fix idna conversion for UTF-8, thx to anbrosius (via github)

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>

.gitignore

@@ -1,5 +1,7 @@
 packages/*
 temp/*
+templates/*
+install/update.log
 .buildpath
 .project
 .settings/

actions/admin/settings/100.panel.php

@@ -77,6 +77,23 @@ return array(
 					'option_options' => array('Manual' => $lng['serversettings']['manual'], 'Dropdown' => $lng['serversettings']['dropdown']),
 					'save_method' => 'storeSettingField',
 					),
+				'use_webfonts' => array(
+					'label' => $lng['serversettings']['enablewebfonts'],
+					'settinggroup' => 'panel',
+					'varname' => 'use_webfonts',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'webfont' => array(
+					'label' => $lng['serversettings']['definewebfont']['title'],
+					'settinggroup' => 'panel',
+					'varname' => 'webfont',
+					'type' => 'string',
+					'default' => 'Numans',
+					'string_emptyallowed' => false,
+					'save_method' => 'storeSettingField',
+					),
 				'panel_adminmail' => array(
 					'label' => $lng['serversettings']['adminmail'],
 					'settinggroup' => 'panel',

actions/admin/settings/130.webserver.php

@@ -33,6 +33,15 @@ return array(
 					'save_method' => 'storeSettingField',
 					'overview_option' => true
 					),
+				'system_apache_24' => array(
+					'label' => $lng['serversettings']['apache_24'],
+					'settinggroup' => 'system',
+					'varname' => 'apache24',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('apache2')
+					),
 				'system_httpuser' => array(
 					'label' => $lng['admin']['webserver_user'],
 					'settinggroup' => 'system',
@@ -124,7 +133,7 @@ return array(
 					'label' => $lng['serversettings']['phpreload_command'],
 					'settinggroup' => 'system',
 					'varname' => 'phpreload_command',
-					'type' => (getSetting('phpfpm', 'enabled') == '1') ? 'hidden' : 'string',
+					'type' => 'string',
 					'default' => '',
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('nginx')
@@ -133,11 +142,20 @@ return array(
 					'label' => $lng['serversettings']['nginx_php_backend'],
 					'settinggroup' => 'system',
 					'varname' => 'nginx_php_backend',
-					'type' => (getSetting('phpfpm', 'enabled') == '1') ? 'hidden' : 'string',
+					'type' => 'string',
 					'default' => '127.0.0.1:8888',
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('nginx')
 					),
+				'nginx_fastcgiparams' => array(
+					'label' => $lng['serversettings']['nginx_fastcgiparams'],
+					'settinggroup' => 'nginx',
+					'varname' => 'fastcgiparams',
+					'type' => 'string',
+					'default' => '/etc/nginx/fastcgi_params',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array('nginx')
+					),
 				'system_mod_log_sql' => array(
 					'label' => $lng['serversettings']['mod_log_sql'],
 					'settinggroup' => 'system',

actions/admin/settings/135.fcgid.php

@@ -30,7 +30,7 @@ return array(
 					'save_method' => 'storeSettingField',
 					'plausibility_check_method' => 'checkFcgidPhpFpm',
 					'overview_option' => true
-					),					
+					),
 				'system_mod_fcgid_configdir' => array(
 					'label' => $lng['serversettings']['mod_fcgid']['configdir'],
 					'settinggroup' => 'system',
@@ -66,7 +66,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'mod_fcgid_wrapper',
 					'type' => 'option',
-					'option_options' => array(0 => 'ScriptAlias', 1=> 'FCGIWrapper'),
+					'option_options' => array(0 => 'ScriptAlias', 1=> 'FcgidWrapper'),
 					'default' => 1,
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('apache2')

actions/admin/settings/136.phpfpm.php

@@ -56,7 +56,7 @@ return array(
 					),
 				/*
 				 * @TODO implement if phpfpm knows custom php.ini files
-				 * 
+				 *
 				'system_phpfpm_defaultini_ownvhost' => array(
 					'label' => $lng['serversettings']['mod_fcgid']['defaultini_ownvhost'],
 					'settinggroup' => 'phpfpm',
@@ -77,6 +77,15 @@ return array(
 					'default' => '/etc/php-fpm.d/',
 					'save_method' => 'storeSettingField',
 					),
+        'system_phpfpm_aliasconfigdir' => array(
+          'label' => $lng['serversettings']['phpfpm_settings']['aliasconfigdir'],
+          'settinggroup' => 'phpfpm',
+          'varname' => 'aliasconfigdir',
+          'type' => 'string',
+          'string_type' => 'dir',
+          'default' => '/var/www/php-fpm/',
+          'save_method' => 'storeSettingField',
+        ),
 				'system_phpfpm_tmpdir' => array(
 					'label' => $lng['serversettings']['mod_fcgid']['tmpdir'],
 					'settinggroup' => 'phpfpm',
@@ -110,7 +119,7 @@ return array(
 					'type' => 'option',
 					'default' => 'static',
 					'option_mode' => 'one',
-					'option_options' => array('static' => 'static', 'dynamic' => 'dynamic'),
+					'option_options' => array('static' => 'static', 'dynamic' => 'dynamic', 'ondemand' => 'ondemand'),
 					'save_method' => 'storeSettingField',
 					),
 				'system_phpfpm_max_children' => array(

actions/admin/settings/150.mail.php

@@ -51,6 +51,15 @@ return array(
 					'default' => '/var/customers/mail/',
 					'save_method' => 'storeSettingField',
 					),
+				'system_vmail_maildirname' => array(
+					'label' => $lng['serversettings']['vmail_maildirname'],
+					'settinggroup' => 'system',
+					'varname' => 'vmail_maildirname',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => 'Maildir',
+					'save_method' => 'storeSettingField',
+					),
 				'panel_sendalternativemail' => array(
 					'label' => $lng['serversettings']['sendalternativemail'],
 					'settinggroup' => 'panel',
@@ -90,9 +99,17 @@ return array(
 					'type' => 'hidden',
 					'default' => 0,
 					),
+				'system_catchall_enabled' => array(
+					'label' => $lng['serversettings']['catchall_enabled'],
+					'settinggroup' => 'catchall',
+					'varname' => 'catchall_enabled',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingResetCatchall',
+					),
 				),
 			),
 		),
 	);
 
-?>
+?>

actions/admin/settings/215.backup.php

@@ -28,6 +28,7 @@ return array(
 					'varname' => 'backup_enabled',
 					'type' => 'bool',
 					'default' => false,
+					'cronmodule' => 'froxlor/backup',
 					'save_method' => 'storeSettingField',
 					'overview_option' => true
 				),

admin_admins.php

@@ -92,13 +92,23 @@ if($page == 'admins'
 				/**
 				 * percent-values for progressbar
 				 */
-				if($row['diskspace'] > 0) {
-					$percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
-					$doublepercent = round($percent*2, 2);
-				} else {
-					$percent = 0;
-					$doublepercent = 0;
-				}
+                                //For Disk usage
+                                if ($row['diskspace'] > 0) {
+                                        $disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
+                                        $disk_doublepercent = round($disk_percent*2, 2);
+                                } else {
+                                        $disk_percent = 0;
+                                        $disk_doublepercent = 0;
+                                }
+
+				//For Traffic usage
+                                if ($row['traffic'] > 0) {
+                                        $traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 2);
+                                        $traffic_doublepercent = round($traffic_percent*2, 2);
+                                } else {
+                                        $traffic_percent = 0;
+                                        $traffic_doublepercent = 0;
+                                }
 				/* */
 
 				$row = str_replace_array('-1', 'UL', $row, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps subdomains tickets');
@@ -281,7 +291,7 @@ if($page == 'admins'
 					$number_of_aps_packages = - 1;
 				}
 
-				$can_manage_aps_packages = intval($_POST['can_manage_aps_packages']);
+				$can_manage_aps_packages = isset($_POST['can_manage_aps_packages']) ? 1 : 0;
 			}
 			else
 			{
@@ -319,6 +329,10 @@ if($page == 'admins'
 				$traffic = - 1;
 			}
 
+			$tickets_see_all = 0;
+			if(isset($_POST['tickets_see_all']))
+				$tickets_see_all = intval($_POST['tickets_see_all']);
+
 			$diskspace = $diskspace * 1024;
 			$traffic = $traffic * 1024 * 1024;
 			$ipaddress = intval_ressource($_POST['ipaddress']);
@@ -386,6 +400,10 @@ if($page == 'admins'
 					$change_serversettings = '0';
 				}
 
+				if ($tickets_see_all != '1') {
+					$tickets_see_all  = '0';
+				}
+
 				$_theme = $settings['panel']['default_theme'];
 
 				$result = $db->query("INSERT INTO 
@@ -411,6 +429,7 @@ if($page == 'admins'
 					`email_quota` = '" . $db->escape($email_quota) . "', 
 					`ftps` = '" . $db->escape($ftps) . "', 
 					`tickets` = '" . $db->escape($tickets) . "', 
+					`tickets_see_all` = '" . $db->escape($tickets_see_all) . "',
 					`mysqls` = '" . $db->escape($mysqls) . "', 
 					`ip` = '" . (int)$ipaddress . "', 
 					`can_manage_aps_packages` = '" . (int)$can_manage_aps_packages . "', 
@@ -463,11 +482,13 @@ if($page == 'admins'
 			$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
-			#$change_serversettings = makeyesno('change_serversettings', '1', '0', '0');
-			#$customers_see_all = makeyesno('customers_see_all', '1', '0', '0');
-			#$domains_see_all = makeyesno('domains_see_all', '1', '0', '0');
-			#$caneditphpsettings = makeyesno('caneditphpsettings', '1', '0', '0');
-			#$can_manage_aps_packages = makeyesno('can_manage_aps_packages', '1', '0', '0');
+			/*
+			$change_serversettings = makeyesno('change_serversettings', '1', '0', '0');
+			$customers_see_all = makeyesno('customers_see_all', '1', '0', '0');
+			$domains_see_all = makeyesno('domains_see_all', '1', '0', '0');
+			$caneditphpsettings = makeyesno('caneditphpsettings', '1', '0', '0');
+			$can_manage_aps_packages = makeyesno('can_manage_aps_packages', '1', '0', '0');
+			*/
 			$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 
 			$admin_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/admin/formfield.admin_add.php';
@@ -508,6 +529,7 @@ if($page == 'admins'
 					$ftps = $result['ftps'];
 					$tickets = $result['tickets'];
 					$mysqls = $result['mysqls'];
+					$tickets_see_all = $result['tickets_see_all'];
 					$customers_see_all = $result['customers_see_all'];
 					$domains_see_all = $result['domains_see_all'];
 					$caneditphpsettings = $result['caneditphpsettings'];
@@ -522,7 +544,7 @@ if($page == 'admins'
 				{
 					$password = validate($_POST['admin_password'], 'new password');
 					$def_language = validate($_POST['def_language'], 'default language');
-					$deactivated = intval($_POST['deactivated']);
+					$deactivated = isset($_POST['deactivated']) ? 1 : 0;
 					$customers = intval_ressource($_POST['customers']);
 
 					if(isset($_POST['customers_ul']))
@@ -628,7 +650,7 @@ if($page == 'admins'
 						$number_of_aps_packages = - 1;
 					}
 
-					$can_manage_aps_packages = intval($_POST['can_manage_aps_packages']);
+					$can_manage_aps_packages = isset($_POST['can_manage_aps_packages']) ? 1 : 0;
 
 					$customers_see_all = 0;
 					if(isset($_POST['customers_see_all']))
@@ -644,10 +666,14 @@ if($page == 'admins'
 					
 					$change_serversettings = 0;
 					if(isset($_POST['change_serversettings']))
-						$change_serversettings = intval($_POST['change_serversettings']);
+						$change_serversettings = isset($_POST['change_serversettings']) ? 1 : 0;
 					
 					$diskspace = intval($_POST['diskspace']);
 
+					$tickets_see_all = 0;
+					if (isset($_POST['tickets_see_all']))
+						$tickets_see_all = intval($_POST['tickets_see_all']);
+
 					if(isset($_POST['diskspace_ul']))
 					{
 						$diskspace = - 1;
@@ -714,7 +740,11 @@ if($page == 'admins'
 						$change_serversettings = '0';
 					}
 
-					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `name`='" . $db->escape($name) . "', `email`='" . $db->escape($email) . "', `def_language`='" . $db->escape($def_language) . "', `change_serversettings` = '" . $db->escape($change_serversettings) . "', `customers` = '" . $db->escape($customers) . "', `customers_see_all` = '" . $db->escape($customers_see_all) . "', `domains` = '" . $db->escape($domains) . "', `domains_see_all` = '" . $db->escape($domains_see_all) . "', `caneditphpsettings` = '" . (int)$caneditphpsettings . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `email_quota`='" . $db->escape($email_quota) . "', `email_autoresponder`='" . $db->escape($email_autoresponder) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `mysqls`='" . $db->escape($mysqls) . "', `ip`='" . (int)$ipaddress . "', `deactivated`='" . $db->escape($deactivated) . "', `can_manage_aps_packages`=" . (int)$can_manage_aps_packages . ", `aps_packages`=" . (int)$number_of_aps_packages . " WHERE `adminid`='" . $db->escape($id) . "'");
+					if ($tickets_see_all != '1') {
+						$tickets_see_all = '0';
+					}
+
+					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `name`='" . $db->escape($name) . "', `email`='" . $db->escape($email) . "', `def_language`='" . $db->escape($def_language) . "', `change_serversettings` = '" . $db->escape($change_serversettings) . "', `customers` = '" . $db->escape($customers) . "', `customers_see_all` = '" . $db->escape($customers_see_all) . "', `domains` = '" . $db->escape($domains) . "', `domains_see_all` = '" . $db->escape($domains_see_all) . "', `caneditphpsettings` = '" . (int)$caneditphpsettings . "', `password` = '" . $password . "', `diskspace`='" . $db->escape($diskspace) . "', `traffic`='" . $db->escape($traffic) . "', `subdomains`='" . $db->escape($subdomains) . "', `emails`='" . $db->escape($emails) . "', `email_accounts` = '" . $db->escape($email_accounts) . "', `email_forwarders`='" . $db->escape($email_forwarders) . "', `email_quota`='" . $db->escape($email_quota) . "', `email_autoresponder`='" . $db->escape($email_autoresponder) . "', `ftps`='" . $db->escape($ftps) . "', `tickets`='" . $db->escape($tickets) . "', `tickets_see_all`='".$db->escape($tickets_see_all) . "', `mysqls`='" . $db->escape($mysqls) . "', `ip`='" . (int)$ipaddress . "', `deactivated`='" . $db->escape($deactivated) . "', `can_manage_aps_packages`=" . (int)$can_manage_aps_packages . ", `aps_packages`=" . (int)$number_of_aps_packages . " WHERE `adminid`='" . $db->escape($id) . "'");
 					$log->logAction(ADM_ACTION, LOG_INFO, "edited admin '#" . $id . "'");
 					$redirect_props = Array(
 						'page' => $page,
@@ -852,13 +882,14 @@ if($page == 'admins'
 					}
 				}
 
-				#$change_serversettings = makeyesno('change_serversettings', '1', '0', $result['change_serversettings']);
-				#$customers_see_all = makeyesno('customers_see_all', '1', '0', $result['customers_see_all']);
-				#$domains_see_all = makeyesno('domains_see_all', '1', '0', $result['domains_see_all']);
-				#$caneditphpsettings = makeyesno('caneditphpsettings', '1', '0', $result['caneditphpsettings']);
-				#$deactivated = makeyesno('deactivated', '1', '0', $result['deactivated']);
-				#$can_manage_aps_packages = makeyesno('can_manage_aps_packages', '1', '0', $result['can_manage_aps_packages']);
-
+				/*
+				$change_serversettings = makeyesno('change_serversettings', '1', '0', $result['change_serversettings']);
+				$customers_see_all = makeyesno('customers_see_all', '1', '0', $result['customers_see_all']);
+				$domains_see_all = makeyesno('domains_see_all', '1', '0', $result['domains_see_all']);
+				$caneditphpsettings = makeyesno('caneditphpsettings', '1', '0', $result['caneditphpsettings']);
+				$deactivated = makeyesno('deactivated', '1', '0', $result['deactivated']);
+				$can_manage_aps_packages = makeyesno('can_manage_aps_packages', '1', '0', $result['can_manage_aps_packages']);
+				*/
 				$result = htmlentities_array($result);
 
 				$admin_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/admin/formfield.admin_edit.php';

admin_cronjobs.php

@@ -101,7 +101,7 @@ if($page == 'cronjobs'
 			if(isset($_POST['send'])
 			   && $_POST['send'] == 'send')
 			{
-				$isactive = intval($_POST['isactive']);
+				$isactive = isset($_POST['isactive']) ? 1 : 0;
 				$interval_value = validate($_POST['interval_value'], 'interval_value', '/^([0-9]+)$/Di', 'stringisempty');
 				$interval_interval = validate($_POST['interval_interval'], 'interval_interval');
 				
@@ -121,7 +121,7 @@ if($page == 'cronjobs'
 			}
 			else
 			{
-				#$isactive = makeyesno('isactive', '1', '0', $result['isactive']);
+				//$isactive = makeyesno('isactive', '1', '0', $result['isactive']);
 				// interval
 				$interval_nfo = explode(' ', $result['interval']);
 				$interval_value = $interval_nfo[0];
@@ -159,5 +159,3 @@ if($page == 'cronjobs'
 		 */
 	}
 }
-
-?>

admin_customers.php

@@ -48,49 +48,19 @@ if($page == 'customers'
 			'c.loginname' => $lng['login']['username'],
 			'a.loginname' => $lng['admin']['admin'],
 			'c.name' => $lng['customer']['name'],
+			'c.email' => $lng['customer']['email'],
 			'c.firstname' => $lng['customer']['firstname'],
 			'c.company' => $lng['customer']['company'],
 			'c.diskspace' => $lng['customer']['diskspace'],
 			'c.diskspace_used' => $lng['customer']['diskspace'] . ' (' . $lng['panel']['used'] . ')',
 			'c.traffic' => $lng['customer']['traffic'],
-			'c.traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')',
-			'c.backup_allowed' => $lng['backup_allowed']
-/*
-			'c.mysqls' => $lng['customer']['mysqls'],
-			'c.mysqls_used' => $lng['customer']['mysqls'] . ' (' . $lng['panel']['used'] . ')',
-			'c.ftps' => $lng['customer']['ftps'],
-			'c.ftps_used' => $lng['customer']['ftps'] . ' (' . $lng['panel']['used'] . ')',
-			'c.subdomains' => $lng['customer']['subdomains'],
-			'c.subdomains_used' => $lng['customer']['subdomains'] . ' (' . $lng['panel']['used'] . ')',
-			'c.emails' => $lng['customer']['emails'],
-			'c.emails_used' => $lng['customer']['emails'] . ' (' . $lng['panel']['used'] . ')',
-			'c.email_accounts' => $lng['customer']['accounts'],
-			'c.email_accounts_used' => $lng['customer']['accounts'] . ' (' . $lng['panel']['used'] . ')',
-			'c.email_forwarders' => $lng['customer']['forwarders'],
-			'c.email_forwarders_used' => $lng['customer']['forwarders'] . ' (' . $lng['panel']['used'] . ')',
-			'c.email_quota' => $lng['customer']['email_quota'],
-			'c.email_quota_used' => $lng['customer']['email_quota'] . ' (' . $lng['panel']['used'] . ')',
-			'c.deactivated' => $lng['admin']['deactivated'],
-			'c.lastlogin_succ' => $lng['admin']['lastlogin_succ'],
-			'c.phpenabled' => $lng['admin']['phpenabled'],
-			'c.perlenabled' => $lng['admin']['perlenabled']
-*/
+			'c.traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')'
 		);
 
-/*
-		if($settings['ticket']['enabled'] == 1)
-		{
-			$fields['c.tickets'] = $lng['customer']['tickets'];
-			$fields['c.tickets_used'] = $lng['customer']['tickets'] . ' (' . $lng['panel']['used'] . ')';
+		if ($settings['system']['backup_enabled'] == '1') {
+			$field['c.backup_allowed'] = $lng['backup_allowed'];
 		}
 
-		if($settings['autoresponder']['autoresponder_active'] == 1)
-		{
-			$fields['c.email_autoresponder'] = $lng['customer']['autoresponder'];
-			$fields['c.email_autoresponder_used'] = $lng['customer']['autoresponder'] . ' (' . $lng['panel']['used'] . ')';
-		}
-*/
-
 		$paging = new paging($userinfo, $db, TABLE_PANEL_CUSTOMERS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 		$customers = '';
 		$result = $db->query("SELECT `c`.*, `a`.`loginname` AS `adminname` " . "FROM `" . TABLE_PANEL_CUSTOMERS . "` `c`, `" . TABLE_PANEL_ADMINS . "` `a` " . "WHERE " . ($userinfo['customers_see_all'] ? '' : " `c`.`adminid` = '" . (int)$userinfo['adminid'] . "' AND ") . "`c`.`adminid`=`a`.`adminid` " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy($settings['panel']['natsorting']) . " " . $paging->getSqlLimit());
@@ -223,12 +193,17 @@ if($page == 'customers'
 						$last_dbserver = $row_database['dbserver'];
 					}
 
