set version to 0.9.37-rc1 for upcoming release candidate

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
add newline after custom options to avoid possible syntax error in apache-config, thx to J-BBB for testing
2016-07-18 16:47:19 +02:00 · 2016-07-14 09:14:37 +02:00 · 2016-07-14 08:45:10 +02:00 · 2016-07-14 08:36:14 +02:00 · 2016-07-14 08:25:28 +02:00 · 2016-07-14 07:58:56 +02:00
1789 changed files with 70921 additions and 119187 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,9 +1,17 @@
-packages/*
-temp/*
-templates/*
 install/update.log
+templates/*
+lib/userdata.inc.php
+logs/*
 .buildpath
 .project
 .settings/
 *.diff
 *~
+.well-known
+.idea
+*.iml
+
+!templates/Froxlor/
+!templates/Sparkle/
+!templates/misc/
+templates/Froxlor/assets/img/logo_custom.png
--- a/11
+++ b/11
@@ -2,7 +2,7 @@
 		       Version 2, June 1991

 Copyright (C) 1989, 1991 Free Software Foundation, Inc.
-                          675 Mass Ave, Cambridge, MA 02139, USA
+                       51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 Everyone is permitted to copy and distribute verbatim copies
 of this license document, but changing it is not allowed.

@@ -55,7 +55,7 @@ patent must be licensed for everyone's free use or not licensed at all.

  The precise terms and conditions for copying, distribution and
 modification follow.
-
+
 		    GNU GENERAL PUBLIC LICENSE
   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION

@@ -110,7 +110,7 @@ above, provided that you also meet all of these conditions:
    License.  (Exception: if the Program itself is interactive but
    does not normally print such an announcement, your work based on
    the Program is not required to print an announcement.)
-
+
 These requirements apply to the modified work as a whole.  If
 identifiable sections of that work are not derived from the Program,
 and can be reasonably considered independent and separate works in
@@ -168,7 +168,7 @@ access to copy from a designated place, then offering equivalent
 access to copy the source code from the same place counts as
 distribution of the source code, even though third parties are not
 compelled to copy the source along with the object code.
-
+
  4. You may not copy, modify, sublicense, or distribute the Program
 except as expressly provided under this License.  Any attempt
 otherwise to copy, modify, sublicense or distribute the Program is
@@ -225,7 +225,7 @@ impose that choice.

 This section is intended to make thoroughly clear what is believed to
 be a consequence of the rest of this License.
-
+
  8. If the distribution and/or use of the Program is restricted in
 certain countries either by patents or by copyrighted interfaces, the
 original copyright holder who places the Program under this License
@@ -278,4 +278,3 @@ PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
 POSSIBILITY OF SUCH DAMAGES.

 		     END OF TERMS AND CONDITIONS
-
--- a/README.md
+++ b/README.md
@@ -0,0 +1,74 @@
+# Froxlor
+
+The server administration software for your needs.
+Developed by experienced server administrators, this panel simplifies the effort of managing your hosting platform.
+
+## Installation
+
+### Fast install
+1. Ensure that your webserver serves /var/www
+2. Extract froxlor into /var/www
+3. Point your browser to http://[ip-of-webserver]/froxlor
+4. Follow the installer
+5. Login as administrator
+6. Adjust "Server > Settings" according to your needs
+7. Choose your distribution under "Server > Configuration"
+8. Follow the steps for your services
+9. Have fun!
+
+### Detailed installation
+http://redmine.froxlor.org/projects/froxlor/wiki/Installationtarball
+
+## Help
+
+You may find help in the following places:
+
+### IRC
+
+froxlor may be found on freenode.net, channel #froxlor:
+irc://chat.freenode.net/froxlor
+
+### Forum
+
+The community is located on http://forum.froxlor.org
+
+### Wiki
+
+More documentation may be found in the froxlor - wiki:
+http://redmine.froxlor.org/projects/froxlor/wiki
+
+## License
+
+May be found in COPYING
+
+## Downloads
+
+### Tarball
+http://files.froxlor.org/releases/froxlor-latest.tar.gz [MD5](http://files.froxlor.org/releases/froxlor-latest.tar.gz.md5) [SHA1](http://files.froxlor.org/releases/froxlor-latest.tar.gz.sha1)
+
+### Debian repository
+
+[HowTo](http://redmine.froxlor.org/projects/froxlor/wiki/Installationdebian)
+
+/etc/apt/sources.list.d/froxlor.list
+> deb http://debian.froxlor.org {wheezy|jessie} main
+
+### Gentoo repository
+
+[HowTo](http://redmine.froxlor.org/projects/froxlor/wiki/Installationgentoo)
+
+http://files.froxlor.org/gentoo/repositories.xml
+
+## Let's Encrypt support
+
+This version of Froxlor contains a test implementation of support for [Let's Encrypt](https://letsencrypt.org). This is (as Let's Encrypt is in itself)
+still a beta version and may break your system. The way it currently works is by creating a (sub-)domain with the default system - certificate,
+after which the Let's Encrypt cronjob orders the certificate for this (sub-)domain and inserts the certificates in the database. With the next run
+of the default cronjob, the certificates will be updated on the disk and the webserver reloaded.
+
+This has 2 known side-effects at the moment:
+* The basic ip/port combinations don't work with the Froxlor - integration of Let's Encrypt, since it needs a certificate for the very first creation
+* After creating a domain, it will have the default certificate for a short time (by default 5 minutes until the cronjob runs the next time)
+
+It may be possible to fix these issues, but they are not a priority at the moment
+
--- a/actions/admin/settings/100.panel.php
+++ b/actions/admin/settings/100.panel.php
@@ -33,15 +33,31 @@ return array(
 					'save_method' => 'storeSettingField',
 					),
 				'panel_default_theme' => array(
-					'label' => $lng['serversettings']['default_theme'],
+					'label' => array('title' => $lng['panel']['theme'], 'description' => $lng['serversettings']['default_theme']),
 					'settinggroup' => 'panel',
 					'varname' => 'default_theme',
 					'type' => 'option',
 					'default' => 'Froxlor',
 					'option_mode' => 'one',
 					'option_options_method' => 'getThemes',
+					'save_method' => 'storeSettingDefaultTheme',
+					),
+				'panel_allow_theme_change_customer' => array(
+					'label' => $lng['serversettings']['panel_allow_theme_change_customer'],
+					'settinggroup' => 'panel',
+					'varname' => 'allow_theme_change_customer',
+					'type' => 'bool',
+					'default' => true,
 					'save_method' => 'storeSettingField',
 					),
+				'panel_allow_theme_change_admin' => array(
+					'label' => $lng['serversettings']['panel_allow_theme_change_admin'],
+					'settinggroup' => 'panel',
+					'varname' => 'allow_theme_change_admin',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField'
+					),
 				'panel_natsorting' => array(
 					'label' => $lng['serversettings']['natsorting'],
 					'settinggroup' => 'panel',
@@ -77,23 +93,6 @@ return array(
 					'option_options' => array('Manual' => $lng['serversettings']['manual'], 'Dropdown' => $lng['serversettings']['dropdown']),
 					'save_method' => 'storeSettingField',
 					),
-				'use_webfonts' => array(
-					'label' => $lng['serversettings']['enablewebfonts'],
-					'settinggroup' => 'panel',
-					'varname' => 'use_webfonts',
-					'type' => 'bool',
-					'default' => true,
-					'save_method' => 'storeSettingField',
-					),
-				'webfont' => array(
-					'label' => $lng['serversettings']['definewebfont']['title'],
-					'settinggroup' => 'panel',
-					'varname' => 'webfont',
-					'type' => 'string',
-					'default' => 'Numans',
-					'string_emptyallowed' => false,
-					'save_method' => 'storeSettingField',
-					),
 				'panel_adminmail' => array(
 					'label' => $lng['serversettings']['adminmail'],
 					'settinggroup' => 'panel',
@@ -178,6 +177,32 @@ return array(
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
+				'admin_show_news_feed' => array(
+					'label' => $lng['admin']['show_news_feed'],
+					'settinggroup' => 'admin',
+					'varname' => 'show_news_feed',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'customer_show_news_feed' => array(
+					'label' => $lng['admin']['customer_show_news_feed'],
+					'settinggroup' => 'customer',
+					'varname' => 'show_news_feed',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'customer_news_feed_url' => array(
+					'label' => $lng['admin']['customer_news_feed_url'],
+					'settinggroup' => 'customer',
+					'varname' => 'news_feed_url',
+					'type' => 'string',
+					'string_type' => 'url',
+					'string_emptyallowed' => true,
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					),
 				'panel_allow_domain_change_admin' => array(
 					'label' => $lng['serversettings']['panel_allow_domain_change_admin'],
 					'settinggroup' => 'panel',
@@ -194,6 +219,14 @@ return array(
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
+				'panel_phpconfigs_hidestdsubdomain' => array(
+					'label' => $lng['serversettings']['panel_phpconfigs_hidestdsubdomain'],
+					'settinggroup' => 'panel',
+					'varname' => 'phpconfigs_hidestdsubdomain',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
 				),
 			),
 		),
--- a/actions/admin/settings/110.accounts.php
+++ b/actions/admin/settings/110.accounts.php
@@ -70,6 +70,46 @@ return array(
 					'default' => 0,
 					'save_method' => 'storeSettingField',
 					),
+				'panel_password_alpha_lower' => array(
+					'label' => $lng['serversettings']['panel_password_alpha_lower'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_alpha_lower',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_alpha_upper' => array(
+					'label' => $lng['serversettings']['panel_password_alpha_upper'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_alpha_upper',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_numeric' => array(
+					'label' => $lng['serversettings']['panel_password_numeric'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_numeric',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_special_char_required' => array(
+					'label' => $lng['serversettings']['panel_password_special_char_required'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_special_char_required',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_special_char' => array(
+					'label' => $lng['serversettings']['panel_password_special_char'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_special_char',
+					'type' => 'string',
+					'default' => '!?<>§$%+#=@',
+					'save_method' => 'storeSettingField',
+					),
 				'panel_password_regex' => array(
 					'label' => $lng['serversettings']['panel_password_regex'],
 					'settinggroup' => 'panel',
@@ -143,11 +183,19 @@ return array(
 								'varname' => 'allow_preset',
 							),
 							'onlyif' => 1
-						)
-					),
+					)
+				),
+				'system_backupenabled' => array(
+					'label' => $lng['serversettings']['backupenabled'],
+					'settinggroup' => 'system',
+					'varname' => 'backupenabled',
+					'type' => 'bool',
+					'default' => false,
+					'cronmodule' => 'froxlor/backup',
+					'save_method' => 'storeSettingField'
 				),
 			),
 		),
-	);
+	)
+);

-?>
--- a/actions/admin/settings/120.system.php
+++ b/actions/admin/settings/120.system.php
@@ -55,7 +55,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'defaultip',
 					'type' => 'option',
-					'option_mode' => 'one',
+					'option_mode' => 'multiple',
 					'option_options_method' => 'getIpPortCombinations',
 					'default' => '',
 					'save_method' => 'storeSettingDefaultIp',
@@ -145,7 +145,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'report_webmax',
 					'type' => 'int',
-					'int_min' => 1,
+					'int_min' => 0,
 					'int_max' => 150,
 					'default' => 90,
 					'save_method' => 'storeSettingField',
@@ -155,22 +155,12 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'report_trafficmax',
 					'type' => 'int',
-					'int_min' => 1,
+					'int_min' => 0,
 					'int_max' => 150,
 					'default' => 90,
 					'save_method' => 'storeSettingField',
 					),
-				'system_debug_cron' => array(
-					'label' => $lng['serversettings']['cron']['debug'],
-					'settinggroup' => 'system',
-					'varname' => 'debug_cron',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					),
 				),
 			),
 		),
 	);
-
-?>
--- a/actions/admin/settings/125.cronjob.php
+++ b/actions/admin/settings/125.cronjob.php
@@ -0,0 +1,67 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2014 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ *
+ */
+
+return array(
+	'groups' => array(
+		'crond' => array(
+			'title' => $lng['admin']['cronsettings'],
+			'fields' => array(
+				'system_cronconfig' => array(
+					'label' => $lng['serversettings']['system_cronconfig'],
+					'settinggroup' => 'system',
+					'varname' => 'cronconfig',
+					'type' => 'string',
+					'string_type' => 'file',
+					'default' => '/etc/cron.d/froxlor',
+					'save_method' => 'storeSettingField',
+					),
+				'system_croncmdline' => array(
+					'label' => $lng['serversettings']['system_croncmdline'],
+					'settinggroup' => 'system',
+					'varname' => 'croncmdline',
+					'type' => 'string',
+					'default' => '/usr/bin/nice -n 5 /usr/bin/php -q',
+					'save_method' => 'storeSettingField',
+					),
+				'system_crondreload' => array(
+					'label' => $lng['serversettings']['system_crondreload'],
+					'settinggroup' => 'system',
+					'varname' => 'crondreload',
+					'type' => 'string',
+					'default' => '/etc/init.d/cron reload',
+					'save_method' => 'storeSettingField',
+					),
+				'system_cron_allowautoupdate' => array(
+					'label' => $lng['serversettings']['system_cron_allowautoupdate'],
+					'settinggroup' => 'system',
+					'varname' => 'cron_allowautoupdate',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'system_debug_cron' => array(
+					'label' => $lng['serversettings']['cron']['debug'],
+					'settinggroup' => 'system',
+					'varname' => 'debug_cron',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					)
+			)
+		)
+	)
+);
--- a/actions/admin/settings/130.webserver.php
+++ b/actions/admin/settings/130.webserver.php
@@ -16,7 +16,6 @@
 * @package    Settings
 *
 */
-
 return array(
 	'groups' => array(
 		'webserver' => array(
@@ -29,10 +28,15 @@ return array(
 					'type' => 'option',
 					'default' => 'apache2',
 					'option_mode' => 'one',
-					'option_options' => array('apache2' => 'Apache 2', 'lighttpd' => 'ligHTTPd', 'nginx' => 'Nginx'),
-					'save_method' => 'storeSettingField',
-					'overview_option' => true
+					'option_options' => array(
+						'apache2' => 'Apache 2',
+						'lighttpd' => 'ligHTTPd',
+						'nginx' => 'Nginx'
 					),
+					'save_method' => 'storeSettingField',
+					'plausibility_check_method' => 'checkPhpInterfaceSetting',
+					'overview_option' => true
+				),
 				'system_apache_24' => array(
 					'label' => $lng['serversettings']['apache_24'],
 					'settinggroup' => 'system',
@@ -40,24 +44,38 @@ return array(
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2')
-					),
+					'websrv_avail' => array(
+						'apache2'
+					)
+				),
+				'system_apache_itksupport' => array(
+					'label' => $lng['serversettings']['apache_itksupport'],
+					'settinggroup' => 'system',
+					'varname' => 'apacheitksupport',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'visible' => (Settings::Get('system.mod_fcgid') == 0 && Settings::Get('phpfpm.enabled') == 0),
+					'websrv_avail' => array(
+						'apache2'
+					)
+				),
 				'system_httpuser' => array(
 					'label' => $lng['admin']['webserver_user'],
 					'settinggroup' => 'system',
 					'varname' => 'httpuser',
 					'type' => 'string',
 					'default' => 'www-data',
-					'save_method' => 'storeSettingField',
-					),
+					'save_method' => 'storeSettingWebserverFcgidFpmUser'
+				),
 				'system_httpgroup' => array(
 					'label' => $lng['admin']['webserver_group'],
 					'settinggroup' => 'system',
 					'varname' => 'httpgroup',
 					'type' => 'string',
 					'default' => 'www-data',
-					'save_method' => 'storeSettingField',
-					),
+					'save_method' => 'storeSettingField'
+				),
 				'system_apacheconf_vhost' => array(
 					'label' => $lng['serversettings']['apacheconf_vhost'],
 					'settinggroup' => 'system',
@@ -65,8 +83,8 @@ return array(
 					'type' => 'string',
 					'string_type' => 'filedir',
 					'default' => '/etc/apache2/sites-enabled/',
-					'save_method' => 'storeSettingField',
-					),
+					'save_method' => 'storeSettingField'
+				),
 				'system_apacheconf_diroptions' => array(
 					'label' => $lng['serversettings']['apacheconf_diroptions'],
 					'settinggroup' => 'system',
@@ -74,17 +92,17 @@ return array(
 					'type' => 'string',
 					'string_type' => 'filedir',
 					'default' => '/etc/apache2/sites-enabled/',
-					'save_method' => 'storeSettingField',
-					),
+					'save_method' => 'storeSettingField'
+				),
 				'system_apacheconf_htpasswddir' => array(
 					'label' => $lng['serversettings']['apacheconf_htpasswddir'],
 					'settinggroup' => 'system',
 					'varname' => 'apacheconf_htpasswddir',
 					'type' => 'string',
-					'string_type' => 'dir',
+					'string_type' => 'confdir',
 					'default' => '/etc/apache2/htpasswd/',
-					'save_method' => 'storeSettingField',
-					),
+					'save_method' => 'storeSettingField'
+				),
 				'system_logfiles_directory' => array(
 					'label' => $lng['serversettings']['logfiles_directory'],
 					'settinggroup' => 'system',
@@ -92,8 +110,17 @@ return array(
 					'type' => 'string',
 					'string_type' => 'dir',
 					'default' => '/var/customers/logs/',
-					'save_method' => 'storeSettingField',
-					),
+					'save_method' => 'storeSettingField'
+				),
+				'system_customersslpath' => array(
+					'label' => $lng['serversettings']['customerssl_directory'],
+					'settinggroup' => 'system',
+					'varname' => 'customer_ssl_path',
+					'type' => 'string',
+					'string_type' => 'confdir',
+					'default' => '/etc/ssl/froxlor-custom/',
+					'save_method' => 'storeSettingField'
+				),
 				'system_phpappendopenbasedir' => array(
 					'label' => $lng['serversettings']['phpappendopenbasedir'],
 					'settinggroup' => 'system',
@@ -101,8 +128,8 @@ return array(
 					'type' => 'string',
 					'string_emptyallowed' => true,
 					'default' => '',
-					'save_method' => 'storeSettingField',
-					),
+					'save_method' => 'storeSettingField'
+				),
 				'system_deactivateddocroot' => array(
 					'label' => $lng['serversettings']['deactivateddocroot'],
 					'settinggroup' => 'system',
@@ -111,24 +138,36 @@ return array(
 					'string_type' => 'dir',
 					'string_emptyallowed' => true,
 					'default' => '',
-					'save_method' => 'storeSettingField',
-					),
+					'save_method' => 'storeSettingField'
+				),
 				'system_default_vhostconf' => array(
 					'label' => $lng['serversettings']['default_vhostconf'],
 					'settinggroup' => 'system',
 					'varname' => 'default_vhostconf',
 					'type' => 'text',
 					'default' => '',
+					'save_method' => 'storeSettingField'
+				),
+				'system_apache_globaldiropt' => array(
+					'label' => $lng['serversettings']['apache_globaldiropt'],
+					'settinggroup' => 'system',
+					'varname' => 'apacheglobaldiropt',
+					'type' => 'text',
+					'default' => '',
 					'save_method' => 'storeSettingField',
-					),
+					'visible' => (Settings::Get('system.mod_fcgid') == 0 && Settings::Get('phpfpm.enabled') == 0),
+					'websrv_avail' => array(
+						'apache2'
+					)
+				),
 				'system_apachereload_command' => array(
 					'label' => $lng['serversettings']['apachereload_command'],
 					'settinggroup' => 'system',
 					'varname' => 'apachereload_command',
 					'type' => 'string',
 					'default' => '/etc/init.d/apache2 reload',
-					'save_method' => 'storeSettingField',
-					),
+					'save_method' => 'storeSettingField'
+				),
 				'system_phpreload_command' => array(
 					'label' => $lng['serversettings']['phpreload_command'],
 					'settinggroup' => 'system',
@@ -136,8 +175,10 @@ return array(
 					'type' => 'string',
 					'default' => '',
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('nginx')
-					),
+					'websrv_avail' => array(
+						'nginx'
+					)
+				),
 				'system_nginx_php_backend' => array(
 					'label' => $lng['serversettings']['nginx_php_backend'],
 					'settinggroup' => 'system',
@@ -145,25 +186,30 @@ return array(
 					'type' => 'string',
 					'default' => '127.0.0.1:8888',
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('nginx')
-					),
+					'websrv_avail' => array(
+						'nginx'
+					)
+				),
 				'nginx_fastcgiparams' => array(
 					'label' => $lng['serversettings']['nginx_fastcgiparams'],
 					'settinggroup' => 'nginx',
 					'varname' => 'fastcgiparams',
 					'type' => 'string',
+					'string_type' => 'file',
 					'default' => '/etc/nginx/fastcgi_params',
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('nginx')
-					),
+					'websrv_avail' => array(
+						'nginx'
+					)
+				),
 				'defaultwebsrverrhandler_enabled' => array(
 					'label' => $lng['serversettings']['defaultwebsrverrhandler_enabled'],
 					'settinggroup' => 'defaultwebsrverrhandler',
 					'varname' => 'enabled',
 					'type' => 'bool',
 					'default' => false,
-					'save_method' => 'storeSettingField',
-					),
+					'save_method' => 'storeSettingField'
+				),
 				'defaultwebsrverrhandler_err401' => array(
 					'label' => $lng['serversettings']['defaultwebsrverrhandler_err401'],
 					'settinggroup' => 'defaultwebsrverrhandler',
@@ -171,8 +217,11 @@ return array(
 					'type' => 'string',
 					'default' => '',
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2', 'nginx')
-					),
+					'websrv_avail' => array(
+						'apache2',
+						'nginx'
+					)
+				),
 				'defaultwebsrverrhandler_err403' => array(
 					'label' => $lng['serversettings']['defaultwebsrverrhandler_err403'],
 					'settinggroup' => 'defaultwebsrverrhandler',
@@ -180,16 +229,19 @@ return array(
 					'type' => 'string',
 					'default' => '',
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2', 'nginx')
-					),
+					'websrv_avail' => array(
+						'apache2',
+						'nginx'
+					)
+				),
 				'defaultwebsrverrhandler_err404' => array(
 					'label' => $lng['serversettings']['defaultwebsrverrhandler_err404'],
 					'settinggroup' => 'defaultwebsrverrhandler',
 					'varname' => 'err404',
 					'type' => 'string',
 					'default' => '',
-					'save_method' => 'storeSettingField',
-					),
+					'save_method' => 'storeSettingField'
+				),
 				'defaultwebsrverrhandler_err500' => array(
 					'label' => $lng['serversettings']['defaultwebsrverrhandler_err500'],
 					'settinggroup' => 'defaultwebsrverrhandler',
@@ -197,8 +249,11 @@ return array(
 					'type' => 'string',
 					'default' => '',
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2', 'nginx')
-					),
+					'websrv_avail' => array(
+						'apache2',
+						'nginx'
+					)
+				),
 				'customredirect_enabled' => array(
 					'label' => $lng['serversettings']['customredirect_enabled'],
 					'settinggroup' => 'customredirect',
@@ -206,8 +261,11 @@ return array(
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2', 'lighttpd')
-					),
+					'websrv_avail' => array(
+						'apache2',
+						'lighttpd'
+					)
+				),
 				'customredirect_default' => array(
 					'label' => $lng['serversettings']['customredirect_default'],
 					'settinggroup' => 'customredirect',
@@ -217,9 +275,12 @@ return array(
 					'option_mode' => 'one',
 					'option_options_method' => 'getRedirectCodes',
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2', 'lighttpd')
+					'websrv_avail' => array(
+						'apache2',
+						'lighttpd'
 					)
 				)
 			)
 		)
-	);
+	)
+);
--- a/actions/admin/settings/131.ssl.php
+++ b/actions/admin/settings/131.ssl.php
@@ -31,6 +31,15 @@ return array(
 									'save_method' => 'storeSettingField',
 									'overview_option' => true
 							),
+							'system_ssl_cipher_list' => array(
+									'label' => $lng['serversettings']['ssl']['ssl_cipher_list'],
+									'settinggroup' => 'system',
+									'varname' => 'ssl_cipher_list',
+									'type' => 'string',
+									'string_emptyallowed' => false,
+									'default' => 'ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128',
+									'save_method' => 'storeSettingField',
+							),
 							'system_ssl_cert_file' => array(
 									'label' => $lng['serversettings']['ssl']['ssl_cert_file'],
 									'settinggroup' => 'system',
@@ -51,6 +60,16 @@ return array(
 									'default' => '/etc/apache2/apache2.key',
 									'save_method' => 'storeSettingField',
 							),
+							'system_ssl_cert_chainfile' => array(
+									'label' => $lng['admin']['ipsandports']['ssl_cert_chainfile'],
+									'settinggroup' => 'system',
+									'varname' => 'ssl_cert_chainfile',
+									'type' => 'string',
+									'string_type' => 'file',
+									'string_emptyallowed' => true,
+									'default' => '',
+									'save_method' => 'storeSettingField',
+							),
 							'system_ssl_ca_file' => array(
 									'label' => $lng['serversettings']['ssl']['ssl_ca_file'],
 									'settinggroup' => 'system',
@@ -61,16 +80,69 @@ return array(
 									'default' => '',
 									'save_method' => 'storeSettingField',
 							),
-							'system_ssl_cert_chainfile' => array(
-									'label' => $lng['admin']['ipsandports']['ssl_cert_chainfile'],
+							'system_leenabled' => array(
+							        'label' => $lng['serversettings']['leenabled'],
+							        'settinggroup' => 'system',
+							        'varname' => 'leenabled',
+							        'type' => 'bool',
+							        'default' => false,
+							        'cronmodule' => 'froxlor/letsencrypt',
+							        'save_method' => 'storeSettingField'
+							),
+							'system_letsencryptca' => array(
+									'label' => $lng['serversettings']['letsencryptca'],
 									'settinggroup' => 'system',
-									'varname' => 'ssl_cert_chainfile',
-									'type' => 'string',
-									'string_type' => 'file',
-									'string_emptyallowed' => true,
-									'default' => '',
+									'varname' => 'letsencryptca',
+									'type' => 'option',
+									'default' => 'testing',
+									'option_mode' => 'one',
+									'option_options' => array('testing' => 'https://acme-staging.api.letsencrypt.org (Test)', 'production' => 'https://acme-v01.api.letsencrypt.org (Live)'),
 									'save_method' => 'storeSettingField',
-							)
+							),
+							'system_letsencryptcountrycode' => array(
+									'label' => $lng['serversettings']['letsencryptcountrycode'],
+									'settinggroup' => 'system',
+									'varname' => 'letsencryptcountrycode',
+									'type' => 'string',
+									'string_emptyallowed' => false,
+									'default' => 'DE',
+									'save_method' => 'storeSettingField',
+							),
+							'system_letsencryptstate' => array(
+									'label' => $lng['serversettings']['letsencryptstate'],
+									'settinggroup' => 'system',
+									'varname' => 'letsencryptstate',
+									'type' => 'string',
+									'string_emptyallowed' => false,
+									'default' => 'Hessen',
+									'save_method' => 'storeSettingField',
+							),
+							'system_letsencryptchallengepath' => array(
+									'label' => $lng['serversettings']['letsencryptchallengepath'],
+									'settinggroup' => 'system',
+									'varname' => 'letsencryptchallengepath',
+									'type' => 'string',
+									'string_emptyallowed' => false,
+									'default' => FROXLOR_INSTALL_DIR,
+									'save_method' => 'storeSettingField',
+							),
+							'system_letsencryptkeysize' => array(
+									'label' => $lng['serversettings']['letsencryptkeysize'],
+									'settinggroup' => 'system',
+									'varname' => 'letsencryptkeysize',
+									'type' => 'int',
+									'int_min' => 2048,
+									'default' => 4096,
+									'save_method' => 'storeSettingField',
+							),
+							'system_letsencryptreuseold' => array(
+									'label' => $lng['serversettings']['letsencryptreuseold'],
+									'settinggroup' => 'system',
+									'varname' => 'letsencryptreuseold',
+									'type' => 'bool',
+									'default' => false,
+									'save_method' => 'storeSettingField',
+							),
 					)
 			)
 		)
--- a/actions/admin/settings/135.fcgid.php
+++ b/actions/admin/settings/135.fcgid.php
@@ -36,7 +36,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'mod_fcgid_configdir',
 					'type' => 'string',
-					'string_type' => 'dir',
+					'string_type' => 'confdir',
 					'default' => '/var/www/php-fcgi-scripts/',
 					'plausibility_check_method' => 'checkPathConflicts',
 					'save_method' => 'storeSettingField',
@@ -112,7 +112,7 @@ return array(
 					'varname' => 'mod_fcgid_httpuser',
 					'type' => 'string',
 					'default' => 'froxlorlocal',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingWebserverFcgidFpmUser',
 					'websrv_avail' => array('apache2')
 					),
 				'system_mod_fcgid_httpgroup' => array(
@@ -129,7 +129,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'mod_fcgid_defaultini_ownvhost',
 					'type' => 'option',
-					'default' => '1',
+					'default' => '2',
 					'option_mode' => 'one',
 					'option_options_method' => 'getPhpConfigs',
 					'save_method' => 'storeSettingField',
--- a/actions/admin/settings/136.phpfpm.php
+++ b/actions/admin/settings/136.phpfpm.php
@@ -44,7 +44,7 @@ return array(
 					'varname' => 'vhost_httpuser',
 					'type' => 'string',
 					'default' => 'froxlorlocal',
-					'save_method' => 'storeSettingField'
+					'save_method' => 'storeSettingWebserverFcgidFpmUser'
 					),
 				'system_phpfpm_httpgroup' => array(
 					'label' => $lng['phpfpm']['vhost_httpgroup'],
@@ -54,38 +54,44 @@ return array(
 					'default' => 'froxlorlocal',
 					'save_method' => 'storeSettingField'
 					),
-				/*
-				 * @TODO implement if phpfpm knows custom php.ini files
-				 *
+				'system_phpfpm_defaultini' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['defaultini'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'defaultini',
+					'type' => 'option',
+					'default' => '1',
+					'option_mode' => 'one',
+					'option_options_method' => 'getPhpConfigs',
+					'save_method' => 'storeSettingField'
+					),
 				'system_phpfpm_defaultini_ownvhost' => array(
 					'label' => $lng['serversettings']['mod_fcgid']['defaultini_ownvhost'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'vhost_defaultini',
 					'type' => 'option',
-					'default' => '1',
+					'default' => '2',
 					'option_mode' => 'one',
 					'option_options_method' => 'getPhpConfigs',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 					),
-				*/
 				'system_phpfpm_configdir' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['configdir'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'configdir',
 					'type' => 'string',
-					'string_type' => 'dir',
+					'string_type' => 'confdir',
 					'default' => '/etc/php-fpm.d/',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
+					),
+				'system_phpfpm_aliasconfigdir' => array(
+					'label' => $lng['serversettings']['phpfpm_settings']['aliasconfigdir'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'aliasconfigdir',
+					'type' => 'string',
+					'string_type' => 'confdir',
+					'default' => '/var/www/php-fpm/',
+					'save_method' => 'storeSettingField'
 					),
-        'system_phpfpm_aliasconfigdir' => array(
-          'label' => $lng['serversettings']['phpfpm_settings']['aliasconfigdir'],
-          'settinggroup' => 'phpfpm',
-          'varname' => 'aliasconfigdir',
-          'type' => 'string',
-          'string_type' => 'dir',
-          'default' => '/var/www/php-fpm/',
-          'save_method' => 'storeSettingField',
-        ),
 				'system_phpfpm_tmpdir' => array(
 					'label' => $lng['serversettings']['mod_fcgid']['tmpdir'],
 					'settinggroup' => 'phpfpm',
@@ -93,7 +99,7 @@ return array(
 					'type' => 'string',
 					'string_type' => 'dir',
 					'default' => '/var/customers/tmp/',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_peardir' => array(
 					'label' => $lng['serversettings']['mod_fcgid']['peardir'],
@@ -102,7 +108,16 @@ return array(
 					'type' => 'string',
 					'string_type' => 'dir',
 					'default' => '/usr/share/php/:/usr/share/php5/',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
+					),
+				'system_phpfpm_fastcgi_ipcdir' => array(
+					'label' => $lng['serversettings']['phpfpm_settings']['ipcdir'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'fastcgi_ipcdir',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'default' => '/var/lib/apache2/fastcgi/',
+					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_reload' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['reload'],
@@ -110,7 +125,7 @@ return array(
 					'varname' => 'reload',
 					'type' => 'string',
 					'default' => '/etc/init.d/php-fpm restart',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_pm' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['pm'],
@@ -120,7 +135,7 @@ return array(
 					'default' => 'static',
 					'option_mode' => 'one',
 					'option_options' => array('static' => 'static', 'dynamic' => 'dynamic', 'ondemand' => 'ondemand'),
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_max_children' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['max_children'],
@@ -128,7 +143,7 @@ return array(
 					'varname' => 'max_children',
 					'type' => 'int',
 					'default' => 1,
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_start_servers' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['start_servers'],
@@ -136,7 +151,7 @@ return array(
 					'varname' => 'start_servers',
 					'type' => 'int',
 					'default' => 20,
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_min_spare_servers' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers'],
@@ -144,7 +159,7 @@ return array(
 					'varname' => 'min_spare_servers',
 					'type' => 'int',
 					'default' => 5,
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_max_spare_servers' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers'],
@@ -152,7 +167,7 @@ return array(
 					'varname' => 'max_spare_servers',
 					'type' => 'int',
 					'default' => 35,
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_max_requests' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['max_requests'],
@@ -160,7 +175,7 @@ return array(
 					'varname' => 'max_requests',
 					'type' => 'int',
 					'default' => 0,
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_idle_timeout' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout'],
@@ -170,9 +185,16 @@ return array(
 					'default' => 30,
 					'save_method' => 'storeSettingField'
 					),
+				'system_phpfpm_use_mod_proxy' => array(
+					'label' => $lng['phpfpm']['use_mod_proxy'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'use_mod_proxy',
+					'type' => 'bool',
+					'default' => false,
+					'visible' => Settings::Get('system.apache24'),
+					'save_method' => 'storeSettingField'
+					),
 				),
 			),
 		),
 	);
-
-?>
--- a/actions/admin/settings/150.mail.php
+++ b/actions/admin/settings/150.mail.php
@@ -58,6 +58,7 @@ return array(
 					'type' => 'string',
 					'string_type' => 'dir',
 					'default' => 'Maildir',
+					'string_emptyallowed' => true,
 					'save_method' => 'storeSettingField',
 					),
 				'panel_sendalternativemail' => array(
@@ -84,21 +85,6 @@ return array(
 					'default' => 100,
 					'save_method' => 'storeSettingField',
 					),
-				'system_autoresponder_enabled' => array(
-					'label' => $lng['serversettings']['autoresponder_active'],
-					'settinggroup' => 'autoresponder',
-					'varname' => 'autoresponder_active',
-					'type' => 'bool',
-					'default' => false,
-					'cronmodule' => 'froxlor/autoresponder',
-					'save_method' => 'storeSettingField',
-					),
-				'system_last_autoresponder_run' => array(
-					'settinggroup' => 'autoresponder',
-					'varname' => 'last_autoresponder_run',
-					'type' => 'hidden',
-					'default' => 0,
-					),
 				'system_catchall_enabled' => array(
 					'label' => $lng['serversettings']['catchall_enabled'],
 					'settinggroup' => 'catchall',
@@ -107,6 +93,54 @@ return array(
 					'default' => true,
 					'save_method' => 'storeSettingResetCatchall',
 					),
+				'system_mailtraffic_enabled' => array(
+					'label' => $lng['serversettings']['mailtraffic_enabled'],
+					'settinggroup' => 'system',
+					'varname' => 'mailtraffic_enabled',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'system_mdaserver' => array(
+					'label' => $lng['serversettings']['mdaserver'],
+					'settinggroup' => 'system',
+					'varname' => 'mdaserver',
+					'type' => 'option',
+					'option_mode' => 'one',
+					'default' => 'dovecot',
+					'option_options' => array('courier' => 'Courier', 'dovecot' => 'Dovecot'),
+					'save_method' => 'storeSettingField',
+					),
+				'system_mdalog' => array(
+					'label' => $lng['serversettings']['mdalog'],
+					'settinggroup' => 'system',
+					'varname' => 'mdalog',
+					'type' => 'string',
+					'string_type' => 'file',
+					'default' => '/var/log/mail.log',
+					'string_emptyallowed' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'system_mtaserver' => array(
+					'label' => $lng['serversettings']['mtaserver'],
+					'settinggroup' => 'system',
+					'varname' => 'mtaserver',
+					'type' => 'option',
+					'option_mode' => 'one',
+					'default' => 'postfix',
+					'option_options' => array('exim4' => 'Exim4', 'postfix' => 'Postfix'),
+					'save_method' => 'storeSettingField',
+					),
+				'system_mtalog' => array(
+					'label' => $lng['serversettings']['mtalog'],
+					'settinggroup' => 'system',
+					'varname' => 'mtalog',
+					'type' => 'string',
+					'string_type' => 'file',
+					'default' => '/var/log/mail.log',
+					'string_emptyallowed' => true,
+					'save_method' => 'storeSettingField',
+					),
 				),
 			),
 		),
--- a/actions/admin/settings/160.nameserver.php
+++ b/actions/admin/settings/160.nameserver.php
@@ -31,6 +31,24 @@ return array(
 					'save_method' => 'storeSettingField',
 					'overview_option' => true
 					),
+				'system_dnsenabled' => array(
+					'label' => $lng['serversettings']['dnseditorenable'],
+					'settinggroup' => 'system',
+					'varname' => 'dnsenabled',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField'
+					),
+				'system_dns_server' => array(
+					'label' => $lng['serversettings']['dns_server'],
+					'settinggroup' => 'system',
+					'varname' => 'dns_server',
+					'type' => 'option',
+					'default' => 'bind',
+					'option_mode' => 'one',
+					'option_options' => array('bind' => 'Bind9', 'pdns' => 'PowerDNS'),
+					'save_method' => 'storeSettingField'
+				),
 				'system_bindconf_directory' => array(
 					'label' => $lng['serversettings']['bindconf_directory'],
 					'settinggroup' => 'system',
@@ -68,6 +86,25 @@ return array(
 					'default' => '',
 					'save_method' => 'storeSettingField',
 					),
+				'system_axfrservers' => array(
+					'label' => $lng['serversettings']['axfrservers'],
+					'settinggroup' => 'system',
+					'varname' => 'axfrservers',
+					'type' => 'string',
+					'string_type' => 'validate_ip_incl_private',
+					'string_delimiter' => ',',
+					'string_emptyallowed' => true,
+					'default' => '',
+					'save_method' => 'storeSettingField',
+				),
+				'system_dns_createhostnameentry' => array(
+					'label' => $lng['serversettings']['dns_createhostnameentry'],
+					'settinggroup' => 'system',
+					'varname' => 'dns_createhostnameentry',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField'
+				),
 				'system_dns_createmailentry' => array(
 					'label' => $lng['serversettings']['mail_also_with_mxservers'],
 					'settinggroup' => 'system',
--- a/actions/admin/settings/170.logger.php
+++ b/actions/admin/settings/170.logger.php
@@ -65,8 +65,14 @@ return array(
 					'label' => $lng['serversettings']['logger']['logcron'],
 					'settinggroup' => 'logger',
 					'varname' => 'log_cron',
-					'type' => 'bool',
-					'default' => false,
+					'type' => 'option',
+					'default' => 0,
+					'option_mode' => 'one',
+					'option_options' => array(
+							0 => $lng['serversettings']['logger']['logcronoption']['never'],
+							1 => $lng['serversettings']['logger']['logcronoption']['once'],
+							2 => $lng['serversettings']['logger']['logcronoption']['always']
+						),
 					'save_method' => 'storeSettingField',
 					),
 				),
@@ -74,4 +80,4 @@ return array(
 		)
 	);

-?>
+?>
--- a/actions/admin/settings/180.dkim.php
+++ b/actions/admin/settings/180.dkim.php
@@ -17,8 +17,6 @@
 *
 */

-global $settings;
-
 return array(
 	'groups' => array(
 		'dkim' => array(
@@ -82,8 +80,8 @@ return array(
 					),
 				'dkim_keylength' => array(
 					'label' => array(
-						'title' => $lng['dkim']['dkim_keylength']['title'], 
-						'description' => sprintf($lng['dkim']['dkim_keylength']['description'],$settings['dkim']['dkim_prefix'])
+						'title' => $lng['dkim']['dkim_keylength']['title'],
+						'description' => sprintf($lng['dkim']['dkim_keylength']['description'], Settings::Get('dkim.dkim_prefix'))
 					),
 					'settinggroup' => 'dkim',
 					'varname' => 'dkim_keylength',
@@ -133,4 +131,4 @@ return array(
 		),
 	);

-?>
+?>
--- a/actions/admin/settings/185.spf.php
+++ b/actions/admin/settings/185.spf.php
@@ -34,7 +34,7 @@ return array(
 					'settinggroup' => 'spf',
 					'varname' => 'spf_entry',
 					'type' => 'string',
-					'default' => '@	IN	TXT	"v=spf1 a mx -all"',
+					'default' => '"v=spf1 a mx -all"',
 					'save_method' => 'storeSettingField'
 					)
 				)
--- a/actions/admin/settings/200.aps.php
+++ b/actions/admin/settings/200.aps.php
@@ -1,102 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Settings
- *
- */
-
-return array(
-	'groups' => array(
-		'aps' => array(
-			'title' => $lng['admin']['aps'],
-			'fields' => array(
-				'aps_enable' => array(
-					'label' => $lng['aps']['activate_aps'],
-					'settinggroup' => 'aps',
-					'varname' => 'aps_active',
-					'type' => 'bool',
-					'default' => false,
-					'cronmodule' => 'froxlor/aps',
-					'save_method' => 'storeSettingField',
-					'overview_option' => true
-					),
-				'aps_items_per_page' => array(
-					'label' => $lng['aps']['packages_per_page'],
-					'settinggroup' => 'aps',
-					'varname' => 'items_per_page',
-					'type' => 'int',
-					'default' => 20,
-					'save_method' => 'storeSettingField',
-					),
-				'aps_upload_fields' => array(
-					'label' => $lng['aps']['upload_fields'],
-					'settinggroup' => 'aps',
-					'varname' => 'upload_fields',
-					'type' => 'int',
-					'default' => 5,
-					'save_method' => 'storeSettingField',
-					),
-				'aps_exceptions' => array(
-					'label' => $lng['aps']['exceptions'],
-					'type' => 'label',
-					),
-				'aps_php-extension' => array(
-					'label' => $lng['aps']['settings_php_extensions'],
-					'settinggroup' => 'aps',
-					'varname' => 'php-extension',
-					'type' => 'option',
-					'default' => '',
-					'option_mode' => 'multiple',
-					'option_options' => array('gd' => 'GD Library', 'pcre' => 'PCRE', 'ioncube' => 'ionCube', 'ioncube loader' => 'ionCube Loader', 'curl' => 'curl', 'mcrypt' => 'mcrypt', 'imap' => 'imap', 'json' => 'json', 'ldap' => 'LDAP', 'hash' => 'hash', 'mbstring' => 'mbstring'),
-					'save_method' => 'storeSettingApsPhpExtensions',
-					),
-				'aps_php-function' => array(
-					'settinggroup' => 'aps',
-					'varname' => 'php-function',
-					'type' => 'hidden',
-					'default' => '',
-					),
-				'aps_php-configuration' => array(
-					'label' => $lng['aps']['settings_php_configuration'],
-					'settinggroup' => 'aps',
-					'varname' => 'php-configuration',
-					'type' => 'option',
-					'default' => '',
-					'option_mode' => 'multiple',
-					'option_options' => array('short_open_tag' => 'short_open_tag', 'file_uploads' => 'file_uploads', 'magic_quotes_gpc' => 'magic_quotes_gpc', 'register_globals' => 'register_globals', 'allow_url_fopen' => 'allow_url_fopen', 'safe_mode' => 'safe_mode', 'post_max_size' => 'post_max_size', 'memory_limit' => 'memory_limit', 'max_execution_time' => 'max_execution_time'),
-					'save_method' => 'storeSettingField',
-					),
-				'aps_webserver-module' => array(
-					'label' => $lng['aps']['settings_webserver_modules'],
-					'settinggroup' => 'aps',
-					'varname' => 'webserver-module',
-					'type' => 'option',
-					'default' => '',
-					'option_mode' => 'multiple',
-					'option_options' => array('mod_perl' => 'mod_perl', 'mod_rewrite' => 'mod_rewrite', 'mod_access' => 'mod_access', 'fcgid-any' => 'FastCGI/mod_fcgid', 'htaccess' => '.htaccess'),
-					'save_method' => 'storeSettingApsWebserverModules',
-					),
-				'aps_webserver-htaccess' => array(
-					'settinggroup' => 'aps',
-					'varname' => 'webserver-htaccess',
-					'type' => 'hidden',
-					'default' => '',
-					),
-				),
-			),
-		),
-	);
-
-?>
--- a/actions/admin/settings/210.security.php
+++ b/actions/admin/settings/210.security.php
@@ -38,9 +38,33 @@ return array(
 					'default' => true,
 					'save_method' => 'storeSettingField',
 					),
-				),
-			),
-		),
+				'system_passwordcryptfunc' => array(
+					'label' => $lng['serversettings']['passwordcryptfunc'],
+					'settinggroup' => 'system',
+					'varname' => 'passwordcryptfunc',
+					'type' => 'option',
+					'default' => 0,
+					'option_mode' => 'one',
+					'option_options_method' => 'getAvailablePasswordHashes',
+					'save_method' => 'storeSettingField',
+					),
+				'system_allow_error_report_admin' => array(
+					'label' => $lng['serversettings']['allow_error_report_admin'],
+					'settinggroup' => 'system',
+					'varname' => 'allow_error_report_admin',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'system_allow_error_report_customer' => array(
+					'label' => $lng['serversettings']['allow_error_report_customer'],
+					'settinggroup' => 'system',
+					'varname' => 'allow_error_report_customer',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					)
+				)
+			)
+		)
 	);
-
-?>
--- a/actions/admin/settings/215.backup.php
+++ b/actions/admin/settings/215.backup.php
@@ -1,118 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Settings
- *
- */
-
-return array(
-	'groups' => array(
-		'backup' => array(
-			'title' => $lng['backup'],
-			'fields' => array(
-				'backup_enabled' => array(
-					'label' => $lng['serversettings']['backup_enabled'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_enabled',
-					'type' => 'bool',
-					'default' => false,
-					'cronmodule' => 'froxlor/backup',
-					'save_method' => 'storeSettingField',
-					'overview_option' => true
-				),
-				'backup_dir' => array(
-					'label' => $lng['serversettings']['backupdir']['description'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_dir',
-					'type' => 'string',
-					'string_type' => 'dir',
-					'default' => '/var/customers/backups/',
-					'string_regexp' => '#^/.*/$#',
-					'save_method' => 'storeSettingField',
-				),
-				'backup_mysqldump_path' => array(
-					'label' => $lng['serversettings']['mysqldump_path']['description'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_mysqldump_path',
-					'type' => 'string',
-					'default' => '/usr/bin/mysqldump',
-					'save_method' => 'storeSettingField',
-				),
-				'backup_count' => array(
-					'label' => $lng['serversettings']['backup_count'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_count',
-					'type' => 'bool',
-					'default' => 'true',
-					'save_method' => 'storeSettingField',
-					'overview_option' => false
-				),				
-				'backup_bigfile' => array(
-					'label' => $lng['serversettings']['backup_bigfile'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_bigfile',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					'overview_option' => false
-				),
-				'backup_ftp_enabled_' => array(
-					'label' => $lng['serversettings']['backup_ftp_enabled'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_ftp_enabled',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					'overview_option' => false
-				),
-				'backup_server' => array(
-					'label' => $lng['serversettings']['backup_ftp_server'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_ftp_server',
-					'type' => 'string',
-					'default' => '',
-					'save_method' => 'storeSettingField',
-				),
-				'backup_user' => array(
-					'label' => $lng['serversettings']['backup_ftp_user'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_ftp_user',
-					'type' => 'string',
-					'default' => '',
-					'save_method' => 'storeSettingField',
-				),
-				'backup_pass' => array(
-					'label' => $lng['serversettings']['backup_ftp_pass'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_ftp_pass',
-					'type' => 'hiddenstring',
-					'default' => '',
-					'save_method' => 'storeSettingField',
-				),
-				'backup_passive_mode' => array(
-					'label' => $lng['serversettings']['backup_ftp_passive_mode'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_ftp_passive',
-					'type' => 'bool',
-					'default' => true,
-					'save_method' => 'storeSettingField',
-					'overview_option' => false,
-				),
-				),
-			),
-		),
-	);
-
-?>
--- a/actions/admin/settings/225.logrotate.php
+++ b/actions/admin/settings/225.logrotate.php
@@ -1,67 +0,0 @@
-<?php
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Settings
- *
- */
-
-return array(
-'groups' => array(
-		'logrotate' => array(
-			'title' => $lng['logrotate'],
-			'fields' => array(
-				'logrotate_enabled' => array(
-					'label' => $lng['logrotate_enabled'],
-					'settinggroup' => 'system',
-					'varname' => 'logrotate_enabled',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					'overview_option' => true
-				),
-				'logrotate_binary' => array(
-					'label' => $lng['logrotate_binary'],
-					'settinggroup' => 'system',
-					'varname' => 'logrotate_binary',
-					'type' => 'string',
-					'default' => '/usr/sbin/logrotate',
-					'save_method' => 'storeSettingField',
-					'overview_option' => false
-				),
-				'logrotate_interval' => array(
-					'label' => $lng['logrotate_interval'],
-					'settinggroup' => 'system',
-					'varname' => 'logrotate_interval',
-					'type' => 'option',
-					'default' => 'weekly',
-					'option_mode' => 'one',
-				        'option_options' => array('daily' => 'Daily', 'weekly' => 'Weekly', 'monthly' => 'Monthly'),
-					'save_method' => 'storeSettingField',
-					'overview_option' => false
-				),
-				'logrotate_keep' => array(
-					'label' => $lng['logrotate_keep'],
-					'settinggroup' => 'system',
-					'varname' => 'logrotate_keep',
-					'type' => 'string',
-					'default' => '4',
-					'save_method' => 'storeSettingField',
-					'overview_option' => false
-				),				
-				),
-			),
-		),
-	);
-
-?>
--- a/admin_admins.php
+++ b/admin_admins.php
--- a/admin_apcuinfo.php
+++ b/admin_apcuinfo.php
@@ -0,0 +1,415 @@
+<?php
+
+/*
+  +----------------------------------------------------------------------+
+  | APC                                                                  |
+  +----------------------------------------------------------------------+
+  | Copyright (c) 2006-2011 The PHP Group                                |
+  +----------------------------------------------------------------------+
+  | This source file is subject to version 3.01 of the PHP license,      |
+  | that is bundled with this package in the file LICENSE, and is        |
+  | available through the world-wide-web at the following url:           |
+  | http://www.php.net/license/3_01.txt                                  |
+  | If you did not receive a copy of the PHP license and are unable to   |
+  | obtain it through the world-wide-web, please send a note to          |
+  | license@php.net so we can mail you a copy immediately.               |
+  +----------------------------------------------------------------------+
+  | Authors: Ralf Becker <beckerr@php.net>                               |
+  |          Rasmus Lerdorf <rasmus@php.net>                             |
+  |          Ilia Alshanetsky <ilia@prohost.org>                         |
+  +----------------------------------------------------------------------+
+
+   All other licensing and usage conditions are those of the PHP Group.
+
+   Based on https://github.com/krakjoe/apcu/blob/master/apc.php
+   Implemented into Froxlor: Janos Muzsi <muzsij@hypernics.hu>
+
+ */
+
+define('AREA', 'admin');
+require './lib/init.php';
+
+
+$horizontal_bar_size = 950; // 1280px window width
+
+if ($action == 'delete' &&
+        function_exists('apcu_clear_cache') &&
+        $userinfo['change_serversettings'] == '1'
+) {
+    apcu_clear_cache();
+    $log->logAction(ADM_ACTION, LOG_INFO, "cleared APCu cache");
+    header('Location: ' . $linker->getLink(array('section' => 'apcuinfo', 'page' => 'showinfo')));
+    exit();
+}
+
+if (!function_exists('apcu_cache_info') ||
+        !function_exists('apcu_sma_info')
+) {
+    standard_error($lng['error']['no_apcuinfo']);
+}
+
+if ($page == 'showinfo'
+) {
+    $cache = apcu_cache_info();
+    $mem = apcu_sma_info();
+    $time = time();
+    $log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_apcuinfo");
+
+    $passtime = $time - $cache['start_time'] > 0 ? $time - $cache['start_time'] : 1; // zero division
+    $mem_size = $mem['num_seg'] * $mem['seg_size'];
+    $mem_avail = $mem['avail_mem'];
+    $mem_used = $mem_size - $mem_avail;
+    $seg_size = bsize($mem['seg_size']);
+    $sharedmem = sprintf($lng['apcuinfo']['sharedmemval'], $mem['num_seg'], $seg_size, $cache['memory_type']);
+    $req_rate_user = sprintf("%.2f", $cache['num_hits'] ? (($cache['num_hits'] + $cache['num_misses']) / $passtime) : 0);
+    $hit_rate_user = sprintf("%.2f", $cache['num_hits'] ? (($cache['num_hits']) / $passtime) : 0);
+    $miss_rate_user = sprintf("%.2f", $cache['num_misses'] ? (($cache['num_misses']) / $passtime) : 0);
+    $insert_rate_user = sprintf("%.2f", $cache['num_inserts'] ? (($cache['num_inserts']) / $passtime) : 0);
+    $apcversion = phpversion('apcu');
+    $phpversion = phpversion();
+    $number_vars = $cache['num_entries'];
+    $starttime = date('Y-m-d H:i:s', $cache['start_time']);
+    $uptime_duration = duration($cache['start_time']);
+    $size_vars = bsize($cache['mem_size']);
+
+    // check for possible empty values that are used in the templates
+    if (!isset($cache['file_upload_progress'])) {
+        $cache['file_upload_progress'] = $lng['logger']['unknown'];
+    }
+
+    if (!isset($cache['num_expunges'])) {
+        $cache['num_expunges'] = $lng['logger']['unknown'];
+    }
+
+    $runtimelines = '';
+    foreach (ini_get_all('apcu') as $name => $v) {
+        $value = $v['local_value'];
+        eval("\$runtimelines.=\"" . getTemplate("settings/apcuinfo/runtime_line") . "\";");
+    }
+
+    $freemem = bsize($mem_avail) . sprintf(" (%.1f%%)", $mem_avail * 100 / $mem_size);
+    $usedmem = bsize($mem_used) . sprintf(" (%.1f%%)", $mem_used * 100 / $mem_size);
+    $hits = $cache['num_hits'] . @sprintf(" (%.1f%%)", $cache['num_hits'] * 100 / ($cache['num_hits'] + $cache['num_misses']));
+    $misses = $cache['num_misses'] . @sprintf(" (%.1f%%)", $cache['num_misses'] * 100 / ($cache['num_hits'] + $cache['num_misses']));
+
+    // Fragementation: (freeseg - 1) / total_seg
+    $nseg = $freeseg = $fragsize = $freetotal = 0;
+    for ($i = 0; $i < $mem['num_seg']; $i++) {
+        $ptr = 0;
+        foreach ($mem['block_lists'][$i] as $block) {
+            if ($block['offset'] != $ptr) {
+                ++$nseg;
+            }
+            $ptr = $block['offset'] + $block['size'];
+            /* Only consider blocks <5M for the fragmentation % */
+            if ($block['size'] < (5 * 1024 * 1024))
+                $fragsize+=$block['size'];
+            $freetotal+=$block['size'];
+        }
+        $freeseg += count($mem['block_lists'][$i]);
+    }
+
+    if ($freeseg > 1) {
+        $frag = sprintf("%.2f%% (%s out of %s in %d fragments)", ($fragsize / $freetotal) * 100, bsize($fragsize), bsize($freetotal), $freeseg);
+    } else {
+        $frag = "0%";
+    }
+
+    foreach (ini_get_all('apcu') as $name => $v) {
+        $value = $v['local_value'];
+    }
+
+    $img_src1 = '';
+    $img_src2 = '';
+    $img_src3 = '';
+    if (graphics_avail()) {
+        $img_src = $linker->getLink(array('section' => 'apcuinfo', 'page' => 'img1', 'action' => mt_rand(0, 1000000)));
+        eval("\$img_src1=\"" . getTemplate("settings/apcuinfo/img_line") . "\";");
+        $img_src = $linker->getLink(array('section' => 'apcuinfo', 'page' => 'img2', 'action' => mt_rand(0, 1000000)));
+        eval("\$img_src2=\"" . getTemplate("settings/apcuinfo/img_line") . "\";");
+        $img_src = $linker->getLink(array('section' => 'apcuinfo', 'page' => 'img3', 'action' => mt_rand(0, 1000000)));
+        eval("\$img_src3=\"" . getTemplate("settings/apcuinfo/img_line") . "\";");
+    }
+
+    eval("echo \"" . getTemplate("settings/apcuinfo/showinfo") . "\";");
+    
+} elseif ($page == 'img1'
+) {
+
+    $mem = apcu_sma_info();
+
+    $size = 460;
+    $image = imagecreate($size + 5, $size + 5);
+
+    $col_white = imagecolorallocate($image, 0xFF, 0xFF, 0xFF);
+    $col_red = imagecolorallocate($image, 0xD0, 0x60, 0x30);
+    $col_green = imagecolorallocate($image, 0x60, 0xF0, 0x60);
+    $col_black = imagecolorallocate($image, 0, 0, 0);
+
+    imagecolortransparent($image, $col_white);
+
+    $s = $mem['num_seg'] * $mem['seg_size'];
+    $a = $mem['avail_mem'];
+    $x = $y = $size / 2;
+    $fuzz = 0.000001;
+
+    // This block of code creates the pie chart.  It is a lot more complex than you
+    // would expect because we try to visualize any memory fragmentation as well.
+    $angle_from = 0;
+    $string_placement = array();
+    for ($i = 0; $i < $mem['num_seg']; $i++) {
+        $ptr = 0;
+        $free = $mem['block_lists'][$i];
+        uasort($free, 'block_sort');
+        foreach ($free as $block) {
+            if ($block['offset'] != $ptr) {       // Used block
+                $angle_to = $angle_from + ($block['offset'] - $ptr) / $s;
+                if (($angle_to + $fuzz) > 1)
+                    $angle_to = 1;
+                if (($angle_to * 360) - ($angle_from * 360) >= 1) {
+                    fill_arc($image, $x, $y, $size, $angle_from * 360, $angle_to * 360, $col_black, $col_red);
+                    if (($angle_to - $angle_from) > 0.05) {
+                        array_push($string_placement, array($angle_from, $angle_to));
+                    }
+                }
+                $angle_from = $angle_to;
+            }
+            $angle_to = $angle_from + ($block['size']) / $s;
+            if (($angle_to + $fuzz) > 1)
+                $angle_to = 1;
+            if (($angle_to * 360) - ($angle_from * 360) >= 1) {
+                fill_arc($image, $x, $y, $size, $angle_from * 360, $angle_to * 360, $col_black, $col_green);
+                if (($angle_to - $angle_from) > 0.05) {
+                    array_push($string_placement, array($angle_from, $angle_to));
+                }
+            }
+            $angle_from = $angle_to;
+            $ptr = $block['offset'] + $block['size'];
+        }
+        if ($ptr < $mem['seg_size']) { // memory at the end
+            $angle_to = $angle_from + ($mem['seg_size'] - $ptr) / $s;
+            if (($angle_to + $fuzz) > 1)
+                $angle_to = 1;
+            fill_arc($image, $x, $y, $size, $angle_from * 360, $angle_to * 360, $col_black, $col_red);
+            if (($angle_to - $angle_from) > 0.05) {
+                array_push($string_placement, array($angle_from, $angle_to));
+            }
+        }
+    }
+    foreach ($string_placement as $angle) {
+        text_arc($image, $x, $y, $size, $angle[0] * 360, $angle[1] * 360, $col_black, bsize($s * ($angle[1] - $angle[0])));
+    }
+
+    header("Content-type: image/png");
+    imagepng($image);
+    exit;
+} elseif ($page == 'img2'
+) {
+
+    $cache = apcu_cache_info();
+
+    $size = $horizontal_bar_size;
+    $image = imagecreate($size + 5, 140);
+
+    $col_white = imagecolorallocate($image, 0xFF, 0xFF, 0xFF);
+    $col_red = imagecolorallocate($image, 0xD0, 0x60, 0x30);
+    $col_green = imagecolorallocate($image, 0x60, 0xF0, 0x60);
+    $col_black = imagecolorallocate($image, 0, 0, 0);
+
+    imagecolortransparent($image, $col_white);
+
+    $s = $cache['num_hits'] + $cache['num_misses'];
+    $a = $cache['num_hits'];
+
+    fill_box($image, 1, 10, $s ? ($a * ($size - 21) / $s) : $size, 50, $col_black, $col_green/* , sprintf("%.1f%%", $s ? $cache['num_hits'] * 100 / $s : 0) */);
+    fill_box($image, 1, 80, $s ? max(4, ($s - $a) * ($size - 21) / $s) : $size, 50, $col_black, $col_red/* , sprintf("%.1f%%", $s ? $cache['num_misses'] * 100 / $s : 0) */);
+
+    header("Content-type: image/png");
+    imagepng($image);
+    exit;
+} elseif ($page == 'img3'
+) {
+
+    $mem = apcu_sma_info();
+
+    $size = $horizontal_bar_size;
+    $image = imagecreate($size, 70);
+
+    $col_white = imagecolorallocate($image, 0xFF, 0xFF, 0xFF);
+    $col_red = imagecolorallocate($image, 0xD0, 0x60, 0x30);
+    $col_green = imagecolorallocate($image, 0x60, 0xF0, 0x60);
+    $col_black = imagecolorallocate($image, 0, 0, 0);
+
+    imagecolortransparent($image, $col_white);
+
+    $s = $mem['num_seg'] * $mem['seg_size'];
+    $a = $mem['avail_mem'];
+    $x = 10;
+    $y = 0;
+
+    // This block of code creates the bar chart.  It is a lot more complex than you
+    // would expect because we try to visualize any memory fragmentation as well.
+    for ($i = 0; $i < $mem['num_seg']; $i++) {
+        $ptr = 0;
+        $free = $mem['block_lists'][$i];
+        uasort($free, 'block_sort');
+        foreach ($free as $block) {
+            if ($block['offset'] != $ptr) {       // Used block
+                $h = ($size - 5) * ($block['offset'] - $ptr) / $s;
+                if ($h > 0) {
+                    fill_box($image, $y, $x, $h, 50, $col_black, $col_red);
+                }
+                $y+=$h;
+            }
+            $h = ($size - 5) * ($block['size']) / $s;
+            if ($h > 0) {
+                fill_box($image, $y, $x, $h, 50, $col_black, $col_green);
+            }
+            $y+=$h;
+            $ptr = $block['offset'] + $block['size'];
+        }
+        if ($ptr < $mem['seg_size']) { // memory at the end
+            $h = ($size - 5) * ($mem['seg_size'] - $ptr) / $s;
+            if ($h > 0) {
+                fill_box($image, $y, $x, $h, 50, $col_black, $col_red, bsize($mem['seg_size'] - $ptr), $j++);
+            }
+        }
+    }
+
+    header("Content-type: image/png");
+    imagepng($image);
+    exit;
+}
+
+function graphics_avail() {
+    return extension_loaded('gd');
+}
+
+// pretty printer for byte values
+//
+function bsize($s) {
+    foreach (array('', 'K', 'M', 'G') as $i => $k) {
+        if ($s < 1024)
+            break;
+        $s/=1024;
+    }
+    return sprintf("%5.1f %sBytes", $s, $k);
+}
+
+function duration($ts) {
+    global $time;
+    $years = (int) ((($time - $ts) / (7 * 86400)) / 52.177457);
+    $rem = (int) (($time - $ts) - ($years * 52.177457 * 7 * 86400));
+    $weeks = (int) (($rem) / (7 * 86400));
+    $days = (int) (($rem) / 86400) - $weeks * 7;
+    $hours = (int) (($rem) / 3600) - $days * 24 - $weeks * 7 * 24;
+    $mins = (int) (($rem) / 60) - $hours * 60 - $days * 24 * 60 - $weeks * 7 * 24 * 60;
+    $str = '';
+    if ($years == 1)
+        $str .= "$years year, ";
+    if ($years > 1)
+        $str .= "$years years, ";
+    if ($weeks == 1)
+        $str .= "$weeks week, ";
+    if ($weeks > 1)
+        $str .= "$weeks weeks, ";
+    if ($days == 1)
+        $str .= "$days day,";
+    if ($days > 1)
+        $str .= "$days days,";
+    if ($hours == 1)
+        $str .= " $hours hour and";
+    if ($hours > 1)
+        $str .= " $hours hours and";
+    if ($mins == 1)
+        $str .= " 1 minute";
+    else
+        $str .= " $mins minutes";
+    return $str;
+}
+
+function block_sort($array1, $array2) {
+    if ($array1['offset'] > $array2['offset']) {
+        return 1;
+    } else {
+        return -1;
+    }
+}
+
+function fill_arc($im, $centerX, $centerY, $diameter, $start, $end, $color1, $color2, $text = '', $placeindex = 0) {
+    $r = $diameter / 2;
+    $w = deg2rad((360 + $start + ($end - $start) / 2) % 360);
+
+
+    if (function_exists("imagefilledarc")) {
+        // exists only if GD 2.0.1 is available
+        imagefilledarc($im, $centerX + 1, $centerY + 1, $diameter, $diameter, $start, $end, $color1, IMG_ARC_PIE);
+        imagefilledarc($im, $centerX, $centerY, $diameter, $diameter, $start, $end, $color2, IMG_ARC_PIE);
+        imagefilledarc($im, $centerX, $centerY, $diameter, $diameter, $start, $end, $color1, IMG_ARC_NOFILL | IMG_ARC_EDGED);
+    } else {
+        imagearc($im, $centerX, $centerY, $diameter, $diameter, $start, $end, $color2);
+        imageline($im, $centerX, $centerY, $centerX + cos(deg2rad($start)) * $r, $centerY + sin(deg2rad($start)) * $r, $color2);
+        imageline($im, $centerX, $centerY, $centerX + cos(deg2rad($start + 1)) * $r, $centerY + sin(deg2rad($start)) * $r, $color2);
+        imageline($im, $centerX, $centerY, $centerX + cos(deg2rad($end - 1)) * $r, $centerY + sin(deg2rad($end)) * $r, $color2);
+        imageline($im, $centerX, $centerY, $centerX + cos(deg2rad($end)) * $r, $centerY + sin(deg2rad($end)) * $r, $color2);
+        imagefill($im, $centerX + $r * cos($w) / 2, $centerY + $r * sin($w) / 2, $color2);
+    }
+    if ($text) {
+        if ($placeindex > 0) {
+            imageline($im, $centerX + $r * cos($w) / 2, $centerY + $r * sin($w) / 2, $diameter, $placeindex * 12, $color1);
+            imagestring($im, 4, $diameter, $placeindex * 12, $text, $color1);
+        } else {
+            imagestring($im, 4, $centerX + $r * cos($w) / 2, $centerY + $r * sin($w) / 2, $text, $color1);
+        }
+    }
+}
+
+function text_arc($im, $centerX, $centerY, $diameter, $start, $end, $color1, $text, $placeindex = 0) {
+    $r = $diameter / 2;
+    $w = deg2rad((360 + $start + ($end - $start) / 2) % 360);
+
+    if ($placeindex > 0) {
+        imageline($im, $centerX + $r * cos($w) / 2, $centerY + $r * sin($w) / 2, $diameter, $placeindex * 12, $color1);
+        imagestring($im, 4, $diameter, $placeindex * 12, $text, $color1);
+    } else {
+        imagestring($im, 4, $centerX + $r * cos($w) / 2, $centerY + $r * sin($w) / 2, $text, $color1);
+    }
+}
+
+function fill_box($im, $x, $y, $w, $h, $color1, $color2, $text = '', $placeindex = '') {
+    global $col_black;
+    $x1 = $x + $w - 1;
+    $y1 = $y + $h - 1;
+
+    imagerectangle($im, $x, $y1, $x1 + 1, $y + 1, $col_black);
+    if ($y1 > $y)
+        imagefilledrectangle($im, $x, $y, $x1, $y1, $color2);
+    else
+        imagefilledrectangle($im, $x, $y1, $x1, $y, $color2);
+    imagerectangle($im, $x, $y1, $x1, $y, $color1);
+    if ($text) {
+        if ($placeindex > 0) {
+
+            if ($placeindex < 16) {
+                $px = 5;
+                $py = $placeindex * 12 + 6;
+                imagefilledrectangle($im, $px + 90, $py + 3, $px + 90 - 4, $py - 3, $color2);
+                imageline($im, $x, $y + $h / 2, $px + 90, $py, $color2);
+                imagestring($im, 2, $px, $py - 6, $text, $color1);
+            } else {
+                if ($placeindex < 31) {
+                    $px = $x + 40 * 2;
+                    $py = ($placeindex - 15) * 12 + 6;
+                } else {
+                    $px = $x + 40 * 2 + 100 * intval(($placeindex - 15) / 15);
+                    $py = ($placeindex % 15) * 12 + 6;
+                }
+                imagefilledrectangle($im, $px, $py + 3, $px - 4, $py - 3, $color2);
+                imageline($im, $x + $w, $y + $h / 2, $px, $py, $color2);
+                imagestring($im, 2, $px + 2, $py - 6, $text, $color1);
+            }
+        } else {
+            imagestring($im, 4, $x + 5, $y1 - 16, $text, $color1);
+        }
+    }
+}
--- a/admin_aps.php
+++ b/admin_aps.php
@@ -1,34 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Panel
- *
- */
-
-// Required code
-
-define('AREA', 'admin');
-require ("./lib/init.php");
-$Id = 0;
-
-if(isset($_GET['id']))$Id = (int)$_GET['id'];
-
-if(isset($_POST['id']))$Id = (int)$_POST['id'];
-eval("echo \"" . getTemplate("aps/header") . "\";");
-$Aps = new ApsParser($userinfo, $settings, $db);
-$Aps->MainHandler($action);
-eval("echo \"" . getTemplate("aps/footer") . "\";");
-
-?>
--- a/admin_autoupdate.php
+++ b/admin_autoupdate.php
@@ -0,0 +1,209 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2016 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Frontend
+ *
+ * @since      0.9.35
+ *
+ */
+
+define('AREA', 'admin');
+require './lib/init.php';
+
+// define update-uri
+define('UPDATE_URI', "https://version.froxlor.org/Froxlor/legacy/" . $version);
+define('RELEASE_URI', "https://autoupdate.froxlor.org/froxlor-{version}.zip");
+define('CHECKSUM_URI', "https://autoupdate.froxlor.org/froxlor-{version}.zip.sha256");
+
+// check for allow_url_fopen
+if (ini_get('allow_url_fopen') === false) {
+	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 1));
+}
+
+// check for archive-stuff
+if (function_exists('gzopen') === false) {
+	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 2));
+}
+
+// display initial version check
+if ($page == 'overview') {
+
+	// log our actions
+	$log->logAction(ADM_ACTION, LOG_NOTICE, "checking auto-update");
+
+	// check for new version
+	$latestversion = @file(UPDATE_URI);
+
+	if (isset($latestversion[0])) {
+		$latestversion = explode('|', $latestversion[0]);
+
+		if (is_array($latestversion)
+				&& count($latestversion) >= 1
+		) {
+			$_version = $latestversion[0];
+			$_message = isset($latestversion[1]) ? $latestversion[1] : '';
+			$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
+
+			// add the branding so debian guys are not gettings confused
+			// about their version-number
+			$version_label = $_version.$branding;
+			$version_link = $_link;
+			$message_addinfo = $_message;
+
+			// not numeric -> error-message
+			if (!preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
+				// check for customized version to not output
+				// "There is a newer version of froxlor" besides the error-message
+				redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 3));
+			} elseif (version_compare2($version, $_version) == -1) {
+				// there is a newer version - yay
+				$isnewerversion = 1;
+			} else {
+				// nothing new
+				$isnewerversion = 0;
+			}
+
+			// anzeige über version-status mit ggfls. formular
+			// zum update schritt #1 -> download
+			if ($isnewerversion == 1) {
+				$text = 'There is a newer version available. Update to version <b>'.$_version.'</b> now?<br/>(Your current version is: '.$version.')';
+				$hiddenparams = '<input type="hidden" name="newversion" value="'.$_version.'" />';
+				$yesfile = $filename.'?s='.$s.'&amp;page=getdownload';
+				eval("echo \"" . getTemplate("misc/question_yesno", true) . "\";");
+				exit;
+			}
+			elseif ($isnewerversion == 0) {
+				// all good
+			    standard_success ('noupdatesavail');
+			} else {
+				standard_error ('customized_version');
+			}
+		}
+	}
+	// error (something weird came from version.froxlor.org)
+	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 5));
+}
+// download the new archive
+elseif ($page == 'getdownload') {
+
+	// retrieve the new version from the form
+	$newversion = isset($_POST['newversion']) ? $_POST['newversion'] : null;
+
+	// valid?
+	if ($newversion !== null) {
+
+		// define files to get
+		$toLoad = str_replace('{version}', $newversion, RELEASE_URI);
+		$toCheck = str_replace('{version}', $newversion, CHECKSUM_URI);
+
+		// get archive data
+		$newArchive = @file_get_contents($toLoad);
+
+		// check for local destination folder
+		if (!is_dir(FROXLOR_INSTALL_DIR.'/updates/')) {
+			mkdir(FROXLOR_INSTALL_DIR.'/updates/');
+		}
+
+		// name archive
+		$localArchive = FROXLOR_INSTALL_DIR.'/updates/'.basename($toLoad);
+
+		$log->logAction(ADM_ACTION, LOG_NOTICE, "Downloading ".$toLoad." to ".$localArchive);
+
+		// remove old archive
+		if (file_exists($localArchive)) {
+		    @unlink($localArchive);
+		}
+
+		// store archive
+		$fh = fopen($localArchive, 'w');
+		if (!fwrite($fh, $newArchive)) {
+			redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 4));
+		}
+
+		// close file-handle
+		fclose($fh);
+
+		// validate the integrity of the downloaded file
+		$_shouldsum = @file_get_contents($toCheck);
+		if (!empty($_shouldsum)) {
+		    $_t = explode(" ", $_shouldsum);
+		    $shouldsum = $_t[0];
+		} else {
+		    $shouldsum = null;
+		}
+		$filesum = hash_file('sha256', $localArchive);
+
+		if ($filesum != $shouldsum) {
+		    redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 9));
+		}
+
+		// to the next step
+		redirectTo($filename, array('s' => $s, 'page' => 'extract', 'archive' => basename($localArchive)));
+	}
+	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 6));
+}
+// extract and install new version
+elseif ($page == 'extract') {
+
+	$toExtract = isset($_GET['archive']) ? $_GET['archive'] : null;
+	$localArchive = FROXLOR_INSTALL_DIR.'/updates/'.$toExtract;
+
+	if (isset($_POST['send'])
+			&& $_POST['send'] == 'send'
+	) {
+		// decompress from zip
+		$zip = new ZipArchive;
+		$res = $zip->open($localArchive);
+		if ($res === true) {
+		    $log->logAction(ADM_ACTION, LOG_NOTICE, "Extracting ".$localArchive." to ".dirname(FROXLOR_INSTALL_DIR));
+			$zip->extractTo(dirname(FROXLOR_INSTALL_DIR));
+			$zip->close();
+			// success - remove unused archive
+			@unlink($localArchive);
+		} else {
+			// error
+			redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 8));
+		}
+
+		// redirect to update-page?
+		redirectTo('admin_updates.php', array('s' => $s));
+	}
+
+	if (!file_exists($localArchive)) {
+		redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 7));
+	}
+
+	$text = 'Extract downloaded archive "'.$toExtract.'"?';
+	$hiddenparams = '';
+	$yesfile = $filename.'?s='.$s.'&amp;page=extract&amp;archive='.$toExtract;
+	eval("echo \"" . getTemplate("misc/question_yesno", true) . "\";");
+}
+
+// display error
+elseif ($page == 'error') {
+
+	// retrieve error-number via url-parameter
+	$errno = isset($_GET['errno']) ? (int)$_GET['errno'] : 0;
+
+	// 1 = no allow_url_fopen
+	// 2 = no Zlib
+	// 3 = custom version detected
+	// 4 = could not store archive to local hdd
+	// 5 = some weird value came from version.froxlor.org
+	// 6 = download without valid version
+	// 7 = local archive does not exist
+	// 8 = could not extract archive
+	// 9 = checksum mismatch
+	standard_error ('autoupdate_'.$errno);
+}
--- a/admin_configfiles.php
+++ b/admin_configfiles.php
@@ -2,7 +2,6 @@

