setting version to 0.9.33.2 for bugfix release

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>

.gitignore

@@ -1,6 +1,3 @@
-packages/*
-lib/classes/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/*/
-temp/*
 templates/*
 logs/*
 install/update.log

actions/admin/settings/100.panel.php

@@ -93,23 +93,6 @@ return array(
 					'option_options' => array('Manual' => $lng['serversettings']['manual'], 'Dropdown' => $lng['serversettings']['dropdown']),
 					'save_method' => 'storeSettingField',
 					),
-				'use_webfonts' => array(
-					'label' => $lng['serversettings']['enablewebfonts'],
-					'settinggroup' => 'panel',
-					'varname' => 'use_webfonts',
-					'type' => 'bool',
-					'default' => true,
-					'save_method' => 'storeSettingField',
-					),
-				'webfont' => array(
-					'label' => $lng['serversettings']['definewebfont']['title'],
-					'settinggroup' => 'panel',
-					'varname' => 'webfont',
-					'type' => 'string',
-					'default' => 'Numans',
-					'string_emptyallowed' => false,
-					'save_method' => 'storeSettingField',
-					),
 				'panel_adminmail' => array(
 					'label' => $lng['serversettings']['adminmail'],
 					'settinggroup' => 'panel',
@@ -202,6 +185,24 @@ return array(
 					'default' => true,
 					'save_method' => 'storeSettingField',
 					),
+				'customer_show_news_feed' => array(
+					'label' => $lng['admin']['customer_show_news_feed'],
+					'settinggroup' => 'customer',
+					'varname' => 'show_news_feed',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'customer_news_feed_url' => array(
+					'label' => $lng['admin']['customer_news_feed_url'],
+					'settinggroup' => 'customer',
+					'varname' => 'news_feed_url',
+					'type' => 'string',
+					'string_type' => 'url',
+					'string_emptyallowed' => true,
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					),
 				'panel_allow_domain_change_admin' => array(
 					'label' => $lng['serversettings']['panel_allow_domain_change_admin'],
 					'settinggroup' => 'panel',

actions/admin/settings/110.accounts.php

@@ -70,6 +70,46 @@ return array(
 					'default' => 0,
 					'save_method' => 'storeSettingField',
 					),
+				'panel_password_alpha_lower' => array(
+					'label' => $lng['serversettings']['panel_password_alpha_lower'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_alpha_lower',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_alpha_upper' => array(
+					'label' => $lng['serversettings']['panel_password_alpha_upper'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_alpha_upper',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_numeric' => array(
+					'label' => $lng['serversettings']['panel_password_numeric'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_numeric',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_special_char_required' => array(
+					'label' => $lng['serversettings']['panel_password_special_char_required'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_special_char_required',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_special_char' => array(
+					'label' => $lng['serversettings']['panel_password_special_char'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_special_char',
+					'type' => 'string',
+					'default' => '!?<>§$%&+#=@',
+					'save_method' => 'storeSettingField',
+					),
 				'panel_password_regex' => array(
 					'label' => $lng['serversettings']['panel_password_regex'],
 					'settinggroup' => 'panel',
@@ -150,4 +190,4 @@ return array(
 		),
 	);
 
-?>
+?>

actions/admin/settings/120.system.php

@@ -160,17 +160,7 @@ return array(
 					'default' => 90,
 					'save_method' => 'storeSettingField',
 					),
-				'system_debug_cron' => array(
-					'label' => $lng['serversettings']['cron']['debug'],
-					'settinggroup' => 'system',
-					'varname' => 'debug_cron',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					),
 				),
 			),
 		),
 	);
-
-?>

actions/admin/settings/125.cronjob.php

@@ -0,0 +1,75 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2014 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ *
+ */
+
+return array(
+	'groups' => array(
+		'crond' => array(
+			'title' => $lng['admin']['cronsettings'],
+			'fields' => array(
+				'system_cronconfig' => array(
+					'label' => $lng['serversettings']['system_cronconfig'],
+					'settinggroup' => 'system',
+					'varname' => 'cronconfig',
+					'type' => 'string',
+					'string_type' => 'file',
+					'default' => '/etc/cron.d/froxlor',
+					'save_method' => 'storeSettingField',
+					),
+				'system_send_cron_errors' => array(
+					'label' => $lng['serversettings']['system_send_cron_errors'],
+					'settinggroup' => 'system',
+					'varname' => 'send_cron_errors',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+				),
+				'system_croncmdline' => array(
+					'label' => $lng['serversettings']['system_croncmdline'],
+					'settinggroup' => 'system',
+					'varname' => 'croncmdline',
+					'type' => 'string',
+					'default' => '/usr/bin/nice -n 5 /usr/bin/php5 -q',
+					'save_method' => 'storeSettingField',
+					),
+				'system_crondreload' => array(
+					'label' => $lng['serversettings']['system_crondreload'],
+					'settinggroup' => 'system',
+					'varname' => 'crondreload',
+					'type' => 'string',
+					'default' => '/etc/init.d/cron reload',
+					'save_method' => 'storeSettingField',
+					),
+				'system_cron_allowautoupdate' => array(
+					'label' => $lng['serversettings']['system_cron_allowautoupdate'],
+					'settinggroup' => 'system',
+					'varname' => 'cron_allowautoupdate',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'system_debug_cron' => array(
+					'label' => $lng['serversettings']['cron']['debug'],
+					'settinggroup' => 'system',
+					'varname' => 'debug_cron',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					)
+			)
+		)
+	)
+);

actions/admin/settings/136.phpfpm.php

@@ -185,9 +185,16 @@ return array(
 					'default' => 30,
 					'save_method' => 'storeSettingField'
 					),
+				'system_phpfpm_use_mod_proxy' => array(
+					'label' => $lng['phpfpm']['use_mod_proxy'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'use_mod_proxy',
+					'type' => 'bool',
+					'default' => false,
+					'visible' => Settings::Get('system.apache24'),
+					'save_method' => 'storeSettingField'
+					),
 				),
 			),
 		),
 	);
-
-?>

actions/admin/settings/150.mail.php

@@ -85,21 +85,6 @@ return array(
 					'default' => 100,
 					'save_method' => 'storeSettingField',
 					),
-				'system_autoresponder_enabled' => array(
-					'label' => $lng['serversettings']['autoresponder_active'],
-					'settinggroup' => 'autoresponder',
-					'varname' => 'autoresponder_active',
-					'type' => 'bool',
-					'default' => false,
-					'cronmodule' => 'froxlor/autoresponder',
-					'save_method' => 'storeSettingField',
-					),
-				'system_last_autoresponder_run' => array(
-					'settinggroup' => 'autoresponder',
-					'varname' => 'last_autoresponder_run',
-					'type' => 'hidden',
-					'default' => 0,
-					),
 				'system_catchall_enabled' => array(
 					'label' => $lng['serversettings']['catchall_enabled'],
 					'settinggroup' => 'catchall',
@@ -108,6 +93,54 @@ return array(
 					'default' => true,
 					'save_method' => 'storeSettingResetCatchall',
 					),
+				'system_mailtraffic_enabled' => array(
+					'label' => $lng['serversettings']['mailtraffic_enabled'],
+					'settinggroup' => 'system',
+					'varname' => 'mailtraffic_enabled',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'system_mdaserver' => array(
+					'label' => $lng['serversettings']['mdaserver'],
+					'settinggroup' => 'system',
+					'varname' => 'mdaserver',
+					'type' => 'option',
+					'option_mode' => 'one',
+					'default' => 'dovecot',
+					'option_options' => array('courier' => 'Courier', 'dovecot' => 'Dovecot'),
+					'save_method' => 'storeSettingField',
+					),
+				'system_mdalog' => array(
+					'label' => $lng['serversettings']['mdalog'],
+					'settinggroup' => 'system',
+					'varname' => 'mdalog',
+					'type' => 'string',
+					'string_type' => 'file',
+					'default' => '/var/log/mail.log',
+					'string_emptyallowed' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'system_mtaserver' => array(
+					'label' => $lng['serversettings']['mtaserver'],
+					'settinggroup' => 'system',
+					'varname' => 'mtaserver',
+					'type' => 'option',
+					'option_mode' => 'one',
+					'default' => 'postfix',
+					'option_options' => array('exim4' => 'Exim4', 'postfix' => 'Postfix'),
+					'save_method' => 'storeSettingField',
+					),
+				'system_mtalog' => array(
+					'label' => $lng['serversettings']['mtalog'],
+					'settinggroup' => 'system',
+					'varname' => 'mtalog',
+					'type' => 'string',
+					'string_type' => 'file',
+					'default' => '/var/log/mail.log',
+					'string_emptyallowed' => true,
+					'save_method' => 'storeSettingField',
+					),
 				),
 			),
 		),

actions/admin/settings/160.nameserver.php

@@ -74,10 +74,19 @@ return array(
 					'varname' => 'axfrservers',
 					'type' => 'string',
 					'string_type' => 'validate_ip',
+					'string_delimiter' => ',',
 					'string_emptyallowed' => true,
 					'default' => '',
 					'save_method' => 'storeSettingField',
 				),
+				'system_dns_createhostnameentry' => array(
+					'label' => $lng['serversettings']['dns_createhostnameentry'],
+					'settinggroup' => 'system',
+					'varname' => 'dns_createhostnameentry',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField'
+				),
 				'system_dns_createmailentry' => array(
 					'label' => $lng['serversettings']['mail_also_with_mxservers'],
 					'settinggroup' => 'system',

actions/admin/settings/180.dkim.php

@@ -17,8 +17,6 @@
  *
  */
 
-global $settings;
-
 return array(
 	'groups' => array(
 		'dkim' => array(
@@ -82,8 +80,8 @@ return array(
 					),
 				'dkim_keylength' => array(
 					'label' => array(
-						'title' => $lng['dkim']['dkim_keylength']['title'], 
-						'description' => sprintf($lng['dkim']['dkim_keylength']['description'],$settings['dkim']['dkim_prefix'])
+						'title' => $lng['dkim']['dkim_keylength']['title'],
+						'description' => sprintf($lng['dkim']['dkim_keylength']['description'], Settings::Get('dkim.dkim_prefix'))
 					),
 					'settinggroup' => 'dkim',
 					'varname' => 'dkim_keylength',
@@ -133,4 +131,4 @@ return array(
 		),
 	);
 