-					foreach(array_unique(explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host)
+					if(mysql_get_server_info() < '5.0.2') {
+						// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
+						$db_root->query('REVOKE ALL PRIVILEGES, GRANT OPTION FROM \'' . $db_root->escape($row_database['databasename']) .'\'',false,true);
+					}
+
+					$host_res = $db_root->query("SELECT `Host` FROM `mysql`.`user` WHERE `User`='" . $db_root->escape($row_database['databasename']) . "'");
+					while($host = $db_root->fetch_array($host_res))
 					{
-						$mysql_access_host = trim($mysql_access_host);
-						$db_root->query('REVOKE ALL PRIVILEGES ON * . * FROM `' . $db_root->escape($row_database['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`',false,true);
-						$db_root->query('REVOKE ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($row_database['databasename'])) . '` . * FROM `' . $db_root->escape($row_database['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`',false,true);
-						$db_root->query('DELETE FROM `mysql`.`user` WHERE `User` = "' . $db_root->escape($row_database['databasename']) . '" AND `Host` = "' . $db_root->escape($mysql_access_host) . '"');
+						// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
+						$db_root->query('DROP USER \'' . $db_root->escape($row_database['databasename']). '\'@\'' . $db_root->escape($host['Host']) . '\'', false, true);
+						
 					}
 
 					$db_root->query('DROP DATABASE IF EXISTS `' . $db_root->escape($row_database['databasename']) . '`');
@@ -820,7 +795,8 @@ if($page == 'customers'
 					}
 
 					inserttask('1');
-					$result = $db->query("INSERT INTO `" . TABLE_FTP_USERS . "` " . "(`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', ENCRYPT('" . $db->escape($password) . "'), '" . $db->escape($documentroot) . "', 'y', '" . (int)$guid . "', '" . (int)$guid . "')");
+					$cryptPassword = makeCryptPassword($db->escape($password),1);
+					$result = $db->query("INSERT INTO `" . TABLE_FTP_USERS . "` " . "(`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($cryptPassword) . "', '" . $db->escape($documentroot) . "', 'y', '" . (int)$guid . "', '" . (int)$guid . "')");
 					$result = $db->query("INSERT INTO `" . TABLE_FTP_GROUPS . "` " . "(`customerid`, `groupname`, `gid`, `members`) " . "VALUES ('" . (int)$customerid . "', '" . $db->escape($loginname) . "', '" . $db->escape($guid) . "', '" . $db->escape($loginname) . "')");
 					$result = $db->query("INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` (`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`) VALUES ('" . $db->escape($loginname) . "', 'user', '0', '0', '0', '0', '0', '0')");
 					$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added ftp-account for user '" . $loginname . "'");
@@ -924,13 +900,16 @@ if($page == 'customers'
 				$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
-				#$createstdsubdomain = makeyesno('createstdsubdomain', '1', '0', '1');
-				#$email_imap = makeyesno('email_imap', '1', '0', '1');
-				#$email_pop3 = makeyesno('email_pop3', '1', '0', '1');
-				#$sendpassword = makeyesno('sendpassword', '1', '0', '1');
-				#$phpenabled = makeyesno('phpenabled', '1', '0', '1');
-				#$perlenabled = makeyesno('perlenabled', '1', '0', '0');
-				#$store_defaultindex = makeyesno('store_defaultindex', '1', '0', '1');
+				/*
+				$createstdsubdomain = makeyesno('createstdsubdomain', '1', '0', '1');
+				$email_imap = makeyesno('email_imap', '1', '0', '1');
+				$email_pop3 = makeyesno('email_pop3', '1', '0', '1');
+				$sendpassword = makeyesno('sendpassword', '1', '0', '1');
+				$phpenabled = makeyesno('phpenabled', '1', '0', '1');
+				$perlenabled = makeyesno('perlenabled', '1', '0', '0');
+				$store_defaultindex = makeyesno('store_defaultindex', '1', '0', '1');
+				*/
+				// why still makeyesno for this one?
 				$backup_allowed = makeyesno('backup_allowed', '1', '0', '0');
 
 				$gender_options = makeoption($lng['gender']['undef'], 0, true, true, true);
@@ -1235,7 +1214,7 @@ if($page == 'customers'
 
 					if($deactivated != $result['deactivated'])
 					{
-						$db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `postfix`='" . (($deactivated) ? 'N' : 'Y') . "', `pop3`='" . (($deactivated) ? '0' : '1') . "', `imap`='" . (($deactivated) ? '0' : '1') . "' WHERE `customerid`='" . (int)$id . "'");
+						$db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `postfix`='" . (($deactivated) ? 'N' : 'Y') . "', `pop3`='" . (($deactivated) ? '0' : (int)$result['pop3']) . "', `imap`='" . (($deactivated) ? '0' : (int)$result['imap']) . "' WHERE `customerid`='" . (int)$id . "'");
 						$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `login_enabled`='" . (($deactivated) ? 'N' : 'Y') . "' WHERE `customerid`='" . (int)$id . "'");
 						$db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `deactivated`='" . (int)$deactivated . "' WHERE `customerid`='" . (int)$id . "'");
 
@@ -1262,8 +1241,8 @@ if($page == 'customers'
 								/* Prevent access, if deactivated */
 								if($deactivated)
 								{
-									$db_root->query('REVOKE ALL PRIVILEGES ON * . * FROM `' . $db_root->escape($row_database['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
-									$db_root->query('REVOKE ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($row_database['databasename'])) . '` . * FROM `' . $db_root->escape($row_database['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
+									// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
+									$db_root->query('REVOKE ALL PRIVILEGES, GRANT OPTION FROM \'' . $db_root->escape($row_database['databasename']) .'\'',false,true);
 								}
 								else /* Otherwise grant access */
 								{
@@ -1588,12 +1567,14 @@ if($page == 'customers'
 					$result['aps_packages'] = '';
 				}
 
-				#$createstdsubdomain = makeyesno('createstdsubdomain', '1', '0', (($result['standardsubdomain'] != '0') ? '1' : '0'));
-				#$phpenabled = makeyesno('phpenabled', '1', '0', $result['phpenabled']);
-				#$perlenabled = makeyesno('perlenabled', '1', '0', $result['perlenabled']);
-				#$deactivated = makeyesno('deactivated', '1', '0', $result['deactivated']);
-				#$email_imap = makeyesno('email_imap', '1', '0', $result['imap']);
-				#$email_pop3 = makeyesno('email_pop3', '1', '0', $result['pop3']);
+				/*
+				$createstdsubdomain = makeyesno('createstdsubdomain', '1', '0', (($result['standardsubdomain'] != '0') ? '1' : '0'));
+				$phpenabled = makeyesno('phpenabled', '1', '0', $result['phpenabled']);
+				$perlenabled = makeyesno('perlenabled', '1', '0', $result['perlenabled']);
+				$deactivated = makeyesno('deactivated', '1', '0', $result['deactivated']);
+				$email_imap = makeyesno('email_imap', '1', '0', $result['imap']);
+				$email_pop3 = makeyesno('email_pop3', '1', '0', $result['pop3']);
+				*/
 				$backup_allowed = makeyesno('backup_allowed', '1', '0', $result['backup_allowed']);
 				$result = htmlentities_array($result);
 

admin_domains.php

@@ -195,9 +195,8 @@ if($page == 'domains'
 				updateCounters();
 				inserttask('1');
 
-				# Using nameserver, insert a task which rebuilds the server config
-				if ($settings['system']['bind_enable'])
-				{
+				// Using nameserver, insert a task which rebuilds the server config
+				if ($settings['system']['bind_enable'] = '1') {
 					inserttask('4');
 				}
 				redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -283,9 +282,16 @@ if($page == 'domains'
 
 				if($userinfo['change_serversettings'] == '1')
 				{
-					$isbinddomain = intval($_POST['isbinddomain']);
-					$caneditdomain = intval($_POST['caneditdomain']);
-					$zonefile = validate($_POST['zonefile'], 'zonefile');
+					$caneditdomain = isset($_POST['caneditdomain']) ? intval($_POST['caneditdomain']) : 0;
+
+					$isbinddomain = '0';
+					$zonefile = '';
+					if ($settings['system']['bind_enable'] == '1') {
+						if (isset($_POST['isbinddomain'])) {
+							$isbinddomain = intval($_POST['isbinddomain']);
+						}
+						$zonefile = validate($_POST['zonefile'], 'zonefile');
+					}
 
 					if(isset($_POST['dkim']))
 					{
@@ -315,7 +321,10 @@ if($page == 'domains'
 				}
 				else
 				{
-					$isbinddomain = '1';
+					$isbinddomain = '0';
+					if ($settings['system']['bind_enable'] == '1') {
+						$isbinddomain = '1';
+					}
 					$caneditdomain = '1';
 					$zonefile = '';
 					$dkim = '1';
@@ -325,8 +334,8 @@ if($page == 'domains'
 				if($userinfo['caneditphpsettings'] == '1'
 				   || $userinfo['change_serversettings'] == '1')
 				{
-					$openbasedir = intval($_POST['openbasedir']);
-					$safemode = intval($_POST['safemode']);
+					$openbasedir = isset($_POST['openbasedir']) ? intval($_POST['openbasedir']) : 0;
+					$safemode = isset($_POST['safemode']) ? intval($_POST['safemode']) : 0;
 
 					if((int)$settings['system']['mod_fcgid'] == 1)
 					{
@@ -385,7 +394,7 @@ if($page == 'domains'
 				   && isset($_POST['ssl_ipandport'])
 				   && $_POST['ssl'] != '0')
 				{
-					$ssl = (int)$_POST['ssl'];
+					$ssl = 1; // if ssl is set and != 0 it can only be 1
 					$ssl_redirect = 0;
 					if (isset($_POST['ssl_redirect'])) {
 						$ssl_redirect = (int)$_POST['ssl_redirect'];
@@ -577,8 +586,7 @@ if($page == 'domains'
 					inserttask('1');
 
 					# Using nameserver, insert a task which rebuilds the server config
-					if ($settings['system']['bind_enable'])
-					{
+					if ($settings['system']['bind_enable']) {
 						inserttask('4');
 					}
 					redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -683,18 +691,7 @@ if($page == 'domains'
 					$phpconfigs.= makeoption($row['description'], $row['id'], $settings['system']['mod_fcgid_defaultini'], true, true);
 				}
 
-				#$isbinddomain = makeyesno('isbinddomain', '1', '0', '1');
-				#$isemaildomain = makeyesno('isemaildomain', '1', '0', '1');
-				#$email_only = makeyesno('email_only', '1', '0', '0');
 				$subcanemaildomain = makeoption($lng['admin']['subcanemaildomain']['never'], '0', '0', true, true) . makeoption($lng['admin']['subcanemaildomain']['choosableno'], '1', '0', true, true) . makeoption($lng['admin']['subcanemaildomain']['choosableyes'], '2', '0', true, true) . makeoption($lng['admin']['subcanemaildomain']['always'], '3', '0', true, true);
-				#$dkim = makeyesno('dkim', '1', '0', '1');
-				#$wwwserveralias = makeyesno('wwwserveralias', '1', '0', '1');
-				#$caneditdomain = makeyesno('caneditdomain', '1', '0', '1');
-				#$openbasedir = makeyesno('openbasedir', '1', '0', '1');
-				#$safemode = makeyesno('safemode', '1', '0', '1');
-				#$speciallogfile = makeyesno('speciallogfile', '1', '0', '0');
-				#$ssl = makeyesno('ssl', '1', '0', '0');
-				#$ssl_redirect = makeyesno('ssl_redirect', '1', '0', '0');
 				$add_date = date('Y-m-d');
 
 				$domain_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/domains/formfield.domains_add.php';
@@ -793,7 +790,7 @@ if($page == 'domains'
 				$aliasdomain = intval($_POST['alias']);
 				$issubof = intval($_POST['issubof']);
 				$subcanemaildomain = intval($_POST['subcanemaildomain']);
-				$caneditdomain = intval($_POST['caneditdomain']);
+				$caneditdomain = isset($_POST['caneditdomain']) ? intval($_POST['caneditdomain']) : 0;
 				$registration_date = trim($_POST['registration_date']);
 				$registration_date = validate($registration_date, 'registration_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', ''));
 
@@ -816,12 +813,18 @@ if($page == 'domains'
 
 				if($userinfo['change_serversettings'] == '1')
 				{
-					$isbinddomain = intval($_POST['isbinddomain']);
-					$zonefile = validate($_POST['zonefile'], 'zonefile');
+					$isbinddomain = $result['isbinddomain'];
+					$zonefile = $result['zonefile'];
+					if ($settings['system']['bind_enable'] == '1') {
+						if (isset($_POST['isbinddomain'])) {
+							$isbinddomain = '1';
+						}
+						$zonefile = validate($_POST['zonefile'], 'zonefile');
+					}
 
 					if($settings['dkim']['use_dkim'] == '1')
 					{
-						$dkim = intval($_POST['dkim']);
+						$dkim = isset($_POST['dkim']) ? 1 : 0;
 					}
 					else
 					{
@@ -854,8 +857,8 @@ if($page == 'domains'
 				if($userinfo['caneditphpsettings'] == '1'
 				   || $userinfo['change_serversettings'] == '1')
 				{
-					$openbasedir = intval($_POST['openbasedir']);
-					$safemode = intval($_POST['safemode']);
+					$openbasedir = isset($_POST['openbasedir']) ? intval($_POST['openbasedir']) : 0;
+					$safemode = isset($_POST['safemode']) ? intval($_POST['safemode']) : 0;
 
 					if((int)$settings['system']['mod_fcgid'] == 1)
 					{
@@ -914,7 +917,7 @@ if($page == 'domains'
 				   && isset($_POST['ssl_ipandport'])
 				   && $_POST['ssl'] != '0')
 				{
-					$ssl = (int)$_POST['ssl'];
+					$ssl = 1; // if ssl is set and != 0, it can only be 1
 					$ssl_redirect = 0;
 					if (isset($_POST['ssl_redirect'])) {
 						$ssl_redirect = (int)$_POST['ssl_redirect'];
@@ -1084,7 +1087,9 @@ if($page == 'domains'
 				   || $dkim != $result['dkim']
 				   || $ipandport != $result['ipandport'])
 				{
-					inserttask('4');
+					if ($settings['system']['bind_enable'] == '1') {
+						inserttask('4');
+					}
 				}
 
 				if($isemaildomain == '0'
@@ -1124,7 +1129,7 @@ if($page == 'domains'
 					$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` - 1 WHERE `adminid` = '" . (int)$result['adminid'] . "' ");
 				}
 
-				$ssfs = isset($_POST['specialsettingsforsubdomains']) ? intval($_POST['specialsettingsforsubdomains']) : 1;
+				$ssfs = isset($_POST['specialsettingsforsubdomains']) ? 1 : 0;
 				if($ssfs == 1)
 				{
 					$upd_specialsettings = ", `specialsettings`='" . $db->escape($specialsettings) . "' ";
@@ -1237,20 +1242,11 @@ if($page == 'domains'
 				}
 
 				$result['specialsettings'] = $result['specialsettings'];
-				#$isbinddomain = makeyesno('isbinddomain', '1', '0', $result['isbinddomain']);
-				#$wwwserveralias = makeyesno('wwwserveralias', '1', '0', $result['wwwserveralias']);
-				#$isemaildomain = makeyesno('isemaildomain', '1', '0', $result['isemaildomain']);
-				#$email_only = makeyesno('email_only', '1', '0', $result['email_only']);
-				#$ssl = makeyesno('ssl', '1', '0', $result['ssl']);
-				#$ssl_redirect = makeyesno('ssl_redirect', '1', '0', $result['ssl_redirect']);
+
 				$subcanemaildomain = makeoption($lng['admin']['subcanemaildomain']['never'], '0', $result['subcanemaildomain'], true, true);
 				$subcanemaildomain.= makeoption($lng['admin']['subcanemaildomain']['choosableno'], '1', $result['subcanemaildomain'], true, true);
 				$subcanemaildomain.= makeoption($lng['admin']['subcanemaildomain']['choosableyes'], '2', $result['subcanemaildomain'], true, true);
 				$subcanemaildomain.= makeoption($lng['admin']['subcanemaildomain']['always'], '3', $result['subcanemaildomain'], true, true);
-				#$dkim = makeyesno('dkim', '1', '0', $result['dkim']);
-				#$caneditdomain = makeyesno('caneditdomain', '1', '0', $result['caneditdomain']);
-				#$openbasedir = makeyesno('openbasedir', '1', '0', $result['openbasedir']);
-				#$safemode = makeyesno('safemode', '1', '0', $result['safemode']);
 				$speciallogfile = ($result['speciallogfile'] == 1 ? $lng['panel']['yes'] : $lng['panel']['no']);
 				$result['add_date'] = date('Y-m-d', $result['add_date']);
 
@@ -1262,8 +1258,6 @@ if($page == 'domains'
 					$phpconfigs.= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], $result['phpsettingid'], true, true);
 				}
 
-				#$specialsettingsforsubdomains = makeyesno('specialsettingsforsubdomains', '1', '0', '1');
-
 				$result = htmlentities_array($result);
 
 				$domain_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/domains/formfield.domains_edit.php';

admin_ipsandports.php

@@ -141,11 +141,11 @@ if($page == 'ipsandports'
 		{
 			$ip = validate_ip($_POST['ip']);
 			$port = validate($_POST['port'], 'port', '/^(([1-9])|([1-9][0-9])|([1-9][0-9][0-9])|([1-9][0-9][0-9][0-9])|([1-5][0-9][0-9][0-9][0-9])|(6[0-4][0-9][0-9][0-9])|(65[0-4][0-9][0-9])|(655[0-2][0-9])|(6553[0-5]))$/Di', array('stringisempty', 'myport'));
-			$listen_statement = intval($_POST['listen_statement']);
-			$namevirtualhost_statement = intval($_POST['namevirtualhost_statement']);
-			$vhostcontainer = intval($_POST['vhostcontainer']);
+			$listen_statement = isset($_POST['listen_statement']) ? 1 : 0;
+			$namevirtualhost_statement = isset($_POST['namevirtualhost_statement']) ? 1 : 0;
+			$vhostcontainer = isset($_POST['vhostcontainer']) ? 1 : 0;
 			$specialsettings = validate(str_replace("\r\n", "\n", $_POST['specialsettings']), 'specialsettings', '/^[^\0]*$/');
-			$vhostcontainer_servername_statement = intval($_POST['vhostcontainer_servername_statement']);
+			$vhostcontainer_servername_statement = isset($_POST['vhostcontainer_servername_statement']) ? 1 : 0;
 			$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
 			$docroot = validate($_POST['docroot'], 'docroot');
 			if((int)$settings['system']['use_ssl'] == 1)
@@ -261,11 +261,13 @@ if($page == 'ipsandports'
 		}
 		else
 		{
-			#$enable_ssl = makeyesno('ssl', '1', '0', '0');
-			#$listen_statement = makeyesno('listen_statement', '1', '0', '1');
-			#$namevirtualhost_statement = makeyesno('namevirtualhost_statement', '1', '0', '1');
-			#$vhostcontainer = makeyesno('vhostcontainer', '1', '0', '1');
-			#$vhostcontainer_servername_statement = makeyesno('vhostcontainer_servername_statement', '1', '0', '1');
+			/*
+			$enable_ssl = makeyesno('ssl', '1', '0', '0');
+			$listen_statement = makeyesno('listen_statement', '1', '0', '1');
+			$namevirtualhost_statement = makeyesno('namevirtualhost_statement', '1', '0', '1');
+			$vhostcontainer = makeyesno('vhostcontainer', '1', '0', '1');
+			$vhostcontainer_servername_statement = makeyesno('vhostcontainer_servername_statement', '1', '0', '1');
+			*/
 
 			$ipsandports_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/ipsandports/formfield.ipsandports_add.php';
 			$ipsandports_add_form = htmlform::genHTMLForm($ipsandports_add_data);
@@ -290,16 +292,23 @@ if($page == 'ipsandports'
 				$port = validate($_POST['port'], 'port', '/^(([1-9])|([1-9][0-9])|([1-9][0-9][0-9])|([1-9][0-9][0-9][0-9])|([1-5][0-9][0-9][0-9][0-9])|(6[0-4][0-9][0-9][0-9])|(65[0-4][0-9][0-9])|(655[0-2][0-9])|(6553[0-5]))$/Di', array('stringisempty', 'myport'));
 				$result_checkfordouble = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ip`='" . $db->escape($ip) . "' AND `port`='" . (int)$port . "'");
 				$result_sameipotherport = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ip`='" . $db->escape($result['ip']) . "' AND `id`!='" . (int)$id . "'");
-				$listen_statement = intval($_POST['listen_statement']);
-				$namevirtualhost_statement = intval($_POST['namevirtualhost_statement']);
-				$vhostcontainer = intval($_POST['vhostcontainer']);
+				$listen_statement = isset($_POST['listen_statement']) ? 1 : 0;
+				$namevirtualhost_statement = isset($_POST['namevirtualhost_statement']) ? 1 : 0;
+				$vhostcontainer = isset($_POST['vhostcontainer']) ? 1 : 0;
 				$specialsettings = validate(str_replace("\r\n", "\n", $_POST['specialsettings']), 'specialsettings', '/^[^\0]*$/');
-				$vhostcontainer_servername_statement = intval($_POST['vhostcontainer_servername_statement']);
+				$vhostcontainer_servername_statement = isset($_POST['vhostcontainer_servername_statement']) ? 1 : 0;
 				$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
 				$docroot =  validate($_POST['docroot'], 'docroot');
-				if((int)$settings['system']['use_ssl'] == 1)
-				{
-					$ssl = intval($_POST['ssl']);
+
+				if((int)$settings['system']['use_ssl'] == 1
+					/* 
+					 * check here if ssl is even checked, cause if not, we don't need
+					 * to validate and set all the $ssl_*_file vars
+					 */
+					&& isset($_POST['ssl'])
+					&& $_POST['ssl'] != 0
+				) {
+					$ssl = 1;
 					$ssl_cert_file = validate($_POST['ssl_cert_file'], 'ssl_cert_file');
 					$ssl_key_file = validate($_POST['ssl_key_file'], 'ssl_key_file');
 					$ssl_ca_file = validate($_POST['ssl_ca_file'], 'ssl_ca_file');
@@ -402,7 +411,7 @@ if($page == 'ipsandports'
 					$log->logAction(ADM_ACTION, LOG_WARNING, "changed IP/port from '" . $result['ip'] . ":" . $result['port'] . "' to '" . $ip . ":" . $port . "'");
 					inserttask('1');
 
