {
 			redirectTo('index.php');
 			exit;
 		}

-		if($is_admin)
-		{
-			if(hasUpdates($version))
-			{
+		if ($is_admin) {
+			if (hasUpdates($version)) {
 				$row = $db->query_first("SELECT `loginname` AS `admin` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `loginname`='" . $db->escape($loginname) . "' AND `change_serversettings` = '1'");
 				/*
 				 * not an admin who can see updates
 				 */
-				if(!isset($row['admin']))
-				{
+				if (!isset($row['admin'])) {
 					redirectTo('index.php');
 					exit;
 				}
-			}
-			else
-			{
+			} else {
 				$row = $db->query_first("SELECT `loginname` AS `admin` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `loginname`='" . $db->escape($loginname) . "'");
 			}

-			if($row['admin'] == $loginname)
-			{
+			if ($row['admin'] == $loginname) {
 				$table = "`" . TABLE_PANEL_ADMINS . "`";
 				$uid = 'adminid';
 				$adminsession = '1';
-			}
-			else
-			{
+			} else {
 				redirectTo('index.php', Array('showmessage' => '2'), true);
 				exit;
 			}
@@ -129,64 +97,48 @@ if($action == 'login')

 		$userinfo = $db->query_first("SELECT * FROM $table WHERE `loginname`='" . $db->escape($loginname) . "'");

-		if($userinfo['loginfail_count'] >= $settings['login']['maxloginattempts']
-		&& $userinfo['lastlogin_fail'] > (time() - $settings['login']['deactivatetime']))
-		{
+		if ($userinfo['loginfail_count'] >= $settings['login']['maxloginattempts']
+			&& $userinfo['lastlogin_fail'] > (time() - $settings['login']['deactivatetime'])
+		) {
 			redirectTo('index.php', Array('showmessage' => '3'), true);
 			exit;
-		}
-		elseif($userinfo['password'] == md5($password))
-		{
+		} elseif($userinfo['password'] == md5($password)) {
 			// login correct
 			// reset loginfail_counter, set lastlogin_succ
-
 			$db->query("UPDATE $table SET `lastlogin_succ`='" . time() . "', `loginfail_count`='0' WHERE `$uid`='" . (int)$userinfo[$uid] . "'");
 			$userinfo['userid'] = $userinfo[$uid];
 			$userinfo['adminsession'] = $adminsession;
-		}
-		else
-		{
+		} else {
 			// login incorrect
-
 			$db->query("UPDATE $table SET `lastlogin_fail`='" . time() . "', `loginfail_count`=`loginfail_count`+1 WHERE `$uid`='" . (int)$userinfo[$uid] . "'");
 			unset($userinfo);
 			redirectTo('index.php', Array('showmessage' => '2'), true);
 			exit;
 		}

-		if(isset($userinfo['userid'])
-		&& $userinfo['userid'] != '')
-		{
+		if (isset($userinfo['userid'])
+			&& $userinfo['userid'] != ''
+		) {
 			$s = md5(uniqid(microtime(), 1));

-			if(isset($_POST['language']))
-			{
+			if (isset($_POST['language'])) {
 				$language = validate($_POST['language'], 'language');
-
-				if($language == 'profile')
-				{
+				if ($language == 'profile') {
 					$language = $userinfo['def_language'];
-				}
-				elseif(!isset($languages[$language]))
-				{
+				} elseif(!isset($languages[$language])) {
 					$language = $settings['panel']['standardlanguage'];
 				}
-			}
-			else
-			{
+			} else {
 				$language = $settings['panel']['standardlanguage'];
 			}

-			if(isset($userinfo['theme']) && $userinfo['theme'] != '') {
+			if (isset($userinfo['theme']) && $userinfo['theme'] != '') {
 				$theme = $userinfo['theme'];
-			}
-			else
-			{
+			} else {
 				$theme = $settings['panel']['default_theme'];
 			}

-			if($settings['session']['allow_multiple_login'] != '1')
-			{
+			if ($settings['session']['allow_multiple_login'] != '1') {
 				$db->query("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = '" . (int)$userinfo['userid'] . "' AND `adminsession` = '" . $db->escape($userinfo['adminsession']) . "'");
 			}

@@ -195,56 +147,41 @@ if($action == 'login')
 			$columns = mysql_num_fields($fields);
 			$field_array = array();
 			for ($i = 0; $i < $columns; $i++) {
-    			$field_array[] = mysql_field_name($fields, $i);
+				$field_array[] = mysql_field_name($fields, $i);
 			}

-    		if (!in_array('theme', $field_array)) {
+			if (!in_array('theme', $field_array)) {
 				$db->query("INSERT INTO `" . TABLE_PANEL_SESSIONS . "` (`hash`, `userid`, `ipaddress`, `useragent`, `lastactivity`, `language`, `adminsession`) VALUES ('" . $db->escape($s) . "', '" . (int)$userinfo['userid'] . "', '" . $db->escape($remote_addr) . "', '" . $db->escape($http_user_agent) . "', '" . time() . "', '" . $db->escape($language) . "', '" . $db->escape($userinfo['adminsession']) . "')");
-    		} else {
-    			$db->query("INSERT INTO `" . TABLE_PANEL_SESSIONS . "` (`hash`, `userid`, `ipaddress`, `useragent`, `lastactivity`, `language`, `adminsession`, `theme`) VALUES ('" . $db->escape($s) . "', '" . (int)$userinfo['userid'] . "', '" . $db->escape($remote_addr) . "', '" . $db->escape($http_user_agent) . "', '" . time() . "', '" . $db->escape($language) . "', '" . $db->escape($userinfo['adminsession']) . "', '" . $db->escape($theme) . "')");
-    		}
+    			} else {
+    				$db->query("INSERT INTO `" . TABLE_PANEL_SESSIONS . "` (`hash`, `userid`, `ipaddress`, `useragent`, `lastactivity`, `language`, `adminsession`, `theme`) VALUES ('" . $db->escape($s) . "', '" . (int)$userinfo['userid'] . "', '" . $db->escape($remote_addr) . "', '" . $db->escape($http_user_agent) . "', '" . time() . "', '" . $db->escape($language) . "', '" . $db->escape($userinfo['adminsession']) . "', '" . $db->escape($theme) . "')");
+    			}

-			if($userinfo['adminsession'] == '1')
-			{
-				if(hasUpdates($version))
-				{
+			if ($userinfo['adminsession'] == '1') {
+				if (hasUpdates($version)) {
 					redirectTo('admin_updates.php', Array('s' => $s), true);
-					exit;
-				}
-				else
-				{
+				} else {
 					redirectTo('admin_index.php', Array('s' => $s), true);
-					exit;
 				}
-			}
-			else
-			{
+			} else {
 				redirectTo('customer_index.php', Array('s' => $s), true);
-				exit;
 			}
-		}
-		else
-		{
+		} else {
 			redirectTo('index.php', Array('showmessage' => '2'), true);
-			exit;
 		}
-	}
-	else
-	{
+		exit;
+	} else {
 		$language_options = '';
-		$language_options.= makeoption($lng['login']['profile_lng'], 'profile', 'profile', true, true);
+		$language_options .= makeoption($lng['login']['profile_lng'], 'profile', 'profile', true, true);

-		while(list($language_file, $language_name) = each($languages))
-		{
-			$language_options.= makeoption($language_name, $language_file, 'profile', true);
+		while (list($language_file, $language_name) = each($languages)) {
+			$language_options .= makeoption($language_name, $language_file, 'profile', true);
 		}

 		$smessage = isset($_GET['showmessage']) ? (int)$_GET['showmessage'] : 0;
 		$message = '';
 		$successmessage = '';

-		switch($smessage)
-		{
+		switch ($smessage) {
 			case 1:
 				$successmessage = $lng['pwdreminder']['success'];
 				break;
@@ -252,7 +189,7 @@ if($action == 'login')
 				$message = $lng['error']['login'];
 				break;
 			case 3:
-				$message = $lng['error']['login_blocked'];
+				$message = sprintf($lng['error']['login_blocked'],$settings['login']['deactivatetime']);
 				break;
 			case 4:
 				$cmail = isset($_GET['customermail']) ? $_GET['customermail'] : 'unknown';
@@ -264,23 +201,21 @@ if($action == 'login')
 		}

 		$update_in_progress = '';
-		if(hasUpdates($version))
-		{
+		if (hasUpdates($version)) {
 			$update_in_progress = $lng['update']['updateinprogress_onlyadmincanlogin'];
 		}

-		eval("echo \"" . getTemplate("login") . "\";");
+		eval("echo \"" . getTemplate('login') . "\";");
 	}
 }

-if($action == 'forgotpwd')
-{
+if ($action == 'forgotpwd') {
 	$adminchecked = false;
 	$message = '';

-	if(isset($_POST['send'])
-	&& $_POST['send'] == 'send')
-	{
+	if (isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {
 		$loginname = validate($_POST['loginname'], 'loginname');
 		$email = validateEmail($_POST['loginemail'], 'email');
 		$sql = "SELECT `adminid`, `customerid`, `firstname`, `name`, `company`, `email`, `loginname`, `def_language`, `deactivated` FROM `" . TABLE_PANEL_CUSTOMERS . "`
@@ -288,64 +223,48 @@ if($action == 'forgotpwd')
 				AND `email`='" . $db->escape($email) . "'";
 		$result = $db->query($sql);

-		if($db->num_rows() == 0)
-		{
+		if ($db->num_rows() == 0) {
 			$sql = "SELECT `adminid`, `name`, `email`, `loginname`, `def_language` FROM `" . TABLE_PANEL_ADMINS . "`
 				WHERE `loginname`='" . $db->escape($loginname) . "'
 				AND `email`='" . $db->escape($email) . "'";
 			$result = $db->query($sql);
 				
-			if($db->num_rows() > 0)
-			{
+			if ($db->num_rows() > 0) {
 				$adminchecked = true;
-			}
-			else
-			{
+			} else {
 				$result = null;
 			}
 		}

-		if($result !== null)
-		{
+		if ($result !== null) {
 			$user = $db->fetch_array($result);
 			
 			/* Check whether user is banned */
-			if($user['deactivated'])
-			{
+			if ($user['deactivated']) {
 				$message = $lng['pwdreminder']['notallowed'];
 				redirectTo('index.php', Array('showmessage' => '5'), true);
 			}

-			if(($adminchecked && $settings['panel']['allow_preset_admin'] == '1')
-			|| $adminchecked == false)
-			{
-				if($user !== false)
-				{
+			if (($adminchecked && $settings['panel']['allow_preset_admin'] == '1')
+				|| $adminchecked == false
+			) {
+				if ($user !== false) {
 					if ($settings['panel']['password_min_length'] <= 6) {
 						$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
 					} else {
 						// make it two times larger than password_min_length
 						$rnd = '';
 						$minlength = $settings['panel']['password_min_length'];
-						while (strlen($rnd) < ($minlength * 2))
-						{
+						while (strlen($rnd) < ($minlength * 2)) {
 							$rnd .= md5(uniqid(microtime(), 1));
 						}
 						$password = substr($rnd, (int)($minlength / 2), $minlength);
 					}

-					if($adminchecked)
-					{
-						$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `password`='" . md5($password) . "'
-								WHERE `loginname`='" . $user['loginname'] . "'
-								AND `email`='" . $user['email'] . "'");
-					}
-					else
-					{
-						$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `password`='" . md5($password) . "'
-								WHERE `loginname`='" . $user['loginname'] . "'
-								AND `email`='" . $user['email'] . "'");
-					}
+					$passwordTable = $adminchecked ? TABLE_PANEL_ADMINS : TABLE_PANEL_CUSTOMERS;
+					$db->query("UPDATE `" . $passwordTable . "` SET `password`='" . md5($password) . "'
+							WHERE `loginname`='" . $user['loginname'] . "'
+							AND `email`='" . $user['email'] . "'");

 					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $db, $settings);
 					$rstlog->logAction(USR_ACTION, LOG_WARNING, "Password for user '" . $user['loginname'] . "' has been reset!");
@@ -389,9 +308,7 @@ if($action == 'forgotpwd')
 					$mail->ClearAddresses();
 					redirectTo('index.php', Array('showmessage' => '1'), true);
 					exit;
-				}
-				else
-				{
+				} else {
 					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $db, $settings);
 					$rstlog->logAction(USR_ACTION, LOG_WARNING, "User '" . $loginname . "' tried to reset pwd but wasn't found in database!");
 					$message = $lng['login']['combination_not_found'];
@@ -399,28 +316,21 @@ if($action == 'forgotpwd')

 				unset($user);
 			}
-		}
-		else
-		{
+		} else {
 			$message = $lng['login']['usernotfound'];
 		}
 	}

-	if($adminchecked)
-	{
-		if($settings['panel']['allow_preset_admin'] != '1')
-		{
+	if ($adminchecked) {
+		if ($settings['panel']['allow_preset_admin'] != '1') {
 			$message = $lng['pwdreminder']['notallowed'];
 			unset ($adminchecked);
 		}
-	}
-	else
-	{
-		if($settings['panel']['allow_preset'] != '1')
-		{
+	} else {
+		if ($settings['panel']['allow_preset'] != '1') {
 			$message = $lng['pwdreminder']['notallowed'];
 		}
 	}

-	eval("echo \"" . getTemplate("fpwd") . "\";");
+	eval("echo \"" . getTemplate('fpwd') . "\";");
 }
--- a/install/froxlor.sql
+++ b/install/froxlor.sql
--- a/install/install.php
+++ b/install/install.php
@@ -2,7 +2,6 @@

 /**
 * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
 * Copyright (c) 2010 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
@@ -10,962 +9,14 @@
 * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Install
 *
 */

-/**
- * Most elements are taken from the phpBB (www.phpbb.com)
- * installer, (c) 1999 - 2004 phpBB Group.
- */
+require 'lib/class.FroxlorInstall.php';