 /**
 * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
 * Copyright (c) 2010 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
@@ -10,174 +9,219 @@
 * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
 *
+ * @since 0.9.34
 */
-
 define('AREA', 'admin');
+require './lib/init.php';

-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
+if ($userinfo['change_serversettings'] == '1') {

-$need_db_sql_data = true;
-require ("./lib/init.php");
-require ("./lib/configfiles_index.inc.php");
-$distribution = '';
-$distributions_select = '';
-$service = '';
-$services_select = '';
-$daemon = '';
-$daemons_select = '';
-
-if($userinfo['change_serversettings'] == '1')
-{
-	if(isset($_GET['distribution'])
-	   && $_GET['distribution'] != ''
-	   && isset($configfiles[$_GET['distribution']])
-	   && is_array($configfiles[$_GET['distribution']]))
+	$customer_tmpdir = '/tmp/';
+	if (Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_tmpdir') != '')
 	{
-		$distribution = $_GET['distribution'];
+		$customer_tmpdir = Settings::Get('system.mod_fcgid_tmpdir');
+	}
+	elseif (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.tmpdir') != '')
+	{
+		$customer_tmpdir = Settings::Get('phpfpm.tmpdir');
+	}

-		if(isset($_GET['service'])
-		   && $_GET['service'] != ''
-		   && isset($configfiles[$distribution]['services'][$_GET['service']])
-		   && is_array($configfiles[$distribution]['services'][$_GET['service']]))
-		{
-			$service = $_GET['service'];
+	$replace_arr = Array(
+		'<SQL_UNPRIVILEGED_USER>' => $sql['user'],
+		'<SQL_UNPRIVILEGED_PASSWORD>' => 'MYSQL_PASSWORD',
+		'<SQL_DB>' => $sql['db'],
+		'<SQL_HOST>' => $sql['host'],
+		'<SQL_SOCKET>' => isset($sql['socket']) ? $sql['socket'] : null,
+		'<SERVERNAME>' => Settings::Get('system.hostname'),
+		'<SERVERIP>' => Settings::Get('system.ipaddress'),
+		'<NAMESERVERS>' => Settings::Get('system.nameservers'),
+		'<VIRTUAL_MAILBOX_BASE>' => Settings::Get('system.vmail_homedir'),
+		'<VIRTUAL_UID_MAPS>' => Settings::Get('system.vmail_uid'),
+		'<VIRTUAL_GID_MAPS>' => Settings::Get('system.vmail_gid'),
+		'<SSLPROTOCOLS>' => (Settings::Get('system.use_ssl') == '1') ? 'imaps pop3s' : '',
+		'<CUSTOMER_TMP>' => makeCorrectDir($customer_tmpdir),
+		'<BASE_PATH>' => makeCorrectDir(FROXLOR_INSTALL_DIR),
+		'<BIND_CONFIG_PATH>' => makeCorrectDir(Settings::Get('system.bindconf_directory')),
+		'<WEBSERVER_RELOAD_CMD>' => Settings::Get('system.apachereload_command'),
+		'<CUSTOMER_LOGS>' => makeCorrectDir(Settings::Get('system.logfiles_directory')),
+		'<FPM_IPCDIR>' => makeCorrectDir(Settings::Get('phpfpm.fastcgi_ipcdir')),
+		'<WEBSERVER_GROUP>' => Settings::Get('system.httpgroup')
+	);

-			if(isset($_GET['daemon'])
-			   && $_GET['daemon'] != ''
-			   && isset($configfiles[$distribution]['services'][$service]['daemons'][$_GET['daemon']])
-			   && is_array($configfiles[$distribution]['services'][$service]['daemons'][$_GET['daemon']]))
-			{
-				$daemon = $_GET['daemon'];
-			}
-			else
-			{
-				foreach($configfiles[$distribution]['services'][$service]['daemons'] as $daemon_name => $daemon_details)
-				{
-					$daemons_select.= makeoption($daemon_details['label'], $daemon_name);
+	// get distro from URL param
+	$distribution = (isset($_GET['distribution']) && $_GET['distribution'] != 'choose') ? $_GET['distribution'] : "";
+	$service = (isset($_GET['service']) && $_GET['service'] != 'choose') ? $_GET['service'] : "";
+	$daemon = (isset($_GET['daemon']) && $_GET['daemon'] != 'choose') ? $_GET['daemon'] : "";
+	$distributions_select = "";
+	$services_select = "";
+	$daemons_select = "";
+
+	$configfiles = "";
+	$services = "";
+	$daemons = "";
+
+	$config_dir = makeCorrectDir(FROXLOR_INSTALL_DIR . '/lib/configfiles/');
+
+	if ($distribution != "") {
+		// create configparser object
+		$configfiles = new ConfigParser($config_dir . '/' . $distribution . ".xml");
+
+		// get distro-info
+		$dist_display = getCompleteDistroName($configfiles);
+
+		// get all the services from the distro
+		$services = $configfiles->getServices();
+
+		if ($service != "") {
+
+			$daemons = $services[$service]->getDaemons();
+
+			if ($daemon == "") {
+				foreach ($daemons as $di => $dd) {
+					$title = $dd->title;
+					if ($dd->default) {
+						$title = $title . " (" . strtolower($lng['panel']['default']) . ")";
+					}
+					$daemons_select .= makeoption($title, $di);
 				}
 			}
-		}
-		else
-		{
-			foreach($configfiles[$distribution]['services'] as $service_name => $service_details)
-			{
-				$services_select.= makeoption($service_details['label'], $service_name);
+		} else {
+			foreach ($services as $si => $sd) {
+				$services_select .= makeoption($sd->title, $si);
 			}
 		}
-	}
-	else
-	{
-		foreach($configfiles as $distribution_name => $distribution_details)
-		{
-			$distributions_select.= makeoption($distribution_details['label'], $distribution_name);
+	} else {
+
+		// show list of available distro's
+		$distros = glob($config_dir . '*.xml');
+		// tmp array
+		$distributions_select_data = array();
+		// read in all the distros
+		foreach ($distros as $_distribution) {
+			// get configparser object
+			$dist = new ConfigParser($_distribution);
+			// get distro-info
+			$dist_display = getCompleteDistroName($dist);
+			// store in tmp array
+			$distributions_select_data[$dist_display] = str_replace(".xml", "", strtolower(basename($_distribution)));
+		}
+
+		// sort by distribution name
+		ksort($distributions_select_data);
+
+		foreach ($distributions_select_data as $dist_display => $dist_index) {
+			// create select-box-option
+			$distributions_select .= makeoption($dist_display, $dist_index);
 		}
 	}

-	if($distribution != ''
-	   && $service != ''
-	   && $daemon != '')
-	{
-		$replace_arr = Array(
-			'<SQL_UNPRIVILEGED_USER>' => $sql['user'],
-			'<SQL_UNPRIVILEGED_PASSWORD>' => 'MYSQL_PASSWORD',
-			'<SQL_DB>' => $sql['db'],
-			'<SQL_HOST>' => $sql['host'],
-			'<SERVERNAME>' => $settings['system']['hostname'],
-			'<SERVERIP>' => $settings['system']['ipaddress'],
-			'<NAMESERVERS>' => $settings['system']['nameservers'],
-			'<VIRTUAL_MAILBOX_BASE>' => $settings['system']['vmail_homedir'],
-			'<VIRTUAL_UID_MAPS>' => $settings['system']['vmail_uid'],
-			'<VIRTUAL_GID_MAPS>' => $settings['system']['vmail_gid'],
-			'<SSLPROTOCOLS>' => ($settings['system']['use_ssl'] == '1') ? 'imaps pop3s' : '',
-			'<CUSTOMER_TMP>' => ($settings['system']['mod_fcgid_tmpdir'] != '') ? makeCorrectDir($settings['system']['mod_fcgid_tmpdir']) : '/tmp/',
-			'<BASE_PATH>' => makeCorrectDir(dirname(__FILE__)),
-			'<BIND_CONFIG_PATH>' => makeCorrectDir($settings['system']['bindconf_directory'])
-		);
-		$files = '';
+	if ($distribution != "" && $service != "" && $daemon != "") {
+
+		$confarr = $daemons[$daemon]->getConfig();
+
 		$configpage = '';
-		foreach($configfiles[$distribution]['services'][$service]['daemons'][$daemon] as $action => $value)
-		{
-			if(substr($action, 0, 8) == 'commands')
-			{
+
+		$distro_editor = $configfiles->distributionEditor;
+
+		$commands_pre = "";
+		$commands_file = "";
+		$commands_post = "";
+
+		$lasttype = '';
+		$commands = '';
+		foreach ($confarr as $idx => $action) {
+			if ($lasttype != '' && $lasttype != $action['type']) {
+				$commands = trim($commands);
+				$numbrows = count(explode("\n", $commands));
+				eval("\$configpage.=\"" . getTemplate("configfiles/configfiles_commands") . "\";");
+				$lasttype = '';
 				$commands = '';
-
-				if(is_array($value))
-				{
-					$commands = implode("\n", $value);
-					$commands = str_replace("\n\n", "\n", $commands);
-
-					if($commands != '')
-					{
-						eval("\$configpage.=\"" . getTemplate("configfiles/configfiles_commands") . "\";");
-					}
-				}
 			}
-			elseif(substr($action, 0, 5) == 'files')
-			{
-				$files = '';
-
-				if(is_array($value))
-				{
-					while(list($filename, $realname) = each($value))
-					{
-						$file_content = file_get_contents('./templates/misc/configfiles/' . $distribution . '/' . $daemon . '/' . $filename);
-						$file_content = strtr($file_content, $replace_arr);
-						$file_content = htmlspecialchars($file_content);
-						$numbrows = count(explode("\n", $file_content));
-						eval("\$files.=\"" . getTemplate("configfiles/configfiles_file") . "\";");
+			switch ($action['type']) {
+				case "install":
+					$commands .= strtr($action['content'], $replace_arr) . "\n";
+					$lasttype = "install";
+					break;
+				case "command":
+					$commands .= strtr($action['content'], $replace_arr) . "\n";
+					$lasttype = "command";
+					break;
+				case "file":
+					if (array_key_exists('content', $action)) {
+						$commands_file = getFileContentContainer($action['content'], $replace_arr, $action['name'], $distro_editor);
+					} elseif (array_key_exists('subcommands', $action)) {
+						foreach ($action['subcommands'] as $fileaction) {
+							if (array_key_exists('execute', $fileaction) && $fileaction['execute'] == "pre") {
+								$commands_pre .= $fileaction['content'] . "\n";
+							} elseif (array_key_exists('execute', $fileaction) && $fileaction['execute'] == "post") {
+								$commands_post .= $fileaction['content'] . "\n";
+							} elseif ($fileaction['type'] == 'file') {
+								$commands_file = getFileContentContainer($fileaction['content'], $replace_arr, $action['name'], $distro_editor);
+							}
+						}
 					}
-
-					eval("\$configpage.=\"" . getTemplate("configfiles/configfiles_files") . "\";");
-				}
+					$realname = $action['name'];
+					$commands = trim($commands_pre);
+					if ($commands != "") {
+						$numbrows = count(explode("\n", $commands));
+						eval("\$commands_pre=\"" . getTemplate("configfiles/configfiles_commands") . "\";");
+					}
+					$commands = trim($commands_post);
+					if ($commands != "") {
+						$numbrows = count(explode("\n", $commands));
+						eval("\$commands_post=\"" . getTemplate("configfiles/configfiles_commands") . "\";");
+					}
+					eval("\$configpage.=\"" . getTemplate("configfiles/configfiles_subfileblock") . "\";");
+					$commands = '';
+					$commands_pre = '';
+					$commands_post = '';
+					break;
 			}
 		}
-
-		if(isset($configfiles[$distribution]['services'][$service]['daemons'][$daemon]['restart'])
-		   && is_array($configfiles[$distribution]['services'][$service]['daemons'][$daemon]['restart']))
-		{
-			$restart = implode("\n", $configfiles[$distribution]['services'][$service]['daemons'][$daemon]['restart']);
+		$commands = trim($commands);
+		if ($commands != '') {
+			$numbrows = count(explode("\n", $commands));
+			eval("\$configpage.=\"" . getTemplate("configfiles/configfiles_commands") . "\";");
 		}
-		else
-		{
-			$restart = '';
-		}
-
 		eval("echo \"" . getTemplate("configfiles/configfiles") . "\";");
-	}
-	elseif($page == 'overview')
-	{
-		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_configfiles");
-		$distributions = '';
-		foreach($configfiles as $distribution_name => $distribution_details)
-		{
-			$services = '';
-			foreach($distribution_details['services'] as $service_name => $service_details)
-			{
-				$daemons = '';
-				foreach($service_details['daemons'] as $daemon_name => $daemon_details)
-				{
-					eval("\$daemons.=\"" . getTemplate("configfiles/choose_daemon") . "\";");
-				}
-
-				eval("\$services.=\"" . getTemplate("configfiles/choose_service") . "\";");
-			}
-
-			eval("\$distributions.=\"" . getTemplate("configfiles/choose_distribution") . "\";");
-		}
-
-		eval("echo \"" . getTemplate("configfiles/choose") . "\";");
-	}
-	else
-	{
+	} else {
 		eval("echo \"" . getTemplate("configfiles/wizard") . "\";");
 	}
+} else {
+	die('not allowed to see this page');
+	// redirect or similar here
 }

-?>
+// helper functions
+function getFileContentContainer($file_content, &$replace_arr, $realname, $distro_editor)
+{
+	$files = "";
+	$file_content = trim($file_content);
+	if ($file_content != '') {
+		$file_content = strtr($file_content, $replace_arr);
+		$file_content = htmlspecialchars($file_content);
+		$numbrows = count(explode("\n", $file_content));
+		eval("\$files=\"" . getTemplate("configfiles/configfiles_file") . "\";");
+	}
+	return $files;
+}
+
+function getCompleteDistroName($cparser)
+{
+	// get distro-info
+	$dist_display = $cparser->distributionName;
+	if ($cparser->distributionCodename != '') {
+		$dist_display .= " " . $cparser->distributionCodename;
+	}
+	if ($cparser->distributionVersion != '') {
+		$dist_display .= " (" . $cparser->distributionVersion . ")";
+	}
+	if ($cparser->deprecated) {
+		$dist_display .= " [deprecated]";
+	}
+	return $dist_display;
+}
--- a/admin_cronjobs.php
+++ b/admin_cronjobs.php
@@ -16,38 +16,29 @@
 */

 define('AREA', 'admin');
+require './lib/init.php';

-require_once("./lib/init.php");
-
-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif(isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'cronjobs'
-  || $page == 'overview')
-{
-	if($action == '')
-	{
-		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_cronjobs");
+if ($page == 'cronjobs' || $page == 'overview') {
+	if ($action == '') {
+		$log->logAction(ADM_ACTION, LOG_NOTICE, 'viewed admin_cronjobs');

 		$fields = array(
 			'c.lastrun' => $lng['cron']['lastrun'],
 			'c.interval' => $lng['cron']['interval'],
 			'c.isactive' => $lng['cron']['isactive']
 		);
-		$paging = new paging($userinfo, $db, TABLE_PANEL_CRONRUNS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_CRONRUNS, $fields);

-		/*
-		 * @TODO Fix sorting
-		 */
 		$crons = '';
-		$result = $db->query("SELECT `c`.* FROM `" . TABLE_PANEL_CRONRUNS . "` `c` ORDER BY `cronfile` ASC");
-		$paging->setEntries($db->num_rows($result));
+		$result_stmt = Database::prepare("SELECT `c`.* FROM `" . TABLE_PANEL_CRONRUNS . "` `c` ORDER BY `module` ASC, `cronfile` ASC");
+		Database::pexecute($result_stmt);
+		$paging->setEntries(Database::num_rows());
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
@@ -55,89 +46,79 @@ if($page == 'cronjobs'

 		$i = 0;
 		$count = 0;
+		$cmod = '';

-		while($row = $db->fetch_array($result))
-		{
-			if($paging->checkDisplay($i))
-			{
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+			if ($cmod != $row['module']) {
+				$_mod = explode("/", $row['module']);
+				$module = ucfirst($_mod[1]);
+				eval("\$crons.=\"" . getTemplate('cronjobs/cronjobs_cronjobmodule') . "\";");
+				$cmod = $row['module'];
+			}
+			if ($paging->checkDisplay($i)) {
 				$row = htmlentities_array($row);
-				
+
 				$row['lastrun'] = date('d.m.Y H:i', $row['lastrun']);
-				
-				if((int)$row['isactive'] == 1)
-				{
-					$row['isactive'] = $lng['panel']['yes'];
-				}
-				else
-				{
-					$row['isactive'] = $lng['panel']['no'];
-				}
-				
+				$row['isactive'] = ((int)$row['isactive'] == 1) ? $lng['panel']['yes'] : $lng['panel']['no'];
+
 				$description = $lng['crondesc'][$row['desc_lng_key']];
-				
-				eval("\$crons.=\"" . getTemplate("cronjobs/cronjobs_cronjob") . "\";");
+
+				eval("\$crons.=\"" . getTemplate('cronjobs/cronjobs_cronjob') . "\";");
 				$count++;
 			}

 			$i++;
 		}

-		eval("echo \"" . getTemplate("cronjobs/cronjobs") . "\";");
+		eval("echo \"" . getTemplate('cronjobs/cronjobs') . "\";");

-	}
-	elseif($action == 'new')
-	{
+	} elseif ($action == 'new') {
 		/*
 		 * @TODO later
 		 */
-	}
-	elseif($action == 'edit'
-	&& $id != 0)
-	{
-		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_CRONRUNS . "` WHERE `id`='" . (int)$id . "'");
-		
-		if ($result['cronfile'] != '')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+	} elseif ($action == 'edit' && $id != 0) {
+		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_CRONRUNS . "` WHERE `id`= :id");
+		Database::pexecute($result_stmt, array('id' => $id));
+		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+		if ($result['cronfile'] != '') {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$isactive = isset($_POST['isactive']) ? 1 : 0;
 				$interval_value = validate($_POST['interval_value'], 'interval_value', '/^([0-9]+)$/Di', 'stringisempty');
 				$interval_interval = validate($_POST['interval_interval'], 'interval_interval');
-				
-				if($isactive != 1)
-				{
+
+				if ($isactive != 1) {
 					$isactive = 0;
 				}
-				
-				$interval = $interval_value.' '.strtoupper($interval_interval);
-				
-				$db->query("UPDATE `" . TABLE_PANEL_CRONRUNS . "` 
-							SET `isactive` = '".(int)$isactive."',
-							`interval` = '".$interval."'
-							WHERE `id` = '" . (int)$id . "'");

-				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
-				//$isactive = makeyesno('isactive', '1', '0', $result['isactive']);
+				$interval = $interval_value . ' ' . strtoupper($interval_interval);
+
+				$upd = Database::prepare("
+					UPDATE `" . TABLE_PANEL_CRONRUNS . "`
+					SET `isactive` = :isactive, `interval` = :int
+					WHERE `id` = :id"
+				);
+				Database::pexecute($upd, array('isactive' => $isactive, 'int' => $interval, 'id' => $id));
+
+				// insert task to re-generate the cron.d-file
+				inserttask('99');
+
+				redirectTo($filename, array('page' => $page, 's' => $s));
+			} else {
+
 				// interval
 				$interval_nfo = explode(' ', $result['interval']);
 				$interval_value = $interval_nfo[0];

 				$interval_interval = '';
-				$interval_interval.= makeoption($lng['cronmgmt']['seconds'], 'SECOND', $interval_nfo[1]);
-				$interval_interval.= makeoption($lng['cronmgmt']['minutes'], 'MINUTE', $interval_nfo[1]);
-				$interval_interval.= makeoption($lng['cronmgmt']['hours'], 'HOUR', $interval_nfo[1]);
-				$interval_interval.= makeoption($lng['cronmgmt']['days'], 'DAY', $interval_nfo[1]);
-				$interval_interval.= makeoption($lng['cronmgmt']['weeks'], 'WEEK', $interval_nfo[1]);
-				$interval_interval.= makeoption($lng['cronmgmt']['months'], 'MONTH', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['minutes'], 'MINUTE', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['hours'], 'HOUR', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['days'], 'DAY', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['weeks'], 'WEEK', $interval_nfo[1]);
+				$interval_interval .= makeoption($lng['cronmgmt']['months'], 'MONTH', $interval_nfo[1]);
 				// end of interval
-				
+
 				$change_cronfile = false;
-				if (substr($result['module'], 0, strpos($result['module'], '/')) != 'froxlor')
-				{
+				if (substr($result['module'], 0, strpos($result['module'], '/')) != 'froxlor') {
 					$change_cronfile = true;
 				}

@@ -147,13 +128,11 @@ if($page == 'cronjobs'
 				$title = $cronjobs_edit_data['cronjobs_edit']['title'];
 				$image = $cronjobs_edit_data['cronjobs_edit']['image'];

-				eval("echo \"" . getTemplate("cronjobs/cronjob_edit") . "\";");
+				eval("echo \"" . getTemplate('cronjobs/cronjob_edit') . "\";");
 			}
 		}
 	}
-	elseif($action == 'delete'
-	&& $id != 0)
-	{
+	elseif ($action == 'delete' && $id != 0) {
 		/*
 		 * @TODO later
 		 */
--- a/admin_customers.php
+++ b/admin_customers.php
--- a/admin_domains.php
+++ b/admin_domains.php
--- a/admin_index.php
+++ b/admin_index.php
@@ -18,88 +18,84 @@
 */

 define('AREA', 'admin');
+require './lib/init.php';

-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
+if ($action == 'logout')  {

-require ("./lib/init.php");
-
-if($action == 'logout')
-{
 	$log->logAction(ADM_ACTION, LOG_NOTICE, "logged out");

-	if($settings['session']['allow_multiple_login'] == '1')
-	{
-		$db->query("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = '" . (int)$userinfo['adminid'] . "' AND `adminsession` = '1' AND `hash` = '" . $s . "'");
-	}
-	else
-	{
-		$db->query("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = '" . (int)$userinfo['adminid'] . "' AND `adminsession` = '1'");
+	$params = array('adminid' => (int)$userinfo['adminid']);
+
+	if (Settings::Get('session.allow_multiple_login') == '1') {
+		$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "`
+			WHERE `userid` = :adminid
+			AND `adminsession` = '1'
+			AND `hash` = :hash"
+		);
+		$params['hash'] = $s;
+	} else {
+		$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "`
+			WHERE `userid` = :adminid
+			AND `adminsession` = '1'"
+		);
 	}
+	Database::pexecute($stmt, $params);

 	redirectTo('index.php');
-	exit;
 }

-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif(isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'overview')
-{
+if ($page == 'overview') {
 	$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_index");
-	$overview = $db->query_first("SELECT COUNT(*) AS `number_customers`,
+	$overview_stmt = Database::prepare("SELECT COUNT(*) AS `number_customers`,
 				SUM(`diskspace_used`) AS `diskspace_used`,
 				SUM(`mysqls_used`) AS `mysqls_used`,
 				SUM(`emails_used`) AS `emails_used`,
 				SUM(`email_accounts_used`) AS `email_accounts_used`,
 				SUM(`email_forwarders_used`) AS `email_forwarders_used`,
 				SUM(`email_quota_used`) AS `email_quota_used`,
-				SUM(`email_autoresponder_used`) AS `email_autoresponder_used`,
 				SUM(`ftps_used`) AS `ftps_used`,
 				SUM(`tickets_used`) AS `tickets_used`,
 				SUM(`subdomains_used`) AS `subdomains_used`,
-				SUM(`traffic_used`) AS `traffic_used`,
-				SUM(`aps_packages_used`) AS `aps_packages_used`
-				FROM `" . TABLE_PANEL_CUSTOMERS . "`" . ($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = '" . (int)$userinfo['adminid'] . "' "));
-	$overview['traffic_used'] = round($overview['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$overview['diskspace_used'] = round($overview['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
-	$number_domains = $db->query_first("SELECT COUNT(*) AS `number_domains` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `parentdomainid`='0'" . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = '" . (int)$userinfo['adminid'] . "' "));
+				SUM(`traffic_used`) AS `traffic_used`
+				FROM `" . TABLE_PANEL_CUSTOMERS . "`" . ($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = :adminid "));
+	$overview = Database::pexecute_first($overview_stmt, array('adminid' => $userinfo['adminid']));
+
+	$dec_places = Settings::Get('panel.decimal_places');
+	$overview['traffic_used'] = round($overview['traffic_used'] / (1024 * 1024), $dec_places);
+	$overview['diskspace_used'] = round($overview['diskspace_used'] / 1024, $dec_places);
+
+	$number_domains_stmt = Database::prepare("
+		SELECT COUNT(*) AS `number_domains` FROM `" . TABLE_PANEL_DOMAINS . "`
+		WHERE `parentdomainid`='0'" . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid")
+	);
+	$number_domains = Database::pexecute_first($number_domains_stmt, array('adminid' => $userinfo['adminid']));
+
 	$overview['number_domains'] = $number_domains['number_domains'];
+
 	$phpversion = phpversion();
-	$phpmemorylimit = @ini_get("memory_limit");
-
-	if($phpmemorylimit == "")
-	{
-		$phpmemorylimit = $lng['admin']['memorylimitdisabled'];
-	}
-
-	$mysqlserverversion = mysql_get_server_info();
-	$mysqlclientversion = mysql_get_client_info();
+	$mysqlserverversion = Database::getAttribute(PDO::ATTR_SERVER_VERSION);
 	$webserverinterface = strtoupper(@php_sapi_name());

-	if((isset($_GET['lookfornewversion']) && $_GET['lookfornewversion'] == 'yes')
-	|| (isset($lookfornewversion) && $lookfornewversion == 'yes'))
-	{
+	if ((isset($_GET['lookfornewversion']) && $_GET['lookfornewversion'] == 'yes')
+		|| (isset($lookfornewversion) && $lookfornewversion == 'yes')
+	) {
 		$update_check_uri = 'http://version.froxlor.org/Froxlor/legacy/' . $version;

-		if(ini_get('allow_url_fopen'))
-		{
+		if (ini_get('allow_url_fopen')) {
 			$latestversion = @file($update_check_uri);

-			if (isset($latestversion[0]))
-			{
+			if (isset($latestversion[0])) {
 				$latestversion = explode('|', $latestversion[0]);

-				if(is_array($latestversion)
-				&& count($latestversion) >= 1)
-				{
+				if (is_array($latestversion)
+					&& count($latestversion) >= 1
+				) {
 					$_version = $latestversion[0];
 					$_message = isset($latestversion[1]) ? $latestversion[1] : '';
 					$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
@@ -110,94 +106,73 @@ if($page == 'overview')
 					$lookfornewversion_link = $_link;
 					$lookfornewversion_addinfo = $_message;

-					if (version_compare($version, $_version) == -1) {
+					// not numeric -> error-message
+					if (!preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
+						// check for customized version to not output
+						// "There is a newer version of froxlor" besides the error-message
+						$isnewerversion = 2;
+					} elseif (version_compare2($version, $_version) == -1) {
 						$isnewerversion = 1;
 					} else {
 						$isnewerversion = 0;
 					}
+				} else {
+					redirectTo($update_check_uri.'/pretty', NULL, false);
 				}
-				else
-				{
-					redirectTo($update_check_uri.'/pretty', NULL);
-				}
-			}
-			else
-			{
-				redirectTo($update_check_uri.'/pretty', NULL);
+			} else {
+				redirectTo($update_check_uri.'/pretty', NULL, false);
 			}
+		} else {
+			redirectTo($update_check_uri.'/pretty', NULL, false);
 		}
-		else
-		{
-			redirectTo($update_check_uri.'/pretty', NULL);
-		}
-	}
-	else
-	{
+	} else {
 		$lookfornewversion_lable = $lng['admin']['lookfornewversion']['clickhere'];
 		$lookfornewversion_link = htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
 		$lookfornewversion_addinfo = '';
 		$isnewerversion = 0;
 	}

-	$userinfo['diskspace'] = round($userinfo['diskspace'] / 1024, $settings['panel']['decimal_places']);
-	$userinfo['diskspace_used'] = round($userinfo['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
-	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps tickets subdomains aps_packages');
+	$dec_places = Settings::Get('panel.decimal_places');
+	$userinfo['diskspace'] = round($userinfo['diskspace'] / 1024, $dec_places);
+	$userinfo['diskspace_used'] = round($userinfo['diskspace_used'] / 1024, $dec_places);
+	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), $dec_places);
+	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $dec_places);
+	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps tickets subdomains');
+
+	$userinfo['custom_notes'] = ($userinfo['custom_notes'] != '') ? nl2br($userinfo['custom_notes']) : '';

 	$cron_last_runs = getCronjobsLastRun();
 	$outstanding_tasks = getOutstandingTasks();

-	$opentickets = 0;
-	$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
-                                   WHERE `answerto` = "0" AND (`status` = "0" OR `status` = "1")
-                                   AND `lastreplier`="0" AND `adminid` = "' . $userinfo['adminid'] . '"');
-	$awaitingtickets = $opentickets['count'];
-	$awaitingtickets_text = '';
-
-	if($opentickets > 0)
-	{
-		$awaitingtickets_text = strtr($lng['ticket']['awaitingticketreply'], array('%s' => '<a href="admin_tickets.php?page=tickets&amp;s=' . $s . '">' . $opentickets['count'] . '</a>'));
-	}
-
-	if(function_exists('sys_getloadavg'))
-	{
+	if (function_exists('sys_getloadavg')) {
 		$loadArray = sys_getloadavg();
 		$load = number_format($loadArray[0], 2, '.', '') . " / " . number_format($loadArray[1], 2, '.', '') . " / " . number_format($loadArray[2], 2, '.', '');
-	}
-	else
-	{
+	} else {
 		$load = @file_get_contents('/proc/loadavg');

-		if(!$load)
-		{
+		if (!$load) {
 			$load = $lng['admin']['noloadavailable'];
 		}
 	}

-	if(function_exists('posix_uname'))
-	{
+	if (function_exists('posix_uname')) {
 		$showkernel = 1;
 		$kernel_nfo = posix_uname();
 		$kernel = $kernel_nfo['release'] . ' (' . $kernel_nfo['machine'] . ')';
-	}
-	else
-	{
+	} else {
 		$showkernel = 0;
 		$kernel = '';
 	}

 	// Try to get the uptime
 	// First: With exec (let's hope it's enabled for the Froxlor - vHost)
-
 	$uptime_array = explode(" ", @file_get_contents("/proc/uptime"));

-	if(is_array($uptime_array)
-	&& isset($uptime_array[0])
-	&& is_numeric($uptime_array[0]))
-	{
+	if (is_array($uptime_array)
+		&& isset($uptime_array[0])
+		&& is_numeric($uptime_array[0])
+	) {
 		// Some calculatioon to get a nicly formatted display
-
 		$seconds = round($uptime_array[0], 0);
 		$minutes = $seconds / 60;
 		$hours = $minutes / 60;
@@ -208,123 +183,224 @@ if($page == 'overview')
 		$uptime = "{$days}d, {$hours}h, {$minutes}m, {$seconds}s";

 		// Just cleanup
-
 		unset($uptime_array, $seconds, $minutes, $hours, $days);
-	}
-	else
-	{
+	} else {
 		// Nothing of the above worked, show an error :/
-
 		$uptime = '';
 	}

 	eval("echo \"" . getTemplate("index/index") . "\";");
-}
-elseif($page == 'change_password')
-{
-	if(isset($_POST['send'])
-	&& $_POST['send'] == 'send')
-	{
+
+} elseif($page == 'change_password') {
+
+	if (isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {
 		$old_password = validate($_POST['old_password'], 'old password');

-		if(md5($old_password) != $userinfo['password'])
-		{
+		if (!validatePasswordLogin($userinfo,$old_password,TABLE_PANEL_ADMINS,'adminid')) {
 			standard_error('oldpasswordnotcorrect');
-			exit;
 		}

 		$new_password = validate($_POST['new_password'], 'new password');
 		$new_password_confirm = validate($_POST['new_password_confirm'], 'new password confirm');

-		if($old_password == '')
-		{
+		if ($old_password == '') {
 			standard_error(array('stringisempty', 'oldpassword'));
-		}
-		elseif($new_password == '')
-		{
+		} elseif($new_password == '') {
 			standard_error(array('stringisempty', 'newpassword'));
-		}
-		elseif($new_password_confirm == '')
-		{
+		} elseif($new_password_confirm == '') {
 			standard_error(array('stringisempty', 'newpasswordconfirm'));
-		}
-		elseif($new_password != $new_password_confirm)
-		{
+		} elseif($new_password != $new_password_confirm) {
 			standard_error('newpasswordconfirmerror');
-		}
-		else
-		{
-			$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `password`='" . md5($new_password) . "' WHERE `adminid`='" . (int)$userinfo['adminid'] . "' AND `password`='" . md5($old_password) . "'");
+		} else {
+			$chgpwd_stmt = Database::prepare("
+				UPDATE `" . TABLE_PANEL_ADMINS . "`
+				SET `password`= :newpasswd
+				WHERE `adminid`= :adminid"
+			);
+			Database::pexecute($chgpwd_stmt, array(
+				'newpasswd' => makeCryptPassword($new_password),
+				'adminid' => (int)$userinfo['adminid']
+			));
 			$log->logAction(ADM_ACTION, LOG_NOTICE, 'changed password');
 			redirectTo($filename, Array('s' => $s));
 		}
-	}
-	else
-	{
+	} else {
 		eval("echo \"" . getTemplate("index/change_password") . "\";");
 	}
-}
-elseif($page == 'change_language')
-{
-	if(isset($_POST['send'])
-	&& $_POST['send'] == 'send')
-	{
+
+} elseif($page == 'change_language') {
+
+	if (isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {
 		$def_language = validate($_POST['def_language'], 'default language');

-		if(isset($languages[$def_language]))
-		{
-			$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `def_language`='" . $db->escape($def_language) . "' WHERE `adminid`='" . (int)$userinfo['adminid'] . "'");
-			$db->query("UPDATE `" . TABLE_PANEL_SESSIONS . "` SET `language`='" . $db->escape($def_language) . "' WHERE `hash`='" . $db->escape($s) . "'");
+		if (isset($languages[$def_language])) {
+			$lng_stmt = Database::prepare("
+				UPDATE `" . TABLE_PANEL_ADMINS . "`
+				SET `def_language`= :deflng
+				WHERE `adminid`= :adminid"
+			);
+			Database::pexecute($lng_stmt, array(
+				'deflng' => $def_language,
+				'adminid' => (int)$userinfo['adminid']
+			));
+
+			$lng_stmt = Database::prepare("
+				UPDATE `" . TABLE_PANEL_SESSIONS . "`
+				SET `language`= :lng
+				WHERE `hash`= :hash"
+			);
+			Database::pexecute($lng_stmt, array(
+				'lng' => $def_language,
+				'hash' => $s
+			));
 		}

 		$log->logAction(ADM_ACTION, LOG_NOTICE, "changed his/her default language to '" . $def_language . "'");
-		redirectTo($filename, Array('s' => $s));
-	}
-	else
-	{
+		redirectTo($filename, array('s' => $s));
+
+	} else {
+
 		$language_options = '';

-		$default_lang = $settings['panel']['standardlanguage'];
-		if($userinfo['def_language'] != '') {
+		$default_lang = Settings::Get('panel.standardlanguage');
+		if ($userinfo['def_language'] != '') {
 			$default_lang = $userinfo['def_language'];
 		}

-		while(list($language_file, $language_name) = each($languages))
-		{
+		while (list($language_file, $language_name) = each($languages)) {
 			$language_options.= makeoption($language_name, $language_file, $default_lang, true);
 		}

 		eval("echo \"" . getTemplate("index/change_language") . "\";");
 	}
-}
-elseif($page == 'change_theme')
-{
-	if(isset($_POST['send'])
+
+} elseif ($page == 'change_theme') {
+
+	if (isset($_POST['send'])
 		&& $_POST['send'] == 'send'
 	) {
 		$theme = validate($_POST['theme'], 'theme');

-		$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `theme`='" . $db->escape($theme) . "' WHERE `adminid`='" . (int)$userinfo['adminid'] . "'");
-		$db->query("UPDATE `" . TABLE_PANEL_SESSIONS . "` SET `theme`='" . $db->escape($theme) . "' WHERE `hash`='" . $db->escape($s) . "'");
+		$theme_stmt = Database::prepare("
+				UPDATE `" . TABLE_PANEL_ADMINS . "`
+				SET `theme`= :theme
+				WHERE `adminid`= :adminid"
+		);
+		Database::pexecute($theme_stmt, array(
+			'theme' => $theme,
+			'adminid' => (int)$userinfo['adminid']
+		));
+
+		$theme_stmt = Database::prepare("
+				UPDATE `" . TABLE_PANEL_SESSIONS . "`
+				SET `theme`= :theme
+				WHERE `hash`= :hash"
+		);
+		Database::pexecute($theme_stmt, array(
+			'theme' => $theme,
+			'hash' => $s
+		));

 		$log->logAction(ADM_ACTION, LOG_NOTICE, "changed his/her theme to '" . $theme . "'");
-		redirectTo($filename, Array('s' => $s));
-	}
-	else
-	{
+		redirectTo($filename, array('s' => $s));
+
+	} else {
+
 		$theme_options = '';

-		$default_theme = $settings['panel']['default_theme'];
-		if($userinfo['theme'] != '') {
+		$default_theme = Settings::Get('panel.default_theme');
+		if ($userinfo['theme'] != '') {
 			$default_theme = $userinfo['theme'];
 		}

 		$themes_avail = getThemes();
-		foreach($themes_avail as $t)
-		{
-			$theme_options.= makeoption($t, $t, $default_theme, true);
+		foreach ($themes_avail as $t => $d) {
+			$theme_options.= makeoption($d, $t, $default_theme, true);
 		}

 		eval("echo \"" . getTemplate("index/change_theme") . "\";");
 	}
+
+} elseif ($page == 'send_error_report'
+	&& Settings::Get('system.allow_error_report_admin') == '1'
+) {
+
+	// only show this if we really have an exception to report
+	if (isset($_GET['errorid'])
+		&& $_GET['errorid'] != ''
+	) {
+
+		$errid = $_GET['errorid'];
+		// read error file
+		$err_dir = makeCorrectDir(FROXLOR_INSTALL_DIR."/logs/");
+		$err_file = makeCorrectFile($err_dir."/".$errid."_sql-error.log");
+
+		if (file_exists($err_file)) {
+
+			$error_content = file_get_contents($err_file);
+			$error = explode("|", $error_content);
+
+			$_error = array(
+				'code' => str_replace("\n", "", substr($error[1], 5)),
+				'message' => str_replace("\n", "", substr($error[2], 4)),
+				'file' => str_replace("\n", "", substr($error[3], 5 + strlen(FROXLOR_INSTALL_DIR))),
+				'line' => str_replace("\n", "", substr($error[4], 5)),
+				'trace' => str_replace(FROXLOR_INSTALL_DIR, "", substr($error[5], 6))
+			);
+
+			// build mail-content
+			$mail_body = "Dear froxlor-team,\n\n";
+			$mail_body .= "the following error has been reported by a user:\n\n";
+			$mail_body .= "-------------------------------------------------------------\n";
+			$mail_body .= $_error['code'].' '.$_error['message']."\n\n";
+			$mail_body .= "File: ".$_error['file'].':'.$_error['line']."\n\n";
+			$mail_body .= "Trace:\n".trim($_error['trace'])."\n\n";
+			$mail_body .= "-------------------------------------------------------------\n\n";
+			$mail_body .= "Froxlor-version: ".$version."\n\n";
+			$mail_body .= "End of report";
+			$mail_html = nl2br($mail_body);
+
+			// send actual report to dev-team
+			if (isset($_POST['send'])
+					&& $_POST['send'] == 'send'
+			) {
+				// send mail and say thanks
+				$_mailerror = false;
+				try {
+					$mail->Subject = '[Froxlor] Error report by user';
+					$mail->AltBody = $mail_body;
+					$mail->MsgHTML($mail_html);
+					$mail->AddAddress('error-reports@froxlor.org', 'Froxlor Developer Team');
+					$mail->Send();
+				} catch(phpmailerException $e) {
+					$mailerr_msg = $e->errorMessage();
+					$_mailerror = true;
+				} catch (Exception $e) {
+					$mailerr_msg = $e->getMessage();
+					$_mailerror = true;
+				}
+
+				if ($_mailerror) {
+					// error when reporting an error...LOLFUQ
+					standard_error('send_report_error', $mailerr_msg);
+				}
+
+				// finally remove error from fs
+				@unlink($err_file);
+				redirectTo($filename, array('s' => $s));
+			}
+			// show a nice summary of the error-report
+			// before actually sending anything
+			eval("echo \"" . getTemplate("index/send_error_report") . "\";");
+
+		} else {
+			redirectTo($filename, array('s' => $s));
+		}
+	} else {
+		redirectTo($filename, array('s' => $s));
+	}
 }
--- a/admin_ipsandports.php
+++ b/admin_ipsandports.php
@@ -18,36 +18,34 @@
 */

 define('AREA', 'admin');
+require './lib/init.php';

-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
-
-require ("./lib/init.php");
-
-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif(isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'ipsandports'
-   || $page == 'overview')
-{
-	if($action == '')
-	{
+if ($page == 'ipsandports'
+	|| $page == 'overview'
+) {
+	// Do not display attributes that are not used by the current webserver
+	$websrv = Settings::Get('system.webserver');
+	$is_nginx = ($websrv == 'nginx');
+	$is_apache = ($websrv == 'apache2');
+
+	if ($action == '') {
+
 		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_ipsandports");
 		$fields = array(
 			'ip' => $lng['admin']['ipsandports']['ip'],
 			'port' => $lng['admin']['ipsandports']['port']
 		);
-		$paging = new paging($userinfo, $db, TABLE_PANEL_IPSANDPORTS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_IPSANDPORTS, $fields);
 		$ipsandports = '';
-		$result = $db->query("SELECT `id`, `ip`, `port`, `listen_statement`, `namevirtualhost_statement`, `vhostcontainer`, `vhostcontainer_servername_statement`, `specialsettings`, `ssl` FROM `" . TABLE_PANEL_IPSANDPORTS . "` " . $paging->getSqlWhere(false) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
-		$paging->setEntries($db->num_rows($result));
+		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` " . $paging->getSqlWhere(false) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		Database::pexecute($result_stmt);
+		$paging->setEntries(Database::num_rows());
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
@@ -55,88 +53,99 @@ if($page == 'ipsandports'
 		$i = 0;
 		$count = 0;

-		while($row = $db->fetch_array($result))
-		{
-			if($paging->checkDisplay($i))
-			{
-				$row = htmlentities_array($row);
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {

-				if(filter_var($row['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
-				{
+			if ($paging->checkDisplay($i)) {
+				$row = htmlentities_array($row);
+				if (filter_var($row['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
 					$row['ip'] = '[' . $row['ip'] . ']';
 				}
-
 				eval("\$ipsandports.=\"" . getTemplate("ipsandports/ipsandports_ipandport") . "\";");
 				$count++;
 			}
-
 			$i++;
 		}

 		eval("echo \"" . getTemplate("ipsandports/ipsandports") . "\";");
-	}
-	elseif($action == 'delete'
-	       && $id != 0)
-	{
-		$result = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id`='" . (int)$id . "'");

-		if(isset($result['id'])
-		   && $result['id'] == $id)
-		{
-			$result_checkdomain = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `ipandport`='" . (int)$id . "'");
+	} elseif($action == 'delete'
+		&& $id != 0
+	) {
+		$result_stmt = Database::prepare("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = :id");
+		$result = Database::pexecute_first($result_stmt, array('id' => $id));

-			if($result_checkdomain['id'] == '')
-			{
-				if($result['id'] != $settings['system']['defaultip'])
-				{
-					$result_sameipotherport = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ip`='" . $db->escape($result['ip']) . "' AND `id`!='" . (int)$id . "'");
+		if (isset($result['id'])
+			&& $result['id'] == $id
+		) {
+			$result_checkdomain_stmt = Database::prepare("
+				SELECT `id_domain` as `id` FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_ipandports` = :id"
+			);
+			$result_checkdomain = Database::pexecute_first($result_checkdomain_stmt, array('id' => $id));

-					if(($result['ip'] != $settings['system']['ipaddress'])
-					   || ($result['ip'] == $settings['system']['ipaddress'] && $result_sameipotherport['id'] != ''))
-					{
-						$result = $db->query_first("SELECT `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id`='" . (int)$id . "'");
+			if ($result_checkdomain['id'] == '') {
+				if (!in_array($result['id'], explode(',', Settings::Get('system.defaultip')))) {
+
+					$result_sameipotherport_stmt = Database::prepare("
+						SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "`
+						WHERE `ip` = :ip AND `id` <> :id"
+					);
+					$result_sameipotherport = Database::pexecute_first($result_sameipotherport_stmt, array('id' => $id, 'ip' => $result['ip']));
+
+					if (($result['ip'] != Settings::Get('system.ipaddress'))
+						|| ($result['ip'] == Settings::Get('system.ipaddress')
+						&& $result_sameipotherport['id'] != '')
+					) {
+						$result_stmt = Database::prepare("
+							SELECT `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "`
+							WHERE `id` = :id"
+						);
+						$result = Database::pexecute_first($result_stmt, array('id' => $id));
+
+						if ($result['ip'] != '') {
+
+							if (isset($_POST['send'])
+								&& $_POST['send'] == 'send'
+							) {
+								$del_stmt = Database::prepare("
+									DELETE FROM `" . TABLE_PANEL_IPSANDPORTS . "`
+									WHERE `id` = :id"
+								);
+								Database::pexecute($del_stmt, array('id' => $id));
+
+								// also, remove connections to domains (multi-stack)
+								$del_stmt = Database::prepare("
+									DELETE FROM `".TABLE_DOMAINTOIP."` WHERE `id_ipandports` = :id"
+								);
+								Database::pexecute($del_stmt, array('id' => $id));

-						if($result['ip'] != '')
-						{
-							if(isset($_POST['send'])
-							   && $_POST['send'] == 'send')
-							{
-								$db->query("DELETE FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id`='" . (int)$id . "'");
 								$log->logAction(ADM_ACTION, LOG_WARNING, "deleted IP/port '" . $result['ip'] . ":" . $result['port'] . "'");
 								inserttask('1');
-
 								// Using nameserver, insert a task which rebuilds the server config
 								inserttask('4');

-								redirectTo($filename, Array('page' => $page, 's' => $s));
-							}
-							else
-							{
+								redirectTo($filename, array('page' => $page, 's' => $s));
+
+							} else {
 								ask_yesno('admin_ip_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['ip'] . ':' . $result['port']);
 							}
 						}
-					}
-					else
-					{
+					} else {
 						standard_error('cantdeletesystemip');
 					}
-				}
-				else
-				{
+				} else {
 					standard_error('cantdeletedefaultip');
 				}
-			}
-			else
-			{
+			} else {
 				standard_error('ipstillhasdomains');
 			}
 		}
-	}
-	elseif($action == 'add')
-	{
-		if(isset($_POST['send'])
-		   && $_POST['send'] == 'send')
-		{
+
+	} elseif($action == 'add') {
+
+		if (isset($_POST['send'])
+			&& $_POST['send'] == 'send'
+		) {
+
 			$ip = validate_ip($_POST['ip']);
 			$port = validate($_POST['port'], 'port', '/^(([1-9])|([1-9][0-9])|([1-9][0-9][0-9])|([1-9][0-9][0-9][0-9])|([1-5][0-9][0-9][0-9][0-9])|(6[0-4][0-9][0-9][0-9])|(65[0-4][0-9][0-9])|(655[0-2][0-9])|(6553[0-5]))$/Di', array('stringisempty', 'myport'));
 			$listen_statement = isset($_POST['listen_statement']) ? 1 : 0;
@@ -146,9 +155,9 @@ if($page == 'ipsandports'
 			$vhostcontainer_servername_statement = isset($_POST['vhostcontainer_servername_statement']) ? 1 : 0;
 			$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
 			$docroot = validate($_POST['docroot'], 'docroot');
-			if((int)$settings['system']['use_ssl'] == 1)
-			{
-				$ssl = intval($_POST['ssl']);
+
+			if ((int)Settings::Get('system.use_ssl') == 1) {
+				$ssl = isset($_POST['ssl']) ? intval($_POST['ssl']) : 0;
 				$ssl_cert_file = validate($_POST['ssl_cert_file'], 'ssl_cert_file');
 				$ssl_key_file = validate($_POST['ssl_key_file'], 'ssl_key_file');
 				$ssl_ca_file = validate($_POST['ssl_ca_file'], 'ssl_ca_file');
@@ -160,110 +169,99 @@ if($page == 'ipsandports'
 				$ssl_ca_file = '';
 				$ssl_cert_chainfile = '';
 			}
-			
-			if($listen_statement != '1')
-			{
+
+			if ($listen_statement != '1') {
 				$listen_statement = '0';
 			}

-			if($namevirtualhost_statement != '1')
-			{
+			if ($namevirtualhost_statement != '1') {
 				$namevirtualhost_statement = '0';
 			}

-			if($vhostcontainer != '1')
-			{
+			if ($vhostcontainer != '1') {
 				$vhostcontainer = '0';
 			}

-			if($vhostcontainer_servername_statement != '1')
-			{
+			if ($vhostcontainer_servername_statement != '1') {
 				$vhostcontainer_servername_statement = '0';
 			}

-			if($ssl != '1')
-			{
+			if ($ssl != '1') {
 				$ssl = '0';
 			}
-		
-			if($ssl_cert_file != '')
-			{
+
+			if ($ssl_cert_file != '') {
 				$ssl_cert_file = makeCorrectFile($ssl_cert_file);
 			}

-			if($ssl_key_file != '')
-			{
+			if ($ssl_key_file != '') {
 				$ssl_key_file = makeCorrectFile($ssl_key_file);
 			}

-			if($ssl_ca_file != '')
-			{
+			if ($ssl_ca_file != '') {
 				$ssl_ca_file = makeCorrectFile($ssl_ca_file);
 			}

-			if($ssl_cert_chainfile != '')
-			{
+			if ($ssl_cert_chainfile != '') {
 				$ssl_cert_chainfile = makeCorrectFile($ssl_cert_chainfile);
 			}

-			if(strlen(trim($docroot)) > 0)
-			{
+			if (strlen(trim($docroot)) > 0) {
 				$docroot = makeCorrectDir($docroot);
-			}
-			else
-			{
+			} else {
 				$docroot = '';
 			}

-			$result_checkfordouble = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ip`='" . $db->escape($ip) . "' AND `port`='" . (int)$port . "'");
+			$result_checkfordouble_stmt = Database::prepare("
+				SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "`
+				WHERE `ip` = :ip AND `port` = :port"
+			);
+			$result_checkfordouble = Database::pexecute_first($result_checkfordouble_stmt, array('ip' => $ip, 'port' => $port));

-			if($result_checkfordouble['id'] != '')
-			{
+			if ($result_checkfordouble['id'] != '') {
 				standard_error('myipnotdouble');
-			}
-			else
-			{
-				$db->query("INSERT INTO `" . TABLE_PANEL_IPSANDPORTS . "`
-					SET 
-						`ip` = '" . $db->escape($ip) . "', 
-						`port` = '" . (int)$port . "', 
-						`listen_statement` = '" . (int)$listen_statement . "', 
-						`namevirtualhost_statement` = '" . (int)$namevirtualhost_statement . "', 
-						`vhostcontainer` = '" . (int)$vhostcontainer . "', 
-						`vhostcontainer_servername_statement` = '" . (int)$vhostcontainer_servername_statement . "', 
-						`specialsettings` = '" . $db->escape($specialsettings) . "', 
-						`ssl` = '" . (int)$ssl . "', 
-						`ssl_cert_file` = '" . $db->escape($ssl_cert_file) . "', 
-						`ssl_key_file` = '" . $db->escape($ssl_key_file) . "', 
-						`ssl_ca_file` = '" . $db->escape($ssl_ca_file) . "',
-						`ssl_cert_chainfile` = '" . $db->escape($ssl_cert_chainfile) . "', 
-						`default_vhostconf_domain` = '" . $db->escape($default_vhostconf_domain) . "',
-						`docroot` = '" . $db->escape($docroot) . "';
-					");
+			} else {
+				$ins_stmt = Database::prepare("
+					INSERT INTO `" . TABLE_PANEL_IPSANDPORTS . "`
+					SET
+						`ip` = :ip, `port` = :port, `listen_statement` = :ls,
+						`namevirtualhost_statement` = :nvhs, `vhostcontainer` = :vhc,
+						`vhostcontainer_servername_statement` = :vhcss,
+						`specialsettings` = :ss, `ssl` = :ssl,
+						`ssl_cert_file` = :ssl_cert, `ssl_key_file` = :ssl_key,
+						`ssl_ca_file` = :ssl_ca, `ssl_cert_chainfile` = :ssl_chain,
+						`default_vhostconf_domain` = :dvhd, `docroot` = :docroot;
+				");
+				$ins_data = array(
+					'ip' => $ip,
+					'port' => $port,
+					'ls' => $listen_statement,
+					'nvhs' => $namevirtualhost_statement,
+					'vhc' => $vhostcontainer,
+					'vhcss' => $vhostcontainer_servername_statement,
+					'ss' => $specialsettings,
+					'ssl' => $ssl,
+					'ssl_cert' => $ssl_cert_file,
+					'ssl_key' => $ssl_key_file,
+					'ssl_ca' => $ssl_ca_file,
+					'ssl_chain' => $ssl_cert_chainfile,
+					'dvhd' => $default_vhostconf_domain,
+					'docroot' => $docroot
+				);
+				Database::pexecute($ins_stmt, $ins_data);

-				if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
-				{
+				if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
 					$ip = '[' . $ip . ']';
 				}

 				$log->logAction(ADM_ACTION, LOG_WARNING, "added IP/port '" . $ip . ":" . $port . "'");
 				inserttask('1');
-
 				// Using nameserver, insert a task which rebuilds the server config
 				inserttask('4');
-
 				redirectTo($filename, Array('page' => $page, 's' => $s));
 			}
-		}
-		else
-		{
-			/*
-			$enable_ssl = makeyesno('ssl', '1', '0', '0');
-			$listen_statement = makeyesno('listen_statement', '1', '0', '1');
-			$namevirtualhost_statement = makeyesno('namevirtualhost_statement', '1', '0', '1');
-			$vhostcontainer = makeyesno('vhostcontainer', '1', '0', '1');
-			$vhostcontainer_servername_statement = makeyesno('vhostcontainer_servername_statement', '1', '0', '1');
-			*/
+
+		} else {

 			$ipsandports_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/ipsandports/formfield.ipsandports_add.php';
 			$ipsandports_add_form = htmlform::genHTMLForm($ipsandports_add_data);
@@ -273,21 +271,23 @@ if($page == 'ipsandports'

 			eval("echo \"" . getTemplate("ipsandports/ipsandports_add") . "\";");
 		}
-	}
-	elseif($action == 'edit'
-	       && $id != 0)
-	{
-		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id`='" . (int)$id . "'");

-		if($result['ip'] != '')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+	} elseif($action == 'edit'
+		&& $id != 0
+	) {
+		$result_stmt = Database::prepare("
+			SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = :id"
+		);
+		$result = Database::pexecute_first($result_stmt, array('id' => $id));
+
+		if ($result['ip'] != '') {
+
+			if (isset($_POST['send'])
+				&& $_POST['send'] == 'send'
+			) {
+
 				$ip = validate_ip($_POST['ip']);
 				$port = validate($_POST['port'], 'port', '/^(([1-9])|([1-9][0-9])|([1-9][0-9][0-9])|([1-9][0-9][0-9][0-9])|([1-5][0-9][0-9][0-9][0-9])|(6[0-4][0-9][0-9][0-9])|(65[0-4][0-9][0-9])|(655[0-2][0-9])|(6553[0-5]))$/Di', array('stringisempty', 'myport'));
-				$result_checkfordouble = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ip`='" . $db->escape($ip) . "' AND `port`='" . (int)$port . "'");
-				$result_sameipotherport = $db->query_first("SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ip`='" . $db->escape($result['ip']) . "' AND `id`!='" . (int)$id . "'");
 				$listen_statement = isset($_POST['listen_statement']) ? 1 : 0;
 				$namevirtualhost_statement = isset($_POST['namevirtualhost_statement']) ? 1 : 0;
 				$vhostcontainer = isset($_POST['vhostcontainer']) ? 1 : 0;
@@ -296,11 +296,19 @@ if($page == 'ipsandports'
 				$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
 				$docroot =  validate($_POST['docroot'], 'docroot');

-				if((int)$settings['system']['use_ssl'] == 1
-					/* 
-					 * check here if ssl is even checked, cause if not, we don't need
-					 * to validate and set all the $ssl_*_file vars
-					 */
+				$result_checkfordouble_stmt = Database::prepare("
+					SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "`
+					WHERE `ip` = :ip AND `port` = :port"
+				);
+				$result_checkfordouble = Database::pexecute_first($result_checkfordouble_stmt, array('ip' => $ip, 'port' => $port));
+
+				$result_sameipotherport_stmt = Database::prepare("
+					SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "`
+					WHERE `ip` = :ip AND `id` <> :id"
+				);
+				$result_sameipotherport = Database::pexecute_first($result_sameipotherport_stmt, array('ip' => $ip, 'id' => $id));
+
+				if ((int)Settings::Get('system.use_ssl') == 1
 					&& isset($_POST['ssl'])
 					&& $_POST['ssl'] != 0
 				) {
@@ -316,93 +324,92 @@ if($page == 'ipsandports'
 					$ssl_ca_file = '';
 					$ssl_cert_chainfile = '';
 				}
-				
-				if($listen_statement != '1')
-				{
+
+				if ($listen_statement != '1') {
 					$listen_statement = '0';
 				}

-				if($namevirtualhost_statement != '1')
-				{
+				if ($namevirtualhost_statement != '1') {
 					$namevirtualhost_statement = '0';
 				}

-				if($vhostcontainer != '1')
-				{
+				if ($vhostcontainer != '1') {
 					$vhostcontainer = '0';
 				}

-				if($vhostcontainer_servername_statement != '1')
-				{
+				if ($vhostcontainer_servername_statement != '1') {
 					$vhostcontainer_servername_statement = '0';
 				}

-				if($ssl != '1')
-				{
+				if ($ssl != '1') {
 					$ssl = '0';
 				}
-				
-				if($ssl_cert_file != '')
-				{
+
+				if ($ssl_cert_file != '') {
 					$ssl_cert_file = makeCorrectFile($ssl_cert_file);
 				}

-				if($ssl_key_file != '')
-				{
+				if ($ssl_key_file != '') {
 					$ssl_key_file = makeCorrectFile($ssl_key_file);
 				}

-				if($ssl_ca_file != '')
-				{
+				if ($ssl_ca_file != '') {
 					$ssl_ca_file = makeCorrectFile($ssl_ca_file);
 				}

-				if($ssl_cert_chainfile != '')
-				{
+				if ($ssl_cert_chainfile != '') {
 					$ssl_cert_chainfile = makeCorrectFile($ssl_cert_chainfile);
 				}

-				if(strlen(trim($docroot)) > 0)
-				{
+				if (strlen(trim($docroot)) > 0) {
 					$docroot = makeCorrectDir($docroot);
-				}
-				else
-				{
+				} else {
 					$docroot = '';
 				}

-				if($result['ip'] != $ip
-				   && $result['ip'] == $settings['system']['ipaddress']
-				   && $result_sameipotherport['id'] == '')
-				{
+				if ($result['ip'] != $ip
+					&& $result['ip'] == Settings::Get('system.ipaddress')
+					&& $result_sameipotherport['id'] == ''
+				) {
 					standard_error('cantchangesystemip');
-				}
-				elseif($result_checkfordouble['id'] != ''
-				       && $result_checkfordouble['id'] != $id)
-				{
-					standard_error('myipnotdouble');
-				}
-				else
-				{

-					$db->query("UPDATE `" . TABLE_PANEL_IPSANDPORTS . "`
-					SET 
-						`ip` = '" . $db->escape($ip) . "', 
-						`port` = '" . (int)$port . "', 
-						`listen_statement` = '" . (int)$listen_statement . "', 
-						`namevirtualhost_statement` = '" . (int)$namevirtualhost_statement . "', 
-						`vhostcontainer` = '" . (int)$vhostcontainer . "', 
-						`vhostcontainer_servername_statement` = '" . (int)$vhostcontainer_servername_statement . "', 
-						`specialsettings` = '" . $db->escape($specialsettings) . "', 
-						`ssl` = '" . (int)$ssl . "', 
-						`ssl_cert_file` = '" . $db->escape($ssl_cert_file) . "', 
-						`ssl_key_file` = '" . $db->escape($ssl_key_file) . "', 
-						`ssl_ca_file` = '" . $db->escape($ssl_ca_file) . "',
-						`ssl_cert_chainfile` = '" . $db->escape($ssl_cert_chainfile) . "', 
-						`default_vhostconf_domain` = '" . $db->escape($default_vhostconf_domain) . "',
-						`docroot` = '" . $db->escape($docroot) . "' 
-					WHERE `id`='" . (int)$id . "'
+				} elseif($result_checkfordouble['id'] != ''
+					&& $result_checkfordouble['id'] != $id
+				) {
+					standard_error('myipnotdouble');
+
+				} else {
+
+					$upd_stmt = Database::prepare("
+						UPDATE `" . TABLE_PANEL_IPSANDPORTS . "`
+						SET
+							`ip` = :ip, `port` = :port, `listen_statement` = :ls,
+							`namevirtualhost_statement` = :nvhs, `vhostcontainer` = :vhc,
+							`vhostcontainer_servername_statement` = :vhcss,
+							`specialsettings` = :ss, `ssl` = :ssl,
+							`ssl_cert_file` = :ssl_cert, `ssl_key_file` = :ssl_key,
+							`ssl_ca_file` = :ssl_ca, `ssl_cert_chainfile` = :ssl_chain,
+							`default_vhostconf_domain` = :dvhd, `docroot` = :docroot
+						WHERE `id` = :id;
 					");
+					$upd_data = array(
+						'ip' => $ip,
+						'port' => $port,
+						'ls' => $listen_statement,
+						'nvhs' => $namevirtualhost_statement,
+						'vhc' => $vhostcontainer,
+						'vhcss' => $vhostcontainer_servername_statement,
+						'ss' => $specialsettings,
+						'ssl' => $ssl,
+						'ssl_cert' => $ssl_cert_file,
+						'ssl_key' => $ssl_key_file,
+						'ssl_ca' => $ssl_ca_file,
+						'ssl_chain' => $ssl_cert_chainfile,
+						'dvhd' => $default_vhostconf_domain,
+						'docroot' => $docroot,
+						'id' => $id
+					);
+					Database::pexecute($upd_stmt, $upd_data);

 					$log->logAction(ADM_ACTION, LOG_WARNING, "changed IP/port from '" . $result['ip'] . ":" . $result['port'] . "' to '" . $ip . ":" . $port . "'");
 					inserttask('1');
@@ -412,21 +419,14 @@ if($page == 'ipsandports'

 					redirectTo($filename, Array('page' => $page, 's' => $s));
 				}
-			}
-			else
-			{
+
+			} else {
+
 				$result = htmlentities_array($result);
-				/*
-				$enable_ssl = makeyesno('ssl', '1', '0', $result['ssl']);
-				$listen_statement = makeyesno('listen_statement', '1', '0', $result['listen_statement']);
-				$namevirtualhost_statement = makeyesno('namevirtualhost_statement', '1', '0', $result['namevirtualhost_statement']);
-				$vhostcontainer = makeyesno('vhostcontainer', '1', '0', $result['vhostcontainer']);
-				$vhostcontainer_servername_statement = makeyesno('vhostcontainer_servername_statement', '1', '0', $result['vhostcontainer_servername_statement']);
-				*/

 				$ipsandports_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/ipsandports/formfield.ipsandports_edit.php';
 				$ipsandports_edit_form = htmlform::genHTMLForm($ipsandports_edit_data);
-	
+
 				$title = $ipsandports_edit_data['ipsandports_edit']['title'];
 				$image = $ipsandports_edit_data['ipsandports_edit']['image'];

@@ -435,5 +435,3 @@ if($page == 'ipsandports'
 		}
 	}
 }
-
-?>
--- a/admin_logger.php
+++ b/admin_logger.php
@@ -18,53 +18,45 @@
 */

 define('AREA', 'admin');
+require './lib/init.php';

-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
-
-require ("./lib/init.php");
-
-if($page == 'log'
-   && $userinfo['change_serversettings'] == '1')
-{
-	if($action == '')
-	{
+if ($page == 'log'
+   && $userinfo['change_serversettings'] == '1'
+) {
+	if ($action == '') {
 		$fields = array(
 			'date' => $lng['logger']['date'],
 			'type' => $lng['logger']['type'],
 			'user' => $lng['logger']['user'],
 			'text' => $lng['logger']['action']
 		);
-		$paging = new paging($userinfo, $db, TABLE_PANEL_LOG, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$paging->sortfield = 'date';
-		$paging->sortorder = 'desc';
-		$result = $db->query('SELECT * FROM `' . TABLE_PANEL_LOG . '` ' . $paging->getSqlWhere(false) . ' ' . $paging->getSqlOrderBy() . ' ' . $paging->getSqlLimit());
-		$paging->setEntries($db->num_rows($result));
+		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc');
+		$result_stmt = Database::query('
+			SELECT * FROM `' . TABLE_PANEL_LOG . '` ' . $paging->getSqlWhere(false) . ' ' . $paging->getSqlOrderBy() . ' ' . $paging->getSqlLimit()
+		);
+		$logs_count = Database::num_rows();
+		$paging->setEntries($logs_count);
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$clog = array();

-		while($row = $db->fetch_array($result))
-		{
-			if(!isset($clog[$row['action']])
-			   || !is_array($clog[$row['action']]))
-			{
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+
+			if (!isset($clog[$row['action']])
+				|| !is_array($clog[$row['action']])
+			) {
 				$clog[$row['action']] = array();
 			}
-
 			$clog[$row['action']][$row['logid']] = $row;
 		}

-		if($paging->sortfield == 'date'
-		   && $paging->sortorder == 'desc')
-		{
+		if ($paging->sortfield == 'date'
+			&& $paging->sortorder == 'desc'
+		) {
 			krsort($clog);
-		}
-		else
-		{
+		} else {
 			ksort($clog);
 		}

@@ -72,97 +64,68 @@ if($page == 'log'
 		$count = 0;
 		$log_count = 0;
 		$log = '';
-		foreach($clog as $action => $logrows)
-		{
+		foreach ($clog as $action => $logrows) {
 			$_action = 0;
-			foreach($logrows as $row)
-			{
-				if($paging->checkDisplay($i))
-				{
+			foreach ($logrows as $row) {
+				if ($paging->checkDisplay($i)) {
 					$row = htmlentities_array($row);
 					$row['date'] = date("d.m.y H:i:s", $row['date']);

-					if($_action != $action)
-					{
-						switch($action)
-						{
+					if ($_action != $action) {
+						switch ($action) {
 							case USR_ACTION:
 								$_action = $lng['admin']['customer'];
 								break;
 							case RES_ACTION:
-								$_action = 'Reseller';
+								$_action = $lng['logger']['reseller'];
 								break;
 							case ADM_ACTION:
-								$_action = 'Administrator';
+								$_action = $lng['logger']['admin'];
 								break;
 							case CRON_ACTION:
-								$_action = 'Cronjob';
+								$_action = $lng['logger']['cron'];
+								break;
+							case LOGIN_ACTION:
+								$_action = $lng['logger']['login'];
 								break;
 							case LOG_ERROR:
-								$_action = 'Internal';
+								$_action = $lng['logger']['intern'];
 								break;
 							default:
-								$_action = 'Unknown';
+								$_action = $lng['logger']['unknown'];
 								break;
 						}

 						$row['action'] = $_action;
-						eval("\$log.=\"" . getTemplate("logger/logger_action") . "\";");
+						eval("\$log.=\"" . getTemplate('logger/logger_action') . "\";");
 					}

 					$log_count++;
-					$type = $row['type'];
-					$_type = 'unknown';
-
-					switch($type)
-					{
-						case LOG_INFO:
-							$_type = 'Information';
-							break;
-						case LOG_NOTICE:
-							$_type = 'Notice';
-							break;
-						case LOG_WARNING:
-							$_type = 'Warning';
-							break;
-						case LOG_ERR:
-							$_type = 'Error';
-							break;
-						case LOG_CRIT:
-							$_type = 'Critical';
-							break;
-						default:
-							$_type = 'Unknown';
-							break;
-					}
-
-					$row['type'] = $_type;
-					eval("\$log.=\"" . getTemplate("logger/logger_log") . "\";");
+					$row['type'] = getLogLevelDesc($row['type']);
+					eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";");
 					$count++;
 					$_action = $action;
 				}
+				$i++;
 			}
-
 			$i++;
 		}

-		eval("echo \"" . getTemplate("logger/logger") . "\";");
-	}
-	elseif($action == 'truncate')
-	{
-		if(isset($_POST['send'])
-		   && $_POST['send'] == 'send')
-		{
-			$yesterday = time() - (60 * 10);
+		eval("echo \"" . getTemplate('logger/logger') . "\";");

-			/* (60*60*24); */
+	} elseif ($action == 'truncate') {

-			$db->query("DELETE FROM `" . TABLE_PANEL_LOG . "` WHERE `date` < '" . $yesterday . "'");
-			$log->logAction(ADM_ACTION, LOG_WARNING, "truncated the system-log (mysql)");
-			redirectTo($filename, Array('page' => $page, 's' => $s));
-		}
-		else
-		{
+		if (isset($_POST['send'])
+		   && $_POST['send'] == 'send'
+		) {
+			$truncatedate = time() - (60 * 10);
+			$trunc_stmt = Database::prepare("
+				DELETE FROM `" . TABLE_PANEL_LOG . "` WHERE `date` < :trunc"
+			);
+			Database::pexecute($trunc_stmt, array('trunc' => $truncatedate));
+			$log->logAction(ADM_ACTION, LOG_WARNING, 'truncated the system-log (mysql)');
+			redirectTo($filename, array('page' => $page, 's' => $s));
+		} else {
 			ask_yesno('logger_reallytruncate', $filename, array('page' => $page, 'action' => $action), TABLE_PANEL_LOG);
 		}
 	}
--- a/admin_message.php
+++ b/admin_message.php
@@ -18,131 +18,104 @@
 */

 define('AREA', 'admin');
+require './lib/init.php';

-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
-
-require ("./lib/init.php");
-
-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif (isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'message')
-{
-	if($action == '')
-	{
-		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed panel_message");
+if ($page == 'message') {
+	if ($action == '') {
+		$log->logAction(ADM_ACTION, LOG_NOTICE, 'viewed panel_message');

-		if(isset($_POST['send'])
-		   && $_POST['send'] == 'send')
-		{
-			if($_POST['receipient'] == 0
-			   && $userinfo['customers_see_all'] == '1')
-			{
-				$log->logAction(ADM_ACTION, LOG_NOTICE, "sending messages to admins");
-				$result = $db->query('SELECT `name`, `email`  FROM `' . TABLE_PANEL_ADMINS . "`");
-			}
-			elseif($_POST['receipient'] == 1)
-			{
-				if($userinfo['customers_see_all'] == "1")
-				{
-					$log->logAction(ADM_ACTION, LOG_NOTICE, "sending messages to ALL customers");
-					$result = $db->query('SELECT `firstname`, `name`, `email`  FROM `' . TABLE_PANEL_CUSTOMERS . "`");
+		if (isset($_POST['send'])
+		   && $_POST['send'] == 'send'
+		) {
+			if ($_POST['receipient'] == 0
+			   && $userinfo['customers_see_all'] == '1'
+			) {
+				$log->logAction(ADM_ACTION, LOG_NOTICE, 'sending messages to admins');
+				$result = Database::query('SELECT `name`, `email`  FROM `' . TABLE_PANEL_ADMINS . "`");
+			} elseif ($_POST['receipient'] == 1) {
+				if ($userinfo['customers_see_all'] == '1') {
+					$log->logAction(ADM_ACTION, LOG_NOTICE, 'sending messages to ALL customers');
+					$result = Database::query('SELECT `firstname`, `name`, `company`, `email`  FROM `' . TABLE_PANEL_CUSTOMERS . "`");
+				} else {
+					$log->logAction(ADM_ACTION, LOG_NOTICE, 'sending messages to customers');
+					$result = Database::prepare('
+						SELECT `firstname`, `name`, `company`, `email`  FROM `' . TABLE_PANEL_CUSTOMERS . "`
+						WHERE `adminid` = :adminid"
+					);
+					Database::pexecute($result, array('adminid' => $userinfo['adminid']));
 				}
-				else
-				{
-					$log->logAction(ADM_ACTION, LOG_NOTICE, "sending messages to customers");
-					$result = $db->query('SELECT `firstname`, `name`, `email`  FROM `' . TABLE_PANEL_CUSTOMERS . "` WHERE `adminid`='" . $userinfo['adminid'] . "'");
-				}
-			}
-			else
-			{
+			} else {
 				standard_error('noreceipientsgiven');
 			}

 			$subject = $_POST['subject'];
 			$message = wordwrap($_POST['message'], 70);

-			if(!empty($message))
-			{
+			if (!empty($message)) {
 				$mailcounter = 0;
 				$mail->Body = $message;
 				$mail->Subject = $subject;

-				while($row = $db->fetch_array($result))
-				{
-					$mail->AddAddress($row['email'], (isset($row['firstname']) ? $row['firstname'] . ' ' : '') . $row['name']);
+				while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
+
+					$row['firstname'] = isset($row['firstname']) ? $row['firstname'] : '';
+					$row['company'] = isset($row['company']) ? $row['company'] : '';
+					$mail->AddAddress($row['email'], getCorrectUserSalutation(array('firstname' => $row['firstname'], 'name' => $row['name'], 'company' => $row['company'])));
 					$mail->From = $userinfo['email'];
 					$mail->FromName = (isset($userinfo['firstname']) ? $userinfo['firstname'] . ' ' : '') . $userinfo['name'];

-					if(!$mail->Send())
-					{
-						if($mail->ErrorInfo != '')
-						{
+					if (!$mail->Send()) {
+						if ($mail->ErrorInfo != '') {
 							$mailerr_msg = $mail->ErrorInfo;
-						}
-						else
-						{
-							$mailerr_msg = $row["email"];
+						} else {
+							$mailerr_msg = $row['email'];
 						}

-						$log->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
-						standard_error('errorsendingmail', $row["email"]);
+						$log->logAction(ADM_ACTION, LOG_ERR, 'Error sending mail: ' . $mailerr_msg);
+						standard_error('errorsendingmail', $row['email']);
 					}