-					# Using nameserver, insert a task which rebuilds the server config
+					// Using nameserver, insert a task which rebuilds the server config
 					if ($settings['system']['bind_enable'])
 					{
 						inserttask('4');
@@ -412,12 +421,14 @@ if($page == 'ipsandports'
 			}
 			else
 			{
-				#$enable_ssl = makeyesno('ssl', '1', '0', $result['ssl']);
 				$result = htmlentities_array($result);
-				#$listen_statement = makeyesno('listen_statement', '1', '0', $result['listen_statement']);
-				#$namevirtualhost_statement = makeyesno('namevirtualhost_statement', '1', '0', $result['namevirtualhost_statement']);
-				#$vhostcontainer = makeyesno('vhostcontainer', '1', '0', $result['vhostcontainer']);
-				#$vhostcontainer_servername_statement = makeyesno('vhostcontainer_servername_statement', '1', '0', $result['vhostcontainer_servername_statement']);
+				/*
+				$enable_ssl = makeyesno('ssl', '1', '0', $result['ssl']);
+				$listen_statement = makeyesno('listen_statement', '1', '0', $result['listen_statement']);
+				$namevirtualhost_statement = makeyesno('namevirtualhost_statement', '1', '0', $result['namevirtualhost_statement']);
+				$vhostcontainer = makeyesno('vhostcontainer', '1', '0', $result['vhostcontainer']);
+				$vhostcontainer_servername_statement = makeyesno('vhostcontainer_servername_statement', '1', '0', $result['vhostcontainer_servername_statement']);
+				*/
 
 				$ipsandports_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/ipsandports/formfield.ipsandports_edit.php';
 				$ipsandports_edit_form = htmlform::genHTMLForm($ipsandports_edit_data);

admin_settings.php

@@ -83,7 +83,6 @@ if(($page == 'settings' || $page == 'overview')
 			$log->logAction(ADM_ACTION, LOG_INFO, "rebuild configfiles due to changed setting");
 			inserttask('1');
 			inserttask('5');
-			inserttask('9');
 
 			# Using nameserver, insert a task which rebuilds the server config
 			if ($settings['system']['bind_enable'])
@@ -129,7 +128,6 @@ elseif($page == 'rebuildconfigs'
 		$log->logAction(ADM_ACTION, LOG_INFO, "rebuild configfiles");
 		inserttask('1');
 		inserttask('5');
-		inserttask('9');
 		inserttask('10');
 
 		# Using nameserver, insert a task which rebuilds the server config

admin_tickets.php

@@ -32,17 +32,20 @@ if(isset($_POST['id']))
 elseif(isset($_GET['id']))
 {
 	$id = intval($_GET['id']);
-	
-	if (!$userinfo['customers_see_all']) {
-		/*
-		 * Check if the current user is allowed to see the current ticket.
-		 */
-		$sql = "SELECT `id` FROM `panel_tickets` WHERE `id` = '".$id."' AND `adminid` = '".$userinfo['admindid']."'";
-		
-		$result = $db->query_first($sql);
-		if ($result == null) {
-			// no rights to see the requested ticket
-			standard_error(array('ticketnotaccessible'));
+
+	// only check if this is not a category-id
+	if (!isset($_GET['page']) || (isset($_GET['page']) && $_GET['page'] != 'categories')) {
+		if (!$userinfo['customers_see_all']) {
+			/*
+			 * Check if the current user is allowed to see the current ticket.
+			 */
+			$sql = "SELECT `id` FROM `panel_tickets` WHERE `id` = '".$id."' AND `adminid` = '".$userinfo['admindid']."'";
+
+			$result = $db->query_first($sql);
+			if ($result == null) {
+				// no rights to see the requested ticket
+				standard_error(array('ticketnotaccessible'));
+			}
 		}
 	}
 }
@@ -115,13 +118,17 @@ if($page == 'tickets'
 					if($_cid != $row['customerid'])
 					{
 						$cid = $row['customerid'];
-						$usr = $db->query_first('SELECT `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
                                      WHERE `customerid` = "' . (int)$cid . '"');
 
-						if(isset($usr['loginname'])) {
-							$customer = getCorrectFullUserDetails($usr) . ' (' . $usr['loginname'] . ')';
-							//$customer = $usr['firstname'] . " " . $usr['name'] . " (" . $usr['loginname'] . ")";
-						} else {
+						if(isset($usr['loginname']))
+						{
+							$customer = getCorrectFullUserDetails($usr);
+							$customerloginname =  $usr['loginname'];
+							$customerid = $usr['customerid'];
+						}
+						else
+						{
 							$customer = $lng['ticket']['nonexistingcustomer'];
 						}
 						eval("\$tickets.=\"" . getTemplate("tickets/tickets_customer") . "\";");
@@ -212,12 +219,16 @@ if($page == 'tickets'
 			else
 			{
 				$categories = '';
-				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
+				$where = '';
+				if ($userinfo['tickets_see_all'] != '1') {
+					$where = 'WHERE `adminid` = "' . $userinfo['adminid'] . '"';
+				}
+				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` '.$where.' ORDER BY `logicalorder`, `name` ASC');
 
 				if(isset($result['name'])
 				   && $result['name'] != '')
 				{
-					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
+					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` '.$where.' ORDER BY `logicalorder`, `name` ASC');
 
 					while($row = $db->fetch_array($result2))
 					{
@@ -450,11 +461,16 @@ elseif($page == 'categories'
 			'name' => $lng['ticket']['category'],
 			'logicalorder' => $lng['ticket']['logicalorder']
 		);
+
+		$where = '1'; // WHERE 1 is like no 'where-clause'
+		if ($userinfo['tickets_see_all'] != '1') {
+			$where = " `main`.`adminid` = '" . (int)$userinfo['adminid'] . "'";
+		}
 		$paging = new paging($userinfo, $db, TABLE_PANEL_TICKET_CATS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 		$result = $db->query("SELECT `main`.`id`, `main`.`name`, `main`.`logicalorder`, (
                               SELECT COUNT(`sub`.`id`) FROM `" . TABLE_PANEL_TICKETS . "` `sub`
                               WHERE `sub`.`category` = `main`.`id`
-                              AND `sub`.`answerto` = '0' AND `sub`.`adminid` = '" . $userinfo['adminid'] . "')
+                              AND `sub`.`answerto` = '0'  AND `sub`.`adminid` = '" . $userinfo['adminid'] . "')
                               as `ticketcount`, (
                               SELECT COUNT(`sub2`.`id`) FROM `" . TABLE_PANEL_TICKETS . "` `sub2`
                               WHERE `sub2`.`category` = `main`.`id`
@@ -462,7 +478,7 @@ elseif($page == 'categories'
                               AND (`sub2`.`status` = '0' OR `sub2`.`status` = '1' OR `sub2`.`status` = '2')
                               AND `sub2`.`adminid` = '" . $userinfo['adminid'] . "'
                               ) as `ticketcountnotclosed`
-                              FROM `" . TABLE_PANEL_TICKET_CATS . "` `main` WHERE `main`.`adminid` = '" . (int)$userinfo['adminid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+                              FROM `" . TABLE_PANEL_TICKET_CATS . "` `main` WHERE " . $where . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$paging->setEntries($db->num_rows($result));
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -499,7 +515,7 @@ elseif($page == 'categories'
 			if($order < 1 || $order >= 1000)
 			{
 				// use the latest available
-				$order = ticket::getHighestOrderNumber($db) + 1;
+				$order = ticket::getHighestOrderNumber($db, $userinfo['adminid']) + 1;
 			}
 
 			if($category == '')
@@ -515,7 +531,7 @@ elseif($page == 'categories'
 		}
 		else
 		{
-			$order = ticket::getHighestOrderNumber($db) + 1;
+			$order = ticket::getHighestOrderNumber($db, $userinfo['adminid']) + 1;
 
 			$category_new_data = include_once dirname(__FILE__).'/lib/formfields/admin/tickets/formfield.category_new.php';
 			$category_new_form = htmlform::genHTMLForm($category_new_data);
@@ -673,12 +689,17 @@ elseif($page == 'archive'
 						if($_cid != $ticket['customerid'])
 						{
 							$cid = $ticket['customerid'];
-							$usr = $db->query_first('SELECT `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
+							$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname` FROM `' . TABLE_PANEL_CUSTOMERS . '`
                                        WHERE `customerid` = "' . (int)$cid . '"');
 
-							if(isset($usr['loginname'])) {
-								$customer = getCorrectFullUserDetails($usr) . ' (' . $usr['loginname'] . ')';
-							} else {
+							if(isset($usr['loginname']))
+							{
+								$customer = getCorrectFullUserDetails($usr);
+								$customerloginname =  $usr['loginname'];
+								$customerid = $usr['customerid'];
+							}
+							else
+							{
 								$customer = $lng['ticket']['nonexistingcustomer'];
 							}
 
@@ -852,6 +873,6 @@ elseif($page == 'archive'
 			ask_yesno('ticket_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}
 	}
+} else {
+	standard_error('nocustomerforticket');
 }
-
-?>

customer_autoresponder.php

@@ -110,7 +110,7 @@ if($action == "add")
 	$date_from_off = makecheckbox('date_from_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
 	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
 
-	#$isactive = makeyesno('active', '1', '0', '1');
+	//$isactive = makeyesno('active', '1', '0', '1');
 
 	$autoresponder_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/autoresponder/formfield.autoresponder_add.php';
 	$autoresponder_add_form = htmlform::genHTMLForm($autoresponder_add_data);
@@ -241,7 +241,7 @@ if($action == "edit")
 	}
 	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, $deactivated, true, true);
 
-	#$isactive = makeyesno('active', '1', '0', $row['enabled']);
+	//$isactive = makeyesno('active', '1', '0', $row['enabled']);
 
 	$autoresponder_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/autoresponder/formfield.autoresponder_edit.php';
 	$autoresponder_edit_form = htmlform::genHTMLForm($autoresponder_edit_data);

customer_domains.php

@@ -352,7 +352,7 @@ elseif($page == 'domains')
 					$log->logAction(USR_ACTION, LOG_INFO, "added subdomain '" . $completedomain . "'");
 					inserttask('1');
 
-					# Using nameserver, insert a task which rebuilds the server config
+					// Using nameserver, insert a task which rebuilds the server config
 					if ($settings['system']['bind_enable'])
 					{
 						inserttask('4');
@@ -388,7 +388,7 @@ elseif($page == 'domains')
 					}
 				}
 
-				#$ssl_redirect = makeyesno('ssl_redirect', '1', '0', $result['ssl_redirect']);
+				//$ssl_redirect = makeyesno('ssl_redirect', '1', '0', $result['ssl_redirect']);
 				$openbasedir = makeoption($lng['domain']['docroot'], 0, NULL, true) . makeoption($lng['domain']['homedir'], 1, NULL, true);
 				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
 
@@ -532,7 +532,7 @@ elseif($page == 'domains')
 						$result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `documentroot`='" . $db->escape($path) . "', `isemaildomain`='" . (int)$isemaildomain . "', `iswildcarddomain`='" . (int)$iswildcarddomain . "', `aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ",`openbasedir_path`='" . $db->escape($openbasedir_path) . "', `ssl_redirect`='" . $ssl_redirect . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 						inserttask('1');
 
-						# Using nameserver, insert a task which rebuilds the server config
+						// Using nameserver, insert a task which rebuilds the server config
 						if ($settings['system']['bind_enable'])
 						{
 							inserttask('4');
@@ -585,9 +585,11 @@ elseif($page == 'domains')
 					}
 				}
 
-				#$ssl_redirect = makeyesno('ssl_redirect', '1', '0', $result['ssl_redirect']);
-				#$iswildcarddomain = makeyesno('iswildcarddomain', '1', '0', $result['iswildcarddomain']);
-				#$isemaildomain = makeyesno('isemaildomain', '1', '0', $result['isemaildomain']);
+				/*
+				$ssl_redirect = makeyesno('ssl_redirect', '1', '0', $result['ssl_redirect']);
+				$iswildcarddomain = makeyesno('iswildcarddomain', '1', '0', $result['iswildcarddomain']);
+				$isemaildomain = makeyesno('isemaildomain', '1', '0', $result['isemaildomain']);
+				*/
 				$openbasedir = makeoption($lng['domain']['docroot'], 0, $result['openbasedir_path'], true) . makeoption($lng['domain']['homedir'], 1, $result['openbasedir_path'], true);
 
 				$result_ipandport = $db->query_first("SELECT `ip` FROM `".TABLE_PANEL_IPSANDPORTS."` WHERE `id`='".(int)$result['ipandport']."'");

customer_email.php

@@ -237,7 +237,7 @@ elseif($page == 'emails')
 					standard_error('emailiswrong', $email_full);
 				}
 
-				$email_check = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE ( `email`='" . $db->escape($email) . "' OR `email_full` = '" . $db->escape($email_full) . "' ) AND `customerid`='" . (int)$userinfo['customerid'] . "'");
+				$email_check = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE (`email` = '" . strtolower($db->escape($email)) . "' OR `email_full` = '" . strtolower($db->escape($email_full)) . "') AND `customerid`='" . (int)$userinfo['customerid'] . "'");
 
 				if($email == ''
 				   || $email_full == ''
@@ -253,7 +253,7 @@ elseif($page == 'emails')
 				{
 					standard_error('maindomainnonexist', $domain);
 				}
-				elseif($email_check['email_full'] == $email_full)
+				elseif(strtolower($email_check['email_full']) == strtolower($email_full))
 				{
 					standard_error('emailexistalready', $email_full);
 				}
@@ -281,9 +281,15 @@ elseif($page == 'emails')
 					$domains.= makeoption($idna_convert->decode($row['domain']), $row['domain']);
 				}
 
-				#$iscatchall = makeyesno('iscatchall', '1', '0', '0');
+				//$iscatchall = makeyesno('iscatchall', '1', '0', '0');
 
 				$email_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_add.php';
+
+				if ( $settings['catchall']['catchall_enabled'] != '1' )
+				{
+					unset($email_add_data['emails_add']['sections']['section_a']['fields']['iscatchall']);
+				}
+
 				$email_add_form = htmlform::genHTMLForm($email_add_data);
 
 				$title = $email_add_data['emails_add']['title'];
@@ -330,6 +336,12 @@ elseif($page == 'emails')
 			$result = htmlentities_array($result);
 
 			$email_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_edit.php';
+
+			if ( $settings['catchall']['catchall_enabled'] != '1' )
+			{
+				unset($email_edit_data['emails_edit']['sections']['section_a']['fields']['mail_catchall']);
+			}
+
 			$email_edit_form = htmlform::genHTMLForm($email_edit_data);
 
 			$title = $email_edit_data['emails_edit']['title'];
@@ -341,34 +353,41 @@ elseif($page == 'emails')
 	elseif($action == 'togglecatchall'
 	       && $id != 0)
 	{
-		$result = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `popaccountid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
-
-		if(isset($result['email'])
-		   && $result['email'] != '')
+		if ( $settings['catchall']['catchall_enabled'] == '1' )
 		{
-			if($result['iscatchall'] == '1')
-			{
-				$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `email` = '" . $db->escape($result['email_full']) . "', `iscatchall` = '0' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['id'] . "'");
-			}
-			else
-			{
-				$email_parts = explode('@', $result['email_full']);
-				$email = '@' . $email_parts[1];
-				$email_check = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `email`='" . $db->escape($email) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");
+			$result = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `popaccountid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 
-				if($email_check['email'] == $email)
+			if(isset($result['email'])
+			   && $result['email'] != '')
+			{
+				if($result['iscatchall'] == '1')
 				{
-					standard_error('youhavealreadyacatchallforthisdomain');
-					exit;
+					$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `email` = '" . $db->escape($result['email_full']) . "', `iscatchall` = '0' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['id'] . "'");
 				}
 				else
 				{
-					$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `email` = '$email' , `iscatchall` = '1' WHERE `customerid`='" . $userinfo['customerid'] . "' AND `id`='" . $result['id'] . "'");
-					$log->logAction(USR_ACTION, LOG_INFO, "edited email address '" . $email . "'");
-				}
-			}
+					$email_parts = explode('@', $result['email_full']);
+					$email = '@' . $email_parts[1];
+					$email_check = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `email`='" . $db->escape($email) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");
 
-			redirectTo($filename, Array('page' => $page, 'action' => 'edit', 'id' => $id, 's' => $s));
+					if($email_check['email'] == $email)
+					{
+						standard_error('youhavealreadyacatchallforthisdomain');
+						exit;
+					}
+					else
+					{
+						$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `email` = '$email' , `iscatchall` = '1' WHERE `customerid`='" . $userinfo['customerid'] . "' AND `id`='" . $result['id'] . "'");
+						$log->logAction(USR_ACTION, LOG_INFO, "edited email address '" . $email . "'");
+					}
+				}
+
+				redirectTo($filename, Array('page' => $page, 'action' => 'edit', 'id' => $id, 's' => $s));
+			}
+		}
+		else
+		{
+			standard_error(array('operationnotpermitted', 'featureisdisabled'), 'Catchall');
 		}
 	}
 }
@@ -439,11 +458,42 @@ elseif($page == 'accounts')
 							$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
 						}
 
-						$db->query("INSERT INTO `" . TABLE_MAIL_USERS . "` (`customerid`, `email`, `username`, " . ($settings['system']['mailpwcleartext'] == '1' ? '`password`, ' : '') . " `password_enc`, `homedir`, `maildir`, `uid`, `gid`, `domainid`, `postfix`, `quota`, `imap`, `pop3`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($email_full) . "', '" . $db->escape($username) . "', " . ($settings['system']['mailpwcleartext'] == '1' ? "'" . $db->escape($password) . "'," : '') . " ENCRYPT('" . $db->escape($password) . "'), '" . $db->escape($settings['system']['vmail_homedir']) . "', '" . $db->escape($userinfo['loginname'] . '/' . $email_full . '/') . "', '" . (int)$settings['system']['vmail_uid'] . "', '" . (int)$settings['system']['vmail_gid'] . "', '" . (int)$result['domainid'] . "', 'y', '" . (int)$quota . "', '" . (int)$userinfo['imap'] . "', '" . (int)$userinfo['pop3'] . "')");
+						$cryptPassword = makeCryptPassword($db->escape($password),1);
+
+						$email_user=substr($email_full,0,strrpos($email_full,"@"));
+						$email_domain=substr($email_full,strrpos($email_full,"@")+1);
+						$maildirname=trim($settings['system']['vmail_maildirname']);
+						// Add trailing slash to Maildir if needed
+						$maildirpath=$maildirname;
+						if (!empty($maildirname) and substr($maildirname,-1) != "/") $maildirpath.="/";
+
+						$db->query("INSERT INTO `" . TABLE_MAIL_USERS . 
+							"` (`customerid`, `email`, `username`, " . ($settings['system']['mailpwcleartext'] == '1' ? '`password`, ' : '') . " `password_enc`, `homedir`, `maildir`, `uid`, `gid`, `domainid`, `postfix`, `quota`, `imap`, `pop3`) ".
+							"VALUES (".
+							"'" . (int)$userinfo['customerid'] . "', ".
+							"'" . $db->escape($email_full) . "', ".
+							"'" . $db->escape($username) . "', " .
+							($settings['system']['mailpwcleartext'] == '1' ? "'" . $db->escape($password) . "', " : '') .
+							"'" . $db->escape($cryptPassword) . "', ".
+							"'" . $db->escape($settings['system']['vmail_homedir']) . "', '" . $db->escape($userinfo['loginname'] . '/' . $email_domain . "/" . $email_user . "/" . $maildirpath) . "', ".
+							"'" . (int)$settings['system']['vmail_uid'] . "', ".
+							"'" . (int)$settings['system']['vmail_gid'] . "', ".
+							"'" . (int)$result['domainid'] . "', ".
+							"'y', ".
+							"'" . (int)$quota . "', ".
+							"'" . (int)$userinfo['imap'] . "', ".
+							"'" . (int)$userinfo['pop3'] . "')");
+
 						$popaccountid = $db->insert_id();
 						$result['destination'].= ' ' . $email_full;
-						$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `destination` = '" . $db->escape(makeCorrectDestination($result['destination'])) . "', `popaccountid` = '" . (int)$popaccountid . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
-						$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_accounts_used`=`email_accounts_used`+1, `email_quota_used`=`email_quota_used`+" . (int)$quota . " WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
+						$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET ".
+							"`destination` = '" . $db->escape(makeCorrectDestination($result['destination'])) . "', ".
+							"`popaccountid` = '" . (int)$popaccountid . "' ".
+							"WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+						$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET ".
+							"`email_accounts_used`=`email_accounts_used`+1, ".
+							"`email_quota_used`=`email_quota_used`+" . (int)$quota . " ".
+							"WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 						$log->logAction(USR_ACTION, LOG_INFO, "added email account for '" . $email_full . "'");
 						$replace_arr = array(
 							'EMAIL' => $email_full,
@@ -557,7 +607,8 @@ elseif($page == 'accounts')
 				$password = validatePassword($password);
 				