-?>
+?>

actions/admin/settings/200.aps.php

@@ -1,102 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Settings
- *
- */
-
-return array(
-	'groups' => array(
-		'aps' => array(
-			'title' => $lng['admin']['aps'],
-			'fields' => array(
-				'aps_enable' => array(
-					'label' => $lng['aps']['activate_aps'],
-					'settinggroup' => 'aps',
-					'varname' => 'aps_active',
-					'type' => 'bool',
-					'default' => false,
-					'cronmodule' => 'froxlor/aps',
-					'save_method' => 'storeSettingField',
-					'overview_option' => true
-					),
-				'aps_items_per_page' => array(
-					'label' => $lng['aps']['packages_per_page'],
-					'settinggroup' => 'aps',
-					'varname' => 'items_per_page',
-					'type' => 'int',
-					'default' => 20,
-					'save_method' => 'storeSettingField',
-					),
-				'aps_upload_fields' => array(
-					'label' => $lng['aps']['upload_fields'],
-					'settinggroup' => 'aps',
-					'varname' => 'upload_fields',
-					'type' => 'int',
-					'default' => 5,
-					'save_method' => 'storeSettingField',
-					),
-				'aps_exceptions' => array(
-					'label' => $lng['aps']['exceptions'],
-					'type' => 'label',
-					),
-				'aps_php-extension' => array(
-					'label' => $lng['aps']['settings_php_extensions'],
-					'settinggroup' => 'aps',
-					'varname' => 'php-extension',
-					'type' => 'option',
-					'default' => '',
-					'option_mode' => 'multiple',
-					'option_options' => array('gd' => 'GD Library', 'pcre' => 'PCRE', 'ioncube' => 'ionCube', 'ioncube loader' => 'ionCube Loader', 'curl' => 'curl', 'mcrypt' => 'mcrypt', 'imap' => 'imap', 'json' => 'json', 'ldap' => 'LDAP', 'hash' => 'hash', 'mbstring' => 'mbstring', 'Zend Optimizer' => 'Zend Guard'),
-					'save_method' => 'storeSettingApsPhpExtensions',
-					),
-				'aps_php-function' => array(
-					'settinggroup' => 'aps',
-					'varname' => 'php-function',
-					'type' => 'hidden',
-					'default' => '',
-					),
-				'aps_php-configuration' => array(
-					'label' => $lng['aps']['settings_php_configuration'],
-					'settinggroup' => 'aps',
-					'varname' => 'php-configuration',
-					'type' => 'option',
-					'default' => '',
-					'option_mode' => 'multiple',
-					'option_options' => array('short_open_tag' => 'short_open_tag', 'file_uploads' => 'file_uploads', 'magic_quotes_gpc' => 'magic_quotes_gpc', 'register_globals' => 'register_globals', 'allow_url_fopen' => 'allow_url_fopen', 'safe_mode' => 'safe_mode', 'post_max_size' => 'post_max_size', 'memory_limit' => 'memory_limit', 'max_execution_time' => 'max_execution_time'),
-					'save_method' => 'storeSettingField',
-					),
-				'aps_webserver-module' => array(
-					'label' => $lng['aps']['settings_webserver_modules'],
-					'settinggroup' => 'aps',
-					'varname' => 'webserver-module',
-					'type' => 'option',
-					'default' => '',
-					'option_mode' => 'multiple',
-					'option_options' => array('mod_perl' => 'mod_perl', 'mod_rewrite' => 'mod_rewrite', 'mod_access' => 'mod_access', 'fcgid-any' => 'FastCGI/mod_fcgid', 'htaccess' => '.htaccess'),
-					'save_method' => 'storeSettingApsWebserverModules',
-					),
-				'aps_webserver-htaccess' => array(
-					'settinggroup' => 'aps',
-					'varname' => 'webserver-htaccess',
-					'type' => 'hidden',
-					'default' => '',
-					),
-				),
-			),
-		),
-	);
-
-?>

actions/admin/settings/210.security.php

@@ -45,7 +45,7 @@ return array(
 					'type' => 'option',
 					'default' => 0,
 					'option_mode' => 'one',
-					'option_options' => array(0 => $lng['serversettings']['systemdefault'], 1 => 'MD5', 2 => 'BLOWFISH', 3 => 'SHA-256', 4 => 'SHA-512'),
+					'option_options_method' => 'getAvailablePasswordHashes',
 					'save_method' => 'storeSettingField',
 					),
 				'system_allow_error_report_admin' => array(

actions/admin/settings/215.backup.php

@@ -1,118 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Settings
- *
- */
-
-return array(
-	'groups' => array(
-		'backup' => array(
-			'title' => $lng['backup'],
-			'fields' => array(
-				'backup_enabled' => array(
-					'label' => $lng['serversettings']['backup_enabled'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_enabled',
-					'type' => 'bool',
-					'default' => false,
-					'cronmodule' => 'froxlor/backup',
-					'save_method' => 'storeSettingField',
-					'overview_option' => true
-				),
-				'backup_dir' => array(
-					'label' => $lng['serversettings']['backupdir']['description'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_dir',
-					'type' => 'string',
-					'string_type' => 'dir',
-					'default' => '/var/customers/backups/',
-					'string_regexp' => '#^/.*/$#',
-					'save_method' => 'storeSettingField',
-				),
-				'backup_mysqldump_path' => array(
-					'label' => $lng['serversettings']['mysqldump_path']['description'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_mysqldump_path',
-					'type' => 'string',
-					'default' => '/usr/bin/mysqldump',
-					'save_method' => 'storeSettingField',
-				),
-				'backup_count' => array(
-					'label' => $lng['serversettings']['backup_count'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_count',
-					'type' => 'bool',
-					'default' => 'true',
-					'save_method' => 'storeSettingField',
-					'overview_option' => false
-				),				
-				'backup_bigfile' => array(
-					'label' => $lng['serversettings']['backup_bigfile'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_bigfile',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					'overview_option' => false
-				),
-				'backup_ftp_enabled_' => array(
-					'label' => $lng['serversettings']['backup_ftp_enabled'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_ftp_enabled',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					'overview_option' => false
-				),
-				'backup_server' => array(
-					'label' => $lng['serversettings']['backup_ftp_server'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_ftp_server',
-					'type' => 'string',
-					'default' => '',
-					'save_method' => 'storeSettingField',
-				),
-				'backup_user' => array(
-					'label' => $lng['serversettings']['backup_ftp_user'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_ftp_user',
-					'type' => 'string',
-					'default' => '',
-					'save_method' => 'storeSettingField',
-				),
-				'backup_pass' => array(
-					'label' => $lng['serversettings']['backup_ftp_pass'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_ftp_pass',
-					'type' => 'hiddenstring',
-					'default' => '',
-					'save_method' => 'storeSettingField',
-				),
-				'backup_passive_mode' => array(
-					'label' => $lng['serversettings']['backup_ftp_passive_mode'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_ftp_passive',
-					'type' => 'bool',
-					'default' => true,
-					'save_method' => 'storeSettingField',
-					'overview_option' => false,
-				),
-				),
-			),
-		),
-	);
-
-?>

admin_admins.php

@@ -42,7 +42,7 @@ if ($page == 'admins'
 			'traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')',
 			'deactivated' => $lng['admin']['deactivated']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_ADMINS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_ADMINS, $fields);
 		$admins = '';
 		$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_ADMINS . "` " . $paging->getSqlWhere(false) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$numrows_admins = Database::num_rows();
@@ -54,19 +54,21 @@ if ($page == 'admins'
 		$i = 0;
 		$count = 0;
 
+		$dec_places = Settings::Get('panel.decimal_places');
+
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 
 			if ($paging->checkDisplay($i)) {
 
-				$row['traffic_used'] = round($row['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-				$row['traffic'] = round($row['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
-				$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
-				$row['diskspace'] = round($row['diskspace'] / 1024, $settings['panel']['decimal_places']);
+				$row['traffic_used'] = round($row['traffic_used'] / (1024 * 1024), $dec_places);
+				$row['traffic'] = round($row['traffic'] / (1024 * 1024), $dec_places);
+				$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $dec_places);
+				$row['diskspace'] = round($row['diskspace'] / 1024, $dec_places);
 
 				// percent-values for progressbar
 				// For Disk usage
 				if ($row['diskspace'] > 0) {
-					$disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
+					$disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 0);
 					$disk_doublepercent = round($disk_percent*2, 2);
 				} else {
 					$disk_percent = 0;
@@ -74,15 +76,26 @@ if ($page == 'admins'
 				}
 				// For Traffic usage
 				if ($row['traffic'] > 0) {
-					$traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 2);
+					$traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 0);
 					$traffic_doublepercent = round($traffic_percent*2, 2);
 				} else {
 					$traffic_percent = 0;
 					$traffic_doublepercent = 0;
 				}
 
-				$row = str_replace_array('-1', 'UL', $row, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps subdomains tickets');
+				// fix progress-bars if value is >100%
+				if ($disk_percent > 100) {
+					$disk_percent = 100;
+				}
+				if ($traffic_percent > 100) {
+					$traffic_percent = 100;
+				}
+
+				$row = str_replace_array('-1', 'UL', $row, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps subdomains tickets');
 				$row = htmlentities_array($row);
+
+				$row['custom_notes'] = ($row['custom_notes'] != '') ? nl2br($row['custom_notes']) : '';
+
 				eval("\$admins.=\"" . getTemplate("admins/admins_admin") . "\";");
 				$count++;
 			}
@@ -188,6 +201,12 @@ if ($page == 'admins'
 			$name = validate($_POST['name'], 'name');
 			$email = $idna_convert->encode(validate($_POST['email'], 'email'));
 
+			$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+			$custom_notes_show = 0;
+			if (isset($_POST['custom_notes_show'])) {
+			    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+			}
+
 			$loginname = validate($_POST['loginname'], 'loginname');
 			$password = validate($_POST['admin_password'], 'password');
 			$password = validatePassword($password);
@@ -195,64 +214,54 @@ if ($page == 'admins'
 
 			$customers = intval_ressource($_POST['customers']);
 			if (isset($_POST['customers_ul'])) {
-				$customers = - 1;
+				$customers = -1;
 			}
 
 			$domains = intval_ressource($_POST['domains']);
 			if (isset($_POST['domains_ul'])) {
-				$domains = - 1;
+				$domains = -1;
 			}
 
 			$subdomains = intval_ressource($_POST['subdomains']);
 			if (isset($_POST['subdomains_ul'])) {
-				$subdomains = - 1;
+				$subdomains = -1;
 			}
 
 			$emails = intval_ressource($_POST['emails']);
 			if (isset($_POST['emails_ul'])) {
-				$emails = - 1;
+				$emails = -1;
 			}
 
 			$email_accounts = intval_ressource($_POST['email_accounts']);
 			if (isset($_POST['email_accounts_ul'])) {
-				$email_accounts = - 1;
+				$email_accounts = -1;
 			}
 
 			$email_forwarders = intval_ressource($_POST['email_forwarders']);
 			if (isset($_POST['email_forwarders_ul'])) {
-				$email_forwarders = - 1;
+				$email_forwarders = -1;
 			}
 
-			if ($settings['system']['mail_quota_enabled'] == '1') {
+			if (Settings::Get('system.mail_quota_enabled') == '1') {
 
 				$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
 				if (isset($_POST['email_quota_ul'])) {
-					$email_quota = - 1;
+					$email_quota = -1;
 				}
 			} else {
-				$email_quota = - 1;
-			}
-
-			if ($settings['autoresponder']['autoresponder_active'] == '1') {
-
-				$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
-				if (isset($_POST['email_autoresponder_ul'])) {
-					$email_autoresponder = - 1;
-				}
-			} else {
-				$email_autoresponder = 0;
+				$email_quota = -1;
 			}
 
 			$ftps = intval_ressource($_POST['ftps']);
 			if (isset($_POST['ftps_ul'])) {
-				$ftps = - 1;
+				$ftps = -1;
 			}
 
-			if ($settings['ticket']['enabled'] == 1) {
+			if (Settings::Get('ticket.enabled') == 1) {
 