 					$mailcounter++;
 					$mail->ClearAddresses();
 				}

-				redirectTo($filename, Array('page' => $page, 's' => $s, 'action' => 'showsuccess', 'sentitems' => $mailcounter));
-			}
-			else
-			{
+				redirectTo($filename, array('page' => $page, 's' => $s, 'action' => 'showsuccess', 'sentitems' => $mailcounter));
+			} else {
 				standard_error('nomessagetosend');
 			}
 		}
 	}

-	if($action == 'showsuccess')
-	{
+	if ($action == 'showsuccess') {
+
 		$success = 1;
 		$sentitems = isset($_GET['sentitems']) ? (int)$_GET['sentitems'] : 0;

-		if($sentitems == 0)
-		{
+		if ($sentitems == 0) {
 			$successmessage = $lng['message']['noreceipients'];
-		}
-		else
-		{
+		} else {
 			$successmessage = str_replace('%s', $sentitems, $lng['message']['success']);
 		}

-		$action = '';
-	}
-	else
-	{
+	} else {
 		$success = 0;
 		$sentitems = 0;
 		$successmessage = '';
-		$action = '';
 	}

+	$action = '';
 	$receipients = '';

-	if($userinfo['customers_see_all'] == "1")
-	{
+	if ($userinfo['customers_see_all'] == '1') {
 		$receipients.= makeoption($lng['panel']['reseller'], 0);
 	}

-	$receipients.= makeoption($lng['panel']['customer'], 1);
-	eval("echo \"" . getTemplate("message/message") . "\";");
+	$receipients .= makeoption($lng['panel']['customer'], 1);
+	eval("echo \"" . getTemplate('message/message') . "\";");
 }
-
-?>
--- a/admin_opcacheinfo.php
+++ b/admin_opcacheinfo.php
@@ -0,0 +1,158 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Janos Muzsi <muzsij@hypernics.hu> (2016)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Panel
+ *
+ * Based on https://github.com/amnuts/opcache-gui
+ *
+ */
+
+define('AREA', 'admin');
+require './lib/init.php';
+
+
+if ($action == 'reset' &&
+        function_exists('opcache_reset') &&
+        $userinfo['change_serversettings'] == '1'
+) {
+    opcache_reset();
+    $log->logAction(ADM_ACTION, LOG_INFO, "reseted OPcache");
+    header('Location: ' . $linker->getLink(array('section' => 'opcacheinfo', 'page' => 'showinfo')));
+    exit();
+}
+
+if (!function_exists('opcache_get_configuration')
+) {
+    standard_error($lng['error']['no_opcacheinfo']);
+}
+
+if ($page == 'showinfo'
+) {
+    
+    $opcache_info = opcache_get_configuration();
+    $opcache_status = opcache_get_status(false);
+    $time = time();
+    $log->logAction(ADM_ACTION, LOG_NOTICE, "viewed OPcache info");
+    
+    $runtimelines = '';
+    if (isset($opcache_info['directives']) && is_array($opcache_info['directives'])) {
+        foreach ($opcache_info['directives'] as $name => $value) {
+            $linkname=  str_replace('_', '-', $name);
+            if ($name=='opcache.optimization_level' && is_integer($value)) {
+                $value='0x'.dechex($value);
+            }
+            if ($name=='opcache.memory_consumption' && is_integer($value) && $value%(1024*1024)==0) {
+                $value=$value/(1024*1024);
+            }
+            if ($value===null || $value==='') {
+                $value=$lng['opcacheinfo']['novalue'];
+            }
+            if ($value===true) {
+                $value=$lng['opcacheinfo']['true'];
+            }
+            if ($value===false) {
+                $value=$lng['opcacheinfo']['false'];
+            }
+            if (is_integer($value)) {
+                $value=number_format($value,0,'.',' ');
+            }
+            $name=str_replace('_', ' ', $name);
+            eval("\$runtimelines.=\"" . getTemplate("settings/opcacheinfo/runtime_line") . "\";");
+        }
+    }
+    
+    $cachehits=@$opcache_status['opcache_statistics']['hits'] ?: 0;
+    $cachemiss=@$opcache_status['opcache_statistics']['misses'] ?: 0;
+    $blacklistmiss=@$opcache_status['opcache_statistics']['blacklist_misses'] ?: 0;
+    $cachetotal=$cachehits+$cachemiss+$blacklistmiss;
+    
+    $general=array(
+        'version' => (isset($opcache_info['version']['opcache_product_name']) ? $opcache_info['version']['opcache_product_name'].' ' : '').$opcache_info['version']['version'],
+        'phpversion' => phpversion(),
+        'start_time'         => @$opcache_status['opcache_statistics']['start_time'] ? date('Y-m-d H:i:s',$opcache_status['opcache_statistics']['start_time']) : '',
+        'last_restart_time'  => @$opcache_status['opcache_statistics']['last_restart_time'] ? date('Y-m-d H:i:s',$opcache_status['opcache_statistics']['last_restart_time']) : $lng['opcacheinfo']['never'],
+        'oom_restarts' => number_format(@$opcache_status['opcache_statistics']['oom_restarts'] ?: 0,0,'.',' '),
+        'hash_restarts' => number_format(@$opcache_status['opcache_statistics']['hash_restarts'] ?: 0,0,'.',' '),
+        'manual_restarts' => number_format(@$opcache_status['opcache_statistics']['manual_restarts'] ?: 0,0,'.',' '),
+        'status' => (@$opcache_status['restart_in_progress'] ? $lng['opcacheinfo']['restartinprogress'] :
+            (@$opcache_status['restart_pending'] ? $lng['opcacheinfo']['restartpending'] :
+            (@$opcache_status['cache_full'] ? $lng['opcacheinfo']['cachefull'] :
+            (@$opcache_status['opcache_enabled'] ? $lng['opcacheinfo']['enabled'] : $lng['opcacheinfo']['novalue'])))),
+        'cachedscripts' => number_format(@$opcache_status['opcache_statistics']['num_cached_scripts'] ?: 0,0,'.',' '),
+        'cachehits' => number_format($cachehits,0,'.',' ') . ($cachetotal>0 ? sprintf(" (%.1f %%)", $cachehits/($cachetotal)*100) : ''),
+        'cachemiss' => number_format($cachemiss,0,'.',' ') . ($cachetotal>0 ? sprintf(" (%.1f %%)", $cachemiss/($cachetotal)*100) : ''),
+        'blacklistmiss' => number_format($blacklistmiss,0,'.',' ') . ($cachetotal>0 ? sprintf(" (%.1f %%)", $blacklistmiss/($cachetotal)*100) : ''),
+    );
+    
+    $usedmem=@$opcache_status['memory_usage']['used_memory'] ?: 0;
+    $usedmemstr=bsize($usedmem);
+    $freemem=@$opcache_status['memory_usage']['free_memory'] ?: 0;
+    $freememstr=bsize($freemem);
+    $totalmem=$usedmem+$freemem;
+    $wastedmem=@$opcache_status['memory_usage']['wasted_memory'] ?: 0;
+    $wastedmemstr=bsize($wastedmem);
+    if ($totalmem) {
+        $memory=array(
+            'total' => bsize($totalmem),
+            'used' => $usedmemstr . ($totalmem>0 ? sprintf(" (%.1f %%)", $usedmem/($totalmem)*100) : ''),
+            'free' => $freememstr . ($totalmem>0 ? sprintf(" (%.1f %%)", $freemem/($totalmem)*100) : ''),
+            'wasted' => $wastedmemstr . ($totalmem>0 ? sprintf(" (%.1f %%)", $wastedmem/($totalmem)*100) : ''),
+        );
+    }
+    
+    if (isset($opcache_status['interned_strings_usage'])) {
+        $usedstring=@$opcache_status['interned_strings_usage']['used_memory'] ?: 0;
+        $usedstringstr=bsize($usedstring);
+        $freestring=@$opcache_status['interned_strings_usage']['free_memory'] ?: 0;
+        $freestringstr=bsize($freestring);
+        $totalstring=$usedstring+$freestring;
+        $stringbuffer=array(
+            'total' => bsize($totalstring),
+            'used' => $usedstringstr . ($totalstring>0 ? sprintf(" (%.1f %%)", $usedstring/$totalstring*100) : ''),
+            'free' => $freestringstr . ($totalstring>0 ? sprintf(" (%.1f %%)", $freestring/$totalstring*100) : ''),
+            'strcount' => number_format(@$opcache_status['interned_strings_usage']['number_of_strings'] ?: 0,0,'.',' '),
+        );
+    }
+
+    $usedkey=@$opcache_status['opcache_statistics']['num_cached_keys'] ?: 0;
+    $usedkeystr=number_format($usedkey,0,'.',' ');
+    $totalkey=@$opcache_status['opcache_statistics']['max_cached_keys'] ?: 0;
+    $wastedkey=$usedkey - (@$opcache_status['opcache_statistics']['num_cached_scripts'] ?: 0);
+    if (isset($opcache_status['opcache_statistics'])) {
+        $keystat=array(
+            'total' => number_format($totalkey,0,'.',' '),
+            'used' => $usedkeystr . ($totalkey>0 ? sprintf(" (%.1f %%)", $usedkey/($totalkey)*100) : ''),
+            'wasted' => number_format($wastedkey,0,'.',' ') . ($totalkey>0 ? sprintf(" (%.1f %%)", $wastedkey/($totalkey)*100) : ''),
+        );
+    }
+    
+    $blacklistlines = '';
+    if (isset($opcache_info['blacklist']) && is_array($opcache_info['blacklist'])) {
+        foreach ($opcache_info['blacklist'] as $value) {
+            eval("\$blacklistlines.=\"" . getTemplate("settings/opcacheinfo/blacklist_line") . "\";");
+        }
+    }
+    
+    eval("echo \"" . getTemplate("settings/opcacheinfo/showinfo") . "\";");
+    
+}
+
+function bsize($s) {
+    foreach (array('', 'K', 'M', 'G') as $i => $k) {
+        if ($s < 1024)
+            break;
+        $s/=1024;
+    }
+    return sprintf("%5.1f %sBytes", $s, $k);
+}
--- a/admin_phpsettings.php
+++ b/admin_phpsettings.php
@@ -18,57 +18,80 @@
 */

 define('AREA', 'admin');
+require './lib/init.php';

-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
-
-require ("./lib/init.php");
-
-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif (isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'overview')
-{
-	if($action == '')
-	{
+if ($page == 'overview') {
+
+	if ($action == '') {
+
 		$tablecontent = '';
 		$count = 0;
-		$result = $db->query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
+		$result = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
+
+		while ($row = $result->fetch(PDO::FETCH_ASSOC)) {

-		while($row = $db->fetch_array($result))
-		{
 			$domainresult = false;
+			$query_params = array('id' => $row['id']);

-			if((int)$userinfo['domains_see_all'] == 0)
-			{
-				$domainresult = $db->query("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `adminid` = " . (int)$userinfo['userid'] . " AND `phpsettingid` = " . (int)$row['id']);
+			$query = "SELECT * FROM `".TABLE_PANEL_DOMAINS."`
+					WHERE `phpsettingid` = :id
+					AND `parentdomainid` = '0'";
+
+			if ((int)$userinfo['domains_see_all'] == 0) {
+				$query .= " AND `adminid` = :adminid";
+				$query_params['adminid'] = $userinfo['adminid'];
 			}
-			else
-			{
-				$domainresult = $db->query("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `phpsettingid` = " . (int)$row['id']);
+
+			if ((int)Settings::Get('panel.phpconfigs_hidestdsubdomain') == 1) {
+				$ssdids_res = Database::query("
+					SELECT DISTINCT `standardsubdomain` FROM `".TABLE_PANEL_CUSTOMERS."`
+					WHERE `standardsubdomain` > 0 ORDER BY `standardsubdomain` ASC;"
+				);
+				$ssdids = array();
+				while ($ssd = $ssdids_res->fetch(PDO::FETCH_ASSOC)) {
+					$ssdids[] = $ssd['standardsubdomain'];
+				}
+				if (count($ssdids) > 0) {
+					$query .= " AND `id` NOT IN (".implode(', ', $ssdids).")";
+				}
 			}

+			$domainresult_stmt = Database::prepare($query);
+			Database::pexecute($domainresult_stmt, $query_params);
+
 			$domains = '';
-
-			if($db->num_rows($domainresult) > 0)
-			{
-				while($row2 = $db->fetch_array($domainresult))
-				{
+			if (Database::num_rows() > 0) {
+				while ($row2 = $domainresult_stmt->fetch(PDO::FETCH_ASSOC)) {
 					$domains.= $row2['domain'] . '<br/>';
 				}
 			}
-			else
-			{
+
+			// check whether we use that config as froxor-vhost config
+			if (Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $row['id']
+				|| Settings::Get('phpfpm.vhost_defaultini') == $row['id']
+			) {
+				$domains .= Settings::Get('system.hostname');
+			}
+
+			if ($domains == '') {
 				$domains = $lng['admin']['phpsettings']['notused'];
 			}

+			// check whether this is our default config
+			if ((Settings::Get('system.mod_fcgid') == '1'
+				&& Settings::Get('system.mod_fcgid_defaultini') == $row['id'])
+				|| (Settings::Get('phpfpm.enabled') == '1'
+				&& Settings::Get('phpfpm.defaultini') == $row['id'])
+			) {
+				$row['description'] = '<b>'.$row['description'].'</b>';
+			}
+
 			$count ++;
 			eval("\$tablecontent.=\"" . getTemplate("phpconfig/overview_overview") . "\";");
 		}
@@ -77,34 +100,80 @@ if($page == 'overview')
 		eval("echo \"" . getTemplate("phpconfig/overview") . "\";");
 	}

-	if($action == 'add')
-	{
-		if((int)$userinfo['change_serversettings'] == 1)
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
-				$description = validate($_POST['description'], 'description');
-				$binary = makeCorrectFile(validate($_POST['binary'], 'binary'));
-				$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
-				$phpsettings = validate(str_replace("\r\n", "\n", $_POST['phpsettings']), 'phpsettings', '/^[^\0]*$/');
-				$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
-				$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
+	if ($action == 'add') {

-				if(strlen($description) == 0
-				   || strlen($description) > 50)
-				{
+		if ((int)$userinfo['change_serversettings'] == 1) {
+
+			if (isset($_POST['send'])
+				&& $_POST['send'] == 'send'
+			) {
+				$description = validate($_POST['description'], 'description');
+				$phpsettings = validate(str_replace("\r\n", "\n", $_POST['phpsettings']), 'phpsettings', '/^[^\0]*$/');
+
+				if (Settings::Get('system.mod_fcgid') == 1) {
+					$binary = makeCorrectFile(validate($_POST['binary'], 'binary'));
+					$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
+					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
+					$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
+					$mod_fcgid_umask = validate($_POST['mod_fcgid_umask'], 'mod_fcgid_umask', '/^[0-9]*$/');
+					// disable fpm stuff
+					$fpm_enableslowlog = 0;
+					$fpm_reqtermtimeout = 0;
+					$fpm_reqslowtimeout = 0;
+				}
+				elseif (Settings::Get('phpfpm.enabled') == 1) {
+					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int)$_POST['phpfpm_enable_slowlog'] : 0;
+					$fpm_reqtermtimeout = validate($_POST['phpfpm_reqtermtimeout'], 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/');
+					$fpm_reqslowtimeout = validate($_POST['phpfpm_reqslowtimeout'], 'phpfpm_reqslowtimeout', '/^([0-9]+)(|s|m|h|d)$/');
+					// disable fcgid stuff
+					$binary = '/usr/bin/php-cgi';
+					$file_extensions = 'php';
+					$mod_fcgid_starter = 0;
+					$mod_fcgid_maxrequests = 0;
+					$mod_fcgid_umask = "022";
+				}
+
+				if (strlen($description) == 0
+					|| strlen($description) > 50
+				) {
 					standard_error('descriptioninvalid');
 				}

-				$db->query("INSERT INTO `" . TABLE_PANEL_PHPCONFIGS . "` SET `description` = '" . $db->escape($description) . "', `binary` = '" . $db->escape($binary) . "', `file_extensions` = '" . $db->escape($file_extensions) . "', `mod_fcgid_starter` = '" . $db->escape($mod_fcgid_starter) . "', `mod_fcgid_maxrequests` = '" . $db->escape($mod_fcgid_maxrequests) . "', `phpsettings` = '" . $db->escape($phpsettings) . "'");
+				$ins_stmt = Database::prepare("
+					INSERT INTO `" . TABLE_PANEL_PHPCONFIGS . "` SET
+						`description` = :desc,
+						`binary` = :binary,
+						`file_extensions` = :fext,
+						`mod_fcgid_starter` = :starter,
+						`mod_fcgid_maxrequests` = :mreq,
+						`mod_fcgid_umask` = :umask,
+						`fpm_slowlog` = :fpmslow,
+						`fpm_reqterm` = :fpmreqterm,
+						`fpm_reqslow` = :fpmreqslow,
+						`phpsettings` = :phpsettings"
+				);
+				$ins_data = array(
+					'desc' => $description,
+					'binary' => $binary,
+					'fext' => $file_extensions,
+					'starter' => $mod_fcgid_starter,
+					'mreq' => $mod_fcgid_maxrequests,
+					'umask' => $mod_fcgid_umask,
+					'fpmslow' => $fpm_enableslowlog,
+					'fpmreqterm' => $fpm_reqtermtimeout,
+					'fpmreqslow' => $fpm_reqslowtimeout,
+					'phpsettings' => $phpsettings
+				);
+				Database::pexecute($ins_stmt, $ins_data);
+
 				inserttask('1');
 				$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with description '" . $description . "' has been created by '" . $userinfo['loginname'] . "'");
-				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
-				$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = 1");
+				redirectTo($filename, array('page' => $page, 's' => $s));
+
+			} else {
+
+				$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = 1");
+				$result = $result_stmt->fetch(PDO::FETCH_ASSOC);

 				$phpconfig_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php';
 				$phpconfig_add_form = htmlform::genHTMLForm($phpconfig_add_data);
@@ -114,73 +183,151 @@ if($page == 'overview')

 				eval("echo \"" . getTemplate("phpconfig/overview_add") . "\";");
 			}
-		}
-		else
-		{
+
+		} else {
 			standard_error('nopermissionsorinvalidid');
 		}
 	}

-	if($action == 'delete')
-	{
-		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = " . (int)$id);
+	if ($action == 'delete') {
+
+		$result_stmt = Database::prepare("
+			SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
+		);
+		$result = Database::pexecute_first($result_stmt, array('id' => $id));
+
+		if ((Settings::Get('system.mod_fcgid') == '1'
+			&& Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $id)
+			|| (Settings::Get('phpfpm.enabled') == '1'
+			&& Settings::Get('phpfpm.vhost_defaultini') == $id)
+		) {
+			standard_error('cannotdeletehostnamephpconfig');
+		}
+
+		if ((Settings::Get('system.mod_fcgid') == '1'
+			&& Settings::Get('system.mod_fcgid_defaultini') == $id)
+			|| (Settings::Get('phpfpm.enabled') == '1'
+			&& Settings::Get('phpfpm.defaultini') == $id)
+		) {
+			standard_error('cannotdeletedefaultphpconfig');
+		}
+
+		if ($result['id'] != 0
+			&& $result['id'] == $id
+			&& (int)$userinfo['change_serversettings'] == 1
+			&& $id != 1 // cannot delete the default php.config
+		) {
+
+			if (isset($_POST['send'])
+				&& $_POST['send'] == 'send'
+			) {
+				// set php-config to default for all domains using the
+				// config that is to be deleted
+				$upd_stmt = Database::prepare("
+					UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
+					`phpsettingid` = '1' WHERE `phpsettingid` = :id"
+				);
+				Database::pexecute($upd_stmt, array('id' => $id));
+
+				$del_stmt = Database::prepare("
+					DELETE FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
+				);
+				Database::pexecute($del_stmt, array('id' => $id));

-		if($result['id'] != 0
-		   && $result['id'] == $id
-		   && (int)$userinfo['change_serversettings'] == 1
-		   && $id != 1)
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
-				$db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `phpsettingid` = 1 WHERE `phpsettingid` = " . (int)$id);
-				$db->query("DELETE FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = " . (int)$id);
 				inserttask('1');
 				$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with id #" . (int)$id . " has been deleted by '" . $userinfo['loginname'] . "'");
-				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
+				redirectTo($filename, array('page' => $page, 's' => $s));
+
+			} else {
 				ask_yesno('phpsetting_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['description']);
 			}
-		}
-		else
-		{
+		} else {
 			standard_error('nopermissionsorinvalidid');
 		}
 	}

-	if($action == 'edit')
-	{
-		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = " . (int)$id);
+	if ($action == 'edit') {

-		if($result['id'] != 0
-		   && $result['id'] == $id
-		   && (int)$userinfo['change_serversettings'] == 1)
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+		$result_stmt = Database::prepare("
+			SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
+		);
+		$result = Database::pexecute_first($result_stmt, array('id' => $id));
+
+		if ($result['id'] != 0
+			&& $result['id'] == $id
+			&& (int)$userinfo['change_serversettings'] == 1
+		) {
+
+			if (isset($_POST['send'])
+				&& $_POST['send'] == 'send'
+			) {
 				$description = validate($_POST['description'], 'description');
-				$binary = makeCorrectFile(validate($_POST['binary'], 'binary'));
-				$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
 				$phpsettings = validate(str_replace("\r\n", "\n", $_POST['phpsettings']), 'phpsettings', '/^[^\0]*$/');
-				$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
-				$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));

-				if(strlen($description) == 0
-				   || strlen($description) > 50)
-				{
+				if (Settings::Get('system.mod_fcgid') == 1) {
+					$binary = makeCorrectFile(validate($_POST['binary'], 'binary'));
+					$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
+					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
+					$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
+					$mod_fcgid_umask = validate($_POST['mod_fcgid_umask'], 'mod_fcgid_umask', '/^[0-9]*$/');
+					// disable fpm stuff
+					$fpm_enableslowlog = 0;
+					$fpm_reqtermtimeout = 0;
+					$fpm_reqslowtimeout = 0;
+				}
+				elseif (Settings::Get('phpfpm.enabled') == 1) {
+					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int)$_POST['phpfpm_enable_slowlog'] : 0;
+					$fpm_reqtermtimeout = validate($_POST['phpfpm_reqtermtimeout'], 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/');
+					$fpm_reqslowtimeout = validate($_POST['phpfpm_reqslowtimeout'], 'phpfpm_reqslowtimeout', '/^([0-9]+)(|s|m|h|d)$/');
+					// disable fcgid stuff
+					$binary = '/usr/bin/php-cgi';
+					$file_extensions = 'php';
+					$mod_fcgid_starter = 0;
+					$mod_fcgid_maxrequests = 0;
+					$mod_fcgid_umask = "022";
+				}
+
+				if (strlen($description) == 0
+					|| strlen($description) > 50
+				) {
 					standard_error('descriptioninvalid');
 				}

-				$db->query("UPDATE `" . TABLE_PANEL_PHPCONFIGS . "` SET `description` = '" . $db->escape($description) . "', `binary` = '" . $db->escape($binary) . "', `file_extensions` = '" . $db->escape($file_extensions) . "', `mod_fcgid_starter` = '" . $db->escape($mod_fcgid_starter) . "', `mod_fcgid_maxrequests` = '" . $db->escape($mod_fcgid_maxrequests) . "', `phpsettings` = '" . $db->escape($phpsettings) . "' WHERE `id` = " . (int)$id);
+				$upd_stmt = Database::prepare("
+					UPDATE `" . TABLE_PANEL_PHPCONFIGS . "` SET
+						`description` = :desc,
+						`binary` = :binary,
+						`file_extensions` = :fext,
+						`mod_fcgid_starter` = :starter,
+						`mod_fcgid_maxrequests` = :mreq,
+						`mod_fcgid_umask` = :umask,
+						`fpm_slowlog` = :fpmslow,
+						`fpm_reqterm` = :fpmreqterm,
+						`fpm_reqslow` = :fpmreqslow,
+						`phpsettings` = :phpsettings
+					WHERE `id` = :id"
+				);
+				$upd_data = array(
+						'desc' => $description,
+						'binary' => $binary,
+						'fext' => $file_extensions,
+						'starter' => $mod_fcgid_starter,
+						'mreq' => $mod_fcgid_maxrequests,
+						'umask' => $mod_fcgid_umask,
+						'fpmslow' => $fpm_enableslowlog,
+						'fpmreqterm' => $fpm_reqtermtimeout,
+						'fpmreqslow' => $fpm_reqslowtimeout,
+						'phpsettings' => $phpsettings,
+						'id' => $id
+				);
+				Database::pexecute($upd_stmt, $upd_data);
+
 				inserttask('1');
 				$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with description '" . $description . "' has been changed by '" . $userinfo['loginname'] . "'");
-				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
+				redirectTo($filename, array('page' => $page, 's' => $s));
+
+			} else {
+
 				$phpconfig_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php';
 				$phpconfig_edit_form = htmlform::genHTMLForm($phpconfig_edit_data);

@@ -189,12 +336,9 @@ if($page == 'overview')

 				eval("echo \"" . getTemplate("phpconfig/overview_edit") . "\";");
 			}
-		}
-		else
-		{
+
+		} else {
 			standard_error('nopermissionsorinvalidid');
 		}
 	}
 }
-
-?>
--- a/admin_settings.php
+++ b/admin_settings.php
@@ -18,59 +18,51 @@
 */

 define('AREA', 'admin');
+require './lib/init.php';

-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
+// get sql-root access data
+Database::needRoot(true);
+Database::needSqlData();
+$sql_root = Database::getSqlData();
+Database::needRoot(false);

-$need_db_sql_data = true;
-$need_root_db_sql_data = true;
-require ("./lib/init.php");
-
-if(($page == 'settings' || $page == 'overview')
-   && $userinfo['change_serversettings'] == '1')
-{
+if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 	$settings_data = loadConfigArrayDir('./actions/admin/settings/');
-	$settings = loadSettings($settings_data, $db);
+	$settings = loadSettings($settings_data);
+
+	if (isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {

-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
 		$_part = isset($_GET['part']) ? $_GET['part'] : '';
-
-		if($_part == '')
-		{
+		if ($_part == '') {
 			$_part = isset($_POST['part']) ? $_POST['part'] : '';
 		}

-		if($_part != '')
-		{
-			if($_part == 'all')
-			{
+		if ($_part != '') {
+			if ($_part == 'all') {
 				$settings_all = true;
 				$settings_part = false;
-			}
-			else
-			{
+			} else {
 				$settings_all = false;
 				$settings_part = true;
 			}
-
 			$only_enabledisable = false;
-		}
-		else
-		{
+
+		} else {
 			$settings_all = false;
 			$settings_part = false;
 			$only_enabledisable = true;
 		}
-		
+
 		// check if the session timeout is too low #815
-		if (isset($_POST['session_sessiontimeout']) && $_POST['session_sessiontimeout'] <= 60) {
+		if (isset($_POST['session_sessiontimeout'])
+			&& $_POST['session_sessiontimeout'] < 60
+		) {
 			standard_error($lng['error']['session_timeout'], $lng['error']['session_timeout_desc']);
 		}

-		if(processFormEx(
+		if (processFormEx(
 			$settings_data,
 			$_POST,
 			array('filename' => $filename, 'action' => $action, 'page' => $page),
@@ -87,25 +79,20 @@ if(($page == 'settings' || $page == 'overview')

 			standard_success('settingssaved', '', array('filename' => $filename, 'action' => $action, 'page' => $page));
 		}
-	}
-	else
-	{
-		$_part = isset($_GET['part']) ? $_GET['part'] : '';

-		if($_part == '')
-		{
+	} else {
+
+		$_part = isset($_GET['part']) ? $_GET['part'] : '';
+		if ($_part == '') {
 			$_part = isset($_POST['part']) ? $_POST['part'] : '';
 		}

 		$fields = buildFormEx($settings_data, $_part);

 		$settings_page = '';
-		if($_part == '')
-		{
+		if ($_part == '') {
 			eval("\$settings_page .= \"" . getTemplate("settings/settings_overview") . "\";");
-		}
-		else
-		{
+		} else {
 			eval("\$settings_page .= \"" . getTemplate("settings/settings") . "\";");
 		}

@@ -114,116 +101,192 @@ if(($page == 'settings' || $page == 'overview')
 		eval("echo \"" . getTemplate("settings/settings_form_end") . "\";");

 	}
-}
-elseif($page == 'rebuildconfigs'
-       && $userinfo['change_serversettings'] == '1')
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+
+} elseif($page == 'phpinfo'
+	&& $userinfo['change_serversettings'] == '1'
+) {
+	ob_start();
+	phpinfo();
+	$phpinfo = array('phpinfo' => array());
+	if (preg_match_all(
+			'#(?:<h2>(?:<a name=".*?">)?(.*?)(?:</a>)?</h2>)|(?:<tr(?: class=".*?")?><t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>(?:<t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>(?:<t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>)?)?</tr>)#s',
+			ob_get_clean(), $matches, PREG_SET_ORDER
+		)
+	) {
+		foreach ($matches as $match) {
+			$end = array_keys($phpinfo);
+			$end = end($end);
+			if (strlen($match[1])) {
+				$phpinfo[$match[1]] = array();
+			} elseif (isset($match[3])) {
+				$phpinfo[$end][$match[2]] = isset($match[4]) ? array($match[3], $match[4]) : $match[3];
+			} else {
+				$phpinfo[$end][] = $match[2];
+			}
+		}
+		$phpinfohtml = '';
+		foreach ($phpinfo as $name => $section) {
+			$phpinfoentries = "";
+			foreach ($section as $key => $val) {
+				if (is_array($val)) {
+					eval("\$phpinfoentries .= \"" . getTemplate("settings/phpinfo/phpinfo_3") . "\";");
+				} elseif (is_string($key)) {
+					eval("\$phpinfoentries .= \"" . getTemplate("settings/phpinfo/phpinfo_2") . "\";");
+				} else {
+					eval("\$phpinfoentries .= \"" . getTemplate("settings/phpinfo/phpinfo_1") . "\";");
+				}
+			}
+			// first header -> show actual php version
+			if (strtolower($name) == "phpinfo") {
+				$name = "PHP ".PHP_VERSION;
+			}
+			eval("\$phpinfohtml .= \"" . getTemplate("settings/phpinfo/phpinfo_table") . "\";");
+		}
+		$phpinfo = $phpinfohtml;
+	} else {
+		standard_error($lng['error']['no_phpinfo']);
+	}
+	eval("echo \"" . getTemplate("settings/phpinfo") . "\";");
+
+} elseif($page == 'rebuildconfigs'
+	&& $userinfo['change_serversettings'] == '1'
+) {
+	if (isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {
+
 		$log->logAction(ADM_ACTION, LOG_INFO, "rebuild configfiles");
 		inserttask('1');
 		inserttask('10');
 		// Using nameserver, insert a task which rebuilds the server config
 		inserttask('4');
+		// cron.d file
+		inserttask('99');

 		standard_success('rebuildingconfigs', '', array('filename' => 'admin_index.php'));
-	}
-	else
-	{
+
+	} else {
 		ask_yesno('admin_configs_reallyrebuild', $filename, array('page' => $page));
 	}
-}
-elseif($page == 'updatecounters'
-       && $userinfo['change_serversettings'] == '1')
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+
+} elseif($page == 'updatecounters'
+	&& $userinfo['change_serversettings'] == '1'
+) {
+
+	if (isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {
+
 		$log->logAction(ADM_ACTION, LOG_INFO, "updated resource-counters");
 		$updatecounters = updateCounters(true);
 		$customers = '';
-		foreach($updatecounters['customers'] as $customerid => $customer)
-		{
+		foreach ($updatecounters['customers'] as $customerid => $customer) {
 			eval("\$customers.=\"" . getTemplate("settings/updatecounters_row_customer") . "\";");
 		}

 		$admins = '';
-		foreach($updatecounters['admins'] as $adminid => $admin)
-		{
+		foreach ($updatecounters['admins'] as $adminid => $admin) {
 			eval("\$admins.=\"" . getTemplate("settings/updatecounters_row_admin") . "\";");
 		}

 		eval("echo \"" . getTemplate("settings/updatecounters") . "\";");
-	}
-	else
-	{
+
+	} else {
 		ask_yesno('admin_counters_reallyupdate', $filename, array('page' => $page));
 	}
-}
-elseif($page == 'wipecleartextmailpws'
-       && $userinfo['change_serversettings'] == '1')
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+
+} elseif ($page == 'wipecleartextmailpws'
+	&& $userinfo['change_serversettings'] == '1'
+) {
+
+	if (isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {
+
 		$log->logAction(ADM_ACTION, LOG_WARNING, "wiped all cleartext mail passwords");
-		$db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `password`='' ");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value`='0' WHERE `settinggroup`='system' AND `varname`='mailpwcleartext'");
-		redirectTo('admin_settings.php', array('s' => $s));
-	}
-	else
-	{
+		Database::query("UPDATE `" . TABLE_MAIL_USERS . "` SET `password` = '';");
+		Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '0' WHERE `settinggroup` = 'system' AND `varname` = 'mailpwcleartext'");
+		redirectTo($filename, array('s' => $s));
+
+	} else {
 		ask_yesno('admin_cleartextmailpws_reallywipe', $filename, array('page' => $page));
 	}
-}
-elseif($page == 'wipequotas'
-       && $userinfo['change_serversettings'] == '1')
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+
+} elseif($page == 'wipequotas'
+	&& $userinfo['change_serversettings'] == '1'
+) {
+
+	if (isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {
+
 		$log->logAction(ADM_ACTION, LOG_WARNING, "wiped all mailquotas");

 		// Set the quota to 0 which means unlimited
+		Database::query("UPDATE `" . TABLE_MAIL_USERS . "` SET `quota` = '0';");
+		Database::query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_quota_used` = '0'");
+		redirectTo($filename, array('s' => $s));

-		$db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `quota`='0' ");
-		$db->query("UPDATE " . TABLE_PANEL_CUSTOMERS . " SET `email_quota_used` = 0");
-		redirectTo('admin_settings.php', array('s' => $s));
-	}
-	else
-	{
+	} else {
 		ask_yesno('admin_quotas_reallywipe', $filename, array('page' => $page));
 	}
-}
-elseif($page == 'enforcequotas'
-       && $userinfo['change_serversettings'] == '1')
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+
+} elseif ($page == 'enforcequotas'
+	&& $userinfo['change_serversettings'] == '1'
+) {
+	if (isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {
 		// Fetch all accounts
+		$result_stmt = Database::query("SELECT `quota`, `customerid` FROM `" . TABLE_MAIL_USERS . "`");

-		$result = $db->query("SELECT `quota`, `customerid` FROM " . TABLE_MAIL_USERS);
+		if (Database::num_rows() > 0) {

-		while($array = $db->fetch_array($result))
-		{
-			$difference = $settings['system']['mail_quota'] - $array['quota'];
-			$db->query("UPDATE " . TABLE_PANEL_CUSTOMERS . " SET `email_quota_used` = `email_quota_used` + " . (int)$difference . " WHERE `customerid` = '" . $array['customerid'] . "'");
+			$upd_stmt = Database::prepare("
+				UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
+				`email_quota_used` = `email_quota_used` + :diff
+				WHERE `customerid` = :customerid
+			");
+
+			while ($array = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+				$difference = Settings::Get('system.mail_quota') - $array['quota'];
+				Database::pexecute($upd_stmt, array('diff' => $difference, 'customerid' => $customerid));
+			}
 		}

 		// Set the new quota
-
-		$db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `quota`='" . $settings['system']['mail_quota'] . "'");
+		$upd_stmt = Database::prepare("
+			UPDATE `" . TABLE_MAIL_USERS . "` SET `quota` = :quota
+		");
+		Database::pexecute($upd_stmt, array('quota' => Settings::Get('system.mail_quota')));

 		// Update the Customer, if the used quota is bigger than the allowed quota
+		Database::query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_quota` = `email_quota_used` WHERE `email_quota` < `email_quota_used`");
+		$log->logAction(ADM_ACTION, LOG_WARNING, 'enforcing mailquota to all customers: ' . Settings::Get('system.mail_quota') . ' MB');
+		redirectTo($filename, array('s' => $s));

-		$db->query("UPDATE " . TABLE_PANEL_CUSTOMERS . " SET `email_quota` = `email_quota_used` WHERE `email_quota` < `email_quota_used`");
-		$log->logAction(ADM_ACTION, LOG_WARNING, 'enforcing mailquota to all customers: ' . $settings['system']['mail_quota'] . ' MB');
-		redirectTo('admin_settings.php', array('s' => $s));
-	}
-	else
-	{
+	} else {
 		ask_yesno('admin_quotas_reallyenforce', $filename, array('page' => $page));
 	}
+} elseif ($page == 'integritycheck'
+	&& $userinfo['change_serversettings'] == '1'
+) {
+	$integrity = new IntegrityCheck();
+	if (isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {
+		$integrity->fixAll();
+	} elseif(isset($_GET['action'])
+		 && $_GET['action'] == "fix") {
+		ask_yesno('admin_integritycheck_reallyfix', $filename, array('page' => $page));
+	}
+
+	$integritycheck = '';
+	foreach ($integrity->available as $id => $check) {
+		$displayid = $id + 1;
+		$result = $integrity->$check();
+		$checkdesc = $lng['integrity_check'][$check];
+		eval("\$integritycheck.=\"" . getTemplate("settings/integritycheck_row") . "\";");
+	}
+	eval("echo \"" . getTemplate("settings/integritycheck") . "\";");
 }
--- a/admin_templates.php
+++ b/admin_templates.php
@@ -18,77 +18,79 @@
 */

 define('AREA', 'admin');
+require './lib/init.php';

-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
-
-require ("./lib/init.php");
-
-if(isset($_POST['subjectid']))
-{
+if (isset($_POST['subjectid'])) {
 	$subjectid = intval($_POST['subjectid']);
 	$mailbodyid = intval($_POST['mailbodyid']);
-}
-elseif(isset($_GET['subjectid']))
-{
+
+} elseif(isset($_GET['subjectid'])) {
 	$subjectid = intval($_GET['subjectid']);
 	$mailbodyid = intval($_GET['mailbodyid']);
 }

-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+
+} elseif(isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

 $available_templates = array(
 	'createcustomer',
 	'pop_success',
-	'trafficmaxpercent',
-	'diskmaxpercent',
-	'new_ticket_by_customer',
-	'new_ticket_for_customer',
-	'new_ticket_by_staff',
-	'new_reply_ticket_by_customer',
-	'new_reply_ticket_by_staff',
 	'new_database_by_customer',
 	'new_ftpaccount_by_customer',
 	'password_reset'
 );
+
+// only show templates of features that are enabled #1191
+if ((int)Settings::Get('system.report_enable') == 1) {
+	array_push($available_templates,
+		'trafficmaxpercent',
+		'diskmaxpercent'
+	);
+}
+
+if ((int)Settings::Get('ticket.enabled') == 1) {
+	array_push($available_templates,
+		'new_ticket_by_customer',
+		'new_ticket_for_customer',
+		'new_ticket_by_staff',
+		'new_reply_ticket_by_customer',
+		'new_reply_ticket_by_staff'
+	);
+}
+
 $file_templates = array(
 	'index_html'
 );

-if($action == '')
-{
+if ($action == '') {
 	//email templates
-
 	$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_templates");

-	if($settings['panel']['sendalternativemail'] == 1)
-	{
+	if (Settings::Get('panel.sendalternativemail') == 1) {
 		$available_templates[] = 'pop_success_alternative';
 	}

 	$templates_array = array();
-	$result = $db->query("SELECT `id`, `language`, `varname` FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `adminid`='" . (int)$userinfo['adminid'] . "' AND `templategroup`='mails' ORDER BY `language`, `varname`");
+	$result_stmt = Database::prepare("
+		SELECT `id`, `language`, `varname` FROM `" . TABLE_PANEL_TEMPLATES . "`
+		WHERE `adminid` = :adminid AND `templategroup`='mails'
+		ORDER BY `language`, `varname`"
+	);
+	Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid']));

-	while($row = $db->fetch_array($result))
-	{
+	while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 		$parts = array();
 		preg_match('/^([a-z]([a-z_]+[a-z])*)_(mailbody|subject)$/', $row['varname'], $parts);
 		$templates_array[$row['language']][$parts[1]][$parts[3]] = $row['id'];
 	}

 	$templates = '';
-	foreach($templates_array as $language => $template_defs)
-	{
-		foreach($template_defs as $action => $email)
-		{
+	foreach ($templates_array as $language => $template_defs) {
+		foreach ($template_defs as $action => $email) {
 			$subjectid = $email['subject'];
 			$mailbodyid = $email['mailbody'];
 			$template = $lng['admin']['templates'][$action];
@@ -97,117 +99,137 @@ if($action == '')
 	}

 	$add = false;
+	while (list($language_file, $language_name) = each($languages)) {

-	while(list($language_file, $language_name) = each($languages))
-	{
 		$templates_done = array();
-		$result = $db->query('SELECT `varname` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($language_name) . '\' AND `templategroup`=\'mails\' AND `varname` LIKE \'%_subject\'');
+		$result_stmt = Database::prepare("
+			SELECT `varname` FROM `" . TABLE_PANEL_TEMPLATES . "`
+			WHERE `adminid` = :adminid AND `language`= :lang
+			AND `templategroup` = 'mails' AND `varname` LIKE '%_subject'"
+		);
+		Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'lang' => $language_name));

-		while(($row = $db->fetch_array($result)) != false)
-		{
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$templates_done[] = str_replace('_subject', '', $row['varname']);
 		}

-		if(count(array_diff($available_templates, $templates_done)) > 0)
-		{
+		if (count(array_diff($available_templates, $templates_done)) > 0) {
 			$add = true;
 		}
 	}

 	//filetemplates
-
 	$filetemplates = '';
 	$filetemplateadd = false;
-	$result = $db->query("SELECT `id`, `varname` FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `adminid`='" . (int)$userinfo['adminid'] . "' AND `templategroup`='files'");
+	$result_stmt = Database::prepare("
+		SELECT `id`, `varname` FROM `" . TABLE_PANEL_TEMPLATES . "`
+		WHERE `adminid` = :adminid AND `templategroup`='files'"
+	);
+	Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid']));

-	if($db->num_rows($result) != count($file_templates))$filetemplateadd = true;
-
-	while($row = $db->fetch_array($result))
-	{
-		eval("\$filetemplates.=\"" . getTemplate("templates/templates_filetemplate") . "\";");
+	if (Database::num_rows() != count($file_templates)) {
+		$filetemplateadd = true;
 	}

+	while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+		eval("\$filetemplates.=\"" . getTemplate("templates/templates_filetemplate") . "\";");
+	}
 	eval("echo \"" . getTemplate("templates/templates") . "\";");
-}
-elseif($action == 'delete'
-       && $subjectid != 0
-       && $mailbodyid != 0)
-{
+
+} elseif($action == 'delete'
+	&& $subjectid != 0
+	&& $mailbodyid != 0
+) {
 	//email templates
+	$result_stmt = Database::prepare("
+		SELECT `language`, `varname` FROM `" . TABLE_PANEL_TEMPLATES . "`
+		WHERE `adminid` = :adminid AND `id` = :id"
+	);
+	Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'id' => $subjectid));
+	$result = $result_stmt->fetch(PDO::FETCH_ASSOC);

-	$result = $db->query_first("SELECT `language`, `varname` FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `adminid`='" . (int)$userinfo['adminid'] . "' AND `id`='" . (int)$subjectid . "'");
-
-	if($result['varname'] != '')
-	{
-		if(isset($_POST['send'])
-		   && $_POST['send'] == 'send')
-		{
-			$db->query("DELETE FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `adminid`='" . (int)$userinfo['adminid'] . "' AND (`id`='" . (int)$subjectid . "' OR `id`='" . (int)$mailbodyid . "')");
+	if ($result['varname'] != '') {
+		if (isset($_POST['send'])
+			&& $_POST['send'] == 'send'
+		) {
+			$del_stmt = Database::prepare("
+				DELETE FROM `" . TABLE_PANEL_TEMPLATES . "`
+				WHERE `adminid` = :adminid
+				AND (`id` = :ida OR `id` = :idb)"
+			);
+			Database::pexecute($del_stmt, array(
+				'adminid' => $userinfo['adminid'],
+				'ida' => $subjectid,
+				'idb' => $mailbodyid
+			));
 			$log->logAction(ADM_ACTION, LOG_INFO, "deleted template '" . $result['language'] . ' - ' . $lng['admin']['templates'][str_replace('_subject', '', $result['varname'])] . "'");
-			redirectTo($filename, Array('page' => $page, 's' => $s));
-		}
-		else
-		{
+			redirectTo($filename, array('page' => $page, 's' => $s));
+
+		} else {
 			ask_yesno('admin_template_reallydelete', $filename, array('subjectid' => $subjectid, 'mailbodyid' => $mailbodyid, 'page' => $page, 'action' => $action), $result['language'] . ' - ' . $lng['admin']['templates'][str_replace('_subject', '', $result['varname'])]);
 		}
 	}
-}
-elseif($action == 'deletef'
-       && $id != 0)
-{
+
+} elseif($action == 'deletef'
+	&& $id != 0
+) {
 	//file templates
+	$result_stmt = Database::prepare("
+		SELECT * FROM `" . TABLE_PANEL_TEMPLATES . "`
+		WHERE `adminid` = :adminid AND `id` = :id"
+	);
+	Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'id' => $id));

-	$result = $db->query("SELECT * FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `adminid`='" . (int)$userinfo['adminid'] . "' AND `id`='" . (int)$id . "'");
+	if (Database::num_rows() > 0) {

-	if($db->num_rows($result) > 0)
-	{
-		$row = $db->fetch_array($result);
+		$row = $result_stmt->fetch(PDO::FETCH_ASSOC);

-		if(isset($_POST['send'])
-		   && $_POST['send'] == 'send')
-		{
-			$db->query("DELETE FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `adminid`=" . (int)$userinfo['adminid'] . " AND `id`=" . (int)$id . "");
+		if (isset($_POST['send'])
+			&& $_POST['send'] == 'send'
+		) {
+			$del_stmt = Database::prepare("
+				DELETE FROM `" . TABLE_PANEL_TEMPLATES . "`
+				WHERE `adminid` = :adminid AND `id` = :id"
+			);
+			Database::pexecute($del_stmt, array('adminid' => $userinfo['adminid'], 'id' => $id));
 			$log->logAction(ADM_ACTION, LOG_INFO, "deleted template '" . $lng['admin']['templates'][$row['varname']] . "'");
-			redirectTo($filename, Array('page' => $page, 's' => $s));
-		}
-		else
-		{
+			redirectTo($filename, array('page' => $page, 's' => $s));
+
+		} else {
 			ask_yesno('admin_template_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $lng['admin']['templates'][$row['varname']]);
 		}
-	}
-	else
-	{
+
+	} else {
 		standard_error('templatenotfound');
-		exit;
 	}
-}
-elseif($action == 'add')
-{
-	if($settings['panel']['sendalternativemail'] == 1)
-	{
+
+} elseif($action == 'add') {
+
+	if (Settings::Get('panel.sendalternativemail') == 1) {
 		$available_templates[] = 'pop_success_alternative';
 	}

-	if(isset($_POST['prepare'])
-	   && $_POST['prepare'] == 'prepare')
-	{
+	if (isset($_POST['prepare'])
+		&& $_POST['prepare'] == 'prepare'
+	) {
 		//email templates
+		$language = htmlentities(validate($_POST['language'], 'language', '/^[^\r\n\0"\']+$/', 'nolanguageselect'));
+		$template = validate($_POST['template'], 'template');

-		$language = validate($_POST['language'], 'language');
-		$templates = array();
-		$result = $db->query('SELECT `varname` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($language) . '\' AND `templategroup`=\'mails\' AND `varname` LIKE \'%_subject\'');
-
-		while(($row = $db->fetch_array($result)) != false)
-		{
-			$templates[] = str_replace('_subject', '', $row['varname']);
+		$lng_bak = $lng;
+		foreach ($langs['English'] as $key => $value) {
+			include_once makeSecurePath($value['file']);
+		}
+		if ($language != 'English') {
+			foreach ($langs[$language] as $key => $value) {
+				include makeSecurePath($value['file']);
+			}
 		}

-		$templates = array_diff($available_templates, $templates);
-		$template_options = '';
-		foreach($templates as $template)
-		{
-			$template_options.= makeoption($lng['admin']['templates'][$template], $template, NULL, true);
-		}
+		$subject = $lng['mails'][$template]['subject'];
+		$body = str_replace('\n', "\n", $lng['mails'][$template]['mailbody']);
+
+		$lng = $lng_bak;

 		$template_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/templates/formfield.template_add.php';
 		$template_add_form = htmlform::genHTMLForm($template_add_data);
@@ -216,105 +238,148 @@ elseif($action == 'add')
 		$image = $template_add_data['template_add']['image'];

 		eval("echo \"" . getTemplate("templates/templates_add_2") . "\";");
-	}
-	elseif(isset($_POST['send'])
-	       && $_POST['send'] == 'send')
-	{
-		//email templates

-		$language = validate($_POST['language'], 'language', '/^[^\r\n\0"\']+$/', 'nolanguageselect');
+	} elseif(isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {
+		//email templates
+		$language = htmlentities(validate($_POST['language'], 'language', '/^[^\r\n\0"\']+$/', 'nolanguageselect'));
 		$template = validate($_POST['template'], 'template');
 		$subject = validate($_POST['subject'], 'subject', '/^[^\r\n\0]+$/', 'nosubjectcreate');
 		$mailbody = validate($_POST['mailbody'], 'mailbody', '/^[^\0]+$/', 'nomailbodycreate');
 		$templates = array();
-		$result = $db->query('SELECT `varname` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($language) . '\' AND `templategroup`=\'mails\' AND `varname` LIKE \'%_subject\'');
+		$result_stmt = Database::prepare("
+			SELECT `varname` FROM `" . TABLE_PANEL_TEMPLATES . "`
+			WHERE `adminid` = :adminid AND `language` = :lang
+			AND `templategroup` = 'mails' AND `varname` LIKE '%_subject'"
+		);
+		Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'lang' => $language));

-		while(($row = $db->fetch_array($result)) != false)
-		{
+		while($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$templates[] = str_replace('_subject', '', $row['varname']);
 		}

 		$templates = array_diff($available_templates, $templates);
-
-		if(array_search($template, $templates) === false)
-		{
+		if (array_search($template, $templates) === false) {
 			standard_error('templatenotfound');
-		}
-		else
-		{
-			$result = $db->query("INSERT INTO `" . TABLE_PANEL_TEMPLATES . "` (`adminid`, `language`, `templategroup`, `varname`, `value`)
-									VALUES ('" . (int)$userinfo['adminid'] . "', '" . $db->escape($language) . "', 'mails', '" . $db->escape($template) . "_subject','" . $db->escape($subject) . "')");
-			$result = $db->query("INSERT INTO `" . TABLE_PANEL_TEMPLATES . "` (`adminid`, `language`, `templategroup`, `varname`, `value`)
-									VALUES ('" . (int)$userinfo['adminid'] . "', '" . $db->escape($language) . "', 'mails', '" . $db->escape($template) . "_mailbody','" . $db->escape($mailbody) . "')");
-			$log->logAction(ADM_ACTION, LOG_INFO, "added template '" . $language . ' - ' . $template . "'");
-			redirectTo($filename, Array('page' => $page, 's' => $s));
-		}
-	}
-	elseif(isset($_POST['filesend'])
-	       && $_POST['filesend'] == 'filesend')
-	{
-		//file templates

+		} else {
+			$ins_stmt = Database::prepare("
+				INSERT INTO `" . TABLE_PANEL_TEMPLATES . "` SET
+					`adminid` = :adminid,
+					`language` = :lang,
+					`templategroup` = 'mails',
+					`varname` = :var,
+					`value` = :value"
+			);
+
+			// mail-subject
+			$ins_data = array(
+				'adminid' => $userinfo['adminid'],
+				'lang' => $language,
+				'var' =>  $template.'_subject',
+				'value' => $subject
+			);
+			Database::pexecute($ins_stmt, $ins_data);
+
+			// mail-body
+			$ins_data = array(
+				'adminid' => $userinfo['adminid'],
+				'lang' => $language,
+				'var' =>  $template.'_mailbody',
+				'value' => $mailbody
+			);
+			Database::pexecute($ins_stmt, $ins_data);
+
+			$log->logAction(ADM_ACTION, LOG_INFO, "added template '" . $language . ' - ' . $template . "'");
+			redirectTo($filename, array('page' => $page, 's' => $s));
+		}
+
+	} elseif(isset($_POST['filesend'])
+		&& $_POST['filesend'] == 'filesend'
+	) {
+		//file templates
 		$template = validate($_POST['template'], 'template');
 		$filecontent = validate($_POST['filecontent'], 'filecontent', '/^[^\0]+$/', 'filecontentnotset');
-		$db->query("INSERT INTO `" . TABLE_PANEL_TEMPLATES . "` (`adminid`, `language`, `templategroup`, `varname`, `value`)
-					VALUES ('" . (int)$userinfo['adminid'] . "', '', 'files', '" . $db->escape($template) . "','" . $db->escape($filecontent) . "')");
-		$log->logAction(ADM_ACTION, LOG_INFO, "added template '" . $template . "'");
-		redirectTo($filename, Array('page' => $page, 's' => $s));
-	}
-	elseif(!isset($_GET['files']))
-	{
-		//email templates

+		$ins_stmt = Database::prepare("
+			INSERT INTO `" . TABLE_PANEL_TEMPLATES . "` SET
+				`adminid` = :adminid,
+				`language` = '',
+				`templategroup` = 'files',
+				`varname` = :var,
+				`value` = :value"
+		);
+
+		$ins_data = array(
+			'adminid' => $userinfo['adminid'],
+			'var' => $template,
+			'value' => $filecontent
+		);
+		Database::pexecute($ins_stmt, $ins_data);
+
+		$log->logAction(ADM_ACTION, LOG_INFO, "added template '" . $template . "'");
+		redirectTo($filename, array('page' => $page, 's' => $s));
+
+	} elseif(!isset($_GET['files'])) {
+
+		//email templates
 		$add = false;
 		$language_options = '';
+		$template_options = '';

-		while(list($language_file, $language_name) = each($languages))
-		{
+		while (list($language_file, $language_name) = each($languages)) {
 			$templates = array();
-			$result = $db->query('SELECT `varname` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($language_name) . '\' AND `templategroup`=\'mails\' AND `varname` LIKE \'%_subject\'');
+			$result_stmt = Database::prepare("
+				SELECT `varname` FROM `" . TABLE_PANEL_TEMPLATES . "`
+				WHERE `adminid` = :adminid AND `language` = :lang
+				AND `templategroup` = 'mails' AND `varname` LIKE '%_subject'"
+			);
+			Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'lang' => $language_name));

-			while(($row = $db->fetch_array($result)) != false)
-			{
+			while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 				$templates[] = str_replace('_subject', '', $row['varname']);
 			}

-			if(count(array_diff($available_templates, $templates)) > 0)
-			{
+			if (count(array_diff($available_templates, $templates)) > 0) {
 				$add = true;
-				$language_options.= makeoption($language_name, $language_file, $userinfo['language'], true);
+				$language_options.= makeoption($language_name, $language_file, $userinfo['language'], true, true);
+
+				$templates = array_diff($available_templates, $templates);
+
+				foreach ($templates as $template) {
+					$template_options.= makeoption($lng['admin']['templates'][$template], $template, NULL, true, true, $language_file) . "\n";
+				}
 			}
 		}

-		if($add)
-		{
+		if ($add) {
 			eval("echo \"" . getTemplate("templates/templates_add_1") . "\";");
-		}
-		else
-		{
+		} else {
 			standard_error('alltemplatesdefined');
-			exit;
 		}
-	}
-	else
-	{
+
+	} else {
 		//filetemplates
+		$result_stmt = Database::prepare("
+			SELECT `id`, `varname` FROM `" . TABLE_PANEL_TEMPLATES . "`
+			WHERE `adminid` = :adminid AND `templategroup`='files'"
+		);
+		Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid']));

-		$result = $db->query("SELECT `id`, `varname` FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `adminid`='" . (int)$userinfo['adminid'] . "' AND `templategroup`='files'");
-
-		if($db->num_rows($result) == count($file_templates))
-		{
+		if (Database::num_rows() == count($file_templates)) {
 			standard_error('alltemplatesdefined');
-			exit;
-		}
-		else
-		{
+
+		} else {
+
 			$templatesdefined = array();
 			$free_templates = '';

-			while($row = $db->fetch_array($result))$templatesdefined[] = $row['varname'];
-			foreach(array_diff($file_templates, $templatesdefined) as $template)
-			{
+			while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+				$templatesdefined[] = $row['varname'];
+			}
+
+			foreach (array_diff($file_templates, $templatesdefined) as $template) {
 				$free_templates.= makeoption($lng['admin']['templates'][$template], $template, '', true);
 			}

@@ -327,33 +392,65 @@ elseif($action == 'add')
 			eval("echo \"" . getTemplate("templates/filetemplates_add") . "\";");
 		}
 	}
-}
-elseif($action == 'edit'
-       && $subjectid != 0
-       && $mailbodyid != 0)
-{
+
+} elseif($action == 'edit'
+	&& $subjectid != 0
+	&& $mailbodyid != 0
+) {
 	//email templates
+	$result_stmt = Database::prepare("
+		SELECT `language`, `varname`, `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+		WHERE `adminid` = :adminid AND `id` = :subjectid"
+	);
+	Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'subjectid' => $subjectid));
+	$result = $result_stmt->fetch(PDO::FETCH_ASSOC);

-	$result = $db->query_first("SELECT `language`, `varname`, `value` FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `adminid`='" . (int)$userinfo['adminid'] . "' AND `id`='" . (int)$subjectid . "'");
+	if ($result['varname'] != '') {

-	if($result['varname'] != '')
-	{
-		if(isset($_POST['send'])
-		   && $_POST['send'] == 'send')
-		{
+		if (isset($_POST['send'])
+			&& $_POST['send'] == 'send'
+		) {
 			$subject = validate($_POST['subject'], 'subject', '/^[^\r\n\0]+$/', 'nosubjectcreate');
 			$mailbody = validate($_POST['mailbody'], 'mailbody', '/^[^\0]+$/', 'nomailbodycreate');
-			$db->query("UPDATE `" . TABLE_PANEL_TEMPLATES . "` SET `value`='" . $db->escape($subject) . "' WHERE `adminid`='" . (int)$userinfo['adminid'] . "' AND `id`='" . (int)$subjectid . "'");
-			$db->query("UPDATE `" . TABLE_PANEL_TEMPLATES . "` SET `value`='" . $db->escape($mailbody) . "' WHERE `adminid`='" . (int)$userinfo['adminid'] . "' AND `id`='" . (int)$mailbodyid . "'");
+
+			$upd_stmt = Database::prepare("
+				UPDATE `" . TABLE_PANEL_TEMPLATES . "` SET
+					`value` = :value
+				WHERE `adminid` = :adminid AND `id` = :id"
+			);
+			// subject
+			Database::pexecute($upd_stmt, array(
+				'value' => $subject,
+				'adminid' => $userinfo['adminid'],
+				'id' => $subjectid
+			));
+			// same query but mailbody
+			Database::pexecute($upd_stmt, array(
+				'value' => $mailbody,
+				'adminid' => $userinfo['adminid'],
+				'id' => $mailbodyid
+			));
+
 			$log->logAction(ADM_ACTION, LOG_INFO, "edited template '" . $result['varname'] . "'");
-			redirectTo($filename, Array('page' => $page, 's' => $s));
-		}
-		else
-		{
+			redirectTo($filename, array('page' => $page, 's' => $s));
+
+		} else {
+
 			$result = htmlentities_array($result);
 			$template = $lng['admin']['templates'][str_replace('_subject', '', $result['varname'])];
 			$subject = $result['value'];
-			$result = $db->query_first("SELECT `language`, `varname`, `value` FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `id`='$mailbodyid'");
+			$result_stmt = Database::prepare("
+				SELECT `language`, `varname`, `value`
+				FROM `" . TABLE_PANEL_TEMPLATES . "`
+				WHERE `id` = :id"
+			);
+			Database::pexecute($result_stmt, array('id' => $mailbodyid));
+			$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+			
+			$template_name = str_replace('_mailbody', '', $result['varname']);
+
+			// don't escape the already escaped language-string so save up before htmlentities()
+			$language = $result['language'];
 			$result = htmlentities_array($result);
 			$mailbody = $result['value'];

@@ -366,30 +463,41 @@ elseif($action == 'edit'
 			eval("echo \"" . getTemplate("templates/templates_edit") . "\";");
 		}
 	}
-}
-elseif($action == 'editf'
-       && $id != 0)
-{
+
+} elseif($action == 'editf'
+	&& $id != 0
+) {
 	//file templates
+	$result_stmt = Database::prepare("
+		SELECT * FROM `" . TABLE_PANEL_TEMPLATES . "`
+		WHERE `adminid` = :adminid AND `id` = :id"
+	);
+	Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'id' => $id));

-	$result = $db->query("SELECT * FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `adminid`='" . (int)$userinfo['adminid'] . "' AND `id`='" . (int)$id . "'");
+	if(Database::num_rows() > 0) {

-	if($db->num_rows($result) > 0)
-	{
-		$row = $db->fetch_array($result);
+		$row = $result_stmt->fetch(PDO::FETCH_ASSOC);

 		//filetemplates
-
-		if(isset($_POST['filesend'])
-		   && $_POST['filesend'] == 'filesend')
-		{
+		if (isset($_POST['filesend'])
+			&& $_POST['filesend'] == 'filesend'
+		) {
 			$filecontent = validate($_POST['filecontent'], 'filecontent', '/^[^\0]+$/', 'filecontentnotset');
-			$db->query("UPDATE `" . TABLE_PANEL_TEMPLATES . "` SET `value`='" . $db->escape($filecontent) . "' WHERE `adminid`='" . (int)$userinfo['adminid'] . "' AND `id`='" . (int)$id . "'");
+			$upd_stmt = Database::prepare("
+				UPDATE `" . TABLE_PANEL_TEMPLATES . "` SET
+					`value` = :value
+				WHERE `adminid` = :adminid AND `id` = :id"
+			);
+			Database::pexecute($upd_stmt, array(
+				'value' => $filecontent,
+				'adminid' => $userinfo['adminid'],
+				'id' => $id
+			));
+
 			$log->logAction(ADM_ACTION, LOG_INFO, "edited template '" . $row['varname'] . "'");
-			redirectTo($filename, Array('page' => $page, 's' => $s));
-		}
-		else
-		{
+			redirectTo($filename, array('page' => $page, 's' => $s));
+
+		} else {
 			$row = htmlentities_array($row);

 			$filetemplate_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/templates/formfield.filetemplate_edit.php';
@@ -400,10 +508,8 @@ elseif($action == 'editf'

 			eval("echo \"" . getTemplate("templates/filetemplates_edit") . "\";");
 		}
-	}
-	else
-	{
+
+	} else {
 		standard_error('templatenotfound');
-		exit;
 	}
 }
--- a/admin_tickets.php
+++ b/admin_tickets.php
--- a/admin_traffic.php
+++ b/admin_traffic.php
@@ -17,26 +17,21 @@
 */

 define('AREA', 'admin');
+require './lib/init.php';

-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
-
-require ("./lib/init.php");
-
-if($action == 'logout')
-{
-	$db->query("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = '" . (int)$userinfo['adminid'] . "' AND `adminsession` = '1'");
+if ($action == 'logout') {
+	$logout_stmt = Database::prepare("
+		DELETE FROM `" . TABLE_PANEL_SESSIONS . "`
+		WHERE `userid` = :adminid
+		AND `adminsession` = '1'"
+	);
+	Database::pexecute($logout_stmt, array('adminid' => $userinfo['adminid']));
 	redirectTo('index.php');
-	exit;
 }

-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif(isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

@@ -56,59 +51,50 @@ $months = array(
 	'12' => 'dec',
 );

-if($page == 'overview' || $page == 'customers') 
-{
-	if($action == 'su' && $id != 0)
-	{
-		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid`='" . (int)$id . "' " . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = '" . (int)$userinfo['adminid'] . "' "));
+if ($page == 'overview' || $page == 'customers') {

-		if($result['loginname'] != '')
-		{
-			$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid`='" . (int)$userinfo['userid'] . "'");
-			$s = md5(uniqid(microtime(), 1));
-			$db->query("INSERT INTO `" . TABLE_PANEL_SESSIONS . "` (`hash`, `userid`, `ipaddress`, `useragent`, `lastactivity`, `language`, `adminsession`) VALUES ('" . $db->escape($s) . "', '" . (int)$id . "', '" . $db->escape($result['ipaddress']) . "', '" . $db->escape($result['useragent']) . "', '" . time() . "', '" . $db->escape($result['language']) . "', '0')");
-			redirectTo('customer_traffic.php', Array(
-				's' => $s
-			));
-		}
-		else
-		{
-			redirectTo('index.php', Array(
-				'action' => 'login'
-			));
-		}
-	}
 	$customerview = 1;
 	$stats_tables = '';
-	$minyear = $db->query_first("SELECT `year` FROM `". TABLE_PANEL_TRAFFIC . "` ORDER BY `year` ASC LIMIT 1");
-	if (!isset($minyear['year']) || $minyear['year'] == 0)
-	{
+	$minyear_stmt = Database::query("SELECT `year` FROM `". TABLE_PANEL_TRAFFIC . "` ORDER BY `year` ASC LIMIT 1");
+	$minyear = $minyear_stmt->fetch(PDO::FETCH_ASSOC);
+
+	if (!isset($minyear['year']) || $minyear['year'] == 0) {
 		$maxyears = 0;
-	}
-	else
-	{
+	} else {
 		$maxyears = date("Y") - $minyear['year'];
 	}
-	for($years = 0; $years<=$maxyears; $years++) {
+
+	for ($years = 0; $years<=$maxyears; $years++) {
+
 		$overview['year'] = date("Y")-$years;
 		$overview['type'] = $lng['traffic']['customer'];
 		$domain_list = '';
-		$customer_name_list = $db->query("SELECT `customerid`,`company`,`name`,`firstname` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `deactivated`='0'" . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = '" . (int)$userinfo['adminid'] . "' ") . " ORDER BY name");
 		$totals = array(
-			'jan' => 0,
-			'feb' => 0,
-			'mar' => 0,
-			'apr' => 0,
-			'may' => 0,
-			'jun' => 0,
-			'jul' => 0,
-			'aug' => 0,
-			'sep' => 0,
-			'oct' => 0,
-			'nov' => 0,
-			'dec' => 0,
+				'jan' => 0,
+				'feb' => 0,
+				'mar' => 0,
+				'apr' => 0,
+				'may' => 0,
+				'jun' => 0,
+				'jul' => 0,
+				'aug' => 0,
+				'sep' => 0,
+				'oct' => 0,
+				'nov' => 0,
+				'dec' => 0,
 		);
-		while($customer_name = $db->fetch_array($customer_name_list)) {
+
+		$customer_name_list_stmt = Database::prepare("
+			SELECT `customerid`,`company`,`name`,`firstname`
+			FROM `" . TABLE_PANEL_CUSTOMERS . "`
+			WHERE `deactivated`='0'" .
+			($userinfo['customers_see_all'] ? '' : " AND `adminid` = :id") . "
+			ORDER BY name"
+		);
+		Database::pexecute($customer_name_list_stmt, array('id' => $userinfo['adminid']));
+
+		while($customer_name = $customer_name_list_stmt->fetch(PDO::FETCH_ASSOC)) {
+
 			$virtual_host = array(
 				'name' => ($customer_name['company'] == '' ? $customer_name['name'] . ", " . $customer_name['firstname'] : $customer_name['company']),
 				'customerid' => $customer_name['customerid'],
@@ -125,10 +111,17 @@ if($page == 'overview' || $page == 'customers')
 				'nov' => '-',
 				'dec' => '-',
 			);
-			
-			$traffic_list = $db->query("SELECT month, SUM(http+ftp_up+ftp_down+mail)*1024 AS traffic FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE year = " . (date("Y")-$years) . " AND `customerid` = '" . $customer_name['customerid'] . "' GROUP BY month ORDER BY month");
-			while($traffic_month = $db->fetch_array($traffic_list)) {
-				$virtual_host[$months[(int)$traffic_month['month']]] = size_readable($traffic_month['traffic'], 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
+
+			$traffic_list_stmt = Database::prepare("
+				SELECT month, SUM(http+ftp_up+ftp_down+mail)*1024 AS traffic
+				FROM `" . TABLE_PANEL_TRAFFIC . "`
+				WHERE year = :year AND `customerid` = :id
+				GROUP BY month ORDER BY month"
+			);
+			Database::pexecute($traffic_list_stmt, array('year' => (date("Y")-$years), 'id' => $customer_name['customerid']));
+
+			while ($traffic_month = $traffic_list_stmt->fetch(PDO::FETCH_ASSOC)) {
+				$virtual_host[$months[(int)$traffic_month['month']]] = size_readable($traffic_month['traffic'], 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
 				$totals[$months[(int)$traffic_month['month']]] += $traffic_month['traffic'];
 			}
 			eval("\$domain_list .= sprintf(\"%s\", \"" . getTemplate("traffic/index_table_row") . "\");");
@@ -137,8 +130,8 @@ if($page == 'overview' || $page == 'customers')
 		$virtual_host = array(
 			'name' => $lng['traffic']['months']['total'],
 		);
-		foreach($totals as $month => $bytes) {
-			$virtual_host[$month] = ($bytes == 0 ? '-' : size_readable($bytes, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s'));
+		foreach ($totals as $month => $bytes) {
+			$virtual_host[$month] = ($bytes == 0 ? '-' : size_readable($bytes, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s'));
 		}
 		$customerview = 0;
 		eval("\$total_list = sprintf(\"%s\", \"" . getTemplate("traffic/index_table_row") . "\");");
--- a/admin_updates.php
+++ b/admin_updates.php
@@ -16,26 +16,24 @@
 */

 define('AREA', 'admin');
-require ("./lib/init.php");
+require './lib/init.php';

-if($page == 'overview')
-{
+if ($page == 'overview') {
 	$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_updates");

 	/**
 	 * this is a dirty hack but syscp 1.4.2.1 does not
-	 * has any version/dbversion in the database (don't know why)
+	 * have any version/dbversion in the database (don't know why)
 	 * so we have to set them both to run a correct upgrade
 	 */
 	if (!isFroxlor()) {
-		if (!isset($settings['panel']['version'])
-		|| $settings['panel']['version'] == ''
+		if (Settings::Get('panel.version') == null
+			|| Settings::Get('panel.version') == ''
 		) {
-			$settings['panel']['version'] = '1.4.2.1';
-			$db->query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('panel','version','".$settings['panel']['version']."')");
+			Settings::Set('panel.version', '1.4.2.1');
 		}
-		if (!isset($settings['system']['dbversion'])
-		|| $settings['system']['dbversion'] == ''
+		if (Settings::Get('system.dbversion') == null
+			|| Settings::Get('system.dbversion') == ''
 		) {
 			/**
 			 * for syscp-stable (1.4.2.1) this value has to be 0
@@ -43,82 +41,81 @@ if($page == 'overview')
 			 * and the svn-version has its value in the database
 			 * -> bug #54
 			 */
-			
-			$result = $db->query_first("SELECT `value` FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `varname` = 'dbversion'");
-			
-			if(isset($result['value']))
-			{
-				$settings['system']['dbversion'] = (int)$result['value'];
+			$result_stmt = Database::query("
+				SELECT `value` FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `varname` = 'dbversion'"
+			);
+			$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+
+			if (isset($result['value'])) {
+				Settings::Set('system.dbversion', (int)$result['value'], false);
 			} else {
-				$settings['system']['dbversion'] = 0;
+				Settings::Set('system.dbversion', 0, false);
 			}
 		}
 	}

-	if(hasUpdates($version))
-	{
+	if (hasDbUpdates($dbversion) || hasUpdates($version)) {
 		$successful_update = false;
 		$message = '';

-		if(isset($_POST['send'])
-		&& $_POST['send'] == 'send')
-		{
-			if((isset($_POST['update_preconfig'])
+		if (isset($_POST['send'])
+			&& $_POST['send'] == 'send'
+		) {
+			if ((isset($_POST['update_preconfig'])
 				&& isset($_POST['update_changesagreed'])
 				&& intval($_POST['update_changesagreed']) != 0)
 				|| !isset($_POST['update_preconfig'])
 			) {
-				eval("echo \"" . getTemplate("update/update_start") . "\";");
-	
+				eval("echo \"" . getTemplate('update/update_start') . "\";");
+
 				include_once './install/updatesql.php';
-	
+
 				$redirect_url = 'admin_index.php?s=' . $s;
-				eval("echo \"" . getTemplate("update/update_end") . "\";");
-	
+				eval("echo \"" . getTemplate('update/update_end') . "\";");
+
 				updateCounters();
 				inserttask('1');
 				@chmod('./lib/userdata.inc.php', 0440);
-				
+
 				$successful_update = true;
-			}
-			else
-			{
-				$message = '<br /><strong style="color:#ff0000;">You have to agree that you have read the update notifications.</strong>';
+			} else {
+				$message = '<br /><strong class="red">You have to agree that you have read the update notifications.</strong>';
 			}
 		}

-		if(!$successful_update)
-		{
-			$current_version = $settings['panel']['version'];
+		if (!$successful_update) {
+			$current_version = Settings::Get('panel.version');
+			$current_db_version = Settings::Get('panel.db_version');
+			if (empty($current_db_version)) {
+			    $current_db_version = "0";
+			}
 			$new_version = $version;
+			$new_db_version = $dbversion;

 			$ui_text = $lng['update']['update_information']['part_a'];
-			$ui_text = str_replace('%curversion', $current_version, $ui_text);
-			$ui_text = str_replace('%newversion', $new_version, $ui_text);
-			$update_information = $ui_text;
-			
-			include_once './install/updates/preconfig.php';
-			$preconfig = getPreConfig($current_version);
-			if($preconfig != '')
-			{
-				$update_information .= '<br />'.$preconfig.$message;
+			if ($version != $current_version) {
+			     $ui_text = str_replace('%curversion', $current_version, $ui_text);
+			     $ui_text = str_replace('%newversion', $new_version, $ui_text);
+			} else {
+			    // show db version
+			    $ui_text = str_replace('%curversion', $current_db_version, $ui_text);
+			    $ui_text = str_replace('%newversion', $new_db_version, $ui_text);
 			}
-			
+			$update_information = $ui_text;
+
+			include_once './install/updates/preconfig.php';
+			$preconfig = getPreConfig($current_version, $current_db_version);
+			if ($preconfig != '') {
+				$update_information .= '<br />' . $preconfig . $message;
+			}
+
 			$update_information .= $lng['update']['update_information']['part_b'];