 				$log->logAction(USR_ACTION, LOG_NOTICE, "changed email password for '" . $result['email_full'] . "'");
-				$result = $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET " . ($settings['system']['mailpwcleartext'] == '1' ? "`password` = '" . $db->escape($password) . "', " : '') . " `password_enc`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['popaccountid'] . "'");
+				$cryptPassword = makeCryptPassword($db->escape($password),1);
+				$result = $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET " . ($settings['system']['mailpwcleartext'] == '1' ? "`password` = '" . $db->escape($password) . "', " : '') . " `password_enc`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$result['popaccountid'] . "'");
 				redirectTo($filename, Array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 			}
 			else

customer_extras.php

@@ -50,7 +50,6 @@ elseif($page == 'backup')
 
     if(isset($_POST['send']) && $_POST['send'] == 'send'){
 	$backup_enabled = ($_POST['backup_enabled'] == '1' ? '1' : '0');
-	$backup_ftp_enabled = ($_POST['backup_ftp_enabled'] == '1' ? '1' : '0');
 	
         $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `backup_enabled`='" . $backup_enabled . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
 	redirectTo($filename, Array('page' => $page, 's' => $s));
@@ -353,18 +352,28 @@ elseif($page == 'htaccess')
 				standard_error('invalidpath');
 			}
 
-			if(isset($_POST['options_cgi']))
-			{
-				$options_cgi = intval($_POST['options_cgi']);
+			if(isset($_POST['options_cgi'])
+				&& (int)$_POST['options_cgi'] != 0
+			) {
+				$options_cgi = '1';
 			}
 			else
 			{
 				$options_cgi = '0';
 			} 
 
-			$error404path = correctErrorDocument($_POST['error404path']);
-			$error403path = correctErrorDocument($_POST['error403path']);
-			$error500path = correctErrorDocument($_POST['error500path']);
+			$error404path = '';
+			if (isset($_POST['error404path'])) {
+				$error404path = correctErrorDocument($_POST['error404path']);
+			}
+			$error403path = '';
+			if (isset($_POST['error403path'])) {
+				$error403path = correctErrorDocument($_POST['error403path']);
+			}
+			$error500path = '';
+			if (isset($_POST['error500path'])) {
+				$error500path = correctErrorDocument($_POST['error500path']);
+			}
 
 			if($path_dupe_check['path'] == $path)
 			{
@@ -393,9 +402,11 @@ elseif($page == 'htaccess')
 		else
 		{
 			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
-			#$options_indexes = makeyesno('options_indexes', '1', '0', '0');
 			$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
-			#$options_cgi = makeyesno('options_cgi', '1', '0', '0');
+			/*
+			$options_indexes = makeyesno('options_indexes', '1', '0', '0');
+			$options_cgi = makeyesno('options_cgi', '1', '0', '0');
+			*/
 
 			$htaccess_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htaccess_add.php';
 			$htaccess_add_form = htmlform::genHTMLForm($htaccess_add_data);
@@ -460,9 +471,11 @@ elseif($page == 'htaccess')
 				$result['error404path'] = $result['error404path'];
 				$result['error403path'] = $result['error403path'];
 				$result['error500path'] = $result['error500path'];
-				#$options_indexes = makeyesno('options_indexes', '1', '0', $result['options_indexes']);
 				$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
-				#$options_cgi = makeyesno('options_cgi', '1', '0', $result['options_cgi']);
+				/*
+				$options_indexes = makeyesno('options_indexes', '1', '0', $result['options_indexes']);
+				$options_cgi = makeyesno('options_cgi', '1', '0', $result['options_cgi']);
+				*/
 				$result = htmlentities_array($result);
 
 				$htaccess_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htaccess_edit.php';

customer_ftp.php

@@ -144,7 +144,7 @@ elseif($page == 'accounts')
 				$password = validate($_POST['ftp_password'], 'password');
 				$password = validatePassword($password);
 
-				$sendinfomail = intval($_POST['sendinfomail']);
+				$sendinfomail = isset($_POST['sendinfomail']) ? 1 : 0;
 				if($sendinfomail != 1)
 				{
 					$sendinfomail = 0;
@@ -187,8 +187,9 @@ elseif($page == 'accounts')
 				else
 				{
 					$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
-					
-					$db->query("INSERT INTO `" . TABLE_FTP_USERS . "` (`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', ENCRYPT('" . $db->escape($password) . "'), '" . $db->escape($path) . "', 'y', '" . (int)$userinfo['guid'] . "', '" . (int)$userinfo['guid'] . "')");
+
+					$cryptPassword = makeCryptPassword($db->escape($password),1);					
+					$db->query("INSERT INTO `" . TABLE_FTP_USERS . "` (`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', '" . $db->escape($cryptPassword) . "', '" . $db->escape($path) . "', 'y', '" . (int)$userinfo['guid'] . "', '" . (int)$userinfo['guid'] . "')");
 					$result = $db->query("SELECT `bytes_in_used` FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = '" . $userinfo['loginname'] . "'");
 					while($row = $db->fetch_array($result))
 					{
@@ -268,7 +269,7 @@ elseif($page == 'accounts')
 					}
 				}
 
-				#$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');
+				//$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');
 
 				$ftp_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/ftp/formfield.ftp_add.php';
 				$ftp_add_form = htmlform::genHTMLForm($ftp_add_data);
@@ -311,11 +312,12 @@ elseif($page == 'accounts')
 					else
 					{
 						$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account password for '" . $result['username'] . "'");
-						$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+						$cryptPassword = makeCryptPassword($db->escape($password),1);
+						$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 						
 						// also update customers backup user password if password of main ftp user is changed
 						if(!preg_match('/' . $settings['customer']['ftpprefix'] . '/', $result['username'])){
-						    $db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `username`='" . $result['username'] . "_backup'");
+						    $db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `username`='" . $result['username'] . "_backup'");
 						}
 					}
 				}

customer_index.php

@@ -55,7 +55,7 @@ if($page == 'overview')
 	}
 
 	natsort($domainArray);
-	$domains = implode(', ', $domainArray);
+	$domains = implode(',<br />', $domainArray);
 	$userinfo['email'] = $idna_convert->decode($userinfo['email']);
 	$yesterday = time() - (60 * 60 * 24);
 	$month = date('M Y', $yesterday);
@@ -124,7 +124,8 @@ elseif($page == 'change_password')
 			if(isset($_POST['change_main_ftp'])
 			   && $_POST['change_main_ftp'] == 'true')
 			{
-				$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`=ENCRYPT('" . $db->escape($new_password) . "') WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `username`='" . $db->escape($userinfo['loginname']) . "'");
+				$cryptPassword = makeCryptPassword($db->escape($new_password),1);
+				$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `username`='" . $db->escape($userinfo['loginname']) . "'");
 				$log->logAction(USR_ACTION, LOG_NOTICE, 'changed main ftp password');
 			}
 

customer_mysql.php

@@ -102,11 +102,17 @@ elseif($page == 'mysqls')
 				// Begin root-session
 
 				$db_root = new db($sql_root[$result['dbserver']]['host'], $sql_root[$result['dbserver']]['user'], $sql_root[$result['dbserver']]['password'], '');
-				foreach(array_map('trim', array_unique(explode(',', $settings['system']['mysql_access_host']))) as $mysql_access_host)
+				$log->logAction(USR_ACTION, LOG_INFO, "deleted database '" . $result['databasename'] . "'");
+				if(mysql_get_server_info() < '5.0.2') { 
+					// Revoke privileges (only required for MySQL 4.1.2 - 5.0.1)
+					$db_root->query('REVOKE ALL PRIVILEGES, GRANT OPTION FROM \'' . $db_root->escape($result['databasename']) .'\'',false,true);
+				}
+
+				$host_res = $db_root->query("SELECT `Host` FROM `mysql`.`user` WHERE `User`='" . $db_root->escape($result['databasename']) . "'");
+				while($host = $db_root->fetch_array($host_res)) 
 				{
-					$db_root->query('REVOKE ALL PRIVILEGES ON * . * FROM `' . $db_root->escape($result['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
-					$db_root->query('REVOKE ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($result['databasename'])) . '` . * FROM `' . $db_root->escape($result['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '`');
-					$db_root->query('DELETE FROM `mysql`.`user` WHERE `User` = "' . $db_root->escape($result['databasename']) . '" AND `Host` = "' . $db_root->escape($mysql_access_host) . '"');
+					// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
+					$db_root->query('DROP USER \'' . $db_root->escape($result['databasename']). '\'@\'' . $db_root->escape($host['Host']) . '\'', false, true);
 				}
 
 				$db_root->query('DROP DATABASE IF EXISTS `' . $db_root->escape($result['databasename']) . '`');
@@ -150,7 +156,7 @@ elseif($page == 'mysqls')
 				$password = validate($_POST['mysql_password'], 'password');
 				$password = validatePassword($password);
 
-				$sendinfomail = intval($_POST['sendinfomail']);
+				$sendinfomail = isset($_POST['sendinfomail']) ? 1 : 0;
 				if($sendinfomail != 1)
 				{
 					$sendinfomail = 0;
@@ -177,9 +183,11 @@ elseif($page == 'mysqls')
 					{
 						$dbserver = 0;
 					}
+					
+					// validate description before actual adding the database, #1052
+					$databasedescription = validate(trim($_POST['description']), 'description');
 
 					// Begin root-session
-
 					$db_root = new db($sql_root[$dbserver]['host'], $sql_root[$dbserver]['user'], $sql_root[$dbserver]['password'], '');
 					$db_root->query('CREATE DATABASE `' . $db_root->escape($username) . '`');
 					$log->logAction(USR_ACTION, LOG_INFO, "created database '" . $username . "'");
@@ -195,8 +203,6 @@ elseif($page == 'mysqls')
 
 					// End root-session
 					// Statement modifyed for Database description -- PH 2004-11-29
-
-					$databasedescription = validate($_POST['description'], 'description');
 					$result = $db->query('INSERT INTO `' . TABLE_PANEL_DATABASES . '` (`customerid`, `databasename`, `description`, `dbserver`) VALUES ("' . (int)$userinfo['customerid'] . '", "' . $db->escape($username) . '", "' . $db->escape($databasedescription) . '", "' . $db->escape($dbserver) . '")');
 					$result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`+1, `mysql_lastaccountnumber`=`mysql_lastaccountnumber`+1 WHERE `customerid`="' . (int)$userinfo['customerid'] . '"');
 
@@ -258,7 +264,7 @@ elseif($page == 'mysqls')
 					$mysql_servers .= makeoption($mysql_server_details['caption'], $mysql_server);
 				}
 
-				#$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');
+				//$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');
 
 				$mysql_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/mysql/formfield.mysql_add.php';
 				$mysql_add_form = htmlform::genHTMLForm($mysql_add_data);
@@ -308,7 +314,6 @@ elseif($page == 'mysqls')
 				}
 
 				// Update the Database description -- PH 2004-11-29
-
 				$log->logAction(USR_ACTION, LOG_INFO, "edited database '" . $result['databasename'] . "'");
 				$databasedescription = validate($_POST['description'], 'description');
 				$result = $db->query('UPDATE `' . TABLE_PANEL_DATABASES . '` SET `description`="' . $db->escape($databasedescription) . '" WHERE `customerid`="' . (int)$userinfo['customerid'] . '" AND `id`="' . (int)$id . '"');

customer_tickets.php

@@ -221,12 +221,12 @@ elseif($page == 'tickets')
 			else
 			{
 				$categories = '';
-				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `logicalorder`, `name` ASC');
+				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
 
 				if(isset($result['name'])
 				   && $result['name'] != '')
 				{
-					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` ORDER BY `logicalorder`, `name` ASC');
+					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
 
 					while($row = $db->fetch_array($result2))
 					{

install/install.php

@@ -100,23 +100,27 @@ function page_header() {
 <!DOCTYPE html>
 <html lang="en">
 <head>
-	<meta charset="iso-8859-1" />
+	<meta charset="utf-8" />
 	<meta http-equiv="Default-Style" content="text/css" />
-	<link rel="stylesheet" href="../templates/Froxlor/froxlor.css"  />
-	<!--[if IE]><link rel="stylesheet" href="../templates/Froxlor/froxlor_ie.css"  /><![endif]-->
+	<link rel="stylesheet" href="../templates/Froxlor/assets/css/main.css"  />
+	<!--[if IE]><link rel="stylesheet" href="../templates/Froxlor/assets/css/main_ie.css"  /><![endif]-->
 	<!--[if lt IE 9]><script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script><![endif]-->
 	<script type="text/javascript" src="../js/jquery.min.js"></script>
-	<script type="text/javascript" src="../templates/Froxlor/js/froxlor.js"></script>
+	<script type="text/javascript" src="../templates/Froxlor/assets/js/main.js"></script>
+	<link href="../templates/Froxlor/assets/img/favicon.ico" rel="icon" type="image/x-icon" />
 	<title>Froxlor Server Management Panel - Installation</title>
 	<style>
+	body {
+        font-family: Verdana, Geneva, sans-serif;
+	}
 	input {
-		background: #dae7ee url('../images/Froxlor/icons/text_align_left.png') no-repeat 5px 4px;
+		background: #dae7ee url('../templates/Froxlor/assets/img/icons/text_align_left.png') no-repeat 5px 4px;
 	}
 	input[type="password"] {
-		background: #dae7ee url('../images/Froxlor/icons/password.png') no-repeat 4px 4px;
+		background: #dae7ee url('../templates/Froxlor/assets/img/icons/password.png') no-repeat 4px 4px;
 	}
 	input[type="submit"] {
-		background: #ccc url('../images/Froxlor/icons/button_ok.png') no-repeat 4px 8px;
+		background: #ccc url('../templates/Froxlor/assets/img/icons/button_ok.png') no-repeat 4px 8px;
 	}
 	</style>
 </head>
@@ -154,13 +158,13 @@ function status_message($case, $text)
 
 function requirement_checks() {
 
-	global $lng;
+	global $lng, $theme;
 	page_header();
 
 ?>
 	<article class="install bradius">
 		<header class="dark">
-			<img src="../images/Froxlor/logo.png" alt="Froxlor Server Management Panel" />
+			<img src="../templates/Froxlor/assets/img/logo.png" alt="Froxlor Server Management Panel" />
 		</header>
 
 		<section class="installsec">
@@ -520,7 +524,7 @@ if(isset($_POST['installstep'])
 ?>
 	<article class="install bradius">
 		<header class="dark">
-			<img src="../images/Froxlor/logo.png" alt="Froxlor Server Management Panel" />
+			<img src="../templates/Froxlor/assets/img/logo.png" alt="Froxlor Server Management Panel" />
 		</header>
 
 		<section class="installsec">
@@ -673,8 +677,6 @@ if(isset($_POST['installstep'])
 	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($languages[$language]) . "' WHERE `settinggroup` = 'panel' AND `varname` = 'standardlanguage'");
 	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($mysql_access_host) . "' WHERE `settinggroup` = 'system' AND `varname` = 'mysql_access_host'");
 	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($webserver) . "' WHERE `settinggroup` = 'system' AND `varname` = 'webserver'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($webserver) . "' WHERE `settinggroup` = 'system' AND `varname` = 'webserver'");
-
 	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($httpuser) . "' WHERE `settinggroup` = 'system' AND `varname` = 'httpuser'");
 	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($httpgroup) . "' WHERE `settinggroup` = 'system' AND `varname` = 'httpgroup'");
 
@@ -692,23 +694,20 @@ if(isset($_POST['installstep'])
 		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/lighttpd/froxlor-htpasswd/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_htpasswddir'");
 		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/init.d/lighttpd reload' WHERE `settinggroup` = 'system' AND `varname` = 'apachereload_command'");
 		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/lighttpd/lighttpd.pem' WHERE `settinggroup` = 'system' AND `varname` = 'ssl_cert_file'");
-		$ssettings = '';
 	}
-        elseif($webserver == "nginx")
+	elseif($webserver == "nginx")
 	{
 		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/nginx/sites-enabled/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_vhost'");
 		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/nginx/sites-enabled/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_diroptions'");
 		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/nginx/froxlor-htpasswd/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_htpasswddir'");
 		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/init.d/nginx reload' WHERE `settinggroup` = 'system' AND `varname` = 'apachereload_command'");
-		$ssettings = '';
 	}
 
 	// insert the lastcronrun to be the installation date
-
 	$query = 'UPDATE `%s` SET `value` = UNIX_TIMESTAMP() WHERE `settinggroup` = \'system\'  AND `varname` = \'lastcronrun\'';
 	$query = sprintf($query, TABLE_PANEL_SETTINGS);
 	$db->query($query);
-	
+
 	// set specific times for some crons (traffic only at night, etc.)
 	$ts = mktime(0, 0, 0, date('m', time()), date('d', time()), date('Y', time()));
 	$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_traffic.php';");
@@ -717,7 +716,6 @@ if(isset($_POST['installstep'])
 	$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_ticketarchive.php';");
 
 	// and lets insert the default ip and port
-
 	$query = "INSERT INTO `".TABLE_PANEL_IPSANDPORTS."` 
 			 SET `ip`= '".$db->escape($serverip)."', 
 			 `port` = '80',
@@ -728,14 +726,12 @@ if(isset($_POST['installstep'])
 	$defaultip = $db->insert_id();
 
 	// insert the defaultip
-
 	$query = 'UPDATE `%s` SET `value` = \'%s\' WHERE `settinggroup` = \'system\'  AND `varname` = \'defaultip\'';
 	$query = sprintf($query, TABLE_PANEL_SETTINGS, $db->escape($defaultip));
 	$db->query($query);
 	status_message('green', 'OK');
 
 	//last but not least create the main admin
-
 	status_message('begin', $lng['install']['adding_admin_user']);
 	$db->query("INSERT INTO `" . TABLE_PANEL_ADMINS . "` SET
 		`loginname` = '" . $db->escape($admin_user) . "',
@@ -767,6 +763,7 @@ if(isset($_POST['installstep'])
 		`ftps_used` = 0,
 		`tickets` = -1,
 		`tickets_used` = 0,
+		`tickets_see_all` = 1,
 		`subdomains` = -1,
 		`subdomains_used` = 0,
 		`traffic` = -1048576,
@@ -779,7 +776,6 @@ if(isset($_POST['installstep'])
 	status_message('green', 'OK');
 
 	//now we create the userdata.inc.php with the mysql-accounts
-
 	status_message('begin', $lng['install']['creating_configfile']);
 	$userdata = "<?php\n";
 	$userdata.= "//automatically generated userdata.inc.php for Froxlor\n";
@@ -794,7 +790,6 @@ if(isset($_POST['installstep'])
 	$userdata.= "?>";
 
 	//we test now if we can store the userdata.inc.php in ../lib
-
 	if($fp = @fopen('../lib/userdata.inc.php', 'w'))
 	{
 		$result = @fputs($fp, $userdata, strlen($userdata));
@@ -841,7 +836,7 @@ else
 ?>
 	<article class="install bradius">
 		<header class="dark">
-			<img src="../images/Froxlor/logo.png" alt="Froxlor Server Management Panel" />
+			<img src="../templates/Froxlor/assets/img/logo.png" alt="Froxlor Server Management Panel" />
 		</header>
 		<section class="installsec">
 			<h2><?php echo $lng['install']['language']; ?></h2>

install/lng/english.lng.php

@@ -73,6 +73,12 @@ $lng['install']['bcmathdescription'] = 'Traffic-calculation related functions wi
 $lng['install']['openbasedir'] = 'Testing if open_basedir is enabled...';
 $lng['install']['openbasedirenabled'] = 'enabled. Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor';
 
+/**
+ * ADDED IN 1.2.19-svn7
+ */
+
+$lng['install']['servername_should_be_fqdn'] = 'The servername should be a FQDN and not an IP address';
+
 /**
  * Renamed in 1.2.19-svn40
  */

install/lng/french.lng.php

@@ -63,6 +63,12 @@ $lng['install']['click_here_to_login'] = 'Cliquez ici pour vous rendre <20> l\'in
 $lng['install']['httpuser'] = 'Nom du utilisateur du HTTP';
 $lng['install']['httpgroup'] = 'Nom du la group du HTTP';
 
+/**
+ * ADDED IN 1.2.19-svn7
+ */
+
+$lng['install']['servername_should_be_fqdn'] = 'Le nom du serveur doit être un nom FQDN, pas une adresse IP';
+
 /**
  * Renamed in 1.2.19-svn40
  */

install/lng/german.lng.php

@@ -73,6 +73,12 @@ $lng['install']['openbasedirenabled'] = 'aktiviert. Froxlor wird mit aktiviertem
 $lng['install']['httpuser'] = 'HTTP Username';
 $lng['install']['httpgroup'] = 'HTTP Gruppenname';
 
+/**
+ * ADDED IN 1.2.19-svn7
+ */
+
+$lng['install']['servername_should_be_fqdn'] = 'Der Servername sollte eine FQDN sein und keine IP Adresse sein';
+
 /**
  * Renamed in 1.2.19-svn40
  */

install/updates/froxlor/0.9/update_0.9.inc.php

@@ -1642,7 +1642,7 @@ if(isFroxlorVersion('0.9.22-svn1'))
 
 	/* fix backup_dir for #186 */
 	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/var/customers/backups/' WHERE `varname` = 'backup_dir';");
-	
+
 	updateToVersion('0.9.22-svn2');
 }
 
@@ -1650,7 +1650,7 @@ if(isFroxlorVersion('0.9.22-svn2'))
 {
 	showUpdateStep("Updating from 0.9.22-svn2 to 0.9.22-rc1");
 	lastStepStatus(0);
-	
+
 	updateToVersion('0.9.22-rc1');
 }
 