 				$tickets = intval_ressource($_POST['tickets']);
 				if (isset($_POST['tickets_ul'])) {
-					$tickets = - 1;
+					$tickets = -1;
 				}
 			} else {
 				$tickets = 0;
@@ -260,20 +269,7 @@ if ($page == 'admins'
 
 			$mysqls = intval_ressource($_POST['mysqls']);
 			if (isset($_POST['mysqls_ul'])) {
-				$mysqls = - 1;
-			}
-
-			if ($settings['aps']['aps_active'] == '1') {
-
-				$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
-				if (isset($_POST['number_of_aps_packages_ul'])) {
-					$number_of_aps_packages = - 1;
-				}
-				$can_manage_aps_packages = isset($_POST['can_manage_aps_packages']) ? 1 : 0;
-
-			} else {
-				$number_of_aps_packages = 0;
-				$can_manage_aps_packages = 0;
+				$mysqls = -1;
 			}
 
 			$customers_see_all = 0;
@@ -298,12 +294,12 @@ if ($page == 'admins'
 
 			$diskspace = intval_ressource($_POST['diskspace']);
 			if (isset($_POST['diskspace_ul'])) {
-				$diskspace = - 1;
+				$diskspace = -1;
 			}
 
 			$traffic = doubleval_ressource($_POST['traffic']);
 			if (isset($_POST['traffic_ul'])) {
-				$traffic = - 1;
+				$traffic = -1;
 			}
 
 			$tickets_see_all = 0;
@@ -335,8 +331,8 @@ if ($page == 'admins'
 				standard_error('loginnameexists', $loginname);
 			}
 			// Accounts which match systemaccounts are not allowed, filtering them
-			elseif (preg_match('/^' . preg_quote($settings['customer']['accountprefix'], '/') . '([0-9]+)/', $loginname)) {
-				standard_error('loginnameissystemaccount', $settings['customer']['accountprefix']);
+			elseif (preg_match('/^' . preg_quote(Settings::Get('customer.accountprefix'), '/') . '([0-9]+)/', $loginname)) {
+				standard_error('loginnameissystemaccount', Settings::Get('customer.accountprefix'));
 			}
 			elseif (!validateUsername($loginname)) {
 				standard_error('loginnameiswrong', $loginname);
@@ -375,11 +371,11 @@ if ($page == 'admins'
 					$tickets_see_all  = '0';
 				}
 
-				$_theme = $settings['panel']['default_theme'];
+				$_theme = Settings::Get('panel.default_theme');
 
 				$ins_data = array(
 					'loginname' => $loginname,
-					'password' => md5($password),
+					'password' => makeCryptPassword($password),
 					'name' => $name,
 					'email' => $email,
 					'lang' => $def_language,
@@ -401,10 +397,9 @@ if ($page == 'admins'
 					'tickets_see_all' => $tickets_see_all,
 					'mysqls' => $mysqls,
 					'ip' => $ipaddress,
-					'can_manage_aps_packages' => $can_manage_aps_packages,
-					'aps_packages' => $number_of_aps_packages,
-					'autoresponder' => $email_autoresponder,
-					'theme' => $_theme
+					'theme' => $_theme,
+					'custom_notes' => $custom_notes,
+					'custom_notes_show' => $custom_notes_show
 				);
 
 				$ins_stmt = Database::prepare("
@@ -432,10 +427,9 @@ if ($page == 'admins'
 					`tickets_see_all` = :tickets_see_all,
 					`mysqls` = :mysqls,
 					`ip` = :ip,
-					`can_manage_aps_packages` = :can_manage_aps_packages,
-					`aps_packages` = :aps_packages,
-					`email_autoresponder` = :autoresponder,
-					`theme` = :theme
+					`theme` = :theme,
+					`custom_notes` = :custom_notes,
+					`custom_notes_show` = :custom_notes_show
 				");
 				Database::pexecute($ins_stmt, $ins_data);
 
@@ -476,11 +470,9 @@ if ($page == 'admins'
 			$email_accounts_ul = makecheckbox('email_accounts_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$email_forwarders_ul = makecheckbox('email_forwarders_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$email_quota_ul = makecheckbox('email_quota_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
-			$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
-			$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 
 			$admin_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/admin/formfield.admin_add.php';
 			$admin_add_form = htmlform::genHTMLForm($admin_add_data);
@@ -508,6 +500,12 @@ if ($page == 'admins'
 				$name = validate($_POST['name'], 'name');
 				$email = $idna_convert->encode(validate($_POST['email'], 'email'));
 
+				$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+				$custom_notes_show = $result['custom_notes_show'];
+				if (isset($_POST['custom_notes_show'])) {
+				    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+				}
+
 				if ($result['adminid'] == $userinfo['userid']) {
 
 					$password = '';
@@ -520,7 +518,6 @@ if ($page == 'admins'
 					$email_accounts = $result['email_accounts'];
 					$email_forwarders = $result['email_forwarders'];
 					$email_quota = $result['email_quota'];
-					$email_autoresponder = $result['email_autoresponder'];
 					$ftps = $result['ftps'];
 					$tickets = $result['tickets'];
 					$mysqls = $result['mysqls'];
@@ -532,8 +529,6 @@ if ($page == 'admins'
 					$diskspace = $result['diskspace'];
 					$traffic = $result['traffic'];
 					$ipaddress = $result['ip'];
-					$can_manage_aps_packages = $result['can_manage_aps_packages'];
-					$number_of_aps_packages = $result['aps_packages'];
 
 				} else {
 
@@ -571,7 +566,7 @@ if ($page == 'admins'
 						$email_forwarders = -1;
 					}
 
-					if ($settings['system']['mail_quota_enabled'] == '1') {
+					if (Settings::Get('system.mail_quota_enabled') == '1') {
 						$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
 						if (isset($_POST['email_quota_ul'])) {
 							$email_quota = -1;
@@ -580,21 +575,12 @@ if ($page == 'admins'
 						$email_quota = -1;
 					}
 
-					if ($settings['autoresponder']['autoresponder_active'] == '1') {
-						$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
-						if (isset($_POST['email_autoresponder_ul'])) {
-							$email_autoresponder = -1;
-						}
-					} else {
-						$email_autoresponder = 0;
-					}
-
 					$ftps = intval_ressource($_POST['ftps']);
 					if (isset($_POST['ftps_ul'])) {
 						$ftps = -1;
 					}
-					
-					if ($settings['ticket']['enabled'] == 1) {
+
+					if (Settings::Get('ticket.enabled') == 1) {
 						$tickets = intval_ressource($_POST['tickets']);
 						if (isset($_POST['tickets_ul'])) {
 							$tickets = -1;
@@ -605,17 +591,7 @@ if ($page == 'admins'
 
 					$mysqls = intval_ressource($_POST['mysqls']);
 					if (isset($_POST['mysqls_ul'])) {
-						$mysqls = - 1;
-					}
-
-					if ($settings['aps']['aps_active'] == '1') {
-						$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
-						if (isset($_POST['number_of_aps_packages_ul'])) {
-							$number_of_aps_packages = -1;
-						}
-						$can_manage_aps_packages = isset($_POST['can_manage_aps_packages']) ? 1 : 0;
-					} else {
-						$number_of_aps_packages = 0;
+						$mysqls = -1;
 					}
 
 					$customers_see_all = 0;
@@ -667,7 +643,7 @@ if ($page == 'admins'
 				} else {
 					if ($password != '') {
 						$password = validatePassword($password);
-						$password = md5($password);
+						$password = makeCryptPassword($password);
 					} else {
 						$password = $result['password'];
 					}
@@ -699,10 +675,10 @@ if ($page == 'admins'
 					// check if a resource was set to something lower
 					// than actually used by the admin/reseller
 					$res_warning = "";
-					if ($customers != $result['customers'] && $customers < $result['customers_used']) {
+					if ($customers != $result['customers'] && $customers != -1 && $customers < $result['customers_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'customers');
 					}
-					if ($domains != $result['domains'] && $domains < $result['domains_used']) {
+					if ($domains != $result['domains'] && $domains != -1 && $domains < $result['domains_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'domains');
 					}
 					if ($diskspace != $result['diskspace'] && ($diskspace / 1024) != -1 && $diskspace < $result['diskspace_used']) {
@@ -711,33 +687,27 @@ if ($page == 'admins'
 					if ($traffic != $result['traffic'] && ($traffic / 1024 / 1024) != -1 && $traffic < $result['traffic_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'traffic');
 					}
-					if ($emails != $result['emails'] && $emails < $result['emails_used']) {
+					if ($emails != $result['emails'] && $emails != -1 && $emails < $result['emails_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'emails');
 					}
-					if ($email_accounts != $result['email_accounts'] && $email_accounts < $result['email_accounts_used']) {
+					if ($email_accounts != $result['email_accounts'] && $email_accounts != -1 && $email_accounts < $result['email_accounts_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email accounts');
 					}
-					if ($email_forwarders != $result['email_forwarders'] && $email_forwarders < $result['email_forwarders_used']) {
+					if ($email_forwarders != $result['email_forwarders'] && $email_forwarders != -1 && $email_forwarders < $result['email_forwarders_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email forwarders');
 					}
-					if ($email_quota != $result['email_quota'] && $email_quota < $result['email_quota_used']) {
+					if ($email_quota != $result['email_quota'] && $email_quota != -1 && $email_quota < $result['email_quota_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email quota');
 					}
-					if ($email_autoresponder != $result['email_autoresponder'] && $email_autoresponder < $result['email_autoresponder_used']) {
-						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email autoresponder');
-					}
-					if ($ftps != $result['ftps'] && $ftps < $result['ftps_used']) {
+					if ($ftps != $result['ftps'] && $ftps != -1 && $ftps < $result['ftps_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'ftps');
 					}
-					if ($tickets != $result['tickets'] && $tickets < $result['tickets_used']) {
+					if ($tickets != $result['tickets'] && $tickets != -1 && $tickets < $result['tickets_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'tickets');
 					}
-					if ($mysqls != $result['mysqls'] && $mysqls < $result['mysqls_used']) {
+					if ($mysqls != $result['mysqls'] && $mysqls != -1 && $mysqls < $result['mysqls_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'mysqls');
 					}
-					if ($number_of_aps_packages != $result['aps_packages'] && $number_of_aps_packages < $result['aps_packages_used']) {
-						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'aps packages');
-					}
 
 					if ($res_warning != "") {
 						$link = '';
@@ -770,9 +740,8 @@ if ($page == 'admins'
 						'mysqls' => $mysqls,
 						'ip' => $ipaddress,
 						'deactivated' => $deactivated,
-						'can_manage_aps_packages' => $can_manage_aps_packages,
-						'aps_packages' => $number_of_aps_packages,
-						'autoresponder' => $email_autoresponder,
+						'custom_notes' => $custom_notes,
+						'custom_notes_show' => $custom_notes_show,
 						'adminid' => $id
 					);
 
@@ -801,9 +770,8 @@ if ($page == 'admins'
 						`mysqls` = :mysqls,
 						`ip` = :ip,
 						`deactivated` = :deactivated,
-						`can_manage_aps_packages` = :can_manage_aps_packages,
-						`aps_packages` = :aps_packages,
-						`email_autoresponder` = :autoresponder
+						`custom_notes` = :custom_notes,
+						`custom_notes_show` = :custom_notes_show
 						WHERE `adminid` = :adminid
 					");
 					Database::pexecute($upd_stmt, $upd_data);
@@ -814,8 +782,9 @@ if ($page == 'admins'
 