-			eval("echo \"" . getTemplate("update/index") . "\";");
+			eval("echo \"" . getTemplate('update/index') . "\";");
 		}
-	}
-	else
-	{
-		/*
-		 * @TODO version-webcheck check here
-		 */
-
+	} else {
 		$success_message = $lng['update']['noupdatesavail'];
 		$redirect_url = 'admin_index.php?s=' . $s;
-		eval("echo \"" . getTemplate("update/noupdatesavail") . "\";");
+		eval("echo \"" . getTemplate('update/noupdatesavail') . "\";");
 	}
 }
-
-?>
--- a/cache/.gitignore
+++ b/cache/.gitignore
@@ -1 +0,0 @@
-*
--- a/css/images/animated-overlay.gif
+++ b/css/images/animated-overlay.gif
--- a/css/images/ui-bg_diagonals-thick_18_b81900_40x40.png
+++ b/css/images/ui-bg_diagonals-thick_18_b81900_40x40.png
--- a/css/images/ui-bg_diagonals-thick_20_666666_40x40.png
+++ b/css/images/ui-bg_diagonals-thick_20_666666_40x40.png
--- a/css/images/ui-bg_flat_10_000000_40x100.png
+++ b/css/images/ui-bg_flat_10_000000_40x100.png
--- a/css/images/ui-bg_glass_100_f6f6f6_1x400.png
+++ b/css/images/ui-bg_glass_100_f6f6f6_1x400.png
--- a/css/images/ui-bg_glass_100_fdf5ce_1x400.png
+++ b/css/images/ui-bg_glass_100_fdf5ce_1x400.png
--- a/css/images/ui-bg_glass_65_ffffff_1x400.png
+++ b/css/images/ui-bg_glass_65_ffffff_1x400.png
--- a/css/images/ui-bg_gloss-wave_35_f6a828_500x100.png
+++ b/css/images/ui-bg_gloss-wave_35_f6a828_500x100.png
--- a/css/images/ui-bg_highlight-soft_100_eeeeee_1x100.png
+++ b/css/images/ui-bg_highlight-soft_100_eeeeee_1x100.png
--- a/css/images/ui-bg_highlight-soft_75_ffe45c_1x100.png
+++ b/css/images/ui-bg_highlight-soft_75_ffe45c_1x100.png
--- a/css/images/ui-icons_222222_256x240.png
+++ b/css/images/ui-icons_222222_256x240.png
--- a/css/images/ui-icons_228ef1_256x240.png
+++ b/css/images/ui-icons_228ef1_256x240.png
--- a/css/images/ui-icons_ef8c08_256x240.png
+++ b/css/images/ui-icons_ef8c08_256x240.png
--- a/css/images/ui-icons_ffd27a_256x240.png
+++ b/css/images/ui-icons_ffd27a_256x240.png
--- a/css/images/ui-icons_ffffff_256x240.png
+++ b/css/images/ui-icons_ffffff_256x240.png
--- a/css/jquery-ui.min.css
+++ b/css/jquery-ui.min.css
--- a/css/jquery.jqplot.css
+++ b/css/jquery.jqplot.css
@@ -1,226 +0,0 @@
-/*rules for the plot target div.  These will be cascaded down to all plot elements according to css rules*/
-.jqplot-target {
-    position: relative;
-    color: #666666;
-    font-family: "Trebuchet MS", Arial, Helvetica, sans-serif;
-    font-size: 1em;
-/*    height: 300px;
-    width: 400px;*/
-}
-
-/*rules applied to all axes*/
-.jqplot-axis {
-    font-size: 0.75em;
-}
-
-.jqplot-xaxis {
-    margin-top: 10px;
-}
-
-.jqplot-x2axis {
-    margin-bottom: 10px;
-}
-
-.jqplot-yaxis {
-    margin-right: 10px;
-}
-
-.jqplot-y2axis, .jqplot-y3axis, .jqplot-y4axis, .jqplot-y5axis, .jqplot-y6axis, .jqplot-y7axis, .jqplot-y8axis, .jqplot-y9axis {
-    margin-left: 10px;
-    margin-right: 10px;
-}
-
-/*rules applied to all axis tick divs*/
-.jqplot-axis-tick, .jqplot-xaxis-tick, .jqplot-yaxis-tick, .jqplot-x2axis-tick, .jqplot-y2axis-tick, .jqplot-y3axis-tick, .jqplot-y4axis-tick, .jqplot-y5axis-tick, .jqplot-y6axis-tick, .jqplot-y7axis-tick, .jqplot-y8axis-tick, .jqplot-y9axis-tick {
-    position: absolute;
-}
-
-
-.jqplot-xaxis-tick {
-    top: 0px;
-    /* initial position untill tick is drawn in proper place */
-    left: 15px;
-/*    padding-top: 10px;*/
-    vertical-align: top;
-}
-
-.jqplot-x2axis-tick {
-    bottom: 0px;
-    /* initial position untill tick is drawn in proper place */
-    left: 15px;
-/*    padding-bottom: 10px;*/
-    vertical-align: bottom;
-}
-
-.jqplot-yaxis-tick {
-    right: 0px;
-    /* initial position untill tick is drawn in proper place */
-    top: 15px;
-/*    padding-right: 10px;*/
-    text-align: right;
-}
-
-.jqplot-yaxis-tick.jqplot-breakTick {
-	right: -20px;
-	margin-right: 0px;
-	padding:1px 5px 1px 5px;
-/*	background-color: white;*/
-	z-index: 2;
-	font-size: 1.5em;
-}
-
-.jqplot-y2axis-tick, .jqplot-y3axis-tick, .jqplot-y4axis-tick, .jqplot-y5axis-tick, .jqplot-y6axis-tick, .jqplot-y7axis-tick, .jqplot-y8axis-tick, .jqplot-y9axis-tick {
-    left: 0px;
-    /* initial position untill tick is drawn in proper place */
-    top: 15px;
-/*    padding-left: 10px;*/
-/*    padding-right: 15px;*/
-    text-align: left;
-}
-
-.jqplot-meterGauge-tick {
-    font-size: 0.75em;
-    color: #999999;
-}
-
-.jqplot-meterGauge-label {
-    font-size: 1em;
-    color: #999999;
-}
-.jqplot-xaxis-label {
-    margin-top: 10px;
-    font-size: 11pt;
-    position: absolute;
-}
-
-.jqplot-x2axis-label {
-    margin-bottom: 10px;
-    font-size: 11pt;
-    position: absolute;
-}
-
-.jqplot-yaxis-label {
-    margin-right: 10px;
-/*    text-align: center;*/
-    font-size: 11pt;
-    position: absolute;
-}
-
-.jqplot-y2axis-label, .jqplot-y3axis-label, .jqplot-y4axis-label, .jqplot-y5axis-label, .jqplot-y6axis-label, .jqplot-y7axis-label, .jqplot-y8axis-label, .jqplot-y9axis-label {
-/*    text-align: center;*/
-    font-size: 11pt;
-    position: absolute;
-}
-
-table.jqplot-table-legend {
-    margin-top: 12px;
-    margin-bottom: 12px;
-    margin-left: 12px;
-    margin-right: 12px;
-}
-
-table.jqplot-table-legend, table.jqplot-cursor-legend {
-    background-color: rgba(255,255,255,0.6);
-    border: 1px solid #cccccc;
-    position: absolute;
-    font-size: 0.75em;
-}
-
-td.jqplot-table-legend {
-    vertical-align:middle;
-}
-
-td.jqplot-seriesToggle:hover, td.jqplot-seriesToggle:active {
-    cursor: pointer;
-}
-
-td.jqplot-table-legend > div {
-    border: 1px solid #cccccc;
-    padding:1px;
-}
-
-div.jqplot-table-legend-swatch {
-    width:0px;
-    height:0px;
-    border-top-width: 5px;
-    border-bottom-width: 5px;
-    border-left-width: 6px;
-    border-right-width: 6px;
-    border-top-style: solid;
-    border-bottom-style: solid;
-    border-left-style: solid;
-    border-right-style: solid;
-}
-
-.jqplot-title {
-    top: 0px;
-    left: 0px;
-    padding-bottom: 0.5em;
-    font-size: 1.2em;
-}
-
-table.jqplot-cursor-tooltip {
-    border: 1px solid #cccccc;
-    font-size: 0.75em;
-}
-
-
-.jqplot-cursor-tooltip {
-    border: 1px solid #cccccc;
-    font-size: 0.75em;
-    white-space: nowrap;
-    background: rgba(208,208,208,0.5);
-    padding: 1px;
-}
-
-.jqplot-highlighter-tooltip {
-    border: 1px solid #cccccc;
-    font-size: 0.75em;
-    white-space: nowrap;
-    background: rgba(208,208,208,0.5);
-    padding: 1px;
-}
-
-.jqplot-point-label {
-    font-size: 0.75em;
-    z-index: 2;
-}
-      
-td.jqplot-cursor-legend-swatch {
-vertical-align:middle;
-text-align:center;
-}
-
-div.jqplot-cursor-legend-swatch {
-width:1.2em;
-height:0.7em;
-}
-
-.jqplot-error {
-/*   Styles added to the plot target container when there is an error go here.*/
-    text-align: center;
-}
-
-.jqplot-error-message {
-/*    Styling of the custom error message div goes here.*/
-    position: relative;
-    top: 46%;
-    display: inline-block;
-}
-
-div.jqplot-bubble-label {
-    font-size: 0.8em;
-/*    background: rgba(90%, 90%, 90%, 0.15);*/
-    padding-left: 2px;
-    padding-right: 2px;
-    color: rgb(20%, 20%, 20%);
-}
-
-div.jqplot-bubble-label.jqplot-bubble-label-highlight {
-    background: rgba(90%, 90%, 90%, 0.7);
-}
-
-div.jqplot-noData-container {
-	text-align: center;
-	background-color: rgba(96%, 96%, 96%, 0.3);
-}
--- a/css/jquery.jqplot.min.css
+++ b/css/jquery.jqplot.min.css
@@ -1 +0,0 @@
-.jqplot-target{position:relative;color:#666;font-family:"Trebuchet MS",Arial,Helvetica,sans-serif;font-size:1em;}.jqplot-axis{font-size:.75em;}.jqplot-xaxis{margin-top:10px;}.jqplot-x2axis{margin-bottom:10px;}.jqplot-yaxis{margin-right:10px;}.jqplot-y2axis,.jqplot-y3axis,.jqplot-y4axis,.jqplot-y5axis,.jqplot-y6axis,.jqplot-y7axis,.jqplot-y8axis,.jqplot-y9axis{margin-left:10px;margin-right:10px;}.jqplot-axis-tick,.jqplot-xaxis-tick,.jqplot-yaxis-tick,.jqplot-x2axis-tick,.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick{position:absolute;}.jqplot-xaxis-tick{top:0;left:15px;vertical-align:top;}.jqplot-x2axis-tick{bottom:0;left:15px;vertical-align:bottom;}.jqplot-yaxis-tick{right:0;top:15px;text-align:right;}.jqplot-yaxis-tick.jqplot-breakTick{right:-20px;margin-right:0;padding:1px 5px 1px 5px;z-index:2;font-size:1.5em;}.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick{left:0;top:15px;text-align:left;}.jqplot-meterGauge-tick{font-size:.75em;color:#999;}.jqplot-meterGauge-label{font-size:1em;color:#999;}.jqplot-xaxis-label{margin-top:10px;font-size:11pt;position:absolute;}.jqplot-x2axis-label{margin-bottom:10px;font-size:11pt;position:absolute;}.jqplot-yaxis-label{margin-right:10px;font-size:11pt;position:absolute;}.jqplot-y2axis-label,.jqplot-y3axis-label,.jqplot-y4axis-label,.jqplot-y5axis-label,.jqplot-y6axis-label,.jqplot-y7axis-label,.jqplot-y8axis-label,.jqplot-y9axis-label{font-size:11pt;position:absolute;}table.jqplot-table-legend{margin-top:12px;margin-bottom:12px;margin-left:12px;margin-right:12px;}table.jqplot-table-legend,table.jqplot-cursor-legend{background-color:rgba(255,255,255,0.6);border:1px solid #ccc;position:absolute;font-size:.75em;}td.jqplot-table-legend{vertical-align:middle;}td.jqplot-seriesToggle:hover,td.jqplot-seriesToggle:active{cursor:pointer;}td.jqplot-table-legend>div{border:1px solid #ccc;padding:1px;}div.jqplot-table-legend-swatch{width:0;height:0;border-top-width:5px;border-bottom-width:5px;border-left-width:6px;border-right-width:6px;border-top-style:solid;border-bottom-style:solid;border-left-style:solid;border-right-style:solid;}.jqplot-title{top:0;left:0;padding-bottom:.5em;font-size:1.2em;}table.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em;}.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px;}.jqplot-highlighter-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px;}.jqplot-point-label{font-size:.75em;z-index:2;}td.jqplot-cursor-legend-swatch{vertical-align:middle;text-align:center;}div.jqplot-cursor-legend-swatch{width:1.2em;height:.7em;}.jqplot-error{text-align:center;}.jqplot-error-message{position:relative;top:46%;display:inline-block;}div.jqplot-bubble-label{font-size:.8em;padding-left:2px;padding-right:2px;color:rgb(20%,20%,20%);}div.jqplot-bubble-label.jqplot-bubble-label-highlight{background:rgba(90%,90%,90%,0.7);}div.jqplot-noData-container{text-align:center;background-color:rgba(96%,96%,96%,0.3);}
--- a/css/jquery.jquery-ui.css
+++ b/css/jquery.jquery-ui.css
@@ -1,563 +0,0 @@
-/*
- * jQuery UI CSS Framework 1.8.17
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Theming/API
- */
-
-/* Layout helpers
----------------------------------*/
-.ui-helper-hidden { display: none; }
-.ui-helper-hidden-accessible { position: absolute !important; clip: rect(1px 1px 1px 1px); clip: rect(1px,1px,1px,1px); }
-.ui-helper-reset { margin: 0; padding: 0; border: 0; outline: 0; line-height: 1.3; text-decoration: none; font-size: 100%; list-style: none; }
-.ui-helper-clearfix:before, .ui-helper-clearfix:after { content: ""; display: table; }
-.ui-helper-clearfix:after { clear: both; }
-.ui-helper-clearfix { zoom: 1; }
-.ui-helper-zfix { width: 100%; height: 100%; top: 0; left: 0; position: absolute; opacity: 0; filter:Alpha(Opacity=0); }
-
-
-/* Interaction Cues
----------------------------------*/
-.ui-state-disabled { cursor: default !important; }
-
-
-/* Icons
----------------------------------*/
-
-/* states and images */
-.ui-icon { display: block; text-indent: -99999px; overflow: hidden; background-repeat: no-repeat; }
-
-
-/* Misc visuals
----------------------------------*/
-
-/* Overlays */
-.ui-widget-overlay { position: absolute; top: 0; left: 0; width: 100%; height: 100%; }
-/*
- * jQuery UI Accordion 1.8.17
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Accordion#theming
- */
-/* IE/Win - Fix animation bug - #4615 */
-.ui-accordion { width: 100%; }
-.ui-accordion .ui-accordion-header { cursor: pointer; position: relative; margin-top: 1px; zoom: 1; }
-.ui-accordion .ui-accordion-li-fix { display: inline; }
-.ui-accordion .ui-accordion-header-active { border-bottom: 0 !important; }
-.ui-accordion .ui-accordion-header a { display: block; font-size: 1em; padding: .5em .5em .5em .7em; }
-.ui-accordion-icons .ui-accordion-header a { padding-left: 2.2em; }
-.ui-accordion .ui-accordion-header .ui-icon { position: absolute; left: .5em; top: 50%; margin-top: -8px; }
-.ui-accordion .ui-accordion-content { padding: 1em 2.2em; border-top: 0; margin-top: -2px; position: relative; top: 1px; margin-bottom: 2px; overflow: auto; display: none; zoom: 1; }
-.ui-accordion .ui-accordion-content-active { display: block; }
-/*
- * jQuery UI Autocomplete 1.8.17
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Autocomplete#theming
- */
-.ui-autocomplete { position: absolute; cursor: default; }
-
-/* workarounds */
-* html .ui-autocomplete { width:1px; } /* without this, the menu expands to 100% in IE6 */
-
-/*
- * jQuery UI Menu 1.8.17
- *
- * Copyright 2010, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Menu#theming
- */
-.ui-menu {
-	list-style:none;
-	padding: 2px;
-	margin: 0;
-	display:block;
-	float: left;
-}
-.ui-menu .ui-menu {
-	margin-top: -3px;
-}
-.ui-menu .ui-menu-item {
-	margin:0;
-	padding: 0;
-	zoom: 1;
-	float: left;
-	clear: left;
-	width: 100%;
-}
-.ui-menu .ui-menu-item a {
-	text-decoration:none;
-	display:block;
-	padding:.2em .4em;
-	line-height:1.5;
-	zoom:1;
-}
-.ui-menu .ui-menu-item a.ui-state-hover,
-.ui-menu .ui-menu-item a.ui-state-active {
-	font-weight: normal;
-	margin: -1px;
-}
-/*
- * jQuery UI Button 1.8.17
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Button#theming
- */
-.ui-button { display: inline-block; position: relative; padding: 0; margin-right: .1em; text-decoration: none !important; cursor: pointer; text-align: center; zoom: 1; overflow: visible; } /* the overflow property removes extra width in IE */
-.ui-button-icon-only { width: 2.2em; } /* to make room for the icon, a width needs to be set here */
-button.ui-button-icon-only { width: 2.4em; } /* button elements seem to need a little more width */
-.ui-button-icons-only { width: 3.4em; }
-button.ui-button-icons-only { width: 3.7em; }
-
-/*button text element */
-.ui-button .ui-button-text { display: block; line-height: 1.4;  }
-.ui-button-text-only .ui-button-text { padding: .4em 1em; }
-.ui-button-icon-only .ui-button-text, .ui-button-icons-only .ui-button-text { padding: .4em; text-indent: -9999999px; }
-.ui-button-text-icon-primary .ui-button-text, .ui-button-text-icons .ui-button-text { padding: .4em 1em .4em 2.1em; }
-.ui-button-text-icon-secondary .ui-button-text, .ui-button-text-icons .ui-button-text { padding: .4em 2.1em .4em 1em; }
-.ui-button-text-icons .ui-button-text { padding-left: 2.1em; padding-right: 2.1em; }
-/* no icon support for input elements, provide padding by default */
-input.ui-button { padding: .4em 1em; }
-
-/*button icon element(s) */
-.ui-button-icon-only .ui-icon, .ui-button-text-icon-primary .ui-icon, .ui-button-text-icon-secondary .ui-icon, .ui-button-text-icons .ui-icon, .ui-button-icons-only .ui-icon { position: absolute; top: 50%; margin-top: -8px; }
-.ui-button-icon-only .ui-icon { left: 50%; margin-left: -8px; }
-.ui-button-text-icon-primary .ui-button-icon-primary, .ui-button-text-icons .ui-button-icon-primary, .ui-button-icons-only .ui-button-icon-primary { left: .5em; }
-.ui-button-text-icon-secondary .ui-button-icon-secondary, .ui-button-text-icons .ui-button-icon-secondary, .ui-button-icons-only .ui-button-icon-secondary { right: .5em; }
-.ui-button-text-icons .ui-button-icon-secondary, .ui-button-icons-only .ui-button-icon-secondary { right: .5em; }
-
-/*button sets*/
-.ui-buttonset { margin-right: 7px; }
-.ui-buttonset .ui-button { margin-left: 0; margin-right: -.3em; }
-
-/* workarounds */
-button.ui-button::-moz-focus-inner { border: 0; padding: 0; } /* reset extra padding in Firefox */
-/*
- * jQuery UI Datepicker 1.8.17
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Datepicker#theming
- */
-.ui-datepicker { width: 17em; padding: .2em .2em 0; display: none; }
-.ui-datepicker .ui-datepicker-header { position:relative; padding:.2em 0; }
-.ui-datepicker .ui-datepicker-prev, .ui-datepicker .ui-datepicker-next { position:absolute; top: 2px; width: 1.8em; height: 1.8em; }
-.ui-datepicker .ui-datepicker-prev-hover, .ui-datepicker .ui-datepicker-next-hover { top: 1px; }
-.ui-datepicker .ui-datepicker-prev { left:2px; }
-.ui-datepicker .ui-datepicker-next { right:2px; }
-.ui-datepicker .ui-datepicker-prev-hover { left:1px; }
-.ui-datepicker .ui-datepicker-next-hover { right:1px; }
-.ui-datepicker .ui-datepicker-prev span, .ui-datepicker .ui-datepicker-next span { display: block; position: absolute; left: 50%; margin-left: -8px; top: 50%; margin-top: -8px;  }
-.ui-datepicker .ui-datepicker-title { margin: 0 2.3em; line-height: 1.8em; text-align: center; }
-.ui-datepicker .ui-datepicker-title select { font-size:1em; margin:1px 0; }
-.ui-datepicker select.ui-datepicker-month-year {width: 100%;}
-.ui-datepicker select.ui-datepicker-month,
-.ui-datepicker select.ui-datepicker-year { width: 49%;}
-.ui-datepicker table {width: 100%; font-size: .9em; border-collapse: collapse; margin:0 0 .4em; }
-.ui-datepicker th { padding: .7em .3em; text-align: center; font-weight: bold; border: 0;  }
-.ui-datepicker td { border: 0; padding: 1px; }
-.ui-datepicker td span, .ui-datepicker td a { display: block; padding: .2em; text-align: right; text-decoration: none; }
-.ui-datepicker .ui-datepicker-buttonpane { background-image: none; margin: .7em 0 0 0; padding:0 .2em; border-left: 0; border-right: 0; border-bottom: 0; }
-.ui-datepicker .ui-datepicker-buttonpane button { float: right; margin: .5em .2em .4em; cursor: pointer; padding: .2em .6em .3em .6em; width:auto; overflow:visible; }
-.ui-datepicker .ui-datepicker-buttonpane button.ui-datepicker-current { float:left; }
-
-/* with multiple calendars */
-.ui-datepicker.ui-datepicker-multi { width:auto; }
-.ui-datepicker-multi .ui-datepicker-group { float:left; }
-.ui-datepicker-multi .ui-datepicker-group table { width:95%; margin:0 auto .4em; }
-.ui-datepicker-multi-2 .ui-datepicker-group { width:50%; }
-.ui-datepicker-multi-3 .ui-datepicker-group { width:33.3%; }
-.ui-datepicker-multi-4 .ui-datepicker-group { width:25%; }
-.ui-datepicker-multi .ui-datepicker-group-last .ui-datepicker-header { border-left-width:0; }
-.ui-datepicker-multi .ui-datepicker-group-middle .ui-datepicker-header { border-left-width:0; }
-.ui-datepicker-multi .ui-datepicker-buttonpane { clear:left; }
-.ui-datepicker-row-break { clear:both; width:100%; font-size:0em; }
-
-/* RTL support */
-.ui-datepicker-rtl { direction: rtl; }
-.ui-datepicker-rtl .ui-datepicker-prev { right: 2px; left: auto; }
-.ui-datepicker-rtl .ui-datepicker-next { left: 2px; right: auto; }
-.ui-datepicker-rtl .ui-datepicker-prev:hover { right: 1px; left: auto; }
-.ui-datepicker-rtl .ui-datepicker-next:hover { left: 1px; right: auto; }
-.ui-datepicker-rtl .ui-datepicker-buttonpane { clear:right; }
-.ui-datepicker-rtl .ui-datepicker-buttonpane button { float: left; }
-.ui-datepicker-rtl .ui-datepicker-buttonpane button.ui-datepicker-current { float:right; }
-.ui-datepicker-rtl .ui-datepicker-group { float:right; }
-.ui-datepicker-rtl .ui-datepicker-group-last .ui-datepicker-header { border-right-width:0; border-left-width:1px; }
-.ui-datepicker-rtl .ui-datepicker-group-middle .ui-datepicker-header { border-right-width:0; border-left-width:1px; }
-
-/* IE6 IFRAME FIX (taken from datepicker 1.5.3 */
-.ui-datepicker-cover {
-    display: none; /*sorry for IE5*/
-    display/**/: block; /*sorry for IE5*/
-    position: absolute; /*must have*/
-    z-index: -1; /*must have*/
-    filter: mask(); /*must have*/
-    top: -4px; /*must have*/
-    left: -4px; /*must have*/
-    width: 200px; /*must have*/
-    height: 200px; /*must have*/
-}/*
- * jQuery UI Dialog 1.8.17
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Dialog#theming
- */
-.ui-dialog { position: absolute; padding: .2em; width: 300px; overflow: hidden; }
-.ui-dialog .ui-dialog-titlebar { padding: .4em 1em; position: relative;  }
-.ui-dialog .ui-dialog-title { float: left; margin: .1em 16px .1em 0; }
-.ui-dialog .ui-dialog-titlebar-close { position: absolute; right: .3em; top: 50%; width: 19px; margin: -10px 0 0 0; padding: 1px; height: 18px; }
-.ui-dialog .ui-dialog-titlebar-close span { display: block; margin: 1px; }
-.ui-dialog .ui-dialog-titlebar-close:hover, .ui-dialog .ui-dialog-titlebar-close:focus { padding: 0; }
-.ui-dialog .ui-dialog-content { position: relative; border: 0; padding: .5em 1em; background: none; overflow: auto; zoom: 1; }
-.ui-dialog .ui-dialog-buttonpane { text-align: left; border-width: 1px 0 0 0; background-image: none; margin: .5em 0 0 0; padding: .3em 1em .5em .4em; }
-.ui-dialog .ui-dialog-buttonpane .ui-dialog-buttonset { float: right; }
-.ui-dialog .ui-dialog-buttonpane button { margin: .5em .4em .5em 0; cursor: pointer; }
-.ui-dialog .ui-resizable-se { width: 14px; height: 14px; right: 3px; bottom: 3px; }
-.ui-draggable .ui-dialog-titlebar { cursor: move; }
-/*
- * jQuery UI Progressbar 1.8.17
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Progressbar#theming
- */
-.ui-progressbar { height:2em; text-align: left; overflow: hidden; }
-.ui-progressbar .ui-progressbar-value {margin: -1px; height:100%; }/*
- * jQuery UI Resizable 1.8.17
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Resizable#theming
- */
-.ui-resizable { position: relative;}
-.ui-resizable-handle { position: absolute;font-size: 0.1px;z-index: 99999; display: block; }
-.ui-resizable-disabled .ui-resizable-handle, .ui-resizable-autohide .ui-resizable-handle { display: none; }
-.ui-resizable-n { cursor: n-resize; height: 7px; width: 100%; top: -5px; left: 0; }
-.ui-resizable-s { cursor: s-resize; height: 7px; width: 100%; bottom: -5px; left: 0; }
-.ui-resizable-e { cursor: e-resize; width: 7px; right: -5px; top: 0; height: 100%; }
-.ui-resizable-w { cursor: w-resize; width: 7px; left: -5px; top: 0; height: 100%; }
-.ui-resizable-se { cursor: se-resize; width: 12px; height: 12px; right: 1px; bottom: 1px; }
-.ui-resizable-sw { cursor: sw-resize; width: 9px; height: 9px; left: -5px; bottom: -5px; }
-.ui-resizable-nw { cursor: nw-resize; width: 9px; height: 9px; left: -5px; top: -5px; }
-.ui-resizable-ne { cursor: ne-resize; width: 9px; height: 9px; right: -5px; top: -5px;}/*
- * jQuery UI Selectable 1.8.17
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Selectable#theming
- */
-.ui-selectable-helper { position: absolute; z-index: 100; border:1px dotted black; }
-/*
- * jQuery UI Slider 1.8.17
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Slider#theming
- */
-.ui-slider { position: relative; text-align: left; }
-.ui-slider .ui-slider-handle { position: absolute; z-index: 2; width: 1.2em; height: 1.2em; cursor: default; }
-.ui-slider .ui-slider-range { position: absolute; z-index: 1; font-size: .7em; display: block; border: 0; background-position: 0 0; }
-
-.ui-slider-horizontal { height: .8em; }
-.ui-slider-horizontal .ui-slider-handle { top: -.3em; margin-left: -.6em; }
-.ui-slider-horizontal .ui-slider-range { top: 0; height: 100%; }
-.ui-slider-horizontal .ui-slider-range-min { left: 0; }
-.ui-slider-horizontal .ui-slider-range-max { right: 0; }
-
-.ui-slider-vertical { width: .8em; height: 100px; }
-.ui-slider-vertical .ui-slider-handle { left: -.3em; margin-left: 0; margin-bottom: -.6em; }
-.ui-slider-vertical .ui-slider-range { left: 0; width: 100%; }
-.ui-slider-vertical .ui-slider-range-min { bottom: 0; }
-.ui-slider-vertical .ui-slider-range-max { top: 0; }/*
- * jQuery UI Tabs 1.8.17
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Tabs#theming
- */
-.ui-tabs { position: relative; padding: .2em; zoom: 1; } /* position: relative prevents IE scroll bug (element with position: relative inside container with overflow: auto appear as "fixed") */
-.ui-tabs .ui-tabs-nav { margin: 0; padding: .2em .2em 0; }
-.ui-tabs .ui-tabs-nav li { list-style: none; float: left; position: relative; top: 1px; margin: 0 .2em 1px 0; border-bottom: 0 !important; padding: 0; white-space: nowrap; }
-.ui-tabs .ui-tabs-nav li a { float: left; padding: .5em 1em; text-decoration: none; }
-.ui-tabs .ui-tabs-nav li.ui-tabs-selected { margin-bottom: 0; padding-bottom: 1px; }
-.ui-tabs .ui-tabs-nav li.ui-tabs-selected a, .ui-tabs .ui-tabs-nav li.ui-state-disabled a, .ui-tabs .ui-tabs-nav li.ui-state-processing a { cursor: text; }
-.ui-tabs .ui-tabs-nav li a, .ui-tabs.ui-tabs-collapsible .ui-tabs-nav li.ui-tabs-selected a { cursor: pointer; } /* first selector in group seems obsolete, but required to overcome bug in Opera applying cursor: text overall if defined elsewhere... */
-.ui-tabs .ui-tabs-panel { display: block; border-width: 0; padding: 1em 1.4em; background: none; }
-.ui-tabs .ui-tabs-hide { display: none !important; }
-/*
- * jQuery UI CSS Framework 1.8.17
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Theming/API
- *
- * To view and modify this theme, visit http://jqueryui.com/themeroller/
- */
-
-
-/* Component containers
----------------------------------*/
-.ui-widget { font-family: Verdana,Arial,sans-serif/*{ffDefault}*/; font-size: 1.1em/*{fsDefault}*/; }
-.ui-widget .ui-widget { font-size: 1em; }
-.ui-widget input, .ui-widget select, .ui-widget textarea, .ui-widget button { font-family: Verdana,Arial,sans-serif/*{ffDefault}*/; font-size: 1em; }
-.ui-widget-content { border: 1px solid #aaaaaa/*{borderColorContent}*/; background: #ffffff/*{bgColorContent}*/ url(images/ui-bg_flat_75_ffffff_40x100.png)/*{bgImgUrlContent}*/ 50%/*{bgContentXPos}*/ 50%/*{bgContentYPos}*/ repeat-x/*{bgContentRepeat}*/; color: #222222/*{fcContent}*/; }
-.ui-widget-content a { color: #222222/*{fcContent}*/; }
-.ui-widget-header { border: 1px solid #aaaaaa/*{borderColorHeader}*/; background: #cccccc/*{bgColorHeader}*/ url(images/ui-bg_highlight-soft_75_cccccc_1x100.png)/*{bgImgUrlHeader}*/ 50%/*{bgHeaderXPos}*/ 50%/*{bgHeaderYPos}*/ repeat-x/*{bgHeaderRepeat}*/; color: #222222/*{fcHeader}*/; font-weight: bold; }
-.ui-widget-header a { color: #222222/*{fcHeader}*/; }
-
-/* Interaction states
----------------------------------*/
-.ui-state-default, .ui-widget-content .ui-state-default, .ui-widget-header .ui-state-default { border: 1px solid #d3d3d3/*{borderColorDefault}*/; background: #e6e6e6/*{bgColorDefault}*/ url(images/ui-bg_glass_75_e6e6e6_1x400.png)/*{bgImgUrlDefault}*/ 50%/*{bgDefaultXPos}*/ 50%/*{bgDefaultYPos}*/ repeat-x/*{bgDefaultRepeat}*/; font-weight: normal/*{fwDefault}*/; color: #555555/*{fcDefault}*/; }
-.ui-state-default a, .ui-state-default a:link, .ui-state-default a:visited { color: #555555/*{fcDefault}*/; text-decoration: none; }
-.ui-state-hover, .ui-widget-content .ui-state-hover, .ui-widget-header .ui-state-hover, .ui-state-focus, .ui-widget-content .ui-state-focus, .ui-widget-header .ui-state-focus { border: 1px solid #999999/*{borderColorHover}*/; background: #dadada/*{bgColorHover}*/ url(images/ui-bg_glass_75_dadada_1x400.png)/*{bgImgUrlHover}*/ 50%/*{bgHoverXPos}*/ 50%/*{bgHoverYPos}*/ repeat-x/*{bgHoverRepeat}*/; font-weight: normal/*{fwDefault}*/; color: #212121/*{fcHover}*/; }
-.ui-state-hover a, .ui-state-hover a:hover { color: #212121/*{fcHover}*/; text-decoration: none; }
-.ui-state-active, .ui-widget-content .ui-state-active, .ui-widget-header .ui-state-active { border: 1px solid #aaaaaa/*{borderColorActive}*/; background: #ffffff/*{bgColorActive}*/ url(images/ui-bg_glass_65_ffffff_1x400.png)/*{bgImgUrlActive}*/ 50%/*{bgActiveXPos}*/ 50%/*{bgActiveYPos}*/ repeat-x/*{bgActiveRepeat}*/; font-weight: normal/*{fwDefault}*/; color: #212121/*{fcActive}*/; }
-.ui-state-active a, .ui-state-active a:link, .ui-state-active a:visited { color: #212121/*{fcActive}*/; text-decoration: none; }
-.ui-widget :active { outline: none; }
-
-/* Interaction Cues
----------------------------------*/
-.ui-state-highlight, .ui-widget-content .ui-state-highlight, .ui-widget-header .ui-state-highlight  {border: 1px solid #fcefa1/*{borderColorHighlight}*/; background: #fbf9ee/*{bgColorHighlight}*/ url(images/ui-bg_glass_55_fbf9ee_1x400.png)/*{bgImgUrlHighlight}*/ 50%/*{bgHighlightXPos}*/ 50%/*{bgHighlightYPos}*/ repeat-x/*{bgHighlightRepeat}*/; color: #363636/*{fcHighlight}*/; }
-.ui-state-highlight a, .ui-widget-content .ui-state-highlight a,.ui-widget-header .ui-state-highlight a { color: #363636/*{fcHighlight}*/; }
-.ui-state-error, .ui-widget-content .ui-state-error, .ui-widget-header .ui-state-error {border: 1px solid #cd0a0a/*{borderColorError}*/; background: #fef1ec/*{bgColorError}*/ url(images/ui-bg_glass_95_fef1ec_1x400.png)/*{bgImgUrlError}*/ 50%/*{bgErrorXPos}*/ 50%/*{bgErrorYPos}*/ repeat-x/*{bgErrorRepeat}*/; color: #cd0a0a/*{fcError}*/; }
-.ui-state-error a, .ui-widget-content .ui-state-error a, .ui-widget-header .ui-state-error a { color: #cd0a0a/*{fcError}*/; }
-.ui-state-error-text, .ui-widget-content .ui-state-error-text, .ui-widget-header .ui-state-error-text { color: #cd0a0a/*{fcError}*/; }
-.ui-priority-primary, .ui-widget-content .ui-priority-primary, .ui-widget-header .ui-priority-primary { font-weight: bold; }
-.ui-priority-secondary, .ui-widget-content .ui-priority-secondary,  .ui-widget-header .ui-priority-secondary { opacity: .7; filter:Alpha(Opacity=70); font-weight: normal; }
-.ui-state-disabled, .ui-widget-content .ui-state-disabled, .ui-widget-header .ui-state-disabled { opacity: .35; filter:Alpha(Opacity=35); background-image: none; }
-
-/* Icons
----------------------------------*/
-
-/* states and images */
-.ui-icon { width: 16px; height: 16px; background-image: url(images/ui-icons_222222_256x240.png)/*{iconsContent}*/; }
-.ui-widget-content .ui-icon {background-image: url(images/ui-icons_222222_256x240.png)/*{iconsContent}*/; }
-.ui-widget-header .ui-icon {background-image: url(images/ui-icons_222222_256x240.png)/*{iconsHeader}*/; }
-.ui-state-default .ui-icon { background-image: url(images/ui-icons_888888_256x240.png)/*{iconsDefault}*/; }
-.ui-state-hover .ui-icon, .ui-state-focus .ui-icon {background-image: url(images/ui-icons_454545_256x240.png)/*{iconsHover}*/; }
-.ui-state-active .ui-icon {background-image: url(images/ui-icons_454545_256x240.png)/*{iconsActive}*/; }
-.ui-state-highlight .ui-icon {background-image: url(images/ui-icons_2e83ff_256x240.png)/*{iconsHighlight}*/; }
-.ui-state-error .ui-icon, .ui-state-error-text .ui-icon {background-image: url(images/ui-icons_cd0a0a_256x240.png)/*{iconsError}*/; }
-
-/* positioning */
-.ui-icon-carat-1-n { background-position: 0 0; }
-.ui-icon-carat-1-ne { background-position: -16px 0; }
-.ui-icon-carat-1-e { background-position: -32px 0; }
-.ui-icon-carat-1-se { background-position: -48px 0; }
-.ui-icon-carat-1-s { background-position: -64px 0; }
-.ui-icon-carat-1-sw { background-position: -80px 0; }
-.ui-icon-carat-1-w { background-position: -96px 0; }
-.ui-icon-carat-1-nw { background-position: -112px 0; }
-.ui-icon-carat-2-n-s { background-position: -128px 0; }
-.ui-icon-carat-2-e-w { background-position: -144px 0; }
-.ui-icon-triangle-1-n { background-position: 0 -16px; }
-.ui-icon-triangle-1-ne { background-position: -16px -16px; }
-.ui-icon-triangle-1-e { background-position: -32px -16px; }
-.ui-icon-triangle-1-se { background-position: -48px -16px; }
-.ui-icon-triangle-1-s { background-position: -64px -16px; }
-.ui-icon-triangle-1-sw { background-position: -80px -16px; }
-.ui-icon-triangle-1-w { background-position: -96px -16px; }
-.ui-icon-triangle-1-nw { background-position: -112px -16px; }
-.ui-icon-triangle-2-n-s { background-position: -128px -16px; }
-.ui-icon-triangle-2-e-w { background-position: -144px -16px; }
-.ui-icon-arrow-1-n { background-position: 0 -32px; }
-.ui-icon-arrow-1-ne { background-position: -16px -32px; }
-.ui-icon-arrow-1-e { background-position: -32px -32px; }
-.ui-icon-arrow-1-se { background-position: -48px -32px; }
-.ui-icon-arrow-1-s { background-position: -64px -32px; }
-.ui-icon-arrow-1-sw { background-position: -80px -32px; }
-.ui-icon-arrow-1-w { background-position: -96px -32px; }
-.ui-icon-arrow-1-nw { background-position: -112px -32px; }
-.ui-icon-arrow-2-n-s { background-position: -128px -32px; }
-.ui-icon-arrow-2-ne-sw { background-position: -144px -32px; }
-.ui-icon-arrow-2-e-w { background-position: -160px -32px; }
-.ui-icon-arrow-2-se-nw { background-position: -176px -32px; }
-.ui-icon-arrowstop-1-n { background-position: -192px -32px; }
-.ui-icon-arrowstop-1-e { background-position: -208px -32px; }
-.ui-icon-arrowstop-1-s { background-position: -224px -32px; }
-.ui-icon-arrowstop-1-w { background-position: -240px -32px; }
-.ui-icon-arrowthick-1-n { background-position: 0 -48px; }
-.ui-icon-arrowthick-1-ne { background-position: -16px -48px; }
-.ui-icon-arrowthick-1-e { background-position: -32px -48px; }
-.ui-icon-arrowthick-1-se { background-position: -48px -48px; }
-.ui-icon-arrowthick-1-s { background-position: -64px -48px; }
-.ui-icon-arrowthick-1-sw { background-position: -80px -48px; }
-.ui-icon-arrowthick-1-w { background-position: -96px -48px; }
-.ui-icon-arrowthick-1-nw { background-position: -112px -48px; }
-.ui-icon-arrowthick-2-n-s { background-position: -128px -48px; }
-.ui-icon-arrowthick-2-ne-sw { background-position: -144px -48px; }
-.ui-icon-arrowthick-2-e-w { background-position: -160px -48px; }
-.ui-icon-arrowthick-2-se-nw { background-position: -176px -48px; }
-.ui-icon-arrowthickstop-1-n { background-position: -192px -48px; }
-.ui-icon-arrowthickstop-1-e { background-position: -208px -48px; }
-.ui-icon-arrowthickstop-1-s { background-position: -224px -48px; }
-.ui-icon-arrowthickstop-1-w { background-position: -240px -48px; }
-.ui-icon-arrowreturnthick-1-w { background-position: 0 -64px; }
-.ui-icon-arrowreturnthick-1-n { background-position: -16px -64px; }
-.ui-icon-arrowreturnthick-1-e { background-position: -32px -64px; }
-.ui-icon-arrowreturnthick-1-s { background-position: -48px -64px; }
-.ui-icon-arrowreturn-1-w { background-position: -64px -64px; }
-.ui-icon-arrowreturn-1-n { background-position: -80px -64px; }
-.ui-icon-arrowreturn-1-e { background-position: -96px -64px; }
-.ui-icon-arrowreturn-1-s { background-position: -112px -64px; }
-.ui-icon-arrowrefresh-1-w { background-position: -128px -64px; }
-.ui-icon-arrowrefresh-1-n { background-position: -144px -64px; }
-.ui-icon-arrowrefresh-1-e { background-position: -160px -64px; }
-.ui-icon-arrowrefresh-1-s { background-position: -176px -64px; }
-.ui-icon-arrow-4 { background-position: 0 -80px; }
-.ui-icon-arrow-4-diag { background-position: -16px -80px; }
-.ui-icon-extlink { background-position: -32px -80px; }
-.ui-icon-newwin { background-position: -48px -80px; }
-.ui-icon-refresh { background-position: -64px -80px; }
-.ui-icon-shuffle { background-position: -80px -80px; }
-.ui-icon-transfer-e-w { background-position: -96px -80px; }
-.ui-icon-transferthick-e-w { background-position: -112px -80px; }
-.ui-icon-folder-collapsed { background-position: 0 -96px; }
-.ui-icon-folder-open { background-position: -16px -96px; }
-.ui-icon-document { background-position: -32px -96px; }
-.ui-icon-document-b { background-position: -48px -96px; }
-.ui-icon-note { background-position: -64px -96px; }
-.ui-icon-mail-closed { background-position: -80px -96px; }
-.ui-icon-mail-open { background-position: -96px -96px; }
-.ui-icon-suitcase { background-position: -112px -96px; }
-.ui-icon-comment { background-position: -128px -96px; }
-.ui-icon-person { background-position: -144px -96px; }
-.ui-icon-print { background-position: -160px -96px; }
-.ui-icon-trash { background-position: -176px -96px; }
-.ui-icon-locked { background-position: -192px -96px; }
-.ui-icon-unlocked { background-position: -208px -96px; }
-.ui-icon-bookmark { background-position: -224px -96px; }
-.ui-icon-tag { background-position: -240px -96px; }
-.ui-icon-home { background-position: 0 -112px; }
-.ui-icon-flag { background-position: -16px -112px; }
-.ui-icon-calendar { background-position: -32px -112px; }
-.ui-icon-cart { background-position: -48px -112px; }
-.ui-icon-pencil { background-position: -64px -112px; }
-.ui-icon-clock { background-position: -80px -112px; }
-.ui-icon-disk { background-position: -96px -112px; }
-.ui-icon-calculator { background-position: -112px -112px; }
-.ui-icon-zoomin { background-position: -128px -112px; }
-.ui-icon-zoomout { background-position: -144px -112px; }
-.ui-icon-search { background-position: -160px -112px; }
-.ui-icon-wrench { background-position: -176px -112px; }
-.ui-icon-gear { background-position: -192px -112px; }
-.ui-icon-heart { background-position: -208px -112px; }
-.ui-icon-star { background-position: -224px -112px; }
-.ui-icon-link { background-position: -240px -112px; }
-.ui-icon-cancel { background-position: 0 -128px; }
-.ui-icon-plus { background-position: -16px -128px; }
-.ui-icon-plusthick { background-position: -32px -128px; }
-.ui-icon-minus { background-position: -48px -128px; }
-.ui-icon-minusthick { background-position: -64px -128px; }
-.ui-icon-close { background-position: -80px -128px; }
-.ui-icon-closethick { background-position: -96px -128px; }
-.ui-icon-key { background-position: -112px -128px; }
-.ui-icon-lightbulb { background-position: -128px -128px; }
-.ui-icon-scissors { background-position: -144px -128px; }
-.ui-icon-clipboard { background-position: -160px -128px; }
-.ui-icon-copy { background-position: -176px -128px; }
-.ui-icon-contact { background-position: -192px -128px; }
-.ui-icon-image { background-position: -208px -128px; }
-.ui-icon-video { background-position: -224px -128px; }
-.ui-icon-script { background-position: -240px -128px; }
-.ui-icon-alert { background-position: 0 -144px; }
-.ui-icon-info { background-position: -16px -144px; }
-.ui-icon-notice { background-position: -32px -144px; }
-.ui-icon-help { background-position: -48px -144px; }
-.ui-icon-check { background-position: -64px -144px; }
-.ui-icon-bullet { background-position: -80px -144px; }
-.ui-icon-radio-off { background-position: -96px -144px; }
-.ui-icon-radio-on { background-position: -112px -144px; }
-.ui-icon-pin-w { background-position: -128px -144px; }
-.ui-icon-pin-s { background-position: -144px -144px; }
-.ui-icon-play { background-position: 0 -160px; }
-.ui-icon-pause { background-position: -16px -160px; }
-.ui-icon-seek-next { background-position: -32px -160px; }
-.ui-icon-seek-prev { background-position: -48px -160px; }
-.ui-icon-seek-end { background-position: -64px -160px; }
-.ui-icon-seek-start { background-position: -80px -160px; }
-/* ui-icon-seek-first is deprecated, use ui-icon-seek-start instead */
-.ui-icon-seek-first { background-position: -80px -160px; }
-.ui-icon-stop { background-position: -96px -160px; }
-.ui-icon-eject { background-position: -112px -160px; }
-.ui-icon-volume-off { background-position: -128px -160px; }
-.ui-icon-volume-on { background-position: -144px -160px; }
-.ui-icon-power { background-position: 0 -176px; }
-.ui-icon-signal-diag { background-position: -16px -176px; }
-.ui-icon-signal { background-position: -32px -176px; }
-.ui-icon-battery-0 { background-position: -48px -176px; }
-.ui-icon-battery-1 { background-position: -64px -176px; }
-.ui-icon-battery-2 { background-position: -80px -176px; }
-.ui-icon-battery-3 { background-position: -96px -176px; }
-.ui-icon-circle-plus { background-position: 0 -192px; }
-.ui-icon-circle-minus { background-position: -16px -192px; }
-.ui-icon-circle-close { background-position: -32px -192px; }
-.ui-icon-circle-triangle-e { background-position: -48px -192px; }
-.ui-icon-circle-triangle-s { background-position: -64px -192px; }
-.ui-icon-circle-triangle-w { background-position: -80px -192px; }
-.ui-icon-circle-triangle-n { background-position: -96px -192px; }
-.ui-icon-circle-arrow-e { background-position: -112px -192px; }
-.ui-icon-circle-arrow-s { background-position: -128px -192px; }
-.ui-icon-circle-arrow-w { background-position: -144px -192px; }
-.ui-icon-circle-arrow-n { background-position: -160px -192px; }
-.ui-icon-circle-zoomin { background-position: -176px -192px; }
-.ui-icon-circle-zoomout { background-position: -192px -192px; }
-.ui-icon-circle-check { background-position: -208px -192px; }
-.ui-icon-circlesmall-plus { background-position: 0 -208px; }
-.ui-icon-circlesmall-minus { background-position: -16px -208px; }
-.ui-icon-circlesmall-close { background-position: -32px -208px; }
-.ui-icon-squaresmall-plus { background-position: -48px -208px; }
-.ui-icon-squaresmall-minus { background-position: -64px -208px; }
-.ui-icon-squaresmall-close { background-position: -80px -208px; }
-.ui-icon-grip-dotted-vertical { background-position: 0 -224px; }
-.ui-icon-grip-dotted-horizontal { background-position: -16px -224px; }
-.ui-icon-grip-solid-vertical { background-position: -32px -224px; }
-.ui-icon-grip-solid-horizontal { background-position: -48px -224px; }
-.ui-icon-gripsmall-diagonal-se { background-position: -64px -224px; }
-.ui-icon-grip-diagonal-se { background-position: -80px -224px; }
-
-
-/* Misc visuals
----------------------------------*/
-
-/* Corner radius */
-.ui-corner-all, .ui-corner-top, .ui-corner-left, .ui-corner-tl { -moz-border-radius-topleft: 4px/*{cornerRadius}*/; -webkit-border-top-left-radius: 4px/*{cornerRadius}*/; -khtml-border-top-left-radius: 4px/*{cornerRadius}*/; border-top-left-radius: 4px/*{cornerRadius}*/; }
-.ui-corner-all, .ui-corner-top, .ui-corner-right, .ui-corner-tr { -moz-border-radius-topright: 4px/*{cornerRadius}*/; -webkit-border-top-right-radius: 4px/*{cornerRadius}*/; -khtml-border-top-right-radius: 4px/*{cornerRadius}*/; border-top-right-radius: 4px/*{cornerRadius}*/; }
-.ui-corner-all, .ui-corner-bottom, .ui-corner-left, .ui-corner-bl { -moz-border-radius-bottomleft: 4px/*{cornerRadius}*/; -webkit-border-bottom-left-radius: 4px/*{cornerRadius}*/; -khtml-border-bottom-left-radius: 4px/*{cornerRadius}*/; border-bottom-left-radius: 4px/*{cornerRadius}*/; }
-.ui-corner-all, .ui-corner-bottom, .ui-corner-right, .ui-corner-br { -moz-border-radius-bottomright: 4px/*{cornerRadius}*/; -webkit-border-bottom-right-radius: 4px/*{cornerRadius}*/; -khtml-border-bottom-right-radius: 4px/*{cornerRadius}*/; border-bottom-right-radius: 4px/*{cornerRadius}*/; }
-
-/* Overlays */
-.ui-widget-overlay { background: #aaaaaa/*{bgColorOverlay}*/ url(images/ui-bg_flat_0_aaaaaa_40x100.png)/*{bgImgUrlOverlay}*/ 50%/*{bgOverlayXPos}*/ 50%/*{bgOverlayYPos}*/ repeat-x/*{bgOverlayRepeat}*/; opacity: .3;filter:Alpha(Opacity=30)/*{opacityOverlay}*/; }
-.ui-widget-shadow { margin: -8px/*{offsetTopShadow}*/ 0 0 -8px/*{offsetLeftShadow}*/; padding: 8px/*{thicknessShadow}*/; background: #aaaaaa/*{bgColorShadow}*/ url(images/ui-bg_flat_0_aaaaaa_40x100.png)/*{bgImgUrlShadow}*/ 50%/*{bgShadowXPos}*/ 50%/*{bgShadowYPos}*/ repeat-x/*{bgShadowRepeat}*/; opacity: .3;filter:Alpha(Opacity=30)/*{opacityShadow}*/; -moz-border-radius: 8px/*{cornerRadiusShadow}*/; -khtml-border-radius: 8px/*{cornerRadiusShadow}*/; -webkit-border-radius: 8px/*{cornerRadiusShadow}*/; border-radius: 8px/*{cornerRadiusShadow}*/; }
--- a/customer_aps.php
+++ b/customer_aps.php
@@ -1,34 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Panel
- *
- */
-
-// Required code
-
-define('AREA', 'customer');
-require ("./lib/init.php");
-$Id = 0;
-
-if(isset($_GET['id']))$Id = (int)$_GET['id'];
-
-if(isset($_POST['id']))$Id = (int)$_POST['id'];
-eval("echo \"" . getTemplate("aps/header") . "\";");
-$Aps = new ApsParser($userinfo, $settings, $db);
-$Aps->MainHandler($action);
-eval("echo \"" . getTemplate("aps/footer") . "\";");
-
-?>
--- a/customer_autoresponder.php
+++ b/customer_autoresponder.php
@@ -1,318 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Panel
- *
- */
-
-// Required code
-
-define('AREA', 'customer');
-require ("./lib/init.php");
-
-// Create new autoresponder
-
-if($action == "add")
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
-		$account = trim($_POST['account']);
-		$subject = trim($_POST['subject']);
-		$message = trim($_POST['message']);
-
-		$date_from_off = isset($_POST['date_from_off']) ? -1 : 0;
-		$date_until_off = isset($_POST['date_until_off']) ? -1 : 0;
-
-		/*
-		 * @TODO validate date (DD-MM-YYYY)
-		 */
-		$ts_from = -1;
-		$ts_until = -1;
-
-		if($date_from_off > -1)
-		{
-			$date_from = $_POST['date_from'];
-			$ts_from = mktime(0, 0, 0, substr($date_from, 3, 2), substr($date_from, 0, 2), substr($date_from, 6, 4));
-		}
-		if($date_until_off > -1)
-		{
-			$date_until = $_POST['date_until'];
-			$ts_until = mktime(0, 0, 0, substr($date_until, 3, 2), substr($date_until, 0, 2), substr($date_until, 6, 4));
-		}
-
-		if(empty($account)
-		   || empty($subject)
-		   || empty($message))
-		{
-			standard_error('missingfields');
-		}
-
-		// Does account exist?
-
-		$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
-
-		if($db->num_rows($result) == 0)
-		{
-			standard_error('accountnotexisting');
-		}
-
-		// Does autoresponder exist?
-
-		$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
-
-		if($db->num_rows($result) == 1)
-		{
-			standard_error('autoresponderalreadyexists');
-		}
-
-		$db->query("INSERT INTO `" . TABLE_MAIL_AUTORESPONDER . "`
-			SET `email` = '" . $db->escape($account) . "',
-			`message` = '" . $db->escape($message) . "',
-			`enabled` = '" . (int)$_POST['active'] . "',
-			`date_from` = '" . (int)$ts_from . "',
-			`date_until` = '" . (int)$ts_until . "',
-			`subject` = '" . $db->escape($subject) . "',
-			`customerid` = '" . $db->escape((int)$userinfo['customerid']) . "'
-			");
-		$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_autoresponder_used` = `email_autoresponder_used` + 1 WHERE `customerid` = '" . $db->escape((int)$userinfo['customerid']). "'");
-		redirectTo($filename, Array('s' => $s));
-	}
-
-	// Get accounts
-
-	$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` NOT IN (SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "`) ORDER BY email ASC");
-
-	if($db->num_rows($result) == 0)
-	{
-		standard_error('noemailaccount');
-	}
-
-	$accounts = '';
-
-	while($row = $db->fetch_array($result))
-	{
-		$accounts.= "<option value=\"" . $row['email'] . "\">" . $row['email'] . "</option>";
-	}
-
-	$date_from_off = makecheckbox('date_from_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
-	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
-
-	//$isactive = makeyesno('active', '1', '0', '1');
-
-	$autoresponder_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/autoresponder/formfield.autoresponder_add.php';
-	$autoresponder_add_form = htmlform::genHTMLForm($autoresponder_add_data);
-
-	$title = $autoresponder_add_data['autoresponder_add']['title'];
-	$image = $autoresponder_add_data['autoresponder_add']['image'];
-
-	eval("echo \"" . getTemplate("autoresponder/autoresponder_add") . "\";");
-}
-
-// Edit autoresponder
-
-else
-
-if($action == "edit")
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
-		$account = trim($_POST['account']);
-		$subject = trim($_POST['subject']);
-		$message = trim($_POST['message']);
-
-		$date_from_off = isset($_POST['date_from_off']) ? -1 : 0;
-		$date_until_off = isset($_POST['date_until_off']) ? -1 : 0;
-
-		/*
-		 * @TODO validate date (DD-MM-YYYY)
-		 */
-		$ts_from = -1;
-		$ts_until = -1;
-
-		if($date_from_off > -1)
-		{
-			$date_from = $_POST['date_from'];
-			$ts_from = mktime(0, 0, 0, substr($date_from, 3, 2), substr($date_from, 0, 2), substr($date_from, 6, 4));
-		}
-		if($date_until_off > -1)
-		{
-			$date_until = $_POST['date_until'];
-			$ts_until = mktime(0, 0, 0, substr($date_until, 3, 2), substr($date_until, 0, 2), substr($date_until, 6, 4));
-		}
-
-		if(empty($account)
-		   || empty($subject)
-		   || empty($message))
-		{
-			standard_error('missingfields');
-		}
-
-		// Does account exist?
-
-		$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
-
-		if($db->num_rows($result) == 0)
-		{
-			standard_error('accountnotexisting');
-		}
-
-		// Does autoresponder exist?
-
-		$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
-
-		if($db->num_rows($result) == 0)
-		{
-			standard_error('invalidautoresponder');
-		}
-
-		$ResponderActive = 0;
-
-		if(isset($_POST['active'])
-		   && $_POST['active'] == '1')
-		{
-			$ResponderActive = 1;
-		}
-
-		$db->query("UPDATE `" . TABLE_MAIL_AUTORESPONDER . "`
-			SET `message` = '" . $db->escape($message) . "',
-			`enabled` = '" . (int)$ResponderActive . "',
-			`date_from` = '" . (int)$ts_from . "',
-			`date_until` = '" . (int)$ts_until . "',
-			`subject` = '" . $db->escape($subject) . "'
-			WHERE `email` = '" . $db->escape($account) . "'
-			AND `customerid` = '" . $db->escape((int)$userinfo['customerid']) . "'
-			");
-		redirectTo($filename, Array('s' => $s));
-	}
-
-	$email = trim(htmlspecialchars($_GET['email']));
-
-	// Get account data
-
-	$result = $db->query("SELECT * FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($email) . "' LIMIT 0,1");
-
-	if($db->num_rows($result) == 0)
-	{
-		standard_error('invalidautoresponder');
-	}
-
-	$row = $db->fetch_array($result);
-	$subject = htmlspecialchars($row['subject']);
-	$message = htmlspecialchars($row['message']);
-
-	$date_from = (int)$row['date_from'];
-	$date_until = (int)$row['date_until'];
-
-	if($date_from == -1)
-	{
-		$deactivated = '-1';
-		$date_from = '';
-	}
-	else
-	{
-		$deactivated = '0';
-		$date_from = date('d-m-Y', $date_from);
-	}
-	$date_from_off = makecheckbox('date_from_off', $lng['panel']['not_activated'], '-1', false, $deactivated, true, true);
-
-	if($date_until == -1)
-	{
-		$deactivated = '-1';
-		$date_until = '';
-	}
-	else
-	{
-		$deactivated = '0';
-		$date_until = date('d-m-Y', $date_until);
-	}
-	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, $deactivated, true, true);
-
-	//$isactive = makeyesno('active', '1', '0', $row['enabled']);
-
-	$autoresponder_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/autoresponder/formfield.autoresponder_edit.php';
-	$autoresponder_edit_form = htmlform::genHTMLForm($autoresponder_edit_data);
-
-	$title = $autoresponder_edit_data['autoresponder_edit']['title'];
-	$image = $autoresponder_edit_data['autoresponder_edit']['image'];
-
-	eval("echo \"" . getTemplate("autoresponder/autoresponder_edit") . "\";");
-}
-
-// Delete autoresponder
-
-else
-
-if($action == "delete")
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
-		$account = trim($_POST['account']);
-
-		// Does autoresponder exist?
-
-		$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
-
-		if($db->num_rows($result) == 0)
-		{
-			standard_error('invalidautoresponder');
-		}
-
-		$db->query("DELETE FROM `" . TABLE_MAIL_AUTORESPONDER . "`
-			WHERE `email` = '" . $db->escape($account) . "'
-			AND `customerid` = '" . $db->escape((int)$userinfo['customerid']) . "'
-			");
-		$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_autoresponder_used` = `email_autoresponder_used` - 1 WHERE `customerid` = '" . $db->escape((int)$userinfo['customerid']). "'");
-		redirectTo($filename, Array('s' => $s));
-	}
-
-	$email = trim(htmlspecialchars($_GET['email']));
-	ask_yesno('autoresponderdelete', $filename, array('action' => $action, 'account' => $email));
-}
-
-// List existing autoresponders
-
-else
-{
-	$autoresponder = '';
-	$count = 0;
-	$result = $db->query("SELECT * FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int)$userinfo['customerid'] . "' ORDER BY email ASC");
-
-	while($row = $db->fetch_array($result))
-	{
-		if($row['date_from'] == -1 && $row['date_until'] == -1)
-		{
-			$activated_date = $lng['panel']['not_activated'];
-		}
-		elseif($row['date_from'] == -1 && $row['date_until'] != -1)
-		{
-			$activated_date = $lng['autoresponder']['date_until'].': '.date('d-m-Y', $row['date_until']);
-		}
-		elseif($row['date_from'] != -1 && $row['date_until'] == -1)
-		{
-			$activated_date = $lng['autoresponder']['date_from'].': '.date('d-m-Y', $row['date_from']);
-		}
-		else
-		{
-			$activated_date = date('d-m-Y', $row['date_from']) . ' - ' . date('d-m-Y', $row['date_until']);
-		}
-		eval("\$autoresponder.=\"" . getTemplate("autoresponder/autoresponder_autoresponder") . "\";");
-		$count++;
-	}
-
-	eval("echo \"" . getTemplate("autoresponder/autoresponder") . "\";");
-}
--- a/customer_domains.php
+++ b/customer_domains.php
--- a/customer_email.php
+++ b/customer_email.php
--- a/customer_extras.php
+++ b/customer_extras.php
@@ -16,65 +16,32 @@
 * @package    Panel
 *
 */
-
 define('AREA', 'customer');
+require './lib/init.php';

-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
-
-require ("./lib/init.php");
-
-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif (isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'overview')
-{
+if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras");
 	eval("echo \"" . getTemplate("extras/extras") . "\";");
-}
-elseif($page == 'backup')
-{
-    $log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras_backup");
-
-    $result = $db->query("SELECT `backup_enabled` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
-    $row = $db->fetch_array($result);
-
-    $backup_enabled = makeyesno('backup_enabled', '1', '0', $row['backup_enabled']);
-
-    if(isset($_POST['send']) && $_POST['send'] == 'send'){
-	$backup_enabled = ($_POST['backup_enabled'] == '1' ? '1' : '0');
-	
-        $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `backup_enabled`='" . $backup_enabled . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
-	redirectTo($filename, Array('page' => $page, 's' => $s));
-    }
-
-    $backup_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.backup.php';
-	$backup_form = htmlform::genHTMLForm($backup_data);
-
-	$title = $backup_data['backup']['title'];
-	$image = $backup_data['backup']['image'];
-    
-    eval("echo \"" . getTemplate("extras/backup") . "\";");
-}
-elseif($page == 'htpasswds')
-{
-	if($action == '')
-	{
+} elseif ($page == 'htpasswds') {
+	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras::htpasswds");
 		$fields = array(
 			'username' => $lng['login']['username'],
 			'path' => $lng['panel']['path']
 		);
-		$paging = new paging($userinfo, $db, TABLE_PANEL_HTPASSWDS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result = $db->query("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
-		$paging->setEntries($db->num_rows($result));
+		$paging = new paging($userinfo, TABLE_PANEL_HTPASSWDS, $fields);
+		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "`
+			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		Database::pexecute($result_stmt, array(
+			"customerid" => $userinfo['customerid']
+		));
+		$paging->setEntries(Database::num_rows());
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
@@ -83,110 +50,133 @@ elseif($page == 'htpasswds')
 		$count = 0;
 		$htpasswds = '';

-		while($row = $db->fetch_array($result))
-		{
-			if($paging->checkDisplay($i))
-			{
-				if(strpos($row['path'], $userinfo['documentroot']) === 0)
-				{
-					$row['path'] = substr($row['path'], strlen($userinfo['documentroot']));
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+			if ($paging->checkDisplay($i)) {
+				if (strpos($row['path'], $userinfo['documentroot']) === 0) {
+					$row['path'] = str_replace($userinfo['documentroot'], "/", $row['path']);
 				}
-
+				$row['path'] = makeCorrectDir($row['path']);
 				$row = htmlentities_array($row);
 				eval("\$htpasswds.=\"" . getTemplate("extras/htpasswds_htpasswd") . "\";");
-				$count++;
+				$count ++;
 			}

-			$i++;
+			$i ++;
 		}

 		eval("echo \"" . getTemplate("extras/htpasswds") . "\";");
-	}
-	elseif($action == 'delete'
-	       && $id != 0)
-	{
-		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+	} elseif ($action == 'delete' && $id != 0) {
+		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "`
+			WHERE `customerid`= :customerid
+			AND `id`= :id");
+		Database::pexecute($result_stmt, array(
+			"customerid" => $userinfo['customerid'],
+			"id" => $id
+		));
+		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+
+		if (isset($result['username']) && $result['username'] != '') {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_HTPASSWDS . "`
+					WHERE `customerid`= :customerid
+					AND `id`= :id");
+				Database::pexecute($stmt, array(
+					"customerid" => $userinfo['customerid'],
+					"id" => $id
+				));

-		if(isset($result['username'])
-		   && $result['username'] != '')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
-				$db->query("DELETE FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='$id'");
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted htpasswd for '" . $result['username'] . " (" . $result['path'] . ")'");
 				inserttask('1');
-				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
-				if(strpos($result['path'], $userinfo['documentroot']) === 0)
-				{
-					$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
+			} else {
+				if (strpos($result['path'], $userinfo['documentroot']) === 0) {
+					$result['path'] = str_replace($userinfo['documentroot'], "/", $result['path']);
 				}

-				ask_yesno('extras_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username'] . ' (' . $result['path'] . ')');
+				ask_yesno('extras_reallydelete', $filename, array(
+					'id' => $id,
+					'page' => $page,
+					'action' => $action
+				), $result['username'] . ' (' . $result['path'] . ')');
 			}
 		}
-	}
-	elseif($action == 'add')
-	{
-		if(isset($_POST['send'])
-		   && $_POST['send'] == 'send')
-		{
+	} elseif ($action == 'add') {
+		if (isset($_POST['send']) && $_POST['send'] == 'send') {
 			$path = makeCorrectDir(validate($_POST['path'], 'path'));
 			$userpath = $path;
 			$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
 			$username = validate($_POST['username'], 'username', '/^[a-zA-Z0-9][a-zA-Z0-9\-_]+\$?$/');
 			$authname = validate($_POST['directory_authname'], 'directory_authname', '/^[a-zA-Z0-9][a-zA-Z0-9\-_ ]+\$?$/');
 			validate($_POST['directory_password'], 'password');
-			$username_path_check = $db->query_first("SELECT `id`, `username`, `path` FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `username`='" . $db->escape($username) . "' AND `path`='" . $db->escape($path) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");

-			if(CRYPT_STD_DES == 1)
-			{
+			$username_path_check_stmt = Database::prepare("SELECT `id`, `username`, `path` FROM `" . TABLE_PANEL_HTPASSWDS . "`
+				WHERE `username`= :username
+				AND `path`= :path
+				AND `customerid`= :customerid");
+			$params = array(
+				"username" => $username,
+				"path" => $path,
+				"customerid" => $userinfo['customerid']
+			);
+			Database::pexecute($username_path_check_stmt, $params);
+			$username_path_check = $username_path_check_stmt->fetch(PDO::FETCH_ASSOC);
+
+			if (CRYPT_STD_DES == 1) {
 				$saltfordescrypt = substr(md5(uniqid(microtime(), 1)), 4, 2);
 				$password = crypt($_POST['directory_password'], $saltfordescrypt);
-			}
-			else
-			{
+			} else {
 				$password = crypt($_POST['directory_password']);
 			}

-			if(!$_POST['path'])
-			{
+			if (! $_POST['path']) {
 				standard_error('invalidpath');
 			}

-			if($username == '')
-			{
-				standard_error(array('stringisempty', 'myloginname'));
-			}
-			elseif($username_path_check['username'] == $username
-			       && $username_path_check['path'] == $path)
-			{
+			if ($username == '') {
+				standard_error(array(
+					'stringisempty',
+					'myloginname'
+				));
+			} elseif ($username_path_check['username'] == $username && $username_path_check['path'] == $path) {
 				standard_error('userpathcombinationdupe');
-			}
-			elseif($_POST['directory_password'] == '')
-			{
-				standard_error(array('stringisempty', 'mypassword'));
-			}
-			elseif($path == '')
-			{
+			} elseif ($_POST['directory_password'] == '') {
+				standard_error(array(
+					'stringisempty',
+					'mypassword'
+				));
+			} elseif ($path == '') {
 				standard_error('patherror');
-			}
-			else
-			{
-				$db->query("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` (`customerid`, `username`, `password`, `path`, `authname`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', '" . $db->escape($password) . "', '" . $db->escape($path) . "', '" . $db->escape($authname) . "')");
+			} elseif ($_POST['directory_password'] == $username) {
+				standard_error('passwordshouldnotbeusername');
+			} else {
+				$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` SET
+					`customerid` = :customerid,
+					`username` = :username,
+					`password` = :password,
+					`path` = :path,
+					`authname` = :authname");
+				$params = array(
+					"customerid" => $userinfo['customerid'],
+					"username" => $username,
+					"password" => $password,
+					"path" => $path,
+					"authname" => $authname
+				);
+				Database::pexecute($stmt, $params);
 				$log->logAction(USR_ACTION, LOG_INFO, "added htpasswd for '" . $username . " (" . $path . ")'");
 				inserttask('1');
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
 			}
-		}
-		else
-		{
-			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+		} else {
+			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);

-			$htpasswd_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htpasswd_add.php';
+			$htpasswd_add_data = include_once dirname(__FILE__) . '/lib/formfields/customer/extras/formfield.htpasswd_add.php';
 			$htpasswd_add_form = htmlform::genHTMLForm($htpasswd_add_data);

 			$title = $htpasswd_add_data['htpasswd_add']['title'];
@@ -194,65 +184,74 @@ elseif($page == 'htpasswds')

 			eval("echo \"" . getTemplate("extras/htpasswds_add") . "\";");
 		}
-	}
-	elseif($action == 'edit'
-	       && $id != 0)
-	{
-		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+	} elseif ($action == 'edit' && $id != 0) {
+		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "`
+			WHERE `customerid`= :customerid
+			AND `id`= :id");
+		Database::pexecute($result_stmt, array(
+			"customerid" => $userinfo['customerid'],
+			"id" => $id
+		));
+		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);

-		if(isset($result['username'])
-		   && $result['username'] != '')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+		if (isset($result['username']) && $result['username'] != '') {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				validate($_POST['directory_password'], 'password');
 				$authname = validate($_POST['directory_authname'], 'directory_authname', '/^[a-zA-Z0-9][a-zA-Z0-9\-_ ]+\$?$/');

-				if(CRYPT_STD_DES == 1)
-				{
+				if (CRYPT_STD_DES == 1) {
 					$saltfordescrypt = substr(md5(uniqid(microtime(), 1)), 4, 2);
 					$password = crypt($_POST['directory_password'], $saltfordescrypt);
-				}
-				else
-				{
+				} else {
 					$password = crypt($_POST['directory_password']);
 				}

-				$pwd_sql = '';
-				if($_POST['directory_password'] != '')
-				{
-					$pwd_sql = "`password`='" . $db->escape($password) . "' ";
-				}
-				
-				$auth_sql = '';
-				if($authname != $result['authname'])
-				{
-					$auth_sql = "`authname`='" . $db->escape($authname) . "' ";
+				if ($_POST['directory_password'] == $result['username']) {
+					standard_error('passwordshouldnotbeusername');
 				}

-				if($pwd_sql != '' || $auth_sql != '')
-				{
-					if($pwd_sql !='' && $auth_sql != '') {
-						$pwd_sql.= ', ';
+				$params = array(
+					"customerid" => $userinfo['customerid'],
+					"id" => $id
+				);
+
+				$pwd_sql = '';
+				if ($_POST['directory_password'] != '') {
+					$pwd_sql = "`password`= :password ";
+					$params["password"] = $password;
+				}
+
+				$auth_sql = '';
+				if ($authname != $result['authname']) {
+					$auth_sql = "`authname`= :authname ";
+					$params["authname"] = $authname;
+				}
+
+				if ($pwd_sql != '' || $auth_sql != '') {
+					if ($pwd_sql != '' && $auth_sql != '') {
+						$pwd_sql .= ', ';
 					}

-					$db->query("UPDATE `" . TABLE_PANEL_HTPASSWDS . "` SET ".$pwd_sql.$auth_sql." WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+					$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_HTPASSWDS . "`
+						SET " . $pwd_sql . $auth_sql . "
+						WHERE `customerid`= :customerid
+						AND `id`= :id");
+					Database::pexecute($stmt, $params);
 					$log->logAction(USR_ACTION, LOG_INFO, "edited htpasswd for '" . $result['username'] . " (" . $result['path'] . ")'");
 					inserttask('1');
-					redirectTo($filename, Array('page' => $page, 's' => $s));
+					redirectTo($filename, array(
+						'page' => $page,
+						's' => $s
+					));
 				}
-			}
-			else
-			{
-				if(strpos($result['path'], $userinfo['documentroot']) === 0)
-				{
-					$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
+			} else {
+				if (strpos($result['path'], $userinfo['documentroot']) === 0) {
+					$result['path'] = str_replace($userinfo['documentroot'], "/", $result['path']);
 				}

 				$result = htmlentities_array($result);

-				$htpasswd_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htpasswd_edit.php';
+				$htpasswd_edit_data = include_once dirname(__FILE__) . '/lib/formfields/customer/extras/formfield.htpasswd_edit.php';
 				$htpasswd_edit_form = htmlform::genHTMLForm($htpasswd_edit_data);

 				$title = $htpasswd_edit_data['htpasswd_edit']['title'];
@@ -262,11 +261,8 @@ elseif($page == 'htpasswds')
 			}
 		}
 	}
-}
-elseif($page == 'htaccess')
-{
-	if($action == '')
-	{
+} elseif ($page == 'htaccess') {
+	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras::htaccess");
 		$fields = array(
 			'path' => $lng['panel']['path'],
@@ -276,9 +272,13 @@ elseif($page == 'htaccess')
 			'error500path' => $lng['extras']['error500path'],
 			'options_cgi' => $lng['extras']['execute_perl']
 		);
-		$paging = new paging($userinfo, $db, TABLE_PANEL_HTACCESS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result = $db->query("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
-		$paging->setEntries($db->num_rows($result));
+		$paging = new paging($userinfo, TABLE_PANEL_HTACCESS, $fields);
+		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "`
+			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		Database::pexecute($result_stmt, array(
+			"customerid" => $userinfo['customerid']
+		));
+		$paging->setEntries(Database::num_rows());
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
@@ -289,126 +289,149 @@ elseif($page == 'htaccess')

 		$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);

-		while($row = $db->fetch_array($result))
-		{
-			if($paging->checkDisplay($i))
-			{
-				if(strpos($row['path'], $userinfo['documentroot']) === 0)
-				{
-					$row['path'] = substr($row['path'], strlen($userinfo['documentroot']));
-					// don't show nothing wehn it's the docroot, show slash
-					if ($row['path'] == '') { $row['path'] = '/'; }
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+			if ($paging->checkDisplay($i)) {
+				if (strpos($row['path'], $userinfo['documentroot']) === 0) {
+					$row['path'] = str_replace($userinfo['documentroot'], "/", $row['path']);
 				}
-
+				$row['path'] = makeCorrectDir($row['path']);
 				$row['options_indexes'] = str_replace('1', $lng['panel']['yes'], $row['options_indexes']);
 				$row['options_indexes'] = str_replace('0', $lng['panel']['no'], $row['options_indexes']);
 				$row['options_cgi'] = str_replace('1', $lng['panel']['yes'], $row['options_cgi']);
 				$row['options_cgi'] = str_replace('0', $lng['panel']['no'], $row['options_cgi']);
 				$row = htmlentities_array($row);
 				eval("\$htaccess.=\"" . getTemplate("extras/htaccess_htaccess") . "\";");
-				$count++;
+				$count ++;
 			}

-			$i++;
+			$i ++;
 		}

 		eval("echo \"" . getTemplate("extras/htaccess") . "\";");
-	}
-	elseif($action == 'delete'
-	       && $id != 0)
-	{
-		$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+	} elseif ($action == 'delete' && $id != 0) {
+		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "`
+			WHERE `customerid` = :customerid
+			AND `id` = :id");
+		Database::pexecute($result_stmt, array(
+			"customerid" => $userinfo['customerid'],
+			"id" => $id
+		));
+		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);