@@ -1658,7 +1658,7 @@ if(isFroxlorVersion('0.9.22-rc1'))
 {
 	showUpdateStep("Updating from 0.9.22-rc1 to 0.9.22");
 	lastStepStatus(0);
-	
+
 	updateToVersion('0.9.22');
 }
 
@@ -1729,10 +1729,10 @@ if(isFroxlorVersion('0.9.25'))
 {
 	showUpdateStep("Updating from 0.9.25 to 0.9.26-svn1");
 	lastStepStatus(0);
-	
+
 	// enable bind by default
 	$db->query("INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('system', 'bind_enable', '1')");
-	
+
 	updateToVersion('0.9.26-svn1');
 }
 
@@ -1756,24 +1756,24 @@ if(isFroxlorVersion('0.9.26'))
 {
 	showUpdateStep("Updating from 0.9.26 to 0.9.27-svn1");
 	lastStepStatus(0);
-  
+
 	// check for multiple backup_ftp_enabled entries
 	$handle = $db->query("SELECT `value` FROM `panel_settings` WHERE `varname` = 'backup_ftp_enabled';");
-	
+
 	// if there are more than one entry try to fix it
 	if ($db->num_rows($handle) > 1) {
 		$rows = $db->fetch_array($handle);
 		$state = false;
-		
+
 		// iterate through all found entries
 		// and try to guess what value it should be
 		foreach ($rows as $row) {
 			$state = $state | $row['value'];
 		}
-		
+
 		// now delete all entries
 		$db->query("DELETE FROM `panel_settings` WHERE `varname` = 'backup_ftp_enabled';");
-		
+
 		// and re-add it
 		$db->query("INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('system', 'backup_ftp_enabled', '". $state ."');");
 	}
@@ -1785,18 +1785,18 @@ if(isFroxlorVersion('0.9.27-svn1'))
 {
 	showUpdateStep("Updating from 0.9.27-svn1 to 0.9.27-svn2");
 	lastStepStatus(0);
-	
+
 	// Get FastCGI timeout setting if available
 	$handle = $db->query("SELECT `value` FROM `panel_settings` WHERE `settinggroup` = 'system' AND `varname` = 'mod_fcgid_idle_timeout';");
-	
+
 	// If timeout is set then skip
 	if ($db->num_rows($handle) < 1) {
 		$db->query("INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('system', 'mod_fcgid_idle_timeout', '30');");
 	}
-		
+
 	// Get FastCGI timeout setting if available
 	$handle = $db->query("SELECT `value` FROM `panel_settings` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'idle_timeout';");
-	
+
 	// If timeout is set then skip
 	if ($db->num_rows($handle) < 1) {
 		$db->query("INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('phpfpm', 'idle_timeout', '30');");
@@ -1821,3 +1821,206 @@ if(isFroxlorVersion('0.9.27-rc1'))
 	updateToVersion('0.9.27');
 }
 
+if(isFroxlorVersion('0.9.27')) {
+	showUpdateStep("Updating from 0.9.27 to 0.9.28-svn1");
+	lastStepStatus(0);
+
+	// Get AliasconfigDir setting if available
+	$handle = $db->query("SELECT `value` FROM `panel_settings` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'aliasconfigdir';");
+
+	// If AliasconfigDir is set then skip
+	if ($db->num_rows($handle) < 1) {
+		$db->query("INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('phpfpm', 'aliasconfigdir', '/var/www/php-fpm/');");
+	}
+    
+ 	updateToVersion('0.9.28-svn1');
+}
+
+if(isFroxlorVersion('0.9.28-svn1')) {
+	showUpdateStep("Updating from 0.9.28-svn1 to 0.9.28-svn2");
+	lastStepStatus(0);
+
+	// Insert ISO-Codes into database. Default value is foo, which is not a valid language code.
+	$db->query("ALTER TABLE  `panel_languages` ADD  `iso` CHAR( 3 ) NOT NULL DEFAULT  'foo' AFTER  `language`");
+
+	$handle = $db->query("SELECT `language` FROM `panel_languages` WHERE `iso`='foo'");
+    
+	$langauges = $db->fetch_array($handle);
+	foreach($languages as $language){    
+		switch ($language) {
+			case "Deutsch":
+				$db->query("UPDATE `panel_languages` SET `iso`='de' WHERE `language` = 'Deutsch'");
+				break;
+			case "English":
+				$db->query("UPDATE `panel_languages` SET `iso`='en' WHERE `language` = 'English'");
+				break;
+			case "Fran&ccedil;ais":
+				$db->query("UPDATE `panel_languages` SET `iso`='fr' WHERE `language` = 'Fran&ccedil;ais'");
+				break;
+			case "Chinese":
+				$db->query("UPDATE `panel_languages` SET `iso`='zh' WHERE `language` = 'Chinese'");
+				break;
+			case "Catalan":
+				$db->query("UPDATE `panel_languages` SET `iso`='ca' WHERE `language` = 'Catalan'");
+				break;
+			case "Espa&ntilde;ol":
+				$db->query("UPDATE `panel_languages` SET `iso`='es' WHERE `language` = 'Espa&ntilde;ol'");
+				break;
+			case "Portugu&ecirc;s":
+				$db->query("UPDATE `panel_languages` SET `iso`='pt' WHERE `language` = 'Portugu&ecirc;s'");
+				break;
+			case "Danish":
+				$db->query("UPDATE `panel_languages` SET `iso`='da' WHERE `language` = 'Danish'");
+				break;
+			case "Italian":
+				$db->query("UPDATE `panel_languages` SET `iso`='it' WHERE `language` = 'Italian'");
+				break;
+			case "Bulgarian":
+				$db->query("UPDATE `panel_languages` SET `iso`='bg' WHERE `language` = 'Bulgarian'");
+				break;
+			case "Slovak":
+				$db->query("UPDATE `panel_languages` SET `iso`='sk' WHERE `language` = 'Slovak'");
+				break;
+			case "Dutch":
+				$db->query("UPDATE `panel_languages` SET `iso`='nl' WHERE `language` = 'Dutch'");
+				break;
+			case "Russian":
+				$db->query("UPDATE `panel_languages` SET `iso`='ru' WHERE `language` = 'Russian'");
+				break;
+			case "Hungarian":
+				$db->query("UPDATE `panel_languages` SET `iso`='hu' WHERE `language` = 'Hungarian'");
+				break;
+			case "Swedish":
+				$db->query("UPDATE `panel_languages` SET `iso`='sv' WHERE `language` = 'Swedish'");
+				break;
+			case "Czech":
+				$db->query("UPDATE `panel_languages` SET `iso`='cz' WHERE `language` = 'Czech'");
+				break;
+			case "Polski":
+				$db->query("UPDATE `panel_languages` SET `iso`='pl' WHERE `language` = 'Polski'");
+				break;
+			default:
+				showUpdateStep("Sorry, but I don't know the ISO-639 language code for ".$language.". Please update the entry in `panel_languages` manually.\n");
+		}
+	}
+
+	updateToVersion('0.9.28-svn2');
+}
+
+if(isFroxlorVersion('0.9.28-svn2')) {
+	showUpdateStep("Updating from 0.9.28-svn2 to 0.9.28-svn3");
+	lastStepStatus(0);
+	
+	// change lenght of passwd column
+	$db->query("ALTER TABLE `" . TABLE_FTP_USERS . "` MODIFY `password` varchar(128) NOT NULL default ''");
+	
+	// Add default setting for vmail_maildirname if not already in place
+	$handle = $db->query("SELECT `value` FROM `panel_settings` WHERE `settinggroup` = 'system' AND `varname` = 'vmail_maildirname';");
+	if ($db->num_rows($handle) < 1) {
+		showUpdateStep("Adding default Maildir value into Mailserver settings.");
+		$db->query("INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('system', 'vmail_maildirname', 'Maildir');");
+	}
+
+	updateToVersion('0.9.28-svn3');
+}
+
+if(isFroxlorVersion('0.9.28-svn3'))
+{
+	showUpdateStep("Updating from 0.9.28-svn3 to 0.9.28-svn4", true);
+	lastStepStatus(0);
+
+	if (isset($_POST['classic_theme_replacement']) && $_POST['classic_theme_replacement'] != '')
+	{
+		$classic_theme_replacement = $_POST['classic_theme_replacement'];
+	}
+	else
+	{
+		$classic_theme_replacement = 'Froxlor';
+	}
+	showUpdateStep('Setting replacement for the discontinued and removed Classic theme (if active)', true);
+
+	// Updating default theme setting
+	if ($settings['panel']['default_theme'] == 'Classic')
+	{
+		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '".$db->escape($classic_theme_replacement)."' WHERE varname = 'default_theme';");
+	}
+
+	// Updating admin's theme setting
+	$db->query('UPDATE `' . TABLE_PANEL_ADMINS . '` SET `theme` = \'' . $db->escape($classic_theme_replacement) . '\' WHERE `theme` = \'Classic\'');
+
+	// Updating customer's theme setting
+	$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `theme` = \'' . $db->escape($classic_theme_replacement) . '\' WHERE `theme` = \'Classic\'');
+
+	// Updating theme setting of active sessions
+	$db->query('UPDATE `' . TABLE_PANEL_SESSIONS . '` SET `theme` = \'' . $db->escape($classic_theme_replacement) . '\' WHERE `theme` = \'Classic\'');
+
+	lastStepStatus(0);
+
+	showUpdateStep('Altering Froxlor database and tables to use UTF-8. This may take a while..', true);
+
+	$db->query('ALTER DATABASE ' . $db->getDbName() . ' CHARACTER SET utf8 COLLATE utf8_general_ci');
+
+	$handle = $db->query('SHOW TABLES');
+	while ($row = $db->fetch_array($handle))
+	{
+		foreach ($row as $table)
+		{
+			$db->query('ALTER TABLE ' . $table . ' CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;');
+		}
+	}
+
+	lastStepStatus(0);
+
+	updateToVersion('0.9.28-svn4');
+}
+
+if(isFroxlorVersion('0.9.28-svn4')) {
+	showUpdateStep("Updating from 0.9.28-svn4 to 0.9.28-svn5");
+
+	// Catchall functionality (enabled by default) see #1114
+	$db->query("INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('catchall', 'catchall_enabled', '1');");
+
+	lastStepStatus(0);
+
+	updateToVersion('0.9.28-svn5');
+}
+
+if(isFroxlorVersion('0.9.28-svn5')) {
+	showUpdateStep("Updating from 0.9.28-svn5 to 0.9.28-svn6", true);
+	lastStepStatus(0);
+
+	$update_system_apache24 = isset($_POST['update_system_apache24']) ? (int)$_POST['update_system_apache24'] : '0';
+	showUpdateStep('Setting value for apache-2.4 modification', true);
+	// support for Apache-2.4
+	$db->query("INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('system', 'apache24', '".$update_system_apache24."');");
+	lastStepStatus(0);
+
+	showUpdateStep("Inserting new tickets-see-all field to panel_admins", true);
+	$db->query("ALTER TABLE `panel_admins` ADD `tickets_see_all` tinyint(1) NOT NULL default '0' AFTER `tickets_used`");
+	lastStepStatus(0);
+
+	showUpdateStep("Updating main admin entry", true);
+	$db->query("UPDATE `panel_admins` SET `tickets_see_all` = '1' WHERE `adminid` = '".$userinfo['adminid']."';");
+	lastStepStatus(0);
+
+	showUpdateStep("Inserting new panel webfont-settings (default: off)", true);
+	$db->query("INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('panel', 'use_webfonts', '0');");
+	$db->query("INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('panel', 'webfont', 'Numans');");
+	lastStepStatus(0);
+
+	showUpdateStep("Inserting settings for nginx fastcgi-params file", true);
+	$fastcgiparams = '/etc/nginx/fastcgi_params';
+	if (isset($_POST['nginx_fastcgi_params']) && $_POST['nginx_fastcgi_params'] != '') {
+		$fastcgiparams = makeCorrectDir($_POST['nginx_fastcgi_params']);
+	}
+	$db->query("INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('nginx', 'fastcgiparams', '".$db->escape($fastcgiparams)."')");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.28-svn6');
+}
+
+if (isFroxlorVersion('0.9.28-svn6')) {
+	showUpdateStep("Updating from 0.9.28-svn6 to 0.9.28 release candidate 1");
+	lastStepStatus(0);
+	updateToVersion('0.9.28-rc1');
+}

install/updates/froxlor/0.9/update_1.0.inc.php

@@ -1,60 +0,0 @@
-<?php
-
-/*
-if(isFroxlorVersion('0.9'))
-{
-	showUpdateStep("Updating from 0.9 to 1.0", false);
-	showUpdateStep("Converting database tables to UTF-8");
-
-	// Convert all data to UTF-8 to have a sane standard across all data
-	$result = $db->query("SHOW TABLES");
-	while($table = $db->fetch_array($result, 'num'))
-	{
-		$db->query("ALTER TABLE " . $table[0] . " CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;");
-		$db->query("ALTER TABLE " . $table[0] . " DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci");
-
-		$affected_columns = array();
-
-		$primarykey = "";
-		$columns = $db->query("SHOW COLUMNS FROM ".$table[0]);
-		while ($column = $db->fetch_array($columns))
-		{
-			if (!(strpos($column['Type'], "char") === false) || !(strpos($column['Type'], "text") === false))
-			{
-				$affected_columns[] = $column['Field'];
-			}
-
-			if ($column['Key'] == 'PRI') {
-				$primarykey = $column['Field'];
-			}
-		}
-
-		$count_cols = count($affected_columns);
-		if ($count_cols > 0)
-		{
-			$load = "";
-			foreach($affected_columns as $col)
-			{
-				$load .= ", `" . $col . "`";
-			}
-
-			$rows = $db->query("SELECT $primarykey" . $load . " FROM `" . $table[0] . "`");
-			while ($row = $db->fetch_array($rows))
-			{
-				$changes = "";
-				for ($i = 0; $i < $count_cols; $i++)
-				{
-					$base = "`" . $affected_columns[$i] . "` = '" . convertUtf8($row[$affected_columns[$i]]) . "'";
-					$changes .= ($i == ($count_cols-1)) ? $base : $base . ", ";
-				}
-
-				$db->query("UPDATE `" . $table[0] . "` SET " . $changes . " WHERE `$primarykey` = '" . $db->escape($row[$primarykey]) . "';");
-			}
-		}
-	}
-	
-	lastStepStatus(0);
-}
-*/
-
-?>

install/updates/preconfig/0.9/preconfig_0.9.inc.php

@@ -26,7 +26,7 @@
  */
 function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 {
-	global $settings, $lng, $db;
+	global $settings, $lng, $db, $theme;
 
 	if(versionInUpdate($current_version, '0.9.4-svn2'))
 	{
@@ -417,16 +417,58 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 	}
 
 	if(versionInUpdate($current_version, '0.9.18-svn2'))
-	{       
+	{
 		$has_preconfig = true;
 		$description = 'As you can (obviously) see, Froxlor now comes with a new theme. You also have the possibility to switch back to "Classic" if you want to.'; 
 		$question = '<strong>Select default panel theme:</strong>&nbsp;';
 		$question.= '<select name="update_default_theme">';
 		$themes = getThemes();
-		foreach($themes as $theme) {
-			$question.= makeoption($theme, $theme, 'Froxlor');
+		foreach($themes as $cur_theme) // $theme is already in use
+		{
+			$question.= makeoption($cur_theme, $cur_theme, 'Froxlor');
 		}
 		$question.= '</select>';
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}
+
+	if(versionInUpdate($current_version, '0.9.28-svn4'))
+	{
+		$has_preconfig = true;
+		$description = 'This version introduces a lot of profound changes:';
+		$description .= '<br /><ul><li>Improving the whole template system</li><li>Full UTF-8 support</li><li><strong>Removing support for the former default theme \'Classic\'</strong></li></ul>';
+		$description .= '<br /><br />Notice: This update will <strong>alter your Froxlor database to use UTF-8</strong> as default charset. ';
+		$description .= 'Even though this is already tested, we <span style="color:#ff0000;font-weight:bold;">strongly recommend</span> to ';
+		$description .= 'test this update in a testing environment using your existing data.<br /><br />';
+
+		$question = '<strong>Select your preferred Classic Theme replacement:</strong>&nbsp;';
+		$question.= '<select name="classic_theme_replacement">';
+		$themes = getThemes();
+		foreach($themes as $cur_theme)
+		{
+			$question.= makeoption($cur_theme, $cur_theme, 'Froxlor');
+		}
+		$question.= '</select>';
+
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.28-svn6')) {
+	
+		if ($settings['system']['webserver'] == 'apache2') {
+			$has_preconfig = true;
+			$description = 'Froxlor now supports the new Apache 2.4. Please be aware that you need to load additional apache-modules in ordner to use it.<br />';
+			$description.= '<pre>LoadModule authz_core_module modules/mod_authz_core.so
+LoadModule authz_host_module modules/mod_authz_host.so</pre><br />';
+			$question = '<strong>Do you want to enable the Apache-2.4 modification?:</strong>&nbsp;';
+			$question.= makeyesno('update_system_apache24', '1', '0', '0');
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		} elseif ($settings['system']['webserver'] == 'nginx') {
+			$has_preconfig = true;
+			$description = 'The path to nginx\'s fastcgi_params file is now customizable.<br /><br />';
+			$question = '<strong>Please enter full path to you nginx/fastcgi_params file (including filename):</strong>&nbsp;';
+			$question.= '<input type="text" class="text" name="nginx_fastcgi_params" value="/etc/nginx/fastcgi_params" />';
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");			
+		}
+	}
+
 }

lib/classes/aps/class.ApsInstaller.php

@@ -393,36 +393,28 @@ class ApsInstaller extends ApsParser
 		//check for special PHP permissions
 		//must be done with xpath otherwise check not possible (XML parser problem with attributes)
 
-		if($ParentMapping && $ParentMapping !== null)
-		{
+		if ($ParentMapping && $ParentMapping !== null) {
+
 			$ParentMapping->registerXPathNamespace('p', 'http://apstandard.com/ns/1/php');
 			$Result = $ParentMapping->xpath('p:permissions');
-	
-			if($Result[0]['writable'] == 'true')
-			{
-				//fixing file permissions to writeable
-	
-				if(is_dir($Path))
-				{
-					chmod($Path, 0775);
+
+			if (is_array($Result) && isset($Result[0]) && is_array($Result[0])) {
+				if	(isset($Result[0]['writable']) && $Result[0]['writable'] == 'true') {
+					// fixing file permissions to writeable
+					if (is_dir($Path)) {
+						chmod($Path, 0775);
+					} else {
+						chmod($Path, 0664);
+					}
 				}
-				else
-				{
-					chmod($Path, 0664);
-				}
-			}
-	
-			if($Result[0]['readable'] == 'false')
-			{
-				//fixing file permissions to non readable
-	
-				if(is_dir($Path))
-				{
-					chmod($Path, 0333);
-				}
-				else
-				{
-					chmod($Path, 0222);
+
+				if (isset($Result[0]['readable']) && $Result[0]['readable'] == 'false') {
+					//fixing file permissions to non readable	
+					if (is_dir($Path)) {
+						chmod($Path, 0333);
+					} else {
+						chmod($Path, 0222);
+					}
 				}
 			}
 		}

lib/classes/aps/class.ApsParser.php

@@ -62,7 +62,7 @@ class ApsParser
 
 	private function ManageInstances()
 	{
-		global $lng, $filename, $s, $page, $action;
+		global $lng, $filename, $s, $page, $action, $theme;
 		$Question = false;
 
 		//dont do anything if there is no instance
@@ -170,7 +170,7 @@ class ApsParser
 		//create table with contents based on instance status
 		if($Question != true)
 		{
-			global $settings;
+			global $settings, $theme;
 			$Instances = '';
 
 			if((int)$this->userinfo['customers_see_all'] == 1)
@@ -317,7 +317,7 @@ class ApsParser
 
 	private function ManagePackages()
 	{
-		global $lng, $filename, $s, $page, $action;
+		global $lng, $filename, $s, $page, $action, $theme;
 		$Question = false;
 
 		if(isset($_POST['save']))
@@ -611,7 +611,7 @@ class ApsParser
 
 	private function UploadNewPackages()
 	{
-		global $lng, $filename, $s, $page, $action;
+		global $lng, $filename, $s, $page, $action, $theme;
 
 		//define how many files can be uploaded at once
 
@@ -724,7 +724,7 @@ class ApsParser
 
 	private function SearchPackages()
 	{
-		global $lng, $filename, $s, $page, $action;
+		global $lng, $filename, $s, $page, $action, $theme;
 		$Error = 0;
 		$Ids = array();
 		$ShowAll = 0;
@@ -852,7 +852,7 @@ class ApsParser
 
 	private function CustomerStatus($CustomerId)
 	{
-		global $lng, $filename, $s, $page, $action;
+		global $lng, $filename, $s, $page, $action, $theme;
 		$Data = '';
 		$Fieldname = '';
 		$Fieldvalue = '';
@@ -877,7 +877,7 @@ class ApsParser
 			//skip if parse of xml has failed
 
 			if($Xml == false)continue;
-			$Icon = './images/Classic/default.png';
+			$Icon = 'templates/'.$theme.'/assets/img/default.png';
 
 			$this->aps_version = isset($Xml->attributes()->version) ? (string)$Xml->attributes()->version : '1.0';
 