 			} else {
 
-				$result['traffic'] = round($result['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
-				$result['diskspace'] = round($result['diskspace'] / 1024, $settings['panel']['decimal_places']);
+				$dec_places = Settings::Get('panel.decimal_places');
+				$result['traffic'] = round($result['traffic'] / (1024 * 1024), $dec_places);
+				$result['diskspace'] = round($result['diskspace'] / 1024, $dec_places);
 				$result['email'] = $idna_convert->decode($result['email']);
 
 				$customers_ul = makecheckbox('customers_ul', $lng['customer']['unlimited'], '-1', false, $result['customers'], true, true);
@@ -863,11 +832,6 @@ if ($page == 'admins'
 					$result['email_quota'] = '';
 				}
 
-				$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, $result['email_autoresponder'], true, true);
-				if ($result['email_autoresponder'] == '-1') {
-					$result['email_autoresponder'] = '';
-				}
-
 				$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, $result['ftps'], true, true);
 				if ($result['ftps'] == '-1') {
 					$result['ftps'] = '';
@@ -883,11 +847,6 @@ if ($page == 'admins'
 					$result['mysqls'] = '';
 				}
 
-				$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, $result['aps_packages'], true, true);
-				if ($result['aps_packages'] == '-1') {
-					$result['aps_packages'] = '';
-				}
-
 				$language_options = '';
 				while (list($language_file, $language_name) = each($languages)) {
 					$language_options.= makeoption($language_name, $language_file, $result['def_language'], true);

admin_aps.php

@@ -1,33 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Panel
- *
- */
-
-// Required code
-
-define('AREA', 'admin');
-require './lib/init.php';
-$Id = 0;
-
-if(isset($_GET['id']))$Id = (int)$_GET['id'];
-
-if(isset($_POST['id']))$Id = (int)$_POST['id'];
-eval("echo \"" . getTemplate("aps/header") . "\";");
-$Aps = new ApsParser($userinfo, $settings);
-$Aps->MainHandler($action);
-eval("echo \"" . getTemplate("aps/footer") . "\";");
-

admin_configfiles.php

@@ -85,19 +85,20 @@ if($userinfo['change_serversettings'] == '1')
 			'<SQL_UNPRIVILEGED_PASSWORD>' => 'MYSQL_PASSWORD',
 			'<SQL_DB>' => $sql['db'],
 			'<SQL_HOST>' => $sql['host'],
-			'<SERVERNAME>' => $settings['system']['hostname'],
-			'<SERVERIP>' => $settings['system']['ipaddress'],
-			'<NAMESERVERS>' => $settings['system']['nameservers'],
-			'<VIRTUAL_MAILBOX_BASE>' => $settings['system']['vmail_homedir'],
-			'<VIRTUAL_UID_MAPS>' => $settings['system']['vmail_uid'],
-			'<VIRTUAL_GID_MAPS>' => $settings['system']['vmail_gid'],
-			'<SSLPROTOCOLS>' => ($settings['system']['use_ssl'] == '1') ? 'imaps pop3s' : '',
-			'<CUSTOMER_TMP>' => ($settings['system']['mod_fcgid_tmpdir'] != '') ? makeCorrectDir($settings['system']['mod_fcgid_tmpdir']) : '/tmp/',
-			'<BASE_PATH>' => makeCorrectDir(dirname(__FILE__)),
-			'<BIND_CONFIG_PATH>' => makeCorrectDir($settings['system']['bindconf_directory']),
-			'<WEBSERVER_RELOAD_CMD>' => $settings['system']['apachereload_command'],
-			'<CUSTOMER_LOGS>' => makeCorrectDir($settings['system']['logfiles_directory']),
-			'<FPM_IPCDIR>' => makeCorrectDir($settings['phpfpm']['fastcgi_ipcdir'])
+			'<SERVERNAME>' => Settings::Get('system.hostname'),
+			'<SERVERIP>' => Settings::Get('system.ipaddress'),
+			'<NAMESERVERS>' => Settings::Get('system.nameservers'),
+			'<VIRTUAL_MAILBOX_BASE>' => Settings::Get('system.vmail_homedir'),
+			'<VIRTUAL_UID_MAPS>' => Settings::Get('system.vmail_uid'),
+			'<VIRTUAL_GID_MAPS>' => Settings::Get('system.vmail_gid'),
+			'<SSLPROTOCOLS>' => (Settings::Get('system.use_ssl') == '1') ? 'imaps pop3s' : '',
+			'<CUSTOMER_TMP>' => (Settings::Get('system.mod_fcgid_tmpdir') != '') ? makeCorrectDir(Settings::Get('system.mod_fcgid_tmpdir')) : '/tmp/',
+			'<BASE_PATH>' => makeCorrectDir(FROXLOR_INSTALL_DIR),
+			'<BIND_CONFIG_PATH>' => makeCorrectDir(Settings::Get('system.bindconf_directory')),
+			'<WEBSERVER_RELOAD_CMD>' => Settings::Get('system.apachereload_command'),
+			'<CUSTOMER_LOGS>' => makeCorrectDir(Settings::Get('system.logfiles_directory')),
+			'<FPM_IPCDIR>' => makeCorrectDir(Settings::Get('phpfpm.fastcgi_ipcdir')),
+			'<WEBSERVER_GROUP>' => Settings::Get('system.httpgroup')
 		);
 		$files = '';
 		$configpage = '';

admin_cronjobs.php

@@ -33,7 +33,7 @@ if ($page == 'cronjobs' || $page == 'overview') {
 			'c.interval' => $lng['cron']['interval'],
 			'c.isactive' => $lng['cron']['isactive']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_CRONRUNS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_CRONRUNS, $fields);
 
 		$crons = '';
 		$result_stmt = Database::prepare("SELECT `c`.* FROM `" . TABLE_PANEL_CRONRUNS . "` `c` ORDER BY `module` ASC, `cronfile` ASC");
@@ -99,15 +99,17 @@ if ($page == 'cronjobs' || $page == 'overview') {
 				);
 				Database::pexecute($upd, array('isactive' => $isactive, 'int' => $interval, 'id' => $id));
 
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				// insert task to re-generate the cron.d-file
+				inserttask('99');
+
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
-				//$isactive = makeyesno('isactive', '1', '0', $result['isactive']);
+
 				// interval
 				$interval_nfo = explode(' ', $result['interval']);
 				$interval_value = $interval_nfo[0];
 
 				$interval_interval = '';
-				$interval_interval .= makeoption($lng['cronmgmt']['seconds'], 'SECOND', $interval_nfo[1]);
 				$interval_interval .= makeoption($lng['cronmgmt']['minutes'], 'MINUTE', $interval_nfo[1]);
 				$interval_interval .= makeoption($lng['cronmgmt']['hours'], 'HOUR', $interval_nfo[1]);
 				$interval_interval .= makeoption($lng['cronmgmt']['days'], 'DAY', $interval_nfo[1]);

admin_customers.php

@@ -47,11 +47,7 @@ if ($page == 'customers'
 			'c.traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')'
 		);
 
-		if ($settings['system']['backup_enabled'] == '1') {
-			$field['c.backup_allowed'] = $lng['backup_allowed'];
-		}
-
-		$paging = new paging($userinfo, TABLE_PANEL_CUSTOMERS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_CUSTOMERS, $fields);
 		$customers = '';
 		$result_stmt = Database::prepare("
 			SELECT `c`.*, `a`.`loginname` AS `adminname`
@@ -60,7 +56,7 @@ if ($page == 'customers'
 			($userinfo['customers_see_all'] ? '' : " `c`.`adminid` = :adminid AND ") . "
 			`c`.`adminid` = `a`.`adminid` " .
 			$paging->getSqlWhere(true) . " " .
-			$paging->getSqlOrderBy($settings['panel']['natsorting']) . " " .
+			$paging->getSqlOrderBy() . " " .
 			$paging->getSqlLimit()
 		);
 		Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid']));
@@ -87,10 +83,11 @@ if ($page == 'customers'
 				Database::pexecute($domains_stmt, array('cid' => $row['customerid'], 'stdd' => $row['standardsubdomain']));
 				$domains = $domains_stmt->fetch(PDO::FETCH_ASSOC);
 				$row['domains'] = intval($domains['domains']);
-				$row['traffic_used'] = round($row['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-				$row['traffic'] = round($row['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
-				$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
-				$row['diskspace'] = round($row['diskspace'] / 1024, $settings['panel']['decimal_places']);
+				$dec_places = Settings::Get('panel.decimal_places');
+				$row['traffic_used'] = round($row['traffic_used'] / (1024 * 1024), $dec_places);
+				$row['traffic'] = round($row['traffic'] / (1024 * 1024), $dec_places);
+				$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $dec_places);
+				$row['diskspace'] = round($row['diskspace'] / 1024, $dec_places);
 				$last_login = ((int)$row['lastlogin_succ'] == 0) ? $lng['panel']['neverloggedin'] : date('d.m.Y', $row['lastlogin_succ']);
 
 				/**
@@ -98,7 +95,7 @@ if ($page == 'customers'
 				 */
 				//For Disk usage
 				if ($row['diskspace'] > 0) {
-					$disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
+					$disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 0);
 					$disk_doublepercent = round($disk_percent*2, 2);
 				} else {
 					$disk_percent = 0;
@@ -106,7 +103,7 @@ if ($page == 'customers'
 				}
 
 				if ($row['traffic'] > 0) {
-					$traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 2);
+					$traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 0);
 					$traffic_doublepercent = round($traffic_percent*2, 2);
 				} else {
 					$traffic_percent = 0;
@@ -114,14 +111,25 @@ if ($page == 'customers'
 				}
 
 				$islocked = 0;
-				if ($row['loginfail_count'] >= $settings['login']['maxloginattempts']
-					&& $row['lastlogin_fail'] > (time() - $settings['login']['deactivatetime'])
+				if ($row['loginfail_count'] >= Settings::Get('login.maxloginattempts')
+					&& $row['lastlogin_fail'] > (time() - Settings::Get('login.deactivatetime'))
 				) {
 					$islocked = 1;
 				}
 
-				$row = str_replace_array('-1', 'UL', $row, 'diskspace traffic mysqls emails email_accounts email_forwarders ftps tickets subdomains email_autoresponder');
+				$row = str_replace_array('-1', 'UL', $row, 'diskspace traffic mysqls emails email_accounts email_forwarders ftps tickets subdomains');
 				$row = htmlentities_array($row);
+
+				// fix progress-bars if value is >100%
+				if ($disk_percent > 100) {
+					$disk_percent = 100;
+				}
+				if ($traffic_percent > 100) {
+					$traffic_percent = 100;
+				}
+
+				$row['custom_notes'] = ($row['custom_notes'] != '') ? nl2br($row['custom_notes']) : '';
+
 				eval("\$customers.=\"" . getTemplate("customers/customers_customer") . "\";");
 				$count++;
 			}
@@ -200,7 +208,11 @@ if ($page == 'customers'
 			WHERE `customerid` = :id" .
 			($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid")
 		);
-		$result = Database::pexecute_first($result_stmt, array('id' => $id, 'adminid' => $userinfo['adminid']));
+		$result_data = array('id' => $id);
+		if ($userinfo['customers_see_all'] == '0') {
+			$result_data['adminid'] = $userinfo['adminid'];
+		}
+		$result = Database::pexecute_first($result_stmt, $result_data);
 
 		if ($result['loginname'] != '') {
 
@@ -247,7 +259,7 @@ if ($page == 'customers'
 				Database::needRoot(true);
 				$last_dbserver = 0;
 