-		if(isset($result['customerid'])
-		   && $result['customerid'] != ''
-		   && $result['customerid'] == $userinfo['customerid'])
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
-				$db->query("DELETE FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
-				$log->logAction(USR_ACTION, LOG_INFO, "deleted htaccess for '" . str_replace($userinfo['documentroot'], '', $result['path']) . "'");
+		if (isset($result['customerid']) && $result['customerid'] != '' && $result['customerid'] == $userinfo['customerid']) {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				// do we have to remove the symlink and folder in suexecpath?
+				if ((int) Settings::Get('perl.suexecworkaround') == 1) {
+					$loginname = getCustomerDetail($result['customerid'], 'loginname');
+					$suexecpath = makeCorrectDir(Settings::Get('perl.suexecpath') . '/' . $loginname . '/' . md5($result['path']) . '/');
+					$perlsymlink = makeCorrectFile($result['path'] . '/cgi-bin');
+					// remove symlink
+					if (file_exists($perlsymlink)) {
+						safe_exec('rm -f ' . escapeshellarg($perlsymlink));
+						$log->logAction(USR_ACTION, LOG_DEBUG, "deleted suexecworkaround symlink '" . $perlsymlink . "'");
+					}
+					// remove folder in suexec-path
+					if (file_exists($suexecpath)) {
+						safe_exec('rm -rf ' . escapeshellarg($suexecpath));
+						$log->logAction(USR_ACTION, LOG_DEBUG, "deleted suexecworkaround path '" . $suexecpath . "'");
+					}
+				}
+				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_HTACCESS . "`
+					WHERE `customerid`= :customerid
+					AND `id`= :id");
+				Database::pexecute($stmt, array(
+					"customerid" => $userinfo['customerid'],
+					"id" => $id
+				));
+				$log->logAction(USR_ACTION, LOG_INFO, "deleted htaccess for '" . str_replace($userinfo['documentroot'], '/', $result['path']) . "'");
 				inserttask('1');
-				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
-				ask_yesno('extras_reallydelete_pathoptions', $filename, array('id' => $id, 'page' => $page, 'action' => $action), str_replace($userinfo['documentroot'], '', $result['path']));
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
+			} else {
+				ask_yesno('extras_reallydelete_pathoptions', $filename, array(
+					'id' => $id,
+					'page' => $page,
+					'action' => $action
+				), str_replace($userinfo['documentroot'], '/', $result['path']));
 			}
 		}
-	}
-	elseif($action == 'add')
-	{
-		if(isset($_POST['send'])
-		   && $_POST['send'] == 'send')
-		{
+	} elseif ($action == 'add') {
+		if (isset($_POST['send']) && $_POST['send'] == 'send') {
 			$path = makeCorrectDir(validate($_POST['path'], 'path'));
 			$userpath = $path;
 			$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
-			$path_dupe_check = $db->query_first("SELECT `id`, `path` FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `path`='" . $db->escape($path) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");
+			$path_dupe_check_stmt = Database::prepare("SELECT `id`, `path` FROM `" . TABLE_PANEL_HTACCESS . "`
+				WHERE `path`= :path
+				AND `customerid`= :customerid");
+			Database::pexecute($path_dupe_check_stmt, array(
+				"path" => $path,
+				"customerid" => $userinfo['customerid']
+			));
+			$path_dupe_check = $path_dupe_check_stmt->fetch(PDO::FETCH_ASSOC);

-			if(!$_POST['path'])
-			{
+			if (! $_POST['path']) {
 				standard_error('invalidpath');
 			}

-			if(isset($_POST['options_cgi'])
-				&& (int)$_POST['options_cgi'] != 0
-			) {
+			if (isset($_POST['options_cgi']) && (int) $_POST['options_cgi'] != 0) {
 				$options_cgi = '1';
-			}
-			else
-			{
+			} else {
 				$options_cgi = '0';
-			} 
+			}

 			$error404path = '';
 			if (isset($_POST['error404path'])) {
 				$error404path = correctErrorDocument($_POST['error404path']);
 			}
+
 			$error403path = '';
 			if (isset($_POST['error403path'])) {
 				$error403path = correctErrorDocument($_POST['error403path']);
 			}
+
 			$error500path = '';
 			if (isset($_POST['error500path'])) {
 				$error500path = correctErrorDocument($_POST['error500path']);
 			}

-			if($path_dupe_check['path'] == $path)
-			{
+			if ($path_dupe_check['path'] == $path) {
 				standard_error('errordocpathdupe', $userpath);
-			}
-			elseif($path == '')
-			{
+			} elseif ($path == '') {
 				standard_error('patherror');
-			}
-			else
-			{
-				$db->query('INSERT INTO `' . TABLE_PANEL_HTACCESS . '` SET
-							`customerid` = "'.(int)$userinfo['customerid'].'",
-							`path` = "'.$db->escape($path).'",
-							`options_indexes` = "'.$db->escape($_POST['options_indexes'] == '1' ? '1' : '0').'",
-							`error404path` = "'.$db->escape($error404path).'",
-							`error403path` = "'.$db->escape($error403path).'",
-							`error500path` = "'.$db->escape($error500path).'",
-							`options_cgi` = "'.$db->escape($options_cgi).'"');
+			} else {
+				$stmt = Database::prepare('INSERT INTO `' . TABLE_PANEL_HTACCESS . '` SET
+					`customerid` = :customerid,
+					`path` = :path,
+					`options_indexes` = :options_indexes,
+					`error404path` = :error404path,
+					`error403path` = :error403path,
+					`error500path` = :error500path,
+					`options_cgi` = :options_cgi');
+				$params = array(
+					"customerid" => $userinfo['customerid'],
+					"path" => $path,
+					"options_indexes" => $_POST['options_indexes'] == '1' ? '1' : '0',
+					"error403path" => $error403path,
+					"error404path" => $error404path,
+					"error500path" => $error500path,
+					"options_cgi" => $options_cgi
+				);
+				Database::pexecute($stmt, $params);

 				$log->logAction(USR_ACTION, LOG_INFO, "added htaccess for '" . $path . "'");
 				inserttask('1');
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
 			}
-		}
-		else
-		{
-			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+		} else {
+			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);
 			$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
-			/*
-			$options_indexes = makeyesno('options_indexes', '1', '0', '0');
-			$options_cgi = makeyesno('options_cgi', '1', '0', '0');
-			*/

-			$htaccess_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htaccess_add.php';
+			$htaccess_add_data = include_once dirname(__FILE__) . '/lib/formfields/customer/extras/formfield.htaccess_add.php';
 			$htaccess_add_form = htmlform::genHTMLForm($htaccess_add_data);

 			$title = $htaccess_add_data['htaccess_add']['title'];
@@ -416,29 +439,26 @@ elseif($page == 'htaccess')

 			eval("echo \"" . getTemplate("extras/htaccess_add") . "\";");
 		}
-	}
-	elseif(($action == 'edit')
-	       && ($id != 0))
-	{
-		$result = $db->query_first('SELECT * FROM `' . TABLE_PANEL_HTACCESS . '` WHERE `customerid` = "' . (int)$userinfo['customerid'] . '"  AND `id`         = "' . (int)$id . '"');
+	} elseif (($action == 'edit') && ($id != 0)) {
+		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "`
+			WHERE `customerid` = :customerid
+			AND `id` = :id");
+		Database::pexecute($result_stmt, array(
+			"customerid" => $userinfo['customerid'],
+			"id" => $id
+		));
+		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);

-		if((isset($result['customerid']))
-		   && ($result['customerid'] != '')
-		   && ($result['customerid'] == $userinfo['customerid']))
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+		if ((isset($result['customerid'])) && ($result['customerid'] != '') && ($result['customerid'] == $userinfo['customerid'])) {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$option_indexes = intval($_POST['options_indexes']);
 				$options_cgi = isset($_POST['options_cgi']) ? intval($_POST['options_cgi']) : 0;

-				if($option_indexes != '1')
-				{
+				if ($option_indexes != '1') {
 					$option_indexes = '0';
 				}

-				if($options_cgi != '1')
-				{
+				if ($options_cgi != '1') {
 					$options_cgi = '0';
 				}

@@ -446,26 +466,36 @@ elseif($page == 'htaccess')
 				$error403path = correctErrorDocument($_POST['error403path']);
 				$error500path = correctErrorDocument($_POST['error500path']);

-				if(($option_indexes != $result['options_indexes'])
-				   || ($error404path != $result['error404path'])
-				   || ($error403path != $result['error403path'])
-				   || ($error500path != $result['error500path'])
-				   || ($options_cgi != $result['options_cgi']))
-				{
+				if (($option_indexes != $result['options_indexes']) || ($error404path != $result['error404path']) || ($error403path != $result['error403path']) || ($error500path != $result['error500path']) || ($options_cgi != $result['options_cgi'])) {
 					inserttask('1');
-					$db->query('UPDATE `' . TABLE_PANEL_HTACCESS . '` SET `options_indexes` = "' . $db->escape($option_indexes) . '", `error404path`    = "' . $db->escape($error404path) . '",  `error403path`    = "' . $db->escape($error403path) . '",  `error500path`    = "' . $db->escape($error500path) . '", `options_cgi` = "' . $db->escape($options_cgi) . '" WHERE `customerid` = "' . (int)$userinfo['customerid'] . '"  AND `id` = "' . (int)$id . '"');
-					$log->logAction(USR_ACTION, LOG_INFO, "edited htaccess for '" . str_replace($userinfo['documentroot'], '', $result['path']) . "'");
+					$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_HTACCESS . "`
+						SET `options_indexes` = :options_indexes,
+						`error404path` = :error404path,
+						`error403path` = :error403path,
+						`error500path` = :error500path,
+						`options_cgi` = :options_cgi
+						WHERE `customerid` = :customerid
+						AND `id` = :id");
+					$params = array(
+						"customerid" => $userinfo['customerid'],
+						"options_indexes" => $_POST['options_indexes'] == '1' ? '1' : '0',
+						"error403path" => $error403path,
+						"error404path" => $error404path,
+						"error500path" => $error500path,
+						"options_cgi" => $options_cgi,
+						"id" => $id
+					);
+					Database::pexecute($stmt, $params);
+					$log->logAction(USR_ACTION, LOG_INFO, "edited htaccess for '" . str_replace($userinfo['documentroot'], '/', $result['path']) . "'");
 				}

-				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
-				if(strpos($result['path'], $userinfo['documentroot']) === 0)
-				{
-					$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
-					// don't show nothing wehn it's the docroot, show slash
-					if ($result['path'] == '') { $result['path'] = '/'; }
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
+			} else {
+				if (strpos($result['path'], $userinfo['documentroot']) === 0) {
+					$result['path'] = str_replace($userinfo['documentroot'], "/", $result['path']);
 				}

 				$result['error404path'] = $result['error404path'];
@@ -473,14 +503,14 @@ elseif($page == 'htaccess')
 				$result['error500path'] = $result['error500path'];
 				$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
 				/*
-				$options_indexes = makeyesno('options_indexes', '1', '0', $result['options_indexes']);
-				$options_cgi = makeyesno('options_cgi', '1', '0', $result['options_cgi']);
-				*/
+				 * $options_indexes = makeyesno('options_indexes', '1', '0', $result['options_indexes']);
+				 * $options_cgi = makeyesno('options_cgi', '1', '0', $result['options_cgi']);
+				 */
 				$result = htmlentities_array($result);

-				$htaccess_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htaccess_edit.php';
+				$htaccess_edit_data = include_once dirname(__FILE__) . '/lib/formfields/customer/extras/formfield.htaccess_edit.php';
 				$htaccess_edit_form = htmlform::genHTMLForm($htaccess_edit_data);
-	
+
 				$title = $htaccess_edit_data['htaccess_edit']['title'];
 				$image = $htaccess_edit_data['htaccess_edit']['image'];

@@ -488,6 +518,101 @@ elseif($page == 'htaccess')
 			}
 		}
 	}
-}
+} elseif ($page == 'backup') {

-?>
+	if (Settings::Get('system.backupenabled') == 1)
+	{
+		if ($action == 'abort' && isset($_POST['send']) && $_POST['send'] == 'send') {
+			$log->logAction(USR_ACTION, LOG_NOTICE, "customer_extras::backup - aborted scheduled backupjob");
+			$entry = isset($_POST['backup_job_entry']) ? (int)$_POST['backup_job_entry'] : 0;
+			if ($entry > 0) {
+				$del_stmt = Database::prepare("DELETE FROM `".TABLE_PANEL_TASKS."` WHERE `id` = :tid");
+				Database::pexecute($del_stmt, array('tid' => $entry));
+				standard_success('backupaborted');
+			}
+			redirectTo($filename, array('page' => $page, 'action' => '', 's' => $s));
+		}
+		if ($action == '') {
+			$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras::backup");
+
+			// check whether there is a backup-job for this customer
+			$sel_stmt = Database::prepare("SELECT * FROM `".TABLE_PANEL_TASKS."` WHERE `type` = '20'");
+			Database::pexecute($sel_stmt);
+			$existing_backupJob = null;
+			while ($entry = $sel_stmt->fetch())
+			{
+				$data = unserialize($entry['data']);
+				if ($data['customerid'] == $userinfo['customerid']) {
+					$existing_backupJob = $entry;
+					break;
+				}
+			}
+
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+
+				if (! $_POST['path']) {
+					standard_error('invalidpath');
+				}
+
+				$path = makeCorrectDir(validate($_POST['path'], 'path'));
+				$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
+
+				$backup_dbs = isset($_POST['backup_dbs']) ? intval($_POST['backup_dbs']) : 0;
+				$backup_mail = isset($_POST['backup_mail']) ? intval($_POST['backup_mail']) : 0;
+				$backup_web = isset($_POST['backup_web']) ? intval($_POST['backup_web']) : 0;
+
+				if ($backup_dbs != '1') {
+					$backup_dbs = '0';
+				}
+
+				if ($backup_mail != '1') {
+					$backup_mail = '0';
+				}
+
+				if ($backup_web != '1') {
+					$backup_web = '0';
+				}
+
+				$task_data = array(
+					'customerid' => $userinfo['customerid'],
+					'uid' => $userinfo['guid'],
+					'gid' => $userinfo['guid'],
+					'loginname' => $userinfo['loginname'],
+					'destdir' => $path,
+					'backup_dbs' => $backup_dbs,
+					'backup_mail' => $backup_mail,
+					'backup_web' => $backup_web
+				);
+				// schedule backup job
+				inserttask('20', $task_data);
+
+				standard_success('backupscheduled');
+			} else {
+
+				if (!empty($existing_backupJob)) {
+					$action = "abort";
+					$row = unserialize($entry['data']);
+					$row['path'] = makeCorrectDir(str_replace($userinfo['documentroot'], "/", $row['destdir']));
+					$row['backup_web'] = ($row['backup_web'] == '1') ? $lng['panel']['yes'] : $lng['panel']['no'];
+					$row['backup_mail'] = ($row['backup_mail'] == '1') ? $lng['panel']['yes'] : $lng['panel']['no'];
+					$row['backup_dbs'] = ($row['backup_dbs'] == '1') ? $lng['panel']['yes'] : $lng['panel']['no'];
+				}
+				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);
+				$backup_data = include_once dirname(__FILE__) . '/lib/formfields/customer/extras/formfield.backup.php';
+				$backup_form = htmlform::genHTMLForm($backup_data);
+				$title = $backup_data['backup']['title'];
+				$image = $backup_data['backup']['image'];
+
+				if (!empty($existing_backupJob)) {
+					// overwrite backup_form after we took everything from it we needed
+					eval("\$backup_form = \"" . getTemplate("extras/backup_listexisting") . "\";");
+				}
+				eval("echo \"" . getTemplate("extras/backup") . "\";");
+			}
+		}
+	}
+	else
+	{
+		standard_error('backupfunctionnotenabled');
+	}
+}
--- a/customer_ftp.php
+++ b/customer_ftp.php
@@ -18,39 +18,34 @@
 */

 define('AREA', 'customer');
+require './lib/init.php';

-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
-
-require ("./lib/init.php");
-
-if(isset($_POST['id']))
-{
+$id = 0;
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif (isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'overview')
-{
+if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_ftp");
-	eval("echo \"" . getTemplate("ftp/ftp") . "\";");
-}
-elseif($page == 'accounts')
-{
-	if($action == '')
-	{
+	eval("echo \"" . getTemplate('ftp/ftp') . "\";");
+} elseif ($page == 'accounts') {
+	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_ftp::accounts");
 		$fields = array(
 			'username' => $lng['login']['username'],
-			'homedir' => $lng['panel']['path']
+			'homedir' => $lng['panel']['path'],
+			'description' => $lng['panel']['ftpdesc']
 		);
-		$paging = new paging($userinfo, $db, TABLE_FTP_USERS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result = $db->query("SELECT `id`, `username`, `homedir` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . $userinfo['customerid'] . "'  AND `username` NOT LIKE '%_backup'" . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
-		$paging->setEntries($db->num_rows($result));
+		$paging = new paging($userinfo, TABLE_FTP_USERS, $fields);
+
+		$result_stmt = Database::prepare("SELECT `id`, `username`, `description`, `homedir` FROM `" . TABLE_FTP_USERS . "`
+			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
+		);
+		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
+		$ftps_count = Database::num_rows();
+		$paging->setEntries($ftps_count);
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
@@ -59,163 +54,231 @@ elseif($page == 'accounts')
 		$count = 0;
 		$accounts = '';

-		while($row = $db->fetch_array($result))
-		{
-			if($paging->checkDisplay($i))
-			{
-				if(strpos($row['homedir'], $userinfo['documentroot']) === 0)
-				{
-					$row['documentroot'] = substr($row['homedir'], strlen($userinfo['documentroot']));
-				}
-				else
-				{
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+			if ($paging->checkDisplay($i)) {
+				if (strpos($row['homedir'], $userinfo['documentroot']) === 0) {
+					$row['documentroot'] = str_replace($userinfo['documentroot'], "/", $row['homedir']);
+				} else {
 					$row['documentroot'] = $row['homedir'];
 				}

 				$row['documentroot'] = makeCorrectDir($row['documentroot']);
-				
+
 				$row = htmlentities_array($row);
-				eval("\$accounts.=\"" . getTemplate("ftp/accounts_account") . "\";");
+				eval("\$accounts.=\"" . getTemplate('ftp/accounts_account') . "\";");
 				$count++;
 			}

 			$i++;
 		}

-		$ftps_count = $db->num_rows($result);
-		eval("echo \"" . getTemplate("ftp/accounts") . "\";");
-	}
-	elseif($action == 'delete'
-	       && $id != 0)
-	{
-		$result = $db->query_first("SELECT `id`, `username`, `homedir`, `up_count`, `up_bytes`, `down_count`, `down_bytes` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+		eval("echo \"" . getTemplate('ftp/accounts') . "\";");
+	} elseif ($action == 'delete' && $id != 0) {
+		$result_stmt = Database::prepare("SELECT `id`, `username`, `homedir`, `up_count`, `up_bytes`, `down_count`, `down_bytes` FROM `" . TABLE_FTP_USERS . "`
+			WHERE `customerid` = :customerid
+			AND `id` = :id"
+		);
+		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
+		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+
+		if (isset($result['username']) && $result['username'] != $userinfo['loginname']) {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
+					SET `up_count` = `up_count` + :up_count,
+					`up_bytes` = `up_bytes` + :up_bytes,
+					`down_count` = `down_count` + :down_count,
+					`down_bytes` = `down_bytes` + :down_bytes
+					WHERE `username` = :username"
+				);
+				$params = array(
+					"up_count" => $result['up_count'],
+					"up_bytes" => $result['up_bytes'],
+					"down_count" => $result['down_count'],
+					"down_bytes" => $result['down_bytes'],
+					"username" => $userinfo['loginname']
+				);
+				Database::pexecute($stmt, $params);
+
+				$result_stmt = Database::prepare("SELECT `username`, `homedir` FROM `" . TABLE_FTP_USERS . "`
+					WHERE `customerid` = :customerid
+					AND `id` = :id"
+				);
+				Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
+				$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+
+				$stmt = Database::prepare("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = :name");
+				Database::pexecute($stmt, array("name" => $result['username']));
+
+				$stmt = Database::prepare("DELETE FROM `" . TABLE_FTP_USERS . "`
+					WHERE `customerid` = :customerid
+					AND `id` = :id"
+				);
+				Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
+
+				$stmt = Database::prepare("
+					UPDATE `" . TABLE_FTP_GROUPS . "` SET
+					`members` = REPLACE(`members`, :username,'')
+					WHERE `customerid` = :customerid
+				");
+				Database::pexecute($stmt, array("username" => ",".$result['username'], "customerid" => $userinfo['customerid']));

-		if(isset($result['username'])
-		   && $result['username'] != $userinfo['loginname'])
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
-				$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `up_count`=`up_count`+'" . (int)$result['up_count'] . "', `up_bytes`=`up_bytes`+'" . (int)$result['up_bytes'] . "', `down_count`=`down_count`+'" . (int)$result['down_count'] . "', `down_bytes`=`down_bytes`+'" . (int)$result['down_bytes'] . "' WHERE `username`='" . $db->escape($userinfo['loginname']) . "'");
-				$result = $db->query_first("SELECT `username`, `homedir` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
-				$db->query("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = '" . $db->escape($result['username']) . "'");
-				$db->query("DELETE FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted ftp-account '" . $result['username'] . "'");
-				$db->query("UPDATE `" . TABLE_FTP_GROUPS . "` SET `members`=REPLACE(`members`,'," . $db->escape($result['username']) . "','') WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");

-				if($userinfo['ftps_used'] == '1')
-				{
-					$resetaccnumber = " , `ftp_lastaccountnumber`='0'";
-				}
-				else
-				{
-					$resetaccnumber = '';
-				}
+				$resetaccnumber = ($userinfo['ftps_used'] == '1') ? " , `ftp_lastaccountnumber`='0'" : '';

 				// refs #293
-				if(isset($_POST['delete_userfiles'])
-				  && (int)$_POST['delete_userfiles'] == 1)
-				{
+				if (isset($_POST['delete_userfiles']) && (int)$_POST['delete_userfiles'] == 1) {
 					inserttask('8', $userinfo['loginname'], $result['homedir']);
 				}

-				$result = $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `ftps_used`=`ftps_used`-1 $resetaccnumber WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
-				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
+				$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
+					SET `ftps_used` = `ftps_used` - 1 $resetaccnumber
+					WHERE `customerid` = :customerid"
+				);
+				Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
+
+				redirectTo($filename, array('page' => $page, 's' => $s));
+			} else {
 				ask_yesno_withcheckbox('ftp_reallydelete', 'admin_customer_alsoremoveftphomedir', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username']);
 			}
-		}
-		else
-		{
+		} else {
 			standard_error('ftp_cantdeletemainaccount');
 		}
-	}
-	elseif($action == 'add')
-	{
-		if($userinfo['ftps_used'] < $userinfo['ftps']
-		   || $userinfo['ftps'] == '-1')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+	} elseif ($action == 'add') {
+		if ($userinfo['ftps_used'] < $userinfo['ftps'] || $userinfo['ftps'] == '-1') {
+			if (isset($_POST['send'])
+				&& $_POST['send'] == 'send') {
+				$description = validate($_POST['ftp_description'], 'description');
+				// @FIXME use a good path-validating regex here (refs #1231)
 				$path = validate($_POST['path'], 'path');
 				$password = validate($_POST['ftp_password'], 'password');
 				$password = validatePassword($password);

 				$sendinfomail = isset($_POST['sendinfomail']) ? 1 : 0;
-				if($sendinfomail != 1)
-				{
+				if ($sendinfomail != 1) {
 					$sendinfomail = 0;
 				}

-				if($settings['customer']['ftpatdomain'] == '1')
-				{
+				if (Settings::Get('customer.ftpatdomain') == '1') {
 					$ftpusername = validate($_POST['ftp_username'], 'username', '/^[a-zA-Z0-9][a-zA-Z0-9\-_]+\$?$/');
-					if($ftpusername == '')
-					{
+					if ($ftpusername == '') {
 						standard_error(array('stringisempty', 'username'));
 					}
 					$ftpdomain = $idna_convert->encode(validate($_POST['ftp_domain'], 'domain'));
-					$ftpdomain_check = $db->query_first("SELECT `id`, `domain`, `customerid` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain`='" . $db->escape($ftpdomain) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");
-					if($ftpdomain_check['domain'] != $ftpdomain)
-					{
+					$ftpdomain_check_stmt = Database::prepare("SELECT `id`, `domain`, `customerid` FROM `" . TABLE_PANEL_DOMAINS . "`
+						WHERE `domain` = :domain
+						AND `customerid` = :customerid"
+					);
+					Database::pexecute($ftpdomain_check_stmt, array("domain" => $ftpdomain, "customerid" => $userinfo['customerid']));
+					$ftpdomain_check = $ftpdomain_check_stmt->fetch(PDO::FETCH_ASSOC);
+
+					if ($ftpdomain_check['domain'] != $ftpdomain) {
 						standard_error('maindomainnonexist', $domain);
 					}
 					$username = $ftpusername . "@" . $ftpdomain;
+				} else {
+					$username = $userinfo['loginname'] . Settings::Get('customer.ftpprefix') . (intval($userinfo['ftp_lastaccountnumber']) + 1);
 				}
-				else
-				{
-					$username = $userinfo['loginname'] . $settings['customer']['ftpprefix'] . (intval($userinfo['ftp_lastaccountnumber']) + 1);
-				}
-				
-				$username_check = $db->query_first('SELECT * FROM `' . TABLE_FTP_USERS .'` WHERE `username` = \'' . $db->escape($username) . '\'');
-				
-				if(!empty($username_check) && $username_check['username'] = $username)
-				{
+
+				$username_check_stmt = Database::prepare("SELECT * FROM `" . TABLE_FTP_USERS . "`
+					WHERE `username` = :username"
+				);
+				Database::pexecute($username_check_stmt, array("username" => $username));
+				$username_check = $username_check_stmt->fetch(PDO::FETCH_ASSOC);
+
+				if (!empty($username_check) && $username_check['username'] = $username) {
 					standard_error('usernamealreadyexists', $username);
-				}
-				elseif($password == '')
-				{
+				} elseif ($password == '') {
 					standard_error(array('stringisempty', 'mypassword'));
-				}
-				elseif($path == '')
-				{
+				} elseif ($path == '') {
 					standard_error('patherror');
-				}
-				else
-				{
+				} elseif ($username == $password) {
+					standard_error('passwordshouldnotbeusername');
+				} else {
 					$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);

-					$cryptPassword = makeCryptPassword($db->escape($password),1);					
-					$db->query("INSERT INTO `" . TABLE_FTP_USERS . "` (`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', '" . $db->escape($cryptPassword) . "', '" . $db->escape($path) . "', 'y', '" . (int)$userinfo['guid'] . "', '" . (int)$userinfo['guid'] . "')");
-					$result = $db->query("SELECT `bytes_in_used` FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = '" . $userinfo['loginname'] . "'");
-					while($row = $db->fetch_array($result))
-					{
-						$db->query("INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` (`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`) VALUES ('" . $db->escape($username) . "', 'user', '" . $db->escape($row['bytes_in_used']) . "', '0', '0', '0', '0', '0')");
+					$cryptPassword = makeCryptPassword($password);
+
+					$stmt = Database::prepare("INSERT INTO `" . TABLE_FTP_USERS . "`
+						(`customerid`, `username`, `description`, `password`, `homedir`, `login_enabled`, `uid`, `gid`)
+						VALUES (:customerid, :username, :description, :password, :homedir, 'y', :guid, :guid)"
+					);
+					$params = array(
+						"customerid" => $userinfo['customerid'],
+						"username" => $username,
+						"description" => $description,
+						"password" => $cryptPassword,
+						"homedir" => $path,
+						"guid" => $userinfo['guid']
+					);
+					Database::pexecute($stmt, $params);
+
+					$result_stmt = Database::prepare("SELECT `bytes_in_used` FROM `" . TABLE_FTP_QUOTATALLIES . "`
+						WHERE `name` = :name"
+					);
+					Database::pexecute($result_stmt, array("name" => $userinfo['loginname']));
+
+					while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+						$stmt = Database::prepare("INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "`
+							(`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`)
+							VALUES (:name, 'user', :bytes_in_used, '0', '0', '0', '0', '0')"
+						);
+						Database::pexecute($stmt, array("name" => $username, "bytes_in_used" => $row['bytes_in_used']));
 					}
-					$db->query("UPDATE `" . TABLE_FTP_GROUPS . "` SET `members`=CONCAT_WS(',',`members`,'" . $db->escape($username) . "') WHERE `customerid`='" . $userinfo['customerid'] . "' AND `gid`='" . (int)$userinfo['guid'] . "'");
-					$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `ftps_used`=`ftps_used`+1, `ftp_lastaccountnumber`=`ftp_lastaccountnumber`+1 WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
+
+					$stmt = Database::prepare("UPDATE `" . TABLE_FTP_GROUPS . "`
+						SET `members` = CONCAT_WS(',',`members`, :username)
+						WHERE `customerid`= :customerid
+						AND `gid`= :guid"
+					);
+					$params = array(
+						"username" => $username,
+						"customerid" => $userinfo['customerid'],
+						"guid" => $userinfo['guid']
+					);
+					Database::pexecute($stmt, $params);
+
+					$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
+						SET `ftps_used` = `ftps_used` + 1,
+						`ftp_lastaccountnumber` = `ftp_lastaccountnumber` + 1
+						WHERE `customerid` = :customerid"
+					);
+					Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));

 					$log->logAction(USR_ACTION, LOG_INFO, "added ftp-account '" . $username . " (" . $path . ")'");
 					inserttask(5);

-					if($sendinfomail == 1)
-					{
+					if ($sendinfomail == 1) {
 						$replace_arr = array(
-							'CUST_NAME' => getCorrectUserSalutation($userinfo),
+							'SALUTATION' => getCorrectUserSalutation($userinfo),
+							'CUST_NAME' => getCorrectUserSalutation($userinfo), // < keep this for compatibility
 							'USR_NAME' => $username,
 							'USR_PASS' => $password,
-							'USR_PATH' => makeCorrectDir(substr($path, strlen($userinfo['documentroot'])))
+							'USR_PATH' => makeCorrectDir(str_replace($userinfo['documentroot'], "/", $path))
 						);
-						
+
 						$def_language = $userinfo['def_language'];
-						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'new_ftpaccount_by_customer_subject\'');
-						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['ftp_add']['infomail_subject']), $replace_arr));
-						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'new_ftpaccount_by_customer_mailbody\'');
-						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['ftp_add']['infomail_body']['main']), $replace_arr));
-						
+						$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+							WHERE `adminid` = :adminid
+							AND `language` = :lang
+							AND `templategroup`='mails'
+							AND `varname`='new_ftpaccount_by_customer_subject'"
+						);
+						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
+						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_ftpaccount_by_customer']['subject']), $replace_arr));
+
+						$def_language = $userinfo['def_language'];
+						$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+							WHERE `adminid` = :adminid
+							AND `language` = :lang
+							AND `templategroup`='mails'
+							AND `varname`='new_ftpaccount_by_customer_mailbody'"
+						);
+						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
+						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_ftpaccount_by_customer']['mailbody']), $replace_arr));
+
 						$_mailerror = false;
 						try {
 							$mail->Subject = $mail_subject;
@@ -239,31 +302,28 @@ elseif($page == 'accounts')
 						$mail->ClearAddresses();
 					}

-					redirectTo($filename, Array('page' => $page, 's' => $s));
+					redirectTo($filename, array('page' => $page, 's' => $s));
 				}
-			}
-			else
-			{
-				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], '/');
+			} else {
+				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], '/');

-				if($settings['customer']['ftpatdomain'] == '1')
-				{
+				if (Settings::Get('customer.ftpatdomain') == '1') {
 					$domainlist = array();
 					$domains = '';

-					$result_domains = $db->query("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
+					$result_domains_stmt = Database::prepare("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "`
+						WHERE `customerid`= :customerid"
+					);
+					Database::pexecute($result_domains_stmt, array("customerid" => $userinfo['customerid']));

-					while($row_domain = $db->fetch_array($result_domains))
-					{
+					while ($row_domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
 						$domainlist[] =  $row_domain['domain'];
 					}

 					sort($domainlist);

-					if(isset($domainlist[0]) && $domainlist[0] != '')
-					{
-						foreach($domainlist as $dom)
-						{
+					if (isset($domainlist[0]) && $domainlist[0] != '') {
+						foreach ($domainlist as $dom) {
 							$domains .= makeoption($idna_convert->decode($dom), $dom);
 						}
 					}
@@ -277,93 +337,102 @@ elseif($page == 'accounts')
 				$title = $ftp_add_data['ftp_add']['title'];
 				$image = $ftp_add_data['ftp_add']['image'];

-				eval("echo \"" . getTemplate("ftp/accounts_add") . "\";");
+				eval("echo \"" . getTemplate('ftp/accounts_add') . "\";");
 			}
 		}
-	}
-	elseif($action == 'edit'
-	       && $id != 0)
-	{
-		$result = $db->query_first("SELECT `id`, `username`, `homedir`, `uid`, `gid` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
+	} elseif ($action == 'edit' && $id != 0) {
+		$result_stmt = Database::prepare("SELECT `id`, `username`, `description`, `homedir`, `uid`, `gid` FROM `" . TABLE_FTP_USERS . "`
+			WHERE `customerid` = :customerid
+			AND `id` = :id"
+		);
+		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
+		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);

-		if(isset($result['username'])
-		   && $result['username'] != '')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+		if (isset($result['username']) && $result['username'] != '') {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				// @FIXME use a good path-validating regex here (refs #1231)
 				$path = validate($_POST['path'], 'path');
-				
+
 				$_setnewpass = false;
-				if(isset($_POST['ftp_password']) && $_POST['ftp_password'] != '')
-				{
+				if (isset($_POST['ftp_password']) && $_POST['ftp_password'] != '') {
 					$password = validate($_POST['ftp_password'], 'password');
 					$password = validatePassword($password);
 					$_setnewpass = true;
 				}

-				if($_setnewpass)
-				{
-					if($password == '')
-					{
+				if ($_setnewpass) {
+					if ($password == '') {
 						standard_error(array('stringisempty', 'mypassword'));
-						exit;
-					}
-					else
-					{
-						$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account password for '" . $result['username'] . "'");
-						$cryptPassword = makeCryptPassword($db->escape($password),1);
-						$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
-						
-						// also update customers backup user password if password of main ftp user is changed
-						if(!preg_match('/' . $settings['customer']['ftpprefix'] . '/', $result['username'])){
-						    $db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `username`='" . $result['username'] . "_backup'");
-						}
+					} elseif ($result['username'] == $password) {
+						standard_error('passwordshouldnotbeusername');
 					}
+					$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account password for '" . $result['username'] . "'");
+					$cryptPassword = makeCryptPassword($password);
+
+					$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
+						SET `password` = :password
+						WHERE `customerid` = :customerid
+						AND `id` = :id"
+					);
+					Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id, "password" => $cryptPassword));
 				}
-				
-				if($path != '')
-				{
+
+				if ($path != '') {
 					$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
-					
-					if($path != $result['homedir'])
-					{
-						if(!file_exists($path))
-						{
-							mkDirWithCorrectOwnership($userinfo['documentroot'], $path, $result['uid'], $result['gid']);
-							inserttask(5); /* Let the cronjob do the rest */
+
+					if ($path != $result['homedir']) {
+						if (!file_exists($path)) {
+							// it's the task for "new ftp" but that will
+							// create all directories and correct their permissions
+							inserttask(5);
 						}

 						$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account homdir for '" . $result['username'] . "'");
-						$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `homedir`= '" . $db->escape($path) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");						
+
+						$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
+							SET `homedir` = :homedir
+							WHERE `customerid` = :customerid
+							AND `id` = :id"
+						);
+						$params = array(
+							"homedir" => $path,
+							"customerid" => $userinfo['customerid'],
+							"id" => $id
+						);
+						Database::pexecute($stmt, $params);
 					}
 				}

-				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
-				if(strpos($result['homedir'], $userinfo['documentroot']) === 0)
-				{
-					$homedir = substr($result['homedir'], strlen($userinfo['documentroot']));
-				}
-				else
-				{
+				$log->logAction(USR_ACTION, LOG_INFO, "edited ftp-account '" . $result['username'] . "'");
+				$description = validate($_POST['ftp_description'], 'description');
+				$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
+					SET `description` = :desc
+					WHERE `customerid` = :customerid
+					AND `id` = :id"
+				);
+				Database::pexecute($stmt, array("desc" => $description, "customerid" => $userinfo['customerid'], "id" => $id));
+
+				redirectTo($filename, array('page' => $page, 's' => $s));
+			} else {
+				if (strpos($result['homedir'], $userinfo['documentroot']) === 0) {
+					$homedir = str_replace($userinfo['documentroot'], "/", $result['homedir']);
+				} else {
 					$homedir = $result['homedir'];
 				}
 				$homedir = makeCorrectDir($homedir);

-				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $homedir);
+				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $homedir);

-				if($settings['customer']['ftpatdomain'] == '1')
-				{
+				if (Settings::Get('customer.ftpatdomain') == '1') {
 					$domains = '';

-					$result_domains = $db->query("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
+					$result_domains_stmt = Database::prepare("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "`
+						WHERE `customerid` = :customerid"
+					);
+					Database::pexecute($result_domains_stmt, array("customerid" => $userinfo['customerid']));

-					while($row_domain = $db->fetch_array($result_domains))
-					{
-						$domains.= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['domain']);
+					while ($row_domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
+						$domains .= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['domain']);
 					}
 				}

@@ -373,10 +442,8 @@ elseif($page == 'accounts')
 				$title = $ftp_edit_data['ftp_edit']['title'];
 				$image = $ftp_edit_data['ftp_edit']['image'];

-				eval("echo \"" . getTemplate("ftp/accounts_edit") . "\";");
+				eval("echo \"" . getTemplate('ftp/accounts_edit') . "\";");
 			}
 		}
 	}
 }
-
-?>
--- a/customer_index.php
+++ b/customer_index.php
@@ -18,201 +18,296 @@
 */

 define('AREA', 'customer');
+require './lib/init.php';

-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
+if ($action == 'logout') {
+	$log->logAction(USR_ACTION, LOG_NOTICE, 'logged out');

-require ("./lib/init.php");
-
-if($action == 'logout')
-{
-	$log->logAction(USR_ACTION, LOG_NOTICE, "logged out");
-
-	if($settings['session']['allow_multiple_login'] == '1')
-	{
-		$db->query("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = '" . (int)$userinfo['customerid'] . "' AND `adminsession` = '0' AND `hash` = '" . $s . "'");
-	}
-	else
-	{
-		$db->query("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = '" . (int)$userinfo['customerid'] . "' AND `adminsession` = '0'");
+	$params = array("customerid" => $userinfo['customerid']);
+	if (Settings::Get('session.allow_multiple_login') == '1') {
+		$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "`
+			WHERE `userid` = :customerid
+			AND `adminsession` = '0'
+			AND `hash` = :hash"
+		);
+		$params["hash"] = $s;
+	} else {
+		$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "`
+			WHERE `userid` = :customerid
+			AND `adminsession` = '0'"
+		);
 	}
+	Database::pexecute($stmt, $params);

 	redirectTo('index.php');
-	exit;
 }

-if($page == 'overview')
-{
+if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_index");
+
+	$domain_stmt = Database::prepare("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "`
+		WHERE `customerid` = :customerid
+		AND `parentdomainid` = '0'
+		AND `id` <> :standardsubdomain
+	");
+	Database::pexecute($domain_stmt, array("customerid" => $userinfo['customerid'], "standardsubdomain" => $userinfo['standardsubdomain']));
+
 	$domains = '';
-	$result = $db->query("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `parentdomainid`='0' AND `id` <> '" . (int)$userinfo['standardsubdomain'] . "' ");
 	$domainArray = array();

-	while($row = $db->fetch_array($result))
-	{
+	while ($row = $domain_stmt->fetch(PDO::FETCH_ASSOC)) {
 		$domainArray[] = $idna_convert->decode($row['domain']);
 	}

 	natsort($domainArray);
 	$domains = implode(',<br />', $domainArray);
+
+	// standard-subdomain
+	$stdsubdomain = '';
+	if ($userinfo['standardsubdomain'] != '0') {
+		$std_domain_stmt = Database::prepare("
+			SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "`
+			WHERE `customerid` = :customerid
+			AND `id` = :standardsubdomain
+		");
+		$std_domain = Database::pexecute_first($std_domain_stmt, array("customerid" => $userinfo['customerid'], "standardsubdomain" => $userinfo['standardsubdomain']));
+		$stdsubdomain = $std_domain['domain'];
+	}
+
 	$userinfo['email'] = $idna_convert->decode($userinfo['email']);
 	$yesterday = time() - (60 * 60 * 24);
 	$month = date('M Y', $yesterday);

-	/*		$traffic=$db->query_first("SELECT SUM(http) AS http_sum, SUM(ftp_up) AS ftp_up_sum, SUM(ftp_down) AS ftp_down_sum, SUM(mail) AS mail_sum FROM ".TABLE_PANEL_TRAFFIC." WHERE year='".date('Y')."' AND month='".date('m')."' AND day<='".date('d')."' AND customerid='".$userinfo['customerid']."'");
-		$userinfo['traffic_used']=$traffic['http_sum']+$traffic['ftp_up_sum']+$traffic['ftp_down_sum']+$traffic['mail_sum'];*/
+	$userinfo['diskspace'] = round($userinfo['diskspace'] / 1024, Settings::Get('panel.decimal_places'));
+	$userinfo['diskspace_used'] = round($userinfo['diskspace_used'] / 1024, Settings::Get('panel.decimal_places'));
+	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), Settings::Get('panel.decimal_places'));
+	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), Settings::Get('panel.decimal_places'));
+	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps tickets subdomains');

-	$userinfo['diskspace'] = round($userinfo['diskspace'] / 1024, $settings['panel']['decimal_places']);
-	$userinfo['diskspace_used'] = round($userinfo['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
-	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps tickets subdomains aps_packages');
-	$opentickets = 0;
-	$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
-                                   WHERE `customerid` = "' . $userinfo['customerid'] . '"
-                                   AND `answerto` = "0"
-                                   AND (`status` = "0" OR `status` = "2")
-                                   AND `lastreplier`="1"');
-	$awaitingtickets = $opentickets['count'];
-	$awaitingtickets_text = '';
+	$userinfo['custom_notes'] = ($userinfo['custom_notes'] != '') ? nl2br($userinfo['custom_notes']) : '';

-	if($opentickets > 0)
-	{
-		$awaitingtickets_text = strtr($lng['ticket']['awaitingticketreply'], array('%s' => '<a href="customer_tickets.php?page=tickets&amp;s=' . $s . '">' . $opentickets['count'] . '</a>'));
-	}
+	$services_enabled = "";
+	$se = array();
+	if ($userinfo['imap'] == '1') $se[] = "IMAP";
+	if ($userinfo['pop3'] == '1') $se[] = "POP3";
+	if ($userinfo['phpenabled'] == '1') $se[] = "PHP";
+	if ($userinfo['perlenabled'] == '1') $se[] = "Perl/CGI";
+	$services_enabled = implode(", ", $se);

-	eval("echo \"" . getTemplate("index/index") . "\";");
-}
-elseif($page == 'change_password')
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+	eval("echo \"" . getTemplate('index/index') . "\";");
+} elseif ($page == 'change_password') {
+	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$old_password = validate($_POST['old_password'], 'old password');
-
-		if(md5($old_password) != $userinfo['password'])
-		{
+		if (!validatePasswordLogin($userinfo,$old_password,TABLE_PANEL_CUSTOMERS,'customerid')) {
 			standard_error('oldpasswordnotcorrect');
-			exit;
 		}

 		$new_password = validatePassword($_POST['new_password'], 'new password');
 		$new_password_confirm = validatePassword($_POST['new_password_confirm'], 'new password confirm');

-		if($old_password == '')
-		{
+		if ($old_password == '') {
 			standard_error(array('stringisempty', 'oldpassword'));
-		}
-		elseif($new_password == '')
-		{
+		} elseif ($new_password == '') {
 			standard_error(array('stringisempty', 'newpassword'));
-		}
-		elseif($new_password_confirm == '')
-		{
+		} elseif ($new_password_confirm == '') {
 			standard_error(array('stringisempty', 'newpasswordconfirm'));
-		}
-		elseif($new_password != $new_password_confirm)
-		{
+		} elseif ($new_password != $new_password_confirm) {
 			standard_error('newpasswordconfirmerror');
-		}
-		else
-		{
-			$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `password`='" . md5($new_password) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `password`='" . md5($old_password) . "'");
+		} else {
+			// Update user password
+			$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
+				SET `password` = :newpassword
+				WHERE `customerid` = :customerid"
+			);
+			$params = array(
+				"newpassword" => makeCryptPassword($new_password),
+				"customerid" => $userinfo['customerid']
+			);
+			Database::pexecute($stmt, $params);
 			$log->logAction(USR_ACTION, LOG_NOTICE, 'changed password');

-			if(isset($_POST['change_main_ftp'])
-			   && $_POST['change_main_ftp'] == 'true')
-			{
-				$cryptPassword = makeCryptPassword($db->escape($new_password),1);
-				$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`='" . $db->escape($cryptPassword) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `username`='" . $db->escape($userinfo['loginname']) . "'");
+			// Update ftp password
+			if (isset($_POST['change_main_ftp']) && $_POST['change_main_ftp'] == 'true') {
+				$cryptPassword = makeCryptPassword($new_password);
+				$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
+					SET `password` = :password
+					WHERE `customerid` = :customerid
+					AND `username` = :username"
+				);
+				$params = array(
+					"password" => $cryptPassword,
+					"customerid" => $userinfo['customerid'],
+					"username" => $userinfo['loginname']
+				);
+				Database::pexecute($stmt, $params);
 				$log->logAction(USR_ACTION, LOG_NOTICE, 'changed main ftp password');
 			}

-			if(isset($_POST['change_webalizer'])
-			   && $_POST['change_webalizer'] == 'true')
-			{
-				if(CRYPT_STD_DES == 1)
-				{
+			// Update webalizer password
+			if (isset($_POST['change_webalizer']) && $_POST['change_webalizer'] == 'true') {
+				if (CRYPT_STD_DES == 1) {
 					$saltfordescrypt = substr(md5(uniqid(microtime(), 1)), 4, 2);
 					$new_webalizer_password = crypt($new_password, $saltfordescrypt);
-				}
-				else
-				{
+				} else {
 					$new_webalizer_password = crypt($new_password);
 				}

-				$db->query("UPDATE `" . TABLE_PANEL_HTPASSWDS . "` SET `password`='" . $db->escape($new_webalizer_password) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `username`='" . $db->escape($userinfo['loginname']) . "'");
+				$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_HTPASSWDS . "`
+					SET `password` = :password
+					WHERE `customerid` = :customerid
+					AND `username` = :username"
+				);
+				$params = array(
+					"password" => $new_webalizer_password,
+					"customerid" => $userinfo['customerid'],
+					"username" => $userinfo['loginname']
+				);
+				Database::pexecute($stmt, $params);
 			}

-			redirectTo($filename, Array('s' => $s));
+			redirectTo($filename, array('s' => $s));
 		}
+	} else {
+		eval("echo \"" . getTemplate('index/change_password') . "\";");
 	}
-	else
-	{
-		eval("echo \"" . getTemplate("index/change_password") . "\";");
-	}
-}
-elseif($page == 'change_language')
-{
-	if(isset($_POST['send'])
-	   && $_POST['send'] == 'send')
-	{
+} elseif ($page == 'change_language') {
+	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$def_language = validate($_POST['def_language'], 'default language');
+		if (isset($languages[$def_language])) {
+			$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
+				SET `def_language` = :lang
+				WHERE `customerid` = :customerid"
+			);
+			Database::pexecute($stmt, array("lang" => $def_language, "customerid" => $userinfo['customerid']));
+
+			$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_SESSIONS . "`
+				SET `language` = :lang
+				WHERE `hash` = :hash"
+			);
+			Database::pexecute($stmt, array("lang" => $def_language, "hash" => $s));

-		if(isset($languages[$def_language]))
-		{
-			$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `def_language`='" . $db->escape($def_language) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
-			$db->query("UPDATE `" . TABLE_PANEL_SESSIONS . "` SET `language`='" . $db->escape($def_language) . "' WHERE `hash`='" . $db->escape($s) . "'");
 			$log->logAction(USR_ACTION, LOG_NOTICE, "changed default language to '" . $def_language . "'");
 		}

-		redirectTo($filename, Array('s' => $s));
-	}
-	else
-	{
-		$language_options = '';
-
-		$default_lang = $settings['panel']['standardlanguage'];
-		if($userinfo['def_language'] != '') { 
+		redirectTo($filename, array('s' => $s));
+	} else {
+		$default_lang = Settings::Get('panel.standardlanguage');
+		if ($userinfo['def_language'] != '') {
 			$default_lang = $userinfo['def_language'];
 		}

-		while(list($language_file, $language_name) = each($languages))
-		{
-			$language_options.= makeoption($language_name, $language_file, $default_lang, true);
+		$language_options = '';
+		while (list($language_file, $language_name) = each($languages)) {
+			$language_options .= makeoption($language_name, $language_file, $default_lang, true);
 		}

-		eval("echo \"" . getTemplate("index/change_language") . "\";");
+		eval("echo \"" . getTemplate('index/change_language') . "\";");
 	}
-}
-elseif($page == 'change_theme')
-{
-	if(isset($_POST['send'])
-		&& $_POST['send'] == 'send'
-	) {
+} elseif ($page == 'change_theme') {
+	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$theme = validate($_POST['theme'], 'theme');
- 
-		$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `theme`='" . $db->escape($theme) . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
-		$db->query("UPDATE `" . TABLE_PANEL_SESSIONS . "` SET `theme`='" . $db->escape($theme) . "' WHERE `hash`='" . $db->escape($s) . "'");
-		$log->logAction(USR_ACTION, LOG_NOTICE, "changed default theme to '" . $theme . "'");
-		redirectTo($filename, Array('s' => $s));
-	}
-	else
-	{
-		$theme_options = '';

-		$default_theme = $settings['panel']['default_theme'];
-		if($userinfo['theme'] != '') {
+		$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
+			SET `theme` = :theme
+			WHERE `customerid` = :customerid"
+		);
+		Database::pexecute($stmt, array("theme" => $theme, "customerid" => $userinfo['customerid']));
+
+		$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_SESSIONS . "`
+			SET `theme` = :theme
+			WHERE `hash` = :hash"
+		);
+		Database::pexecute($stmt, array("theme" => $theme, "hash" => $s));
+
+		$log->logAction(USR_ACTION, LOG_NOTICE, "changed default theme to '" . $theme . "'");
+		redirectTo($filename, array('s' => $s));
+	} else {
+		$default_theme = Settings::Get('panel.default_theme');
+		if ($userinfo['theme'] != '') {
 			$default_theme = $userinfo['theme'];
 		}

+		$theme_options = '';
 		$themes_avail = getThemes();
-		foreach($themes_avail as $t)
-		{
-			$theme_options.= makeoption($t, $t, $default_theme, true);
+		foreach ($themes_avail as $t => $d) {
+			$theme_options.= makeoption($d, $t, $default_theme, true);
 		}

-		eval("echo \"" . getTemplate("index/change_theme") . "\";");
+		eval("echo \"" . getTemplate('index/change_theme') . "\";");
+	}
+
+} elseif ($page == 'send_error_report' && Settings::Get('system.allow_error_report_customer') == '1') {
+
+	// only show this if we really have an exception to report
+	if (isset($_GET['errorid']) && $_GET['errorid'] != '') {
+
+		$errid = $_GET['errorid'];
+		// read error file
+		$err_dir = makeCorrectDir(FROXLOR_INSTALL_DIR."/logs/");
+		$err_file = makeCorrectFile($err_dir."/".$errid."_sql-error.log");
+
+		if (file_exists($err_file)) {
+
+			$error_content = file_get_contents($err_file);
+			$error = explode("|", $error_content);
+
+			$_error = array(
+				'code' => str_replace("\n", "", substr($error[1], 5)),
+				'message' => str_replace("\n", "", substr($error[2], 4)),
+				'file' => str_replace("\n", "", substr($error[3], 5 + strlen(FROXLOR_INSTALL_DIR))),
+				'line' => str_replace("\n", "", substr($error[4], 5)),
+				'trace' => str_replace(FROXLOR_INSTALL_DIR, "", substr($error[5], 6))
+			);
+
+			// build mail-content
+			$mail_body = "Dear froxlor-team,\n\n";
+			$mail_body .= "the following error has been reported by a user:\n\n";
+			$mail_body .= "-------------------------------------------------------------\n";
+			$mail_body .= $_error['code'].' '.$_error['message']."\n\n";
+			$mail_body .= "File: ".$_error['file'].':'.$_error['line']."\n\n";
+			$mail_body .= "Trace:\n".trim($_error['trace'])."\n\n";
+			$mail_body .= "-------------------------------------------------------------\n\n";
+			$mail_body .= "Froxlor-version: ".$version."\n\n";
+			$mail_body .= "End of report";
+			$mail_html = str_replace("\n", "<br />", $mail_body);
+
+			// send actual report to dev-team
+			if (isset($_POST['send'])
+				&& $_POST['send'] == 'send'
+			) {
+				// send mail and say thanks
+				$_mailerror = false;
+				try {
+					$mail->Subject = '[Froxlor] Error report by user';
+					$mail->AltBody = $mail_body;
+					$mail->MsgHTML($mail_html);
+					$mail->AddAddress('error-reports@froxlor.org', 'Froxlor Developer Team');
+					$mail->Send();
+				} catch(phpmailerException $e) {
+					$mailerr_msg = $e->errorMessage();
+					$_mailerror = true;
+				} catch (Exception $e) {
+					$mailerr_msg = $e->getMessage();
+					$_mailerror = true;
+				}
+
+				if ($_mailerror) {
+					// error when reporting an error...LOLFUQ
+					standard_error('send_report_error', $mailerr_msg);
+				}
+
+				// finally remove error from fs
+				@unlink($err_file);
+				redirectTo($filename, array('s' => $s));
+			}
+			// show a nice summary of the error-report
+			// before actually sending anything
+			eval("echo \"" . getTemplate("index/send_error_report") . "\";");
+
+		} else {
+			redirectTo($filename, array('s' => $s));
+		}
+	} else {
+		redirectTo($filename, array('s' => $s));
 	}
 }
--- a/customer_logger.php
+++ b/customer_logger.php
@@ -0,0 +1,117 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Panel
+ *
+ */
+
+define('AREA', 'customer');
+require './lib/init.php';
+
+if ($page == 'log'
+) {
+	if ($action == '') {
+		$fields = array(
+			'date' => $lng['logger']['date'],
+			'type' => $lng['logger']['type'],
+			'user' => $lng['logger']['user'],
+			'text' => $lng['logger']['action']
+		);
+		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc');
+		$result_stmt = Database::prepare('
+			SELECT * FROM `' . TABLE_PANEL_LOG . '` WHERE `user` = :loginname ' . $paging->getSqlWhere(true) . ' ' . $paging->getSqlOrderBy() . ' ' . $paging->getSqlLimit()
+		);
+		Database::pexecute($result_stmt, array("loginname" => $userinfo['loginname']));
+		$logs_count = Database::num_rows();
+		$paging->setEntries($logs_count);
+		$sortcode = $paging->getHtmlSortCode($lng);
+		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
+		$searchcode = $paging->getHtmlSearchCode($lng);
+		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
+		$clog = array();
+
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+
+			if (!isset($clog[$row['action']])
+				|| !is_array($clog[$row['action']])
+			) {
+				$clog[$row['action']] = array();
+			}
+			$clog[$row['action']][$row['logid']] = $row;
+		}
+
+		if ($paging->sortfield == 'date'
+			&& $paging->sortorder == 'desc'
+		) {
+			krsort($clog);
+		} else {
+			ksort($clog);
+		}
+
+		$i = 0;
+		$count = 0;
+		$log_count = 0;
+		$log = '';
+		foreach ($clog as $action => $logrows) {
+			$_action = 0;
+			foreach ($logrows as $row) {
+				if ($paging->checkDisplay($i)) {
+					$row = htmlentities_array($row);
+					$row['date'] = date("d.m.y H:i:s", $row['date']);
+
+					if ($_action != $action) {
+						switch ($action) {
+							case USR_ACTION:
+								$_action = $lng['admin']['customer'];
+								break;
+							case RES_ACTION:
+								$_action = $lng['logger']['reseller'];
+								break;
+							case ADM_ACTION:
+								$_action = $lng['logger']['admin'];
+								break;
+							case CRON_ACTION:
+								$_action = $lng['logger']['cron'];
+								break;
+							case LOGIN_ACTION:
+								$_action = $lng['logger']['login'];
+								break;
+							case LOG_ERROR:
+								$_action = $lng['logger']['intern'];
+								break;
+							default:
+								$_action = $lng['logger']['unknown'];
+								break;
+						}
+
+						$row['action'] = $_action;
+						eval("\$log.=\"" . getTemplate('logger/logger_action') . "\";");
+					}
+
+					$log_count++;
+					$row['type'] = getLogLevelDesc($row['type']);
+					eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";");
+					$count++;
+					$_action = $action;
+				}
+				$i++;
+			}
+			$i++;
+		}
+
+		eval("echo \"" . getTemplate('logger/logger') . "\";");
+
+	}
+}
--- a/customer_mysql.php
+++ b/customer_mysql.php
@@ -18,42 +18,41 @@
 */

 define('AREA', 'customer');
+require './lib/init.php';

-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
+// get sql-root access data
+Database::needRoot(true);
+Database::needSqlData();
+$sql_root = Database::getSqlData();
+Database::needRoot(false);

-$need_db_sql_data = true;
-$need_root_db_sql_data = true;
-require ("./lib/init.php");
-
-if(isset($_POST['id']))
-{
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-}
-elseif(isset($_GET['id']))
-{
+} elseif (isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'overview')
-{
+if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_mysql");
+	Database::needSqlData();
+	$sql = Database::getSqlData();
 	$lng['mysql']['description'] = str_replace('<SQL_HOST>', $sql['host'], $lng['mysql']['description']);
-	eval("echo \"" . getTemplate("mysql/mysql") . "\";");
-}
-elseif($page == 'mysqls')
-{
-	if($action == '')
-	{
+	eval("echo \"" . getTemplate('mysql/mysql') . "\";");
+} elseif ($page == 'mysqls') {
+	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_mysql::mysqls");
 		$fields = array(
 			'databasename' => $lng['mysql']['databasename'],
 			'description' => $lng['mysql']['databasedescription']
 		);
-		$paging = new paging($userinfo, $db, TABLE_PANEL_DATABASES, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result = $db->query("SELECT * FROM `" . TABLE_PANEL_DATABASES . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
-		$paging->setEntries($db->num_rows($result));
+		$paging = new paging($userinfo, TABLE_PANEL_DATABASES, $fields);
+		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DATABASES . "`
+			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
+		);
+		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
+		$mysqls_count = Database::num_rows();
+		$paging->setEntries($mysqls_count);
+
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
@@ -62,185 +61,188 @@ elseif($page == 'mysqls')
 		$count = 0;
 		$mysqls = '';

+		$dbservers_stmt = Database::query("SELECT COUNT(DISTINCT `dbserver`) as numservers FROM `".TABLE_PANEL_DATABASES."`");
+		$dbserver = $dbservers_stmt->fetch(PDO::FETCH_ASSOC);
+		$count_mysqlservers = $dbserver['numservers'];
+
 		// Begin root-session
-		$db_root = new db($sql_root[0]['host'], $sql_root[0]['user'], $sql_root[0]['password'], '');
-		while($row = $db->fetch_array($result))
-		{
-			if($paging->checkDisplay($i))
-			{
+		Database::needRoot(true);
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+			if ($paging->checkDisplay($i)) {
 				$row = htmlentities_array($row);
-				$mbdata = $db_root->query_first("SELECT SUM( data_length + index_length) / 1024 / 1024 'MB' FROM information_schema.TABLES WHERE table_schema = '" . $db_root->escape($row['databasename']) . "' GROUP BY table_schema ;");
-				$row['size'] = number_format($mbdata['MB'], 3, '.', '');
-				eval("\$mysqls.=\"" . getTemplate("mysql/mysqls_database") . "\";");
+				$mbdata_stmt = Database::prepare("SELECT SUM(data_length + index_length) as MB FROM information_schema.TABLES
+					WHERE table_schema = :table_schema
+					GROUP BY table_schema"
+				);
+				Database::pexecute($mbdata_stmt, array("table_schema" => $row['databasename']));
+				$mbdata = $mbdata_stmt->fetch(PDO::FETCH_ASSOC);
+				$row['size'] = size_readable($mbdata['MB'], 'GiB', 'bi', '%01.' . (int)Settings::Get('panel.decimal_places') . 'f %s');
+				eval("\$mysqls.=\"" . getTemplate('mysql/mysqls_database') . "\";");
 				$count++;
 			}
-
 			$i++;
 		}
-		$db_root->close();
+		Database::needRoot(false);
 		// End root-session

-		$mysqls_count = $db->num_rows($result);
-		eval("echo \"" . getTemplate("mysql/mysqls") . "\";");
-	}
-	elseif($action == 'delete'
-	       && $id != 0)
-	{
-		$result = $db->query_first('SELECT `id`, `databasename`, `description`, `dbserver` FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int)$userinfo['customerid'] . '" AND `id`="' . (int)$id . '"');
+		eval("echo \"" . getTemplate('mysql/mysqls') . "\";");

-		if(isset($result['databasename'])
-		   && $result['databasename'] != '')
-		{
-			if(!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']]))
-			{
+	} elseif ($action == 'delete' && $id != 0) {
+		$result_stmt = Database::prepare('SELECT `id`, `databasename`, `description`, `dbserver` FROM `' . TABLE_PANEL_DATABASES . '`
+			WHERE `customerid`="' . (int)$userinfo['customerid'] . '"
+			AND `id`="' . (int)$id . '"'
+		);
+		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
+		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+
+		if (isset($result['databasename']) && $result['databasename'] != '') {
+
+			Database::needRoot(true, $result['dbserver']);
+			Database::needSqlData();
+			$sql_root = Database::getSqlData();
+			Database::needRoot(false);
+
+			if (!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']])) {
 				$result['dbserver'] = 0;
 			}

-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				// Begin root-session
-
-				$db_root = new db($sql_root[$result['dbserver']]['host'], $sql_root[$result['dbserver']]['user'], $sql_root[$result['dbserver']]['password'], '');
+				Database::needRoot(true, $result['dbserver']);
+				$dbm = new DbManager($log);
+				$dbm->getManager()->deleteDatabase($result['databasename']);
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted database '" . $result['databasename'] . "'");
-				if(mysql_get_server_info() < '5.0.2') { 
-					// Revoke privileges (only required for MySQL 4.1.2 - 5.0.1)
-					$db_root->query('REVOKE ALL PRIVILEGES, GRANT OPTION FROM \'' . $db_root->escape($result['databasename']) .'\'',false,true);
-				}
-
-				$host_res = $db_root->query("SELECT `Host` FROM `mysql`.`user` WHERE `User`='" . $db_root->escape($result['databasename']) . "'");
-				while($host = $db_root->fetch_array($host_res)) 
-				{
-					// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
-					$db_root->query('DROP USER \'' . $db_root->escape($result['databasename']). '\'@\'' . $db_root->escape($host['Host']) . '\'', false, true);
-				}
-
-				$db_root->query('DROP DATABASE IF EXISTS `' . $db_root->escape($result['databasename']) . '`');
-				$db_root->query('FLUSH PRIVILEGES');
-				$db_root->close();
-
+				Database::needRoot(false);
 				// End root-session

-				$db->query('DELETE FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int)$userinfo['customerid'] . '" AND `id`="' . (int)$id . '"');
+				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DATABASES . "`
+					WHERE `customerid` = :customerid
+					AND `id` = :id"
+				);
+				Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));

-				if($userinfo['mysqls_used'] == '1')
-				{
-					$resetaccnumber = " , `mysql_lastaccountnumber`='0' ";
-				}
-				else
-				{
-					$resetaccnumber = '';
-				}
+				$resetaccnumber = ($userinfo['mysqls_used'] == '1') ? " , `mysql_lastaccountnumber` = '0' " : '';

-				$result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`-1 ' . $resetaccnumber . 'WHERE `customerid`="' . (int)$userinfo['customerid'] . '"');
-				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
+				$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
+					SET `mysqls_used` = `mysqls_used` - 1 " . $resetaccnumber . "
+					WHERE `customerid` = :customerid"
+				);
+				Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
+
+				redirectTo($filename, array('page' => $page, 's' => $s));
+			} else {
 				$dbnamedesc = $result['databasename'];
-				if(isset($result['description']) && $result['description'] != '') {
-					$dbnamedesc.= ' ('.$result['description'].')';
+				if (isset($result['description']) && $result['description'] != '') {
+					$dbnamedesc .= ' ('.$result['description'].')';
 				}
 				ask_yesno('mysql_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $dbnamedesc);
 			}
 		}
-	}
-	elseif($action == 'add')
-	{
-		if($userinfo['mysqls_used'] < $userinfo['mysqls']
-		   || $userinfo['mysqls'] == '-1')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+	} elseif ($action == 'add') {
+		if ($userinfo['mysqls_used'] < $userinfo['mysqls'] || $userinfo['mysqls'] == '-1') {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$password = validate($_POST['mysql_password'], 'password');
 				$password = validatePassword($password);

 				$sendinfomail = isset($_POST['sendinfomail']) ? 1 : 0;
-				if($sendinfomail != 1)
-				{
+				if ($sendinfomail != 1) {
 					$sendinfomail = 0;
 				}

-				if($password == '')
-				{
+				if ($password == '') {
 					standard_error(array('stringisempty', 'mypassword'));
-				}
-				else
-				{
-
-					if(count($sql_root) > 1)
-					{
+				} else {
+					$dbserver = 0;
+					$dbservers_stmt = Database::query("SELECT COUNT(DISTINCT `dbserver`) as numservers FROM `".TABLE_PANEL_DATABASES."`");
+					$_dbserver = $dbservers_stmt->fetch(PDO::FETCH_ASSOC);
+					$count_mysqlservers = $_dbserver['numservers'];
+					if ($count_mysqlservers > 1) {
 						$dbserver = validate($_POST['mysql_server'], html_entity_decode($lng['mysql']['mysql_server']), '', '', 0);
-
-						if(!isset($sql_root[$dbserver]) || !is_array($sql_root[$dbserver]))
-						{
+						Database::needRoot(true, $dbserver);
+						Database::needSqlData();
+						$sql_root = Database::getSqlData();
+						Database::needRoot(false);
+						if (!isset($sql_root) || !is_array($sql_root)) {
 							$dbserver = 0;
 						}
 					}
-					else
-					{
-						$dbserver = 0;
-					}
-					
+
 					// validate description before actual adding the database, #1052
 					$databasedescription = validate(trim($_POST['description']), 'description');

-					// Begin root-session
-					$db_root = new db($sql_root[$dbserver]['host'], $sql_root[$dbserver]['user'], $sql_root[$dbserver]['password'], '');
+					// create database, user, set permissions, etc.pp.
+					$dbm = new DbManager($log);
+					$username = $dbm->createDatabase(
+						$userinfo['loginname'],
+						$password,
+						$userinfo['mysql_lastaccountnumber']
+					);

-					if (strtoupper($settings['customer']['mysqlprefix']) == "RANDOM") {
-						$result = $db_root->query('SELECT `User` FROM mysql.user');
-						while ($row = $db_root->fetch_array($result)) {
-							$allsqlusers[] = $row[User];
-						}
-						$username = $userinfo['loginname'] . '-' . substr(md5(uniqid(microtime(), 1)), 20, 3);
-						while (in_Array($username , $allsqlusers)) {
-							$username = $userinfo['loginname'] . '-' . substr(md5(uniqid(microtime(), 1)), 20, 3);
-						}
-					} else {
-						$username = $userinfo['loginname'] . $settings['customer']['mysqlprefix'] . (intval($userinfo['mysql_lastaccountnumber']) + 1);
+					// we've checked against the password in dbm->createDatabase
+					if ($username == false) {
+						standard_error('passwordshouldnotbeusername');
 					}

-					$db_root->query('CREATE DATABASE `' . $db_root->escape($username) . '`');
-					$log->logAction(USR_ACTION, LOG_INFO, "created database '" . $username . "'");
-					foreach(array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host)
-					{
-						$db_root->query('GRANT ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($username)) . '`.* TO `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '` IDENTIFIED BY \'password\'');
-						$db_root->query('SET PASSWORD FOR `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '` = PASSWORD(\'' . $db_root->escape($password) . '\')');
-						$log->logAction(USR_ACTION, LOG_NOTICE, "grant all privileges for '" . $username . "'@'" . $mysql_access_host . "'");
-					}
+					// Statement modified for Database description -- PH 2004-11-29
+					$stmt = Database::prepare('INSERT INTO `' . TABLE_PANEL_DATABASES . '`
+						(`customerid`, `databasename`, `description`, `dbserver`)
+						VALUES (:customerid, :databasename, :description, :dbserver)'
+					);
+					$params = array(
+						"customerid" => $userinfo['customerid'],
+						"databasename" => $username,
+						"description" => $databasedescription,
+						"dbserver" => $dbserver
+					);
+					Database::pexecute($stmt, $params);

-					$db_root->query('FLUSH PRIVILEGES');
-					$db_root->close();
+					$stmt = Database::prepare('UPDATE `' . TABLE_PANEL_CUSTOMERS . '`
+						SET `mysqls_used` = `mysqls_used` + 1, `mysql_lastaccountnumber` = `mysql_lastaccountnumber` + 1
+						WHERE `customerid` = :customerid'
+					);
+					Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));

-					// End root-session
-					// Statement modifyed for Database description -- PH 2004-11-29
-					$result = $db->query('INSERT INTO `' . TABLE_PANEL_DATABASES . '` (`customerid`, `databasename`, `description`, `dbserver`) VALUES ("' . (int)$userinfo['customerid'] . '", "' . $db->escape($username) . '", "' . $db->escape($databasedescription) . '", "' . $db->escape($dbserver) . '")');
-					$result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`+1, `mysql_lastaccountnumber`=`mysql_lastaccountnumber`+1 WHERE `customerid`="' . (int)$userinfo['customerid'] . '"');
-
-					if($sendinfomail == 1)
-					{
+					if ($sendinfomail == 1) {
 						$pma = $lng['admin']['notgiven'];
-						if($settings['panel']['phpmyadmin_url'] != '')
-						{
-							$pma = $settings['panel']['phpmyadmin_url'];
+						if (Settings::Get('panel.phpmyadmin_url') != '') {
+							$pma = Settings::Get('panel.phpmyadmin_url');
 						}

+						Database::needRoot(true, $dbserver);
+						Database::needSqlData();
+						$sql_root = Database::getSqlData();
+						Database::needRoot(false);
+
 						$replace_arr = array(
-							'CUST_NAME' => getCorrectUserSalutation($userinfo),
+							'SALUTATION' => getCorrectUserSalutation($userinfo),
+							'CUST_NAME' => getCorrectUserSalutation($userinfo), // < keep this for compatibility
 							'DB_NAME' => $username,
 							'DB_PASS' => $password,
 							'DB_DESC' => $databasedescription,
-							'DB_SRV' => $sql_root[$dbserver]['host'],
-							'PMA_URI' => $pma 
+							'DB_SRV' => $sql_root['host'],
+							'PMA_URI' => $pma
 						);
-						
+
 						$def_language = $userinfo['def_language'];
-						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'new_database_by_customer_subject\'');
-						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['mysql_add']['infomail_subject']), $replace_arr));
-						$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'new_database_by_customer_mailbody\'');
-						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['mysql_add']['infomail_body']['main']), $replace_arr));
+						$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+							WHERE `adminid` = :adminid
+							AND `language` = :lang
+							AND `templategroup`='mails'
+							AND `varname`='new_database_by_customer_subject'"
+						);
+						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
+						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_database_by_customer']['subject']), $replace_arr));
+
+						$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+							WHERE `adminid`= :adminid
+							AND `language`= :lang
+							AND `templategroup` = 'mails'
+							AND `varname` = 'new_database_by_customer_mailbody'"
+						);
+						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
+						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_database_by_customer']['mailbody']), $replace_arr));

 						$_mailerror = false;
 						try {
@@ -265,19 +267,21 @@ elseif($page == 'mysqls')
 						$mail->ClearAddresses();
 					}

-					redirectTo($filename, Array('page' => $page, 's' => $s));
+					redirectTo($filename, array('page' => $page, 's' => $s));
 				}
-			}
-			else
-			{
+			} else {
+
+				$dbservers_stmt = Database::query("SELECT DISTINCT `dbserver` FROM `".TABLE_PANEL_DATABASES."`");
 				$mysql_servers = '';
-
-				foreach($sql_root as $mysql_server => $mysql_server_details)
-				{
-					$mysql_servers .= makeoption($mysql_server_details['caption'], $mysql_server);
+				$count_mysqlservers = 0;
+				while ($dbserver = $dbservers_stmt->fetch(PDO::FETCH_ASSOC)) {
+					Database::needRoot(true, $dbserver['dbserver']);
+					Database::needSqlData();
+					$sql_root = Database::getSqlData();
+					$mysql_servers .= makeoption($sql_root['caption'], $dbserver['dbserver']);
+					$count_mysqlservers++;
 				}
-
-				//$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');
+				Database::needRoot(false);

 				$mysql_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/mysql/formfield.mysql_add.php';
 				$mysql_add_form = htmlform::genHTMLForm($mysql_add_data);
@@ -285,65 +289,80 @@ elseif($page == 'mysqls')
 				$title = $mysql_add_data['mysql_add']['title'];
 				$image = $mysql_add_data['mysql_add']['image'];

-				eval("echo \"" . getTemplate("mysql/mysqls_add") . "\";");
+				eval("echo \"" . getTemplate('mysql/mysqls_add') . "\";");
 			}
 		}
-	}
-	elseif($action == 'edit'
-	       && $id != 0)
-	{
-		$result = $db->query_first('SELECT `id`, `databasename`, `description`, `dbserver` FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . $userinfo['customerid'] . '" AND `id`="' . $id . '"');
+	} elseif ($action == 'edit' && $id != 0) {
+		$result_stmt = Database::prepare("SELECT `id`, `databasename`, `description`, `dbserver` FROM `" . TABLE_PANEL_DATABASES . "`
+			WHERE `customerid` = :customerid
+			AND `id` = :id"
+		);
+		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
+		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);

-		if(isset($result['databasename'])
-		   && $result['databasename'] != '')
-		{
-			if(!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']]))
-			{
+		if (isset($result['databasename']) && $result['databasename'] != '') {
+			if (!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']])) {
 				$result['dbserver'] = 0;
 			}

-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				// Only change Password if it is set, do nothing if it is empty! -- PH 2004-11-29
 				$password = validate($_POST['mysql_password'], 'password');
-
-				if($password != '')
-				{
+				if ($password != '') {
 					// validate password
 					$password = validatePassword($password);

-					// Begin root-session
-					$db_root = new db($sql_root[$result['dbserver']]['host'], $sql_root[$result['dbserver']]['user'], $sql_root[$result['dbserver']]['password'], '');
-					foreach(array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host)
-					{
-						$db_root->query('SET PASSWORD FOR `' . $db_root->escape($result['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '` = PASSWORD(\'' . $db_root->escape($password) . '\')');
+					if ($password == $result['databasename']) {
+						standard_error('passwordshouldnotbeusername');
 					}