@@ -1033,7 +1033,7 @@ class ApsParser
 
 	private function CreatePackageInstance($PackageId, $CustomerId)
 	{
-		global $lng;
+		global $lng, $theme;
 
 		if(!self::IsValidPackageId($PackageId, true))return false;
 
@@ -1141,7 +1141,7 @@ class ApsParser
 
 	private function CheckException($Category, $Item, $Value)
 	{
-		global $settings;
+		global $settings, $theme;
 
 		//search for element within system settings
 
@@ -1164,7 +1164,7 @@ class ApsParser
 
 	private function CheckSubmappings($ParentMapping, $Url)
 	{
-		global $lng;
+		global $lng, $theme;
 		$Error = array();
 
 		//check for special PHP handler extensions
@@ -1243,7 +1243,7 @@ class ApsParser
 
 	private function InstallNewPackage($Filename)
 	{
-		global $lng, $userinfo;
+		global $lng, $userinfo, $theme;
 
 		if(file_exists($Filename)
 		   && $Xml = self::GetXmlFromZip($Filename))
@@ -1726,7 +1726,7 @@ class ApsParser
 
 	public function MainHandler($Action)
 	{
-		global $lng, $filename, $s, $page, $action, $Id, $userinfo;
+		global $lng, $filename, $s, $page, $action, $Id, $userinfo, $theme;
 
 		//check for basic functions, classes and permissions
 
@@ -2810,7 +2810,7 @@ class ApsParser
 
 	private function ShowPackageInstaller($PackageId, $WrongData, $CustomerId)
 	{
-		global $lng, $filename, $s, $page, $action;
+		global $lng, $filename, $s, $page, $action, $theme;
 		$Data = '';
 		$Fieldname = '';
 		$Fieldvalue = '';
@@ -2838,7 +2838,7 @@ class ApsParser
 
 		//icon for package
 
-		$Icon = './images/Classic/default.png';
+		$Icon = 'templates/'.$theme.'/img/default.png';
 		
 		if($this->aps_version != '1.0')
 		{
@@ -3187,7 +3187,7 @@ class ApsParser
 				{
 					$Temp.= '<textarea name="text" rows="10" cols="55">';
 					$FileContent = file_get_contents('./packages/' . $Row['Path'] . '/license.txt');
-					$Temp.= htmlentities($FileContent, ENT_QUOTES, 'ISO-8859-1');
+					$Temp.= htmlentities($FileContent, ENT_QUOTES, 'UTF-8');
 					$Temp.= '</textarea>';
 					$Groupname = $lng['aps']['license'];
 					$Fieldname = $lng['aps']['license'];
@@ -3231,7 +3231,7 @@ class ApsParser
 
 	private function ShowPackageInfo($PackageId, $All = false)
 	{
-		global $lng, $filename, $s, $page, $action, $userinfo;
+		global $lng, $filename, $s, $page, $action, $userinfo, $theme;
 		$Data = '';
 		$Fieldname = '';
 		$Fieldvalue = '';
@@ -3245,7 +3245,7 @@ class ApsParser
 		//return if parse of xml file has failed
 
 		if($Xml == false)return false;
-		$Icon = './images/Classic/default.png';
+		$Icon = 'templates/'.$theme.'/img/default.png';
 
 		$this->aps_version = isset($Xml->attributes()->version) ? (string)$Xml->attributes()->version : '1.0';
 
@@ -3378,7 +3378,7 @@ class ApsParser
 					if($license->text->name)$Temp = $license->text->name . '<br/>';
 					$Temp.= '<form name="license" action="#"><textarea name="text" rows="10" cols="70">';
 					$FileContent = file_get_contents('./packages/' . $Row['Path'] . '/license.txt');
-					$Temp.= htmlentities($FileContent, ENT_QUOTES, 'ISO-8859-1');
+					$Temp.= htmlentities($FileContent, ENT_QUOTES, 'UTF-8');
 					$Temp.= '</textarea></form>';
 					$Fieldname = $lng['aps']['license'];
 					$Fieldvalue = $Temp;
@@ -3460,7 +3460,7 @@ class ApsParser
 	 */
 	private function InfoBox($Message, $Type = 0)
 	{
-		global $lng, $filename, $s, $page, $action;
+		global $lng, $filename, $s, $page, $action, $theme;
 		//shows a box with informations
 		eval("echo \"" . getTemplate("aps/infobox") . "\";");
 	}

lib/classes/database/class.db.php

@@ -106,7 +106,7 @@ class db
 
 		if(!$this->link_id)
 		{
-			//try to connect with no password an change it afterwards. only for root user
+			//try to connect with no password and change it afterwards. only for root user
 
 			if($this->user == 'root')
 			{
@@ -134,11 +134,8 @@ class db
 				$this->showerror('Trying to use database ' . $this->database . ' failed, exiting');
 			}
 		}
-		/*
-		 * this is not for 0.9.x
-		 */
-		//mysql_query("SET NAMES utf8", $this->link_id);
-		//mysql_query("SET CHARACTER SET utf8", $this->link_id);
+
+		mysql_set_charset('utf8', $this->link_id);
 	}
 
 	/**
@@ -189,7 +186,7 @@ class db
 	function query($query_str, $unbuffered = false, $suppress_error = false)
 	{
 
-		global $numbqueries;
+		global $numbqueries, $theme;
 
 		if (!mysql_ping($this->link_id))
 		{
@@ -349,7 +346,7 @@ class db
 
 	function showerror($errormsg, $mysqlActive = true)
 	{
-		global $filename;
+		global $filename, $theme;
 
 		$text = 'MySQL - Error: ' . str_replace("\n", "\t", $errormsg);
 		if($mysqlActive)

lib/classes/idna/class.idna_convert_wrapper.php

@@ -124,7 +124,7 @@ class idna_convert_wrapper
 
 			if(strlen($domain) !== 0)
 			{
-				$domain = utf8_decode($this->idna_converter->$action(utf8_encode($domain . '.none')));
+				$domain = $this->idna_converter->$action($domain . '.none');
 				$domain = substr($domain, 0, strlen($domain) - 5);
 			}
 

lib/classes/output/class.htmlform.php

@@ -26,7 +26,7 @@ class htmlform
 
 	public static function genHTMLForm($data = array())
 	{
-		global $lng;
+		global $lng, $theme;
 		$nob = false;
 
 		self::$_form = '';

lib/classes/output/class.paging.php

@@ -421,6 +421,8 @@ class paging
 
 	function getHtmlArrowCode($baseurl, $field = '')
 	{
+		global $theme;
+
 		if($field != ''
 		   && isset($this->fields[$field]))
 		{

lib/classes/phpinterface/class.phpinterface_fpm.php

@@ -93,7 +93,14 @@ class phpinterface_fpm
 
 			$fpm_config.= 'pm = '.$fpm_pm."\n";
 			$fpm_config.= 'pm.max_children = '.$fpm_children."\n";
-			if($fpm_pm == 'dynamic') {
+			if($fpm_pm == 'dynamic' || $fpm_pm == 'ondemand') {
+				// failsafe, refs #955
+				if ($fpm_start_servers < $fpm_min_spare_servers) {
+					$fpm_start_servers = $fpm_min_spare_servers;
+				}
+				if ($fpm_start_servers > $fpm_max_spare_servers) {
+					$fpm_start_servers = $fpm_start_servers - (($fpm_start_servers - $fpm_max_spare_servers) + 1);
+				}
 				$fpm_config.= 'pm.start_servers = '.$fpm_start_servers."\n";
 				$fpm_config.= 'pm.min_spare_servers = '.$fpm_min_spare_servers."\n";
 				$fpm_config.= 'pm.max_spare_servers = '.$fpm_max_spare_servers."\n";
@@ -125,13 +132,13 @@ class phpinterface_fpm
 					{
 						$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
 					}
-		
+
 					$_custom_openbasedir = explode(':', $this->_settings['system']['phpappendopenbasedir']);
 					foreach($_custom_openbasedir as $cobd)
 					{
 						$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
 					}
-		
+
 					if($this->_domain['openbasedir_path'] == '0' && strstr($this->_domain['documentroot'], ":") === false)
 					{
 						$openbasedir = appendOpenBasedirPath($this->_domain['documentroot'], true);
@@ -140,10 +147,10 @@ class phpinterface_fpm
 					{
 						$openbasedir = appendOpenBasedirPath($this->_domain['customerroot'], true);
 					}
-		
+
 					$openbasedir .= appendOpenBasedirPath($this->getTempDir());
 					$openbasedir .= $_phpappendopenbasedir;
-		
+
 					$openbasedir = explode(':', $openbasedir);
 					$clean_openbasedir = array();
 					foreach($openbasedir as $number => $path)
@@ -229,7 +236,31 @@ class phpinterface_fpm
 			safe_exec('chown -R ' . $this->_domain['guid'] . ':' . $this->_domain['guid'] . ' ' . escapeshellarg($tmpdir));
 			safe_exec('chmod 0750 ' . escapeshellarg($tmpdir));
 		}
-		
+
 		return $tmpdir;
 	}
+
+  /**
+ 	 * fastcgi-fakedirectory directory
+ 	 *
+ 	 * @param boolean $createifnotexists create the directory if it does not exist
+ 	 *
+ 	 * @return string the directory
+ 	 */
+ 	public function getAliasConfigDir($createifnotexists = true)
+ 	{
+    // ensure default...
+    if (!isset($this->_settings['phpfpm']['aliasconfigdir'])) {
+      $this->_settings['phpfpm']['aliasconfigdir'] = '/var/www/php-fpm';
+    }
+
+ 		$configdir = makeCorrectDir($this->_settings['phpfpm']['aliasconfigdir'] . '/' . $this->_domain['loginname'] . '/' . $this->_domain['domain'] . '/');
+ 		if(!is_dir($configdir) && $createifnotexists)
+ 		{
+ 			safe_exec('mkdir -p ' . escapeshellarg($configdir));
+ 			safe_exec('chown ' . $this->_domain['guid'] . ':' . $this->_domain['guid'] . ' ' . escapeshellarg($configdir));
+ 		}
+
+ 		return $configdir;
+ 	}
 }

lib/classes/phpmailer/class.PHPMailer.php

@@ -2317,4 +2317,4 @@ class phpmailerException extends Exception {
     return $errorMsg;
   }
 }
-?>
+?>

lib/classes/ticket/class.ticket.php

@@ -89,7 +89,7 @@ class ticket
 		// initialize purifier
 		require_once dirname(dirname(__FILE__)).'/htmlpurifier/library/HTMLPurifier.auto.php';
 		$config = HTMLPurifier_Config::createDefault();
-		$config->set('Core.Encoding', 'ISO-8859-1'); // for now
+		$config->set('Core.Encoding', 'UTF-8'); //htmlpurifier uses utf-8 anyway as default
 		$config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
 		$this->_purifier = new HTMLPurifier($config);
 
@@ -260,7 +260,7 @@ class ticket
 
 	public function sendMail($customerid = - 1, $template_subject = null, $default_subject = null, $template_body = null, $default_body = null)
 	{
-		global $mail;
+		global $mail, $theme;
 
 		// Some checks are to be made here in the future
 
@@ -449,9 +449,13 @@ class ticket
 	 * 
 	 * @return int highest order number
 	 */
-	static public function getHighestOrderNumber($_db = null)
+	static public function getHighestOrderNumber($_db = null, $_uid = 0)
 	{
-		$sql = "SELECT MAX(`logicalorder`) as `highestorder` FROM `" . TABLE_PANEL_TICKET_CATS . "`;";
+		$where = '';
+		if ($_uid > 0) {
+			$where = ' WHERE `adminid` = "'.(int)$_uid.'"';
+		}
+		$sql = "SELECT MAX(`logicalorder`) as `highestorder` FROM `" . TABLE_PANEL_TICKET_CATS . "`".$where.";";
 		$result = $_db->query_first($sql);
 		return (isset($result['highestorder']) ? (int)$result['highestorder'] : 0);
 	}
@@ -680,13 +684,13 @@ class ticket
 	private function convertLatin1ToHtml($str)
 	{
 		$html_entities = array (
-					"<EFBFBD>" =>  "&Auml;",
-					"<EFBFBD>" =>  "&auml;",
-					"<EFBFBD>" =>  "&Ouml;",
-					"<EFBFBD>" =>  "&ouml;",
-					"<EFBFBD>" =>  "&Uuml;",
-					"<EFBFBD>" =>  "&uuml;",
-					"<EFBFBD>" =>  "&szlig;"
+					"Ä" =>  "&Auml;",
+					"ä" =>  "&auml;",
+					"Ö" =>  "&Ouml;",
+					"ö" =>  "&ouml;",
+					"Ü" =>  "&Uuml;",
+					"ü" =>  "&uuml;",
+					"ß" =>  "&szlig;"
 					/*
 					 * @TODO continue this table for all the special-characters
 					 */

lib/configfiles/freebsd.inc.php

@@ -15,6 +15,23 @@
  *
  */
 
+// Try to guess user/group from settings' email UID/GID
+$vmail_user=posix_getpwuid($settings['system']['vmail_uid']);
+$vmail_group=posix_getgrgid($settings['system']['vmail_gid']);
+
+/* If one of them are not set, call it 'vmail' and suggest creating user/group
+ * in scripts. */
+if ($vmail_user === false) {
+	$vmail_username="vmail";
+} else {
+	$vmail_username=$vmail_user['name'];
+}
+if ($vmail_group === false) {
+	$vmail_groupname="vmail";
+} else {
+	$vmail_groupname=$vmail_group['name'];
+}
+
 return Array(
 	'freebsd' => Array(
 		'label' => 'FreeBSD',
@@ -89,10 +106,10 @@ return Array(
 							'make install'
 						),
 						'commands_2' => Array(
-							'pw groupadd vmail -g '.$settings['system']['vmail_gid'],
-							'pw useradd vmail -u '.$settings['system']['vmail_uid'].' -g '.$settings['system']['vmail_gid'].' -s/sbin/nologin -d/dev/null',
+							($vmail_group === false) ? 'pw groupadd ' . $vmail_groupname . ' -g '.$settings['system']['vmail_gid'] : '',
+							($vmail_user === false) ? 'pw useradd ' . $vmail_username . ' -u '.$settings['system']['vmail_uid'].' -g '.$settings['system']['vmail_gid'].' -s/sbin/nologin -d/dev/null' : '',
 							'mkdir -p ' . $settings['system']['vmail_homedir'],
-							'chown -R vmail:vmail ' . $settings['system']['vmail_homedir'],
+							'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . $settings['system']['vmail_homedir'],
 							'chmod 0750 ' . $settings['system']['vmail_homedir']
 						),
 						'commands_3' => Array(
@@ -180,7 +197,7 @@ return Array(
 						),
 						'commands_2' => Array(
 							'echo "dovecot unix - n n - - pipe
-    flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient}" >> /usr/local/etc/postfix/master.cf',
+    flags=DRhu user='.$vmail_username.':'.$vmail_groupname.' argv=/usr/local/libexec/dovecot/deliver -f ${sender} -d ${recipient}" >> /usr/local/etc/postfix/master.cf',
 							'chmod 0640 /usr/local/etc/dovecot-sql.conf'
 						),
 						'restart' => Array(
@@ -222,7 +239,7 @@ return Array(
 					'cron' => Array(
 						'label' => 'Crond (cronscript)',
 						'commands' => Array(
-							'echo "*/5 * * * *     root     /usr/local/bin/php -q '.makeCorrectDir(dirname(dirname(dirname(__FILE__)))).'scripts/froxlor_master_cronjob.php" >> /etc/crontab'
+							'echo "*/5 * * * *     root     nice -n 5	/usr/local/bin/php -q '.makeCorrectDir(dirname(dirname(dirname(__FILE__)))).'scripts/froxlor_master_cronjob.php" >> /etc/crontab'
 						),
 						'restart' => Array(
 							'/etc/rc.d/cron restart'

lib/configfiles/gentoo.inc.php

@@ -17,6 +17,23 @@
  *
  */
 
+// Try to guess user/group from settings' email UID/GID
+$vmail_user=posix_getpwuid($settings['system']['vmail_uid']);
+$vmail_group=posix_getgrgid($settings['system']['vmail_gid']);
+
+/* If one of them are not set, call it 'vmail' and suggest creating user/group
+ * in scripts. */
+if ($vmail_user === false) {
+	$vmail_username="vmail";
+} else {
+	$vmail_username=$vmail_user['name'];
+}
+if ($vmail_group === false) {
+	$vmail_groupname="vmail";
+} else {
+	$vmail_groupname=$vmail_group['name'];
+}
+
 return Array(
 	'gentoo' => Array(
 		'label' => 'Gentoo',
@@ -123,30 +140,25 @@ return Array(
 					'postfix_courier' => Array(
 						'label' => 'Postfix/Courier',
 						'commands_1' => Array(
+							($vmail_group === false) ? 'groupadd -g ' . $settings['system']['vmail_gid'] . ' ' . $vmail_groupname : '',
+							($vmail_user === false) ? 'useradd -u ' . $settings['system']['vmail_uid'] . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
 							'echo "mail-mta/postfix -dovecot-sasl sasl" >> /etc/portage/package.use',
 							'emerge -av postfix',            
 							'mkdir -p ' . $settings['system']['vmail_homedir'],
-							'chown -R vmail:vmail ' . $settings['system']['vmail_homedir'],
+							'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . $settings['system']['vmail_homedir'],
 							'chmod 0750 ' . $settings['system']['vmail_homedir'],
 							'mv /etc/postfix/main.cf /etc/postfix/main.cf.gentoo',
 							'touch /etc/postfix/main.cf',
-							'touch /etc/postfix/mysql-virtual_alias_maps.cf',
-							'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
-							'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
-							'touch /etc/postfix/mysql-virtual_sender_permissions.cf',
 							'touch /etc/sasl2/smtpd.conf',
 							'chown root:root /etc/postfix/main.cf',
-							'chown root:postfix /etc/postfix/mysql-virtual_alias_maps.cf',
-							'chown root:postfix /etc/postfix/mysql-virtual_mailbox_domains.cf',
-							'chown root:postfix /etc/postfix/mysql-virtual_mailbox_maps.cf',
-							'chown root:postfix /etc/postfix/mysql-virtual_sender_permissions.cf',
 							'chown root:root /etc/sasl2/smtpd.conf',
 							'chmod 0644 /etc/postfix/main.cf',
-							'chmod 0640 /etc/postfix/mysql-virtual_alias_maps.cf',
-							'chmod 0640 /etc/postfix/mysql-virtual_mailbox_domains.cf',
-							'chmod 0640 /etc/postfix/mysql-virtual_mailbox_maps.cf',
-							'chmod 0640 /etc/postfix/mysql-virtual_sender_permissions.cf',
 							'chmod 0600 /etc/sasl2/smtpd.conf',
+							'for suffix in {alias,mailbox,uid,gid}_maps mailbox_domains sender_permissions; do',
+							' touch /etc/postfix/mysql-virtual_${suffix}.cf',
+							' chown root:postfix /etc/postfix/mysql-virtual_${suffix}.cf',
+							' chmod 0640 /etc/postfix/mysql-virtual_${suffix}.cf',
+							'done'
 						),
 						'files' => Array(
 							'etc_postfix_main.cf' => '/etc/postfix/main.cf',
@@ -154,6 +166,8 @@ return Array(
 							'etc_postfix_mysql-virtual_mailbox_domains.cf' => '/etc/postfix/mysql-virtual_mailbox_domains.cf',
 							'etc_postfix_mysql-virtual_mailbox_maps.cf' => '/etc/postfix/mysql-virtual_mailbox_maps.cf',
 							'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf',
+							'etc_postfix_mysql-virtual_uid_maps.cf' => '/etc/postfix/mysql-virtual_uid_maps.cf',
+							'etc_postfix_mysql-virtual_gid_maps.cf' => '/etc/postfix/mysql-virtual_gid_maps.cf',
 							'etc_sasl2_smtpd.conf' => '/etc/sasl2/smtpd.conf'
 						),
 						'commands_2' => Array(
@@ -166,30 +180,22 @@ return Array(
 					'postfix_dovecot' => Array(
 						'label' => 'Postfix/Dovecot',
 						'commands_1' => Array(
+							($vmail_group === false) ? 'groupadd -g ' . $settings['system']['vmail_gid'] . ' ' . $vmail_groupname : '',
+							($vmail_user === false) ? 'useradd -u ' . $settings['system']['vmail_uid'] . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
 							'echo "mail-mta/postfix dovecot-sasl -sasl" >> /etc/portage/package.use',
               				'emerge -av postfix',
 							'mkdir -p ' . $settings['system']['vmail_homedir'],
-							'chown -R vmail:vmail ' . $settings['system']['vmail_homedir'],
+							'chown -R '.$vmail_user['name'].':'.$vmail_group['name'].' ' . $settings['system']['vmail_homedir'],
 							'chmod 0750 ' . $settings['system']['vmail_homedir'],
 							'mv /etc/postfix/main.cf /etc/postfix/main.cf.gentoo',
-							'touch /etc/postfix/main.cf',
-							'touch /etc/postfix/master.cf',
-							'touch /etc/postfix/mysql-virtual_alias_maps.cf',
-							'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
-							'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
-							'touch /etc/postfix/mysql-virtual_sender_permissions.cf',
-							'chown root:root /etc/postfix/main.cf',
-							'chown root:root /etc/postfix/master.cf',
-							'chown root:postfix /etc/postfix/mysql-virtual_alias_maps.cf',
-							'chown root:postfix /etc/postfix/mysql-virtual_mailbox_domains.cf',
-							'chown root:postfix /etc/postfix/mysql-virtual_mailbox_maps.cf',
-							'chown root:postfix /etc/postfix/mysql-virtual_sender_permissions.cf',
-							'chmod 0644 /etc/postfix/main.cf',
-							'chmod 0644 /etc/postfix/master.cf',
-							'chmod 0640 /etc/postfix/mysql-virtual_alias_maps.cf',
-							'chmod 0640 /etc/postfix/mysql-virtual_mailbox_domains.cf',
-							'chmod 0640 /etc/postfix/mysql-virtual_mailbox_maps.cf',
-							'chmod 0640 /etc/postfix/mysql-virtual_sender_permissions.cf'
+							'touch /etc/postfix/{main,master}.cf',
+							'chown root:root /etc/postfix/{main,master}.cf',
+							'chmod 0644 /etc/postfix/{main,master}.cf',
+							'for suffix in {alias,mailbox,uid,gid}_maps mailbox_domains sender_permissions; do',
+							' touch /etc/postfix/mysql-virtual_${suffix}.cf',
+							' chown root:postfix /etc/postfix/mysql-virtual_${suffix}.cf',
+							' chmod 0640 /etc/postfix/mysql-virtual_${suffix}.cf',
+							'done'
 						),
 						'files' => Array(
 							'etc_postfix_main.cf' => '/etc/postfix/main.cf',
@@ -197,7 +203,9 @@ return Array(
 							'etc_postfix_mysql-virtual_alias_maps.cf' => '/etc/postfix/mysql-virtual_alias_maps.cf',
 							'etc_postfix_mysql-virtual_mailbox_domains.cf' => '/etc/postfix/mysql-virtual_mailbox_domains.cf',
 							'etc_postfix_mysql-virtual_mailbox_maps.cf' => '/etc/postfix/mysql-virtual_mailbox_maps.cf',
-							'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf'
+							'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf',
+							'etc_postfix_mysql-virtual_uid_maps.cf' => '/etc/postfix/mysql-virtual_uid_maps.cf',
+							'etc_postfix_mysql-virtual_gid_maps.cf' => '/etc/postfix/mysql-virtual_gid_maps.cf'
 						),
 						'commands_2'  => Array(
 							'rc-update add postfix default'
@@ -295,11 +303,12 @@ milter_default_action = accept" >> /etc/postfix/main.cf',
 					'dovecot' => Array(
 						'label' => 'Dovecot 1',
 						'commands_1' => Array(
+							'echo "net-mail/dovecot mysql" >> /etc/portage/package.use',
 							'emerge -av dovecot',
-							'mv dovecot.conf dovecot.conf.gentoo',
-							'mv dovecot-sql.conf dovecot-sql.conf.gentoo',
-							'touch dovecot.conf',
-							'touch dovecot-sql.conf',
+							'mv /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.gentoo',
+							'mv /etc/dovecot/dovecot-sql.conf /etc/dovecot/dovecot-sql.conf.gentoo',
+							'touch /etc/dovecot/dovecot.conf',
+							'touch /etc/dovecot/dovecot-sql.conf',
 						),
 						'files' => Array(
 							'etc_dovecot_dovecot.conf' => '/etc/dovecot/dovecot.conf',
@@ -316,11 +325,12 @@ milter_default_action = accept" >> /etc/postfix/main.cf',
 					'dovecot2' => Array(
 						'label' => 'Dovecot 2',
 						'commands_1' => Array(
+							'echo "net-mail/dovecot mysql" >> /etc/portage/package.use',
 							'emerge -av dovecot',
-							'mv dovecot.conf dovecot.conf.gentoo',
-							'mv dovecot-sql.conf dovecot-sql.conf.gentoo',
-							'touch dovecot.conf',
-							'touch dovecot-sql.conf',
+							'mv /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.gentoo',
+							'mv /etc/dovecot/dovecot-sql.conf /etc/dovecot/dovecot-sql.conf.gentoo',
+							'touch /etc/dovecot/dovecot.conf',
+							'touch /etc/dovecot/dovecot-sql.conf',
 						),
 						'files' => Array(
 							'etc_dovecot_dovecot.conf' => '/etc/dovecot/dovecot.conf',