-				$dbm = new DbManager($settings, $log);
+				$dbm = new DbManager($log);
 
 				while ($row_database = $databases_stmt->fetch(PDO::FETCH_ASSOC)) {
 
@@ -266,6 +278,13 @@ if ($page == 'customers'
 				Database::pexecute($stmt, array('id' => $id));
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DATABASES . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
+				// first gather all domain-id's to clean up panel_domaintoip accordingly
+				$did_stmt = Database::prepare("SELECT `id` FROM `".TABLE_PANEL_DOMAINS."` WHERE `customerid` = :id");
+				Database::pexecute($did_stmt, array('id' => $id));
+				while ($row = $did_stmt->fetch(PDO::FETCH_ASSOC)) {
+					$stmt = Database::prepare("DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = :did");
+					Database::pexecute($stmt, array('did' => $row['id']));
+				}
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
 				$domains_deleted = $stmt->rowCount();
@@ -291,8 +310,6 @@ if ($page == 'customers'
 				Database::pexecute($stmt, array('id' => $id));
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_FTP_USERS . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
-				$stmt = Database::prepare("DELETE FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = :id");
-				Database::pexecute($stmt, array('id' => $id));
 
 				// Delete all waiting "create user" -tasks for this user, #276
 				// Note: the WHERE selects part of a serialized array, but it should be safe this way
@@ -302,26 +319,6 @@ if ($page == 'customers'
 				);
 				Database::pexecute($del_stmt, array('loginname' => "%:{$result['loginname']};%"));
 
-				// remove everything APS-related, #216
-				$apsresult_stmt = Database::prepare("SELECT `ID` FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID` = :id");
-				Database::pexecute($apsresult_stmt, array('id' => $id));
-
-				while ($apsrow = $apsresult_stmt->fetch(PDO::FETCH_ASSOC)) {
-					// remove all package related settings
-					$del_stmt = Database::prepare("DELETE FROM `".TABLE_APS_SETTINGS."` WHERE `InstanceID` = :iid");
-					Database::pexecute($del_stmt, array('iid' => $apsrow['ID']));
-					// maybe some leftovers in the tasks
-					$del_stmt = Database::prepare("DELETE FROM `".TABLE_APS_TASKS."` WHERE `InstanceID` = :iid");
-					Database::pexecute($del_stmt, array('iid' => $apsrow['ID']));
-				}
-				// now remove all user instances
-				$stmt = Database::prepare("DELETE FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID` = :id");
-				Database::pexecute($stmt, array('id' => $id));
-				// eventually some temp-setting-leftovers
-				$stmt = Database::prepare("DELETE FROM `".TABLE_APS_TEMP_SETTINGS."` WHERE `CustomerID` = :id");
-				Database::pexecute($stmt, array('id' => $id));
-				// eof APS-related removings, #216
-
 				$admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` - 1 ";
 				$admin_update_query.= ", `domains_used` = `domains_used` - 0" . (int)($domains_deleted - $result['subdomains_used']);
 
@@ -345,10 +342,6 @@ if ($page == 'customers'
 					$admin_update_query.= ", `email_quota_used` = `email_quota_used` - 0" . (int)$result['email_quota'];
 				}
 
-				if ($result['email_autoresponder'] != '-1') {
-					$admin_update_query.= ", `email_autoresponder_used` = `email_autoresponder_used` - 0" . (int)$result['email_autoresponder'];
-				}
-
 				if ($result['subdomains'] != '-1') {
 					$admin_update_query.= ", `subdomains_used` = `subdomains_used` - 0" . (int)$result['subdomains'];
 				}
@@ -361,10 +354,6 @@ if ($page == 'customers'
 					$admin_update_query.= ", `tickets_used` = `tickets_used` - 0" . (int)$result['tickets'];
 				}
 
-				if ($result['aps_packages'] != '-1') {
-					$admin_update_query.= ", `aps_packages_used` = `aps_packages_used` - 0" . (int)$result['aps_packages'];
-				}
-
 				if (($result['diskspace'] / 1024) != '-1') {
 					$admin_update_query.= ", `diskspace_used` = `diskspace_used` - 0" . (int)$result['diskspace'];
 				}
@@ -393,7 +382,7 @@ if ($page == 'customers'
 				if ($tickets !== false && isset($tickets[0])) {
 					foreach ($tickets as $ticket) {
 						$now = time();
-						$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$ticket);
+						$mainticket = ticket::getInstanceOf($userinfo, (int)$ticket);
 						$mainticket->Set('lastchange', $now, true, true);
 						$mainticket->Set('lastreplier', '1', true, true);
 						$mainticket->Set('status', '3', true, true);
@@ -430,6 +419,12 @@ if ($page == 'customers'
 				$def_language = validate($_POST['def_language'], 'default language');
 				$gender = intval_ressource($_POST['gender']);
 
+				$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+				$custom_notes_show = 0;
+				if (isset($_POST['custom_notes_show'])) {
+				    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+				}
+
 				$diskspace = intval_ressource($_POST['diskspace']);
 				if (isset($_POST['diskspace_ul'])) {
 					$diskspace = - 1;
@@ -460,7 +455,7 @@ if ($page == 'customers'
 					$email_forwarders = - 1;
 				}
 
-				if ($settings['system']['mail_quota_enabled'] == '1') {
+				if (Settings::Get('system.mail_quota_enabled') == '1') {
 					$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
 					if (isset($_POST['email_quota_ul'])) {
 						$email_quota = - 1;
@@ -469,15 +464,6 @@ if ($page == 'customers'
 					$email_quota = - 1;
 				}
 
-				if ($settings['autoresponder']['autoresponder_active'] == '1') {
-					$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
-					if (isset($_POST['email_autoresponder_ul'])) {
-						$email_autoresponder = - 1;
-					}
-				} else {
-					$email_autoresponder = 0;
-				}
-
 				$email_imap = 0;
 				if (isset($_POST['email_imap'])) {
 					$email_imap = intval_ressource($_POST['email_imap']);
@@ -496,9 +482,9 @@ if ($page == 'customers'
 					$ftps = - 1;
 				}
 
-				$tickets = ($settings['ticket']['enabled'] == 1 ? intval_ressource($_POST['tickets']) : 0);
+				$tickets = (Settings::Get('ticket.enabled') == 1 ? intval_ressource($_POST['tickets']) : 0);
 				if (isset($_POST['tickets_ul'])
-					&& $settings['ticket']['enabled'] == '1'
+					&& Settings::Get('ticket.enabled') == '1'
 				) {
 					$tickets = - 1;
 				}
@@ -508,15 +494,6 @@ if ($page == 'customers'
 					$mysqls = - 1;
 				}
 
-				if ($settings['aps']['aps_active'] == '1') {
-					$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
-					if (isset($_POST['number_of_aps_packages_ul'])) {
-						$number_of_aps_packages = - 1;
-					}
-				} else {
-					$number_of_aps_packages = 0;
-				}
-
 				$createstdsubdomain = 0;
 				if(isset($_POST['createstdsubdomain'])) {
 					$createstdsubdomain = intval($_POST['createstdsubdomain']);
@@ -529,15 +506,6 @@ if ($page == 'customers'
 					$password = validatePassword($password);
 				}
 
-				$backup_allowed = 0;
-				if (isset($_POST['backup_allowed'])) {
-					$backup_allowed = intval($_POST['backup_allowed']);
-				}
-
-				if ($backup_allowed != 0) {
-					$backup_allowed = 1;
-				}
-
 				// gender out of range? [0,2]
 				if ($gender < 0 || $gender > 2) {
 					$gender = 0;
@@ -571,23 +539,19 @@ if ($page == 'customers'
 				   || ((($userinfo['emails_used'] + $emails) > $userinfo['emails']) && $userinfo['emails'] != '-1')
 				   || ((($userinfo['email_accounts_used'] + $email_accounts) > $userinfo['email_accounts']) && $userinfo['email_accounts'] != '-1')
 				   || ((($userinfo['email_forwarders_used'] + $email_forwarders) > $userinfo['email_forwarders']) && $userinfo['email_forwarders'] != '-1')
-				   || ((($userinfo['email_quota_used'] + $email_quota) > $userinfo['email_quota']) && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
-				   || ((($userinfo['email_autoresponder_used'] + $email_autoresponder) > $userinfo['email_autoresponder']) && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
+				   || ((($userinfo['email_quota_used'] + $email_quota) > $userinfo['email_quota']) && $userinfo['email_quota'] != '-1' && Settings::Get('system.mail_quota_enabled') == '1')
 				   || ((($userinfo['ftps_used'] + $ftps) > $userinfo['ftps']) && $userinfo['ftps'] != '-1')
 				   || ((($userinfo['tickets_used'] + $tickets) > $userinfo['tickets']) && $userinfo['tickets'] != '-1')
 				   || ((($userinfo['subdomains_used'] + $subdomains) > $userinfo['subdomains']) && $userinfo['subdomains'] != '-1')
-				   || ((($userinfo['aps_packages_used'] + $number_of_aps_packages) > $userinfo['aps_packages']) && $userinfo['aps_packages'] != '-1' && $settings['aps']['aps_active'] == '1')
 				   || (($diskspace / 1024) == '-1' && ($userinfo['diskspace'] / 1024) != '-1')
 				   || ($mysqls == '-1' && $userinfo['mysqls'] != '-1')
 				   || ($emails == '-1' && $userinfo['emails'] != '-1')
 				   || ($email_accounts == '-1' && $userinfo['email_accounts'] != '-1')
 				   || ($email_forwarders == '-1' && $userinfo['email_forwarders'] != '-1')
-				   || ($email_quota == '-1' && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
-				   || ($email_autoresponder == '-1' && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
+				   || ($email_quota == '-1' && $userinfo['email_quota'] != '-1' && Settings::Get('system.mail_quota_enabled') == '1')
 				   || ($ftps == '-1' && $userinfo['ftps'] != '-1')
 				   || ($tickets == '-1' && $userinfo['tickets'] != '-1')
 				   || ($subdomains == '-1' && $userinfo['subdomains'] != '-1')
-				   || ($number_of_aps_packages == '-1' && $userinfo['aps_packages'] != '-1')
 				) {
 					standard_error('youcantallocatemorethanyouhave');
 					exit;
@@ -611,12 +575,12 @@ if ($page == 'customers'
 					if (isset($_POST['new_loginname'])
 						&& $_POST['new_loginname'] != ''
 					) {
-						$accountnumber = intval($settings['system']['lastaccountnumber']);
+						$accountnumber = intval(Settings::Get('system.lastaccountnumber'));
 						$loginname = validate($_POST['new_loginname'], 'loginname', '/^[a-z][a-z0-9\-_]+$/i');
 