-					$db_root->query('FLUSH PRIVILEGES');
-					$db_root->close();
+					// Begin root-session
+					Database::needRoot(true);
+					foreach (array_map('trim', explode(',', Settings::Get('system.mysql_access_host'))) as $mysql_access_host) {
+						$stmt = Database::prepare("SET PASSWORD FOR :dbname@:host = PASSWORD(:password)");
+						$params = array(
+							"dbname" => $result['databasename'],
+							"host" => $mysql_access_host,
+							"password" => $password
+						);
+						Database::pexecute($stmt, $params);
+					}

+					$stmt = Database::prepare("FLUSH PRIVILEGES");
+					Database::pexecute($stmt);
+					Database::needRoot(false);
 					// End root-session
 				}

 				// Update the Database description -- PH 2004-11-29
 				$log->logAction(USR_ACTION, LOG_INFO, "edited database '" . $result['databasename'] . "'");
 				$databasedescription = validate($_POST['description'], 'description');
-				$result = $db->query('UPDATE `' . TABLE_PANEL_DATABASES . '` SET `description`="' . $db->escape($databasedescription) . '" WHERE `customerid`="' . (int)$userinfo['customerid'] . '" AND `id`="' . (int)$id . '"');
-				redirectTo($filename, Array('page' => $page, 's' => $s));
-			}
-			else
-			{
+				$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DATABASES . "`
+					SET `description` = :desc
+					WHERE `customerid` = :customerid
+					AND `id` = :id"
+				);
+				Database::pexecute($stmt, array("desc" => $databasedescription, "customerid" => $userinfo['customerid'], "id" => $id));
+				redirectTo($filename, array('page' => $page, 's' => $s));
+			} else {
+
+				$dbservers_stmt = Database::query("SELECT COUNT(DISTINCT `dbserver`) as numservers FROM `".TABLE_PANEL_DATABASES."`");
+				$dbserver = $dbservers_stmt->fetch(PDO::FETCH_ASSOC);
+				$count_mysqlservers = $dbserver['numservers'];
+
+				Database::needRoot(true, $result['dbserver']);
+				Database::needSqlData();
+				$sql_root = Database::getSqlData();
+				Database::needRoot(false);
+
 				$mysql_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/mysql/formfield.mysql_edit.php';
 				$mysql_edit_form = htmlform::genHTMLForm($mysql_edit_data);

 				$title = $mysql_edit_data['mysql_edit']['title'];
 				$image = $mysql_edit_data['mysql_edit']['image'];

-				eval("echo \"" . getTemplate("mysql/mysqls_edit") . "\";");
+				eval("echo \"" . getTemplate('mysql/mysqls_edit') . "\";");
 			}
 		}
 	}
 }
-
-?>
--- a/customer_tickets.php
+++ b/customer_tickets.php
@@ -18,56 +18,47 @@
 */

 define('AREA', 'customer');
+require './lib/init.php';

-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
+if (isset($_POST['id'])) {

-require ("./lib/init.php");
-
-if(isset($_POST['id']))
-{
 	$id = intval($_POST['id']);
-	
-	/*
-	 * Check if the current user is allowed to see the current ticket.
-	 */
-	$sql = "SELECT `id` FROM `panel_tickets` WHERE `id` = '".$id."' AND `customerid` = '".$userinfo['customerid']."'";
-	
-	$result = $db->query_first($sql);
+
+	//Check if the current user is allowed to see the current ticket.
+	$stmt = Database::prepare("SELECT `id` FROM `panel_tickets` WHERE `id` = :id AND `customerid` = :customerid");
+	$result = Database::pexecute_first($stmt, array("id" => $id, "customerid" => $userinfo['customerid']));
+
 	if ($result == null) {
 		// no rights to see the requested ticket
 		standard_error(array('ticketnotaccessible'));
 	}
-}
-elseif(isset($_GET['id']))
-{
+} elseif (isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }

-if($page == 'overview')
-{
+if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_tickets");
 	eval("echo \"" . getTemplate("tickets/ticket") . "\";");
-}
-elseif($page == 'tickets')
-{
-	if($action == '')
-	{
+} elseif ($page == 'tickets') {
+	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_tickets::tickets");
 		$fields = array(
 			'status' => $lng['ticket']['status'],
-			'priority' => $lng['ticket']['priority'],
 			'lastchange' => $lng['ticket']['lastchange'],
-			'ticket_answers' => $lng['ticket']['ticket_answers'],
 			'subject' => $lng['ticket']['subject'],
 			'lastreplier' => $lng['ticket']['lastreplier']
 		);
-		$paging = new paging($userinfo, $db, TABLE_PANEL_TICKETS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$paging->sortfield = 'lastchange';
-		$paging->sortorder = 'desc';
-		$result = $db->query('SELECT `main`.`id`, (SELECT COUNT(`sub`.`id`) FROM `' . TABLE_PANEL_TICKETS . '` `sub` WHERE `sub`.`answerto` = `main`.`id`) as `ticket_answers`, `main`.`lastchange`, `main`.`subject`, `main`.`status`, `main`.`lastreplier`, `main`.`priority` FROM `' . TABLE_PANEL_TICKETS . '` as `main` WHERE `main`.`answerto` = "0" AND `archived` = "0" AND `customerid`="' . (int)$userinfo['customerid'] . '" ' . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
-		$paging->setEntries($db->num_rows($result));
+		$paging = new paging($userinfo, TABLE_PANEL_TICKETS, $fields);
+		$stmt = Database::prepare('SELECT `main`.`id`, (SELECT COUNT(`sub`.`id`) FROM `' . TABLE_PANEL_TICKETS . '` `sub`
+			WHERE `sub`.`answerto` = `main`.`id`) AS `ticket_answers`, `main`.`lastchange`, `main`.`subject`, `main`.`status`, `main`.`lastreplier`, `main`.`priority`
+			FROM `' . TABLE_PANEL_TICKETS . '` as `main`
+			WHERE `main`.`answerto` = "0"
+			AND `archived` = "0"
+			AND `customerid`= :customerid ' . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
+		);
+		Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
+
+		$paging->setEntries(Database::num_rows());
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
@@ -77,42 +68,34 @@ elseif($page == 'tickets')
 		$tickets = '';
 		$tickets_count = 0;

-		while($row = $db->fetch_array($result))
-		{
-			if($paging->checkDisplay($i))
-			{
+		while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
+			if ($paging->checkDisplay($i)) {
 				$tickets_count++;
 				$row = htmlentities_array($row);
 				$row['lastchange'] = date("d.m.y H:i", $row['lastchange']);

-				if($row['status'] >= 0
-				   && $row['status'] <= 2)
-				{
+				if ($row['status'] >= 0 && $row['status'] <= 2) {
 					$reopen = 0;
-				}
-				else
-				{
+				} else {
 					$reopen = 1;
 				}

 				$row['status'] = ticket::getStatusText($lng, $row['status']);
 				$row['priority'] = ticket::getPriorityText($lng, $row['priority']);

-				if($row['lastreplier'] == '1')
-				{
+				if ($row['lastreplier'] == '1') {
 					$row['lastreplier'] = $lng['ticket']['staff'];
 					$cananswer = 1;
-				}
-				else
-				{
+				} else {
 					$row['lastreplier'] = $lng['ticket']['customer'];
 					$cananswer = 0;
 				}

 				$row['subject'] = html_entity_decode($row['subject']);
-				if(strlen($row['subject']) > 20)
-				{
-					$row['subject'] = substr($row['subject'], 0, 17) . '...';
+				if (strlen($row['subject']) > 30) {
+					$ts = wordwrap($row['subject'], 30, "|");
+					$ts = explode("|", $ts);
+					$row['subject'] = $ts[0]. '...';
 				}

 				eval("\$tickets.=\"" . getTemplate("tickets/tickets_tickets") . "\";");
@@ -125,60 +108,46 @@ elseif($page == 'tickets')
 		$supportavailable = 0;
 		$time = date("Hi", time());
 		$day = date("w", time());
-		$start = substr($settings['ticket']['worktime_begin'], 0, 2) . substr($settings['ticket']['worktime_begin'], 3, 2);
-		$end = substr($settings['ticket']['worktime_end'], 0, 2) . substr($settings['ticket']['worktime_end'], 3, 2);
+		$start = substr(Settings::Get('ticket.worktime_begin'), 0, 2) . substr(Settings::Get('ticket.worktime_begin'), 3, 2);
+		$end = substr(Settings::Get('ticket.worktime_end'), 0, 2) . substr(Settings::Get('ticket.worktime_end'), 3, 2);

-		if($time >= $start
-		   && $time <= $end)
-		{
+		if ($time >= $start && $time <= $end) {
 			$supportavailable = 1;
 		}

-		if($settings['ticket']['worktime_sat'] == "0"
-		   && $day == "6")
-		{
+		if (Settings::Get('ticket.worktime_sat') == "0" && $day == "6") {
 			$supportavailable = 0;
 		}

-		if($settings['ticket']['worktime_sun'] == "0"
-		   && $day == "0")
-		{
+		if (Settings::Get('ticket.worktime_sun') == "0" && $day == "0") {
 			$supportavailable = 0;
 		}

-		if($settings['ticket']['worktime_all'] == "1")
-		{
+		if (Settings::Get('ticket.worktime_all') == "1") {
 			$supportavailable = 1;
 		}

 		$ticketsopen = 0;
-		$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
-                                         WHERE `customerid` = "' . $userinfo['customerid'] . '"
-                                         AND `answerto` = "0"
-                                         AND (`status` = "0" OR `status` = "1" OR `status` = "2")');
+		$stmt = Database::prepare('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
+			WHERE `customerid` = :customerid
+			AND `answerto` = "0"
+			AND (`status` = "0" OR `status` = "1" OR `status` = "2")'
+		);
+		$opentickets = Database::pexecute_first($stmt, array("customerid" => $userinfo['customerid']));

-		if($settings['ticket']['concurrently_open'] != - 1
-		   && $settings['ticket']['concurrently_open'] != '')
-		{
-			$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => $settings['ticket']['concurrently_open']));
-		}
-		else
-		{
+		if (Settings::Get('ticket.concurrently_open') != - 1 && Settings::Get('ticket.concurrently_open') != '') {
+			$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => Settings::Get('ticket.concurrently_open')));
+		} else {
 			$notmorethanxopentickets = '';
 		}

 		$ticketsopen = (int)$opentickets['count'];
 		eval("echo \"" . getTemplate("tickets/tickets") . "\";");
-	}
-	elseif($action == 'new')
-	{
-		if($userinfo['tickets_used'] < $userinfo['tickets']
-		   || $userinfo['tickets'] == '-1')
-		{
-			if(isset($_POST['send'])
-			   && $_POST['send'] == 'send')
-			{
-				$newticket = ticket::getInstanceOf($userinfo, $db, $settings, -1);
+
+	} elseif ($action == 'new') {
+		if ($userinfo['tickets_used'] < $userinfo['tickets'] || $userinfo['tickets'] == '-1') {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				$newticket = ticket::getInstanceOf($userinfo, -1);
 				$newticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 				$newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 				$newticket->Set('category', validate($_POST['category'], 'category'), true, false);
@@ -186,16 +155,11 @@ elseif($page == 'tickets')
 				$newticket->Set('admin', (int)$userinfo['adminid'], true, false);
 				$newticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);

-				if($newticket->Get('subject') == null)
-				{
+				if ($newticket->Get('subject') == null) {
 					standard_error(array('stringisempty', 'mysubject'));
-				}
-				elseif($newticket->Get('message') == null)
-				{
+				} elseif ($newticket->Get('message') == null) {
 					standard_error(array('stringisempty', 'mymessage'));
-				}
-				else
-				{
+				} else {
 					$now = time();
 					$newticket->Set('dt', $now, true, true);
 					$newticket->Set('lastchange', $now, true, true);
@@ -205,55 +169,56 @@ elseif($page == 'tickets')
 					$newticket->Set('by', '0', true, true);
 					$newticket->Insert();
 					$log->logAction(USR_ACTION, LOG_NOTICE, "opened support-ticket '" . $newticket->Get('subject') . "'");
-					$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '`
-                          SET `tickets_used`=`tickets_used`+1 WHERE `customerid`="' . (int)$userinfo['customerid'] . '"');
+
+					$stmt = Database::prepare('UPDATE `' . TABLE_PANEL_CUSTOMERS . '`
+						SET `tickets_used`=`tickets_used` + 1
+						WHERE `customerid`= :customerid'
+					);
+					Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));

 					// Customer mail
-
 					$newticket->sendMail((int)$userinfo['customerid'], 'new_ticket_for_customer_subject', $lng['mails']['new_ticket_for_customer']['subject'], 'new_ticket_for_customer_mailbody', $lng['mails']['new_ticket_for_customer']['mailbody']);

 					// Admin mail
-
 					$newticket->sendMail(-1, 'new_ticket_by_customer_subject', $lng['mails']['new_ticket_by_customer']['subject'], 'new_ticket_by_customer_mailbody', $lng['mails']['new_ticket_by_customer']['mailbody']);
-					redirectTo($filename, Array('page' => $page, 's' => $s));
+					redirectTo($filename, array('page' => $page, 's' => $s));
 				}
-			}
-			else
-			{
+			} else {
 				$categories = '';
-				$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
+				$result_stmt = Database::prepare('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
+					WHERE `adminid` = :adminid
+					ORDER BY `logicalorder`, `name` ASC'
+				);
+				$result = Database::pexecute_first($result_stmt, array("adminid" => $userinfo['adminid']));

-				if(isset($result['name'])
-				   && $result['name'] != '')
-				{
-					$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
+				if (isset($result['name']) && $result['name'] != '') {
+					$result2_stmt = Database::prepare('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
+						WHERE `adminid` = :adminid
+						ORDER BY `logicalorder`, `name` ASC'
+					);
+					Database::pexecute($result2_stmt, array("adminid" => $userinfo['adminid']));

-					while($row = $db->fetch_array($result2))
-					{
+					while ($row = $result2_stmt->fetch(PDO::FETCH_ASSOC)) {
 						$categories.= makeoption($row['name'], $row['id']);
 					}
-				}
-				else
-				{
+				} else {
 					$categories = makeoption($lng['ticket']['no_cat'], '0');
 				}

-				$priorities = makeoption($lng['ticket']['high'], '1', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['normal'], '2', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['low'], '3', $settings['ticket']['default_priority']);
+				$priorities = makeoption($lng['ticket']['high'], '1');
+				$priorities.= makeoption($lng['ticket']['normal'], '2');
+				$priorities.= makeoption($lng['ticket']['low'], '3');
 				$ticketsopen = 0;
-				$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
-                                           WHERE `customerid` = "' . $userinfo['customerid'] . '"
-                                           AND `answerto` = "0"
-                                           AND (`status` = "0" OR `status` = "1" OR `status` = "2")');
+				$opentickets_stmt = Database::prepare('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
+					WHERE `customerid` = :customerid
+					AND `answerto` = "0"
+					AND (`status` = "0" OR `status` = "1" OR `status` = "2")'
+				);
+				$opentickets = Database::pexecute_first($opentickets_stmt, array("customerid" => $userinfo['customerid']));

-				if($settings['ticket']['concurrently_open'] != - 1
-				   && $settings['ticket']['concurrently_open'] != '')
-				{
-					$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => $settings['ticket']['concurrently_open']));
-				}
-				else
-				{
+				if (Settings::Get('ticket.concurrently_open') != -1 && Settings::Get('ticket.concurrently_open') != '') {
+					$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => Settings::Get('ticket.concurrently_open')));
+				} else {
 					$notmorethanxopentickets = '';
 				}

@@ -267,31 +232,21 @@ elseif($page == 'tickets')

 				eval("echo \"" . getTemplate("tickets/tickets_new") . "\";");
 			}
-		}
-		else
-		{
+		} else {
 			standard_error('nomoreticketsavailable');
 		}
-	}
-	elseif($action == 'answer'
-	       && $id != 0)
-	{
-		if(isset($_POST['send'])
-		   && $_POST['send'] == 'send')
-		{
-			$replyticket = ticket::getInstanceOf($userinfo, $db, $settings, -1);
+	} elseif ($action == 'answer' && $id != 0) {
+		if (isset($_POST['send']) && $_POST['send'] == 'send') {
+			$replyticket = ticket::getInstanceOf($userinfo, -1);
 			$replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 			$replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 			$replyticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);

-			if($replyticket->Get('message') == null)
-			{
+			if ($replyticket->Get('message') == null) {
 				standard_error(array('stringisempty', 'mymessage'));
-			}
-			else
-			{
+			} else {
 				$now = time();
-				$replyticket->Set('customerid', (int)$userinfo['customerid'], true, true);
+				$replyticket->Set('customer', (int)$userinfo['customerid'], true, true);
 				$replyticket->Set('lastchange', $now, true, true);
 				$replyticket->Set('ip', $_SERVER['REMOTE_ADDR'], true, true);
 				$replyticket->Set('status', '1', true, true);
@@ -300,11 +255,9 @@ elseif($page == 'tickets')
 				$replyticket->Insert();

 				// Update priority if changed
+				$mainticket = ticket::getInstanceOf($userinfo, (int)$id);

-				$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
-
-				if($replyticket->Get('priority') != $mainticket->Get('priority'))
-				{
+				if ($replyticket->Get('priority') != $mainticket->Get('priority')) {
 					$mainticket->Set('priority', $replyticket->Get('priority'), true);
 				}

@@ -314,70 +267,78 @@ elseif($page == 'tickets')
 				$mainticket->Update();
 				$log->logAction(USR_ACTION, LOG_NOTICE, "answered support-ticket '" . $mainticket->Get('subject') . "'");
 				$mainticket->sendMail(-1, 'new_reply_ticket_by_customer_subject', $lng['mails']['new_reply_ticket_by_customer']['subject'], 'new_reply_ticket_by_customer_mailbody', $lng['mails']['new_reply_ticket_by_customer']['mailbody']);
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			}
-		}
-		else
-		{
+		} else {
 			$ticket_replies = '';
-			$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
 			$status = ticket::getStatusText($lng, $mainticket->Get('status'));

-			if($mainticket->Get('status') >= 0
-			   && $mainticket->Get('status') <= 2)
-			{
+			if ($mainticket->Get('status') >= 0 && $mainticket->Get('status') <= 2) {
 				$isclosed = 0;
-			}
-			else
-			{
+			} else {
 				$isclosed = 1;
 			}

-			if($mainticket->Get('by') == '1')
-			{
+			if ($mainticket->Get('by') == '1') {
 				$by = $lng['ticket']['staff'];
-			}
-			else
-			{
-				$by = $lng['ticket']['customer'];
+			} else {
+				$cid = $mainticket->Get('customer');
+				$usr_stmt = Database::prepare('SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
+					FROM `' . TABLE_PANEL_CUSTOMERS . '`
+					WHERE `customerid` = :customerid '
+				);
+				$usr = Database::pexecute_first($usr_stmt, array("customerid" => $cid));
+				$by = getCorrectFullUserDetails($usr);
 			}

 			$subject = $mainticket->Get('subject');
 			$message = $mainticket->Get('message');
 			eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_main") . "\";");
-			$result = $db->query('SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
-                                WHERE `id`="' . (int)$mainticket->Get('category') . '"');
-			$row = $db->fetch_array($result);
-			$andere = $db->query('SELECT * FROM `' . TABLE_PANEL_TICKETS . '` WHERE `answerto`="' . (int)$id . '" ORDER BY `lastchange` ASC');
+			$result_stmt = Database::prepare('SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
+				WHERE `id`= :id '
+			);
+			$row = Database::pexecute_first($result_stmt, array("id" => $mainticket->Get('category')));

-			while($row2 = $db->fetch_array($andere))
-			{
-				$subticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$row2['id']);
+			$andere_stmt = Database::prepare('SELECT * FROM `' . TABLE_PANEL_TICKETS . '`
+				WHERE `answerto`= :answerto
+				ORDER BY `lastchange` ASC'
+			);
+			Database::pexecute($andere_stmt, array("answerto" => $id));
+			$numrows_andere = Database::num_rows();
+
+			while ($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) {
+				$subticket = ticket::getInstanceOf($userinfo, (int)$row2['id']);
 				$lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange'));

-				if($subticket->Get('by') == '1')
-				{
+				if ($subticket->Get('by') == '1') {
 					$by = $lng['ticket']['staff'];
-				}
-				else
-				{
-					$by = $lng['ticket']['customer'];
+				} else {
+					$cid = $subticket->Get('customer');
+					$usr_stmt = Database::prepare('
+						SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
+						FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						WHERE `customerid` = :customerid '
+					);
+					$usr = Database::pexecute_first($usr_stmt, array("customerid" => $cid));
+					$by = getCorrectFullUserDetails($usr);
 				}

 				$subject = $subticket->Get('subject');
 				$message = $subticket->Get('message');
+				
+				$row2 = htmlentities_array($row2);
 				eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_list") . "\";");
 			}

 			$priorities = makeoption($lng['ticket']['high'], '1', $mainticket->Get('priority'), true, true);
 			$priorities.= makeoption($lng['ticket']['normal'], '2', $mainticket->Get('priority'), true, true);
 			$priorities.= makeoption($lng['ticket']['low'], '3', $mainticket->Get('priority'), true, true);
-			$subject = $mainticket->Get('subject');
-			$ticket_replies_count = $db->num_rows($andere) + 1;
+			$subject = htmlentities($mainticket->Get('subject'));
+			$ticket_replies_count = $numrows_andere + 1;

 			// don't forget the main-ticket!
-
 			$ticket_reply_data = include_once dirname(__FILE__).'/lib/formfields/customer/tickets/formfield.ticket_reply.php';
 			$ticket_reply_form = htmlform::genHTMLForm($ticket_reply_data);

@@ -386,54 +347,41 @@ elseif($page == 'tickets')

 			eval("echo \"" . getTemplate("tickets/tickets_reply") . "\";");
 		}
-	}
-	elseif($action == 'close'
-	       && $id != 0)
-	{
-		if(isset($_POST['send'])
-		   && $_POST['send'] == 'send')
-		{
+	} elseif ($action == 'close' && $id != 0) {
+		if (isset($_POST['send']) && $_POST['send'] == 'send') {
 			$now = time();
-			$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$mainticket->Set('lastchange', $now, true, true);
 			$mainticket->Set('lastreplier', '0', true, true);
 			$mainticket->Set('status', '3', true, true);
 			$mainticket->Update();
 			$log->logAction(USR_ACTION, LOG_NOTICE, "closed support-ticket '" . $mainticket->Get('subject') . "'");
-			redirectTo($filename, Array('page' => $page, 's' => $s));
-		}
-		else
-		{
-			$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+			redirectTo($filename, array('page' => $page, 's' => $s));
+		} else {
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			ask_yesno('ticket_reallyclose', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}
-	}
-	elseif($action == 'reopen'
-	       && $id != 0)
-	{
+	} elseif ($action == 'reopen' && $id != 0) {
 		$ticketsopen = 0;
-		$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
-                                       WHERE `customerid` = "' . $userinfo['customerid'] . '"
-                                       AND `answerto` = "0"
-                                       AND (`status` = "0" OR `status` = "1" OR `status` = "2")');
+		$opentickets_stmt = Database::prepare('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
+			WHERE `customerid` = :customerid
+			AND `answerto` = "0"
+			AND (`status` = "0" OR `status` = "1" OR `status` = "2")'
+		);
+		$opentickets = Database::pexecute_first($opentickets_stmt, array("customerid" => $userinfo['customerid']));
 		$ticketsopen = (int)$opentickets['count'];

-		if($ticketsopen > $settings['ticket']['concurrently_open']
-		   && $settings['ticket']['concurrently_open'] != - 1
-		   && $settings['ticket']['concurrently_open'] != '')
-		{
-			standard_error('notmorethanxopentickets', $settings['ticket']['concurrently_open']);
+		if ($ticketsopen > Settings::Get('ticket.concurrently_open') && Settings::Get('ticket.concurrently_open') != - 1 && Settings::Get('ticket.concurrently_open') != '') {
+			standard_error('notmorethanxopentickets', Settings::Get('ticket.concurrently_open'));
 		}

 		$now = time();
-		$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
+		$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 		$mainticket->Set('lastchange', $now, true, true);
 		$mainticket->Set('lastreplier', '0', true, true);
 		$mainticket->Set('status', '0', true, true);
 		$mainticket->Update();
 		$log->logAction(USR_ACTION, LOG_NOTICE, "reopened support-ticket '" . $mainticket->Get('subject') . "'");
-		redirectTo($filename, Array('page' => $page, 's' => $s));
+		redirectTo($filename, array('page' => $page, 's' => $s));
 	}
 }
-
-?>
--- a/customer_traffic.php
+++ b/customer_traffic.php
@@ -18,183 +18,143 @@
 */

 define('AREA', 'customer');
-
-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
 $intrafficpage = 1;
-require ("./lib/init.php");
+require './lib/init.php';
 $traffic = '';
 $month = null;
 $year = null;

-if(isset($_POST['month'])
-   && isset($_POST['year']))
-{
+if (isset($_POST['month']) && isset($_POST['year'])) {
 	$month = intval($_POST['month']);
 	$year = intval($_POST['year']);
-}
-elseif(isset($_GET['month'])
-       && isset($_GET['year']))
-{
+} elseif (isset($_GET['month']) && isset($_GET['year'])) {
 	$month = intval($_GET['month']);
 	$year = intval($_GET['year']);
 }
-
 //BAM! $_GET???
-
-elseif (isset($_GET['page'])
-       && $_GET['page'] == "current")
-{
-	if(date('d') != '01')
-	{
+elseif (isset($_GET['page']) && $_GET['page'] == 'current') {
+	if (date('d') != '01') {
 		$month = date('m');
 		$year = date('Y');
-	}
-	else
-	{
-		if(date('m') == '01')
-		{
+	} else {
+		if (date('m') == '01') {
 			$month = 12;
 			$year = date('Y') - 1;
-		}
-		else
-		{
+		} else {
 			$month = date('m') - 1;
 			$year = date('Y');
 		}
 	}
 }

-if(!is_null($month)
-   && !is_null($year))
-{
+if (!is_null($month) && !is_null($year)) {
 	$traf['byte'] = 0;
-	$result = $db->query("SELECT
-                                SUM(`http`) as 'http', SUM(`ftp_up`) AS 'ftp_up', SUM(`ftp_down`) as 'ftp_down', SUM(`mail`) as 'mail',
-                                `day`, `month`, `year`
-                             FROM `" . TABLE_PANEL_TRAFFIC . "`
-	                     WHERE `customerid`='" . $userinfo['customerid'] . "'
-	                     AND `month` = '" . $month . "' AND `year` = '" . $year . "'
-	                     GROUP BY `day` ORDER BY `day` ASC");
+	$result_stmt = Database::prepare("SELECT SUM(`http`) as 'http', SUM(`ftp_up`) AS 'ftp_up', SUM(`ftp_down`) as 'ftp_down', SUM(`mail`) as 'mail', `day`, `month`, `year`
+		FROM `" . TABLE_PANEL_TRAFFIC . "`
+		WHERE `customerid`= :customerid
+		AND `month` = :month
+		AND `year` = :year
+		GROUP BY `day`
+		ORDER BY `day` DESC"
+	);
+	$params = array(
+		"customerid" => $userinfo['customerid'],
+		"month" => $month,
+		"year" => $year
+	);
+	Database::pexecute($result_stmt, $params);
 	$traffic_complete['http'] = 0;
 	$traffic_complete['ftp'] = 0;
 	$traffic_complete['mail'] = 0;
 	$show = '';

-	while($row = $db->fetch_array($result))
-	{
+	while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 		$http = $row['http'];
 		$ftp = $row['ftp_up'] + $row['ftp_down'];
 		$mail = $row['mail'];
 		$traf['byte'] = $http + $ftp + $mail;
-		$traffic_complete['http']+= $http;
-		$traffic_complete['ftp']+= $ftp;
-		$traffic_complete['mail']+= $mail;
-		$traf['day'] = $row['day'] . ".";
+		$traffic_complete['http'] += $http;
+		$traffic_complete['ftp'] += $ftp;
+		$traffic_complete['mail'] += $mail;
+		$traf['day'] = $row['day'] . '.';

-		if(extension_loaded('bcmath'))
-		{
-			$traf['ftptext'] = bcdiv($row['ftp_up'], 1024, $settings['panel']['decimal_places']) . " MB up/ " . bcdiv($row['ftp_down'], 1024, $settings['panel']['decimal_places']) . " MB down (FTP)";
-			$traf['httptext'] = bcdiv($http, 1024, $settings['panel']['decimal_places']) . " MB (HTTP)";
-			$traf['mailtext'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']) . " MB (Mail)";
-			$traf['ftp'] = bcdiv($ftp, 1024, $settings['panel']['decimal_places']);
-			$traf['http'] = bcdiv($http, 1024, $settings['panel']['decimal_places']);
-			$traf['mail'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']);
-			$traf['byte'] = bcdiv($traf['byte'], 1024, $settings['panel']['decimal_places']);
-		}
-		else
-		{
-			$traf['ftptext'] = round($row['ftp_up'] / 1024, $settings['panel']['decimal_places']) . " MB up/ " . round($row['ftp_down'] / 1024, $settings['panel']['decimal_places']) . " MB down (FTP)";
-			$traf['httptext'] = round($http / 1024, $settings['panel']['decimal_places']) . " MB (HTTP)";
-			$traf['mailtext'] = round($mail / 1024, $settings['panel']['decimal_places']) . " MB (Mail)";
-			$traf['http'] = round($http, $settings['panel']['decimal_places']);
-			$traf['ftp'] = round($ftp, $settings['panel']['decimal_places']);
-			$traf['mail'] = round($mail, $settings['panel']['decimal_places']);
-			$traf['byte'] = round($traf['byte'] / 1024, $settings['panel']['decimal_places']);
+		if (extension_loaded('bcmath')) {
+			$traf['ftptext'] = bcdiv($row['ftp_up'], 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . bcdiv($row['ftp_down'], 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
+			$traf['httptext'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
+			$traf['mailtext'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
+			$traf['ftp'] = bcdiv($ftp, 1024, Settings::Get('panel.decimal_places'));
+			$traf['http'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places'));
+			$traf['mail'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places'));
+			$traf['byte'] = bcdiv($traf['byte'], 1024, Settings::Get('panel.decimal_places'));
+		} else {
+			$traf['ftptext'] = round($row['ftp_up'] / 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . round($row['ftp_down'] / 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
+			$traf['httptext'] = round($http / 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
+			$traf['mailtext'] = round($mail / 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
+			$traf['http'] = round($http, Settings::Get('panel.decimal_places'));
+			$traf['ftp'] = round($ftp, Settings::Get('panel.decimal_places'));
+			$traf['mail'] = round($mail, Settings::Get('panel.decimal_places'));
+			$traf['byte'] = round($traf['byte'] / 1024, Settings::Get('panel.decimal_places'));
 		}

-		eval("\$traffic.=\"" . getTemplate("traffic/traffic_month") . "\";");
-		$show = $lng['traffic']['months'][intval($row['month'])] . " " . $row['year'];
+		eval("\$traffic.=\"" . getTemplate('traffic/traffic_month') . "\";");
+		$show = $lng['traffic']['months'][intval($row['month'])] . ' ' . $row['year'];
 	}

-	if(extension_loaded('bcmath'))
-	{
-		$traffic_complete['http'] = bcdiv($traffic_complete['http'], 1024, $settings['panel']['decimal_places']);
-		$traffic_complete['ftp'] = bcdiv($traffic_complete['ftp'], 1024, $settings['panel']['decimal_places']);
-		$traffic_complete['mail'] = bcdiv($traffic_complete['mail'], 1024, $settings['panel']['decimal_places']);
-	}
-	else
-	{
-		$traffic_complete['http'] = round($traffic_complete['http'] / 1024, $settings['panel']['decimal_places']);
-		$traffic_complete['ftp'] = round($traffic_complete['ftp'] / 1024, $settings['panel']['decimal_places']);
-		$traffic_complete['mail'] = round($traffic_complete['mail'] / 1024, $settings['panel']['decimal_places']);
-	}
+	$traffic_complete['http'] = size_readable($traffic_complete['http'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
+	$traffic_complete['ftp'] = size_readable($traffic_complete['ftp'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
+	$traffic_complete['mail'] = size_readable($traffic_complete['mail'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');

-	eval("echo \"" . getTemplate("traffic/traffic_details") . "\";");
-}
-else
-{
-	
-	$result = $db->query("SELECT `month`, `year`, SUM(`http`) AS http, SUM(`ftp_up`) AS ftp_up, SUM(`ftp_down`) AS ftp_down, SUM(`mail`) AS mail
-	                     FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE `customerid` = '" . $userinfo['customerid'] . "'
-	                     GROUP BY CONCAT(`year`,`month`) ORDER BY CONCAT(`year`,`month`) DESC LIMIT 12");
+	eval("echo \"" . getTemplate('traffic/traffic_details') . "\";");
+} else {
+	$result_stmt = Database::prepare("SELECT `month`, `year`, SUM(`http`) AS http, SUM(`ftp_up`) AS ftp_up, SUM(`ftp_down`) AS ftp_down, SUM(`mail`) AS mail
+		FROM `" . TABLE_PANEL_TRAFFIC . "`
+		WHERE `customerid` = :customerid
+		GROUP BY CONCAT(`year`,`month`)
+		ORDER BY CONCAT(`year`,`month`) DESC
+		LIMIT 12"
+	);
+	Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
 	$traffic_complete['http'] = 0;
 	$traffic_complete['ftp'] = 0;
 	$traffic_complete['mail'] = 0;

-	while($row = $db->fetch_array($result))
-	{
+	while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 		$http = $row['http'];
 		$ftp_up = $row['ftp_up'];
 		$ftp_down = $row['ftp_down'];
 		$mail = $row['mail'];
-		$traffic_complete['http']+= $http;
-		$traffic_complete['ftp']+= $ftp_up + $ftp_down;
-		$traffic_complete['mail']+= $mail;
+		$traffic_complete['http'] += $http;
+		$traffic_complete['ftp'] += $ftp_up + $ftp_down;
+		$traffic_complete['mail'] += $mail;
 		$traf['month'] = $row['month'];
 		$traf['year'] = $row['year'];
 		$traf['monthname'] = $lng['traffic']['months'][intval($row['month'])] . " " . $row['year'];
 		$traf['byte'] = $http + $ftp_up + $ftp_down + $mail;

-		if(extension_loaded('bcmath'))
-		{
-			$traf['ftptext'] = bcdiv($ftp_up, 1024, $settings['panel']['decimal_places']) . " MB up/ " . bcdiv($ftp_down, 1024, $settings['panel']['decimal_places']) . " MB down (FTP)";
-			$traf['httptext'] = bcdiv($http, 1024, $settings['panel']['decimal_places']) . " MB (HTTP)";
-			$traf['mailtext'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']) . " MB (Mail)";
-			$traf['ftp'] = bcdiv(($ftp_up + $ftp_down), 1024, $settings['panel']['decimal_places']);
-			$traf['http'] = bcdiv($http, 1024, $settings['panel']['decimal_places']);
-			$traf['mail'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']);
-			$traf['byte'] = bcdiv($traf['byte'], 1024 * 1024, $settings['panel']['decimal_places']);
-		}
-		else
-		{
-			$traf['ftptext'] = round($ftp_up / 1024, $settings['panel']['decimal_places']) . " MB up/ " . round($ftp_down / 1024, $settings['panel']['decimal_places']) . " MB down (FTP)";
-			$traf['httptext'] = round($http / 1024, $settings['panel']['decimal_places']) . " MB (HTTP)";
-			$traf['mailtext'] = round($mail / 1024, $settings['panel']['decimal_places']) . " MB (Mail)";
-			$traf['ftp'] = round(($ftp_up + $ftp_down) / 1024, $settings['panel']['decimal_places']);
-			$traf['http'] = round($http / 1024, $settings['panel']['decimal_places']);
-			$traf['mail'] = round($mail / 1024, $settings['panel']['decimal_places']);
-			$traf['byte'] = round($traf['byte'] / (1024 * 1024), $settings['panel']['decimal_places']);
+		if (extension_loaded('bcmath')) {
+			$traf['ftptext'] = bcdiv($ftp_up, 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . bcdiv($ftp_down, 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
+			$traf['httptext'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
+			$traf['mailtext'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
+			$traf['ftp'] = bcdiv(($ftp_up + $ftp_down), 1024, Settings::Get('panel.decimal_places'));
+			$traf['http'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places'));
+			$traf['mail'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places'));
+			$traf['byte'] = bcdiv($traf['byte'], 1024 * 1024, Settings::Get('panel.decimal_places'));
+		} else {
+			$traf['ftptext'] = round($ftp_up / 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . round($ftp_down / 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
+			$traf['httptext'] = round($http / 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
+			$traf['mailtext'] = round($mail / 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
+			$traf['ftp'] = round(($ftp_up + $ftp_down) / 1024, Settings::Get('panel.decimal_places'));
+			$traf['http'] = round($http / 1024, Settings::Get('panel.decimal_places'));
+			$traf['mail'] = round($mail / 1024, Settings::Get('panel.decimal_places'));
+			$traf['byte'] = round($traf['byte'] / (1024 * 1024), Settings::Get('panel.decimal_places'));
 		}

-		eval("\$traffic.=\"" . getTemplate("traffic/traffic_traffic") . "\";");
+		eval("\$traffic.=\"" . getTemplate('traffic/traffic_traffic') . "\";");
 	}

-	if(extension_loaded('bcmath'))
-	{
-		$traffic_complete['http'] = bcdiv($traffic_complete['http'], 1024 * 1024, $settings['panel']['decimal_places']);
-		$traffic_complete['ftp'] = bcdiv($traffic_complete['ftp'], 1024 * 1024, $settings['panel']['decimal_places']);
-		$traffic_complete['mail'] = bcdiv($traffic_complete['mail'], 1024 * 1024, $settings['panel']['decimal_places']);
-	}
-	else
-	{
-		$traffic_complete['http'] = round($traffic_complete['http'] / (1024 * 1024), $settings['panel']['decimal_places']);
-		$traffic_complete['ftp'] = round($traffic_complete['ftp'] / (1024 * 1024), $settings['panel']['decimal_places']);
-		$traffic_complete['mail'] = round($traffic_complete['mail'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	}
+	$traffic_complete['http'] = size_readable($traffic_complete['http'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
+	$traffic_complete['ftp'] = size_readable($traffic_complete['ftp'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
+	$traffic_complete['mail'] = size_readable($traffic_complete['mail'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');

-	eval("echo \"" . getTemplate("traffic/traffic") . "\";");
+	eval("echo \"" . getTemplate('traffic/traffic') . "\";");
 }
-
-?>
--- a/dns_editor.php
+++ b/dns_editor.php
@@ -0,0 +1,306 @@
+<?php
+if (! defined('AREA'))
+	die('You cannot access this file directly!');
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2016 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright (c) the authors
+ * @author Froxlor team <team@froxlor.org> (2016-)
+ * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package Panel
+ *
+ */
+
+// This file is being included in admin_domains and customer_domains
+	// and therefore does not need to require lib/init.php
+
+$domain_id = isset($_GET['domain_id']) ? (int) $_GET['domain_id'] : null;
+
+$record = isset($_POST['record']['record']) ? trim($_POST['record']['record']) : null;
+$type = isset($_POST['record']['type']) ? $_POST['record']['type'] : 'A';
+$prio = isset($_POST['record']['prio']) ? (int) $_POST['record']['prio'] : null;
+$content = isset($_POST['record']['content']) ? trim($_POST['record']['content']) : null;
+$ttl = isset($_POST['record']['ttl']) ? (int) $_POST['record']['ttl'] : 18000;
+
+// get domain-name
+$domain = getAllowedDomainEntry($domain_id, AREA, $userinfo, $idna_convert);
+
+// select all entries
+$sel_stmt = Database::prepare("SELECT * FROM `" . TABLE_DOMAIN_DNS . "` WHERE domain_id = :did");
+Database::pexecute($sel_stmt, array(
+	'did' => $domain_id
+));
+$dom_entries = $sel_stmt->fetchAll(PDO::FETCH_ASSOC);
+
+$errors = array();
+$success_message = "";
+
+// action for adding a new entry
+if ($action == 'add_record' && ! empty($_POST)) {
+
+	// validation
+	if (empty($record)) {
+		$record = "@";
+	}
+
+	$record = strtolower($record);
+
+	if ($record != '@' && $record != '*') {
+		// validate record
+		if (strpos($record, '--') !== false) {
+			$errors[] = $lng['error']['domain_nopunycode'];
+		} else {
+			$record = $idna_convert->encode($record);
+			if ($type != 'SRV' && $type != 'TXT') {
+				$check_dom = $record . '.example.com';
+				if (! validateDomain($check_dom)) {
+					$errors[] = sprintf($lng['error']['subdomainiswrong'], $idna_convert->decode($record));
+				}
+			}
+			if (strlen($record) > 63) {
+				$errors[] = $lng['error']['dns_record_toolong'];
+			}
+		}
+	}
+
+	// TODO regex validate content for invalid characters
+
+	if ($ttl <= 0) {
+		$ttl = 18000;
+	}
+
+	if (empty($content)) {
+		$errors[] = $lng['error']['dns_content_empty'];
+	}
+
+	// types
+	if ($type == 'A' && filter_var($content, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === false) {
+		$errors[] = $lng['error']['dns_arec_noipv4'];
+	} elseif ($type == 'AAAA' && filter_var($content, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false) {
+		$errors[] = $lng['error']['dns_aaaarec_noipv6'];
+	} elseif ($type == 'MX') {
+		if ($prio === null || $prio < 0) {
+			$errors[] = $lng['error']['dns_mx_prioempty'];
+		}
+		// check for trailing dot
+		if (substr($content, - 1) == '.') {
+			// remove it for checks
+			$content = substr($content, 0, - 1);
+		}
+		if (! validateDomain($content)) {
+			$errors[] = $lng['error']['dns_mx_needdom'];
+		} else {
+			// check whether there is a CNAME-record for the same resource
+			foreach ($dom_entries as $existing_entries) {
+				$fqdn = $existing_entries['record'] . '.' . $domain;
+				if ($existing_entries['type'] == 'CNAME' && $fqdn == $content) {
+					$errors[] = $lng['error']['dns_mx_noalias'];
+					break;
+				}
+			}
+		}
+		// append trailing dot (again)
+		$content .= '.';
+	} elseif ($type == 'CNAME') {
+		// check for trailing dot
+		if (substr($content, - 1) == '.') {
+			// remove it for checks
+			$content = substr($content, 0, - 1);
+		}
+		if (! validateDomain($content)) {
+			$errors[] = $lng['error']['dns_cname_invaliddom'];
+		} else {
+			// check whether there are RR-records for the same resource
+			foreach ($dom_entries as $existing_entries) {
+				if (($existing_entries['type'] == 'A' || $existing_entries['type'] == 'AAAA' || $existing_entries['type'] == 'MX' || $existing_entries['type'] == 'NS') && $existing_entries['record'] == $record) {
+					$errors[] = $lng['error']['dns_cname_nomorerr'];
+					break;
+				}
+			}
+		}
+		// append trailing dot (again)
+		$content .= '.';
+	} elseif ($type == 'NS') {
+		// check for trailing dot
+		if (substr($content, - 1) == '.') {
+			// remove it for checks
+			$content = substr($content, 0, - 1);
+		}
+		if (! validateDomain($content)) {
+			$errors[] = $lng['error']['dns_ns_invaliddom'];
+		}
+		// append trailing dot (again)
+		$content .= '.';
+	} elseif ($type == 'TXT' && ! empty($content)) {
+		// check that TXT content is enclosed in " "
+		$content = encloseTXTContent($content);
+	} elseif ($type == 'SRV') {
+		if ($prio === null || $prio < 0) {
+			$errors[] = $lng['error']['dns_srv_prioempty'];
+		}
+		// check only last part of content, as it can look like:
+		// _service._proto.name. TTL class SRV priority weight port target.
+		$_split_content = explode(" ", $content);
+		// SRV content must be [weight] [port] [target]
+		if (count($_split_content) != 3) {
+			$errors[] = $lng['error']['dns_srv_invalidcontent'];
+		}
+		$target = trim($_split_content[count($_split_content) - 1]);
+		if ($target != '.') {
+			// check for trailing dot
+			if (substr($target, - 1) == '.') {
+				// remove it for checks
+				$target = substr($target, 0, - 1);
+			}
+		}
+		if ($target != '.' && ! validateDomain($target)) {
+			$errors[] = $lng['error']['dns_srv_needdom'];
+		} else {
+			// check whether there is a CNAME-record for the same resource
+			foreach ($dom_entries as $existing_entries) {
+				$fqdn = $existing_entries['record'] . '.' . $domain;
+				if ($existing_entries['type'] == 'CNAME' && $fqdn == $target) {
+					$errors[] = $lng['error']['dns_srv_noalias'];
+					break;
+				}
+			}
+		}
+		// append trailing dot (again)
+		if ($target != '.') {
+			$content .= '.';
+		}
+	}
+
+	$new_entry = array(
+		'record' => $record,
+		'type' => $type,
+		'prio' => $prio,
+		'content' => $content,
+		'ttl' => $ttl,
+		'domain_id' => $domain_id
+	);
+	ksort($new_entry);
+
+	// check for duplicate
+	foreach ($dom_entries as $existing_entry) {
+		// compare serialized string of array
+		$check_entry = $existing_entry;
+		// new entry has no ID yet
+		unset($check_entry['id']);
+		// sort by key
+		ksort($check_entry);
+		// format integer fields to real integer (as they are read as string from the DB)
+		$check_entry['prio'] = (int) $check_entry['prio'];
+		$check_entry['ttl'] = (int) $check_entry['ttl'];
+		$check_entry['domain_id'] = (int) $check_entry['domain_id'];
+		// serialize both
+		$check_entry = serialize($check_entry);
+		$new = serialize($new_entry);
+		// compare
+		if ($check_entry === $new) {
+			$errors[] = $lng['error']['dns_duplicate_entry'];
+			unset($check_entry);
+			break;
+		}
+	}
+
+	if (empty($errors)) {
+		$ins_stmt = Database::prepare("
+			INSERT INTO `" . TABLE_DOMAIN_DNS . "` SET
+			`record` = :record,
+			`type` = :type,
+			`prio` = :prio,
+			`content` = :content,
+			`ttl` = :ttl,
+			`domain_id` = :domain_id
+		");
+
+		Database::pexecute($ins_stmt, $new_entry);
+
+		$new_entry_id = Database::lastInsertId();
+
+		// add temporary to the entries-array (no reread of DB necessary)
+		$new_entry['id'] = $new_entry_id;
+		$dom_entries[] = $new_entry;
+
+		// success message (inline)
+		$success_message = $lng['success']['dns_record_added'];
+
+		$record = "";
+		$type = 'A';
+		$prio = "";
+		$content = "";
+		$ttl = "";
+
+		// re-generate bind configs
+		inserttask('4');
+	} else {
+		// show $errors
+		$errors = implode("<br>", $errors);
+	}
+} elseif ($action == 'delete') {
+	// remove entry
+	$entry_id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
+	if ($entry_id > 0) {
+		$del_stmt = Database::prepare("DELETE FROM `" . TABLE_DOMAIN_DNS . "` WHERE `id` = :id");
+		Database::pexecute($del_stmt, array(
+			'id' => $entry_id
+		));
+
+		// remove deleted entry from internal data array (no reread of DB necessary)
+		$_t = $dom_entries;
+		foreach ($_t as $idx => $entry) {
+			if ($entry['id'] == $entry_id) {
+				unset($dom_entries[$idx]);
+				break;
+			}
+		}
+		unset($_t);
+		// success message (inline)
+		$success_message = $lng['success']['dns_record_deleted'];
+
+		// re-generate bind configs
+		inserttask('4');
+	}
+}
+
+// show editor
+$record_list = "";
+$existing_entries = "";
+$type_select = "";
+$entriescount = 0;
+
+if (! empty($dom_entries)) {
+	$entriescount = count($dom_entries);
+	foreach ($dom_entries as $entry) {
+		$entry['content'] = wordwrap($entry['content'], 100, '<br>', true);
+		eval("\$existing_entries.=\"" . getTemplate("dns_editor/entry_bit", true) . "\";");
+	}
+}
+
+// available types
+$type_select_values = array(
+	'A',
+	'AAAA',
+	'NS',
+	'MX',
+	'SRV',
+	'TXT',
+	'CNAME'
+);
+asort($type_select_values);
+foreach ($type_select_values as $_type) {
+	$type_select .= makeoption($_type, $_type, $type);
+}
+
+eval("\$record_list=\"" . getTemplate("dns_editor/list", true) . "\";");
+
+$zone = createDomainZone($domain_id);
+$zonefile = (string) $zone;
+eval("echo \"" . getTemplate("dns_editor/index", true) . "\";");
--- a/index.php
+++ b/index.php
@@ -18,358 +18,417 @@
 */

 define('AREA', 'login');
+require './lib/init.php';

-/**
- * Include our init.php, which manages Sessions, Language etc.
- */
-
-require ("./lib/init.php");
-
-if($action == '')
-{
+if ($action == '') {
 	$action = 'login';
 }

-if($action == 'login')
-{
-	if(isset($_POST['send'])
-	&& $_POST['send'] == 'send')
-	{
+if ($action == 'login') {
+	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$loginname = validate($_POST['loginname'], 'loginname');
 		$password = validate($_POST['password'], 'password');

-		$row = $db->query_first("SELECT `loginname` AS `customer` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `loginname`='" . $db->escape($loginname) . "'");
+		$stmt = Database::prepare("SELECT `loginname` AS `customer` FROM `" . TABLE_PANEL_CUSTOMERS . "`
+			WHERE `loginname`= :loginname"
+		);
+		Database::pexecute($stmt, array("loginname" => $loginname));
+		$row = $stmt->fetch(PDO::FETCH_ASSOC);

-		if($row['customer'] == $loginname)
-		{
+		if ($row['customer'] == $loginname) {
 			$table = "`" . TABLE_PANEL_CUSTOMERS . "`";
 			$uid = 'customerid';
 			$adminsession = '0';
 			$is_admin = false;
-		}
-		else
-		{
-			if((int)$settings['login']['domain_login'] == 1)
-			{
-				/**
-				 * check if the customer tries to login with a domain, #374
-				 */
-				$domainname = $idna_convert->encode(preg_replace(Array('/\:(\d)+$/', '/^https?\:\/\//'), '', $loginname));
-				$row2 = $db->query_first("SELECT `customerid` FROM `".TABLE_PANEL_DOMAINS."` WHERE `domain` = '".$db->escape($domainname)."'");
-	
-				if(isset($row2['customerid']) && $row2['customerid'] > 0)
-				{
+		} else {
+			$is_admin = true;
+			if ((int)Settings::Get('login.domain_login') == 1) {
+				$domainname = $idna_convert->encode(preg_replace(array('/\:(\d)+$/', '/^https?\:\/\//'), '', $loginname));
+				$stmt = Database::prepare("SELECT `customerid` FROM `" . TABLE_PANEL_DOMAINS . "`
+					WHERE `domain` = :domain"
+				);
+				Database::pexecute($stmt, array("domain" => $domainname));
+				$row2 = $stmt->fetch(PDO::FETCH_ASSOC);
+
+				if (isset($row2['customerid']) && $row2['customerid'] > 0) {
 					$loginname = getCustomerDetail($row2['customerid'], 'loginname');
-					
-					if($loginname !== false)
-					{
-						$row3 = $db->query_first("SELECT `loginname` AS `customer` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `loginname`='" . $db->escape($loginname) . "'");
-		
-						if($row3['customer'] == $loginname)
-						{
+					if ($loginname !== false) {
+						$stmt = Database::prepare("SELECT `loginname` AS `customer` FROM `" . TABLE_PANEL_CUSTOMERS . "`
+							WHERE `loginname`= :loginname"
+						);
+						Database::pexecute($stmt, array("loginname" => $loginname));
+						$row3 = $stmt->fetch(PDO::FETCH_ASSOC);
+						if ($row3['customer'] == $loginname) {
 							$table = "`" . TABLE_PANEL_CUSTOMERS . "`";
 							$uid = 'customerid';
 							$adminsession = '0';
 							$is_admin = false;
 						}
 					}
-					else
-					{
-						$is_admin = true;
-					}
 				}
-				else
-				{
-					$is_admin = true;
-				}
-			}
-			else
-			{
-				$is_admin = true;
 			}
 		}

-		if(hasUpdates($version) && $is_admin == false)
-		{
+		if ((hasUpdates($version) || hasDbUpdates($dbversion)) && $is_admin == false) {
 			redirectTo('index.php');
 			exit;
 		}

-		if($is_admin)
-		{
-			if(hasUpdates($version))
-			{
-				$row = $db->query_first("SELECT `loginname` AS `admin` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `loginname`='" . $db->escape($loginname) . "' AND `change_serversettings` = '1'");
-				/*
-				 * not an admin who can see updates
-				 */
-				if(!isset($row['admin']))
-				{
+		if ($is_admin) {
+			if (hasUpdates($version) || hasDbUpdates($dbversion)) {
+				$stmt = Database::prepare("SELECT `loginname` AS `admin` FROM `" . TABLE_PANEL_ADMINS . "`
+					WHERE `loginname`= :loginname
+					AND `change_serversettings` = '1'"
+				);
+				Database::pexecute($stmt, array("loginname" => $loginname));
+				$row = $stmt->fetch(PDO::FETCH_ASSOC);
+				if (!isset($row['admin'])) {
+					// not an admin who can see updates
 					redirectTo('index.php');
 					exit;
 				}
-			}
-			else
-			{
-				$row = $db->query_first("SELECT `loginname` AS `admin` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `loginname`='" . $db->escape($loginname) . "'");
+			} else {
+				$stmt = Database::prepare("SELECT `loginname` AS `admin` FROM `" . TABLE_PANEL_ADMINS . "`
+					WHERE `loginname`= :loginname"
+				);
+				Database::pexecute($stmt, array("loginname" => $loginname));
+				$row = $stmt->fetch(PDO::FETCH_ASSOC);
 			}

-			if($row['admin'] == $loginname)
-			{
+			if ($row['admin'] == $loginname) {
 				$table = "`" . TABLE_PANEL_ADMINS . "`";
 				$uid = 'adminid';
 				$adminsession = '1';
-			}
-			else
-			{
-				redirectTo('index.php', Array('showmessage' => '2'), true);
+			} else {
+				// Log failed login
+				$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => $_SERVER['REMOTE_ADDR']));
+				$rstlog->logAction(LOGIN_ACTION, LOG_WARNING, "Unknown user '" . $loginname . "' tried to login.");
+
+				redirectTo('index.php', array('showmessage' => '2'));
 				exit;
 			}
 		}

-		$userinfo = $db->query_first("SELECT * FROM $table WHERE `loginname`='" . $db->escape($loginname) . "'");
+		$userinfo_stmt = Database::prepare("SELECT * FROM $table
+			WHERE `loginname`= :loginname"
+		);
+		Database::pexecute($userinfo_stmt, array("loginname" => $loginname));
+		$userinfo = $userinfo_stmt->fetch(PDO::FETCH_ASSOC);

-		if($userinfo['loginfail_count'] >= $settings['login']['maxloginattempts']
-		&& $userinfo['lastlogin_fail'] > (time() - $settings['login']['deactivatetime']))
-		{
-			redirectTo('index.php', Array('showmessage' => '3'), true);
+		if ($userinfo['loginfail_count'] >= Settings::Get('login.maxloginattempts') && $userinfo['lastlogin_fail'] > (time() - Settings::Get('login.deactivatetime'))) {
+			redirectTo('index.php', array('showmessage' => '3'));
 			exit;
-		}
-		elseif($userinfo['password'] == md5($password))
-		{
-			// login correct
-			// reset loginfail_counter, set lastlogin_succ
-
-			$db->query("UPDATE $table SET `lastlogin_succ`='" . time() . "', `loginfail_count`='0' WHERE `$uid`='" . (int)$userinfo[$uid] . "'");
-			$userinfo['userid'] = $userinfo[$uid];
-			$userinfo['adminsession'] = $adminsession;
-		}
-		else
-		{
+		} elseif (validatePasswordLogin($userinfo, $password, $table, $uid)) {
+		    // only show "you're banned" if the login was successful
+		    // because we don't want to publish that the user does exist
+		    if ($userinfo['deactivated']) {
+		        unset($userinfo);
+		        redirectTo('index.php', array('showmessage' => '5'));
+		        exit;
+		    } else {
+		        // login correct
+		        // reset loginfail_counter, set lastlogin_succ
+		        $stmt = Database::prepare("UPDATE $table
+		              SET `lastlogin_succ`= :lastlogin_succ, `loginfail_count`='0'
+		              WHERE `$uid`= :uid"
+		        );
+		        Database::pexecute($stmt, array("lastlogin_succ" => time(), "uid" => $userinfo[$uid]));
+		        $userinfo['userid'] = $userinfo[$uid];
+		        $userinfo['adminsession'] = $adminsession;
+		    }
+		} else {
 			// login incorrect
+			$stmt = Database::prepare("UPDATE $table
+				SET `lastlogin_fail`= :lastlogin_fail, `loginfail_count`=`loginfail_count`+1
+				WHERE `$uid`= :uid"
+			);
+			Database::pexecute($stmt, array("lastlogin_fail" => time(), "uid" => $userinfo[$uid]));
+
+			// Log failed login
+			$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => $_SERVER['REMOTE_ADDR']));
+			$rstlog->logAction(LOGIN_ACTION, LOG_WARNING, "User '" . $loginname . "' tried to login with wrong password.");

-			$db->query("UPDATE $table SET `lastlogin_fail`='" . time() . "', `loginfail_count`=`loginfail_count`+1 WHERE `$uid`='" . (int)$userinfo[$uid] . "'");
 			unset($userinfo);
-			redirectTo('index.php', Array('showmessage' => '2'), true);
+			redirectTo('index.php', array('showmessage' => '2'));
 			exit;
 		}

-		if(isset($userinfo['userid'])
-		&& $userinfo['userid'] != '')
-		{
+		if (isset($userinfo['userid']) && $userinfo['userid'] != '') {
 			$s = md5(uniqid(microtime(), 1));

-			if(isset($_POST['language']))
-			{
+			if (isset($_POST['language'])) {
 				$language = validate($_POST['language'], 'language');
-
-				if($language == 'profile')
-				{
+				if ($language == 'profile') {
 					$language = $userinfo['def_language'];
+				} elseif (!isset($languages[$language])) {
+					$language = Settings::Get('panel.standardlanguage');
 				}
-				elseif(!isset($languages[$language]))
-				{
-					$language = $settings['panel']['standardlanguage'];
-				}
-			}
-			else
-			{
-				$language = $settings['panel']['standardlanguage'];
+			} else {
+				$language = Settings::Get('panel.standardlanguage');
 			}

-			if(isset($userinfo['theme']) && $userinfo['theme'] != '') {
+			if (isset($userinfo['theme']) && $userinfo['theme'] != '') {
 				$theme = $userinfo['theme'];
-			}
-			else
-			{
-				$theme = $settings['panel']['default_theme'];
+			} else {
+				$theme = Settings::Get('panel.default_theme');
 			}

-			if($settings['session']['allow_multiple_login'] != '1')
-			{
-				$db->query("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = '" . (int)$userinfo['userid'] . "' AND `adminsession` = '" . $db->escape($userinfo['adminsession']) . "'");
+			if (Settings::Get('session.allow_multiple_login') != '1') {
+				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "`
+					WHERE `userid` = :uid
+					AND `adminsession` = :adminsession"
+				);
+				Database::pexecute($stmt, array("uid" => $userinfo['userid'], "adminsession" => $userinfo['adminsession']));
 			}

 			// check for field 'theme' in session-table, refs #607
-			$fields = mysql_list_fields($db->getDbName(), TABLE_PANEL_SESSIONS);
-			$columns = mysql_num_fields($fields);
-			$field_array = array();
-			for ($i = 0; $i < $columns; $i++) {
-    			$field_array[] = mysql_field_name($fields, $i);
-			}
-
-    		if (!in_array('theme', $field_array)) {
-				$db->query("INSERT INTO `" . TABLE_PANEL_SESSIONS . "` (`hash`, `userid`, `ipaddress`, `useragent`, `lastactivity`, `language`, `adminsession`) VALUES ('" . $db->escape($s) . "', '" . (int)$userinfo['userid'] . "', '" . $db->escape($remote_addr) . "', '" . $db->escape($http_user_agent) . "', '" . time() . "', '" . $db->escape($language) . "', '" . $db->escape($userinfo['adminsession']) . "')");
-    		} else {
-    			$db->query("INSERT INTO `" . TABLE_PANEL_SESSIONS . "` (`hash`, `userid`, `ipaddress`, `useragent`, `lastactivity`, `language`, `adminsession`, `theme`) VALUES ('" . $db->escape($s) . "', '" . (int)$userinfo['userid'] . "', '" . $db->escape($remote_addr) . "', '" . $db->escape($http_user_agent) . "', '" . time() . "', '" . $db->escape($language) . "', '" . $db->escape($userinfo['adminsession']) . "', '" . $db->escape($theme) . "')");
-    		}
-
-			if($userinfo['adminsession'] == '1')
-			{
-				if(hasUpdates($version))
-				{
-					redirectTo('admin_updates.php', Array('s' => $s), true);
-					exit;
-				}
-				else
-				{
-					redirectTo('admin_index.php', Array('s' => $s), true);
-					exit;
+			// Changed with #1287 to new method
+			$theme_field = false;
+			$stmt = Database::query("SHOW COLUMNS FROM panel_sessions LIKE 'theme'");
+			while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
+				if ($row['Field'] == "theme") {
+					$has_theme = true;
 				}
 			}
-			else
-			{
-				redirectTo('customer_index.php', Array('s' => $s), true);
-				exit;
+
+			$params = array(
+				"hash" => $s,
+				"userid" => $userinfo['userid'],
+				"ipaddress" => $remote_addr,
+				"useragent" => $http_user_agent,
+				"lastactivity" => time(),
+				"language" => $language,
+				"adminsession" => $userinfo['adminsession']
+			);
+
+			if ($has_theme) {
+				$params["theme"] = $theme;
+				$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_SESSIONS . "`
+					(`hash`, `userid`, `ipaddress`, `useragent`, `lastactivity`, `language`, `adminsession`, `theme`)
+					VALUES (:hash, :userid, :ipaddress, :useragent, :lastactivity, :language, :adminsession, :theme)"
+				);
+			} else {
+				$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_SESSIONS . "`
+					(`hash`, `userid`, `ipaddress`, `useragent`, `lastactivity`, `language`, `adminsession`)
+					VALUES (:hash, :userid, :ipaddress, :useragent, :lastactivity, :language, :adminsession)"
+				);
 			}
+			Database::pexecute($stmt, $params);
+
+			$qryparams = array();
+			if (isset($_POST['qrystr']) && $_POST['qrystr'] != "") {
+				parse_str(urldecode($_POST['qrystr']), $qryparams);
+			}
+			$qryparams['s'] = $s;
+
+			if ($userinfo['adminsession'] == '1') {
+				if (hasUpdates($version) || hasDbUpdates($dbversion)) {
+					redirectTo('admin_updates.php', array('s' => $s));
+				} else {
+					if (isset($_POST['script']) && $_POST['script'] != "") {
+						if (preg_match("/customer\_/", $_POST['script']) === 1) {
+							redirectTo('admin_customers.php', array("page" => "customers"));
+						} else {
+							redirectTo($_POST['script'], $qryparams);
+						}
+					} else {
+						redirectTo('admin_index.php', $qryparams);
+					}
+				}
+			} else {
+				if (isset($_POST['script']) && $_POST['script'] != "") {
+					redirectTo($_POST['script'], $qryparams);
+				} else {
+					redirectTo('customer_index.php', $qryparams);
+				}
+			}
+		} else {
+			redirectTo('index.php', array('showmessage' => '2'));
 		}
-		else
-		{
-			redirectTo('index.php', Array('showmessage' => '2'), true);
-			exit;
-		}
-	}
-	else
-	{
+		exit;
+	} else {
 		$language_options = '';
-		$language_options.= makeoption($lng['login']['profile_lng'], 'profile', 'profile', true, true);
+		$language_options .= makeoption($lng['login']['profile_lng'], 'profile', 'profile', true, true);

-		while(list($language_file, $language_name) = each($languages))
-		{
-			$language_options.= makeoption($language_name, $language_file, 'profile', true);
+		while (list($language_file, $language_name) = each($languages)) {
+			$language_options .= makeoption($language_name, $language_file, 'profile', true);
 		}

 		$smessage = isset($_GET['showmessage']) ? (int)$_GET['showmessage'] : 0;
 		$message = '';
 		$successmessage = '';

-		switch($smessage)
-		{
-			case 1:
-				$successmessage = $lng['pwdreminder']['success'];
-				break;
-			case 2:
-				$message = $lng['error']['login'];
-				break;
-			case 3:
-				$message = sprintf($lng['error']['login_blocked'],$settings['login']['deactivatetime']);
-				break;
-			case 4:
-				$cmail = isset($_GET['customermail']) ? $_GET['customermail'] : 'unknown';
-				$message = str_replace('%s', $cmail, $lng['error']['errorsendingmail']);
-				break;
-			case 5:
-				$message = $lng['error']['user_banned'];
-				break;
+		switch ($smessage) {
+		case 1:
+			$successmessage = $lng['pwdreminder']['success'];
+			break;
+		case 2:
+			$message = $lng['error']['login'];
+			break;
+		case 3:
+			$message = sprintf($lng['error']['login_blocked'], Settings::Get('login.deactivatetime'));
+			break;
+		case 4:
+			$cmail = isset($_GET['customermail']) ? $_GET['customermail'] : 'unknown';
+			$message = str_replace('%s', $cmail, $lng['error']['errorsendingmail']);
+			break;
+		case 5:
+			$message = $lng['error']['user_banned'];
+			break;
+		case 6:
+			$successmessage = $lng['pwdreminder']['changed'];
+			break;
+		case 7:
+			$message = $lng['pwdreminder']['wrongcode'];
+			break;
+		case 8:
+		    $message = $lng['pwdreminder']['notallowed'];
+		    break;
 		}

 		$update_in_progress = '';
-		if(hasUpdates($version))
-		{
+		if (hasUpdates($version) || hasDbUpdates($dbversion)) {
 			$update_in_progress = $lng['update']['updateinprogress_onlyadmincanlogin'];
 		}
+		
+		// Pass the last used page if needed
+		$lastscript = "";
+		if (isset($_REQUEST['script']) && $_REQUEST['script'] != "") {
+			$lastscript = $_REQUEST['script'];

-		eval("echo \"" . getTemplate("login") . "\";");
+			if (!file_exists(__DIR__."/".$lastscript)) {
+				$lastscript = "";
+			}
+		}
+		$lastqrystr = "";
+		if (isset($_REQUEST['qrystr']) && $_REQUEST['qrystr'] != "") {
+			$lastqrystr = htmlspecialchars($_REQUEST['qrystr'], ENT_QUOTES);
+		}
+
+		eval("echo \"" . getTemplate('login') . "\";");
 	}
 }

-if($action == 'forgotpwd')
-{
+if ($action == 'forgotpwd') {
 	$adminchecked = false;
 	$message = '';

-	if(isset($_POST['send'])
-	&& $_POST['send'] == 'send')
-	{
+	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$loginname = validate($_POST['loginname'], 'loginname');
 		$email = validateEmail($_POST['loginemail'], 'email');
-		$sql = "SELECT `adminid`, `customerid`, `firstname`, `name`, `company`, `email`, `loginname`, `def_language`, `deactivated` FROM `" . TABLE_PANEL_CUSTOMERS . "`
-				WHERE `loginname`='" . $db->escape($loginname) . "'
-				AND `email`='" . $db->escape($email) . "'";
-		$result = $db->query($sql);
+		$result_stmt = Database::prepare("SELECT `adminid`, `customerid`, `firstname`, `name`, `company`, `email`, `loginname`, `def_language`, `deactivated` FROM `" . TABLE_PANEL_CUSTOMERS . "`
+			WHERE `loginname`= :loginname
+			AND `email`= :email"
+		);
+		Database::pexecute($result_stmt, array("loginname" => $loginname, "email" => $email));

-		if($db->num_rows() == 0)
-		{
-			$sql = "SELECT `adminid`, `name`, `email`, `loginname`, `def_language` FROM `" . TABLE_PANEL_ADMINS . "`
-				WHERE `loginname`='" . $db->escape($loginname) . "'
-				AND `email`='" . $db->escape($email) . "'";
-			$result = $db->query($sql);
-				
-			if($db->num_rows() > 0)
-			{
+		if (Database::num_rows() == 0) {
+			$result_stmt = Database::prepare("SELECT `adminid`, `name`, `email`, `loginname`, `def_language`, `deactivated` FROM `" . TABLE_PANEL_ADMINS . "`
+				WHERE `loginname`= :loginname
+				AND `email`= :email"
+			);
+			Database::pexecute($result_stmt, array("loginname" => $loginname, "email" => $email));
+
+			if (Database::num_rows() > 0) {
 				$adminchecked = true;
-			}
-			else
-			{
-				$result = null;
+			} else {
+				$result_stmt = null;
 			}
 		}

-		if($result !== null)
-		{
-			$user = $db->fetch_array($result);
-			
+		if ($result_stmt !== null) {
+			$user = $result_stmt->fetch(PDO::FETCH_ASSOC);
+
 			/* Check whether user is banned */
-			if($user['deactivated'])
-			{
-				$message = $lng['pwdreminder']['notallowed'];
-				redirectTo('index.php', Array('showmessage' => '5'), true);
+			if ($user['deactivated']) {
+				redirectTo('index.php', array('showmessage' => '8'));
+				exit;
 			}

-			if(($adminchecked && $settings['panel']['allow_preset_admin'] == '1')
-			|| $adminchecked == false)
-			{
-				if($user !== false)
-				{
-					if ($settings['panel']['password_min_length'] <= 6) {
-						$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
-					} else {
-						// make it two times larger than password_min_length
-						$rnd = '';
-						$minlength = $settings['panel']['password_min_length'];
-						while (strlen($rnd) < ($minlength * 2))
-						{
-							$rnd .= md5(uniqid(microtime(), 1));
-						}
-						$password = substr($rnd, (int)($minlength / 2), $minlength);
-					}
+			if (($adminchecked && Settings::Get('panel.allow_preset_admin') == '1') || $adminchecked == false) {
+				if ($user !== false) {
+					// build a activation code
+					$timestamp = time();
+					$first = substr(md5($user['loginname'] . $timestamp . randomStr(16)), 0, 15);
+					$third = substr(md5($user['email'] . $timestamp . randomStr(16)), -15);
+					$activationcode = $first . $timestamp . $third . substr(md5($third . $timestamp), 0, 10);

-					if($adminchecked)
-					{
-						$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `password`='" . md5($password) . "'
-								WHERE `loginname`='" . $user['loginname'] . "'
-								AND `email`='" . $user['email'] . "'");
-					}
-					else
-					{
-						$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `password`='" . md5($password) . "'
-								WHERE `loginname`='" . $user['loginname'] . "'
-								AND `email`='" . $user['email'] . "'");
-					}
+					// Drop all existing activation codes for this user
+					$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_ACTIVATION . "`
+						WHERE `userid` = :userid
+						AND `admin` = :admin"
+					);
+					$params = array(
+						"userid" => $adminchecked ? $user['adminid'] : $user['customerid'],
+						"admin" => $adminchecked ? 1 : 0
+					);
+					Database::pexecute($stmt, $params);

-					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $db, $settings);
-					$rstlog->logAction(USR_ACTION, LOG_WARNING, "Password for user '" . $user['loginname'] . "' has been reset!");
+					// Add new activation code to database
+					$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_ACTIVATION . "`
+						(userid, admin, creation, activationcode)
+						VALUES (:userid, :admin, :creation, :activationcode)"
+					);
+					$params = array(
+						"userid" => $adminchecked ? $user['adminid'] : $user['customerid'],
+						"admin" => $adminchecked ? 1 : 0,
+						"creation" => $timestamp,
+						"activationcode" => $activationcode
+					);
+					Database::pexecute($stmt, $params);
+
+					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'));
+					$rstlog->logAction(USR_ACTION, LOG_WARNING, "User '" . $user['loginname'] . "' requested a link for setting a new password.");
+
+					// Set together our activation link
+					$protocol = empty( $_SERVER['HTTPS'] ) ? 'http' : 'https';
+					// this can be a fixed value to avoid potential exploiting by modifying headers
+					$host = Settings::Get('system.hostname'); // $_SERVER['HTTP_HOST'];
+					$port = $_SERVER['SERVER_PORT'] != 80 ? ':' . $_SERVER['SERVER_PORT'] : '';
+					// don't add :443 when https is used, as it is default (and just looks weird!)
+					if ($protocol == 'https' && $_SERVER['SERVER_PORT'] == '443') {
+						$port = '';
+					}
+					// there can be only one script to handle this so we can use a fixed value here
+					$script = "/index.php"; // $_SERVER['SCRIPT_NAME'];
+					if (Settings::Get('system.froxlordirectlyviahostname') == 0) {
+						$script = makeCorrectFile("/".basename(__DIR__)."/".$script);
+					}
+					$activationlink = $protocol . '://' . $host . $port . $script . '?action=resetpwd&resetcode=' . $activationcode;

 					$replace_arr = array(
 						'SALUTATION' => getCorrectUserSalutation($user),
-						'USERNAME' => $user['loginname'],
-						'PASSWORD' => $password
+						'USERNAME' => $loginname,
+						'LINK' => $activationlink
 					);

-					$body = strtr($lng['pwdreminder']['body'], array('%s' => $user['firstname'] . ' ' . $user['name'], '%p' => $password));
+					$def_language = ($user['def_language'] != '') ? $user['def_language'] : Settings::Get('panel.standardlanguage');
+					$result_stmt = Database::prepare('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
+						WHERE `adminid`= :adminid
+						AND `language`= :lang
+						AND `templategroup`=\'mails\'
+						AND `varname`=\'password_reset_subject\''
+					);
+					Database::pexecute($result_stmt, array("adminid" => $user['adminid'], "lang" => $def_language));
+					$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+					$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['password_reset']['subject']), $replace_arr));
+
+					$result_stmt = Database::prepare('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
+						WHERE `adminid`= :adminid
+						AND `language`= :lang
+						AND `templategroup`=\'mails\'
+						AND `varname`=\'password_reset_mailbody\''
+					);
+					Database::pexecute($result_stmt, array("adminid" => $user['adminid'], "lang" => $def_language));
+					$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+					$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['password_reset']['mailbody']), $replace_arr));

-					$def_language = ($user['def_language'] != '') ? $user['def_language'] : $settings['panel']['standardlanguage'];
-					$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$user['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'password_reset_subject\'');
-					$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['pwdreminder']['subject']), $replace_arr));
-					$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$user['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'password_reset_mailbody\'');
-					$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $body), $replace_arr));
-						
 					$_mailerror = false;
 					try {
 						$mail->Subject = $mail_subject;
 						$mail->AltBody = $mail_body;
 						$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
-						$mail->AddAddress($user['email'], $user['firstname'] . ' ' . $user['name']);
+						$mail->AddAddress($user['email'], getCorrectUserSalutation($user));
 						$mail->Send();
 					} catch(phpmailerException $e) {
 						$mailerr_msg = $e->errorMessage();
@@ -380,47 +439,118 @@ if($action == 'forgotpwd')
 					}

 					if ($_mailerror) {
-						$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $db, $settings);
+						$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'));
 						$rstlog->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
-						redirectTo('index.php', Array('showmessage' => '4', 'customermail' => $user['email']), true);
+						redirectTo('index.php', array('showmessage' => '4', 'customermail' => $user['email']));
 						exit;
 					}