-// ensure that default timezone is set
-if(function_exists("date_default_timezone_set") && function_exists("date_default_timezone_get"))
-{
-	@date_default_timezone_set(@date_default_timezone_get());
-}
-
-if(file_exists('../lib/userdata.inc.php'))
-{
-	/**
-	 * Includes the Usersettings eg. MySQL-Username/Passwort etc. to test if Froxlor is already installed
-	 */
-
-	require ('../lib/userdata.inc.php');
-
-	if(isset($sql)
-	   && is_array($sql)
-	) {
-		$installed_hint = file_get_contents('../templates/Froxlor/misc/alreadyinstalledhint.tpl');
-		die($installed_hint);
-	}
-}
-
-/**
- * Include the functions
- */
-
-require ('../lib/functions.php');
-
-/**
- * Include the MySQL-Table-Definitions
- */
-
-require ('../lib/tables.inc.php');
-
-/**
- * Language Managament
- */
-
-$languages = Array(
-	'german' => 'Deutsch',
-	'english' => 'English',
-	'french' => 'Francais'
-);
-$standardlanguage = 'english';
-
-if(isset($_GET['language'])
-   && isset($languages[$_GET['language']]))
-{
-	$language = $_GET['language'];
-}
-elseif(isset($_POST['language'])
-       && isset($languages[$_POST['language']]))
-{
-	$language = $_POST['language'];
-}
-else
-{
-	$language = $standardlanguage;
-}
-
-if(file_exists('./lng/' . $language . '.lng.php'))
-{
-	/**
-	 * Includes file /lng/$language.lng.php if it exists
-	 */
-
-	require ('./lng/' . $language . '.lng.php');
-}
-
-/**
- * BEGIN FUNCTIONS -----------------------------------------------
- */
-
-function page_header() {
-?>
-<!DOCTYPE html>
-<html lang="en">
-<head>
-	<meta charset="iso-8859-1" />
-	<meta http-equiv="Default-Style" content="text/css" />
-	<link rel="stylesheet" href="../templates/Froxlor/froxlor.css"  />
-	<!--[if IE]><link rel="stylesheet" href="../templates/Froxlor/froxlor_ie.css"  /><![endif]-->
-	<!--[if lt IE 9]><script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script><![endif]-->
-	<script type="text/javascript" src="../templates/Froxlor/js/jquery.min.js"></script>
-	<script type="text/javascript" src="../templates/Froxlor/js/froxlor.js"></script>
-	<title>Froxlor Server Management Panel - Installation</title>
-	<style>
-	input {
-		background: #dae7ee url('../images/Froxlor/icons/text_align_left.png') no-repeat 5px 4px;
-	}
-	input[type="password"] {
-		background: #dae7ee url('../images/Froxlor/icons/password.png') no-repeat 4px 4px;
-	}
-	input[type="submit"] {
-		background: #ccc url('../images/Froxlor/icons/button_ok.png') no-repeat 4px 8px;
-	}
-	</style>
-</head>
-<body>
-<div class="loginpage">
-<?php
-}
-
-function page_footer() {
-?>
-</div>
-<footer>
-	<span>
-		Froxlor &copy; 2009-<?php echo date('Y', time()); ?> by <a href="http://www.froxlor.org/" rel="external">the Froxlor Team</a>
-	</span>
-</footer>
-</body>
-</html>
-<?php
-}
-
-function status_message($case, $text)
-{
-	if($case == 'begin')
-	{
-		echo '<tr><td>'.$text;
-	}
-	else
-	{
-		echo '</td><td class="installstatus">
-			<span style="color:'.$case.';">'.$text.'</span>
-		</td></tr>';
-	}
-}
-
-function requirement_checks() {
-
-	global $lng;
-	page_header();
-
-?>
-	<article class="install bradius">
-		<header class="dark">
-			<img src="../images/Froxlor/logo.png" alt="Froxlor Server Management Panel" />
-		</header>
-
-		<section class="installsec">
-			<h2>Requirements</h2>
-			<table class="noborder">
-<?php
-	$_die = false;
-	
-	// check for correct php version
-	status_message('begin', $lng['install']['phpversion']);
-
-	if(version_compare("5.2.0", PHP_VERSION, ">="))
-	{
-		status_message('red', $lng['install']['notinstalled']);
-		$_die = true;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	// Check if magic_quotes_runtime is active
-	status_message('begin', $lng['install']['phpmagic_quotes_runtime']);	 
-	if(get_magic_quotes_runtime())
-	{
-	    // Deactivate
-	    set_magic_quotes_runtime(false);
-	    status_message('orange', $lng['install']['active'] . '<br />' . $lng['install']['phpmagic_quotes_runtime_description']);
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	// check for mysql-extension
-	status_message('begin', $lng['install']['phpmysql']);
-
-	if(!extension_loaded('mysql'))
-	{
-		status_message('red', $lng['install']['notinstalled']);
-		$_die = true;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	// check for xml-extension
-	status_message('begin', $lng['install']['phpxml']);
-	
-	if(!extension_loaded('xml'))
-	{
-		status_message('red', $lng['install']['notinstalled']);
-		$_die = true;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	// check for filter-extension
-	status_message('begin', $lng['install']['phpfilter']);
-
-	if(!extension_loaded('filter'))
-	{
-		status_message('red', $lng['install']['notinstalled']);
-		$_die = true;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	// check for posix-extension
-	status_message('begin', $lng['install']['phpposix']);	
-
-	if(!extension_loaded('posix'))
-	{
-		status_message('red', $lng['install']['notinstalled']);
-		$_die = true;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	// check for bcmath extension
-	status_message('begin', $lng['install']['phpbcmath']);
-
-	if(!extension_loaded('bcmath'))
-	{
-		status_message('orange', $lng['install']['notinstalled'] . '<br />' . $lng['install']['bcmathdescription']);
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	// check for open_basedir
-	status_message('begin', $lng['install']['openbasedir']);
-	$php_ob = @ini_get("open_basedir");
-
-	if(!empty($php_ob)
-	   && $php_ob != '')
-	{
-		status_message('orange', $lng['install']['openbasedirenabled']);
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-?>
-		</table>
-<?php
-	if($_die)
-	{
-?>
-		<p style="padding-left:15px;">
-			<strong><?php echo $lng['install']['diedbecauseofrequirements']; ?></strong>
-		</p>
-		<p class="submit">
-			<a href="install.php"><?php echo $lng['install']['click_here_to_refresh']; ?></a>
-		</p>
-<?php 
-	} else {
-?>
-		<p style="padding-left:15px;">
-			<strong><?php echo $lng['install']['froxlor_succ_checks']; ?></strong>
-		</p>
-		<p class="submit">
-			<a href="install.php?check=1"><?php echo $lng['install']['click_here_to_continue']; ?></a>
-		</p>
-<?php
-	}
-?>
-		</section>
-	</article>
-<?php 
-	page_footer();
-}
-
-/**
- * END FUNCTIONS ---------------------------------------------------
- */
-
-/**
- * BEGIN VARIABLES ---------------------------------------------------
- */
-
-//guess Servername
-
-if(!empty($_POST['servername']))
-{
-	$servername = $_POST['servername'];
-}
-else
-{
-	if(!empty($_SERVER['SERVER_NAME']))
-	{
-		if(preg_match('/^[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$/', $_SERVER['SERVER_NAME']) == false)
-		{
-			$servername = $_SERVER['SERVER_NAME'];
-		}
-		else
-		{
-			$servername = '';
-		}
-	}
-	else
-	{
-		$servername = '';
-	}
-}
-
-//guess serverip
-
-if(!empty($_POST['serverip']))
-{
-	$serverip = $_POST['serverip'];
-}
-else
-{
-	if(!empty($_SERVER['SERVER_ADDR']))
-	{
-		$serverip = $_SERVER['SERVER_ADDR'];
-	}
-	else
-	{
-		$serverip = '';
-	}
-}
-
-if(!empty($_POST['mysql_host']))
-{
-	$mysql_host = $_POST['mysql_host'];
-}
-else
-{
-	$mysql_host = '127.0.0.1';
-}
-
-if(!empty($_POST['mysql_database']))
-{
-	$mysql_database = $_POST['mysql_database'];
-}
-else
-{
-	$mysql_database = 'froxlor';
-}
-
-if(!empty($_POST['mysql_unpriv_user']))
-{
-	$mysql_unpriv_user = $_POST['mysql_unpriv_user'];
-}
-else
-{
-	$mysql_unpriv_user = 'froxlor';
-}
-
-if(!empty($_POST['mysql_unpriv_pass']))
-{
-	$mysql_unpriv_pass = $_POST['mysql_unpriv_pass'];
-}
-else
-{
-	$mysql_unpriv_pass = '';
-}
-
-if(!empty($_POST['mysql_root_user']))
-{
-	$mysql_root_user = $_POST['mysql_root_user'];
-}
-else
-{
-	$mysql_root_user = 'root';
-}
-
-if(!empty($_POST['mysql_root_pass']))
-{
-	$mysql_root_pass = $_POST['mysql_root_pass'];
-}
-else
-{
-	$mysql_root_pass = '';
-}
-
-if(!empty($_POST['admin_user']))
-{
-	$admin_user = $_POST['admin_user'];
-}
-else
-{
-	$admin_user = 'admin';
-}
-
-if(!empty($_POST['admin_pass1']))
-{
-	$admin_pass1 = $_POST['admin_pass1'];
-}
-else
-{
-	$admin_pass1 = '';
-}
-
-if(!empty($_POST['admin_pass2']))
-{
-	$admin_pass2 = $_POST['admin_pass2'];
-}
-else
-{
-	$admin_pass2 = '';
-}
-
-if($mysql_host == 'localhost'
-   || $mysql_host == '127.0.0.1')
-{
-	$mysql_access_host = $mysql_host;
-}
-else
-{
-	$mysql_access_host = $serverip;
-}
-
-// gues http software
-
-if(!empty($_POST['webserver']))
-{
-	$webserver = $_POST['webserver'];
-}
-else
-{
-	if(strtoupper(@php_sapi_name()) == "APACHE2HANDLER"
-	   || stristr($_SERVER['SERVER_SOFTWARE'], "apache/2"))
-	{
-		$webserver = 'apache2';
-	}
-	elseif(substr(strtoupper(@php_sapi_name()), 0, 8) == "LIGHTTPD"
-	       || stristr($_SERVER['SERVER_SOFTWARE'], "lighttpd"))
-	{
-		$webserver = 'lighttpd';
-	}
-    elseif(substr(strtoupper(@php_sapi_name()), 0, 8) == "NGINX"
-	       || stristr($_SERVER['SERVER_SOFTWARE'], "nginx"))
-	{
-		$webserver = 'nginx';
-	}
-	else
-	{
-		// we don't need to bail out, since unknown does not affect any critical installation routines
-
-		$webserver = 'unknown';
-	}
-}
-
-if(!empty($_POST['httpuser']))
-{
-	$httpuser = $_POST['httpuser'];
-}
-else
-{
-	$httpuser = '';
-}
-
-if(!empty($_POST['httpgroup']))
-{
-	$httpgroup = $_POST['httpgroup'];
-}
-else
-{
-	$httpgroup = '';
-}
-
-/**
- * END VARIABLES ---------------------------------------------------
- */
-
-/**
- * BEGIN INSTALL ---------------------------------------------------
- */
-
-if(isset($_POST['installstep'])
-   && $_POST['installstep'] == '1'
-   && $admin_pass1 == $admin_pass2
-   && $admin_pass1 != ''
-   && $admin_pass2 != ''
-   && $mysql_unpriv_pass != ''
-   && $mysql_root_pass != ''
-   && $servername != ''
-   && $serverip != ''
-   && $httpuser != ''
-   && $httpgroup != ''
-   && $mysql_unpriv_user != $mysql_root_user)
-{
-	page_header();
-
-?>
-	<article class="install bradius">
-		<header class="dark">
-			<img src="../images/Froxlor/logo.png" alt="Froxlor Server Management Panel" />
-		</header>
-
-		<section class="installsec">
-			<h2>Installation</h2>
-			<table class="noborder">
-<?php
-
-	//first test if we can access the database server with the given root user and password
-
-	status_message('begin', $lng['install']['testing_mysql']);
-	$db_root = new db($mysql_host, $mysql_root_user, $mysql_root_pass, '');
-
-	//ok, if we are here, the database class is build up (otherwise it would have already die'd this script)
-
-	status_message('green', 'OK');
-
-	//first we make a backup of the old DB if it exists
-
-	status_message('begin', $lng['install']['backup_old_db']);
-	$tables_exist = false;
-
-	$sql = "SHOW TABLES FROM $mysql_database";
-	$result = mysql_query($sql);
-
-	// check the first row
-	if($result !== false)
-	{
-		$row = mysql_num_rows($result);
-	
-		if($row > 0)
-		{
-			$tables_exist = true;
-		}
-	}
-
-	if($tables_exist)
-	{
-		$filename = "/tmp/froxlor_backup_" . date('YmdHi') . ".sql";
-
-		if(is_file("/usr/bin/mysqldump"))
-		{
-			$do_backup = true;
-			$mysql_dump = '/usr/bin/mysqldump';
-		}
-		elseif(is_file("/usr/local/bin/mysqldump"))
-		{
-			$do_backup = true;
-			$mysql_dump = '/usr/local/bin/mysqldump';
-		}
-		else
-		{
-			$do_backup = false;
-			status_message('red', $lng['install']['backing_up_binary_missing']);
-		}
-		
-		if($do_backup) {
-			
-			$command = $mysql_dump . " " . $mysql_database . " -u " . $mysql_root_user . " --password='" . $mysql_root_pass . "' --result-file=" . $filename;
-			$output = exec($command);
-
-			if(stristr($output, "error"))
-			{
-				status_message('red', $lng['install']['backing_up_failed']);
-			}
-			else
-			{
-				status_message('green', 'OK');
-			}
-
-		}
-	}
-
-	//so first we have to delete the database and the user given for the unpriv-user if they exit
-
-	status_message('begin', $lng['install']['erasing_old_db']);
-	$db_root->query("DELETE FROM `mysql`.`user` WHERE `User` = '" . $db_root->escape($mysql_unpriv_user) . "' AND `Host` = '" . $db_root->escape($mysql_access_host) . "'");
-	$db_root->query("DELETE FROM `mysql`.`db` WHERE `User` = '" . $db_root->escape($mysql_unpriv_user) . "' AND `Host` = '" . $db_root->escape($mysql_access_host) . "'");
-	$db_root->query("DELETE FROM `mysql`.`tables_priv` WHERE `User` = '" . $db_root->escape($mysql_unpriv_user) . "' AND `Host` = '" . $db_root->escape($mysql_access_host) . "'");
-	$db_root->query("DELETE FROM `mysql`.`columns_priv` WHERE `User` = '" . $db_root->escape($mysql_unpriv_user) . "' AND `Host` = '" . $db_root->escape($mysql_access_host) . "'");
-	$db_root->query("DROP DATABASE IF EXISTS `" . $db_root->escape(str_replace('`', '', $mysql_database)) . "` ;");
-	$db_root->query("FLUSH PRIVILEGES;");
-	status_message('green', 'OK');
-
-	//then we have to create a new user and database for the froxlor unprivileged mysql access
-
-	status_message('begin', $lng['install']['create_mysqluser_and_db']);
-	$db_root->query("CREATE DATABASE `" . $db_root->escape(str_replace('`', '', $mysql_database)) . "`");
-	$mysql_access_host_array = array_map('trim', explode(',', $mysql_access_host));
-
-	if(in_array('127.0.0.1', $mysql_access_host_array)
-	   && !in_array('localhost', $mysql_access_host_array))
-	{
-		$mysql_access_host_array[] = 'localhost';
-	}
-
-	if(!in_array('127.0.0.1', $mysql_access_host_array)
-	   && in_array('localhost', $mysql_access_host_array))
-	{
-		$mysql_access_host_array[] = '127.0.0.1';
-	}
-
-	$mysql_access_host_array[] = $serverip;
-	foreach($mysql_access_host_array as $mysql_access_host)
-	{
-		$db_root->query("GRANT ALL PRIVILEGES ON `" . $db_root->escape(str_replace('`', '', $mysql_database)) . "`.* TO '" . $db_root->escape($mysql_unpriv_user) . "'@'" . $db_root->escape($mysql_access_host) . "' IDENTIFIED BY 'password'");
-		$db_root->query("SET PASSWORD FOR '" . $db_root->escape($mysql_unpriv_user) . "'@'" . $db_root->escape($mysql_access_host) . "' = PASSWORD('" . $db_root->escape($mysql_unpriv_pass) . "')");
-	}
-
-	$db_root->query("FLUSH PRIVILEGES;");
-	$mysql_access_host = implode(',', $mysql_access_host_array);
-	status_message('green', 'OK');
-
-	//now a new database and the new froxlor-unprivileged-mysql-account have been created and we can fill it now with the data.
-
-	status_message('begin', $lng['install']['testing_new_db']);
-	$db = new db($mysql_host, $mysql_unpriv_user, $mysql_unpriv_pass, $mysql_database);
-	status_message('green', 'OK');
-	status_message('begin', $lng['install']['importing_data']);
-	$db_schema = './froxlor.sql';
-	$sql_query = @file_get_contents($db_schema, 'r');
-	$sql_query = remove_remarks($sql_query);
-	$sql_query = split_sql_file($sql_query, ';');
-	for ($i = 0;$i < sizeof($sql_query);$i++)
-	{
-		if(trim($sql_query[$i]) != '')
-		{
-			$result = $db->query($sql_query[$i]);
-		}
-	}
-
-	status_message('green', 'OK');
-	status_message('begin', 'System Servername...');
-
-	if(validate_ip($_SERVER['SERVER_NAME'], true) !== false)
-	{
-		status_message('red', $lng['install']['servername_should_be_fqdn']);
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	//now let's change the settings in our settings-table
-
-	status_message('begin', $lng['install']['changing_data']);
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = 'admin@" . $db->escape($servername) . "' WHERE `settinggroup` = 'panel' AND `varname` = 'adminmail'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($serverip) . "' WHERE `settinggroup` = 'system' AND `varname` = 'ipaddress'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($servername) . "' WHERE `settinggroup` = 'system' AND `varname` = 'hostname'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($version) . "' WHERE `settinggroup` = 'panel' AND `varname` = 'version'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($languages[$language]) . "' WHERE `settinggroup` = 'panel' AND `varname` = 'standardlanguage'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($mysql_access_host) . "' WHERE `settinggroup` = 'system' AND `varname` = 'mysql_access_host'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($webserver) . "' WHERE `settinggroup` = 'system' AND `varname` = 'webserver'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($webserver) . "' WHERE `settinggroup` = 'system' AND `varname` = 'webserver'");
-
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($httpuser) . "' WHERE `settinggroup` = 'system' AND `varname` = 'httpuser'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($httpgroup) . "' WHERE `settinggroup` = 'system' AND `varname` = 'httpgroup'");
-
-	if($webserver == "apache2")
-	{
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/apache2/sites-enabled/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_vhost'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/apache2/sites-enabled/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_diroptions'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/apache2/froxlor-htpasswd/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_htpasswddir'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/init.d/apache2 reload' WHERE `settinggroup` = 'system' AND `varname` = 'apachereload_command'");
-	}
-	elseif($webserver == "lighttpd")
-	{
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/lighttpd/conf-enabled/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_vhost'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/lighttpd/froxlor-diroptions/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_diroptions'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/lighttpd/froxlor-htpasswd/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_htpasswddir'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/init.d/lighttpd reload' WHERE `settinggroup` = 'system' AND `varname` = 'apachereload_command'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/lighttpd/lighttpd.pem' WHERE `settinggroup` = 'system' AND `varname` = 'ssl_cert_file'");
-		$ssettings = '';
-	}
-        elseif($webserver == "nginx")
-	{
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/nginx/sites-enabled/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_vhost'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/nginx/sites-enabled/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_diroptions'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/nginx/froxlor-htpasswd/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_htpasswddir'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/init.d/nginx reload' WHERE `settinggroup` = 'system' AND `varname` = 'apachereload_command'");
-		$ssettings = '';
-	}
-
-	// insert the lastcronrun to be the installation date
-
-	$query = 'UPDATE `%s` SET `value` = UNIX_TIMESTAMP() WHERE `settinggroup` = \'system\'  AND `varname` = \'lastcronrun\'';
-	$query = sprintf($query, TABLE_PANEL_SETTINGS);
-	$db->query($query);
-	
-	// set specific times for some crons (traffic only at night, etc.)
-	$ts = mktime(0, 0, 0, date('m', time()), date('d', time()), date('Y', time()));
-	$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_traffic.php';");
-	$ts = mktime(1, 0, 0, date('m', time()), date('d', time()), date('Y', time()));
-	$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_used_tickets_reset.php';");
-	$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_ticketarchive.php';");
-
-	// and lets insert the default ip and port
-
-	$query = "INSERT INTO `".TABLE_PANEL_IPSANDPORTS."` 
-			 SET `ip`= '".$db->escape($serverip)."', 
-			 `port` = '80',
-			 `namevirtualhost_statement` = '1',
-			 `vhostcontainer` = '1', 
-			 `vhostcontainer_servername_statement` = '1'";
-	$db->query($query);
-	$defaultip = $db->insert_id();
-
-	// insert the defaultip
-
-	$query = 'UPDATE `%s` SET `value` = \'%s\' WHERE `settinggroup` = \'system\'  AND `varname` = \'defaultip\'';
-	$query = sprintf($query, TABLE_PANEL_SETTINGS, $db->escape($defaultip));
-	$db->query($query);
-	status_message('green', 'OK');
-
-	//last but not least create the main admin
-
-	status_message('begin', $lng['install']['adding_admin_user']);
-	$db->query("INSERT INTO `" . TABLE_PANEL_ADMINS . "` SET
-		`loginname` = '" . $db->escape($admin_user) . "',
-		`password` = '" . md5($admin_pass1) . "',
-		`name` = 'Siteadmin',
-		`email` = 'admin@" . $db->escape($servername) . "',
-		`def_language` = '". $db->escape($languages[$language]) . "',
-		`customers` = -1,
-		`customers_used` = 0,
-		`customers_see_all` = 1,
-		`caneditphpsettings` = 1,
-		`domains` = -1,
-		`domains_used` = 0,
-		`domains_see_all` = 1,
-		`change_serversettings` = 1,
-		`diskspace` = -1024,
-		`diskspace_used` = 0,
-		`mysqls` = -1,
-		`mysqls_used` = 0,
-		`emails` = -1,
-		`emails_used` = 0,
-		`email_accounts` = -1,
-		`email_accounts_used` = 0,
-		`email_forwarders` = -1,
-		`email_forwarders_used` = 0,
-		`email_quota` = -1,
-		`email_quota_used` = 0,
-		`ftps` = -1,
-		`ftps_used` = 0,
-		`tickets` = -1,
-		`tickets_used` = 0,
-		`subdomains` = -1,
-		`subdomains_used` = 0,
-		`traffic` = -1048576,
-		`traffic_used` = 0,
-		`deactivated` = 0,
-		`aps_packages` = -1,
-		`aps_packages_used` = 0,
-		`email_autoresponder` = -1,
-		`email_autoresponder_used` = 0");
-	status_message('green', 'OK');
-
-	//now we create the userdata.inc.php with the mysql-accounts
-
-	status_message('begin', $lng['install']['creating_configfile']);
-	$userdata = "<?php\n";
-	$userdata.= "//automatically generated userdata.inc.php for Froxlor\n";
-	$userdata.= "\$sql['host']='" . addcslashes($mysql_host, "'\\") . "';\n";
-	$userdata.= "\$sql['user']='" . addcslashes($mysql_unpriv_user, "'\\") . "';\n";
-	$userdata.= "\$sql['password']='" . addcslashes($mysql_unpriv_pass, "'\\") . "';\n";
-	$userdata.= "\$sql['db']='" . addcslashes($mysql_database, "'\\") . "';\n";
-	$userdata.= "\$sql_root[0]['caption']='Default';\n";
-	$userdata.= "\$sql_root[0]['host']='" . addcslashes($mysql_host, "'\\") . "';\n";
-	$userdata.= "\$sql_root[0]['user']='" . addcslashes($mysql_root_user, "'\\") . "';\n";
-	$userdata.= "\$sql_root[0]['password']='" . addcslashes($mysql_root_pass, "'\\") . "';\n";
-	$userdata.= "?>";
-
-	//we test now if we can store the userdata.inc.php in ../lib
-
-	if($fp = @fopen('../lib/userdata.inc.php', 'w'))
-	{
-		$result = @fputs($fp, $userdata, strlen($userdata));
-		@fclose($fp);
-		status_message('green', $lng['install']['creating_configfile_succ']);
-		chmod('../lib/userdata.inc.php', 0440);
-	}
-	elseif($fp = @fopen('/tmp/userdata.inc.php', 'w'))
-	{
-		$result = @fputs($fp, $userdata, strlen($userdata));
-		@fclose($fp);
-		status_message('orange', $lng['install']['creating_configfile_temp']);
-		chmod('/tmp/userdata.inc.php', 0440);
-	}
-	else
-	{
-		status_message('red', $lng['install']['creating_configfile_failed']);
-		echo "\t\t<tr>\n\t\t\t<td class=\"main_field_name\"><p>" . nl2br(htmlspecialchars($userdata)) . "</p></td>\n\t\t</tr>\n";
-	}
-
-?>
-		</table>
-		<p style="padding-left: 15px;">
-			<strong><?php echo $lng['install']['froxlor_succ_installed']; ?></strong>
-		</p>
-		<p class="submit">
-			<a href="../index.php"><?php echo $lng['install']['click_here_to_login']; ?></a>
-		</p>
-	</section>
-</article>
-<?php
-	page_footer();
-}
-else
-{
-	
-	if((isset($_GET['check'])
-		&& $_GET['check'] == '1')
-		|| (isset($_POST['installstep']) 
-		&& $_POST['installstep'] == '1')
-	) {
-	page_header();
-
-?>
-	<article class="install bradius">
-		<header class="dark">
-			<img src="../images/Froxlor/logo.png" alt="Froxlor Server Management Panel" />
-		</header>
-		<section class="installsec">
-			<h2><?php echo $lng['install']['language']; ?></h2>
-			<form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']) ?>" method="get">
-				<fieldset>
-				<legend>Froxlor&nbsp;-&nbsp;Install</legend>
-				<p>
-					<label for="language"><?php echo $lng['install']['language']; ?>:</label>&nbsp;
-					<select name="language" id="language">
-					<?php
-						$language_options = '';
-						while(list($language_file, $language_name) = each($languages)) {
-							$language_options.= makeoption($language_name, $language_file, $language, true, true);
-						}
-						echo $language_options;
-					?>
-					</select>
-				</p>
-				<p class="submit">
-					<input type="hidden" name="check" value="1" />
-					<input type="submit" name="chooselang" value="Go" />
-				</p>
-				</fieldset>
-			</form>
-			<aside>&nbsp;</aside>
-		</section>
-		<section class="installsec">
-			<h2><?php echo $lng['install']['installdata']; ?></h2>
-			<form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']) ?>" method="post">
-				<fieldset>
-				<legend>Froxlor&nbsp;-&nbsp;Install</legend>
-				<p>
-					<strong><?php echo $lng['install']['database']; ?></strong>
-				</p>
-				<p>
-					<label for="mysql_host"><?php echo $lng['install']['mysql_hostname']; ?>:</label>&nbsp;
-					<input type="text" name="mysql_host" id="mysql_host" value="<?php echo htmlspecialchars($mysql_host); ?>" required/>
-				</p>
-				<p>
-					<label for="mysql_database"><?php echo $lng['install']['mysql_database']; ?>:</label>&nbsp;
-					<input type="text" name="mysql_database" id="mysql_database" value="<?php echo htmlspecialchars($mysql_database); ?>" required/>
-				</p>
-				<p>
-					<label for="mysql_unpriv_user"<?php echo (($mysql_unpriv_user == $mysql_root_user) ? ' style="color:blue;"' : ''); ?>><?php echo $lng['install']['mysql_unpriv_user']; ?>:</label>&nbsp;
-					<input type="text" name="mysql_unpriv_user" id="mysql_unpriv_user" value="<?php echo htmlspecialchars($mysql_unpriv_user); ?>" required/>
-				</p>
-				<p>
-					<label for="mysql_unpriv_pass"<?php echo ((!empty($_POST['installstep']) && $mysql_unpriv_pass == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['mysql_unpriv_pass']; ?>:</label>&nbsp;
-					<input type="password" name="mysql_unpriv_pass" id="mysql_unpriv_pass" value="<?php echo htmlspecialchars($mysql_unpriv_pass); ?>" required/>
-				</p>
-				<p>
-					<label for="mysql_root_user"<?php echo (($mysql_unpriv_user == $mysql_root_user) ? ' style="color:blue;"' : ''); ?>><?php echo $lng['install']['mysql_root_user']; ?>:</label>&nbsp;
-					<input type="text" name="mysql_root_user" id="mysql_root_user" value="<?php echo htmlspecialchars($mysql_root_user); ?>" required/>
-				</p>
-				<p>
-					<label for="mysql_root_pass"<?php echo ((!empty($_POST['installstep']) && $mysql_root_pass == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['mysql_root_pass']; ?>:</label>&nbsp;
-					<input type="password" name="mysql_root_pass" id="mysql_root_pass" value="<?php echo htmlspecialchars($mysql_root_pass); ?>" required/>
-				</p>
-				<p>
-					<strong><?php echo $lng['install']['admin_account']; ?></strong>
-				</p>
-				<p>
-					<label for="admin_user"><?php echo $lng['install']['admin_user']; ?>:</label>&nbsp;
-					<input type="text" name="admin_user" id="admin_user" value="<?php echo htmlspecialchars($admin_user); ?>" required/>
-				</p>
-				<p>
-					<label for="admin_pass1"<?php echo ((!empty($_POST['installstep']) && ($admin_pass1 == '' || $admin_pass1 != $admin_pass2)) ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['admin_pass']; ?>:</label>&nbsp;
-					<input type="password" name="admin_pass1" id="admin_pass1" value="<?php echo htmlspecialchars($admin_pass1); ?>" required/>
-				</p>
-				<p>
-					<label for="admin_pass2"<?php echo ((!empty($_POST['installstep']) && ($admin_pass2 == '' || $admin_pass1 != $admin_pass2)) ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['admin_pass_confirm']; ?>:</label>&nbsp;
-					<input type="password" name="admin_pass2" id="admin_pass2" value="<?php echo htmlspecialchars($admin_pass2); ?>" required/>
-				</p>
-				<p>
-					<strong><?php echo $lng['install']['serversettings']; ?></strong>
-				</p>
-				<p>
-					<label for="servername"<?php echo ((!empty($_POST['installstep']) && $servername == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['servername']; ?>:</label>&nbsp;
-					<input type="text" name="servername" id="servername" value="<?php echo htmlspecialchars($servername); ?>" required/>
-				</p>
-				<p>
-					<label for="serverip"<?php echo ((!empty($_POST['installstep']) && $serverip == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['serverip']; ?>:</label>&nbsp;
-					<input type="text" name="serverip" id="serverip" value="<?php echo htmlspecialchars($serverip); ?>" required/>
-				</p>
-				<p>
-					<label for="apache"<?php echo ((!empty($_POST['installstep']) && $webserver == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['webserver']; ?> Apache:</label>&nbsp;
-					<input type="radio" name="webserver" id="apache" value="apache2" <?php echo $webserver == "apache2" ? 'checked="checked"' : "" ?>/>Apache2
-				</p>
-				<p>
-					<label for="lighty"<?php echo ((!empty($_POST['installstep']) && $webserver == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['webserver']; ?> LigHTTPd:</label>&nbsp;
-					<input type="radio" name="webserver" id="lighty" value="lighttpd" <?php echo $webserver == "lighttpd" ? 'checked="checked"' : "" ?>/>LigHTTPd
-				</p>
-				<p>
-					<label for="nginx"<?php echo ((!empty($_POST['installstep']) && $webserver == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['webserver']; ?> Nginx:</label>&nbsp;
-					<input type="radio" name="webserver" id="nginx" value="nginx" <?php echo $webserver == "nginx" ? 'checked="checked"' : "" ?>/>Nginx
-				</p>
-				<p>
-					<label for="httpuser"<?php echo ((!empty($_POST['installstep']) && $httpuser == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['httpuser']; ?>:</label>&nbsp;
-					<input type="text" name="httpuser" id="httpuser" value="<?php $posixusername = posix_getpwuid(posix_getuid()); echo $posixusername['name']; ?>" required/>
-				</p>
-				<p>
-					<label for="httpgroup"<?php echo ((!empty($_POST['installstep']) && $httpgroup == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['httpgroup']; ?>:</label>&nbsp;
-					<input type="text" name="httpgroup" id="httpgroup" value="<?php $posixgroup = posix_getgrgid(posix_getgid()); echo $posixgroup['name']; ?>" required/>
-				</p>
-				<p class="submit">
-					<input type="hidden" name="check" value="1" />
-					<input type="hidden" name="language" value="<?php echo htmlspecialchars($language); ?>"/>
-					<input type="hidden" name="installstep" value="1"/>
-					<input class="bottom" type="submit" name="submitbutton" value="<?php echo $lng['install']['next']; ?>"/>
-				</p>
-			</fieldset>
-		</form>
-		<aside>&nbsp;</aside>
-	</section>
-</article>
-<?php
-	page_footer();
-	}
-	else
-	{
-		requirement_checks();
-	}		
-}
-
-/**
- * END INSTALL ---------------------------------------------------
- */
+$frxinstall = new FroxlorInstall();
+$frxinstall->run();
--- a/install/lib/class.FroxlorInstall.php
+++ b/install/lib/class.FroxlorInstall.php
--- a/install/lng/english.lng.php
+++ b/install/lng/english.lng.php
@@ -17,86 +17,68 @@
 *
 */