 						// Accounts which match systemaccounts are not allowed, filtering them
-						if (preg_match('/^' . preg_quote($settings['customer']['accountprefix'], '/') . '([0-9]+)/', $loginname)) {
-							standard_error('loginnameissystemaccount', $settings['customer']['accountprefix']);
+						if (preg_match('/^' . preg_quote(Settings::Get('customer.accountprefix'), '/') . '([0-9]+)/', $loginname)) {
+							standard_error('loginnameissystemaccount', Settings::Get('customer.accountprefix'));
 						}
 
 						// Additional filtering for Bug #962
@@ -624,12 +588,12 @@ if ($page == 'customers'
 								&& !in_array("posix_getpwnam", explode(",", ini_get('disable_functions')))
 								&& posix_getpwnam($loginname)
 						) {
-							standard_error('loginnameissystemaccount', $settings['customer']['accountprefix']);
+							standard_error('loginnameissystemaccount', Settings::Get('customer.accountprefix'));
 						}
 
 					} else {
-						$accountnumber = intval($settings['system']['lastaccountnumber']) + 1;
-						$loginname = $settings['customer']['accountprefix'] . $accountnumber;
+						$accountnumber = intval(Settings::Get('system.lastaccountnumber')) + 1;
+						$loginname = Settings::Get('customer.accountprefix') . $accountnumber;
 					}
 
 					// Check if the account already exists
@@ -648,16 +612,16 @@ if ($page == 'customers'
 					) {
 						standard_error('loginnameexists', $loginname);
 
-					} elseif (!validateUsername($loginname, $settings['panel']['unix_names'], 14 - strlen($settings['customer']['mysqlprefix']))) {
-						if (strlen($loginname) > 14 - strlen($settings['customer']['mysqlprefix'])) {
-							standard_error('loginnameiswrong2', 14 - strlen($settings['customer']['mysqlprefix']));
+					} elseif (!validateUsername($loginname, Settings::Get('panel.unix_names'), 14 - strlen(Settings::Get('customer.mysqlprefix')))) {
+						if (strlen($loginname) > 14 - strlen(Settings::Get('customer.mysqlprefix'))) {
+							standard_error('loginnameiswrong2', 14 - strlen(Settings::Get('customer.mysqlprefix')));
 						} else {
 							standard_error('loginnameiswrong', $loginname);
 						}
 					}
 
-					$guid = intval($settings['system']['lastguid']) + 1;
-					$documentroot = makeCorrectDir($settings['system']['documentroot_prefix'] . '/' . $loginname);
+					$guid = intval(Settings::Get('system.lastguid')) + 1;
+					$documentroot = makeCorrectDir(Settings::Get('system.documentroot_prefix') . '/' . $loginname);
 
 					if (file_exists($documentroot)) {
 						standard_error('documentrootexists', $documentroot);
@@ -676,15 +640,15 @@ if ($page == 'customers'
 					}
 
 					if ($password == '') {
-						$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
+						$password = generatePassword();
 					}
 
-					$_theme = $settings['panel']['default_theme'];
+					$_theme = Settings::Get('panel.default_theme');
 
 					$ins_data = array(
 						'adminid' => $userinfo['adminid'],
 						'loginname' => $loginname,
-						'passwd' => md5($password),
+						'passwd' => makeCryptPassword($password),
 						'name' => $name,
 						'firstname' => $firstname,
 						'gender' => $gender,
@@ -712,11 +676,10 @@ if ($page == 'customers'
 						'phpenabled' => $phpenabled,
 						'imap' => $email_imap,
 						'pop3' => $email_pop3,
-						'aps' => $number_of_aps_packages,
 						'perlenabled' => $perlenabled,
-						'email_autoresponder' => $email_autoresponder,
-						'backup_allowed' => $backup_allowed,
-						'theme' => $theme
+						'theme' => $_theme,
+						'custom_notes' => $custom_notes,
+						'custom_notes_show' => $custom_notes_show
 					);
 
 					$ins_stmt = Database::prepare("
@@ -752,11 +715,10 @@ if ($page == 'customers'
 						`phpenabled` = :phpenabled,
 						`imap` = :imap,
 						`pop3` = :pop3,
-						`aps_packages` = :aps,
 						`perlenabled` = :perlenabled,
-						`email_autoresponder` = :email_autoresponder,
-						`backup_allowed` = :backup_allowed,
-						`theme` = :theme"
+						`theme` = :theme,
+						`custom_notes` = :custom_notes,
+						`custom_notes_show` = :custom_notes_show"
 					);
 					Database::pexecute($ins_stmt, $ins_data);
 
@@ -784,12 +746,6 @@ if ($page == 'customers'
 						$admin_update_query.= ", `email_quota_used` = `email_quota_used` + 0" . (int)$email_quota;
 					}
 
-					if ($email_autoresponder != '-1'
-						&& $settings['autoresponder']['autoresponder_active'] == 1
-					) {
-						$admin_update_query.= ", `email_autoresponder_used` = `email_autoresponder_used` + 0" . (int)$email_autoresponder;
-					}
-
 					if ($subdomains != '-1') {
 						$admin_update_query.= ", `subdomains_used` = `subdomains_used` + 0" . (int)$subdomains;
 					}
@@ -799,7 +755,7 @@ if ($page == 'customers'
 					}
 
 					if ($tickets != '-1'
-						&& $settings['ticket']['enabled'] == 1
+						&& Settings::Get('ticket.enabled') == 1
 					) {
 						$admin_update_query.= ", `tickets_used` = `tickets_used` + 0" . (int)$tickets;
 					}
@@ -808,10 +764,6 @@ if ($page == 'customers'
 						$admin_update_query.= ", `diskspace_used` = `diskspace_used` + 0" . (int)$diskspace;
 					}
 
-					if ($number_of_aps_packages != '-1') {
-						$admin_update_query.= ", `aps_packages_used` = `aps_packages_used` + 0" . (int)$number_of_aps_packages;
-					}
-
 					$admin_update_query.= " WHERE `adminid` = '" . (int)$userinfo['adminid'] . "'";
 					Database::query($admin_update_query);
 
@@ -822,7 +774,7 @@ if ($page == 'customers'
 					);
 					Database::pexecute($upd_stmt, array('guid' => $guid));
 
-					if ($accountnumber != intval($settings['system']['lastaccountnumber'])) {
+					if ($accountnumber != intval(Settings::Get('system.lastaccountnumber'))) {
 						$upd_stmt = Database::prepare("
 						UPDATE `" . TABLE_PANEL_SETTINGS . "` SET
 							`value` = :accno
@@ -858,7 +810,7 @@ if ($page == 'customers'
 						'passwd' => $htpasswdPassword
 					);
 
-					if ($settings['system']['awstats_enabled'] == '1') {
+					if (Settings::Get('system.awstats_enabled') == '1') {
 						$ins_data['path'] = makeCorrectDir($documentroot . '/awstats/');
 						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added awstats htpasswd for user '" . $loginname . "'");
 					} else {
@@ -871,7 +823,7 @@ if ($page == 'customers'
 					$cryptPassword = makeCryptPassword($password);
 					// FTP-User
 					$ins_stmt = Database::prepare("
-						INSERT INTO `" . TABLE_FTP_USERS . "` SET `customerid` = :customerid, `username` = :username,
+						INSERT INTO `" . TABLE_FTP_USERS . "` SET `customerid` = :customerid, `username` = :username, `description` = :desc,
 							`password` = :passwd, `homedir` = :homedir, `login_enabled` = 'y', `uid` = :guid, `gid` = :guid"
 					);
 					$ins_data = array(
@@ -879,7 +831,8 @@ if ($page == 'customers'
 						'username' => $loginname,
 						'passwd' => $cryptPassword,
 						'homedir' => $documentroot,
-						'guid' => $guid
+						'guid' => $guid,
+						'desc' => "Default"
 					);
 					Database::pexecute($ins_stmt, $ins_data);
 					// FTP-Group
@@ -890,9 +843,23 @@ if ($page == 'customers'
 							'customerid' => $customerid,
 							'groupname' => $loginname,
 							'guid' => $guid,
-							'members' => $loginname
+							'members' => $loginname.','.Settings::Get('system.httpuser')
 					);
+
+					// also, add froxlor-local user to ftp-group (if exists!) to
+					// allow access to customer-directories from within the panel, which
+					// is necessary when pathedit = Dropdown
+					if ((int)Settings::Get('system.mod_fcgid_ownvhost') == 1 || (int)Settings::Get('phpfpm.enabled_ownvhost') == 1) {
+						if ((int)Settings::Get('system.mod_fcgid') == 1) {
+							$local_user = Settings::Get('system.mod_fcgid_httpuser');
+						} else {
+							$local_user = Settings::Get('phpfpm.vhost_httpuser');
+						}
+						$ins_data['members'] .= ','.$local_user;
+					}
+
 					Database::pexecute($ins_stmt, $ins_data);
+
 					// FTP-Quotatallies
 					$ins_stmt = Database::prepare("
 						INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` SET `name` = :name, `quota_type` = 'user', `bytes_in_used` = '0',
@@ -905,12 +872,12 @@ if ($page == 'customers'
 
 					if ($createstdsubdomain == '1') {
 
-						if (isset($settings['system']['stdsubdomain'])
-							&& $settings['system']['stdsubdomain'] != ''
+						if (Settings::Get('system.stdsubdomain') !== null
+							&& Settings::Get('system.stdsubdomain') != ''
 						) {
-							$_stdsubdomain = $loginname . '.' . $settings['system']['stdsubdomain'];
+							$_stdsubdomain = $loginname . '.' . Settings::Get('system.stdsubdomain');
 						} else {
-							$_stdsubdomain = $loginname . '.' . $settings['system']['hostname'];
+							$_stdsubdomain = $loginname . '.' . Settings::Get('system.hostname');
 						}
 
 						$ins_data = array(
@@ -925,7 +892,7 @@ if ($page == 'customers'
 							`domain` = :domain,
 							`customerid` = :customerid,
 							`adminid` = :adminid,
-							`parentdomainid` = '-1',
+							`parentdomainid` = '0',
 							`documentroot` = :docroot,
 							`zonefile` = '',
 							`isemaildomain` = '0',
@@ -933,6 +900,9 @@ if ($page == 'customers'
 							`openbasedir` = '1',
 							`speciallogfile` = '0',
 							`specialsettings` = '',
+							`dkim_id` = '0',
+							`dkim_privkey` = '',
+							`dkim_pubkey` = '',
 							`add_date` = :adddate"
 						);
 						Database::pexecute($ins_stmt, $ins_data);
@@ -942,7 +912,7 @@ if ($page == 'customers'
 						$ins_stmt = Database::prepare("
 							INSERT INTO `".TABLE_DOMAINTOIP."` SET `id_domain` = :domainid, `id_ipandports` = :ipid"
 						);
-						Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => $settings['system']['defaultip']));
+						Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => Settings::Get('system.defaultip')));
 
 						$upd_stmt = Database::prepare("
 							UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `standardsubdomain` = :domainid WHERE `customerid` = :customerid"
@@ -954,8 +924,8 @@ if ($page == 'customers'
 
 					if ($sendpassword == '1') {
 
-						$srv_hostname = $settings['system']['hostname'];
-						if ($settings['system']['froxlordirectlyviahostname'] == '0') {
+						$srv_hostname = Settings::Get('system.hostname');
+						if (Settings::Get('system.froxlordirectlyviahostname') == '0') {
 							$srv_hostname .= '/froxlor';
 						}
 