lib/configfiles/hardy.inc.php

@@ -17,6 +17,23 @@
  *
  */
 
+// Try to guess user/group from settings' email UID/GID
+$vmail_user=posix_getpwuid($settings['system']['vmail_uid']);
+$vmail_group=posix_getgrgid($settings['system']['vmail_gid']);
+
+/* If one of them are not set, call it 'vmail' and suggest creating user/group
+ * in scripts. */
+if ($vmail_user === false) {
+	$vmail_username="vmail";
+} else {
+	$vmail_username=$vmail_user['name'];
+}
+if ($vmail_group === false) {
+	$vmail_groupname="vmail";
+} else {
+	$vmail_groupname=$vmail_group['name'];
+}
+
 return Array(
 	'ubuntu_hardy' => Array(
 		'label' => 'Ubuntu 8.04 (Hardy)',
@@ -127,13 +144,13 @@ return Array(
 					'postfix_courier' => Array(
 						'label' => 'Postfix/Courier',
 						'commands' => Array(
+							($vmail_group === false) ? 'groupadd -g ' . $settings['system']['vmail_gid'] . ' ' . $vmail_groupname : '',
+							($vmail_user === false) ? 'useradd -u ' . $settings['system']['vmail_uid'] . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
+							'mkdir -p ' . $settings['system']['vmail_homedir'],
+							'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . $settings['system']['vmail_homedir'],
 							'apt-get install postfix postfix-mysql libsasl2-2 libsasl2-modules libsasl2-modules-sql',
 							'mkdir -p /var/spool/postfix/etc/pam.d',
 							'mkdir -p /var/spool/postfix/var/run/mysqld',
-							'groupadd -g ' . $settings['system']['vmail_gid'] . ' vmail',
-							'useradd -u ' . $settings['system']['vmail_uid'] . ' -g vmail vmail',
-							'mkdir -p ' . $settings['system']['vmail_homedir'],
-							'chown -R vmail:vmail ' . $settings['system']['vmail_homedir'],
 							'touch /etc/postfix/mysql-virtual_alias_maps.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
@@ -188,13 +205,13 @@ return Array(
 					'postfix_dovecot' => Array(
 						'label' => 'Postfix/Dovecot',
 						'commands' => Array(
+							($vmail_group === false) ? 'groupadd -g ' . $settings['system']['vmail_gid'] . ' ' . $vmail_groupname : '',
+							($vmail_user === false) ? 'useradd -u ' . $settings['system']['vmail_uid'] . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
+							'mkdir -p ' . $settings['system']['vmail_homedir'],
+							'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . $settings['system']['vmail_homedir'],
 							'apt-get install postfix postfix-mysql',
 							'mkdir -p /var/spool/postfix/etc/pam.d',
 							'mkdir -p /var/spool/postfix/var/run/mysqld',
-							'groupadd -g ' . $settings['system']['vmail_gid'] . ' vmail',
-							'useradd -u ' . $settings['system']['vmail_uid'] . ' -g vmail vmail',
-							'mkdir -p ' . $settings['system']['vmail_homedir'],
-							'chown -R vmail:vmail ' . $settings['system']['vmail_homedir'],
 							'touch /etc/postfix/mysql-virtual_alias_maps.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',

lib/configfiles/lucid.inc.php

@@ -17,6 +17,23 @@
  * 
  */
 
+// Try to guess user/group from settings' email UID/GID
+$vmail_user=posix_getpwuid($settings['system']['vmail_uid']);
+$vmail_group=posix_getgrgid($settings['system']['vmail_gid']);
+
+/* If one of them are not set, call it 'vmail' and suggest creating user/group
+ * in scripts. */
+if ($vmail_user === false) {
+	$vmail_username="vmail";
+} else {
+	$vmail_username=$vmail_user['name'];
+}
+if ($vmail_group === false) {
+	$vmail_groupname="vmail";
+} else {
+	$vmail_groupname=$vmail_group['name'];
+}
+
 return Array(
 	'ubuntu_lucid' => Array(
 		'label' => 'Ubuntu 10.04 (Lucid)',
@@ -128,13 +145,13 @@ return Array(
 					'postfix_courier' => Array(
 						'label' => 'Postfix/Courier',
 						'commands' => Array(
+							($vmail_group === false) ? 'groupadd -g ' . $settings['system']['vmail_gid'] . ' ' . $vmail_groupname : '',
+							($vmail_user === false) ? 'useradd -u ' . $settings['system']['vmail_uid'] . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
+							'mkdir -p ' . $settings['system']['vmail_homedir'],
+							'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . $settings['system']['vmail_homedir'],
 							'apt-get install postfix postfix-mysql libsasl2-2 libsasl2-modules libsasl2-modules-sql',
 							'mkdir -p /var/spool/postfix/etc/pam.d',
 							'mkdir -p /var/spool/postfix/var/run/mysqld',
-							'groupadd -g ' . $settings['system']['vmail_gid'] . ' vmail',
-							'useradd -u ' . $settings['system']['vmail_uid'] . ' -g vmail vmail',
-							'mkdir -p ' . $settings['system']['vmail_homedir'],
-							'chown -R vmail:vmail ' . $settings['system']['vmail_homedir'],
 							'touch /etc/postfix/mysql-virtual_alias_maps.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
@@ -189,13 +206,13 @@ return Array(
 					'postfix_dovecot' => Array(
 						'label' => 'Postfix/Dovecot',
 						'commands' => Array(
+							($vmail_group === false) ? 'groupadd -g ' . $settings['system']['vmail_gid'] . ' ' . $vmail_groupname : '',
+							($vmail_user === false) ? 'useradd -u ' . $settings['system']['vmail_uid'] . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
+							'mkdir -p ' . $settings['system']['vmail_homedir'],
+							'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . $settings['system']['vmail_homedir'],
 							'apt-get install postfix postfix-mysql',
 							'mkdir -p /var/spool/postfix/etc/pam.d',
 							'mkdir -p /var/spool/postfix/var/run/mysqld',
-							'groupadd -g ' . $settings['system']['vmail_gid'] . ' vmail',
-							'useradd -u ' . $settings['system']['vmail_uid'] . ' -g vmail vmail',
-							'mkdir -p ' . $settings['system']['vmail_homedir'],
-							'chown -R vmail:vmail ' . $settings['system']['vmail_homedir'],
 							'touch /etc/postfix/mysql-virtual_alias_maps.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',

lib/configfiles/precise.inc.php

@@ -14,12 +14,29 @@
  * @author     Froxlor team <team@froxlor.org> (2010-)
  * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
  * @package    Configfiles
- *
+ * 
  */
 
+// Try to guess user/group from settings' email UID/GID
+$vmail_user=posix_getpwuid($settings['system']['vmail_uid']);
+$vmail_group=posix_getgrgid($settings['system']['vmail_gid']);
+
+/* If one of them are not set, call it 'vmail' and suggest creating user/group
+ * in scripts. */
+if ($vmail_user === false) {
+	$vmail_username="vmail";
+} else {
+	$vmail_username=$vmail_user['name'];
+}
+if ($vmail_group === false) {
+	$vmail_groupname="vmail";
+} else {
+	$vmail_groupname=$vmail_group['name'];
+}
+
 return Array(
-	'debian_lenny' => Array(
-		'label' => 'Debian 5.0 (Lenny)',
+	'ubuntu_precise' => Array(
+		'label' => 'Ubuntu 12.04 (Precise)',
 		'services' => Array(
 			'http' => Array(
 				'label' => $lng['admin']['configfiles']['http'],
@@ -67,7 +84,7 @@ return Array(
 						),
 						'restart' => Array(
 							'/etc/init.d/lighttpd restart'
-						)
+						),
 					),
 					'nginx' => Array(
 						'label' => 'Nginx Webserver',
@@ -82,7 +99,7 @@ return Array(
 							'rm /etc/nginx/sites-enabled/default',
 							'mkdir -p ' . $settings['system']['documentroot_prefix'],
 							'mkdir -p ' . $settings['system']['logfiles_directory'],
-							//'mkdir -p ' . $settings['system']['deactivateddocroot'],
+							'mkdir -p ' . $settings['system']['deactivateddocroot'],
 							'mkdir -p ' . $settings['system']['mod_fcgid_tmpdir'],
 							'chmod 1777 ' . $settings['system']['mod_fcgid_tmpdir'],
 							'chmod u+x /etc/init.d/php-fcgi'
@@ -91,8 +108,8 @@ return Array(
 							'/etc/init.d/php-fcgi start',
 							'/etc/init.d/nginx restart'
 						)
-					)
-				)
+					),
+				),
 			),
 			'dns' => Array(
 				'label' => $lng['admin']['configfiles']['dns'],
@@ -128,13 +145,13 @@ return Array(
 					'postfix_courier' => Array(
 						'label' => 'Postfix/Courier',
 						'commands' => Array(
+							($vmail_group === false) ? 'groupadd -g ' . $settings['system']['vmail_gid'] . ' ' . $vmail_groupname : '',
+							($vmail_user === false) ? 'useradd -u ' . $settings['system']['vmail_uid'] . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
+							'mkdir -p ' . $settings['system']['vmail_homedir'],
+							'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . $settings['system']['vmail_homedir'],
 							'apt-get install postfix postfix-mysql libsasl2-2 libsasl2-modules libsasl2-modules-sql',
 							'mkdir -p /var/spool/postfix/etc/pam.d',
 							'mkdir -p /var/spool/postfix/var/run/mysqld',
-							'groupadd -g ' . $settings['system']['vmail_gid'] . ' vmail',
-							'useradd -u ' . $settings['system']['vmail_uid'] . ' -g vmail vmail',
-							'mkdir -p ' . $settings['system']['vmail_homedir'],
-							'chown -R vmail:vmail ' . $settings['system']['vmail_homedir'],
 							'touch /etc/postfix/mysql-virtual_alias_maps.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
@@ -189,13 +206,13 @@ return Array(
 					'postfix_dovecot' => Array(
 						'label' => 'Postfix/Dovecot',
 						'commands' => Array(
+							($vmail_group === false) ? 'groupadd -g ' . $settings['system']['vmail_gid'] . ' ' . $vmail_groupname : '',
+							($vmail_user === false) ? 'useradd -u ' . $settings['system']['vmail_uid'] . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
+							'mkdir -p ' . $settings['system']['vmail_homedir'],
+							'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . $settings['system']['vmail_homedir'],
 							'apt-get install postfix postfix-mysql',
 							'mkdir -p /var/spool/postfix/etc/pam.d',
 							'mkdir -p /var/spool/postfix/var/run/mysqld',
-							'groupadd -g ' . $settings['system']['vmail_gid'] . ' vmail',
-							'useradd -u ' . $settings['system']['vmail_uid'] . ' -g vmail vmail',
-							'mkdir -p ' . $settings['system']['vmail_homedir'],
-							'chown -R vmail:vmail ' . $settings['system']['vmail_homedir'],
 							'touch /etc/postfix/mysql-virtual_alias_maps.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
@@ -282,14 +299,17 @@ return Array(
 					'dovecot' => Array(
 						'label' => 'Dovecot',
 						'commands_1' => Array(
-							'apt-get install dovecot-imapd dovecot-pop3d'
+							'apt-get install dovecot-imapd dovecot-pop3d dovecot-postfix dovecot-mysql mail-stack-delivery'
 						),
 						'files' => Array(
-							'etc_dovecot_dovecot.conf' => '/etc/dovecot/dovecot.conf',
-							'etc_dovecot_dovecot-sql.conf' => '/etc/dovecot/dovecot-sql.conf'
+							
+							'etc_dovecot_conf.d_01_mail_stack_delivery.conf' => '/etc/dovecot/conf.d/01-mail-stack-delivery.conf',
+							'etc_dovecot_conf.d_10_auth.conf' => '/etc/dovecot/conf.d/10-auth.conf',
+							'etc_dovecot_conf.d_auth-sql.conf.ext' => '/etc/dovecot/conf.d/auth-sql.conf.ext',
+							'etc_dovecot_dovecot-sql.conf.ext' => '/etc/dovecot/dovecot-sql.conf.ext'
 						),
 						'commands_2' => Array(
-							'chmod 0640 /etc/dovecot/dovecot-sql.conf'
+							'chmod 0640 /etc/dovecot/dovecot-sql.conf.ext'
 						),
 						'restart' => Array(
 							'/etc/init.d/dovecot restart'
@@ -362,14 +382,14 @@ return Array(
 						),
 					),
 					'libnss' => Array(
-						'label' => 'libnss (system login with mysql)',
+						'label' => 'libnss-bg (system login with mysql)',
 						'commands' => Array(
-							'apt-get install libnss-mysql nscd',
-							'chmod 600 /etc/nss-mysql.conf /etc/nss-mysql-root.conf'
+							'apt-get install libnss-mysql-bg nscd',
+							'chmod 600 /etc/libnss-mysql.cfg /etc/libnss-mysql-root.cfg'
 						),
 						'files' => Array(
-							'etc_nss-mysql.conf' => '/etc/nss-mysql.conf',
-							'etc_nss-mysql-root.conf' => '/etc/nss-mysql-root.conf',
+							'etc_libnss-mysql.cfg' => '/etc/libnss-mysql.cfg',
+							'etc_libnss-mysql-root.cfg' => '/etc/libnss-mysql-root.cfg',
 							'etc_nsswitch.conf' => '/etc/nsswitch.conf',
 						),
 						'restart' => Array(

lib/configfiles/sle10.inc.php

@@ -17,6 +17,23 @@
  *
  */
 
+// Try to guess user/group from settings' email UID/GID
+$vmail_user=posix_getpwuid($settings['system']['vmail_uid']);
+$vmail_group=posix_getgrgid($settings['system']['vmail_gid']);
+
+/* If one of them are not set, call it 'vmail' and suggest creating user/group
+ * in scripts. */
+if ($vmail_user === false) {
+	$vmail_username="vmail";
+} else {
+	$vmail_username=$vmail_user['name'];
+}
+if ($vmail_group === false) {
+	$vmail_groupname="vmail";
+} else {
+	$vmail_groupname=$vmail_group['name'];
+}
+
 return Array(
 	'sle_10' => Array(
 		'label' => 'SUSE Linux Enterprise 10',
@@ -71,11 +88,11 @@ return Array(
 							'usr_lib_sasl2_smtpd.conf' => '/usr/lib/sasl2/smtpd.conf'
 						),
 						'commands' => Array(
-							'mkdir -p /var/spool/postfix/etc/pam.d',
-							'groupadd -g ' . $settings['system']['vmail_gid'] . ' vmail',
-							'useradd -u ' . $settings['system']['vmail_uid'] . ' -g vmail vmail',
+							($vmail_group === false) ? 'groupadd -g ' . $settings['system']['vmail_gid'] . ' ' . $vmail_groupname : '',
+							($vmail_user === false) ? 'useradd -u ' . $settings['system']['vmail_uid'] . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
 							'mkdir -p ' . $settings['system']['vmail_homedir'],
-							'chown -R vmail:vmail ' . $settings['system']['vmail_homedir'],
+							'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . $settings['system']['vmail_homedir'],
+							'mkdir -p /var/spool/postfix/etc/pam.d',
 							'touch /etc/postfix/mysql-virtual_alias_maps.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',

lib/configfiles/squeeze.inc.php

@@ -17,6 +17,23 @@
  *
  */
 
+// Try to guess user/group from settings' email UID/GID
+$vmail_user=posix_getpwuid($settings['system']['vmail_uid']);
+$vmail_group=posix_getgrgid($settings['system']['vmail_gid']);
+
+/* If one of them are not set, call it 'vmail' and suggest creating user/group
+ * in scripts. */
+if ($vmail_user === false) {
+	$vmail_username="vmail";
+} else {
+	$vmail_username=$vmail_user['name'];
+}
+if ($vmail_group === false) {
+	$vmail_groupname="vmail";
+} else {
+	$vmail_groupname=$vmail_group['name'];
+}
+
 return Array(
 	'debian_squeeze' => Array(
 		'label' => 'Debian 6.0 (Squeeze)',
@@ -128,13 +145,13 @@ return Array(
 					'postfix_courier' => Array(
 						'label' => 'Postfix/Courier',
 						'commands' => Array(
+							($vmail_group === false) ? 'groupadd -g ' . $settings['system']['vmail_gid'] . ' '.$vmail_groupname : '',
+							($vmail_user === false) ? 'useradd -u ' . $settings['system']['vmail_uid'] . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
+							'mkdir -p ' . $settings['system']['vmail_homedir'],
+							'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . $settings['system']['vmail_homedir'],
 							'apt-get install postfix postfix-mysql libsasl2-2 libsasl2-modules libsasl2-modules-sql',
 							'mkdir -p /var/spool/postfix/etc/pam.d',
 							'mkdir -p /var/spool/postfix/var/run/mysqld',
-							'groupadd -g ' . $settings['system']['vmail_gid'] . ' vmail',
-							'useradd -u ' . $settings['system']['vmail_uid'] . ' -g vmail vmail',
-							'mkdir -p ' . $settings['system']['vmail_homedir'],
-							'chown -R vmail:vmail ' . $settings['system']['vmail_homedir'],
 							'touch /etc/postfix/mysql-virtual_alias_maps.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
@@ -189,13 +206,13 @@ return Array(
 					'postfix_dovecot' => Array(
 						'label' => 'Postfix/Dovecot',
 						'commands' => Array(
+							($vmail_group === false) ? 'groupadd -g ' . $settings['system']['vmail_gid'] . ' ' . $vmail_groupname : '',
+							($vmail_user === false) ? 'useradd -u ' . $settings['system']['vmail_uid'] . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
+							'mkdir -p ' . $settings['system']['vmail_homedir'],
+							'chown -R ' . $vmail_username . ':' . $vmail_groupname . ' ' . $settings['system']['vmail_homedir'],
 							'apt-get install postfix postfix-mysql',
 							'mkdir -p /var/spool/postfix/etc/pam.d',
 							'mkdir -p /var/spool/postfix/var/run/mysqld',
-							'groupadd -g ' . $settings['system']['vmail_gid'] . ' vmail',
-							'useradd -u ' . $settings['system']['vmail_uid'] . ' -g vmail vmail',
-							'mkdir -p ' . $settings['system']['vmail_homedir'],
-							'chown -R vmail:vmail ' . $settings['system']['vmail_homedir'],
 							'touch /etc/postfix/mysql-virtual_alias_maps.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',