-/**
- * Begin
- */
+$lng['requirements']['title'] = 'Checking system requirements...';
+$lng['requirements']['installed'] = 'installed';
+$lng['requirements']['not_true'] = 'no';
+$lng['requirements']['notfound'] = 'not found';
+$lng['requirements']['notinstalled'] = 'not installed';
+$lng['requirements']['activated'] = 'enabled';
+$lng['requirements']['phpversion'] = 'PHP version >= 5.2';
+$lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime...';
+$lng['requirements']['phpmagic_quotes_runtime_description'] = 'PHP setting "magic_quotes_runtime" must be set to "Off". We have disabled it temporary for now please fix the coresponding php.ini.';
+$lng['requirements']['phpmysql'] = 'MySQL-extension...';
+$lng['requirements']['phpxml'] = 'PHP XML-extension...';
+$lng['requirements']['phpfilter'] = 'PHP filter-extension...';
+$lng['requirements']['phpposix'] = 'PHP posix-extension...';
+$lng['requirements']['phpbcmath'] = 'PHP bcmath-extension...';
+$lng['requirements']['bcmathdescription'] = 'Traffic-calculation related functions will not work correctly!';
+$lng['requirements']['openbasedir'] = 'open_basedir...';
+$lng['requirements']['openbasedirenabled'] = 'Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor in the coresponding php.ini';
+$lng['requirements']['diedbecauseofrequirements'] = 'Cannot install Froxlor without these requirements! Try to fix them and retry.';
+$lng['requirements']['froxlor_succ_checks'] = 'All requirements are satisfied';