@@ -963,7 +933,7 @@ if ($page == 'customers'
 							SELECT ip, port FROM `".TABLE_PANEL_IPSANDPORTS."`
 							WHERE `id` = :defaultip
 						");
-						$srv_ip = Database::pexecute_first($srv_ip_stmt, array('defaultip' => $settings['system']['defaultip']));
+						$srv_ip = Database::pexecute_first($srv_ip_stmt, array('defaultip' => Settings::Get('system.defaultip')));
 
 						$replace_arr = array(
 							'FIRSTNAME' => $firstname,
@@ -1023,7 +993,7 @@ if ($page == 'customers'
 				$language_options = '';
 
 				while (list($language_file, $language_name) = each($languages)) {
-					$language_options.= makeoption($language_name, $language_file, $settings['panel']['standardlanguage'], true);
+					$language_options.= makeoption($language_name, $language_file, Settings::Get('panel.standardlanguage'), true);
 				}
 
 				$diskspace_ul = makecheckbox('diskspace_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
@@ -1033,11 +1003,9 @@ if ($page == 'customers'
 				$email_accounts_ul = makecheckbox('email_accounts_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$email_forwarders_ul = makecheckbox('email_forwarders_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$email_quota_ul = makecheckbox('email_quota_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
-				$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
-				$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 
 				$gender_options = makeoption($lng['gender']['undef'], 0, true, true, true);
 				$gender_options .= makeoption($lng['gender']['male'], 1, null, true, true);
@@ -1067,6 +1035,24 @@ if ($page == 'customers'
 		}
 		$result = Database::pexecute_first($result_stmt, $result_data);
 
+		/*
+		 * information for moving customer
+		 */
+		$available_admins_stmt = Database::prepare("
+                        SELECT * FROM `" . TABLE_PANEL_ADMINS . "`
+                        WHERE (`customers` = '-1' OR `customers` > `customers_used`)"
+		);
+		Database::pexecute($available_admins_stmt);
+		$admin_select = makeoption("-----", 0, true, true, true);
+		$admin_select_cnt = 0;
+		while ($available_admin = $available_admins_stmt->fetch()) {
+			$admin_select .= makeoption($available_admin['name']." (".$available_admin['loginname'].")", $available_admin['adminid'], null, true, true);
+			$admin_select_cnt++;
+		}
+		/*
+		 * end of moving customer stuff
+		 */
+
 		if ($result['loginname'] != '') {
 
 			if (isset($_POST['send'])
@@ -1087,6 +1073,14 @@ if ($page == 'customers'
 				$password = validate($_POST['new_customer_password'], 'new password');
 				$gender = intval_ressource($_POST['gender']);
 
+				$move_to_admin = isset($_POST['move_to_admin']) ? intval_ressource($_POST['move_to_admin']) : 0;
+
+				$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+				$custom_notes_show = $result['custom_notes_show'];
+				if (isset($_POST['custom_notes_show'])) {
+				    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+				}
+
 				$diskspace = intval_ressource($_POST['diskspace']);
 				if (isset($_POST['diskspace_ul'])) {
 					$diskspace = - 1;
@@ -1117,7 +1111,7 @@ if ($page == 'customers'
 					$email_forwarders = - 1;
 				}
 
-				if ($settings['system']['mail_quota_enabled'] == '1') {
+				if (Settings::Get('system.mail_quota_enabled') == '1') {
 					$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
 					if (isset($_POST['email_quota_ul'])) {
 						$email_quota = - 1;
@@ -1126,15 +1120,6 @@ if ($page == 'customers'
 					$email_quota = - 1;
 				}
 
-				if ($settings['autoresponder']['autoresponder_active'] == '1') {
-					$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
-					if (isset($_POST['email_autoresponder_ul'])) {
-						$email_autoresponder = - 1;
-					}
-				} else {
-					$email_autoresponder = 0;
-				}
-
 				$email_imap = 0;
 				if (isset($_POST['email_imap'])) {
 					$email_imap = intval_ressource($_POST['email_imap']);
@@ -1153,21 +1138,13 @@ if ($page == 'customers'
 					$ftps = - 1;
 				}
 
-				$tickets = ($settings['ticket']['enabled'] == 1 ? intval_ressource($_POST['tickets']) : 0);
+				$tickets = (Settings::Get('ticket.enabled') == 1 ? intval_ressource($_POST['tickets']) : 0);
 				if (isset($_POST['tickets_ul'])
-					&& $settings['ticket']['enabled'] == '1'
+					&& Settings::Get('ticket.enabled') == '1'
 				) {
 					$tickets = - 1;
 				}
 
-				$backup_allowed = 0;
-				if (isset($_POST['backup_allowed'])) {
-					$backup_allowed = intval($_POST['backup_allowed']);
-				}
-				if ($backup_allowed != '0') {
-					$backup_allowed = 1;
-				}
-
 				// gender out of range? [0,2]
 				if ($gender < 0 || $gender > 2) {
 					$gender = 0;
@@ -1181,15 +1158,6 @@ if ($page == 'customers'
 					$mysqls = - 1;
 				}
 
-				if ($settings['aps']['aps_active'] == '1') {
-					$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
-					if (isset($_POST['number_of_aps_packages_ul'])) {
-						$number_of_aps_packages = - 1;
-					}
-				} else {
-					$number_of_aps_packages = 0;
-				}
-
 				$createstdsubdomain = 0;
 				if (isset($_POST['createstdsubdomain'])) {
 					$createstdsubdomain = intval($_POST['createstdsubdomain']);
@@ -1218,23 +1186,19 @@ if ($page == 'customers'
 				   || ((($userinfo['emails_used'] + $emails - $result['emails']) > $userinfo['emails']) && $userinfo['emails'] != '-1')
 				   || ((($userinfo['email_accounts_used'] + $email_accounts - $result['email_accounts']) > $userinfo['email_accounts']) && $userinfo['email_accounts'] != '-1')
 				   || ((($userinfo['email_forwarders_used'] + $email_forwarders - $result['email_forwarders']) > $userinfo['email_forwarders']) && $userinfo['email_forwarders'] != '-1')
-				   || ((($userinfo['email_quota_used'] + $email_quota - $result['email_quota']) > $userinfo['email_quota']) && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
-				   || ((($userinfo['email_autoresponder_used'] + $email_autoresponder - $result['email_autoresponder']) > $userinfo['email_autoresponder']) && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
+				   || ((($userinfo['email_quota_used'] + $email_quota - $result['email_quota']) > $userinfo['email_quota']) && $userinfo['email_quota'] != '-1' && Settings::Get('system.mail_quota_enabled') == '1')
 				   || ((($userinfo['ftps_used'] + $ftps - $result['ftps']) > $userinfo['ftps']) && $userinfo['ftps'] != '-1')
 				   || ((($userinfo['tickets_used'] + $tickets - $result['tickets']) > $userinfo['tickets']) && $userinfo['tickets'] != '-1')
 				   || ((($userinfo['subdomains_used'] + $subdomains - $result['subdomains']) > $userinfo['subdomains']) && $userinfo['subdomains'] != '-1')
 				   || (($diskspace / 1024) == '-1' && ($userinfo['diskspace'] / 1024) != '-1')
-				   || ((($userinfo['aps_packages'] + $number_of_aps_packages - $result['aps_packages']) > $userinfo['aps_packages']) && $userinfo['aps_packages'] != '-1' && $settings['aps']['aps_active'] == '1')
 				   || ($mysqls == '-1' && $userinfo['mysqls'] != '-1')
 				   || ($emails == '-1' && $userinfo['emails'] != '-1')
 				   || ($email_accounts == '-1' && $userinfo['email_accounts'] != '-1')
 				   || ($email_forwarders == '-1' && $userinfo['email_forwarders'] != '-1')
-				   || ($email_quota == '-1' && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
-				   || ($email_autoresponder == '-1' && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
+				   || ($email_quota == '-1' && $userinfo['email_quota'] != '-1' && Settings::Get('system.mail_quota_enabled') == '1')
 				   || ($ftps == '-1' && $userinfo['ftps'] != '-1')
 				   || ($tickets == '-1' && $userinfo['tickets'] != '-1')
 				   || ($subdomains == '-1' && $userinfo['subdomains'] != '-1')
-				   || ($number_of_aps_packages == '-1' && $userinfo['aps_packages'] != '-1')
 				) {
 					standard_error('youcantallocatemorethanyouhave');
 					exit;
@@ -1257,7 +1221,7 @@ if ($page == 'customers'
 
 					if ($password != '') {
 						$password = validatePassword($password);
-						$password = md5($password);
+						$password = makeCryptPassword($password);
 					} else {
 						$password = $result['password'];
 					}
@@ -1270,12 +1234,12 @@ if ($page == 'customers'
 						&& $result['standardsubdomain'] == '0'
 					) {
 
-						if (isset($settings['system']['stdsubdomain'])
-							&& $settings['system']['stdsubdomain'] != ''
+						if (Settings::Get('system.stdsubdomain') !== null
+							&& Settings::Get('system.stdsubdomain') != ''
 						) {
-							$_stdsubdomain = $result['loginname'] . '.' . $settings['system']['stdsubdomain'];
+							$_stdsubdomain = $result['loginname'] . '.' . Settings::Get('system.stdsubdomain');
 						} else {
-							$_stdsubdomain = $result['loginname'] . '.' . $settings['system']['hostname'];
+							$_stdsubdomain = $result['loginname'] . '.' . Settings::Get('system.hostname');
 						}
 
 						$ins_data = array(
@@ -1290,7 +1254,7 @@ if ($page == 'customers'
 							`domain` = :domain,
 							`customerid` = :customerid,
 							`adminid` = :adminid,
-							`parentdomainid` = '-1',
+							`parentdomainid` = '0',
 							`documentroot` = :docroot,
 							`zonefile` = '',
 							`isemaildomain` = '0',
@@ -1307,7 +1271,7 @@ if ($page == 'customers'
 						$ins_stmt = Database::prepare("
 							INSERT INTO `".TABLE_DOMAINTOIP."` SET `id_domain` = :domainid, `id_ipandports` = :ipid"
 						);
-						Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => $settings['system']['defaultip']));
+						Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => Settings::Get('system.defaultip')));
 
 						$upd_stmt = Database::prepare("
 							UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `standardsubdomain` = :domainid WHERE `customerid` = :customerid"
@@ -1378,7 +1342,7 @@ if ($page == 'customers'
 						Database::needRoot(true);
 						$last_dbserver = 0;
 
-						$dbm = new DbManager($settings, $log);
+						$dbm = new DbManager($log);
 
 						// For each of them
 						while ($row_database = $databases_stmt->fetch(PDO::FETCH_ASSOC)) {
@@ -1389,7 +1353,7 @@ if ($page == 'customers'
 								$last_dbserver = $row_database['dbserver'];
 							}
 
-							foreach (array_unique(explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host) {
+							foreach (array_unique(explode(',', Settings::Get('system.mysql_access_host'))) as $mysql_access_host) {
 								$mysql_access_host = trim($mysql_access_host);
 