lib/configfiles/suse11.inc.php

@@ -17,6 +17,23 @@
  * 
  */
 
+// Try to guess user/group from settings' email UID/GID
+$vmail_user=posix_getpwuid($settings['system']['vmail_uid']);
+$vmail_group=posix_getgrgid($settings['system']['vmail_gid']);
+
+/* If one of them are not set, call it 'vmail' and suggest creating user/group
+ * in scripts. */
+if ($vmail_user === false) {
+	$vmail_username="vmail";
+} else {
+	$vmail_username=$vmail_user['name'];
+}
+if ($vmail_group === false) {
+	$vmail_groupname="vmail";
+} else {
+	$vmail_groupname=$vmail_group['name'];
+}
+
 return Array(
 	'opensuse_11_x' => Array(
 		'label' => 'openSUSE 11.x',
@@ -68,11 +85,11 @@ return Array(
 							'etc_sasl2_smtpd.conf' => '/etc/sasl2/smtpd.conf'
 						),
 						'commands' => Array(
-							'mkdir -p /var/spool/postfix/etc/pam.d',
-							'groupadd -g ' . $settings['system']['vmail_gid'] . ' vmail',
-							'useradd -u ' . $settings['system']['vmail_uid'] . ' -g vmail vmail',
+							($vmail_group === false) ? 'groupadd -g ' . $settings['system']['vmail_gid'] . ' ' . $vmail_groupname : '',
+							($vmail_user === false) ? 'useradd -u ' . $settings['system']['vmail_uid'] . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
 							'mkdir -p ' . $settings['system']['vmail_homedir'],
-							'chown -R vmail:vmail ' . $settings['system']['vmail_homedir'],
+							'chown -R ' . $vmail_username . ':' . $vmail_groupname . ' ' . $settings['system']['vmail_homedir'],
+							'mkdir -p /var/spool/postfix/etc/pam.d',
 							'touch /etc/postfix/mysql-virtual_alias_maps.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
 							'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
@@ -106,13 +123,13 @@ return Array(
 					'postfix_dovecot' => Array(
                                                 'label' => 'Postfix/Dovecot',
                                                 'commands' => Array(
+                                                        ($vmail_group === false) ? 'groupadd -g ' . $settings['system']['vmail_gid'] . ' ' . $vmail_groupname : '',
+                                                        ($vmail_user === false) ? 'useradd -u ' . $settings['system']['vmail_uid'] . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
                                                         'zypper install postfix postfix-mysql',
                                                         'mkdir -p /var/spool/postfix/etc/pam.d',
                                                         'mkdir -p /var/spool/postfix/var/run/mysqld',
-                                                        'groupadd -g ' . $settings['system']['vmail_gid'] . ' vmail',
-                                                        'useradd -u ' . $settings['system']['vmail_uid'] . ' -g vmail vmail',
                                                         'mkdir -p ' . $settings['system']['vmail_homedir'],
-                                                        'chown -R vmail:vmail ' . $settings['system']['vmail_homedir'],
+                                                        'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . $settings['system']['vmail_homedir'],
                                                         'touch /etc/postfix/mysql-virtual_alias_maps.cf',
                                                         'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
                                                         'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',

lib/configfiles_index.inc.php

@@ -45,5 +45,5 @@ else
 
 $cfgPath = 'lib/configfiles/';
 $configfiles = Array();
-$configfiles = array_merge(include $cfgPath . 'squeeze.inc.php', include $cfgPath . 'lenny.inc.php', include $cfgPath . 'lucid.inc.php', include $cfgPath . 'hardy.inc.php', include $cfgPath . 'gentoo.inc.php', include $cfgPath . 'suse11.inc.php', include $cfgPath . 'sle10.inc.php', include $cfgPath . 'freebsd.inc.php');
+$configfiles = array_merge(include $cfgPath . 'squeeze.inc.php', include $cfgPath . 'precise.inc.php', include $cfgPath . 'lucid.inc.php', include $cfgPath . 'hardy.inc.php', include $cfgPath . 'gentoo.inc.php', include $cfgPath . 'suse11.inc.php', include $cfgPath . 'sle10.inc.php', include $cfgPath . 'freebsd.inc.php');
 

lib/formfields/admin/admin/formfield.admin_add.php

@@ -200,6 +200,14 @@ return array(
 						'visible' => ($settings['ticket']['enabled'] == '1' ? true : false),
 						'ul_field' => $tickets_ul
 					),
+					'tickets_see_all' => array(
+						'label' => $lng['admin']['tickets_see_all'],
+						'type' => 'checkbox',
+						'values' => array(
+										array ('label' => $lng['panel']['yes'], 'value' => '1')
+									),
+						'value' => array()
+					),
 					'mysqls' => array(
 						'label' => $lng['customer']['mysqls'],
 						'type' => 'textul',

lib/formfields/admin/admin/formfield.admin_edit.php

@@ -214,6 +214,14 @@ return array(
 						'visible' => ($settings['ticket']['enabled'] == '1' ? true : false),
 						'ul_field' => $tickets_ul
 					),
+					'tickets_see_all' => array(
+							'label' => $lng['admin']['tickets_see_all'],
+							'type' => 'checkbox',
+							'values' => array(
+									array ('label' => $lng['panel']['yes'], 'value' => '1')
+							),
+							'value' => array($result['tickets_see_all'])
+					),
 					'mysqls' => array(
 						'label' => $lng['customer']['mysqls'],
 						'type' => 'textul',

lib/formfields/admin/domains/formfield.domains_add.php

@@ -190,7 +190,7 @@ return array(
 			'section_d' => array(
 				'title' => $lng['admin']['nameserversettings'],
 				'image' => 'icons/domain_add.png',
-				'visible' => ($userinfo['change_serversettings'] == '1' ? true : false),
+				'visible' => ($settings['system']['bind_enable'] == '1' && $userinfo['change_serversettings'] == '1' ? true : false),
 				'fields' => array(
 					'isbinddomain' => array(
 						'label' => 'Nameserver',

lib/formfields/admin/domains/formfield.domains_edit.php

@@ -214,7 +214,7 @@ return array(
 			'section_d' => array(
 				'title' => $lng['admin']['nameserversettings'],
 				'image' => 'icons/domain_edit.png',
-				'visible' => ($userinfo['change_serversettings'] == '1' ? true : false),
+				'visible' => ($settings['system']['bind_enable'] == '1' && $userinfo['change_serversettings'] == '1' ? true : false),
 				'fields' => array(
 					'isbinddomain' => array(
 						'label' => 'Nameserver',

lib/functions.php

@@ -44,7 +44,7 @@ function includeFunctions($dirname)
 
 function __autoload($classname)
 {
-	global $libdirname;
+	global $libdirname, $theme;
 	findIncludeClass($libdirname . '/classes/', $classname);
 }
 

lib/functions/aps/function.domainHasApsInstances.php

@@ -28,7 +28,7 @@
  */
 function domainHasApsInstances($domainid = 0)
 {
-	global $db, $settings;
+	global $db, $settings, $theme;
 	
 	if($settings['aps']['aps_active'] == '1')
 	{

lib/functions/database/function.correctMysqlUsers.php

@@ -19,12 +19,12 @@
 
 function correctMysqlUsers($mysql_access_host_array)
 {
-	global $db, $settings, $sql, $sql_root;
+	global $db, $settings, $sql, $sql_root, $theme;
 	
 	foreach($sql_root as $mysql_server => $mysql_server_details)
 	{
 		$db_root = new db($mysql_server_details['host'], $mysql_server_details['user'], $mysql_server_details['password'], '');
-		unset($db_root->password);
+		unset($mysql_server_details['password']);
 
 		$users = array();
 		$users_result = $db_root->query('SELECT * FROM `mysql`.`user`');

lib/functions/filedir/function.maildirExists.php

@@ -24,15 +24,24 @@
  */
 function maildirExists($result = null)
 {
-	global $settings;
+	global $settings, $theme;
 
 	if(is_array($result))
 	{
 		$loginname = getCustomerDetail($result['customerid'], 'loginname');
 		if($loginname !== false) {
-			$maildir = makeCorrectDir($settings['system']['vmail_homedir'] .'/'. $loginname .'/'. $result['email_full']);
+			$email_user=substr($result['email_full'],0,strrpos($result['email_full'],"@"));
+			$email_domain=substr($result['email_full'],strrpos($result['email_full'],"@")+1);
+			$maildirname=trim($settings['system']['vmail_maildirname']);
+			$maildir = makeCorrectDir($settings['system']['vmail_homedir'] .'/'. $loginname .'/'. $email_domain .'/'. $email_user . (!empty($maildirname)?'/'.$maildirname:''));
 			if(@file_exists($maildir)) {
 				return true;
+			} else {
+				// backward-compatibility for old folder-structure
+				$maildir_old = makeCorrectDir($settings['system']['vmail_homedir'] .'/'. $loginname .'/'. $email_user);
+				if (@file_exists($maildir_old)) {
+					return true;
+				}
 			}
 		}
 	}

lib/functions/filedir/function.makeChownWithNewStats.php

@@ -26,7 +26,7 @@
  */
 function makeChownWithNewStats($row)
 {
-	global $settings;
+	global $settings, $theme;
 
 	// get correct user
 	if($settings['system']['mod_fcgid'] == '1' && isset($row['deactivated']) && $row['deactivated'] == '0')

lib/functions/filedir/function.makePathfield.php

@@ -34,7 +34,7 @@
 
 function makePathfield($path, $uid, $gid, $fieldType, $value = '', $dom = false)
 {
-	global $lng;
+	global $lng, $theme;
 
 	$value = str_replace($path, '', $value);
 	$field = array();

lib/functions/filedir/function.safe_exec.php

@@ -33,7 +33,7 @@
 
 function safe_exec($exec_string, &$return_value = false)
 {
-	global $settings;
+	global $settings, $theme;
 
 	//
 	// define allowed system commands

lib/functions/filedir/function.storeDefaultIndex.php

@@ -27,7 +27,7 @@
  */
 function storeDefaultIndex($loginname = null, $destination = null, $logger = null, $force = false)
 {
-	global $db, $settings, $pathtophpfiles;
+	global $db, $settings, $pathtophpfiles, $theme;
 
 	if ($force
 		|| (int)$settings['system']['store_index_file_subs'] == 1

lib/functions/formfields/function.buildFormEx.php

@@ -17,7 +17,7 @@
 
 function buildFormEx($form, $part = '')
 {
-	global $settings;
+	global $settings, $theme;
 	$fields = '';
 
 	if(validateFormDefinition($form))

lib/functions/formfields/function.getFormFieldOutput.php

@@ -19,7 +19,7 @@
 
 function getFormFieldOutput($fieldname, $fielddata)
 {
-	global $settings;
+	global $settings, $theme;
 
 	$returnvalue = '';
 	if(is_array($fielddata) && isset($fielddata['type']) && $fielddata['type'] != '' && function_exists('getFormFieldOutput' . ucfirst($fielddata['type'])))

lib/functions/formfields/function.getFormGroupOutput.php

@@ -19,14 +19,14 @@
 
 function getFormGroupOutput($groupname, $groupdetails)
 {
-	global $lng;
+	global $lng, $theme;
 	eval("\$group = \"" . getTemplate("settings/settings_group") . "\";");
 	return $group;
 }
 
 function getFormOverviewGroupOutput($groupname, $groupdetails)
 {
-	global $lng, $settings, $filename, $s;
+	global $lng, $settings, $filename, $s, $theme;
 	
 	$group = '';
 	$title = $groupdetails['title'];

lib/functions/formfields/function.processForm.php

@@ -37,7 +37,7 @@ function processForm(&$form, &$input, $url_params = array())
 				}
 			}
 		}
-		
+
 		foreach($form['groups'] as $groupname => $groupdetails)
 		{
 			if(validateFieldDefinition($groupdetails))
@@ -46,7 +46,7 @@ function processForm(&$form, &$input, $url_params = array())
 				foreach($groupdetails['fields'] as $fieldname => $fielddetails)
 				{
 					$newfieldvalue = getFormFieldData($fieldname, $fielddetails, $input);
-			
+
 					if($newfieldvalue != $fielddetails['value'])
 					{
 						if(($error = validateFormField($fieldname, $fielddetails, $newfieldvalue)) !== true)
@@ -173,13 +173,13 @@ function processFormEx(&$form, &$input, $url_params = array(), $part, $settings_
 				}
 			}
 		}
-		
+
 		foreach($form['groups'] as $groupname => $groupdetails)
 		{
 			if(($settings_part && $part == $groupname)
 				|| $settings_all
 				|| $only_enabledisable
-			){			
+			){
 				if(validateFieldDefinition($groupdetails))
 				{
 					// Validate fields
@@ -189,7 +189,6 @@ function processFormEx(&$form, &$input, $url_params = array(), $part, $settings_
 							|| ($only_enabledisable && isset($fielddetails['overview_option']))
 						) {
 							$newfieldvalue = getFormFieldData($fieldname, $fielddetails, $input);
-					
 							if($newfieldvalue != $fielddetails['value'])
 							{
 								if(($error = validateFormField($fieldname, $fielddetails, $newfieldvalue)) !== true)
@@ -201,7 +200,7 @@ function processFormEx(&$form, &$input, $url_params = array(), $part, $settings_
 									$changed_fields[$fieldname] = $newfieldvalue;
 								}
 							}
-		
+
 							$submitted_fields[$fieldname] = $newfieldvalue;
 						}
 					}

lib/functions/froxlor/function.CorrectErrorDocument.php

@@ -26,7 +26,7 @@
  */
  function correctErrorDocument($errdoc = null)
  {
- 	global $settings, $idna_convert;
+ 	global $settings, $idna_convert, $theme;
 
  	if($errdoc !== null && $errdoc != '')
  	{

lib/functions/froxlor/function.CronjobFunctions.php

@@ -24,7 +24,7 @@
  */
 function getNextCronjobs()
 {
-	global $db;
+	global $db, $theme;
 
 	$query = "SELECT `id`, `cronfile` FROM `".TABLE_PANEL_CRONRUNS."` WHERE `interval` <> '0' AND `isactive` = '1' AND (";
 
@@ -60,7 +60,7 @@ function getNextCronjobs()
 
 function includeCronjobs($debugHandler, $pathtophpfiles)
 {
-	global $settings;
+	global $settings, $theme;
 
 	$cronjobs = getNextCronjobs();
 
@@ -84,7 +84,7 @@ function includeCronjobs($debugHandler, $pathtophpfiles)
 
 function getIntervalOptions()
 {
-	global $db, $lng, $cronlog;
+	global $db, $lng, $cronlog, $theme;
 
 	$query = "SELECT DISTINCT `interval` FROM `" . TABLE_PANEL_CRONRUNS . "` ORDER BY `interval` ASC;";
 	$result = $db->query($query);
@@ -110,7 +110,7 @@ function getIntervalOptions()
 
 function getCronjobsLastRun()
 {
-	global $db, $lng;
+	global $db, $lng, $theme;
 
 	$query = "SELECT `lastrun`, `desc_lng_key` FROM `".TABLE_PANEL_CRONRUNS."` WHERE `isactive` = '1' ORDER BY `cronfile` ASC";
 	$result = $db->query($query);
@@ -135,7 +135,7 @@ function getCronjobsLastRun()
 
 function toggleCronStatus($module = null, $isactive = 0)
 {
-	global $db;
+	global $db, $theme;
 
 	if($isactive != 1) {
 		$isactive = 0;
@@ -148,7 +148,7 @@ function toggleCronStatus($module = null, $isactive = 0)
 
 function getOutstandingTasks()
 {
-	global $db, $lng;
+	global $db, $lng, $theme;
 
 	$query = "SELECT * FROM `".TABLE_PANEL_TASKS."` ORDER BY `type` ASC";
 	$result = $db->query($query);
@@ -209,6 +209,10 @@ function getOutstandingTasks()
 			$task_desc = $lng['tasks']['deleting_customerfiles'];
 			$task_desc = str_replace('%loginname%', $loginname, $task_desc);
 		}
+		elseif($row['type'] == '7')
+		{
+			$task_desc = $lng['tasks']['remove_emailacc_files'];
+		}
 		/*
 		 * Set FS - quota
 		 */
@@ -216,6 +220,11 @@ function getOutstandingTasks()
 		{
 			$task_desc = $lng['tasks']['diskspace_set_quota'];
 		}
+		else
+		{
+			$task_desc = "ERROR: Unknown task type '".$row['type'].
+			             "'";
+		}
 
 		if($task_desc != '') {
 			$tasks .= '<li>'.$task_desc.'</li>';

lib/functions/froxlor/function.createAWStatsConf.php

@@ -29,7 +29,7 @@
 
 function createAWStatsConf($logFile, $siteDomain, $hostAliases, $customerDocroot, $awstats_params = array())
 {
-	global $pathtophpfiles, $settings;
+	global $pathtophpfiles, $settings, $theme;
 
 	// Generation header
 

lib/functions/froxlor/function.customerHasPerlEnabled.php

@@ -27,7 +27,7 @@
  */
 function customerHasPerlEnabled($cid = 0)
 {
-	global $db;
+	global $db, $theme;
 
 	if($cid > 0)
 	{

lib/functions/froxlor/function.domainHasMainSubDomains.php

@@ -25,7 +25,7 @@
  */
 function domainHasMainSubDomains($id = 0)
 {
-	global $db;
+	global $db, $theme;
 	
 	$sql = "SELECT COUNT(`id`) as `mainsubs` FROM `".TABLE_PANEL_DOMAINS."` WHERE `ismainbutsubto` = '".(int)$id."'";
 	$result = $db->query_first($sql);
@@ -47,7 +47,7 @@ function domainHasMainSubDomains($id = 0)
  */
 function domainMainToSubExists($id = 0)
 {
-	global $db;
+	global $db, $theme;
 	
 	$sql = "SELECT `id` FROM `".TABLE_PANEL_DOMAINS."` WHERE `id` = '".(int)$id."'";
 	$result = $db->query_first($sql);

lib/functions/froxlor/function.generatePassword.php

@@ -21,7 +21,7 @@
 
 function generatePassword()
 {
-	global $db, $settings;
+	global $db, $settings, $theme;
 
 	return substr(md5(uniqid(microtime(), 1)), 24, 10);
 }

lib/functions/froxlor/function.getAdmins.php

@@ -19,7 +19,7 @@
 
 function getAdmins($limit_resource = '')
 {
-	global $db;
+	global $db, $theme;
 
 	$additional_conditions = '';
 	$additional_conditions_array = array();

lib/functions/froxlor/function.getCustomerDetail.php

@@ -19,7 +19,7 @@
 
 function getCustomerDetail($customerid, $varname)
 {
-	global $db;
+	global $db, $theme;
 
 	$query = 'SELECT `' . $db->escape($varname) . '` FROM `' . TABLE_PANEL_CUSTOMERS . '` WHERE `customerid` = \'' . (int)$customerid . '\'';
 	$customer = $db->query_first($query);

lib/functions/froxlor/function.getCustomerIdByDomain.php

@@ -9,10 +9,10 @@
  */
 function getCustomerIdByDomain($domain = null)
 {
-	global $db;
+	global $db, $theme;
 	
 	$result = $db->query_first("SELECT `customerid` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain` = '".$domain."'");
-	if(is_array($result) 
+	if(is_array($result)
 		&& isset($result['customerid'])
 	) {
 		return $result['customerid'];

lib/functions/froxlor/function.getCustomers.php

@@ -19,7 +19,7 @@
 
 function getCustomers($limit_resource = '')
 {
-	global $db;
+	global $db, $theme;
 
 	$additional_conditions = '';
 	$additional_conditions_array = array();

lib/functions/froxlor/function.getFilesystemQuota.php

@@ -17,7 +17,7 @@
 
 function getFilesystemQuota()
 {
-	global $settings;
+	global $settings, $theme;
 	if ($settings['system']['diskquota_enabled'])
 	{
 		# Fetch all quota in the desired partition

lib/functions/froxlor/function.getIpAddresses.php

@@ -19,7 +19,7 @@
 
 function getIpAddresses()
 {
-	global $db;
+	global $db, $theme;
 	
 	$query = 'SELECT `id`, `ip`, `port` FROM `' . TABLE_PANEL_IPSANDPORTS . '` ORDER BY `ip` ASC, `port` ASC';
 	$result = $db->query($query);

lib/functions/froxlor/function.getIpPortCombinations.php

@@ -19,7 +19,7 @@
 
 function getIpPortCombinations($ssl = null)
 {
-	global $db;
+	global $db, $theme;
 	
 	$additional_conditions = '';
 	$additional_conditions_array = array();

lib/functions/froxlor/function.getLanguages.php

@@ -19,7 +19,7 @@
 
 function getLanguages()
 {
-	global $db;
+	global $db, $theme;
 	
 	$query = 'SELECT * FROM `' . TABLE_PANEL_LANGUAGE . '` ';
 	$result = $db->query($query);