-$lng['install']['language'] = 'Installation - Language';
-$lng['install']['welcome'] = 'Welcome to Froxlor Installation';
+$lng['install']['title'] = 'Froxlor install - chose language';
+$lng['install']['language'] = 'Installation language';
+$lng['install']['lngbtn_go'] = 'Change language';
+$lng['install']['title'] = 'Froxlor install - setup';
 $lng['install']['welcometext'] = 'Thank you for choosing Froxlor. Please fill out the following fields with the required information to start the installation.<br /><b>Attention:</b> If the database you chose for Froxlor already exists on your System, it will be erased with all containing data!';
-$lng['install']['database'] = 'Database';
-$lng['install']['mysql_hostname'] = 'MySQL-Hostname';
-$lng['install']['mysql_database'] = 'MySQL-Database';
+$lng['install']['database'] = 'Database connection';
+$lng['install']['mysql_host'] = 'MySQL-Hostname';
+$lng['install']['mysql_database'] = 'Database name';
 $lng['install']['mysql_unpriv_user'] = 'Username for the unprivileged MySQL-account';
 $lng['install']['mysql_unpriv_pass'] = 'Password for the unprivileged MySQL-account';
 $lng['install']['mysql_root_user'] = 'Username for the MySQL-root-account';
 $lng['install']['mysql_root_pass'] = 'Password for the MySQL-root-account';
 $lng['install']['admin_account'] = 'Administrator Account';
 $lng['install']['admin_user'] = 'Administrator Username';
-$lng['install']['admin_pass'] = 'Administrator Password';
-$lng['install']['admin_pass_confirm'] = 'Administrator-Password (confirm)';
+$lng['install']['admin_pass1'] = 'Administrator Password';
+$lng['install']['admin_pass2'] = 'Administrator-Password (confirm)';
 $lng['install']['serversettings'] = 'Server settings';
-$lng['install']['servername'] = 'Server name (FQDN)';
+$lng['install']['servername'] = 'Server name (FQDN, no ip-address)';
 $lng['install']['serverip'] = 'Server IP';
+$lng['install']['webserver'] = 'Webserver';
+$lng['install']['apache2'] = 'Apache 2';
+$lng['install']['lighttpd'] = 'LigHTTPd';
+$lng['install']['nginx'] = 'NGINX';
 $lng['install']['httpuser'] = 'HTTP username';
 $lng['install']['httpgroup'] = 'HTTP groupname';
-$lng['install']['apacheversion'] = 'Apacheversion';
-$lng['install']['next'] = 'Next';
-$lng['install']['installdata'] = 'Installation - Data';

-/**
- * Progress
- */
-
-$lng['install']['testing_mysql'] = 'Testing if MySQL-root-username and password are correct...';
-$lng['install']['erasing_old_db'] = 'Erasing old Database...';
-$lng['install']['backup_old_db'] = 'Create backup of the old Database...';
-$lng['install']['backing_up'] = 'Backing up';
-$lng['install']['backing_up_binary_missing'] = '/usr/bin/mysqldump is missing';
-$lng['install']['create_mysqluser_and_db'] = 'Creating MySQL-database and username...';
-$lng['install']['testing_new_db'] = 'Testing if MySQL-database and username have been created correctly...';
-$lng['install']['importing_data'] = 'Importing data into MySQL-database...';
-$lng['install']['changing_data'] = 'Changing imported data...';
-$lng['install']['adding_admin_user'] = 'Adding Administrator Account...';
+$lng['install']['testing_mysql'] = 'Checking MySQL-root access...';
+$lng['install']['backup_old_db'] = 'Creating backup of old database...';
+$lng['install']['backup_binary_missing'] = 'Could not find mysqldump';
+$lng['install']['backup_failed'] = 'Could not backup database';
+$lng['install']['prepare_db'] = 'Preparing database...';
+$lng['install']['create_mysqluser_and_db'] = 'Creating database and username...';
+$lng['install']['testing_new_db'] = 'Testing if database and user have been created correctly...';
+$lng['install']['importing_data'] = 'Importing data...';
+$lng['install']['changing_data'] = 'Adjusting settings...';
+$lng['install']['creating_entries'] = 'Inserting new values...';
+$lng['install']['adding_admin_user'] = 'Creating admin-account...';
 $lng['install']['creating_configfile'] = 'Creating configfile...';
-$lng['install']['creating_configfile_succ'] = 'OK, userdata.inc.php was saved in lib/.';
 $lng['install']['creating_configfile_temp'] = 'File was saved in /tmp/userdata.inc.php, please move to lib/.';
-$lng['install']['creating_configfile_failed'] = 'Cannot create lib/userdata.inc.php, please create it manually with the following data:';
+$lng['install']['creating_configfile_failed'] = 'Could not create lib/userdata.inc.php, please create it manually with the following content:';
 $lng['install']['froxlor_succ_installed'] = 'Froxlor was installed successfully.';
-$lng['install']['click_here_to_login'] = 'Click here to login.';
-$lng['install']['phpmysql'] = 'Testing if PHP MySQL-extension is installed...';
-$lng['install']['phpfilter'] = 'Testing if PHP filter-extension is installed...';
-$lng['install']['diedbecauseofrequirements'] = 'Cannot install Froxlor without these requirements! Aborting...';
-$lng['install']['notinstalled'] = 'not installed!';
-$lng['install']['phpbcmath'] = 'Testing if PHP bcmath-extension is installed...';
-$lng['install']['bcmathdescription'] = 'Traffic-calculation related functions will not work correctly!';
-$lng['install']['openbasedir'] = 'Testing if open_basedir is enabled...';
-$lng['install']['openbasedirenabled'] = 'enabled. Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor';