 					$mail->ClearAddresses();
-					redirectTo('index.php', Array('showmessage' => '1'), true);
+					redirectTo('index.php', array('showmessage' => '1'));
 					exit;
-				}
-				else
-				{
-					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $db, $settings);
-					$rstlog->logAction(USR_ACTION, LOG_WARNING, "User '" . $loginname . "' tried to reset pwd but wasn't found in database!");
+				} else {
+					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'));
+					$rstlog->logAction(USR_ACTION, LOG_WARNING, "User '" . $loginname . "' requested to set a new password, but was not found in database!");
 					$message = $lng['login']['combination_not_found'];
 				}

 				unset($user);
 			}
-		}
-		else
-		{
+		} else {
 			$message = $lng['login']['usernotfound'];
 		}
 	}

-	if($adminchecked)
-	{
-		if($settings['panel']['allow_preset_admin'] != '1')
-		{
+	if ($adminchecked) {
+		if (Settings::Get('panel.allow_preset_admin') != '1') {
 			$message = $lng['pwdreminder']['notallowed'];
 			unset ($adminchecked);
 		}
-	}
-	else
-	{
-		if($settings['panel']['allow_preset'] != '1')
-		{
+	} else {
+		if (Settings::Get('panel.allow_preset') != '1') {
 			$message = $lng['pwdreminder']['notallowed'];
 		}
 	}

-	eval("echo \"" . getTemplate("fpwd") . "\";");
+	eval("echo \"" . getTemplate('fpwd') . "\";");
+}
+
+if ($action == 'resetpwd') {
+	$message = '';
+
+	// Remove old activation codes
+	$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_ACTIVATION . "`
+		WHERE creation < :oldest"
+	);
+	Database::pexecute($stmt, array("oldest" => time() - 86400));
+
+	if (isset($_GET['resetcode']) && strlen($_GET['resetcode']) == 50) {
+		// Check if activation code is valid
+		$activationcode = $_GET['resetcode'];
+		$timestamp = substr($activationcode, 15, 10);
+		$third = substr($activationcode, 25, 15);
+		$check = substr($activationcode, 40, 10);
+
+		if (substr(md5($third . $timestamp), 0, 10) == $check && $timestamp >= time() - 86400) {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				$stmt = Database::prepare("SELECT `userid`, `admin` FROM `" . TABLE_PANEL_ACTIVATION . "`
+					WHERE `activationcode` = :activationcode"
+				);
+				$result = Database::pexecute_first($stmt, array("activationcode" => $activationcode));
+
+				if ($result !== false) {
+					if ($result['admin'] == 1) {
+						$new_password = validate($_POST['new_password'], 'new password');
+						$new_password_confirm = validate($_POST['new_password_confirm'], 'new password confirm');
+					} else {
+						$new_password = validatePassword($_POST['new_password'], 'new password');
+						$new_password_confirm = validatePassword($_POST['new_password_confirm'], 'new password confirm');
+					}
+
+					if ($new_password == '') {
+						$message = $new_password;
+					} elseif ($new_password_confirm == '') {
+						$message = $new_password_confirm;
+					} elseif ($new_password != $new_password_confirm) {
+						$message = $new_password . " != " . $new_password_confirm;
+					} else {
+						// Update user password
+						if ($result['admin'] == 1) {
+							$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_ADMINS . "`
+								SET `password` = :newpassword
+								WHERE `adminid` = :userid"
+							);
+						} else {
+							$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
+								SET `password` = :newpassword
+								WHERE `customerid` = :userid"
+							);
+						}
+						Database::pexecute($stmt, array("newpassword" => makeCryptPassword($new_password), "userid" => $result['userid']));
+
+						$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'));
+						$rstlog->logAction(USR_ACTION, LOG_NOTICE, "changed password using password reset.");
+
+						// Remove activation code from DB
+						$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_ACTIVATION . "`
+							WHERE `activationcode` = :activationcode
+							AND `userid` = :userid"
+						);
+						Database::pexecute($stmt, array("activationcode" => $activationcode, "userid" => $result['userid']));
+						redirectTo('index.php', array("showmessage" => '6'));
+					}
+				} else {
+					redirectTo('index.php', array("showmessage" => '7'));
+				}
+			}
+
+			eval("echo \"" . getTemplate('rpwd') . "\";");
+
+		} else {
+			redirectTo('index.php', array("showmessage" => '7'));
+		}
+
+	} else {
+		redirectTo('index.php');
+	}
 }
--- a/install/froxlor.sql
+++ b/install/froxlor.sql
@@ -1,3 +1,4 @@
+DROP TABLE IF EXISTS `ftp_groups`;
 CREATE TABLE `ftp_groups` (
  `id` int(20) NOT NULL auto_increment,
  `groupname` varchar(60) NOT NULL default '',
@@ -22,12 +23,13 @@ CREATE TABLE `ftp_users` (
  `shell` varchar(255) NOT NULL default '/bin/false',
  `login_enabled` enum('N','Y') NOT NULL default 'N',
  `login_count` int(15) NOT NULL default '0',
-  `last_login` datetime NOT NULL default '0000-00-00 00:00:00',
+  `last_login` datetime default NULL,
  `up_count` int(15) NOT NULL default '0',
  `up_bytes` bigint(30) NOT NULL default '0',
  `down_count` int(15) NOT NULL default '0',
  `down_bytes` bigint(30) NOT NULL default '0',
  `customerid` int(11) NOT NULL default '0',
+  `description` varchar(255) NOT NULL DEFAULT '',
  PRIMARY KEY  (`id`),
  UNIQUE KEY `username` (`username`),
  KEY `customerid` (`customerid`)
@@ -52,6 +54,7 @@ CREATE TABLE `mail_users` (
  `quota` bigint(13) NOT NULL default '0',
  `pop3` tinyint(1) NOT NULL default '1',
  `imap` tinyint(1) NOT NULL default '1',
+  `mboxsize` bigint(30) NOT NULL default '0',
  PRIMARY KEY  (`id`),
  UNIQUE KEY `email` (`email`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -73,12 +76,22 @@ CREATE TABLE `mail_virtual` (
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;


+DROP TABLE IF EXISTS `panel_activation`;
+CREATE TABLE `panel_activation` (
+  `id` int(11) unsigned NOT NULL auto_increment,
+  `userid` int(11) unsigned NOT NULL default '0',
+  `admin` tinyint(1) unsigned NOT NULL default '0',
+  `creation` int(11) unsigned NOT NULL default '0',
+  `activationcode` varchar(50) default NULL,
+  PRIMARY KEY (id)
+) ENGINE=MyISAM  CHARSET=utf8 COLLATE=utf8_general_ci;
+

 DROP TABLE IF EXISTS `panel_admins`;
 CREATE TABLE `panel_admins` (
  `adminid` int(11) unsigned NOT NULL auto_increment,
  `loginname` varchar(50) NOT NULL default '',
-  `password` varchar(50) NOT NULL default '',
+  `password` varchar(255) NOT NULL default '',
  `name` varchar(255) NOT NULL default '',
  `email` varchar(255) NOT NULL default '',
  `def_language` varchar(255) NOT NULL default '',
@@ -91,7 +104,6 @@ CREATE TABLE `panel_admins` (
  `domains_see_all` tinyint(1) NOT NULL default '0',
  `caneditphpsettings` tinyint(1) NOT NULL default '0',
  `change_serversettings` tinyint(1) NOT NULL default '0',
-  `edit_billingdata` tinyint(1) NOT NULL DEFAULT '0',
  `diskspace` int(15) NOT NULL default '0',
  `diskspace_used` int(15) NOT NULL default '0',
  `mysqls` int(15) NOT NULL default '0',
@@ -118,12 +130,9 @@ CREATE TABLE `panel_admins` (
  `lastlogin_fail` int(11) unsigned NOT NULL default '0',
  `loginfail_count` int(11) unsigned NOT NULL default '0',
  `reportsent` tinyint(4) unsigned NOT NULL default '0',
-  `can_manage_aps_packages` tinyint(1) NOT NULL default '1',
-  `aps_packages` int(5) NOT NULL default '0',
-  `aps_packages_used` int(5) NOT NULL default '0',
-  `email_autoresponder` int(5) NOT NULL default '0',
-  `email_autoresponder_used` int(5) NOT NULL default '0',
-  `theme` varchar(255) NOT NULL default 'Froxlor',
+  `theme` varchar(255) NOT NULL default 'Sparkle',
+  `custom_notes` text,
+  `custom_notes_show` tinyint(1) NOT NULL default '0',
   PRIMARY KEY  (`adminid`),
   UNIQUE KEY `loginname` (`loginname`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -134,7 +143,7 @@ DROP TABLE IF EXISTS `panel_customers`;
 CREATE TABLE `panel_customers` (
  `customerid` int(11) unsigned NOT NULL auto_increment,
  `loginname` varchar(50) NOT NULL default '',
-  `password` varchar(50) NOT NULL default '',
+  `password` varchar(255) NOT NULL default '',
  `adminid` int(11) unsigned NOT NULL default '0',
  `name` varchar(255) NOT NULL default '',
  `firstname` varchar(255) NOT NULL default '',
@@ -181,14 +190,13 @@ CREATE TABLE `panel_customers` (
  `reportsent` tinyint(4) unsigned NOT NULL default '0',
  `pop3` tinyint(1) NOT NULL default '1',
  `imap` tinyint(1) NOT NULL default '1',
-  `aps_packages` int(5) NOT NULL default '0',
-  `aps_packages_used` int(5) NOT NULL default '0',
  `perlenabled` tinyint(1) NOT NULL default '0',
-  `email_autoresponder` int(5) NOT NULL default '0',
-  `email_autoresponder_used` int(5) NOT NULL default '0',
-  `theme` varchar(255) NOT NULL default 'Froxlor',
-  `backup_allowed` TINYINT( 1 ) NOT NULL DEFAULT '1',
-  `backup_enabled` TINYINT( 1 ) NOT NULL DEFAULT '0',
+  `dnsenabled` tinyint(1) NOT NULL default '0',
+  `theme` varchar(255) NOT NULL default 'Sparkle',
+  `custom_notes` text,
+  `custom_notes_show` tinyint(1) NOT NULL default '0',
+  `lepublickey` mediumtext DEFAULT NULL,
+  `leprivatekey` mediumtext DEFAULT NULL,
   PRIMARY KEY  (`customerid`),
   UNIQUE KEY `loginname` (`loginname`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -202,7 +210,6 @@ CREATE TABLE `panel_databases` (
  `databasename` varchar(255) NOT NULL default '',
  `description` varchar(255) NOT NULL default '',
  `dbserver` int(11) unsigned NOT NULL default '0',
-  `apsdb` tinyint(1) NOT NULL default '0',
  PRIMARY KEY  (`id`),
  KEY `customerid` (`customerid`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -217,7 +224,6 @@ CREATE TABLE `panel_domains` (
  `customerid` int(11) unsigned NOT NULL default '0',
  `aliasdomain` int(11) unsigned NULL,
  `documentroot` varchar(255) NOT NULL default '',
-  `ipandport` int(11) unsigned NOT NULL default '1',
  `isbinddomain` tinyint(1) NOT NULL default '0',
  `isemaildomain` tinyint(1) NOT NULL default '0',
  `email_only` tinyint(1) NOT NULL default '0',
@@ -226,26 +232,29 @@ CREATE TABLE `panel_domains` (
  `caneditdomain` tinyint(1) NOT NULL default '1',
  `zonefile` varchar(255) NOT NULL default '',
  `dkim` tinyint(1) NOT NULL default '0',
-  `dkim_id` int(11) unsigned NOT NULL,
-  `dkim_privkey` text NOT NULL,
-  `dkim_pubkey` text NOT NULL,
+  `dkim_id` int(11) unsigned NOT NULL default '0',
+  `dkim_privkey` text,
+  `dkim_pubkey` text,
  `wwwserveralias` tinyint(1) NOT NULL default '1',
-  `parentdomainid` int(11) unsigned NOT NULL default '0',
+  `parentdomainid` int(11) NOT NULL default '0',
  `openbasedir` tinyint(1) NOT NULL default '0',
  `openbasedir_path` tinyint(1) NOT NULL default '0',
  `speciallogfile` tinyint(1) NOT NULL default '0',
-  `ssl` tinyint(4) NOT NULL default '0',
  `ssl_redirect` tinyint(4) NOT NULL default '0',
-  `ssl_ipandport` tinyint(4) NOT NULL default '0',
-  `specialsettings` text NOT NULL,
+  `specialsettings` text,
  `deactivated` tinyint(1) NOT NULL default '0',
  `bindserial` varchar(10) NOT NULL default '2000010100',
  `add_date` int( 11 ) NOT NULL default '0',
  `registration_date` date NOT NULL,
+  `termination_date` date NOT NULL,
  `phpsettingid` INT( 11 ) UNSIGNED NOT NULL DEFAULT '1',
  `mod_fcgid_starter` int(4) default '-1',
  `mod_fcgid_maxrequests` int(4) default '-1',
  `ismainbutsubto` int(11) unsigned NOT NULL default '0',
+  `letsencrypt` tinyint(1) NOT NULL default '0',
+  `hsts` varchar(10) NOT NULL default '0',
+  `hsts_sub` tinyint(1) NOT NULL default '0',
+  `hsts_preload` tinyint(1) NOT NULL default '1',
  PRIMARY KEY  (`id`),
  KEY `customerid` (`customerid`),
  KEY `parentdomain` (`parentdomainid`),
@@ -263,12 +272,12 @@ CREATE TABLE `panel_ipsandports` (
  `namevirtualhost_statement` tinyint(1) NOT NULL default '0',
  `vhostcontainer` tinyint(1) NOT NULL default '0',
  `vhostcontainer_servername_statement` tinyint(1) NOT NULL default '0',
-  `specialsettings` text NOT NULL,
+  `specialsettings` text,
  `ssl` tinyint(4) NOT NULL default '0',
  `ssl_cert_file` varchar(255) NOT NULL,
  `ssl_key_file` varchar(255) NOT NULL,
  `ssl_ca_file` varchar(255) NOT NULL,
-  `default_vhostconf_domain` text NOT NULL,
+  `default_vhostconf_domain` text,
  `ssl_cert_chainfile` varchar(255) NOT NULL,
  `docroot` varchar(255) NOT NULL default '',
  PRIMARY KEY  (`id`)
@@ -333,8 +342,6 @@ CREATE TABLE `panel_settings` (
  PRIMARY KEY  (`settingid`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;

-
-
 INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('catchall', 'catchall_enabled', '1'),
 	('session', 'allow_multiple_login', '0'),
@@ -343,6 +350,8 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('customer', 'ftpprefix', 'ftp'),
 	('customer', 'mysqlprefix', 'sql'),
 	('customer', 'ftpatdomain', '0'),
+	('customer', 'show_news_feed', '0'),
+	('customer', 'news_feed_url', ''),
 	('ticket', 'noreply_email', 'NO-REPLY@SERVERNAME'),
 	('ticket', 'worktime_all', '1'),
 	('ticket', 'worktime_begin', '00:00'),
@@ -364,20 +373,11 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('dkim', 'dkim_domains', 'domains'),
 	('dkim', 'dkim_dkimkeys', 'dkim-keys.conf'),
 	('dkim', 'dkimrestart_command', '/etc/init.d/dkim-filter restart'),
-	('autoresponder', 'autoresponder_active', '0'),
-	('autoresponder', 'last_autoresponder_run', '0'),
+	('admin', 'show_news_feed', '0'),
 	('admin', 'show_version_login', '0'),
 	('admin', 'show_version_footer', '0'),
-	('aps', 'items_per_page', '20'),
-	('aps', 'upload_fields', '5'),
-	('aps', 'aps_active', '0'),
-	('aps', 'php-extension', ''),
-	('aps', 'php-configuration', ''),
-	('aps', 'webserver-htaccess', ''),
-	('aps', 'php-function', ''),
-	('aps', 'webserver-module', ''),
 	('spf', 'use_spf', '0'),
-	('spf', 'spf_entry', '@	IN	TXT	"v=spf1 a mx -all"'),
+	('spf', 'spf_entry', '"v=spf1 a mx -all"'),
 	('dkim', 'dkim_algorithm', 'all'),
 	('dkim', 'dkim_add_adsp', '1'),
 	('dkim', 'dkim_keylength', '1024'),
@@ -413,18 +413,22 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('phpfpm', 'vhost_httpgroup', 'froxlorlocal'),
 	('phpfpm', 'idle_timeout', '30'),
 	('phpfpm', 'aliasconfigdir', '/var/www/php-fpm/'),
+	('phpfpm', 'defaultini', '1'),
+	('phpfpm', 'vhost_defaultini', '2'),
+	('phpfpm', 'fastcgi_ipcdir', '/var/lib/apache2/fastcgi/'),
+	('phpfpm', 'use_mod_proxy', '0'),
 	('nginx', 'fastcgiparams', '/etc/nginx/fastcgi_params'),
 	('system', 'lastaccountnumber', '0'),
 	('system', 'lastguid', '9999'),
 	('system', 'documentroot_prefix', '/var/customers/webs/'),
 	('system', 'logfiles_directory', '/var/customers/logs/'),
 	('system', 'ipaddress', 'SERVERIP'),
-	('system', 'apachereload_command', '/etc/init.d/apache reload'),
+	('system', 'apachereload_command', '/etc/init.d/apache2 reload'),
 	('system', 'last_traffic_run', '000000'),
 	('system', 'vmail_uid', '2000'),
 	('system', 'vmail_gid', '2000'),
 	('system', 'vmail_homedir', '/var/customers/mail/'),
-	('system', 'vmail_maildir', 'Maildir'),
+	('system', 'vmail_maildirname', 'Maildir'),
 	('system', 'bind_enable', '1'),
 	('system', 'bindconf_directory', '/etc/bind/'),
 	('system', 'bindreload_command', '/etc/init.d/bind9 reload'),
@@ -439,16 +443,15 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'nameservers', ''),
 	('system', 'mxservers', ''),
 	('system', 'mod_fcgid', '0'),
-	('system', 'apacheconf_vhost', '/etc/apache/vhosts.conf'),
-	('system', 'apacheconf_diroptions', '/etc/apache/diroptions.conf'),
-	('system', 'apacheconf_htpasswddir', '/etc/apache/htpasswd/'),
+	('system', 'apacheconf_vhost', '/etc/apache2/sites-enabled/'),
+	('system', 'apacheconf_diroptions', '/etc/apache2/sites-enabled/'),
+	('system', 'apacheconf_htpasswddir', '/etc/apache2/htpasswd/'),
 	('system', 'webalizer_quiet', '2'),
 	('system', 'last_archive_run', '000000'),
 	('system', 'mod_fcgid_configdir', '/var/www/php-fcgi-scripts'),
 	('system', 'mod_fcgid_tmpdir', '/var/customers/tmp'),
 	('system', 'ssl_cert_file', '/etc/apache2/apache2.pem'),
 	('system', 'use_ssl', '0'),
-	('system', 'openssl_cnf', '[ req ]\r\ndefault_bits = 1024\r\ndistinguished_name = req_distinguished_name\r\nattributes = req_attributes\r\nprompt = no\r\noutput_password =\r\ninput_password =\r\n[ req_distinguished_name ]\r\nC = DE\r\nST = froxlor\r\nL = froxlor    \r\nO = Testcertificate\r\nOU = froxlor        \r\nCN = @@domain_name@@\r\nemailAddress = @@email@@    \r\n[ req_attributes ]\r\nchallengePassword =\r\n'),
 	('system', 'default_vhostconf', ''),
 	('system', 'mail_quota_enabled', '0'),
 	('system', 'mail_quota', '100'),
@@ -478,38 +481,55 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'report_webmax', '90'),
 	('system', 'report_trafficmax', '90'),
 	('system', 'validate_domain', '1'),
-	('system', 'backup_enabled', '0'),
-	('system', 'backup_dir', '/var/customers/backups/'),
-	('system', 'backup_mysqldump_path', '/usr/bin/mysqldump'),
-	('system', 'backup_count', '1'),
-	('system', 'backup_bigfile', '1'),
-	('system', 'backup_ftp_enabled', '0'),
-	('system', 'backup_ftp_server', ''),
-	('system', 'backup_ftp_user', ''),
-	('system', 'backup_ftp_pass', ''),
-	('system', 'backup_ftp_passive', '1'),
 	('system', 'diskquota_enabled', '0'),
 	('system', 'diskquota_repquota_path', '/usr/sbin/repquota'),
 	('system', 'diskquota_quotatool_path', '/usr/bin/quotatool'),
 	('system', 'diskquota_customer_partition', '/dev/root'),
-	('system', 'logrotate_enabled', '0'),
-	('system', 'logrotate_binary', '/usr/sbin/logrotate'),
-	('system', 'logrotate_interval', 'weekly'),
-	('system', 'logrotate_keep', '4'),
 	('system', 'mod_fcgid_idle_timeout', '30'),
 	('system', 'perl_path', '/usr/bin/perl'),
 	('system', 'mod_fcgid_ownvhost', '0'),
 	('system', 'mod_fcgid_httpuser', 'froxlorlocal'),
 	('system', 'mod_fcgid_httpgroup', 'froxlorlocal'),
 	('system', 'awstats_awstatspath', '/usr/bin/'),
-	('system', 'mod_fcgid_defaultini_ownvhost', '1'),
+	('system', 'mod_fcgid_defaultini_ownvhost', '2'),
 	('system', 'awstats_icons', '/usr/share/awstats/icon/'),
 	('system', 'ssl_cert_chainfile', ''),
+	('system', 'ssl_cipher_list', 'ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128'),
 	('system', 'nginx_php_backend', '127.0.0.1:8888'),
 	('system', 'perl_server', 'unix:/var/run/nginx/cgiwrap-dispatch.sock'),
 	('system', 'phpreload_command', ''),
 	('system', 'apache24', '0'),
 	('system', 'documentroot_use_default_value', '0'),
+	('system', 'passwordcryptfunc', '3'),
+	('system', 'axfrservers', ''),
+	('system', 'customer_ssl_path', '/etc/ssl/froxlor-custom/'),
+	('system', 'allow_error_report_admin', '1'),
+	('system', 'allow_error_report_customer', '0'),
+	('system', 'mdalog', '/var/log/mail.log'),
+	('system', 'mtalog', '/var/log/mail.log'),
+	('system', 'mdaserver', 'dovecot'),
+	('system', 'mtaserver', 'postfix'),
+	('system', 'mailtraffic_enabled', '1'),
+	('system', 'cronconfig', '/etc/cron.d/froxlor'),
+	('system', 'crondreload', '/etc/init.d/cron reload'),
+	('system', 'croncmdline', '/usr/bin/nice -n 5 /usr/bin/php -q'),
+	('system', 'cron_allowautoupdate', '0'),
+	('system', 'dns_createhostnameentry', '0'),
+	('system', 'send_cron_errors', '0'),
+	('system', 'apacheitksupport', '0'),
+	('system', 'leprivatekey', 'unset'),
+	('system', 'lepublickey', 'unset'),
+	('system', 'letsencryptca', 'production'),
+	('system', 'letsencryptcountrycode', 'DE'),
+	('system', 'letsencryptstate', 'Germany'),
+	('system', 'letsencryptchallengepath', '/var/www/froxlor'),
+	('system', 'letsencryptkeysize', '4096'),
+	('system', 'letsencryptreuseold', 0),
+	('system', 'leenabled', '0'),
+	('system', 'backupenabled', '0'),
+	('system', 'dnsenabled', '0'),
+	('system', 'dns_server', 'bind'),
+	('system', 'apacheglobaldiropt', ''),
 	('panel', 'decimal_places', '4'),
 	('panel', 'adminmail', 'admin@SERVERNAME'),
 	('panel', 'phpmyadmin_url', ''),
@@ -524,7 +544,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('panel', 'allow_domain_change_admin', '0'),
 	('panel', 'allow_domain_change_customer', '0'),
 	('panel', 'frontend', 'froxlor'),
-	('panel', 'default_theme', 'Froxlor'),
+	('panel', 'default_theme', 'Sparkle'),
 	('panel', 'password_min_length', '0'),
 	('panel', 'adminmail_defname', 'Froxlor Administrator'),
 	('panel', 'adminmail_return', ''),
@@ -532,20 +552,27 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('panel', 'allow_preset', '1'),
 	('panel', 'allow_preset_admin', '0'),
 	('panel', 'password_regex', ''),
-	('panel', 'use_webfonts', '0'),
-	('panel', 'webfont', 'Numans'),
-	('panel', 'version', '0.9.28');
-
+	('panel', 'phpconfigs_hidestdsubdomain', '0'),
+	('panel', 'allow_theme_change_admin', '1'),
+	('panel', 'allow_theme_change_customer', '1'),
+	('panel', 'password_alpha_lower', '1'),
+	('panel', 'password_alpha_upper', '1'),
+	('panel', 'password_numeric', '0'),
+	('panel', 'password_special_char_required', '0'),
+	('panel', 'password_special_char', '!?<>§$%+#=@'),
+	('panel', 'version', '0.9.37-rc1'),
+	('panel', 'db_version', '201607140');


 DROP TABLE IF EXISTS `panel_tasks`;
 CREATE TABLE `panel_tasks` (
  `id` int(11) unsigned NOT NULL auto_increment,
  `type` int(11) NOT NULL default '0',
-  `data` text NOT NULL,
+  `data` text,
  PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;

+INSERT INTO `panel_tasks` (`type`) VALUES ('99');


 DROP TABLE IF EXISTS `panel_templates`;
@@ -646,21 +673,11 @@ CREATE TABLE `panel_languages` (
 INSERT INTO `panel_languages` (`id`, `language`, `iso`, `file`) VALUES
    (1, 'Deutsch', 'de', 'lng/german.lng.php'),
    (2, 'English', 'en', 'lng/english.lng.php'),
-    (3, 'Français', 'fr', 'lng/french.lng.php'),
-    (4, 'Chinese', 'zh', 'lng/zh-cn.lng.php'),
-    (5, 'Catalan', 'ca', 'lng/catalan.lng.php'),
-    (6, 'Espa&ntilde;ol', 'es', 'lng/spanish.lng.php'),
-    (7, 'Portugu&ecirc;s', 'pt', 'lng/portugues.lng.php'),
-    (8, 'Russian', 'ru', 'lng/russian.lng.php'),
-    (9, 'Danish', 'da', 'lng/danish.lng.php'),
-    (10, 'Italian', 'it', 'lng/italian.lng.php'),
-    (11, 'Bulgarian', 'bg', 'lng/bulgarian.lng.php'),
-    (12, 'Slovak', 'sk', 'lng/slovak.lng.php'),
-    (13, 'Dutch', 'nl', 'lng/dutch.lng.php'),
-    (14, 'Hungarian', 'hu', 'lng/hungarian.lng.php'),
-    (15, 'Swedish', 'sv', 'lng/swedish.lng.php'),
-    (16, 'Czech', 'cz', 'lng/czech.lng.php'),
-    (17, 'Polski', 'pl', 'lng/polish.lng.php');
+    (3, 'Fran&ccedil;ais', 'fr', 'lng/french.lng.php'),
+    (4, 'Portugu&ecirc;s', 'pt', 'lng/portugues.lng.php'),
+    (5, 'Italiano', 'it', 'lng/italian.lng.php'),
+    (6, 'Nederlands', 'nl', 'lng/dutch.lng.php'),
+    (7, 'Svenska', 'sv', 'lng/swedish.lng.php');



@@ -710,23 +727,6 @@ CREATE TABLE IF NOT EXISTS `panel_syslog` (
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;


-
-DROP TABLE IF EXISTS `mail_autoresponder`;
-CREATE TABLE `mail_autoresponder` (
-  `email` varchar(255) NOT NULL default '',
-  `message` text NOT NULL,
-  `enabled` tinyint(1) NOT NULL default '0',
-  `date_from` int(15) NOT NULL default '-1',
-  `date_until` int(15) NOT NULL default '-1',
-  `subject` varchar(255) NOT NULL default '',
-  `customerid` int(11) NOT NULL default '0',
-  PRIMARY KEY  (`email`),
-  KEY `customerid` (`customerid`),
-  FULLTEXT KEY `message` (`message`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
 DROP TABLE IF EXISTS `panel_phpconfigs`;
 CREATE TABLE `panel_phpconfigs` (
  `id` int(11) unsigned NOT NULL auto_increment,
@@ -735,6 +735,10 @@ CREATE TABLE `panel_phpconfigs` (
  `file_extensions` varchar(255) NOT NULL,
  `mod_fcgid_starter` int(4) NOT NULL DEFAULT '-1',
  `mod_fcgid_maxrequests` int(4) NOT NULL DEFAULT '-1',
+  `mod_fcgid_umask` varchar(15) NOT NULL DEFAULT '022',
+  `fpm_slowlog` tinyint(1) NOT NULL default '0',
+  `fpm_reqterm` varchar(15) NOT NULL default '60s',
+  `fpm_reqslow` varchar(15) NOT NULL default '5s',
  `phpsettings` text NOT NULL,
  PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -742,65 +746,8 @@ CREATE TABLE `panel_phpconfigs` (


 INSERT INTO `panel_phpconfigs` (`id`, `description`, `binary`, `file_extensions`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`, `phpsettings`) VALUES
-	(1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n');
-
-
-
-DROP TABLE IF EXISTS `aps_instances`;
-CREATE TABLE IF NOT EXISTS `aps_instances` (
-  `ID` int(4) NOT NULL auto_increment,
-  `CustomerID` int(4) NOT NULL,
-  `PackageID` int(4) NOT NULL,
-  `Status` int(4) NOT NULL,
-  PRIMARY KEY  (`ID`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
-DROP TABLE IF EXISTS `aps_packages`;
-CREATE TABLE IF NOT EXISTS `aps_packages` (
-  `ID` int(4) NOT NULL auto_increment,
-  `Path` varchar(500) NOT NULL,
-  `Name` varchar(500) NOT NULL,
-  `Version` varchar(20) NOT NULL,
-  `Release` int(4) NOT NULL,
-  `Status` int(1) NOT NULL default '1',
-  PRIMARY KEY  (`ID`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
-DROP TABLE IF EXISTS `aps_settings`;
-CREATE TABLE IF NOT EXISTS `aps_settings` (
-  `ID` int(4) NOT NULL auto_increment,
-  `InstanceID` int(4) NOT NULL,
-  `Name` varchar(250) NOT NULL,
-  `Value` varchar(250) NOT NULL,
-  PRIMARY KEY  (`ID`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
-DROP TABLE IF EXISTS `aps_tasks`;
-CREATE TABLE IF NOT EXISTS `aps_tasks` (
-  `ID` int(4) NOT NULL auto_increment,
-  `InstanceID` int(4) NOT NULL,
-  `Task` int(4) NOT NULL,
-  PRIMARY KEY  (`ID`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
-DROP TABLE IF EXISTS `aps_temp_settings`;
-CREATE TABLE IF NOT EXISTS `aps_temp_settings` (
-  `ID` int(4) NOT NULL auto_increment,
-  `PackageID` int(4) NOT NULL,
-  `CustomerID` int(4) NOT NULL,
-  `Name` varchar(250) NOT NULL,
-  `Value` varchar(250) NOT NULL,
-  PRIMARY KEY  (`ID`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
+(1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = "{DOCUMENT_ROOT}"\r\n'),
+(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\nnoutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = ""\r\n');


 DROP TABLE IF EXISTS `cronjobs_run`;
@@ -816,17 +763,15 @@ CREATE TABLE IF NOT EXISTS `cronjobs_run` (
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;


-
 INSERT INTO `cronjobs_run` (`id`, `module`, `cronfile`, `interval`, `isactive`, `desc_lng_key`) VALUES
-	(1, 'froxlor/core', 'cron_tasks.php', '5 MINUTE', '1', 'cron_tasks'),
-	(2, 'froxlor/aps', 'cron_apsinstaller.php', '5 MINUTE', '0', 'cron_apsinstaller'),
-	(3, 'froxlor/autoresponder', 'cron_autoresponder.php', '5 MINUTE', '0', 'cron_autoresponder'),
-	(4, 'froxlor/aps', 'cron_apsupdater.php', '1 HOUR', '0', 'cron_apsupdater'),
-	(5, 'froxlor/core', 'cron_traffic.php', '1 DAY', '1', 'cron_traffic'),
-	(6, 'froxlor/ticket', 'cron_used_tickets_reset.php', '1 DAY', '1', 'cron_ticketsreset'),
-	(7, 'froxlor/ticket', 'cron_ticketarchive.php', '1 MONTH', '1', 'cron_ticketarchive'),
-	(8, 'froxlor/reports', 'cron_usage_report.php', '1 DAY', '1', 'cron_usage_report'),
-	(9, 'froxlor/backup', 'cron_backup.php', '1 DAY', '1', 'cron_backup');
+	(1, 'froxlor/core', 'tasks', '5 MINUTE', '1', 'cron_tasks'),
+	(2, 'froxlor/core', 'traffic', '1 DAY', '1', 'cron_traffic'),
+	(3, 'froxlor/ticket', 'used_tickets_reset', '1 DAY', '1', 'cron_ticketsreset'),
+	(4, 'froxlor/ticket', 'ticketarchive', '1 MONTH', '1', 'cron_ticketarchive'),
+	(5, 'froxlor/reports', 'usage_report', '1 DAY', '1', 'cron_usage_report'),
+	(6, 'froxlor/core', 'mailboxsize', '6 HOUR', '1', 'cron_mailboxsize'),
+	(7, 'froxlor/letsencrypt', 'letsencrypt', '5 MINUTE', '0', 'cron_letsencrypt'),
+	(8, 'froxlor/backup', 'backup', '1 DAY', '1', 'cron_backup');



@@ -893,22 +838,37 @@ CREATE TABLE IF NOT EXISTS `domain_redirect_codes` (
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;


-
-DROP TABLE IF EXISTS `ipsandports_docrootsettings`;
-CREATE TABLE IF NOT EXISTS `ipsandports_docrootsettings` (
+DROP TABLE IF EXISTS `domain_ssl_settings`;
+CREATE TABLE IF NOT EXISTS `domain_ssl_settings` (
  `id` int(5) NOT NULL auto_increment,
-  `fid` int(11) NOT NULL,
-  `docrootsettings` text NOT NULL,
+  `domainid` int(11) NOT NULL,
+  `ssl_cert_file` mediumtext NOT NULL,
+  `ssl_key_file` mediumtext NOT NULL,
+  `ssl_ca_file` mediumtext,
+  `ssl_cert_chainfile` mediumtext,
+  `ssl_csr_file` mediumtext,
+  `expirationdate` datetime DEFAULT NULL,
  PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;


+DROP TABLE IF EXISTS `panel_domaintoip`;
+CREATE TABLE IF NOT EXISTS `panel_domaintoip` (
+  `id_domain` int(11) unsigned NOT NULL,
+  `id_ipandports` int(11) unsigned NOT NULL,
+  PRIMARY KEY (`id_domain`,`id_ipandports`)
+) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;

-DROP TABLE IF EXISTS `domain_docrootsettings`;
-CREATE TABLE IF NOT EXISTS `domain_docrootsettings` (
-  `id` int(5) NOT NULL auto_increment,
-  `fid` int(11) NOT NULL,
-  `docrootsettings` text NOT NULL,
+
+DROP TABLE IF EXISTS `domain_dns_entries`;
+CREATE TABLE `domain_dns_entries` (
+  `id` int(20) NOT NULL auto_increment,
+  `domain_id` int(15) NOT NULL,
+  `record` varchar(255) NOT NULL,
+  `type` varchar(10) NOT NULL DEFAULT 'A',
+  `content` text NOT NULL,
+  `ttl` int(11) NOT NULL DEFAULT '18000',
+  `prio` int(11) DEFAULT NULL,
  PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;

--- a/install/install.php
+++ b/install/install.php
@@ -2,7 +2,6 @@

 /**
 * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
 * Copyright (c) 2010 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
@@ -10,957 +9,14 @@
 * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Install
 *
 */

-/**
- * Most elements are taken from the phpBB (www.phpbb.com)
- * installer, (c) 1999 - 2004 phpBB Group.
- */
+require 'lib/class.FroxlorInstall.php';

-// ensure that default timezone is set
-if(function_exists("date_default_timezone_set") && function_exists("date_default_timezone_get"))
-{
-	@date_default_timezone_set(@date_default_timezone_get());
-}
-
-if(file_exists('../lib/userdata.inc.php'))
-{
-	/**
-	 * Includes the Usersettings eg. MySQL-Username/Passwort etc. to test if Froxlor is already installed
-	 */
-
-	require ('../lib/userdata.inc.php');
-
-	if(isset($sql)
-	   && is_array($sql)
-	) {
-		$installed_hint = file_get_contents('../templates/Froxlor/misc/alreadyinstalledhint.tpl');
-		die($installed_hint);
-	}
-}
-
-/**
- * Include the functions
- */
-
-require ('../lib/functions.php');
-
-/**
- * Include the MySQL-Table-Definitions
- */
-
-require ('../lib/tables.inc.php');
-
-/**
- * Language Managament
- */
-
-$languages = Array(
-	'german' => 'Deutsch',
-	'english' => 'English',
-	'french' => 'Francais'
-);
-$standardlanguage = 'english';
-
-if(isset($_GET['language'])
-   && isset($languages[$_GET['language']]))
-{
-	$language = $_GET['language'];
-}
-elseif(isset($_POST['language'])
-       && isset($languages[$_POST['language']]))
-{
-	$language = $_POST['language'];
-}
-else
-{
-	$language = $standardlanguage;
-}
-
-if(file_exists('./lng/' . $language . '.lng.php'))
-{
-	/**
-	 * Includes file /lng/$language.lng.php if it exists
-	 */
-
-	require ('./lng/' . $language . '.lng.php');
-}
-
-/**
- * BEGIN FUNCTIONS -----------------------------------------------
- */
-
-function page_header() {
-?>
-<!DOCTYPE html>
-<html lang="en">
-<head>
-	<meta charset="utf-8" />
-	<meta http-equiv="Default-Style" content="text/css" />
-	<link rel="stylesheet" href="../templates/Froxlor/assets/css/main.css"  />
-	<!--[if IE]><link rel="stylesheet" href="../templates/Froxlor/assets/css/main_ie.css"  /><![endif]-->
-	<!--[if lt IE 9]><script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script><![endif]-->
-	<script type="text/javascript" src="../js/jquery.min.js"></script>
-	<script type="text/javascript" src="../templates/Froxlor/assets/js/main.js"></script>
-	<link href="../templates/Froxlor/assets/img/favicon.ico" rel="icon" type="image/x-icon" />
-	<title>Froxlor Server Management Panel - Installation</title>
-	<style>
-	body {
-        font-family: Verdana, Geneva, sans-serif;
-	}
-	input {
-		background: #dae7ee url('../templates/Froxlor/assets/img/icons/text_align_left.png') no-repeat 5px 4px;
-	}
-	input[type="password"] {
-		background: #dae7ee url('../templates/Froxlor/assets/img/icons/password.png') no-repeat 4px 4px;
-	}
-	input[type="submit"] {
-		background: #ccc url('../templates/Froxlor/assets/img/icons/button_ok.png') no-repeat 4px 8px;
-	}
-	</style>
-</head>
-<body>
-<div class="loginpage">
-<?php
-}
-
-function page_footer() {
-?>
-</div>
-<footer>
-	<span>
-		Froxlor &copy; 2009-<?php echo date('Y', time()); ?> by <a href="http://www.froxlor.org/" rel="external">the Froxlor Team</a>
-	</span>
-</footer>
-</body>
-</html>
-<?php
-}
-
-function status_message($case, $text)
-{
-	if($case == 'begin')
-	{
-		echo '<tr><td>'.$text;
-	}
-	else
-	{
-		echo '</td><td class="installstatus">
-			<span style="color:'.$case.';">'.$text.'</span>
-		</td></tr>';
-	}
-}
-
-function requirement_checks() {
-
-	global $lng, $theme;
-	page_header();
-
-?>
-	<article class="install bradius">
-		<header class="dark">
-			<img src="../templates/Froxlor/assets/img/logo.png" alt="Froxlor Server Management Panel" />
-		</header>
-
-		<section class="installsec">
-			<h2>Requirements</h2>
-			<table class="noborder">
-<?php
-	$_die = false;
-	
-	// check for correct php version
-	status_message('begin', $lng['install']['phpversion']);
-
-	if(version_compare("5.2.0", PHP_VERSION, ">="))
-	{
-		status_message('red', $lng['install']['notinstalled']);
-		$_die = true;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	// Check if magic_quotes_runtime is active
-	status_message('begin', $lng['install']['phpmagic_quotes_runtime']);	 
-	if(get_magic_quotes_runtime())
-	{
-	    // Deactivate
-	    set_magic_quotes_runtime(false);
-	    status_message('orange', $lng['install']['active'] . '<br />' . $lng['install']['phpmagic_quotes_runtime_description']);
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	// check for mysql-extension
-	status_message('begin', $lng['install']['phpmysql']);
-
-	if(!extension_loaded('mysql') && !extension_loaded('mysqlnd'))
-	{
-		status_message('red', $lng['install']['notinstalled']);
-		$_die = true;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	// check for xml-extension
-	status_message('begin', $lng['install']['phpxml']);
-	
-	if(!extension_loaded('xml'))
-	{
-		status_message('red', $lng['install']['notinstalled']);
-		$_die = true;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	// check for filter-extension
-	status_message('begin', $lng['install']['phpfilter']);
-
-	if(!extension_loaded('filter'))
-	{
-		status_message('red', $lng['install']['notinstalled']);
-		$_die = true;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	// check for posix-extension
-	status_message('begin', $lng['install']['phpposix']);	
-
-	if(!extension_loaded('posix'))
-	{
-		status_message('red', $lng['install']['notinstalled']);
-		$_die = true;
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	// check for bcmath extension
-	status_message('begin', $lng['install']['phpbcmath']);
-
-	if(!extension_loaded('bcmath'))
-	{
-		status_message('orange', $lng['install']['notinstalled'] . '<br />' . $lng['install']['bcmathdescription']);
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	// check for open_basedir
-	status_message('begin', $lng['install']['openbasedir']);
-	$php_ob = @ini_get("open_basedir");
-
-	if(!empty($php_ob)
-	   && $php_ob != '')
-	{
-		status_message('orange', $lng['install']['openbasedirenabled']);
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-?>
-		</table>
-<?php
-	if($_die)
-	{
-?>
-		<p style="padding-left:15px;">
-			<strong><?php echo $lng['install']['diedbecauseofrequirements']; ?></strong>
-		</p>
-		<p class="submit">
-			<a href="install.php"><?php echo $lng['install']['click_here_to_refresh']; ?></a>
-		</p>
-<?php 
-	} else {
-?>
-		<p style="padding-left:15px;">
-			<strong><?php echo $lng['install']['froxlor_succ_checks']; ?></strong>
-		</p>
-		<p class="submit">
-			<a href="install.php?check=1"><?php echo $lng['install']['click_here_to_continue']; ?></a>
-		</p>
-<?php
-	}
-?>
-		</section>
-	</article>
-<?php 
-	page_footer();
-}
-
-/**
- * END FUNCTIONS ---------------------------------------------------
- */
-
-/**
- * BEGIN VARIABLES ---------------------------------------------------
- */
-
-//guess Servername
-
-if(!empty($_POST['servername']))
-{
-	$servername = $_POST['servername'];
-}
-else
-{
-	if(!empty($_SERVER['SERVER_NAME']))
-	{
-		if(preg_match('/^[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$/', $_SERVER['SERVER_NAME']) == false)
-		{
-			$servername = $_SERVER['SERVER_NAME'];
-		}
-		else
-		{
-			$servername = '';
-		}
-	}
-	else
-	{
-		$servername = '';
-	}
-}
-
-//guess serverip
-
-if(!empty($_POST['serverip']))
-{
-	$serverip = $_POST['serverip'];
-}
-else
-{
-	if(!empty($_SERVER['SERVER_ADDR']))
-	{
-		$serverip = $_SERVER['SERVER_ADDR'];
-	}
-	else
-	{
-		$serverip = '';
-	}
-}
-
-if(!empty($_POST['mysql_host']))
-{
-	$mysql_host = $_POST['mysql_host'];
-}
-else
-{
-	$mysql_host = '127.0.0.1';
-}
-
-if(!empty($_POST['mysql_database']))
-{
-	$mysql_database = $_POST['mysql_database'];
-}
-else
-{
-	$mysql_database = 'froxlor';
-}
-
-if(!empty($_POST['mysql_unpriv_user']))
-{
-	$mysql_unpriv_user = $_POST['mysql_unpriv_user'];
-}
-else
-{
-	$mysql_unpriv_user = 'froxlor';
-}
-
-if(!empty($_POST['mysql_unpriv_pass']))
-{
-	$mysql_unpriv_pass = $_POST['mysql_unpriv_pass'];
-}
-else
-{
-	$mysql_unpriv_pass = '';
-}
-
-if(!empty($_POST['mysql_root_user']))
-{
-	$mysql_root_user = $_POST['mysql_root_user'];
-}
-else
-{
-	$mysql_root_user = 'root';
-}
-
-if(!empty($_POST['mysql_root_pass']))
-{
-	$mysql_root_pass = $_POST['mysql_root_pass'];
-}
-else
-{
-	$mysql_root_pass = '';
-}
-
-if(!empty($_POST['admin_user']))
-{
-	$admin_user = $_POST['admin_user'];
-}
-else
-{
-	$admin_user = 'admin';
-}
-
-if(!empty($_POST['admin_pass1']))
-{
-	$admin_pass1 = $_POST['admin_pass1'];
-}
-else
-{
-	$admin_pass1 = '';
-}
-
-if(!empty($_POST['admin_pass2']))
-{
-	$admin_pass2 = $_POST['admin_pass2'];
-}
-else
-{
-	$admin_pass2 = '';
-}
-
-if($mysql_host == 'localhost'
-   || $mysql_host == '127.0.0.1')
-{
-	$mysql_access_host = $mysql_host;
-}
-else
-{
-	$mysql_access_host = $serverip;
-}
-
-// gues http software
-
-if(!empty($_POST['webserver']))
-{
-	$webserver = $_POST['webserver'];
-}
-else
-{
-	if(strtoupper(@php_sapi_name()) == "APACHE2HANDLER"
-	   || stristr($_SERVER['SERVER_SOFTWARE'], "apache/2"))
-	{
-		$webserver = 'apache2';
-	}
-	elseif(substr(strtoupper(@php_sapi_name()), 0, 8) == "LIGHTTPD"
-	       || stristr($_SERVER['SERVER_SOFTWARE'], "lighttpd"))
-	{
-		$webserver = 'lighttpd';
-	}
-    elseif(substr(strtoupper(@php_sapi_name()), 0, 8) == "NGINX"
-	       || stristr($_SERVER['SERVER_SOFTWARE'], "nginx"))
-	{
-		$webserver = 'nginx';
-	}
-	else
-	{
-		// we don't need to bail out, since unknown does not affect any critical installation routines
-
-		$webserver = 'unknown';
-	}
-}
-
-if(!empty($_POST['httpuser']))
-{
-	$httpuser = $_POST['httpuser'];
-}
-else
-{
-	$httpuser = '';
-}
-
-if(!empty($_POST['httpgroup']))
-{
-	$httpgroup = $_POST['httpgroup'];
-}
-else
-{
-	$httpgroup = '';
-}
-
-/**
- * END VARIABLES ---------------------------------------------------
- */
-
-/**
- * BEGIN INSTALL ---------------------------------------------------
- */
-
-if(isset($_POST['installstep'])
-   && $_POST['installstep'] == '1'
-   && $admin_pass1 == $admin_pass2
-   && $admin_pass1 != ''
-   && $admin_pass2 != ''
-   && $mysql_unpriv_pass != ''
-   && $mysql_root_pass != ''
-   && $servername != ''
-   && $serverip != ''
-   && $httpuser != ''
-   && $httpgroup != ''
-   && $mysql_unpriv_user != $mysql_root_user)
-{
-	page_header();
-
-?>
-	<article class="install bradius">
-		<header class="dark">
-			<img src="../templates/Froxlor/assets/img/logo.png" alt="Froxlor Server Management Panel" />
-		</header>
-
-		<section class="installsec">
-			<h2>Installation</h2>
-			<table class="noborder">
-<?php
-
-	//first test if we can access the database server with the given root user and password
-
-	status_message('begin', $lng['install']['testing_mysql']);
-	$db_root = new db($mysql_host, $mysql_root_user, $mysql_root_pass, '');
-
-	//ok, if we are here, the database class is build up (otherwise it would have already die'd this script)
-
-	status_message('green', 'OK');
-
-	//first we make a backup of the old DB if it exists
-
-	status_message('begin', $lng['install']['backup_old_db']);
-	$tables_exist = false;
-
-	$sql = "SHOW TABLES FROM $mysql_database";
-	$result = mysql_query($sql);
-
-	// check the first row
-	if($result !== false)
-	{
-		$row = mysql_num_rows($result);
-	
-		if($row > 0)
-		{
-			$tables_exist = true;
-		}
-	}
-
-	if($tables_exist)
-	{
-		$filename = "/tmp/froxlor_backup_" . date('YmdHi') . ".sql";
-
-		if(is_file("/usr/bin/mysqldump"))
-		{
-			$do_backup = true;
-			$mysql_dump = '/usr/bin/mysqldump';
-		}
-		elseif(is_file("/usr/local/bin/mysqldump"))
-		{
-			$do_backup = true;
-			$mysql_dump = '/usr/local/bin/mysqldump';
-		}
-		else
-		{
-			$do_backup = false;
-			status_message('red', $lng['install']['backing_up_binary_missing']);
-		}
-		
-		if($do_backup) {
-			
-			$command = $mysql_dump . " " . $mysql_database . " -u " . $mysql_root_user . " --password='" . $mysql_root_pass . "' --result-file=" . $filename;
-			$output = exec($command);
-
-			if(stristr($output, "error"))
-			{
-				status_message('red', $lng['install']['backing_up_failed']);
-			}
-			else
-			{
-				status_message('green', 'OK');
-			}
-
-		}
-	}
-
-	//so first we have to delete the database and the user given for the unpriv-user if they exit
-
-	status_message('begin', $lng['install']['erasing_old_db']);
-	$db_root->query("DELETE FROM `mysql`.`user` WHERE `User` = '" . $db_root->escape($mysql_unpriv_user) . "' AND `Host` = '" . $db_root->escape($mysql_access_host) . "'");
-	$db_root->query("DELETE FROM `mysql`.`db` WHERE `User` = '" . $db_root->escape($mysql_unpriv_user) . "' AND `Host` = '" . $db_root->escape($mysql_access_host) . "'");
-	$db_root->query("DELETE FROM `mysql`.`tables_priv` WHERE `User` = '" . $db_root->escape($mysql_unpriv_user) . "' AND `Host` = '" . $db_root->escape($mysql_access_host) . "'");
-	$db_root->query("DELETE FROM `mysql`.`columns_priv` WHERE `User` = '" . $db_root->escape($mysql_unpriv_user) . "' AND `Host` = '" . $db_root->escape($mysql_access_host) . "'");
-	$db_root->query("DROP DATABASE IF EXISTS `" . $db_root->escape(str_replace('`', '', $mysql_database)) . "` ;");
-	$db_root->query("FLUSH PRIVILEGES;");
-	status_message('green', 'OK');
-
-	//then we have to create a new user and database for the froxlor unprivileged mysql access
-
-	status_message('begin', $lng['install']['create_mysqluser_and_db']);
-	$db_root->query("CREATE DATABASE `" . $db_root->escape(str_replace('`', '', $mysql_database)) . "`");
-	$mysql_access_host_array = array_map('trim', explode(',', $mysql_access_host));
-
-	if(in_array('127.0.0.1', $mysql_access_host_array)
-	   && !in_array('localhost', $mysql_access_host_array))
-	{
-		$mysql_access_host_array[] = 'localhost';
-	}
-
-	if(!in_array('127.0.0.1', $mysql_access_host_array)
-	   && in_array('localhost', $mysql_access_host_array))
-	{
-		$mysql_access_host_array[] = '127.0.0.1';
-	}
-
-	$mysql_access_host_array[] = $serverip;
-	foreach($mysql_access_host_array as $mysql_access_host)
-	{
-		$db_root->query("GRANT ALL PRIVILEGES ON `" . $db_root->escape(str_replace('`', '', $mysql_database)) . "`.* TO '" . $db_root->escape($mysql_unpriv_user) . "'@'" . $db_root->escape($mysql_access_host) . "' IDENTIFIED BY 'password'");
-		$db_root->query("SET PASSWORD FOR '" . $db_root->escape($mysql_unpriv_user) . "'@'" . $db_root->escape($mysql_access_host) . "' = PASSWORD('" . $db_root->escape($mysql_unpriv_pass) . "')");
-	}
-
-	$db_root->query("FLUSH PRIVILEGES;");
-	$mysql_access_host = implode(',', $mysql_access_host_array);
-	status_message('green', 'OK');
-
-	//now a new database and the new froxlor-unprivileged-mysql-account have been created and we can fill it now with the data.
-
-	status_message('begin', $lng['install']['testing_new_db']);
-	$db = new db($mysql_host, $mysql_unpriv_user, $mysql_unpriv_pass, $mysql_database);
-	status_message('green', 'OK');
-	status_message('begin', $lng['install']['importing_data']);
-	$db_schema = './froxlor.sql';
-	$sql_query = @file_get_contents($db_schema, 'r');
-	$sql_query = remove_remarks($sql_query);
-	$sql_query = split_sql_file($sql_query, ';');
-	for ($i = 0;$i < sizeof($sql_query);$i++)
-	{
-		if(trim($sql_query[$i]) != '')
-		{
-			$result = $db->query($sql_query[$i]);
-		}
-	}
-
-	status_message('green', 'OK');
-	status_message('begin', 'System Servername...');
-
-	if(validate_ip($_SERVER['SERVER_NAME'], true) !== false)
-	{
-		status_message('red', $lng['install']['servername_should_be_fqdn']);
-	}
-	else
-	{
-		status_message('green', 'OK');
-	}
-
-	//now let's change the settings in our settings-table
-
-	status_message('begin', $lng['install']['changing_data']);
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = 'admin@" . $db->escape($servername) . "' WHERE `settinggroup` = 'panel' AND `varname` = 'adminmail'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($serverip) . "' WHERE `settinggroup` = 'system' AND `varname` = 'ipaddress'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($servername) . "' WHERE `settinggroup` = 'system' AND `varname` = 'hostname'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($version) . "' WHERE `settinggroup` = 'panel' AND `varname` = 'version'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($languages[$language]) . "' WHERE `settinggroup` = 'panel' AND `varname` = 'standardlanguage'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($mysql_access_host) . "' WHERE `settinggroup` = 'system' AND `varname` = 'mysql_access_host'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($webserver) . "' WHERE `settinggroup` = 'system' AND `varname` = 'webserver'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($httpuser) . "' WHERE `settinggroup` = 'system' AND `varname` = 'httpuser'");
-	$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($httpgroup) . "' WHERE `settinggroup` = 'system' AND `varname` = 'httpgroup'");
-
-	if($webserver == "apache2")
-	{
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/apache2/sites-enabled/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_vhost'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/apache2/sites-enabled/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_diroptions'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/apache2/froxlor-htpasswd/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_htpasswddir'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/init.d/apache2 reload' WHERE `settinggroup` = 'system' AND `varname` = 'apachereload_command'");
-	}
-	elseif($webserver == "lighttpd")
-	{
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/lighttpd/conf-enabled/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_vhost'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/lighttpd/froxlor-diroptions/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_diroptions'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/lighttpd/froxlor-htpasswd/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_htpasswddir'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/init.d/lighttpd reload' WHERE `settinggroup` = 'system' AND `varname` = 'apachereload_command'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/lighttpd/lighttpd.pem' WHERE `settinggroup` = 'system' AND `varname` = 'ssl_cert_file'");
-	}
-	elseif($webserver == "nginx")
-	{
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/nginx/sites-enabled/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_vhost'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/nginx/sites-enabled/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_diroptions'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/nginx/froxlor-htpasswd/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_htpasswddir'");
-		$db->query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/init.d/nginx reload' WHERE `settinggroup` = 'system' AND `varname` = 'apachereload_command'");
-	}
-
-	// insert the lastcronrun to be the installation date
-	$query = 'UPDATE `%s` SET `value` = UNIX_TIMESTAMP() WHERE `settinggroup` = \'system\'  AND `varname` = \'lastcronrun\'';
-	$query = sprintf($query, TABLE_PANEL_SETTINGS);
-	$db->query($query);
-
-	// set specific times for some crons (traffic only at night, etc.)
-	$ts = mktime(0, 0, 0, date('m', time()), date('d', time()), date('Y', time()));
-	$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_traffic.php';");
-	$ts = mktime(1, 0, 0, date('m', time()), date('d', time()), date('Y', time()));
-	$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_used_tickets_reset.php';");
-	$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_ticketarchive.php';");
-
-	// and lets insert the default ip and port
-	$query = "INSERT INTO `".TABLE_PANEL_IPSANDPORTS."` 
-			 SET `ip`= '".$db->escape($serverip)."', 
-			 `port` = '80',
-			 `namevirtualhost_statement` = '1',
-			 `vhostcontainer` = '1', 
-			 `vhostcontainer_servername_statement` = '1'";
-	$db->query($query);
-	$defaultip = $db->insert_id();
-
-	// insert the defaultip
-	$query = 'UPDATE `%s` SET `value` = \'%s\' WHERE `settinggroup` = \'system\'  AND `varname` = \'defaultip\'';
-	$query = sprintf($query, TABLE_PANEL_SETTINGS, $db->escape($defaultip));
-	$db->query($query);
-	status_message('green', 'OK');
-
-	//last but not least create the main admin
-	status_message('begin', $lng['install']['adding_admin_user']);
-	$db->query("INSERT INTO `" . TABLE_PANEL_ADMINS . "` SET
-		`loginname` = '" . $db->escape($admin_user) . "',
-		`password` = '" . md5($admin_pass1) . "',
-		`name` = 'Siteadmin',
-		`email` = 'admin@" . $db->escape($servername) . "',
-		`def_language` = '". $db->escape($languages[$language]) . "',
-		`customers` = -1,
-		`customers_used` = 0,
-		`customers_see_all` = 1,
-		`caneditphpsettings` = 1,
-		`domains` = -1,
-		`domains_used` = 0,
-		`domains_see_all` = 1,
-		`change_serversettings` = 1,
-		`diskspace` = -1024,
-		`diskspace_used` = 0,
-		`mysqls` = -1,
-		`mysqls_used` = 0,
-		`emails` = -1,
-		`emails_used` = 0,
-		`email_accounts` = -1,
-		`email_accounts_used` = 0,
-		`email_forwarders` = -1,
-		`email_forwarders_used` = 0,
-		`email_quota` = -1,
-		`email_quota_used` = 0,
-		`ftps` = -1,
-		`ftps_used` = 0,
-		`tickets` = -1,
-		`tickets_used` = 0,
-		`tickets_see_all` = 1,
-		`subdomains` = -1,
-		`subdomains_used` = 0,
-		`traffic` = -1048576,
-		`traffic_used` = 0,
-		`deactivated` = 0,
-		`aps_packages` = -1,
-		`aps_packages_used` = 0,
-		`email_autoresponder` = -1,
-		`email_autoresponder_used` = 0");
-	status_message('green', 'OK');
-
-	//now we create the userdata.inc.php with the mysql-accounts
-	status_message('begin', $lng['install']['creating_configfile']);
-	$userdata = "<?php\n";
-	$userdata.= "//automatically generated userdata.inc.php for Froxlor\n";
-	$userdata.= "\$sql['host']='" . addcslashes($mysql_host, "'\\") . "';\n";
-	$userdata.= "\$sql['user']='" . addcslashes($mysql_unpriv_user, "'\\") . "';\n";
-	$userdata.= "\$sql['password']='" . addcslashes($mysql_unpriv_pass, "'\\") . "';\n";
-	$userdata.= "\$sql['db']='" . addcslashes($mysql_database, "'\\") . "';\n";
-	$userdata.= "\$sql_root[0]['caption']='Default';\n";
-	$userdata.= "\$sql_root[0]['host']='" . addcslashes($mysql_host, "'\\") . "';\n";
-	$userdata.= "\$sql_root[0]['user']='" . addcslashes($mysql_root_user, "'\\") . "';\n";
-	$userdata.= "\$sql_root[0]['password']='" . addcslashes($mysql_root_pass, "'\\") . "';\n";
-	$userdata.= "?>";
-
-	//we test now if we can store the userdata.inc.php in ../lib
-	if($fp = @fopen('../lib/userdata.inc.php', 'w'))
-	{
-		$result = @fputs($fp, $userdata, strlen($userdata));
-		@fclose($fp);
-		status_message('green', $lng['install']['creating_configfile_succ']);
-		chmod('../lib/userdata.inc.php', 0440);
-	}
-	elseif($fp = @fopen('/tmp/userdata.inc.php', 'w'))
-	{
-		$result = @fputs($fp, $userdata, strlen($userdata));
-		@fclose($fp);
-		status_message('orange', $lng['install']['creating_configfile_temp']);
-		chmod('/tmp/userdata.inc.php', 0440);
-	}
-	else
-	{
-		status_message('red', $lng['install']['creating_configfile_failed']);
-		echo "\t\t<tr>\n\t\t\t<td class=\"main_field_name\"><p>" . nl2br(htmlspecialchars($userdata)) . "</p></td>\n\t\t</tr>\n";
-	}
-
-?>
-		</table>
-		<p style="padding-left: 15px;">
-			<strong><?php echo $lng['install']['froxlor_succ_installed']; ?></strong>
-		</p>
-		<p class="submit">
-			<a href="../index.php"><?php echo $lng['install']['click_here_to_login']; ?></a>
-		</p>
-	</section>
-</article>
-<?php
-	page_footer();
-}
-else
-{
-	
-	if((isset($_GET['check'])
-		&& $_GET['check'] == '1')
-		|| (isset($_POST['installstep']) 
-		&& $_POST['installstep'] == '1')
-	) {
-	page_header();
-
-?>
-	<article class="install bradius">
-		<header class="dark">
-			<img src="../templates/Froxlor/assets/img/logo.png" alt="Froxlor Server Management Panel" />
-		</header>
-		<section class="installsec">
-			<h2><?php echo $lng['install']['language']; ?></h2>
-			<form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']) ?>" method="get">
-				<fieldset>
-				<legend>Froxlor&nbsp;-&nbsp;Install</legend>
-				<p>
-					<label for="language"><?php echo $lng['install']['language']; ?>:</label>&nbsp;
-					<select name="language" id="language">
-					<?php
-						$language_options = '';
-						while(list($language_file, $language_name) = each($languages)) {
-							$language_options.= makeoption($language_name, $language_file, $language, true, true);
-						}
-						echo $language_options;
-					?>
-					</select>
-				</p>
-				<p class="submit">
-					<input type="hidden" name="check" value="1" />
-					<input type="submit" name="chooselang" value="Go" />
-				</p>
-				</fieldset>
-			</form>
-			<aside>&nbsp;</aside>
-		</section>
-		<section class="installsec">
-			<h2><?php echo $lng['install']['installdata']; ?></h2>
-			<form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']) ?>" method="post">
-				<fieldset>
-				<legend>Froxlor&nbsp;-&nbsp;Install</legend>
-				<p>
-					<strong><?php echo $lng['install']['database']; ?></strong>
-				</p>
-				<p>
-					<label for="mysql_host"><?php echo $lng['install']['mysql_hostname']; ?>:</label>&nbsp;
-					<input type="text" name="mysql_host" id="mysql_host" value="<?php echo htmlspecialchars($mysql_host); ?>" required/>
-				</p>
-				<p>
-					<label for="mysql_database"><?php echo $lng['install']['mysql_database']; ?>:</label>&nbsp;
-					<input type="text" name="mysql_database" id="mysql_database" value="<?php echo htmlspecialchars($mysql_database); ?>" required/>
-				</p>
-				<p>
-					<label for="mysql_unpriv_user"<?php echo (($mysql_unpriv_user == $mysql_root_user) ? ' style="color:blue;"' : ''); ?>><?php echo $lng['install']['mysql_unpriv_user']; ?>:</label>&nbsp;
-					<input type="text" name="mysql_unpriv_user" id="mysql_unpriv_user" value="<?php echo htmlspecialchars($mysql_unpriv_user); ?>" required/>
-				</p>
-				<p>
-					<label for="mysql_unpriv_pass"<?php echo ((!empty($_POST['installstep']) && $mysql_unpriv_pass == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['mysql_unpriv_pass']; ?>:</label>&nbsp;
-					<input type="password" name="mysql_unpriv_pass" id="mysql_unpriv_pass" value="<?php echo htmlspecialchars($mysql_unpriv_pass); ?>" required/>
-				</p>
-				<p>
-					<label for="mysql_root_user"<?php echo (($mysql_unpriv_user == $mysql_root_user) ? ' style="color:blue;"' : ''); ?>><?php echo $lng['install']['mysql_root_user']; ?>:</label>&nbsp;
-					<input type="text" name="mysql_root_user" id="mysql_root_user" value="<?php echo htmlspecialchars($mysql_root_user); ?>" required/>
-				</p>
-				<p>
-					<label for="mysql_root_pass"<?php echo ((!empty($_POST['installstep']) && $mysql_root_pass == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['mysql_root_pass']; ?>:</label>&nbsp;
-					<input type="password" name="mysql_root_pass" id="mysql_root_pass" value="<?php echo htmlspecialchars($mysql_root_pass); ?>" required/>
-				</p>
-				<p>
-					<strong><?php echo $lng['install']['admin_account']; ?></strong>
-				</p>
-				<p>
-					<label for="admin_user"><?php echo $lng['install']['admin_user']; ?>:</label>&nbsp;
-					<input type="text" name="admin_user" id="admin_user" value="<?php echo htmlspecialchars($admin_user); ?>" required/>
-				</p>
-				<p>
-					<label for="admin_pass1"<?php echo ((!empty($_POST['installstep']) && ($admin_pass1 == '' || $admin_pass1 != $admin_pass2)) ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['admin_pass']; ?>:</label>&nbsp;
-					<input type="password" name="admin_pass1" id="admin_pass1" value="<?php echo htmlspecialchars($admin_pass1); ?>" required/>
-				</p>
-				<p>
-					<label for="admin_pass2"<?php echo ((!empty($_POST['installstep']) && ($admin_pass2 == '' || $admin_pass1 != $admin_pass2)) ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['admin_pass_confirm']; ?>:</label>&nbsp;
-					<input type="password" name="admin_pass2" id="admin_pass2" value="<?php echo htmlspecialchars($admin_pass2); ?>" required/>
-				</p>
-				<p>
-					<strong><?php echo $lng['install']['serversettings']; ?></strong>
-				</p>
-				<p>
-					<label for="servername"<?php echo ((!empty($_POST['installstep']) && $servername == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['servername']; ?>:</label>&nbsp;
-					<input type="text" name="servername" id="servername" value="<?php echo htmlspecialchars($servername); ?>" required/>
-				</p>
-				<p>
-					<label for="serverip"<?php echo ((!empty($_POST['installstep']) && $serverip == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['serverip']; ?>:</label>&nbsp;
-					<input type="text" name="serverip" id="serverip" value="<?php echo htmlspecialchars($serverip); ?>" required/>
-				</p>
-				<p>
-					<label for="apache"<?php echo ((!empty($_POST['installstep']) && $webserver == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['webserver']; ?> Apache:</label>&nbsp;
-					<input type="radio" name="webserver" id="apache" value="apache2" <?php echo $webserver == "apache2" ? 'checked="checked"' : "" ?>/>Apache2
-				</p>
-				<p>
-					<label for="lighty"<?php echo ((!empty($_POST['installstep']) && $webserver == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['webserver']; ?> LigHTTPd:</label>&nbsp;
-					<input type="radio" name="webserver" id="lighty" value="lighttpd" <?php echo $webserver == "lighttpd" ? 'checked="checked"' : "" ?>/>LigHTTPd
-				</p>
-				<p>
-					<label for="nginx"<?php echo ((!empty($_POST['installstep']) && $webserver == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['webserver']; ?> Nginx:</label>&nbsp;
-					<input type="radio" name="webserver" id="nginx" value="nginx" <?php echo $webserver == "nginx" ? 'checked="checked"' : "" ?>/>Nginx
-				</p>
-				<p>
-					<label for="httpuser"<?php echo ((!empty($_POST['installstep']) && $httpuser == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['httpuser']; ?>:</label>&nbsp;
-					<input type="text" name="httpuser" id="httpuser" value="<?php $posixusername = posix_getpwuid(posix_getuid()); echo $posixusername['name']; ?>" required/>
-				</p>
-				<p>
-					<label for="httpgroup"<?php echo ((!empty($_POST['installstep']) && $httpgroup == '') ? ' style="color:red;"' : ''); ?>><?php echo $lng['install']['httpgroup']; ?>:</label>&nbsp;
-					<input type="text" name="httpgroup" id="httpgroup" value="<?php $posixgroup = posix_getgrgid(posix_getgid()); echo $posixgroup['name']; ?>" required/>
-				</p>
-				<p class="submit">
-					<input type="hidden" name="check" value="1" />
-					<input type="hidden" name="language" value="<?php echo htmlspecialchars($language); ?>"/>
-					<input type="hidden" name="installstep" value="1"/>
-					<input class="bottom" type="submit" name="submitbutton" value="<?php echo $lng['install']['next']; ?>"/>
-				</p>
-			</fieldset>
-		</form>
-		<aside>&nbsp;</aside>
-	</section>
-</article>
-<?php
-	page_footer();
-	}
-	else
-	{
-		requirement_checks();
-	}		
-}
-
-/**
- * END INSTALL ---------------------------------------------------
- */
+$frxinstall = new FroxlorInstall();
+$frxinstall->run();
--- a/install/lib/class.FroxlorInstall.php
+++ b/install/lib/class.FroxlorInstall.php
--- a/install/lng/english.lng.php
+++ b/install/lng/english.lng.php
@@ -17,92 +17,75 @@
 *
 */

-/**
- * Begin
- */
+$lng['requirements']['title'] = 'Checking system requirements...';
+$lng['requirements']['installed'] = 'installed';
+$lng['requirements']['not_true'] = 'no';
+$lng['requirements']['notfound'] = 'not found';
+$lng['requirements']['notinstalled'] = 'not installed';
+$lng['requirements']['activated'] = 'enabled';
+$lng['requirements']['phpversion'] = 'PHP version >= 5.3';
+$lng['requirements']['newerphpprefered'] = 'Good, but php-5.6 is prefered.';
+$lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime...';
+$lng['requirements']['phpmagic_quotes_runtime_description'] = 'PHP setting "magic_quotes_runtime" must be set to "Off". We have disabled it temporary for now please fix the coresponding php.ini.';
+$lng['requirements']['phppdo'] = 'PHP PDO extension and PDO-MySQL driver...';
+$lng['requirements']['phpxml'] = 'PHP XML-extension...';
+$lng['requirements']['phpfilter'] = 'PHP filter-extension...';
+$lng['requirements']['phpposix'] = 'PHP posix-extension...';
+$lng['requirements']['phpbcmath'] = 'PHP bcmath-extension...';
+$lng['requirements']['phpcurl'] = 'PHP curl-extension...';
+$lng['requirements']['phpmbstring'] = 'PHP mbstring-extension...';
+$lng['requirements']['bcmathdescription'] = 'Traffic-calculation related functions will not work correctly!';
+$lng['requirements']['openbasedir'] = 'open_basedir...';
+$lng['requirements']['openbasedirenabled'] = 'Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor in the coresponding php.ini';
+$lng['requirements']['diedbecauseofrequirements'] = 'Cannot install Froxlor without these requirements! Try to fix them and retry.';
+$lng['requirements']['froxlor_succ_checks'] = 'All requirements are satisfied';

-$lng['install']['language'] = 'Installation - Language';
-$lng['install']['welcome'] = 'Welcome to Froxlor Installation';
+$lng['install']['lngtitle'] = 'Froxlor install - choose language';
+$lng['install']['language'] = 'Installation language';
+$lng['install']['lngbtn_go'] = 'Change language';
+$lng['install']['title'] = 'Froxlor install - setup';
 $lng['install']['welcometext'] = 'Thank you for choosing Froxlor. Please fill out the following fields with the required information to start the installation.<br /><b>Attention:</b> If the database you chose for Froxlor already exists on your System, it will be erased with all containing data!';
-$lng['install']['database'] = 'Database';
-$lng['install']['mysql_hostname'] = 'MySQL-Hostname';
-$lng['install']['mysql_database'] = 'MySQL-Database';
+$lng['install']['database'] = 'Database connection';
+$lng['install']['mysql_host'] = 'MySQL-Hostname';
+$lng['install']['mysql_database'] = 'Database name';
 $lng['install']['mysql_unpriv_user'] = 'Username for the unprivileged MySQL-account';
 $lng['install']['mysql_unpriv_pass'] = 'Password for the unprivileged MySQL-account';
 $lng['install']['mysql_root_user'] = 'Username for the MySQL-root-account';
 $lng['install']['mysql_root_pass'] = 'Password for the MySQL-root-account';
 $lng['install']['admin_account'] = 'Administrator Account';
 $lng['install']['admin_user'] = 'Administrator Username';
-$lng['install']['admin_pass'] = 'Administrator Password';
-$lng['install']['admin_pass_confirm'] = 'Administrator-Password (confirm)';
+$lng['install']['admin_pass1'] = 'Administrator Password';
+$lng['install']['admin_pass2'] = 'Administrator-Password (confirm)';
+$lng['install']['activate_newsfeed'] = 'Enable the official newsfeed<br><small>(https://inside.froxlor.org/news/)</small>';
 $lng['install']['serversettings'] = 'Server settings';
-$lng['install']['servername'] = 'Server name (FQDN)';
+$lng['install']['servername'] = 'Server name (FQDN, no ip-address)';
 $lng['install']['serverip'] = 'Server IP';
+$lng['install']['webserver'] = 'Webserver';
+$lng['install']['apache2'] = 'Apache 2';
+$lng['install']['apache24'] = 'Apache 2.4';
+$lng['install']['lighttpd'] = 'LigHTTPd';
+$lng['install']['nginx'] = 'NGINX';
 $lng['install']['httpuser'] = 'HTTP username';
 $lng['install']['httpgroup'] = 'HTTP groupname';
-$lng['install']['apacheversion'] = 'Apacheversion';
-$lng['install']['next'] = 'Next';
-$lng['install']['installdata'] = 'Installation - Data';

-/**
- * Progress
- */
-
-$lng['install']['testing_mysql'] = 'Testing if MySQL-root-username and password are correct...';
-$lng['install']['erasing_old_db'] = 'Erasing old Database...';
-$lng['install']['backup_old_db'] = 'Create backup of the old Database...';
-$lng['install']['backing_up'] = 'Backing up';
-$lng['install']['backing_up_binary_missing'] = '/usr/bin/mysqldump is missing';
-$lng['install']['create_mysqluser_and_db'] = 'Creating MySQL-database and username...';
-$lng['install']['testing_new_db'] = 'Testing if MySQL-database and username have been created correctly...';
-$lng['install']['importing_data'] = 'Importing data into MySQL-database...';
-$lng['install']['changing_data'] = 'Changing imported data...';
-$lng['install']['adding_admin_user'] = 'Adding Administrator Account...';
+$lng['install']['testing_mysql'] = 'Checking MySQL-root access...';
+$lng['install']['testing_mysql_fail'] = 'There seems to be a problem with the database-connection. Cannot continue. Please go back and check your credentials.';
+$lng['install']['backup_old_db'] = 'Creating backup of old database...';
+$lng['install']['backup_binary_missing'] = 'Could not find mysqldump';
+$lng['install']['backup_failed'] = 'Could not backup database';
+$lng['install']['prepare_db'] = 'Preparing database...';
+$lng['install']['create_mysqluser_and_db'] = 'Creating database and username...';
+$lng['install']['testing_new_db'] = 'Testing if database and user have been created correctly...';
+$lng['install']['importing_data'] = 'Importing data...';
+$lng['install']['changing_data'] = 'Adjusting settings...';
+$lng['install']['creating_entries'] = 'Inserting new values...';
+$lng['install']['adding_admin_user'] = 'Creating admin-account...';
 $lng['install']['creating_configfile'] = 'Creating configfile...';
-$lng['install']['creating_configfile_succ'] = 'OK, userdata.inc.php was saved in lib/.';
 $lng['install']['creating_configfile_temp'] = 'File was saved in /tmp/userdata.inc.php, please move to lib/.';
-$lng['install']['creating_configfile_failed'] = 'Cannot create lib/userdata.inc.php, please create it manually with the following data:';
+$lng['install']['creating_configfile_failed'] = 'Could not create lib/userdata.inc.php, please create it manually with the following content:';
 $lng['install']['froxlor_succ_installed'] = 'Froxlor was installed successfully.';
-$lng['install']['click_here_to_login'] = 'Click here to login.';
-$lng['install']['phpmysql'] = 'Testing if PHP MySQL-extension is installed...';
-$lng['install']['phpfilter'] = 'Testing if PHP filter-extension is installed...';
-$lng['install']['diedbecauseofrequirements'] = 'Cannot install Froxlor without these requirements! Aborting...';
-$lng['install']['notinstalled'] = 'not installed!';
-$lng['install']['phpbcmath'] = 'Testing if PHP bcmath-extension is installed...';
-$lng['install']['bcmathdescription'] = 'Traffic-calculation related functions will not work correctly!';
-$lng['install']['openbasedir'] = 'Testing if open_basedir is enabled...';
-$lng['install']['openbasedirenabled'] = 'enabled. Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor';