-/**
- * Renamed in 1.2.19-svn40
- */
-
-$lng['install']['webserver'] = 'Webserver';
-
-/*
- * Added in Froxlor 0.9
- */
-$lng['install']['phpversion'] = 'Checking for PHP version >= 5.2';
-$lng['install']['phpposix'] = 'Testing if PHP posix-extension is installed...';
-
-/*
- * Added in Froxlor 0.9.4
- */
-$lng['install']['click_here_to_refresh'] = 'Re-check';
-$lng['install']['click_here_to_continue'] = 'Continue installation';
-$lng['install']['froxlor_succ_checks'] = 'All requirements are satisfied';
-
-/*
- * Added in Froxlor 0.9.13
- */
-$lng['install']['phpmagic_quotes_runtime'] = 'Checking whether magic_quotes_runtime is off';
-$lng['install']['active'] = 'no';
-$lng['install']['phpmagic_quotes_runtime_description'] = 'PHP setting "magic_quotes_runtime" must be set to "Off" in order to avoid strange behavior of Froxlor. Disabling it for now (this is only temporary, please fix our php.ini).';
-$lng['install']['phpxml'] = 'Testing if PHP XML-extension is installed...';
-?>
+$lng['click_here_to_refresh'] = 'Click here to check again';
+$lng['click_here_to_continue'] = 'Click here to continue';
+$lng['click_here_to_login'] = 'Click here to login.';
--- a/install/lng/french.lng.php
+++ b/install/lng/french.lng.php
@@ -1,73 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Tim Zielosko <mail@zielosko.net>
- * @author     Romain MARIADASSOU <roms2000@free.fr>
- * @author     Froxlor Team <team@froxlor.org>
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Language
- *
- */
-
-/**
- * Begin
- */
-
-$lng['install']['language'] = 'Langue d\'installation';
-$lng['install']['welcome'] = 'Bienvenue <20> l\'installation de Froxlor';
-$lng['install']['welcometext'] = 'Merci beaucoup d\'avoir choisi Froxlor. Pour installer Froxlor remplissez les cases ci-dessous avec les informations demand<6E>es.<br /><b>Attention :</b> Si vous entrez le nom d\'une base de donn<6E>es existante, celle-ci sera effac<61>e !';
-$lng['install']['database'] = 'Base de donn<6E>es';
-$lng['install']['mysql_hostname'] = 'Nom d\'h<>te du serveur MySQL';
-$lng['install']['mysql_database'] = 'Base de donn<6E>es MySQL';
-$lng['install']['mysql_unpriv_user'] = 'Utilisateur pour l\'acc<63>s non privil<69>gi<67> <20> MySQL';
-$lng['install']['mysql_unpriv_pass'] = 'Mot de passe pour l\'acc<63>s non privil<69>gi<67> <20> MySQL';
-$lng['install']['mysql_root_user'] = 'Utilisateur pour l\'acc<63>s root <20> MySQL';
-$lng['install']['mysql_root_pass'] = 'Mot de passe pour l\'acc<63>s root <20> MySQL';
-$lng['install']['admin_account'] = 'Acc<63>s administratif';
-$lng['install']['admin_user'] = 'Login de l\'administrateur';
-$lng['install']['admin_pass'] = 'Mot de passe de l\'administrateur';
-$lng['install']['admin_pass_confirm'] = 'Mot de passe de l\'administrateur (confirmation)';
-$lng['install']['serversettings'] = 'Configuration du serveur';
-$lng['install']['servername'] = 'Nom du serveur (FQDN)';
-$lng['install']['serverip'] = 'Adresse IP du serveur';
-$lng['install']['apacheversion'] = 'Version du serveur Apache';
-$lng['install']['next'] = 'Continuer';
-$lng['install']['installdata'] = 'Installation - Data';
-
-/**
- * Progress
- */
-
-$lng['install']['testing_mysql'] = 'V<>rification du login root de MySQL ...';
-$lng['install']['erasing_old_db'] = 'Effacement de l\'ancienne base de donn<6E>es ...';
-$lng['install']['create_mysqluser_and_db'] = 'Cr<43>ation de la base de donn<6E>es puis des utilisateurs ...';
-$lng['install']['testing_new_db'] = 'V<>rification de la base de donn<6E>es et des utilisateurs ...';
-$lng['install']['importing_data'] = 'Importation des informations dans la base de donn<6E>es ...';
-$lng['install']['changing_data'] = 'Modification des donn<6E>es import<72>s ...';
-$lng['install']['adding_admin_user'] = 'Ajout de l\'utilisateur administrateur ...';
-$lng['install']['creating_configfile'] = 'Cr<43>ation du fichier de configuration ...';
-$lng['install']['creating_configfile_succ'] = 'OK, userdata.inc.php a <20>t<EFBFBD> sauvegard<72> dans le dossier lib/ de Froxlor.';
-$lng['install']['creating_configfile_temp'] = 'Le fichier a <20>t<EFBFBD> sauvegard<72> dans /tmp/userdata.inc.php, veuillez le d<>placer / copier dans le dossier lib/ de Froxlor.';
-$lng['install']['creating_configfile_failed'] = 'Erreur en cr<63>ant le fichier lib/userdata.inc.php, veuillez le cr<63>er avec le contenu ci-dessous :';
-$lng['install']['froxlor_succ_installed'] = 'Froxlor a <20>t<EFBFBD> install<6C> correctement.';
-$lng['install']['click_here_to_login'] = 'Cliquez ici pour vous rendre <20> l\'invite de connexion.';
-$lng['install']['httpuser'] = 'Nom du utilisateur du HTTP';
-$lng['install']['httpgroup'] = 'Nom du la group du HTTP';
-
-/**
- * Renamed in 1.2.19-svn40
- */
-
-$lng['install']['webserver'] = 'Version du serveur';
-
-$lng['install']['phpxml'] = 'Tester si PHP XML-extension est install<6C>e...';
-?>
--- a/install/lng/german.lng.php
+++ b/install/lng/german.lng.php
@@ -2,101 +2,83 @@

 /**
 * This file is part of the Froxlor project.
- * Copyright (c) 2003-2007 the SysCP Team (see authors).
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
 * Copyright (c) 2010 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
 * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.syscp.org/misc/COPYING.txt
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2007)
- * @author     Froxlor Team <team@froxlor.org> (2010-)
+ * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Language
 *
 */

-/**
- * Begin
- */
+$lng['requirements']['title'] = 'Prüfe Systemvoraussetzungen...';
+$lng['requirements']['installed'] = 'installiert';
+$lng['requirements']['not_true'] = 'nein';
+$lng['requirements']['notfound'] = 'nicht gefunden';
+$lng['requirements']['notinstalled'] = 'nicht installiert';
+$lng['requirements']['activated'] = 'ist aktiviert.';
+$lng['requirements']['phpversion'] = 'PHP Version >= 5.2';
+$lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime';
+$lng['requirements']['phpmagic_quotes_runtime_description'] = 'Die PHP Einstellung "magic_quotes_runtime" muss deaktiviert sein ("Off"). Die Einstellung wurde temporär deaktiviert, bitte ändern Sie diese in der entsprechenden php.ini.';
+$lng['requirements']['phpmysql'] = 'PHP MySQL-Erweiterung...';
+$lng['requirements']['phpxml'] = 'PHP XML-Erweiterung...';
+$lng['requirements']['phpfilter'] = 'PHP filter-Erweiterung...';
+$lng['requirements']['phpposix'] = 'PHP posix-Erweiterung...';
+$lng['requirements']['phpbcmath'] = 'PHP bcmath-Erweiterung...';
+$lng['requirements']['bcmathdescription'] = 'Traffic-Berechnungs bezogene Funktionen stehen nicht vollständig zur Verfügung!';
+$lng['requirements']['openbasedir'] = 'open_basedir genutzt wird...';
+$lng['requirements']['openbasedirenabled'] = 'Froxlor wird mit aktiviertem open_basedir nicht vollständig funktionieren. Bitte deaktivieren Sie open_basedir für Froxlor in der entsprechenden php.ini';
+$lng['requirements']['diedbecauseofrequirements'] = 'Kann Froxlor ohne diese Voraussetzungen nicht installieren! Versuchen Sie die angezeigten Problem zu beheben und versuchen Sie es erneut.';
+$lng['requirements']['froxlor_succ_checks'] = 'Alle Vorraussetzungen sind erfüllt';

-$lng['install']['language'] = 'Installations - Sprache';
-$lng['install']['welcome'] = 'Willkommen zur Froxlor Installation';
-$lng['install']['welcometext'] = 'Vielen Dank dass Sie sich f&uuml;r Froxlor entschieden haben. Um Ihre Installation von Froxlor zu starten, f&uuml;llen Sie bitte alle Felder unten mit den geforderten Angaben.<br /><b>Achtung:</b> Eine eventuell bereits existierende Datenbank, die den selben Namen hat wie den, den Sie unten eingeben werden, wird mit allen enthaltenen Daten gel&ouml;scht!';
-$lng['install']['database'] = 'Datenbank';
-$lng['install']['mysql_hostname'] = 'MySQL-Hostname';
-$lng['install']['mysql_database'] = 'MySQL-Datenbank';
-$lng['install']['mysql_unpriv_user'] = 'Benutzername f&uuml;r den unprivilegierten MySQL-Account';
-$lng['install']['mysql_unpriv_pass'] = 'Passwort f&uuml;r den unprivilegierten MySQL-Account';
-$lng['install']['mysql_root_user'] = 'Benutzername f&uuml;r den MySQL-Root-Account';
-$lng['install']['mysql_root_pass'] = 'Passwort f&uuml;r den MySQL-Root-Account';
+$lng['install']['lngtitle'] = 'Froxlor Installation - Sprache auswählen';
+$lng['install']['language'] = 'Sprache für die Installation';
+$lng['install']['lngbtn_go'] = 'Sprache ändern';
+$lng['install']['title'] = 'Froxlor Installation - Einrichtung';
+$lng['install']['welcometext'] = 'Vielen Dank dass Sie sich für Froxlor entschieden haben. Um die Installation von Froxlor zu starten, füllen Sie bitte alle Felder mit den geforderten Angaben aus.<br /><b>Achtung:</b> Eine eventuell existierende Datenbank, die den selben Namen hat wie den Gewählten, wird mit allen enthaltenen Daten gelöscht!';
+$lng['install']['database'] = 'Datenbankverbindung';
+$lng['install']['mysql_host'] = 'MySQL-Hostname';
+$lng['install']['mysql_database'] = 'Datenbank Name';
+$lng['install']['mysql_unpriv_user'] = 'Benutzername für den unprivilegierten MySQL-Account';
+$lng['install']['mysql_unpriv_pass'] = 'Passwort für den unprivilegierten MySQL-Account';
+$lng['install']['mysql_root_user'] = 'Benutzername für den MySQL-Root-Account';
+$lng['install']['mysql_root_pass'] = 'Passwort für den MySQL-Root-Account';
 $lng['install']['admin_account'] = 'Admin-Zugang';
 $lng['install']['admin_user'] = 'Administrator-Benutzername';
-$lng['install']['admin_pass'] = 'Administrator-Passwort';
-$lng['install']['admin_pass_confirm'] = 'Administrator-Passwort (Best&auml;tigung)';
+$lng['install']['admin_pass1'] = 'Administrator-Passwort';
+$lng['install']['admin_pass2'] = 'Administrator-Passwort (Bestätigung)';
 $lng['install']['serversettings'] = 'Servereinstellungen';
-$lng['install']['servername'] = 'Servername (FQDN)';
+$lng['install']['servername'] = 'Servername (FQDN, keine IP-Adresse)';
 $lng['install']['serverip'] = 'Server-IP';
-$lng['install']['apacheversion'] = 'Apacheversion';
-$lng['install']['next'] = 'Fortfahren';
-$lng['install']['installdata'] = 'Installation - Daten';
-
-/**
- * Progress
- */
-
-$lng['install']['testing_mysql'] = 'Teste, ob die MySQL-Root-Benutzerdaten richtig sind...';
-$lng['install']['erasing_old_db'] = 'Entferne alte Datenbank...';
-$lng['install']['backup_old_db'] = 'Sichere bisherige Datenbank...';
-$lng['install']['backing_up'] = 'Sicherung l&auml;ft';
-$lng['install']['backing_up_binary_missing'] = '/usr/bin/mysqldump nicht vorhanden';
-$lng['install']['create_mysqluser_and_db'] = 'Erstelle Datenbank und Benutzer...';
-$lng['install']['testing_new_db'] = 'Teste, ob die Datenbank und Passwort korrekt angelegt wurden...';
-$lng['install']['importing_data'] = 'Importiere Daten in die MySQL-Datenbank...';
-$lng['install']['changing_data'] = 'Passe die importierten Daten an...';
-$lng['install']['adding_admin_user'] = 'F&uuml;ge den Admin-Benutzer hinzu...';
-$lng['install']['creating_configfile'] = 'Erstelle Konfigurationsdatei...';
-$lng['install']['creating_configfile_succ'] = 'OK, userdata.inc.php wurde in lib/ gespeichert.';
-$lng['install']['creating_configfile_temp'] = 'Datei wurde in /tmp/userdata.inc.php gespeichert, bitte nach lib/ verschieben.';
-$lng['install']['creating_configfile_failed'] = 'Konnte lib/userdata.inc.php nicht erstellen, bitte manuell mit folgendem Inhalt anlegen:';
-$lng['install']['froxlor_succ_installed'] = 'Froxlor wurde erfolgreich installiert.';
-$lng['install']['click_here_to_login'] = 'Hier geht es weiter zum Login-Fenster.';
-$lng['install']['phpmysql'] = 'Teste, ob die PHP MySQL-Erweiterung installiert ist...';
-$lng['install']['phpfilter'] = 'Teste, ob die PHP Filter-Erweiterung installiert ist...';
-$lng['install']['diedbecauseofrequirements'] = 'Kann Froxlor ohne diese Voraussetzungen nicht installieren! Breche ab...';
-$lng['install']['notinstalled'] = 'nicht installiert!';
-$lng['install']['phpbcmath'] = 'Teste, ob die PHP bcmath-Erweiterung installiert ist...';
-$lng['install']['bcmathdescription'] = 'Traffic-Berechnungs bezogene Funktionen stehen nicht vollst&auml;ndig zur Verf&uuml;gung!';
-$lng['install']['openbasedir'] = 'Teste, ob open_basedir genutzt wird...';
-$lng['install']['openbasedirenabled'] = 'aktiviert. Froxlor wird mit aktiviertem open_basedir nicht vollst&auml;ndig funktionieren. Bitte deaktivieren Sie open_basedir f&uuml;r Froxlor';
+$lng['install']['webserver'] = 'Webserver';
+$lng['install']['apache2'] = 'Apache 2';
+$lng['install']['lighttpd'] = 'LigHTTPd';
+$lng['install']['nginx'] = 'NGINX';
 $lng['install']['httpuser'] = 'HTTP Username';
 $lng['install']['httpgroup'] = 'HTTP Gruppenname';

-/**
- * Renamed in 1.2.19-svn40
- */
+$lng['install']['testing_mysql'] = 'Teste MySQL-Root Zugang...';
+$lng['install']['backup_old_db'] = 'Sicherung vorheriger Datenbank...';
+$lng['install']['backup_binary_missing'] = 'Konnte mysqldump nicht finden';
+$lng['install']['backup_failed'] = 'Sicherung fehlgeschlagen';
+$lng['install']['prepare_db'] = 'Datenbank wird vorbereitet...';
+$lng['install']['create_mysqluser_and_db'] = 'Erstelle Datenbank und Benutzer...';
+$lng['install']['testing_new_db'] = 'Teste, ob Datenbank und Benutzer korrekt angelegt wurden...';
+$lng['install']['importing_data'] = 'Importiere Daten...';
+$lng['install']['changing_data'] = 'Einstellungen anpassen...';
+$lng['install']['creating_entries'] = 'Trage neue Werte ein...';
+$lng['install']['adding_admin_user'] = 'Erstelle Admin-Benutzer...';
+$lng['install']['creating_configfile'] = 'Erstelle Konfigurationsdatei...';
+$lng['install']['creating_configfile_temp'] = 'Datei wurde in /tmp/userdata.inc.php gespeichert, bitte nach lib/ verschieben.';
+$lng['install']['creating_configfile_failed'] = 'Konnte lib/userdata.inc.php nicht erstellen, bitte manuell mit folgendem Inhalt anlegen:';
+$lng['install']['froxlor_succ_installed'] = 'Froxlor wurde erfolgreich installiert.';

-$lng['install']['webserver'] = 'Webserver';
-
-/*
- * Added in Froxlor 0.9
- */
-$lng['install']['phpversion'] = 'Pr&uuml;fe PHP Version >= 5.2';
-$lng['install']['phpposix'] = 'Teste, ob die PHP Posix-Erweiterung installiert ist...';
-
-/*
- * Added in Froxlor 0.9.4
- */
-$lng['install']['click_here_to_refresh'] = 'Erneut pr&uuml;fen';
-$lng['install']['click_here_to_continue'] = 'Installation fortf&uuml;hren';
-$lng['install']['froxlor_succ_checks'] = 'Alle Vorraussetzungen sind erf&uuml;llt';
-
-/*
- * Added in Froxlor 0.9.13
- */
-$lng['install']['phpmagic_quotes_runtime'] = 'Pr&uuml;fe ob magic_quotes_runtime ausgeschalten ist';
-$lng['install']['active'] = 'nein';
-$lng['install']['phpmagic_quotes_runtime_description'] = 'Die PHP Einstellung "magic_quotes_runtime" muss deaktiviert sein ("Off"), um merkw&uuml;rdige Verhalten von Froxlor zu umgehen. Sie wurde deaktiviert (nur tempor&auml;r, bitte php.ini anpassen).';
-$lng['install']['phpxml'] = 'Teste, ob die PHP XML-Erweiterung installiert ist...';
-?>
+$lng['click_here_to_refresh'] = 'Hier klicken, um erneut zu prüfen';
+$lng['click_here_to_continue'] = 'Installation fortführen';
+$lng['click_here_to_login'] = 'Hier geht es weiter zum Login-Fenster.';
--- a/install/templates/assets/css/install.css
+++ b/install/templates/assets/css/install.css
@@ -0,0 +1,531 @@
+@charset "UTF-8";
+
+/* RESET */
+html,body,div,ul,ol,li,dl,dt,dd,h1,h2,h3,h4,h5,h6,pre,form,p,blockquote,fieldset,input { margin:0; padding:0; }
+h1,h2,h3,h4,h5,h6,pre,code,address,caption,cite,code,em,strong,th { font-size:1em; font-weight:400; font-style:normal; }
+ul,ol { list-style:none; }
+fieldset,img { border:none; }
+caption,th { text-align:left; }
+table { border-collapse:collapse; border-spacing:0; }
+article,aside,details,figcaption,figure,footer,header,hgroup,menu,nav,section { display:block; }
+
+/* TYPE */
+html,body {
+	font:12px/18px Helvetica,Arial,Verdana,sans-serif;
+	background-color:#f2f2f2;
+	color:#333;
+	-webkit-font-smoothing: antialiased;
+}
+
+body {
+	margin:0;
+	padding:0;
+}
+
+.dark {
+	background-color: #e9edf0;
+	border-bottom:1px solid #d1d5d8;
+}
+
+header img {
+	padding:10px 0 10px 10px;
+}
+
+h1 {
+	display:none;
+}
+
+h2, h3 {
+	margin: 0 0 1em 0;
+	padding: 0;
+	font-weight: bold;
+}
+
+h2 {
+	font-size:17px;
+}
+
+h3 {
+	font-size: 15px;
+}
+
+
+img {
+	border:0;
+	vertical-align:middle;
+}
+
+td a {
+	text-decoration:none;
+}
+
+.bradius {
+	border-radius: 5px 5px 5px 5px;
+	box-shadow: rgba(0, 0, 0, 0.34902) 0px 1px 3px 0px;
+}
+
+/* FOOTER */
+footer {
+	clear:both;
+	text-align:center;
+	color: #888;
+	font-size:10px !important;
+	margin: 10px 0;
+}
+
+footer a,footer a:active,footer a:visited {
+	color: #888;
+}
+
+.install {
+	background-color:#fff;
+	margin: 20px;
+	margin-left: auto;
+	margin-right: auto;
+	margin-bottom: 12px;
+	width: 800px;
+}
+
+p {
+	margin: 0 10px !important;
+}
+
+.installsec {
+	margin-top:10px;
+	padding:0;
+	text-align:left;
+}
+
+.installsec table {
+	width:100%;
+	padding:0 10px;
+	margin: 15px 0 15px 0;
+}
+
+.installsec h2 {
+	display: block;
+	border-bottom: 1px solid #d1d5d8;
+	margin: 0;
+	padding: 5px 15px 15px 15px;
+}
+
+.installsec form {
+	width:800px;
+	margin:0 auto;
+	padding:10px 0 0;
+	text-align:left;
+}
+
+.installsec fieldset {
+	border:0;
+	float:left;
+	clear:left;
+	width:600px;
+	margin:0 100px 10px;
+	padding:0;
+}
+
+.installsec legend {
+	display:none;
+}
+
+.installsec label {
+	float:left;
+	width:26em;
+	margin-right:1em;
+	margin-top:6px;
+	text-align:left;
+}
+
+p.submit {
+	text-align:right;
+	padding-right:46px;
+}
+
+.installsec aside {
+	border-top:1px solid #d1d5d8;
+	clear:both;
+	float:none;
+	width:auto;
+	text-align: right;
+	padding: 10px;
+}
+
+.line {
+	border: 0;
+	width: 800px;
+	border-bottom:1px solid #d1d5d8;
+}
+
+.messagewrapper {
+	width:650px;
+	margin:0 auto;
+	padding:120px 0 0;
+	overflow:hidden;
+}
+
+.messagewrapperfull {
+	width:100%;
+	margin:0 auto;
+	padding:0;
+	overflow:hidden;
+}
+
+.overviewsearch {
+	position:absolute;
+	top:155px;
+	right:36px;
+	font-size:80%;
+}
+
+.overviewadd {
+	padding:10px;
+	font-weight:700;
+}
+
+/*
+ * error message display
+ */
+.errorcontainer {
+	background:url(../img/icons/error_big.png) 10px center no-repeat #ffedef;
+	border:1px solid #ffc2ca;
+	padding:10px 10px 10px 68px!important;
+	margin: 10px 0 10px 0 !important;
+	text-align:left!important;
+	overflow:hidden;
+	box-shadow: 0px 0px 0px black;
+}
+
+.errortitle {
+	font-weight:700;
+	color:#c00!important;
+}
+
+.error {
+	font-weight:400!important;
+	color:#c00!important;
+}
+
+/*
+ * warning message display
+ */
+.warningcontainer,.ui-dialog {
+	background:url(../img/icons/warning_big.png) 10px center no-repeat #fffecc;
+	border:1px solid #f3c37e;
+	padding:10px 10px 10px 68px !important;
+	margin: 10px 0 10px 0 !important;
+	text-align:left!important;
+	overflow:hidden;
+	box-shadow: 0px 0px 0px black;
+}
+.ui-dialog {
+	padding: 10px !important;
+}
+
+.warningtitle,.ui-dialog-titlebar {
+	font-weight:700;
+	color:#D57D00;
+}
+
+.warning,.ui-dialog-content {
+	color:#D57D00!important;
+}
+
+/*
+ * success message display
+ */
+.successcontainer {
+	background:url(../img/icons/ok_big.png) 10px center no-repeat #E2F9E3;
+	border:1px solid #9C9;
+	padding:10px 10px 10px 68px!important;
+	margin: 10px 0 10px 0 !important;
+	text-align:left!important;
+	overflow:hidden;
+	box-shadow: 0px 0px 0px black;
+}
+
+.successtitle {
+	font-weight:700;
+	color:#060!important;
+}
+
+.success {
+	font-weight:400!important;
+}
+
+/*
+ * neutral/info message display
+ */
+.neutralcontainer {
+	background:url(../img/icons/info_big.png) 10px center no-repeat #d2eaf6;
+	border:1px solid #b7d8ed;
+	padding:10px 10px 10px 68px!important;
+	margin: 10px 0 10px 0 !important;
+	text-align:left!important;
+	overflow:hidden;
+	box-shadow: 0px 0px 0px black;
+}
+
+.neutraltitle {
+	font-weight:700;
+	color:#3188c1!important;
+}
+
+.neutral {
+	font-weight:400!important;
+	color:#3188c1!important;
+}
+
+/* std hyperlink */
+a,a:active,a:visited {
+	color:#176fa1;
+	text-decoration:none;
+}
+
+a:hover {
+	text-decoration:underline;
+}
+
+.infotext {
+	font-size:11px;
+}
+
+/*
+ * main container
+ */
+.main {
+	margin-left:240px;
+	margin-right:10px;
+	margin-top:105px;
+	margin-bottom:0;
+	background-color:#fff;
+	padding: 30px 30px 30px 30px;
+	min-height:400px;
+}
+
+.noborder {
+	width:100%;
+	border-spacing:0;
+	border-collapse:separate;
+	border: 0;
+}
+
+.noborder td {
+	border:0;
+}
+
+table {
+	width:100%;
+	border-spacing:0;
+	border:1px solid #d1d5d8;
+	border-collapse:separate;
+	box-shadow:0px 0px 0px black !important;
+}
+
+table thead th, table th {
+	border-top: 1px solid #d1d5d8;
+	border-bottom: 1px solid #d1d5d8;
+	height: 25px !important;
+	padding: 5px 0px 5px 8px;
+	background-color: #e9edf0;
+	font-weight: bold;
+}
+table thead:first-child th, table:first-child th {
+	border-top: none !important;
+}
+
+table th {
+	border-top: 0;
+}
+th a:hover {
+	text-decoration: none;
+}
+th a img {
+}
+th a:nth-child(odd) img {
+	position: relative;
+	top: -5px;
+	left: 4px;
+}
+th a:nth-child(even) img {
+	position: relative;
+	top: 3px;
+	left: -7px;
+}
+
+table thead:first-child th {
+	border-top: 0;
+}
+
+.disabled td, .disabled td a {
+	color: #cfcfcf;
+}
+
+table tbody td {
+	border-bottom:1px dotted #ccc;
+}
+table tbody tr:last-child td {
+	border-bottom: 0;
+}
+
+.formtable {
+	width: 100%;
+	border-spacing:0;
+	border:0;
+	border-collapse:separate;
+	margin:0 0 0;
+}
+
+.formtable tbody td {
+	border:0;
+	border-bottom:1px dotted #ccc;
+	min-height: 20px;
+}
+
+.formtable label {
+	float:none;
+	display:block;
+	padding:0;
+	margin:0;
+	width:100%;
+	text-align:left;
+}
+
+td {
+	padding-top:5px;
+	padding-left:10px;
+	padding-right: 10px;
+	padding-bottom:5px;
+	min-height: 20px;
+}
+
+table tfoot td {
+	height:25px;
+	border-top: 1px solid #d1d5d8;
+	background-color: #f2f8fa;
+}
+
+.tfootleft {
+	text-align:left;
+}
+
+.maintitle {
+	padding-top:20px;
+}
+
+/* input elements */
+input {
+	background: #fff url(../img/text_align_left.png) no-repeat 5px 4px;
+	padding:2px 4px 2px 24px;
+	height:22px;
+	border: 1px solid #d9d9d9;
+	margin-bottom: 5px;
+}
+
+textarea {
+	background:#fff url(../img/text_align_left.png) no-repeat 5px 4px;
+	padding:4px 4px 2px 24px;
+	border:1px solid #d9d9d9;
+	margin-bottom: 5px;
+}
+
+input[type="password"] {
+	background:#fff url(../img/password.png) no-repeat 5px 4px;
+}
+
+input[type="button"],input[type="submit"],input[type="reset"] {
+	background:-webkit-gradient( linear, left top, left bottom, color-stop(0.05, #79bbff), color-stop(1, #378de5) );
+	background:-moz-linear-gradient( center top, #79bbff 5%, #378de5 100% );
+	filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#79bbff', endColorstr='#378de5');
+	background-color:#79bbff;
+	-moz-border-radius:5px;
+	-webkit-border-radius:5px;
+	border-radius:5px;
+	display:inline-block;
+	color:#ffffff;
+	padding:2px 24px 2px 24px;
+	text-decoration:none;
+	text-shadow:1px 1px 0px #528ecc;
+	height: 26px;
+	margin: 0 3px 0 3px;
+}
+input[type="button"]:hover,input[type="submit"]:hover,input[type="reset"]:hover {
+	background:-webkit-gradient( linear, left top, left bottom, color-stop(0.05, #378de5), color-stop(1, #79bbff) );
+	background:-moz-linear-gradient( center top, #378de5 5%, #79bbff 100% );
+	filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#378de5', endColorstr='#79bbff');
+	background-color:#378de5;
+}
+
+input[type="submit"],input[class="yesbutton"] {
+	background:-webkit-gradient( linear, left top, left bottom, color-stop(0.05, #9dce2c), color-stop(1, #8cb82b) );
+	background:-moz-linear-gradient( center top, #9dce2c 5%, #8cb82b 100% );
+	filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#9dce2c', endColorstr='#8cb82b');
+	background-color:#9dce2c;
+	text-shadow:1px 1px 0px #aade7c;
+}
+input[type="submit"]:hover,input[class="yesbutton"]:hover {
+	background:-webkit-gradient( linear, left top, left bottom, color-stop(0.05, #8cb82b), color-stop(1, #9dce2c) );
+	background:-moz-linear-gradient( center top, #8cb82b 5%, #9dce2c 100% );
+	filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#8cb82b', endColorstr='#9dce2c');
+	background-color:#8cb82b;
+}
+
+input[class="nobutton"],input[type="reset"] {
+	background:-webkit-gradient( linear, left top, left bottom, color-stop(0.05, #fe1a00), color-stop(1, #ce0100) );
+	background:-moz-linear-gradient( center top, #fe1a00 5%, #ce0100 100% );
+	filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fe1a00', endColorstr='#ce0100');
+	background-color:#fe1a00;
+	text-shadow:1px 1px 0px #b23e35;
+}
+input[class="nobutton"]:hover,input[type="reset"]:hover {
+	background:-webkit-gradient( linear, left top, left bottom, color-stop(0.05, #ce0100), color-stop(1, #fe1a00) );
+	background:-moz-linear-gradient( center top, #ce0100 5%, #fe1a00 100% );
+	filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ce0100', endColorstr='#fe1a00');
+	background-color:#ce0100;
+}
+
+input[type="checkbox"] {
+	background:#dae7ee;
+	padding: 0;
+	margin: 0 20px 0 0;
+}
+
+input[type="radio"] { /*the span element that immediately follow the radio button */
+	margin: 0 10px 0 10px;
+	height:22px;
+}
+
+select {
+	background:#fff;
+	padding:4px;
+	border:1px solid #d9d9d9;
+	margin-bottom: 5px;
+}
+
+.maintable {
+	width:90%;
+}
+
+.update_progess {
+	padding:2em;
+	text-align:left;
+}
+
+.preconfig {
+	text-align:left;
+	margin-top:20px;
+	margin-bottom:5px;
+	margin-right:15px;
+	margin-left:15px;
+}
+
+.preconfigitem {
+	padding:.15em;
+	border-bottom:1px solid #ccc;
+}
+
+.preconfdesc {
+	display:block;
+	margin-bottom:.5em;
+	font-size:120%;
+}
--- a/install/templates/assets/img/favicon.ico
+++ b/install/templates/assets/img/favicon.ico
--- a/install/templates/assets/img/logo.png
+++ b/install/templates/assets/img/logo.png
--- a/install/templates/assets/img/password.png
+++ b/install/templates/assets/img/password.png
--- a/install/templates/assets/img/text_align_left.png
+++ b/install/templates/assets/img/text_align_left.png
--- a/install/templates/dataform.tpl
+++ b/install/templates/dataform.tpl
@@ -0,0 +1,10 @@
+		<p style="margin: 20px 20px 0 !important">{$this->_lng['install']['title']}</p>
+		<form action="{$formaction}" method="get">
+			<fieldset>
+				{$formdata}
+				<p class="submit">
+					<input type="hidden" name="check" value="1" />
+					<input type="submit" name="chooselang" value="{$this->_lng['install']['btn_go']}" />
+				</p>
+			</fieldset>
+		</form>
--- a/install/templates/dataform2.tpl
+++ b/install/templates/dataform2.tpl
@@ -0,0 +1,13 @@
+		<p style="margin: 20px 20px 0 !important">{$this->_lng['install']['welcometext']}</p>
+		<form action="{$formaction}" method="post">
+			<hr class="line">
+			<fieldset>
+				{$formdata}
+			</fieldset>
+			<aside>
+			<input type="hidden" name="check" value="1" />
+			<input type="hidden" name="language" value="{$language}" />
+			<input type="hidden" name="installstep" value="1" />
+			<input class="bottom" type="submit" name="submitbutton" value="{$this->_lng['click_here_to_continue']}" />
+			</aside>
+		</form>
--- a/install/templates/dataitem.tpl
+++ b/install/templates/dataitem.tpl
@@ -0,0 +1,4 @@
+<p>
+	<label for="{$fieldname}" style="width:65%;{$style}">{$fieldlabel}:</label>&nbsp;
+	<input type="{$type}" name="{$fieldname}" id="{$fieldname}" value="{$fieldvalue}" {$required} />
+</p>
--- a/install/templates/dataitemchk.tpl
+++ b/install/templates/dataitemchk.tpl
@@ -0,0 +1,4 @@
+<p>
+	<label for="{$fieldname}" style="width:65%;{$style}">{$this->_lng['install']['webserver']} {$fieldlabel}:</label>
+	<input type="radio" name="webserver" id="{$fieldname}" value="{$fieldname}" {$checked} /><span>{$fieldlabel}<span>
+</p>
--- a/install/templates/datasection.tpl
+++ b/install/templates/datasection.tpl
@@ -0,0 +1,2 @@
+<br />
+<h3>{$section}</h3>
--- a/install/templates/footer.tpl
+++ b/install/templates/footer.tpl
@@ -0,0 +1,7 @@
+	</div>
+	<footer>
+		<span> Froxlor &copy; 2009-{$current_year} by <a href="http://www.froxlor.org/" rel="external">the Froxlor Team</a>
+		</span>
+	</footer>
+</body>
+</html>
--- a/install/templates/header.tpl
+++ b/install/templates/header.tpl
@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+	<meta charset="utf-8" />
+	<meta http-equiv="Default-Style" content="text/css" />
+	<!--[if lt IE 9]><script src="../js/html5shiv.js"></script><![endif]-->
+	<link href="templates/assets/css/install.css" rel="stylesheet" type="text/css" />
+	<!--[if IE]><link rel="stylesheet" href="../templates/{$theme}/css/main_ie.css" type="text/css" /><![endif]-->
+	<link href="templates/assets/img/favicon.ico" rel="icon" type="image/x-icon" />
+	<title>Froxlor Server Management Panel - Installation</title>
+	<style type="text/css">
+	body {
+        font-family: Verdana, Geneva, sans-serif;
+	}
+	</style>
+</head>
+<body>
+	<div class="installsec">
--- a/install/templates/lngform.tpl
+++ b/install/templates/lngform.tpl
@@ -0,0 +1,14 @@
+		<form action="{$formaction}" method="get">
+			<fieldset>
+				<legend>{$this->_lng['install']['lngtitle']}</legend>
+				<p>
+					<label for="language">{$this->_lng['install']['language']}:</label>&nbsp;
+					<select name="language" id="language">
+						{$language_options}
+					</select>
+					<input type="hidden" name="check" value="1" />
+					<input type="submit" name="chooselang" value="{$this->_lng['install']['lngbtn_go']}" />
+				</p>
+			</fieldset>
+		</form>
+		<hr class="line">
--- a/install/templates/page.tpl
+++ b/install/templates/page.tpl
@@ -0,0 +1,11 @@
+<article class="install bradius">
+	<header class="dark">
+		<img src="../templates/{$theme}/assets/img/logo.png" alt="Froxlor Server Management Panel" />
+	</header>
+
+	<section class="installsec">
+		<h2>{$pagetitle}</h2>
+			{$pagecontent}
+		{$pagenavigation}
+	</section>
+</article>
--- a/install/templates/pagebottom.tpl
+++ b/install/templates/pagebottom.tpl
@@ -0,0 +1,4 @@
+<h3 style="color:{$msgcolor};text-align: center">{$message}</h3>
+<aside>
+	<a href="{$link}">{$linktext}</a>
+</aside>
--- a/install/templates/textarea.tpl
+++ b/install/templates/textarea.tpl
@@ -0,0 +1,5 @@
+<tr>
+	<td class="main_field_name">
+		<p>{$escpduserdata}</p>
+	</td>
+</tr>
--- a/install/updates/froxlor/0.9/update_0.9.inc.php
+++ b/install/updates/froxlor/0.9/update_0.9.inc.php
--- a/install/updates/froxlor/0.9/update_1.0.inc.php
+++ b/install/updates/froxlor/0.9/update_1.0.inc.php
@@ -1,60 +0,0 @@
-<?php
-
-/*
-if(isFroxlorVersion('0.9'))
-{
-	showUpdateStep("Updating from 0.9 to 1.0", false);
-	showUpdateStep("Converting database tables to UTF-8");
-
-	// Convert all data to UTF-8 to have a sane standard across all data
-	$result = $db->query("SHOW TABLES");
-	while($table = $db->fetch_array($result, 'num'))
-	{
-		$db->query("ALTER TABLE " . $table[0] . " CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;");
-		$db->query("ALTER TABLE " . $table[0] . " DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci");
-
-		$affected_columns = array();
-
-		$primarykey = "";
-		$columns = $db->query("SHOW COLUMNS FROM ".$table[0]);
-		while ($column = $db->fetch_array($columns))
-		{
-			if (!(strpos($column['Type'], "char") === false) || !(strpos($column['Type'], "text") === false))
-			{
-				$affected_columns[] = $column['Field'];
-			}
-
-			if ($column['Key'] == 'PRI') {
-				$primarykey = $column['Field'];
-			}
-		}
-
-		$count_cols = count($affected_columns);
-		if ($count_cols > 0)
-		{
-			$load = "";
-			foreach($affected_columns as $col)
-			{
-				$load .= ", `" . $col . "`";
-			}
-
-			$rows = $db->query("SELECT $primarykey" . $load . " FROM `" . $table[0] . "`");
-			while ($row = $db->fetch_array($rows))
-			{
-				$changes = "";
-				for ($i = 0; $i < $count_cols; $i++)
-				{
-					$base = "`" . $affected_columns[$i] . "` = '" . convertUtf8($row[$affected_columns[$i]]) . "'";
-					$changes .= ($i == ($count_cols-1)) ? $base : $base . ", ";
-				}
-
-				$db->query("UPDATE `" . $table[0] . "` SET " . $changes . " WHERE `$primarykey` = '" . $db->escape($row[$primarykey]) . "';");
-			}
-		}
-	}
-	
-	lastStepStatus(0);
-}
-*/
-
-?>
--- a/install/updates/preconfig.php
+++ b/install/updates/preconfig.php
@@ -49,14 +49,6 @@ function versionInUpdate($current_version, $version_to_check)
 	if (!isFroxlor()) {
 		return true;
 	}
-	$pos_a = strpos($current_version, '-svn');
-	$pos_b = strpos($version_to_check, '-svn');
-	// if we compare svn-versions, we have to add -svn0 to the version
-	// to compare it correctly	
-	if($pos_a === false && $pos_b !== false)
-	{
-		$current_version.= '-svn9999';
-	}
-	
-	return version_compare($current_version, $version_to_check, '<');
+
+	return (version_compare2($current_version, $version_to_check) == -1 ? true : false);
 }
--- a/install/updates/preconfig/0.9/preconfig_0.9.inc.php
+++ b/install/updates/preconfig/0.9/preconfig_0.9.inc.php
@@ -26,7 +26,7 @@
 */
 function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 {
-	global $settings, $lng, $db;
+	global $settings, $lng, $db, $theme;