-/**
- * ADDED IN 1.2.19-svn7
- */
-
-$lng['install']['servername_should_be_fqdn'] = 'The servername should be a FQDN and not an IP address';
-
-/**
- * Renamed in 1.2.19-svn40
- */
-
-$lng['install']['webserver'] = 'Webserver';
-
-/*
- * Added in Froxlor 0.9
- */
-$lng['install']['phpversion'] = 'Checking for PHP version >= 5.2';
-$lng['install']['phpposix'] = 'Testing if PHP posix-extension is installed...';
-
-/*
- * Added in Froxlor 0.9.4
- */
-$lng['install']['click_here_to_refresh'] = 'Re-check';
-$lng['install']['click_here_to_continue'] = 'Continue installation';
-$lng['install']['froxlor_succ_checks'] = 'All requirements are satisfied';
-
-/*
- * Added in Froxlor 0.9.13
- */
-$lng['install']['phpmagic_quotes_runtime'] = 'Checking whether magic_quotes_runtime is off';
-$lng['install']['active'] = 'no';
-$lng['install']['phpmagic_quotes_runtime_description'] = 'PHP setting "magic_quotes_runtime" must be set to "Off" in order to avoid strange behavior of Froxlor. Disabling it for now (this is only temporary, please fix our php.ini).';
-$lng['install']['phpxml'] = 'Testing if PHP XML-extension is installed...';
-?>
+$lng['click_here_to_refresh'] = 'Click here to check again';
+$lng['click_here_to_goback'] = 'Click here to go back';
+$lng['click_here_to_continue'] = 'Click here to continue';
+$lng['click_here_to_login'] = 'Click here to login.';
--- a/install/lng/french.lng.php
+++ b/install/lng/french.lng.php
@@ -10,70 +10,80 @@
 * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright  (c) the authors
- * @author     Tim Zielosko <mail@zielosko.net>
- * @author     Romain MARIADASSOU <roms2000@free.fr>
- * @author     Froxlor Team <team@froxlor.org>
+ * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Language
 *
 */

-/**
- * Begin
- */
+$lng['requirements']['title'] = 'Vérification des prérequis système...';
+$lng['requirements']['installed'] = 'installé';
+$lng['requirements']['not_true'] = 'non';
+$lng['requirements']['notfound'] = 'introuvable';
+$lng['requirements']['notinstalled'] = 'non installé';
+$lng['requirements']['activated'] = 'activé';
+$lng['requirements']['phpversion'] = 'PHP version >= 5.3';
+$lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime...';
+$lng['requirements']['phpmagic_quotes_runtime_description'] = 'Le réglage PHP "magic_quotes_runtime" doit être positionné à "Off". Nous l\'avons désactivé temporairement pour l\'instant; merci de corriger le php.ini correspondant.';
+$lng['requirements']['phppdo'] = 'extension PHP PDO et pilote PDO-MySQL ...';
+$lng['requirements']['phpxml'] = 'extension PHP XML...';
+$lng['requirements']['phpfilter'] = 'extension PHP filter ...';
+$lng['requirements']['phpposix'] = 'extension PHP posix ...';
+$lng['requirements']['phpbcmath'] = 'extension PHP bcmath ...';
+$lng['requirements']['phpcurl'] = 'extension PHP curl...';
+$lng['requirements']['phpmbstring'] = 'extension PHP mbstring...';
+$lng['requirements']['bcmathdescription'] = 'Les fonctions de calcul de traffic ne fonctionneront pas correctement!';
+$lng['requirements']['openbasedir'] = 'open_basedir...';
+$lng['requirements']['openbasedirenabled'] = 'Froxlor ne fonctionnera pas correctement avec open_basedir activé. Merci de désactiver open_basedir pour Froxlor dans le php.ini correspondant';
+$lng['requirements']['diedbecauseofrequirements'] = 'Impossible d\'installer Froxlor sans ces prérequis! Essayez de les corriger et essayez à nouveau.';
+$lng['requirements']['froxlor_succ_checks'] = 'Tous les prérequis sont vérifiés';

+$lng['install']['lngtitle'] = 'Installation de Froxlor - choisisez la langue';
 $lng['install']['language'] = 'Langue d\'installation';
-$lng['install']['welcome'] = 'Bienvenue <20> l\'installation de Froxlor';
-$lng['install']['welcometext'] = 'Merci beaucoup d\'avoir choisi Froxlor. Pour installer Froxlor remplissez les cases ci-dessous avec les informations demand<EFBFBD>es.<br /><b>Attention :</b> Si vous entrez le nom d\'une base de donn<6E>es existante, celle-ci sera effac<61>e !';
-$lng['install']['database'] = 'Base de donn<6E>es';
-$lng['install']['mysql_hostname'] = 'Nom d\'h<>te du serveur MySQL';
-$lng['install']['mysql_database'] = 'Base de donn<6E>es MySQL';
-$lng['install']['mysql_unpriv_user'] = 'Utilisateur pour l\'acc<63>s non privil<69>gi<67> <20> MySQL';
-$lng['install']['mysql_unpriv_pass'] = 'Mot de passe pour l\'acc<63>s non privil<EFBFBD>gi<EFBFBD> <20> MySQL';
-$lng['install']['mysql_root_user'] = 'Utilisateur pour l\'acc<63>s root <20> MySQL';
-$lng['install']['mysql_root_pass'] = 'Mot de passe pour l\'acc<63>s root <20> MySQL';
-$lng['install']['admin_account'] = 'Acc<63>s administratif';
-$lng['install']['admin_user'] = 'Login de l\'administrateur';
-$lng['install']['admin_pass'] = 'Mot de passe de l\'administrateur';
-$lng['install']['admin_pass_confirm'] = 'Mot de passe de l\'administrateur (confirmation)';
-$lng['install']['serversettings'] = 'Configuration du serveur';
-$lng['install']['servername'] = 'Nom du serveur (FQDN)';
+$lng['install']['lngbtn_go'] = 'Changer la langue';
+$lng['install']['title'] = 'Installation de Froxlor - paramètrage';
+$lng['install']['welcometext'] = 'Merci d\'avoir choisi Froxlor. Merci de remplir les champs suivant avec les informations nécessaires pour démarrer l\'installation.<br /><b>Attention:</b> Si la base de données que vous choisissez existe déjà sur votre système, elle sera écrasée ainsi que les données contenues!';
+$lng['install']['database'] = 'Connexion à la base de données';
+$lng['install']['mysql_host'] = 'Nom d\'hôte MySQL';
+$lng['install']['mysql_database'] = 'Nom de la base de données';
+$lng['install']['mysql_unpriv_user'] = 'Nom d\'utilisateur pour le compte non priviligié MySQL';
+$lng['install']['mysql_unpriv_pass'] = 'Mot de passe pour le compte non priviligié MySQL';
+$lng['install']['mysql_root_user'] = 'Nom d\'utilisateur pour le compte MySQL root';
+$lng['install']['mysql_root_pass'] = 'Mot de passe pour le compte MySQL root';
+$lng['install']['admin_account'] = 'Compte administrateur';
+$lng['install']['admin_user'] = 'Nom d\'utilisateur administrateur';
+$lng['install']['admin_pass1'] = 'Mot de passe administrateur';
+$lng['install']['admin_pass2'] = 'Mot de passe administrateur (confirmez)';
+$lng['install']['serversettings'] = 'Réglages serveur';
+$lng['install']['servername'] = 'Nom du serveur (FQDN, pas d\'adresse IP)';
 $lng['install']['serverip'] = 'Adresse IP du serveur';
-$lng['install']['apacheversion'] = 'Version du serveur Apache';
-$lng['install']['next'] = 'Continuer';
-$lng['install']['installdata'] = 'Installation - Data';
+$lng['install']['webserver'] = 'Serveur Web';
+$lng['install']['apache2'] = 'Apache 2';
+$lng['install']['apache24'] = 'Apache 2.4';
+$lng['install']['lighttpd'] = 'LigHTTPd';
+$lng['install']['nginx'] = 'NGINX';
+$lng['install']['httpuser'] = 'Nom d\'utilisateur HTTP';
+$lng['install']['httpgroup'] = 'Nom de groupe HTTP';

-/**
- * Progress
- */
+$lng['install']['testing_mysql'] = 'Vérification de l\'accès root MySQL...';
+$lng['install']['testing_mysql_fail'] = 'Il semble y avoir un problème avec la connexion à la base de données. Impossible de continuer. Merci de revenir en arrière et de vérifier les informations d\'identification.';
+$lng['install']['backup_old_db'] = 'Création des sauvegardes de l\'ancienne base de données...';
+$lng['install']['backup_binary_missing'] = 'Impossible de trouver mysqldump';
+$lng['install']['backup_failed'] = 'Impossible de sauvegarde la base de données';
+$lng['install']['prepare_db'] = 'Préparation de la base de données...';
+$lng['install']['create_mysqluser_and_db'] = 'Création de la base de données et l\'utilisateur...';
+$lng['install']['testing_new_db'] = 'Teste si la base de données et l\'utilisateur ont été créés correctement...';
+$lng['install']['importing_data'] = 'Import des données...';
+$lng['install']['changing_data'] = 'Ajustement des paramètres...';
+$lng['install']['creating_entries'] = 'Insertion des nouvelles valeurs...';
+$lng['install']['adding_admin_user'] = 'Création du compte administrateur...';
+$lng['install']['creating_configfile'] = 'Création du fichier de configuration...';
+$lng['install']['creating_configfile_temp'] = 'Le fichier a été enregistré dans /tmp/userdata.inc.php, merci de le déplacer dans lib/.';
+$lng['install']['creating_configfile_failed'] = 'Impossible de créer lib/userdata.inc.php, merci de le créer manuellement avec le contenu suivant:';
+$lng['install']['froxlor_succ_installed'] = 'Froxlor a été installé avec succès.';

-$lng['install']['testing_mysql'] = 'V<>rification du login root de MySQL ...';
-$lng['install']['erasing_old_db'] = 'Effacement de l\'ancienne base de donn<6E>es ...';
-$lng['install']['create_mysqluser_and_db'] = 'Cr<43>ation de la base de donn<6E>es puis des utilisateurs ...';
-$lng['install']['testing_new_db'] = 'V<>rification de la base de donn<6E>es et des utilisateurs ...';
-$lng['install']['importing_data'] = 'Importation des informations dans la base de donn<6E>es ...';
-$lng['install']['changing_data'] = 'Modification des donn<6E>es import<72>s ...';
-$lng['install']['adding_admin_user'] = 'Ajout de l\'utilisateur administrateur ...';
-$lng['install']['creating_configfile'] = 'Cr<43>ation du fichier de configuration ...';
-$lng['install']['creating_configfile_succ'] = 'OK, userdata.inc.php a <20>t<EFBFBD> sauvegard<72> dans le dossier lib/ de Froxlor.';
-$lng['install']['creating_configfile_temp'] = 'Le fichier a <20>t<EFBFBD> sauvegard<72> dans /tmp/userdata.inc.php, veuillez le d<>placer / copier dans le dossier lib/ de Froxlor.';
-$lng['install']['creating_configfile_failed'] = 'Erreur en cr<63>ant le fichier lib/userdata.inc.php, veuillez le cr<63>er avec le contenu ci-dessous :';
-$lng['install']['froxlor_succ_installed'] = 'Froxlor a <20>t<EFBFBD> install<6C> correctement.';
-$lng['install']['click_here_to_login'] = 'Cliquez ici pour vous rendre <20> l\'invite de connexion.';
-$lng['install']['httpuser'] = 'Nom du utilisateur du HTTP';
-$lng['install']['httpgroup'] = 'Nom du la group du HTTP';
-
-/**
- * ADDED IN 1.2.19-svn7
- */
-
-$lng['install']['servername_should_be_fqdn'] = 'Le nom du serveur doit être un nom FQDN, pas une adresse IP';
-
-/**
- * Renamed in 1.2.19-svn40
- */
-
-$lng['install']['webserver'] = 'Version du serveur';
-
-$lng['install']['phpxml'] = 'Tester si PHP XML-extension est install<6C>e...';
-?>
+$lng['click_here_to_refresh'] = 'Cliquez ici pour vérifier à nouveau';
+$lng['click_here_to_goback'] = 'Cliquez ici pour revenir';
+$lng['click_here_to_continue'] = 'Cliquez ici pour continuer';
+$lng['click_here_to_login'] = 'Cliquez ici pour vous connecter.';
--- a/install/lng/german.lng.php
+++ b/install/lng/german.lng.php
@@ -2,107 +2,90 @@

 /**
 * This file is part of the Froxlor project.
- * Copyright (c) 2003-2007 the SysCP Team (see authors).
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
 * Copyright (c) 2010 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
 * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.syscp.org/misc/COPYING.txt
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2007)
- * @author     Froxlor Team <team@froxlor.org> (2010-)
+ * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Language
 *
 */

-/**
- * Begin
- */
+$lng['requirements']['title'] = 'Prüfe Systemvoraussetzungen...';
+$lng['requirements']['installed'] = 'installiert';
+$lng['requirements']['not_true'] = 'nein';
+$lng['requirements']['notfound'] = 'nicht gefunden';
+$lng['requirements']['notinstalled'] = 'nicht installiert';
+$lng['requirements']['activated'] = 'ist aktiviert.';
+$lng['requirements']['phpversion'] = 'PHP Version >= 5.3';
+$lng['requirements']['newerphpprefered'] = 'Passt, aber php-5.6 wird bevorzugt.';
+$lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime';
+$lng['requirements']['phpmagic_quotes_runtime_description'] = 'Die PHP Einstellung "magic_quotes_runtime" muss deaktiviert sein ("Off"). Die Einstellung wurde temporär deaktiviert, bitte ändern Sie diese in der entsprechenden php.ini.';
+$lng['requirements']['phppdo'] = 'PHP PDO Erweiterung und PDO-MySQL Treiber...';
+$lng['requirements']['phpxml'] = 'PHP XML-Erweiterung...';
+$lng['requirements']['phpfilter'] = 'PHP filter-Erweiterung...';
+$lng['requirements']['phpposix'] = 'PHP posix-Erweiterung...';
+$lng['requirements']['phpbcmath'] = 'PHP bcmath-Erweiterung...';
+$lng['requirements']['phpcurl'] = 'PHP curl-Erweiterung...';
+$lng['requirements']['phpmbstring'] = 'PHP mbstring-Erweiterung...';
+$lng['requirements']['bcmathdescription'] = 'Traffic-Berechnungs bezogene Funktionen stehen nicht vollständig zur Verfügung!';
+$lng['requirements']['openbasedir'] = 'open_basedir genutzt wird...';
+$lng['requirements']['openbasedirenabled'] = 'Froxlor wird mit aktiviertem open_basedir nicht vollständig funktionieren. Bitte deaktivieren Sie open_basedir für Froxlor in der entsprechenden php.ini';
+$lng['requirements']['diedbecauseofrequirements'] = 'Kann Froxlor ohne diese Voraussetzungen nicht installieren! Beheben Sie die angezeigten Probleme und versuchen Sie es erneut.';
+$lng['requirements']['froxlor_succ_checks'] = 'Alle Vorraussetzungen sind erfüllt';

-$lng['install']['language'] = 'Installations - Sprache';
-$lng['install']['welcome'] = 'Willkommen zur Froxlor Installation';
-$lng['install']['welcometext'] = 'Vielen Dank dass Sie sich f&uuml;r Froxlor entschieden haben. Um Ihre Installation von Froxlor zu starten, f&uuml;llen Sie bitte alle Felder unten mit den geforderten Angaben.<br /><b>Achtung:</b> Eine eventuell bereits existierende Datenbank, die den selben Namen hat wie den, den Sie unten eingeben werden, wird mit allen enthaltenen Daten gel&ouml;scht!';
-$lng['install']['database'] = 'Datenbank';
-$lng['install']['mysql_hostname'] = 'MySQL-Hostname';
-$lng['install']['mysql_database'] = 'MySQL-Datenbank';
-$lng['install']['mysql_unpriv_user'] = 'Benutzername f&uuml;r den unprivilegierten MySQL-Account';
-$lng['install']['mysql_unpriv_pass'] = 'Passwort f&uuml;r den unprivilegierten MySQL-Account';
-$lng['install']['mysql_root_user'] = 'Benutzername f&uuml;r den MySQL-Root-Account';
-$lng['install']['mysql_root_pass'] = 'Passwort f&uuml;r den MySQL-Root-Account';
+$lng['install']['lngtitle'] = 'Froxlor Installation - Sprache auswählen';
+$lng['install']['language'] = 'Sprache für die Installation';
+$lng['install']['lngbtn_go'] = 'Sprache ändern';
+$lng['install']['title'] = 'Froxlor Installation - Einrichtung';
+$lng['install']['welcometext'] = 'Vielen Dank dass Sie sich für Froxlor entschieden haben. Um die Installation von Froxlor zu starten, füllen Sie bitte alle Felder mit den geforderten Angaben aus.<br /><b>Achtung:</b> Eine eventuell existierende Datenbank, die den selben Namen hat wie den Gewählten, wird mit allen enthaltenen Daten gelöscht!';
+$lng['install']['database'] = 'Datenbankverbindung';
+$lng['install']['mysql_host'] = 'MySQL-Hostname';
+$lng['install']['mysql_database'] = 'Datenbank Name';
+$lng['install']['mysql_unpriv_user'] = 'Benutzername für den unprivilegierten MySQL-Account';
+$lng['install']['mysql_unpriv_pass'] = 'Passwort für den unprivilegierten MySQL-Account';
+$lng['install']['mysql_root_user'] = 'Benutzername für den MySQL-Root-Account';
+$lng['install']['mysql_root_pass'] = 'Passwort für den MySQL-Root-Account';
 $lng['install']['admin_account'] = 'Admin-Zugang';
 $lng['install']['admin_user'] = 'Administrator-Benutzername';
-$lng['install']['admin_pass'] = 'Administrator-Passwort';
-$lng['install']['admin_pass_confirm'] = 'Administrator-Passwort (Best&auml;tigung)';
+$lng['install']['admin_pass1'] = 'Administrator-Passwort';
+$lng['install']['admin_pass2'] = 'Administrator-Passwort (Bestätigung)';
+$lng['install']['activate_newsfeed'] = 'Aktiviere das offizielle Newsfeed<br><small>(https://inside.froxlor.org/news/)</small>';
 $lng['install']['serversettings'] = 'Servereinstellungen';
-$lng['install']['servername'] = 'Servername (FQDN)';
+$lng['install']['servername'] = 'Servername (FQDN, keine IP-Adresse)';
 $lng['install']['serverip'] = 'Server-IP';
-$lng['install']['apacheversion'] = 'Apacheversion';
-$lng['install']['next'] = 'Fortfahren';
-$lng['install']['installdata'] = 'Installation - Daten';
-
-/**
- * Progress
- */
-
-$lng['install']['testing_mysql'] = 'Teste, ob die MySQL-Root-Benutzerdaten richtig sind...';
-$lng['install']['erasing_old_db'] = 'Entferne alte Datenbank...';
-$lng['install']['backup_old_db'] = 'Sichere bisherige Datenbank...';
-$lng['install']['backing_up'] = 'Sicherung l&auml;ft';
-$lng['install']['backing_up_binary_missing'] = '/usr/bin/mysqldump nicht vorhanden';
-$lng['install']['create_mysqluser_and_db'] = 'Erstelle Datenbank und Benutzer...';
-$lng['install']['testing_new_db'] = 'Teste, ob die Datenbank und Passwort korrekt angelegt wurden...';
-$lng['install']['importing_data'] = 'Importiere Daten in die MySQL-Datenbank...';
-$lng['install']['changing_data'] = 'Passe die importierten Daten an...';
-$lng['install']['adding_admin_user'] = 'F&uuml;ge den Admin-Benutzer hinzu...';
-$lng['install']['creating_configfile'] = 'Erstelle Konfigurationsdatei...';
-$lng['install']['creating_configfile_succ'] = 'OK, userdata.inc.php wurde in lib/ gespeichert.';
-$lng['install']['creating_configfile_temp'] = 'Datei wurde in /tmp/userdata.inc.php gespeichert, bitte nach lib/ verschieben.';
-$lng['install']['creating_configfile_failed'] = 'Konnte lib/userdata.inc.php nicht erstellen, bitte manuell mit folgendem Inhalt anlegen:';
-$lng['install']['froxlor_succ_installed'] = 'Froxlor wurde erfolgreich installiert.';
-$lng['install']['click_here_to_login'] = 'Hier geht es weiter zum Login-Fenster.';
-$lng['install']['phpmysql'] = 'Teste, ob die PHP MySQL-Erweiterung installiert ist...';
-$lng['install']['phpfilter'] = 'Teste, ob die PHP Filter-Erweiterung installiert ist...';
-$lng['install']['diedbecauseofrequirements'] = 'Kann Froxlor ohne diese Voraussetzungen nicht installieren! Breche ab...';
-$lng['install']['notinstalled'] = 'nicht installiert!';
-$lng['install']['phpbcmath'] = 'Teste, ob die PHP bcmath-Erweiterung installiert ist...';
-$lng['install']['bcmathdescription'] = 'Traffic-Berechnungs bezogene Funktionen stehen nicht vollst&auml;ndig zur Verf&uuml;gung!';
-$lng['install']['openbasedir'] = 'Teste, ob open_basedir genutzt wird...';
-$lng['install']['openbasedirenabled'] = 'aktiviert. Froxlor wird mit aktiviertem open_basedir nicht vollst&auml;ndig funktionieren. Bitte deaktivieren Sie open_basedir f&uuml;r Froxlor';
+$lng['install']['webserver'] = 'Webserver';
+$lng['install']['apache2'] = 'Apache 2';
+$lng['install']['apache24'] = 'Apache 2.4';
+$lng['install']['lighttpd'] = 'LigHTTPd';
+$lng['install']['nginx'] = 'NGINX';
 $lng['install']['httpuser'] = 'HTTP Username';
 $lng['install']['httpgroup'] = 'HTTP Gruppenname';

-/**
- * ADDED IN 1.2.19-svn7
- */
+$lng['install']['testing_mysql'] = 'Teste MySQL-Root Zugang...';
+$lng['install']['testing_mysql_fail'] = 'Bei der Verwendung der Datenbank gibt es scheinbar Probleme. Installation kann nicht fortgesetzt werden. Bitte Zugangsdaten prüfen und erneut versuchen.';
+$lng['install']['backup_old_db'] = 'Sicherung vorheriger Datenbank...';
+$lng['install']['backup_binary_missing'] = 'Konnte mysqldump nicht finden';
+$lng['install']['backup_failed'] = 'Sicherung fehlgeschlagen';
+$lng['install']['prepare_db'] = 'Datenbank wird vorbereitet...';
+$lng['install']['create_mysqluser_and_db'] = 'Erstelle Datenbank und Benutzer...';
+$lng['install']['testing_new_db'] = 'Teste, ob Datenbank und Benutzer korrekt angelegt wurden...';
+$lng['install']['importing_data'] = 'Importiere Daten...';
+$lng['install']['changing_data'] = 'Einstellungen anpassen...';
+$lng['install']['creating_entries'] = 'Trage neue Werte ein...';
+$lng['install']['adding_admin_user'] = 'Erstelle Admin-Benutzer...';
+$lng['install']['creating_configfile'] = 'Erstelle Konfigurationsdatei...';
+$lng['install']['creating_configfile_temp'] = 'Datei wurde in /tmp/userdata.inc.php gespeichert, bitte nach lib/ verschieben.';
+$lng['install']['creating_configfile_failed'] = 'Konnte lib/userdata.inc.php nicht erstellen, bitte manuell mit folgendem Inhalt anlegen:';
+$lng['install']['froxlor_succ_installed'] = 'Froxlor wurde erfolgreich installiert.';

-$lng['install']['servername_should_be_fqdn'] = 'Der Servername sollte eine FQDN sein und keine IP Adresse sein';
-
-/**
- * Renamed in 1.2.19-svn40
- */
-
-$lng['install']['webserver'] = 'Webserver';
-
-/*
- * Added in Froxlor 0.9
- */
-$lng['install']['phpversion'] = 'Pr&uuml;fe PHP Version >= 5.2';
-$lng['install']['phpposix'] = 'Teste, ob die PHP Posix-Erweiterung installiert ist...';
-
-/*
- * Added in Froxlor 0.9.4
- */
-$lng['install']['click_here_to_refresh'] = 'Erneut pr&uuml;fen';
-$lng['install']['click_here_to_continue'] = 'Installation fortf&uuml;hren';
-$lng['install']['froxlor_succ_checks'] = 'Alle Vorraussetzungen sind erf&uuml;llt';
-
-/*
- * Added in Froxlor 0.9.13
- */
-$lng['install']['phpmagic_quotes_runtime'] = 'Pr&uuml;fe ob magic_quotes_runtime ausgeschalten ist';
-$lng['install']['active'] = 'nein';
-$lng['install']['phpmagic_quotes_runtime_description'] = 'Die PHP Einstellung "magic_quotes_runtime" muss deaktiviert sein ("Off"), um merkw&uuml;rdige Verhalten von Froxlor zu umgehen. Sie wurde deaktiviert (nur tempor&auml;r, bitte php.ini anpassen).';
-$lng['install']['phpxml'] = 'Teste, ob die PHP XML-Erweiterung installiert ist...';
-?>
+$lng['click_here_to_refresh'] = 'Hier klicken, um erneut zu prüfen';
+$lng['click_here_to_goback'] = 'Einen Schritt zurück';
+$lng['click_here_to_continue'] = 'Installation fortführen';
+$lng['click_here_to_login'] = 'Hier geht es weiter zum Login-Fenster.';
--- a/install/scripts/htpasswd-htaccess-remover.php
+++ b/install/scripts/htpasswd-htaccess-remover.php
@@ -1,106 +0,0 @@
-<?php
-
-/**
- * This file is part of the SysCP project.
- * Copyright (c) 2003-2007 the SysCP Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.syscp.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Michael Duergner <michael@duergner.com>
- * @license    GPLv2 http://files.syscp.org/misc/COPYING.txt
- * @package    System
- *
- */
-
-if(@php_sapi_name() != 'cli'
-   && @php_sapi_name() != 'cgi'
-   && @php_sapi_name() != 'cgi-fcgi')
-{
-	die('This script will only work in the shell.');
-}
-
-$pathtophpfiles = '/var/www/syscp';
-$filename = 'htpasswd-htaccess-remover.php';
-
-/**
- * Includes the Usersettings eg. MySQL-Username/Passwort etc.
- */
-
-require ("$pathtophpfiles/lib/userdata.inc.php");
-
-/**
- * Includes the MySQL-Tabledefinitions etc.
- */
-
-require ("$pathtophpfiles/lib/tables.inc.php");
-
-/**
- * Includes the MySQL-Connection-Class
- */
-
-require ("$pathtophpfiles/lib/class_mysqldb.php");
-$debugMsg[] = 'Database Class has been loaded';
-$db = new db($sql['host'], $sql['user'], $sql['password'], $sql['db']);
-$db_root = new db($sql['host'], $sql['root_user'], $sql['root_password'], '');
-
-if($db->link_id == 0
-   || $db_root->link_id == 0)
-{
-	/**
-	 * Do not proceed further if no database connection could be established (either normal or root)
-	 */
-
-	die('Cant connect to mysqlserver. Please check userdata.inc.php! Exiting...');
-}
-
-unset($sql['password']);
-unset($db->password);
-$result = $db->query("SELECT `settingid`, `settinggroup`, `varname`, `value` FROM `" . TABLE_PANEL_SETTINGS . "`");
-
-while($row = $db->fetch_array($result))
-{
-	$settings["$row[settinggroup]"]["$row[varname]"] = $row['value'];
-}
-
-unset($row);
-unset($result);
-
-if(!isset($settings['panel']['version'])
-   || $settings['panel']['version'] != $version)
-{
-	/**
-	 * Do not proceed further if the Database version is not the same as the script version
-	 */
-
-	die('Version of File doesnt match Version of Database. Exiting...');
-}
-
-/**
- * Includes the Functions
- */
-
-require ("$pathtophpfiles/lib/functions.php");
-$result = $db->query('SELECT * FROM `' . TABLE_PANEL_HTACCESS . '` ');
-
-while($row = $db->fetch_array($result))
-{
-	if(file_exists($row['path'] . '.htaccess'))
-	{
-		unlink($row['path'] . '.htaccess');
-	}
-}
-
-$result = $db->query('SELECT * FROM `' . TABLE_PANEL_HTPASSWDS . '` ');
-
-while($row = $db->fetch_array($result))
-{
-	if(file_exists($row['path'] . '.htpasswd'))
-	{
-		unlink($row['path'] . '.htpasswd');
-	}
-}
-
-?>
--- a/install/scripts/language-check.php
+++ b/install/scripts/language-check.php
@@ -16,106 +16,90 @@
 */

 // some configs
-
 $baseLanguage = 'english.lng.php';

 // Check if we're in the CLI
-
-if(@php_sapi_name() != 'cli')
-{
+if(@php_sapi_name() !== 'cli') {
 	die('This script will only work in the shell.');
 }

 // Check argument count
-
-if(sizeof($argv) != 2)
-{
+/*
+if (sizeof($argv) != 2) {
 	print_help($argv);
 	exit;
 }
+*/

 // Load the contents of the given path
-
 $path = $argv[1];
+$_f = isset($argv[2]) ? $argv[2] : null;
 $files = array();

-if($dh = opendir($path))
-{
-	while(false !== ($file = readdir($dh)))
-	{
-		if($file != "."
+if ($dh = opendir($path)) {
+	while (false !== ($file = readdir($dh))) {
+		if ($file != "."
 		   && $file != ".."
 		   && !is_dir($file)
-		   && preg_match('/(.+)\.lng\.php/i', $file))
-		{
-			$files[$file] = str_replace('//', '/', $path . '/' . $file);
+		   && preg_match('/(.+)\.lng\.php/i', $file)
+		) {
+			if (is_null($_f) || (!is_null($_f) && ($file == $_f || $file == $baseLanguage))) {
+				$files[$file] = str_replace('//', '/', $path . '/' . $file);
+			}
 		}
 	}

 	closedir($dh);
-}
-else
-{
+} else {
 	print "ERROR: The path you requested cannot be read! \n ";
 	print "\n";
-	print_help();
+	print_help($argv);
 	exit;
 }

 // check if there is the default language defined
-
-if(!isset($files[$baseLanguage]))
-{
+if (!isset($files[$baseLanguage])) {
 	print "ERROR: The baselanguage cannot be found! \n";
 	print "\n";
-	print_help();
+	print_help($argv);
 	exit;
 }

 // import the baselanguage
-
 $base = import($files[$baseLanguage]);

 // and unset it in the files, because we don't need to compare base to base
-
 unset($files[$baseLanguage]);

 // compare each language with the baselanguage
-
-foreach($files as $key => $file)
-{
+foreach ($files as $key => $file) {
 	$comp = import($file);
+
 	print "\n\nComparing " . $baseLanguage . " to " . $key . "\n";
 	$result = compare($base, $comp);

-	if(is_array($result)
-	   && sizeof($result) > 0)
-	{
+	if (is_array($result)
+	   && sizeof($result) > 0
+	) {
 		print "  found missing strings: \n";
-		foreach($result as $value)
-		{
+		foreach ($result as $value) {
 			print "    " . $value . "\n";
 		}
-	}
-	else
-	{
+	} else {
 		print "   no missing strings found! \n ";
 	}

 	print "\nReverse Checking " . $key . " to " . $baseLanguage . "\n";
 	$result = compare($comp, $base);

-	if(is_array($result)
-	   && sizeof($result) > 0)
-	{
+	if (is_array($result)
+	   && sizeof($result) > 0
+	) {
 		print "  found strings not in basefile: \n";
-		foreach($result as $key => $value)
-		{
+		foreach ($result as $key => $value) {
 			print "    " . $value . "\n";
 		}
-	}
-	else
-	{
+	} else {
 		print "   There are no strings which are not in the basefile! \n ";
 	}
 }
@@ -129,56 +113,45 @@ foreach($files as $key => $file)
 *
 * @param  array  $argv
 */
-
-function print_help($argv)
-{
+function print_help($argv) {
 	print "Usage: php " . $argv[0] . " /PATH/TO/LNG \n";
 	print " \n ";
 }

-function import($file)
-{
+function import($file) {
+
 	$input = file($file);
 	$return = array();
-	foreach($input as $key => $value)
-	{
-		if(!preg_match('/^\$/', $value))
-		{
-			unset($input[$key]);
-		}
-		else
-		{
-			// generate the key

+	foreach ($input as $key => $value) {
+
+		if (!preg_match('/^\$/', $value)) {
+			unset($input[$key]);
+		} else {
+			// generate the key
 			$key = preg_replace('/^\$lng\[\'(.*)=(.*)$/U', '\\1', $value);
 			$key = str_replace('[\'', '/', $key);
 			$key = trim(str_replace('\']', '', $key));

 			//generate the value
-
 			$value = trim($value);

 			// set the result
-
 			$return[$key] = $value;
 		}
 	}
-
 	return $return;
 }

-function compare($array1, $array2)
-{
+function compare($array1, $array2) {
+
 	$result = array();
-	foreach($array1 as $key => $value)
-	{
-		if(!isset($array2[$key]))
-		{
+
+	foreach ($array1 as $key => $value) {
+
+		if (!isset($array2[$key])) {
 			$result[$key] = $value;
 		}
 	}
-
 	return $result;
 }
-
-?>
--- a/install/scripts/switch-server-ip.php
+++ b/install/scripts/switch-server-ip.php
@@ -0,0 +1,417 @@
+#!/usr/bin/php
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2016 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright (c) the authors
+ * @author Froxlor team <team@froxlor.org> (2016-)
+ * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package Cron
+ *
+ */
+
+// Check if we're in the CLI
+if(@php_sapi_name() !== 'cli') {
+	die('This script will only work in the shell.');
+}
+
+// give control to command line handler
+try {
+	CmdLineHandler::processParameters($argc, $argv);
+} catch (Exception $e) {
+	CmdLineHandler::printerr($e->getMessage());
+}
+
+class CmdLineHandler
+{
+
+	/**
+	 * internal variable for passed arguments
+	 *
+	 * @var array
+	 */
+	private static $args = null;
+
+	/**
+	 * Action object read from commandline/config
+	 *
+	 * @var Action
+	 */
+	private $_action = null;
+
+	/**
+	 * list of valid parameters/switches
+	 */
+	public static $switches = array(
+		/* 'd', // debug / output information for everything */
+		'h'
+	);
+ // same as --help
+	public static $params = array(
+		'switch',
+		'list',
+		'froxlor-dir',
+		'help'
+	);
+
+	/**
+	 * Returns a CmdLineHandler object with given
+	 * arguments from command line
+	 *
+	 * @param int $argc
+	 * @param array $argv
+	 *
+	 * @return CmdLineHandler
+	 */
+	public static function processParameters($argc, $argv)
+	{
+		return new CmdLineHandler($argc, $argv);
+	}
+
+	/**
+	 * returns the Action object generated in
+	 * the class constructor
+	 *
+	 * @return Action
+	 */
+	public function getAction()
+	{
+		return $this->_action;
+	}
+
+	/**
+	 * class constructor, validates the command line parameters
+	 * and sets the Action-object if valid
+	 *
+	 * @param int $argc
+	 * @param string[] $argv
+	 *
+	 * @return null
+	 * @throws Exception
+	 */
+	private function __construct($argc, $argv)
+	{
+		self::$args = $this->_parseArgs($argv);
+		$this->_action = $this->_createAction();
+	}
+
+	/**
+	 * Parses the arguments given via the command line;
+	 * three types are supported:
+	 * 1.
+	 * --parm1 or --parm2=value
+	 * 2. -xyz (multiple switches in one) or -a=value
+	 * 3. parm1 parm2
+	 *
+	 * The 1. will be mapped as
+	 * ["parm1"] => true, ["parm2"] => "value"
+	 * The 2. as
+	 * ["x"] => true, ["y"] => true, ["z"] => true, ["a"] => "value"
+	 * And the 3. as
+	 * [0] => "parm1", [1] => "parm2"
+	 *
+	 * @param array $argv
+	 *
+	 * @return array
+	 */
+	private function _parseArgs($argv)
+	{
+		array_shift($argv);
+		$o = array();
+		foreach ($argv as $a) {
+			if (substr($a, 0, 2) == '--') {
+				$eq = strpos($a, '=');
+				if ($eq !== false) {
+					$o[substr($a, 2, $eq - 2)] = substr($a, $eq + 1);
+				} else {
+					$k = substr($a, 2);
+					if (! isset($o[$k])) {
+						$o[$k] = true;
+					}
+				}
+			} else
+				if (substr($a, 0, 1) == '-') {
+					if (substr($a, 2, 1) == '=') {
+						$o[substr($a, 1, 1)] = substr($a, 3);
+					} else {
+						foreach (str_split(substr($a, 1)) as $k) {
+							if (! isset($o[$k])) {
+								$o[$k] = true;
+							}
+						}
+					}
+				} else {
+					$o[] = $a;
+				}
+		}
+		return $o;
+	}
+
+	/**
+	 * Creates an Action-Object for the Action-Handler
+	 *
+	 * @return Action
+	 * @throws Exception
+	 */
+	private function _createAction()
+	{
+
+		// Test for help-switch
+		if (empty(self::$args) || array_key_exists("help", self::$args) || array_key_exists("h", self::$args)) {
+			self::printHelp();
+			// end of execution
+		}
+		// check if no unknown parameters are present
+		foreach (self::$args as $arg => $value) {
+
+			if (is_numeric($arg)) {
+				throw new Exception("Unknown parameter '" . $value . "' in argument list");
+			} elseif (! in_array($arg, self::$params) && ! in_array($arg, self::$switches)) {
+				throw new Exception("Unknown parameter '" . $arg . "' in argument list");
+			}
+		}
+
+		// set debugger switch
+		if (isset(self::$args["d"]) && self::$args["d"] == true) {
+			// Debugger::getInstance()->setEnabled(true);
+			// Debugger::getInstance()->debug("debug output enabled");
+		}
+
+		return new Action(self::$args);
+	}
+
+	public static function printHelp()
+	{
+		self::println("");
+		self::println("Help / command line parameters:");
+		self::println("");
+		// commands
+		self::println("--switch\t\tlets you switch ip-address A with ip-address B");
+		self::println("\t\t\tExample: --switch=A,B");
+		self::println("\t\t\tExample: --switch=\"A1,B1 A2,B2 A3,B3 ...\"");
+		self::println("");
+		self::println("--list\t\t\tshow all currently used ip-addresses in froxlor");
+		self::println("");
+		self::println("--froxlor-dir\t\tpath to froxlor installation");
+		self::println("\t\t\tExample: --froxlor-dir=/var/www/froxlor/");
+		self::println("");
+		self::println("--help\t\t\tshow help screen (this)");
+		self::println("");
+		// switches
+		// self::println("-d\t\t\tenable debug output");
+		self::println("-h\t\t\tsame as --help");
+		self::println("");
+
+		die(); // end of execution
+	}
+
+	public static function println($msg = "")
+	{
+		print $msg . PHP_EOL;
+	}
+
+	private static function _printcolor($msg = "", $color = "0")
+	{
+		print "\033[" . $color . "m" . $msg . "\033[0m" . PHP_EOL;
+	}
+
+	public static function printerr($msg = "")
+	{
+		self::_printcolor($msg, "31");
+	}
+
+	public static function printsucc($msg = "")
+	{
+		self::_printcolor($msg, "32");
+	}
+
+	public static function printwarn($msg = "")
+	{
+		self::_printcolor($msg, "33");
+	}
+}
+
+class Action
+{
+
+	private $_args = null;
+
+	private $_name = null;
+
+	private $_db = null;
+
+	public function __construct($args)
+	{
+		$this->_args = $args;
+		$this->_validate();
+	}
+
+	public function getActionName()
+	{
+		return $this->_name;
+	}
+
+	/**
+	 * validates the parsed command line parameters
+	 *
+	 * @throws Exception
+	 */
+	private function _validate()
+	{
+		$need_config = false;
+		if (array_key_exists("list", $this->_args) || array_key_exists("switch", $this->_args)) {
+			$need_config = true;
+		}
+
+		$this->_checkConfigParam($need_config);
+
+		$this->_parseConfig();
+
+		if (array_key_exists("list", $this->_args)) {
+			$this->_listIPs();
+		}
+		if (array_key_exists("switch", $this->_args)) {
+			$this->_switchIPs();
+		}
+	}
+
+	private function _listIPs()
+	{
+		$sel_stmt = Database::prepare("SELECT * FROM panel_ipsandports ORDER BY ip ASC, port ASC");
+		Database::pexecute($sel_stmt);
+		$ips = $sel_stmt->fetchAll(PDO::FETCH_ASSOC);
+		$mask = "|%-10.10s |%-50.50s | %10.10s |\n";
+		printf($mask, str_repeat("-", 10), str_repeat("-", 50), str_repeat("-", 10));
+		printf($mask, 'id', 'IP address', 'port');
+		printf($mask, str_repeat("-", 10), str_repeat("-", 50), str_repeat("-", 10));
+		foreach ($ips as $ipdata) {
+			printf($mask, $ipdata['id'], $ipdata['ip'], $ipdata['port']);
+		}
+		printf($mask, str_repeat("-", 10), str_repeat("-", 50), str_repeat("-", 10));
+		echo PHP_EOL . PHP_EOL;
+	}
+
+	private function _switchIPs()
+	{
+		$ip_list = $this->_args['switch'];
+
+		if (empty($ip_list) || is_bool($ip_list)) {
+			throw new Exception("No paramters given for --switch action.");
+		}
+
+		$ips_to_switch = array();
+		$ip_list = explode(" ", $ip_list);
+		foreach ($ip_list as $ips_combo) {
+			$ip_pair = explode(",", $ips_combo);
+			if (count($ip_pair) != 2) {
+				throw new Exception("Invalid parameter given for --switch");
+			} else {
+				if (filter_var($ip_pair[0], FILTER_VALIDATE_IP) == false) {
+					throw new Exception("Invalid source ip address: " . $ip_pair[0]);
+				}
+				if (filter_var($ip_pair[1], FILTER_VALIDATE_IP) == false) {
+					throw new Exception("Invalid target ip address: " . $ip_pair[1]);
+				}
+				if ($ip_pair[0] == $ip_pair[1]) {
+					throw new Exception("Source and target ip address are equal");
+				}
+			}
+			$ips_to_switch[] = $ip_pair;
+		}
+
+		if (count($ips_to_switch) > 0) {
+			$upd_stmt = Database::prepare("UPDATE panel_ipsandports SET `ip` = :newip WHERE `ip` = :oldip");
+
+			// system.ipaddress
+			$check_sysip_stmt = Database::prepare("SELECT `value` FROM `panel_settings` WHERE `settinggroup` = 'system' and `varname` = 'ipaddress'");
+			$check_sysip = Database::pexecute_first($check_sysip_stmt);
+
+			// system.mysql_access_host
+			$check_mysqlip_stmt = Database::prepare("SELECT `value` FROM `panel_settings` WHERE `settinggroup` = 'system' and `varname` = 'mysql_access_host'");
+			$check_mysqlip = Database::pexecute_first($check_mysqlip_stmt);
+
+			// system.axfrservers
+			$check_axfrip_stmt = Database::prepare("SELECT `value` FROM `panel_settings` WHERE `settinggroup` = 'system' and `varname` = 'axfrservers'");
+			$check_axfrip = Database::pexecute_first($check_axfrip_stmt);
+
+			foreach ($ips_to_switch as $ip_pair) {
+				echo "Switching IP \033[1m" . $ip_pair[0] . "\033[0m to IP \033[1m" . $ip_pair[1] . "\033[0m" . PHP_EOL;
+				Database::pexecute($upd_stmt, array(
+					'newip' => $ip_pair[1],
+					'oldip' => $ip_pair[0]
+				));
+				$rows_updated = $upd_stmt->rowCount();
+
+				if ($rows_updated == 0) {
+					CmdLineHandler::printwarn("Note: " . $ip_pair[0] . " not updated to " . $ip_pair[1] . " (possibly no entry found in froxlor database. Use --list to see what IP addresses are added in froxlor");
+				}
+
+				// check whether the system.ipaddress needs updating
+				if ($check_sysip['value'] == $ip_pair[0]) {
+					$upd2_stmt = Database::prepare("UPDATE `panel_settings` SET `value` = :newip WHERE `settinggroup` = 'system' and `varname` = 'ipaddress'");
+					Database::pexecute($upd2_stmt, array(
+						'newip' => $ip_pair[1]
+					));
+					CmdLineHandler::printsucc("Updated system-ipaddress from '" . $ip_pair[0] . "' to '" . $ip_pair[1] . "'");
+				}
+
+				// check whether the system.mysql_access_host needs updating
+				if (strstr($check_mysqlip['value'], $ip_pair[0]) !== false) {
+					$new_mysqlip = str_replace($ip_pair[0], $ip_pair[1], $check_mysqlip['value']);
+					$upd2_stmt = Database::prepare("UPDATE `panel_settings` SET `value` = :newmysql WHERE `settinggroup` = 'system' and `varname` = 'mysql_access_host'");
+					Database::pexecute($upd2_stmt, array(
+						'newmysql' => $new_mysqlip
+					));
+					CmdLineHandler::printsucc("Updated mysql_access_host from '" . $check_mysqlip['value'] . "' to '" . $new_mysqlip . "'");
+				}
+
+				// check whether the system.axfrservers needs updating
+				if (strstr($check_axfrip['value'], $ip_pair[0]) !== false) {
+					$new_axfrip = str_replace($ip_pair[0], $ip_pair[1], $check_axfrip['value']);
+					$upd2_stmt = Database::prepare("UPDATE `panel_settings` SET `value` = :newaxfr WHERE `settinggroup` = 'system' and `varname` = 'axfrservers'");
+					Database::pexecute($upd2_stmt, array(
+						'newaxfr' => $new_axfrip
+					));
+					CmdLineHandler::printsucc("Updated axfrservers from '" . $check_axfrip['value'] . "' to '" . $new_axfrip . "'");
+				}
+			}
+		}
+
+		echo PHP_EOL;
+		CmdLineHandler::printwarn("*** ATTENTION *** Remember to replace IP addresses in configuration files if used anywhere.");
+		CmdLineHandler::printsucc("IP addresses updated");
+	}
+
+	private function _parseConfig()
+	{
+		define('FROXLOR_INSTALL_DIR', $this->_args['froxlor-dir']);
+		if (!file_exists(FROXLOR_INSTALL_DIR . '/lib/classes/database/class.Database.php')) {
+			throw new Exception("Could not find froxlor's Database class. Is froxlor really installed to '".FROXLOR_INSTALL_DIR."'?");
+		}
+		if (!file_exists(FROXLOR_INSTALL_DIR . '/lib/userdata.inc.php')) {
+			throw new Exception("Could not find froxlor's userdata.inc.php file. You should use this script only with a fully installed and setup froxlor system.");
+		}
+		require FROXLOR_INSTALL_DIR . '/lib/classes/database/class.Database.php';
+	}
+
+	private function _checkConfigParam($needed = false)
+	{
+		if ($needed) {
+			if (! isset($this->_args["froxlor-dir"])) {
+				throw new Exception("No configuration given (missing --froxlor-dir parameter?)");
+			} elseif (! is_dir($this->_args["froxlor-dir"])) {
+				throw new Exception("Given --froxlor-dir parameter is not a directory");
+			} elseif (! file_exists($this->_args["froxlor-dir"])) {
+				throw new Exception("Given froxlor directory cannot be found ('" . $this->_args["froxlor-dir"] . "')");
+			} elseif (! is_readable($this->_args["froxlor-dir"])) {
+				throw new Exception("Given froxlor direcotry cannot be read ('" . $this->_args["froxlor-dir"] . "')");
+			}
+		}
+	}
+}
--- a/install/templates/assets/css/install.css
+++ b/install/templates/assets/css/install.css
@@ -0,0 +1,567 @@
+@charset "UTF-8";
+/* RESET */
+html,body,div,ul,ol,li,dl,dt,dd,h1,h2,h3,h4,h5,h6,pre,form,p,blockquote,fieldset,input { margin:0; padding:0; }
+h1,h2,h3,h4,h5,h6,pre,code,address,caption,cite,code,em,strong,th { font-size:1em; font-weight:400; font-style:normal; }
+ul,ol { list-style:none; }
+fieldset,img { border:none; }
+caption,th { text-align:left; }
+table { border-collapse:collapse; border-spacing:0; }
+article,aside,details,figcaption,figure,footer,header,hgroup,menu,nav,section { display:block; }
+
+/* TYPE */
+html,body {
+	font:12px/18px 'Lucida Grande','Lucida Sans Unicode',Helvetica,Arial,Verdana,sans-serif;
+	background-color: #f5f5f5;
+	color:#444;
+	-webkit-font-smoothing: subpixel-antialiased;
+}
+
+body {
+	margin:0;
+	padding:0;
+}
+
+.dark {
+	background-color: #e9edf0;
+	border-bottom:1px solid #d1d5d8;
+}
+
+header img {
+	padding:10px 0 10px 10px;
+}
+
+h1 {
+	display:none;
+}
+
+h2, h3 {
+	margin: 0 0 1em 0;
+	padding: 0;
+	font-weight: bold;
+}
+
+h2 {
+	font-size:17px;
+}
+
+h3 {
+	font-size: 15px;
+}
+
+
+img {
+	border:0;
+	vertical-align:middle;
+}
+
+td a {
+	text-decoration:none;
+}
+
+.bradius {
+	border-radius: 5px 5px 5px 5px;
+	box-shadow: rgba(0, 0, 0, 0.34902) 0px 1px 3px 0px;
+}
+
+/* FOOTER */
+footer {
+	clear:both;
+	text-align:center;
+	color: #888;
+	font-size:10px !important;
+	margin: 10px 0;
+}
+
+footer a,footer a:active,footer a:visited {
+	color: #888;
+}
+
+.install {
+	background-color:#fff;
+	margin: 20px;
+	margin-left: auto;
+	margin-right: auto;
+	margin-bottom: 12px;
+	width: 800px;
+}
+
+p {
+	margin: 0 10px !important;
+}
+
+.installsec {
+	margin-top:10px;
+	padding:0;
+	text-align:left;
+}
+
+.installsec table {
+	width:100%;
+	padding:0 10px;
+	margin: 15px 0 15px 0;
+}
+
+.installsec h2 {
+	display: block;
+	border-bottom: 1px solid #d1d5d8;
+	margin: 0;
+	padding: 5px 15px 15px 15px;
+}
+
+.installsec form {
+	width:800px;
+	margin:0 auto;
+	padding:10px 0 0;
+	text-align:left;
+}
+
+.installsec fieldset {
+	border:0;
+	float:left;
+	clear:left;
+	width:600px;
+	margin:0 100px 10px;
+	padding:0;
+}
+
+.installsec legend {
+	display:none;
+}
+
+.installsec label {
+	float:left;
+	margin-right:0;
+	margin-top:8px;
+	text-align:left;
+}
+
+p.submit {
+	text-align:right;
+	padding-right:46px;
+}
+
+.installsec aside {
+	border-top:1px solid #d1d5d8;
+	clear:both;
+	float:none;
+	width:auto;
+	text-align: right;
+	padding: 10px;
+}
+
+.line {
+	border: 0;
+	width: 800px;
+	border-bottom:1px solid #d1d5d8;
+}
+
+.messagewrapper {
+	width:650px;
+	margin:0 auto;
+	padding:120px 0 0;
+	overflow:hidden;
+}
+
+.messagewrapperfull {
+	width:100%;
+	margin:0 auto;
+	padding:0;
+	overflow:hidden;
+}
+
+.overviewsearch {
+	position:absolute;
+	top:155px;
+	right:36px;
+	font-size:80%;
+}
+
+.overviewadd {
+	padding:10px;
+	font-weight:700;
+}
+
+/*
+ * error message display
+ */
+.errorcontainer {
+	background:url(../img/icons/error_big.png) 10px center no-repeat #ffedef;
+	border:1px solid #ffc2ca;
+	padding:10px 10px 10px 68px!important;
+	margin: 10px 0 10px 0 !important;
+	text-align:left!important;
+	overflow:hidden;
+	box-shadow: 0px 0px 0px black;
+}
+
+.errortitle {
+	font-weight:700;
+	color:#c00!important;
+}
+
+.error {
+	font-weight:400!important;
+	color:#c00!important;
+}
+
+/*
+ * warning message display
+ */
+.warningcontainer,.ui-dialog {
+	background:url(../img/icons/warning_big.png) 10px center no-repeat #fffecc;
+	border:1px solid #f3c37e;
+	padding:10px 10px 10px 68px !important;
+	margin: 10px 0 10px 0 !important;
+	text-align:left!important;
+	overflow:hidden;
+	box-shadow: 0px 0px 0px black;
+}
+.ui-dialog {
+	padding: 10px !important;
+}
+
+.warningtitle,.ui-dialog-titlebar {
+	font-weight:700;
+	color:#D57D00;
+}
+
+.warning,.ui-dialog-content {
+	color:#D57D00!important;
+}
+
+/*
+ * success message display
+ */
+.successcontainer {
+	background:url(../img/icons/ok_big.png) 10px center no-repeat #E2F9E3;
+	border:1px solid #9C9;
+	padding:10px 10px 10px 68px!important;
+	margin: 10px 0 10px 0 !important;
+	text-align:left!important;
+	overflow:hidden;
+	box-shadow: 0px 0px 0px black;
+}
+
+.successtitle {
+	font-weight:700;
+	color:#060!important;
+}
+
+.success {
+	font-weight:400!important;
+}
+
+/*
+ * neutral/info message display
+ */
+.neutralcontainer {
+	background:url(../img/icons/info_big.png) 10px center no-repeat #d2eaf6;
+	border:1px solid #b7d8ed;
+	padding:10px 10px 10px 68px!important;
+	margin: 10px 0 10px 0 !important;
+	text-align:left!important;
+	overflow:hidden;
+	box-shadow: 0px 0px 0px black;
+}
+
+.neutraltitle {
+	font-weight:700;
+	color:#3188c1!important;
+}
+
+.neutral {
+	font-weight:400!important;
+	color:#3188c1!important;
+}
+
+/* std hyperlink */
+a,a:active,a:visited {
+	color:#176fa1;
+	text-decoration:none;
+}
+
+a:hover {
+	text-decoration:underline;
+}
+
+.infotext {
+	font-size:11px;
+}
+
+/*
+ * main container
+ */
+.main {
+	margin-left:240px;
+	margin-right:10px;
+	margin-top:105px;
+	margin-bottom:0;
+	background-color:#fff;
+	padding: 30px 30px 30px 30px;
+	min-height:400px;
+}
+
+.noborder {
+	width:100%;
+	border-spacing:0;
+	border-collapse:separate;
+	border: 0;
+}
+
+.noborder td {
+	border:0;
+}
+
+table {
+	width:100%;
+	border-spacing:0;
+	border:1px solid #d1d5d8;
+	border-collapse:separate;
+	box-shadow:0px 0px 0px black !important;
+}
+
+table thead th, table th {
+	border-top: 1px solid #d1d5d8;
+	border-bottom: 1px solid #d1d5d8;
+	height: 25px !important;
+	padding: 5px 0px 5px 8px;
+	background-color: #e9edf0;
+	font-weight: bold;
+}
+table thead:first-child th, table:first-child th {
+	border-top: none !important;
+}
+
+table th {
+	border-top: 0;
+}
+th a:hover {
+	text-decoration: none;
+}
+th a img {
+}
+th a:nth-child(odd) img {
+	position: relative;
+	top: -5px;
+	left: 4px;
+}
+th a:nth-child(even) img {
+	position: relative;
+	top: 3px;
+	left: -7px;
+}
+
+table thead:first-child th {
+	border-top: 0;
+}
+
+.disabled td, .disabled td a {
+	color: #cfcfcf;
+}
+
+table tbody td {
+	border-bottom:1px dotted #ccc;
+}
+table tbody tr:last-child td {
+	border-bottom: 0;
+}
+
+.formtable {
+	width: 100%;
+	border-spacing:0;
+	border:0;
+	border-collapse:separate;
+	margin:0 0 0;
+}
+
+.formtable tbody td {
+	border:0;
+	border-bottom:1px dotted #ccc;
+	min-height: 20px;
+}
+
+.formtable label {
+	float:none;
+	display:block;
+	padding:0;
+	margin:0;
+	width:100%;
+	text-align:left;
+}
+
+td {
+	padding-top:5px;
+	padding-left:10px;
+	padding-right: 10px;
+	padding-bottom:5px;
+	min-height: 20px;
+}
+
+table tfoot td {
+	height:25px;
+	border-top: 1px solid #d1d5d8;
+	background-color: #f2f8fa;
+}
+
+.tfootleft {
+	text-align:left;
+}
+
+.maintitle {
+	padding-top:20px;
+}
+
+/* input elements */
+input {
+	background: #fff url(../img/text_align_left.png) no-repeat 5px 4px;
+	color: #333;
+	padding:2px 4px 2px 24px;
+	height:22px;
+	border: 1px solid #d9d9d9;
+	margin-bottom: 5px;
+	border-radius: 3px;
+}
+
+textarea {
+	background:#fff url(../img/text_align_left.png) no-repeat 5px 4px;
+	color: #333;
+	padding:4px 4px 2px 24px;
+	border:1px solid #d9d9d9;
+	margin-bottom: 5px;
+	border-radius: 3px;
+}
+
+input[type="password"] {
+	background:#fff url(../img/password.png) no-repeat 5px 4px;
+}
+
+/*
+ *  BUTTONS
+ */
+input[type="button"],input[type="submit"],input[type="reset"] {
+	margin: 0 5px;
+	padding: 5px 14px;
+	outline: 0;
+	border: 0;
+	background-color: #eee;
+	min-width: 80px;
+	height: 26px;
+	background-image: none;
+	border-width: 0px;
+}
+.loginsec input[type="button"], .loginsec input[type="submit"], .loginsec input[type="reset"] {
+	margin: 0 1px;
+}
+input[type="button"]:hover,input[type="submit"]:hover,input[type="reset"]:hover {
+    color: #333;
+    background-color: #dcdcdc;
+}
+input[type="button"]:active,input[type="submit"]:active,input[type="reset"]:active {
+    -webkit-box-shadow: inset 0 1px 8px rgba(0, 0, 0, 0.25);
+    -moz-box-shadow: inset 0 1px 8px rgba(0, 0, 0, 0.25);
+    box-shadow: inset 0 1px 8px rgba(0, 0, 0, 0.25);
+    color: white !important;
+}
+input[type="submit"],input[class="yesbutton"] {
+    color: white;
+    background-color: #35aa47;
+}
+input[type="submit"]:hover,input[class="yesbutton"]:hover {
+	color: white;
+    background-color: #1d943b;
+}
+input[class="submit"]:active,input[class="yesbutton"]:active {
+	background-color: #35aa47;
+}
+input[class="nobutton"],input[type="reset"] {
+    color: white;
+    background-color: #d84a38;
+}
+input[class="nobutton"]:hover,input[type="reset"]:hover {
+	color: white;
+    background-color: #c53727;
+}
+input[class="nobutton"]:active,input[type="reset"]:active {
+    background-color: #dd4b39;
+}
+
+
+input[type="checkbox"] {
+	background:#dae7ee;
+	padding: 0;
+	margin: 0 5px 0 0;
+	vertical-align: middle;
+	height: 26px;
+}
+
+input[type="radio"] {
+	margin: 0 10px 0 10px;
+	height:22px;
+}
+
+select {
+	background:#fff;
+	padding:4px;
+	color: #333;
+	border:1px solid #d9d9d9;
+	margin-bottom: 5px;
+	min-width: 100px;
+}
+select.dropdown {
+	padding: 2px 4px 2px 24px;
+	height: 26px;
+	border: 1px solid #d9d9d9;
+	margin-bottom: 5px;
+	border-radius: 3px;
+	background: url(../../../../templates/Sparkle/assets/img/icons/down.png) no-repeat 9px;
+	-webkit-appearance: none;
+    -moz-appearance: none;
+    appearance: none;
+}
+
+.maintable {
+	width:90%;
+}
+
+.update_progess {
+	padding:2em;
+	text-align:left;
+}
+
+.preconfig {
+	text-align:left;
+	margin-top:20px;
+	margin-bottom:5px;
+	margin-right:15px;
+	margin-left:15px;
+}
+
+.preconfigitem {
+	padding:.15em;
+	border-bottom:1px solid #ccc;
+}
+
+.preconfdesc {
+	display:block;
+	margin-bottom:.5em;
+	font-size:120%;
+}
+.installprogress {
+	width: 100%;
+	background-color:#e4e4e4;
+	height:5px;
+	border-bottom:1px solid #d1d5d8;
+}
+.installprogress .bar {
+	background-color: #35aa47;
+	height:5px;
+}
+
+.red { color: #ff0000; }
+.green { color: green; }
+.orange { color: orange; }
+.blue { color: blue; }
+.install-block { width: 65%; }
+.install-step { width: 250px; }
+.install-h3 { text-align: center; }
+.install-text { margin: 20px 20px 0 !important; }
--- a/install/templates/assets/img/favicon.ico
+++ b/install/templates/assets/img/favicon.ico
--- a/install/templates/assets/img/logo.png
+++ b/install/templates/assets/img/logo.png
--- a/install/templates/assets/img/password.png
+++ b/install/templates/assets/img/password.png
--- a/templates/Froxlor/assets/img/icons/text_align_left.png
+++ b/templates/Froxlor/assets/img/icons/text_align_left.png
--- a/install/templates/dataform.tpl
+++ b/install/templates/dataform.tpl
@@ -0,0 +1,10 @@
+		<p class="install-text">{$this->_lng['install']['title']}</p>
+		<form action="{$formaction}" method="get">
+			<fieldset>
+				{$formdata}
+				<p class="submit">
+					<input type="hidden" name="check" value="1" />
+					<input type="submit" name="chooselang" value="{$this->_lng['install']['btn_go']}" />
+				</p>
+			</fieldset>
+		</form>
--- a/install/templates/dataform2.tpl
+++ b/install/templates/dataform2.tpl
@@ -0,0 +1,13 @@
+		<p class="install-text">{$this->_lng['install']['welcometext']}</p>
+		<form action="{$formaction}" method="post">
+			<hr class="line">
+			<fieldset>
+				{$formdata}
+			</fieldset>
+			<aside>
+			<input type="hidden" name="check" value="1" />
+			<input type="hidden" name="language" value="{$language}" />
+			<input type="hidden" name="installstep" value="1" />
+			<input class="bottom" type="submit" name="submitbutton" value="{$this->_lng['click_here_to_continue']}" />
+			</aside>
+		</form>
--- a/install/templates/dataitem.tpl
+++ b/install/templates/dataitem.tpl
@@ -0,0 +1,4 @@
+<p>
+	<label for="{$fieldname}" class="install-block {$style}">{$fieldlabel}:</label>&nbsp;
+	<input type="{$type}" name="{$fieldname}" id="{$fieldname}" value="{$fieldvalue}" {$required} />
+</p>
--- a/install/templates/dataitemchk.tpl
+++ b/install/templates/dataitemchk.tpl
@@ -0,0 +1,4 @@
+<p>
+	<label for="{$fieldname}" class="install-block {$style}">{$this->_lng['install']['webserver']} {$fieldlabel}:</label>
+	<input type="radio" name="webserver" id="{$fieldname}" value="{$fieldname}" {$checked} /><span>{$fieldlabel}<span>
+</p>
--- a/install/templates/dataitemyesno.tpl
+++ b/install/templates/dataitemyesno.tpl
@@ -0,0 +1,4 @@
+<p>
+	<label for="{$fieldname}" class="install-block {$style}">{$fieldlabel}:</label>
+	<input type="checkbox" name="{$fieldname}" id="{$fieldname}" value="1" {$checked} />
+</p>
--- a/install/templates/datasection.tpl
+++ b/install/templates/datasection.tpl
@@ -0,0 +1,2 @@
+<br />
+<h3>{$section}</h3>
--- a/install/templates/footer.tpl
+++ b/install/templates/footer.tpl
@@ -0,0 +1,7 @@
+	</div>
+	<footer>
+		<span> Froxlor &copy; 2009-{$current_year} by <a href="http://www.froxlor.org/" rel="external">the Froxlor Team</a>
+		</span>
+	</footer>
+</body>
+</html>
--- a/install/templates/header.tpl
+++ b/install/templates/header.tpl
@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+	<meta charset="utf-8" />
+	<meta http-equiv="Default-Style" content="text/css" />
+	<!--[if lt IE 9]><script src="../js/html5shiv.min.js"></script><![endif]-->
+	<link href="templates/assets/css/install.css" rel="stylesheet" type="text/css" />
+	<!--[if IE]><link rel="stylesheet" href="../templates/{$theme}/css/main_ie.css" type="text/css" /><![endif]-->
+	<link href="templates/assets/img/favicon.ico" rel="icon" type="image/x-icon" />
+	<title>Froxlor Server Management Panel - Installation</title>
+</head>
+<body>
+	<div class="installsec">
--- a/install/templates/lngform.tpl
+++ b/install/templates/lngform.tpl
@@ -0,0 +1,20 @@
+		<form action="{$formaction}" method="get">
+			<fieldset>
+				<legend>{$this->_lng['install']['lngtitle']}</legend>
+				<table class="noborder">
+					<tr>
+						<td>
+							<label for="language">{$this->_lng['install']['language']}:</label>
+						</td>
+						<td align="right">
+							<select name="language" id="language" class="dropdown">
+								{$language_options}
+							</select>
+							<input type="hidden" name="check" value="1" />
+							<input type="submit" name="chooselang" value="{$this->_lng['install']['lngbtn_go']}" />
+						</td>
+					</tr>
+				</table>
+			</fieldset>
+		</form>
+		<hr class="line">
--- a/install/templates/page.tpl
+++ b/install/templates/page.tpl
@@ -0,0 +1,11 @@
+<article class="install bradius">
+	<header class="dark">
+		<img src="../templates/{$theme}/assets/img/logo.png" alt="Froxlor Server Management Panel" />
+	</header>
+
+	<section class="installsec">
+		<h2>{$pagetitle}</h2>
+			{$pagecontent}
+		{$pagenavigation}
+	</section>
+</article>
--- a/install/templates/pagebottom.tpl
+++ b/install/templates/pagebottom.tpl
@@ -0,0 +1,4 @@
+<h3 class="install-h3 {$msgcolor}">{$message}</h3>
+<aside>
+	<a href="{$link}">{$linktext}</a>
+</aside>
--- a/install/templates/textarea.tpl
+++ b/install/templates/textarea.tpl
@@ -0,0 +1,5 @@
+<tr>
+	<td class="main_field_name">
+		<p>{$escpduserdata}</p>
+	</td>
+</tr>
--- a/install/tsmarty2c.php
+++ b/install/tsmarty2c.php
@@ -1,124 +0,0 @@
-#!/usr/bin/php
-<?php
-/**
- * tsmarty2c.php - rips gettext strings from smarty template
- *
- * ------------------------------------------------------------------------- *
- * This library is free software; you can redistribute it and/or             *
- * modify it under the terms of the GNU Lesser General Public                *
- * License as published by the Free Software Foundation; either              *
- * version 2.1 of the License, or (at your option) any later version.        *
- *                                                                           *
- * This library is distributed in the hope that it will be useful,           *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of            *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU         *
- * Lesser General Public License for more details.                           *
- *                                                                           *
- * You should have received a copy of the GNU Lesser General Public          *
- * License along with this library; if not, write to the Free Software       *
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA *
- * ------------------------------------------------------------------------- *
- *
- * This command line script rips gettext strings from smarty file, 
- * and prints them to stdout in C format, that can later be used with the 
- * standard gettext tools.
- *
- * Usage:
- * ./tsmarty2c.php <filename or directory> <file2> <..> > smarty.c
- *
- * If a parameter is a directory, the template files within will be parsed.
- *
- * @package	smarty-gettext
- * @version	$Id: tsmarty2c.php,v 1.3 2005/07/27 17:59:39 sagi Exp $
- * @link	http://smarty-gettext.sf.net/
- * @author	Sagi Bashari <sagi@boom.org.il>
- * @copyright 2004-2005 Sagi Bashari
- */
-
-// smarty open tag
-$ldq = preg_quote('{');
-
-// smarty close tag
-$rdq = preg_quote('}');
-
-// smarty command
-$cmd = preg_quote('t');
-
-// extensions of smarty files, used when going through a directory
-$extensions = array('tpl');
-
-// "fix" string - strip slashes, escape and convert new lines to \n
-function fs($str)
-{
-	$str = stripslashes($str);
-	$str = str_replace('"', '\"', $str);
-	$str = str_replace("\n", '\n', $str);
-	return $str;
-}
-
-// rips gettext strings from $file and prints them in C format
-function do_file($file)
-{
-	$content = @file_get_contents($file);
-
-	if (empty($content)) {
-		return;
-	}
-
-	global $ldq, $rdq, $cmd;
-
-	preg_match_all(
-			"/{$ldq}\s*({$cmd})\s*([^{$rdq}]*){$rdq}([^{$ldq}]*){$ldq}\/\\1{$rdq}/",
-			$content,
-			$matches
-	);
-	
-	for ($i=0; $i < count($matches[0]); $i++) {
-		// TODO: add line number
-		echo "/* $file */\n"; // credit: Mike van Lammeren 2005-02-14
-		
-		if (preg_match('/plural\s*=\s*["\']?\s*(.[^\"\']*)\s*["\']?/', $matches[2][$i], $match)) {
-			echo 'ngettext("'.fs($matches[3][$i]).'","'.fs($match[1]).'",x);'."\n";
-		} else {
-			echo 'gettext("'.fs($matches[3][$i]).'");'."\n";
-		}
-
-		echo "\n";
-	}
-}
-
-// go through a directory
-function do_dir($dir)
-{
-	$d = dir($dir);
-
-	while (false !== ($entry = $d->read())) {
-		if ($entry == '.' || $entry == '..') {
-			continue;
-		}
-
-		$entry = $dir.'/'.$entry;
-
-		if (is_dir($entry)) { // if a directory, go through it
-			do_dir($entry);
-		} else { // if file, parse only if extension is matched
-			$pi = pathinfo($entry);
-			
-			if (isset($pi['extension']) && in_array($pi['extension'], $GLOBALS['extensions'])) {
-				do_file($entry);
-			}
-		}
-	}
-
-	$d->close();
-}
-
-for ($ac=1; $ac < $_SERVER['argc']; $ac++) {
-	if (is_dir($_SERVER['argv'][$ac])) { // go through directory
-		do_dir($_SERVER['argv'][$ac]);
-	} else { // do file
-		do_file($_SERVER['argv'][$ac]);
-	}
-}
-
-?>
--- a/install/updates/froxlor/0.9/update_0.9.inc.php
+++ b/install/updates/froxlor/0.9/update_0.9.inc.php
--- a/Show More
+++ b/Show More
				`@@ -1 +0,0 @@`
				.jqplot-target{position:relative;color:#666;font-family:"Trebuchet MS",Arial,Helvetica,sans-serif;font-size:1em;}.jqplot-axis{font-size:.75em;}.jqplot-xaxis{margin-top:10px;}.jqplot-x2axis{margin-bottom:10px;}.jqplot-yaxis{margin-right:10px;}.jqplot-y2axis,.jqplot-y3axis,.jqplot-y4axis,.jqplot-y5axis,.jqplot-y6axis,.jqplot-y7axis,.jqplot-y8axis,.jqplot-y9axis{margin-left:10px;margin-right:10px;}.jqplot-axis-tick,.jqplot-xaxis-tick,.jqplot-yaxis-tick,.jqplot-x2axis-tick,.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick{position:absolute;}.jqplot-xaxis-tick{top:0;left:15px;vertical-align:top;}.jqplot-x2axis-tick{bottom:0;left:15px;vertical-align:bottom;}.jqplot-yaxis-tick{right:0;top:15px;text-align:right;}.jqplot-yaxis-tick.jqplot-breakTick{right:-20px;margin-right:0;padding:1px 5px 1px 5px;z-index:2;font-size:1.5em;}.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick{left:0;top:15px;text-align:left;}.jqplot-meterGauge-tick{font-size:.75em;color:#999;}.jqplot-meterGauge-label{font-size:1em;color:#999;}.jqplot-xaxis-label{margin-top:10px;font-size:11pt;position:absolute;}.jqplot-x2axis-label{margin-bottom:10px;font-size:11pt;position:absolute;}.jqplot-yaxis-label{margin-right:10px;font-size:11pt;position:absolute;}.jqplot-y2axis-label,.jqplot-y3axis-label,.jqplot-y4axis-label,.jqplot-y5axis-label,.jqplot-y6axis-label,.jqplot-y7axis-label,.jqplot-y8axis-label,.jqplot-y9axis-label{font-size:11pt;position:absolute;}table.jqplot-table-legend{margin-top:12px;margin-bottom:12px;margin-left:12px;margin-right:12px;}table.jqplot-table-legend,table.jqplot-cursor-legend{background-color:rgba(255,255,255,0.6);border:1px solid #ccc;position:absolute;font-size:.75em;}td.jqplot-table-legend{vertical-align:middle;}td.jqplot-seriesToggle:hover,td.jqplot-seriesToggle:active{cursor:pointer;}td.jqplot-table-legend>div{border:1px solid #ccc;padding:1px;}div.jqplot-table-legend-swatch{width:0;height:0;border-top-width:5px;border-bottom-width:5px;border-left-width:6px;border-right-width:6px;border-top-style:solid;border-bottom-style:solid;border-left-style:solid;border-right-style:solid;}.jqplot-title{top:0;left:0;padding-bottom:.5em;font-size:1.2em;}table.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em;}.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px;}.jqplot-highlighter-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px;}.jqplot-point-label{font-size:.75em;z-index:2;}td.jqplot-cursor-legend-swatch{vertical-align:middle;text-align:center;}div.jqplot-cursor-legend-swatch{width:1.2em;height:.7em;}.jqplot-error{text-align:center;}.jqplot-error-message{position:relative;top:46%;display:inline-block;}div.jqplot-bubble-label{font-size:.8em;padding-left:2px;padding-right:2px;color:rgb(20%,20%,20%);}div.jqplot-bubble-label.jqplot-bubble-label-highlight{background:rgba(90%,90%,90%,0.7);}div.jqplot-noData-container{text-align:center;background-color:rgba(96%,96%,96%,0.3);}