 	if(versionInUpdate($current_version, '0.9.4-svn2'))
 	{
@@ -73,9 +73,9 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		$description = 'You can define a default support-ticket priority level which is pre-selected for new support-tickets.';
 		$question = '<strong>Which should be the default ticket-priority?:</strong>&nbsp;';
 		$question .= '<select name="update_deftic_priority">';
-		$priorities = makeoption($lng['ticket']['unf_high'], '1', '2');
-		$priorities.= makeoption($lng['ticket']['unf_normal'], '2', '2');
-		$priorities.= makeoption($lng['ticket']['unf_low'], '3', '2');
+		$priorities = makeoption($lng['ticket']['high'], '1', '2');
+		$priorities.= makeoption($lng['ticket']['normal'], '2', '2');
+		$priorities.= makeoption($lng['ticket']['low'], '3', '2');
 		$question .= $priorities.'</select>';
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}
@@ -158,7 +158,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		$question.= makeyesno('update_defdns_mailentry', '1', '0', '0');
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}
-	
+
 	if(versionInUpdate($current_version, '0.9.10-svn1'))
 	{
 		$has_nouser = false;
@@ -171,13 +171,13 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 			$has_nouser = true;
 			$guessed_user = 'www-data';
 			if(function_exists('posix_getuid')
-				&& function_exists('posix_getpwuid')
+					&& function_exists('posix_getpwuid')
 			) {
 				$_httpuser = posix_getpwuid(posix_getuid());
 				$guessed_user = $_httpuser['name'];
 			}
 		}
-		
+
 		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'system' AND `varname` = 'httpgroup'");
 		if(!isset($result) || !isset($result['value']))
 		{
@@ -185,7 +185,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 			$has_nogroup = true;
 			$guessed_group = 'www-data';
 			if(function_exists('posix_getgid')
-				&& function_exists('posix_getgrgid')
+					&& function_exists('posix_getgrgid')
 			) {
 				$_httpgroup = posix_getgrgid(posix_getgid());
 				$guessed_group = $_httpgroup['name'];
@@ -198,8 +198,8 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 			if($has_nouser)
 			{
 				$question = '<strong>Please enter the webservers username:</strong>&nbsp;<input type="text" class="text" name="update_httpuser" value="'.$guessed_user.'" />';
-			} 
-			elseif($has_nogroup) 
+			}
+			elseif($has_nogroup)
 			{
 				$question2 = '<strong>Please enter the webservers groupname:</strong>&nbsp;<input type="text" class="text" name="update_httpgroup" value="'.$guessed_group.'" />';
 				if($has_nouser) {
@@ -238,7 +238,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		$question.= '<input type="text" class="text" name="update_perlpath" value="/usr/bin/perl" />';
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}
-	
+
 	if(versionInUpdate($current_version, '0.9.12-svn1'))
 	{
 		if($settings['system']['mod_fcgid'] == 1)
@@ -345,13 +345,13 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 	}

 	if(versionInUpdate($current_version, '0.9.14-svn10'))
-	{       
+	{
 		$has_preconfig = true;
-		$description = '<strong>This update removes the unsupported real-time option. Additionally the deprecated tables for navigation and cronscripts are removed, any modules using these tables need to be updated to the new structure!</strong>'; 
+		$description = '<strong>This update removes the unsupported real-time option. Additionally the deprecated tables for navigation and cronscripts are removed, any modules using these tables need to be updated to the new structure!</strong>';
 		$question = '';
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}
-	
+
 	if(versionInUpdate($current_version, '0.9.16-svn1'))
 	{
 		$has_preconfig = true;
@@ -417,16 +417,157 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 	}

 	if(versionInUpdate($current_version, '0.9.18-svn2'))
-	{       
+	{
 		$has_preconfig = true;
-		$description = 'As you can (obviously) see, Froxlor now comes with a new theme. You also have the possibility to switch back to "Classic" if you want to.'; 
+		$description = 'As you can (obviously) see, Froxlor now comes with a new theme. You also have the possibility to switch back to "Classic" if you want to.';
 		$question = '<strong>Select default panel theme:</strong>&nbsp;';
 		$question.= '<select name="update_default_theme">';
 		$themes = getThemes();
-		foreach($themes as $theme) {
-			$question.= makeoption($theme, $theme, 'Froxlor');
+		foreach($themes as $cur_theme) // $theme is already in use
+		{
+			$question.= makeoption($cur_theme, $cur_theme, 'Froxlor');
 		}
 		$question.= '</select>';
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}
+
+	if(versionInUpdate($current_version, '0.9.28-svn4'))
+	{
+		$has_preconfig = true;
+		$description = 'This version introduces a lot of profound changes:';
+		$description .= '<br /><ul><li>Improving the whole template system</li><li>Full UTF-8 support</li><li><strong>Removing support for the former default theme \'Classic\'</strong></li></ul>';
+		$description .= '<br /><br />Notice: This update will <strong>alter your Froxlor database to use UTF-8</strong> as default charset. ';
+		$description .= 'Even though this is already tested, we <span style="color:#ff0000;font-weight:bold;">strongly recommend</span> to ';
+		$description .= 'test this update in a testing environment using your existing data.<br /><br />';
+
+		$question = '<strong>Select your preferred Classic Theme replacement:</strong>&nbsp;';
+		$question.= '<select name="classic_theme_replacement">';
+		$themes = getThemes();
+		foreach($themes as $cur_theme)
+		{
+			$question.= makeoption($cur_theme, $cur_theme, 'Froxlor');
+		}
+		$question.= '</select>';
+
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.28-svn6')) {
+
+		if ($settings['system']['webserver'] == 'apache2') {
+			$has_preconfig = true;
+			$description = 'Froxlor now supports the new Apache 2.4. Please be aware that you need to load additional apache-modules in ordner to use it.<br />';
+			$description.= '<pre>LoadModule authz_core_module modules/mod_authz_core.so
+					LoadModule authz_host_module modules/mod_authz_host.so</pre><br />';
+			$question = '<strong>Do you want to enable the Apache-2.4 modification?:</strong>&nbsp;';
+			$question.= makeyesno('update_system_apache24', '1', '0', '0');
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		} elseif ($settings['system']['webserver'] == 'nginx') {
+			$has_preconfig = true;
+			$description = 'The path to nginx\'s fastcgi_params file is now customizable.<br /><br />';
+			$question = '<strong>Please enter full path to you nginx/fastcgi_params file (including filename):</strong>&nbsp;';
+			$question.= '<input type="text" class="text" name="nginx_fastcgi_params" value="/etc/nginx/fastcgi_params" />';
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		}
+	}
+
+	if (versionInUpdate($current_version, '0.9.28-rc2')) {
+
+		$has_preconfig = true;
+
+		$description  = 'This version adds an option to append the domain-name to the document-root for domains and subdomains.<br />';
+		$description .= 'You can enable or disable this feature anytime from settings -> system settings.<br />';
+
+		$question = '<strong>Do you want to automatically append the domain-name to the documentroot of newly created domains?:</strong>&nbsp;';
+		$question.= makeyesno('update_system_documentroot_use_default_value', '1', '0', '0');
+
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.28')) {
+
+		$has_preconfig = true;
+		// just an information about the new sendmail parameter (#1134)
+		$description  = 'Froxlor changed the default parameter-set of sendmail (php.ini)<br />';
+		$description .= 'sendmail_path = "/usr/sbin/sendmail -t <strong>-i</strong> -f {CUSTOMER_EMAIL}"<br /><br />';
+		$description .= 'If you don\'t have any problems with sending mails, you don\'t need to change this';
+		if ($settings['system']['mod_fcgid'] == '1'
+				|| $settings['phpfpm']['enabled'] == '1'
+		) {
+			// information about removal of php's safe_mode
+			$description .= '<br /><br />The php safe_mode flag has been removed as current versions of PHP<br />';
+			$description .= 'do not support it anymore.<br /><br />';
+			$description .= 'Please check your php-configurations and remove safe_mode-directives to avoid php notices/warnings.';
+		}
+		$question = '';
+
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.29-dev1')) {
+		// we only need to ask if fcgid|php-fpm is enabled
+		if ($settings['system']['mod_fcgid'] == '1'
+				|| $settings['phpfpm']['enabled'] == '1'
+		) {
+			$has_preconfig = true;
+			$description  = 'Standard-subdomains can now be hidden from the php-configuration overview.<br />';
+			$question = '<strong>Do you want to hide the standard-subdomains (this can be changed in the settings any time)?:</strong>&nbsp;';
+			$question.= makeyesno('hide_stdsubdomains', '1', '0', '0');
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		}
+	}
+
+	if (versionInUpdate($current_version, '0.9.29-dev2')) {
+		$has_preconfig = true;
+		$description  = 'You can now decide whether admins/customers are able to change the theme<br />';
+		$question = '<strong>If you want to disallow theme-changing, select "no" from the dropdowns:</strong>&nbsp;';
+		$question.= "Admins: ". makeyesno('allow_themechange_a', '1', '0', '1').'&nbsp;&nbsp;';
+		$question.= "Customers: ".makeyesno('allow_themechange_c', '1', '0', '1');
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.29-dev3')) {
+		$has_preconfig = true;
+		$description  = 'There is now a possibility to specify AXFR servers for your bind zone-configuration<br />';
+		$question = '<strong>Enter a comma-separated list of AXFR servers or leave empty (default):</strong>&nbsp;';
+		$question.= '<input type="text" class="text" name="system_afxrservers" value="" />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.29-dev4')) {
+		$has_preconfig = true;
+		$description  = 'As customers can now specify ssl-certificate data for their domains, you need to specify where the generated files are stored<br />';
+		$question = '<strong>Specify the directory for customer ssl-certificates:</strong>&nbsp;';
+		$question.= '<input type="text" class="text" name="system_customersslpath" value="/etc/apache2/ssl/" />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.29.1-dev3')) {
+		$has_preconfig = true;
+		$description  = 'The build in logrotation-feature has been removed. Please follow the configuration-instructions for your system to enable logrotating again.';
+		$question = '';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	// let the apache+fpm users know that they MUST change their config
+	// for the domains / webserver to work after the update
+	if (versionInUpdate($current_version, '0.9.30-dev1')) {
+		if ($settings['system']['webserver'] == 'apache2'
+			&& $settings['phpfpm']['enabled'] == '1'
+		) {
+			$has_preconfig = true;
+			$description  = 'The PHP-FPM implementation for apache2 has changed. Please look for the "<b>fastcgi.conf</b>" (Debian/Ubuntu) or "<b>70_fastcgi.conf</b>" (Gentoo) within /etc/apache2/ and change it as shown below:<br /><br />';
+			$description .= '<pre style="width:500px;border:1px solid #ccc;padding:4px;">&lt;IfModule mod_fastcgi.c&gt;
+    FastCgiIpcDir /var/run/apache2/
+    &lt;Location "/fastcgiphp"&gt;
+        Order Deny,Allow
+        Deny from All
+        # Prevent accessing this path directly
+        Allow from env=REDIRECT_STATUS
+    &lt;/Location&gt;
+&lt;/IfModule&gt;</pre>';
+			$question = '';
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		}
+	}
 }
--- a/install/updates/syscp/1.0/update_1.0.10_1.2-beta1.inc.php
+++ b/install/updates/syscp/1.0/update_1.0.10_1.2-beta1.inc.php
@@ -31,7 +31,7 @@ if($settings['panel']['version'] == '1.0.10')
 {
 	// Drop/Rename postfix_ tables

-	$db->query("DROP TABLE `" . TABLE_POSTFIX_TRANSPORT . "`");
+	$db->query("DROP TABLE IF EXISTS `" . TABLE_POSTFIX_TRANSPORT . "`");
 	$db->query("ALTER TABLE `" . TABLE_POSTFIX_USERS . "` RENAME `" . TABLE_MAIL_USERS . "` ");
 	$db->query("ALTER TABLE `" . TABLE_POSTFIX_VIRTUAL . "` RENAME `" . TABLE_MAIL_VIRTUAL . "` ");

@@ -79,4 +79,4 @@ if($settings['panel']['version'] == '1.0.10')
 	$settings['panel']['version'] = '1.2.0';
 }

-?>
+?>
--- a/js/excanvas.min.js
+++ b/js/excanvas.min.js
--- a/js/html5shiv.js
+++ b/js/html5shiv.js
@@ -0,0 +1,8 @@
+/*
+ HTML5 Shiv v3.7.0 | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed
+*/
+(function(l,f){function m(){var a=e.elements;return"string"==typeof a?a.split(" "):a}function i(a){var b=n[a[o]];b||(b={},h++,a[o]=h,n[h]=b);return b}function p(a,b,c){b||(b=f);if(g)return b.createElement(a);c||(c=i(b));b=c.cache[a]?c.cache[a].cloneNode():r.test(a)?(c.cache[a]=c.createElem(a)).cloneNode():c.createElem(a);return b.canHaveChildren&&!s.test(a)?c.frag.appendChild(b):b}function t(a,b){if(!b.cache)b.cache={},b.createElem=a.createElement,b.createFrag=a.createDocumentFragment,b.frag=b.createFrag();
+a.createElement=function(c){return!e.shivMethods?b.createElem(c):p(c,a,b)};a.createDocumentFragment=Function("h,f","return function(){var n=f.cloneNode(),c=n.createElement;h.shivMethods&&("+m().join().replace(/[\w\-]+/g,function(a){b.createElem(a);b.frag.createElement(a);return'c("'+a+'")'})+");return n}")(e,b.frag)}function q(a){a||(a=f);var b=i(a);if(e.shivCSS&&!j&&!b.hasCSS){var c,d=a;c=d.createElement("p");d=d.getElementsByTagName("head")[0]||d.documentElement;c.innerHTML="x<style>article,aside,dialog,figcaption,figure,footer,header,hgroup,main,nav,section{display:block}mark{background:#FF0;color:#000}template{display:none}</style>";
+c=d.insertBefore(c.lastChild,d.firstChild);b.hasCSS=!!c}g||t(a,b);return a}var k=l.html5||{},s=/^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i,r=/^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i,j,o="_html5shiv",h=0,n={},g;(function(){try{var a=f.createElement("a");a.innerHTML="<xyz></xyz>";j="hidden"in a;var b;if(!(b=1==a.childNodes.length)){f.createElement("a");var c=f.createDocumentFragment();b="undefined"==typeof c.cloneNode||
+"undefined"==typeof c.createDocumentFragment||"undefined"==typeof c.createElement}g=b}catch(d){g=j=!0}})();var e={elements:k.elements||"abbr article aside audio bdi canvas data datalist details dialog figcaption figure footer header hgroup main mark meter nav output progress section summary template time video",version:"3.7.0",shivCSS:!1!==k.shivCSS,supportsUnknownElements:g,shivMethods:!1!==k.shivMethods,type:"default",shivDocument:q,createElement:p,createDocumentFragment:function(a,b){a||(a=f);
+if(g)return a.createDocumentFragment();for(var b=b||i(a),c=b.frag.cloneNode(),d=0,e=m(),h=e.length;d<h;d++)c.createElement(e[d]);return c}};l.html5=e;q(f)})(this,document);
--- a/js/jquery-ui-1.9.2.min.js
+++ b/js/jquery-ui-1.9.2.min.js
--- a/js/jquery-ui.min.js
+++ b/js/jquery-ui.min.js
@@ -0,0 +1 @@
+jquery-ui-1.9.2.min.js
--- a/js/jquery.jqplot.min.js
+++ b/js/jquery.jqplot.min.js
--- a/Show More
+++ b/Show More
				`@@ -0,0 +1 @@`
				.jqplot-target{position:relative;color:#666;font-family:"Trebuchet MS",Arial,Helvetica,sans-serif;font-size:1em}.jqplot-axis{font-size:.75em}.jqplot-xaxis{margin-top:10px}.jqplot-x2axis{margin-bottom:10px}.jqplot-yaxis{margin-right:10px}.jqplot-y2axis,.jqplot-y3axis,.jqplot-y4axis,.jqplot-y5axis,.jqplot-y6axis,.jqplot-y7axis,.jqplot-y8axis,.jqplot-y9axis,.jqplot-yMidAxis{margin-left:10px;margin-right:10px}.jqplot-axis-tick,.jqplot-xaxis-tick,.jqplot-yaxis-tick,.jqplot-x2axis-tick,.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick,.jqplot-yMidAxis-tick{position:absolute;white-space:pre}.jqplot-xaxis-tick{top:0;left:15px;vertical-align:top}.jqplot-x2axis-tick{bottom:0;left:15px;vertical-align:bottom}.jqplot-yaxis-tick{right:0;top:15px;text-align:right}.jqplot-yaxis-tick.jqplot-breakTick{right:-20px;margin-right:0;padding:1px 5px 1px 5px;z-index:2;font-size:1.5em}.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick{left:0;top:15px;text-align:left}.jqplot-yMidAxis-tick{text-align:center;white-space:nowrap}.jqplot-xaxis-label{margin-top:10px;font-size:11pt;position:absolute}.jqplot-x2axis-label{margin-bottom:10px;font-size:11pt;position:absolute}.jqplot-yaxis-label{margin-right:10px;font-size:11pt;position:absolute}.jqplot-yMidAxis-label{font-size:11pt;position:absolute}.jqplot-y2axis-label,.jqplot-y3axis-label,.jqplot-y4axis-label,.jqplot-y5axis-label,.jqplot-y6axis-label,.jqplot-y7axis-label,.jqplot-y8axis-label,.jqplot-y9axis-label{font-size:11pt;margin-left:10px;position:absolute}.jqplot-meterGauge-tick{font-size:.75em;color:#999}.jqplot-meterGauge-label{font-size:1em;color:#999}table.jqplot-table-legend{margin-top:12px;margin-bottom:12px;margin-left:12px;margin-right:12px}table.jqplot-table-legend,table.jqplot-cursor-legend{background-color:rgba(255,255,255,0.6);border:1px solid #ccc;position:absolute;font-size:.75em}td.jqplot-table-legend{vertical-align:middle}td.jqplot-seriesToggle:hover,td.jqplot-seriesToggle:active{cursor:pointer}.jqplot-table-legend .jqplot-series-hidden{text-decoration:line-through}div.jqplot-table-legend-swatch-outline{border:1px solid #ccc;padding:1px}div.jqplot-table-legend-swatch{width:0;height:0;border-top-width:5px;border-bottom-width:5px;border-left-width:6px;border-right-width:6px;border-top-style:solid;border-bottom-style:solid;border-left-style:solid;border-right-style:solid}.jqplot-title{top:0;left:0;padding-bottom:.5em;font-size:1.2em}table.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em}.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px}.jqplot-highlighter-tooltip,.jqplot-canvasOverlay-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px}.jqplot-point-label{font-size:.75em;z-index:2}td.jqplot-cursor-legend-swatch{vertical-align:middle;text-align:center}div.jqplot-cursor-legend-swatch{width:1.2em;height:.7em}.jqplot-error{text-align:center}.jqplot-error-message{position:relative;top:46%;display:inline-block}div.jqplot-bubble-label{font-size:.8em;padding-left:2px;padding-right:2px;color:rgb(20%,20%,20%)}div.jqplot-bubble-label.jqplot-bubble-label-highlight{background:rgba(90%,90%,90%,0.7)}div.jqplot-noData-container{text-align:center;background-color:rgba(96%,96%,96%,0.3)}