 								// Prevent access, if deactivated
@@ -1452,10 +1416,9 @@ if ($page == 'customers'
 						'phpenabled' => $phpenabled,
 						'imap' => $email_imap,
 						'pop3' => $email_pop3,
-						'aps' => $number_of_aps_packages,
 						'perlenabled' => $perlenabled,
-						'email_autoresponder' => $email_autoresponder,
-						'backup_allowed' => $backup_allowed
+						'custom_notes' => $custom_notes,
+						'custom_notes_show' => $custom_notes_show
 					);
 					$upd_stmt = Database::prepare("
 						UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
@@ -1486,10 +1449,9 @@ if ($page == 'customers'
 						`email_quota` = :email_quota,
 						`imap` = :imap,
 						`pop3` = :pop3,
-						`aps_packages` = :aps,
 						`perlenabled` = :perlenabled,
-						`email_autoresponder` = :email_autoresponder,
-						`backup_allowed` = :backup_allowed
+						`custom_notes` = :custom_notes,
+						`custom_notes_show` = :custom_notes_show
 						WHERE `customerid` = :customerid"
 					);
 					Database::pexecute($upd_stmt, $upd_data);
@@ -1554,17 +1516,6 @@ if ($page == 'customers'
 						}
 					}
 
-					if ($email_autoresponder != '-1' || $result['email_autoresponder'] != '-1') {
-						$admin_update_query.= ", `email_autoresponder_used` = `email_autoresponder_used` ";
-
-						if ($email_autoresponder != '-1') {
-							$admin_update_query.= " + 0" . (int)$email_autoresponder . " ";
-						}
-						if ($result['email_autoresponder'] != '-1') {
-							$admin_update_query.= " - 0" . (int)$result['email_autoresponder'] . " ";
-						}
-					}
-
 					if ($subdomains != '-1' || $result['subdomains'] != '-1') {
 						$admin_update_query.= ", `subdomains_used` = `subdomains_used` ";
 
@@ -1609,20 +1560,20 @@ if ($page == 'customers'
 						}
 					}
 
-					if ($number_of_aps_packages != '-1' || $result['aps_packages'] != '-1') {
-						$admin_update_query.= ", `aps_packages_used` = `aps_packages_used` ";
-
-						if ($number_of_aps_packages != '-1') {
-							$admin_update_query.= " + 0" . (int)$number_of_aps_packages . " ";
-						}
-						if ($result['aps_packages'] != '-1') {
-							$admin_update_query.= " - 0" . (int)$result['aps_packages'] . " ";
-						}
-					}
-
 					$admin_update_query.= " WHERE `adminid` = '" . (int)$result['adminid'] . "'";
 					Database::query($admin_update_query);
 					$log->logAction(ADM_ACTION, LOG_INFO, "edited user '" . $result['loginname'] . "'");
+
+					/*
+					 * move customer to another admin/reseller; #1166
+					 */
+					if ($move_to_admin > 0 && $move_to_admin != $result['adminid']) {
+						$move_result = moveCustomerToAdmin($id, $move_to_admin);
+						if ($move_result != true) {
+							standard_error('moveofcustomerfailed', $move_result);
+						}
+					}
+
 					$redirect_props = Array(
 						'page' => $page,
 						's' => $s
@@ -1638,8 +1589,9 @@ if ($page == 'customers'
 					$language_options.= makeoption($language_name, $language_file, $result['def_language'], true);
 				}
 
-				$result['traffic'] = round($result['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
-				$result['diskspace'] = round($result['diskspace'] / 1024, $settings['panel']['decimal_places']);
+				$dec_places = Settings::Get('panel.decimal_places');
+				$result['traffic'] = round($result['traffic'] / (1024 * 1024), $dec_places);
+				$result['diskspace'] = round($result['diskspace'] / 1024, $dec_places);
 				$result['email'] = $idna_convert->decode($result['email']);
 
 				$diskspace_ul = makecheckbox('diskspace_ul', $lng['customer']['unlimited'], '-1', false, $result['diskspace'], true, true);
@@ -1677,11 +1629,6 @@ if ($page == 'customers'
 					$result['email_quota'] = '';
 				}
 
-				$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, $result['email_autoresponder'], true, true);
-				if ($result['email_autoresponder'] == '-1') {
-					$result['email_autoresponder'] = '';
-				}
-
 				$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, $result['ftps'], true, true);
 				if ($result['ftps'] == '-1') {
 					$result['ftps'] = '';
@@ -1697,11 +1644,6 @@ if ($page == 'customers'
 					$result['mysqls'] = '';
 				}
 
-				$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, $result['aps_packages'], true, true);
-				if ($result['aps_packages'] == '-1') {
-					$result['aps_packages'] = '';
-				}
-
 				$result = htmlentities_array($result);
 
 				$gender_options = makeoption($lng['gender']['undef'], 0, ($result['gender'] == '0' ? true : false), true, true);

admin_domains.php

@@ -51,7 +51,7 @@ if ($page == 'domains'
 			'c.loginname' => $lng['login']['username'],
 			'd.aliasdomain' => $lng['domains']['aliasdomain']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_DOMAINS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_DOMAINS, $fields);
 		$domains = '';
 		$result_stmt = Database::prepare("
 			SELECT `d`.*, `c`.`loginname`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`standardsubdomain`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`
@@ -179,11 +179,6 @@ if ($page == 'domains'
 			if (isset($_POST['send'])
 				&& $_POST['send'] == 'send'
 			) {
-				//check for APS packages used with this domain, #110
-				if (domainHasApsInstances($id)) {
-					standard_error('domains_cantdeletedomainwithapsinstances');
-				}
-
 				// check for deletion of main-domains which are logically subdomains, #329
 				$rsd_sql = '';
 				$remove_subbutmain_domains = isset($_POST['delete_userfiles']) ? 1 : 0;
@@ -288,7 +283,7 @@ if ($page == 'domains'
 				&& $_POST['send'] == 'send'
 			) {
 
-				if ($_POST['domain'] == $settings['system']['hostname']) {
+				if ($_POST['domain'] == Settings::Get('system.hostname')) {
 					standard_error('admin_domain_emailsystemhostname');
 					exit;
 				}
@@ -356,7 +351,14 @@ if ($page == 'domains'
 					$admin = $userinfo;
 				}
 
-				$documentroot = $customer['documentroot'];
+				// set default path if admin/reseller has "change_serversettings == false" but we still
+				// need to respect the documentroot_use_default_value - setting
+				$path_suffix = '';
+				if (Settings::Get('system.documentroot_use_default_value') == 1) {
+					$path_suffix = '/'.$domain;
+				}
+				$documentroot = makeCorrectDir($customer['documentroot'] . $path_suffix);
+
 				$registration_date = trim($_POST['registration_date']);
 				$registration_date = validate($registration_date, 'registration_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', ''));
 
@@ -366,7 +368,7 @@ if ($page == 'domains'
 
 					$isbinddomain = '0';
 					$zonefile = '';
-					if ($settings['system']['bind_enable'] == '1') {
+					if (Settings::Get('system.bind_enable') == '1') {
 						if (isset($_POST['isbinddomain'])) {
 							$isbinddomain = intval($_POST['isbinddomain']);
 						}
@@ -396,14 +398,14 @@ if ($page == 'domains'
 						}
 					} elseif (isset($_POST['documentroot'])
 						&& ($_POST['documentroot'] == '') 
-						&& ($settings['system']['documentroot_use_default_value'] == 1)
+						&& (Settings::Get('system.documentroot_use_default_value') == 1)
 					) {
 						$documentroot = makeCorrectDir($customer['documentroot'] . '/' . $domain);
 					}
 
 				} else {
 					$isbinddomain = '0';
-					if ($settings['system']['bind_enable'] == '1') {
+					if (Settings::Get('system.bind_enable') == '1') {
 						$isbinddomain = '1';
 					}
 					$caneditdomain = '1';
@@ -418,8 +420,8 @@ if ($page == 'domains'
 
 					$openbasedir = isset($_POST['openbasedir']) ? intval($_POST['openbasedir']) : 0;
 
-					if ((int)$settings['system']['mod_fcgid'] == 1
-						|| (int)$settings['phpfpm']['enabled'] == 1
+					if ((int)Settings::Get('system.mod_fcgid') == 1
+						|| (int)Settings::Get('phpfpm.enabled') == 1
 					) {
 						$phpsettingid = (int)$_POST['phpsettingid'];
 						$phpsettingid_check_stmt = Database::prepare("
@@ -435,7 +437,7 @@ if ($page == 'domains'
 							standard_error('phpsettingidwrong');
 						}
 
-						if ((int)$settings['system']['mod_fcgid'] == 1) {
+						if ((int)Settings::Get('system.mod_fcgid') == 1) {
 							$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
 							$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
 						} else {
@@ -445,10 +447,10 @@ if ($page == 'domains'
 
 					} else {
 
-						if ((int)$settings['phpfpm']['enabled'] == 1) {
-							$phpsettingid = $settings['phpfpm']['defaultini'];
+						if ((int)Settings::Get('phpfpm.enabled') == 1) {
+							$phpsettingid = Settings::Get('phpfpm.defaultini');
 						} else {
-							$phpsettingid = $settings['system']['mod_fcgid_defaultini'];
+							$phpsettingid = Settings::Get('system.mod_fcgid_defaultini');
 						}
 						$mod_fcgid_starter = '-1';
 						$mod_fcgid_maxrequests = '-1';
@@ -457,10 +459,10 @@ if ($page == 'domains'
 				} else {
 
 					$openbasedir = '1';
-					if ((int)$settings['phpfpm']['enabled'] == 1) {
-						$phpsettingid = $settings['phpfpm']['defaultini'];
+					if ((int)Settings::Get('phpfpm.enabled') == 1) {
+						$phpsettingid = Settings::Get('phpfpm.defaultini');
 					} else {
-						$phpsettingid = $settings['system']['mod_fcgid_defaultini'];
+						$phpsettingid = Settings::Get('system.mod_fcgid_defaultini');
 					}
 					$mod_fcgid_starter = '-1';
 					$mod_fcgid_maxrequests = '-1';
@@ -469,10 +471,10 @@ if ($page == 'domains'
 				if ($userinfo['ip'] != "-1") {
 					$admin_ip_stmt = Database::prepare("
 						SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "`
-						WHERE `id` = :ip ORDER BY `ip`, `port` ASC"
+						WHERE `id` = :id ORDER BY `ip`, `port` ASC"
 					);
 					$admin_ip = Database::pexecute_first($admin_ip_stmt, array('id' => $userinfo['ip']));
-					$additional_ip_condition = " AND `ip` = '" . $admin_ip['ip'] . "' ";
+					$additional_ip_condition = " AND `ip` = :adminip ";
 					$aip_param = array('adminip' => $admin_ip['ip']);
 				} else {
 					$additional_ip_condition = '';
@@ -506,7 +508,7 @@ if ($page == 'domains'
 					}
 				}
 
-				if ($settings['system']['use_ssl'] == "1"
+				if (Settings::Get('system.use_ssl') == "1"
 					&& isset($_POST['ssl_ipandport'])
 				) {
 					$ssl_redirect = 0;
@@ -577,14 +579,26 @@ if ($page == 'domains'
 				if ($aliasdomain != 0) {
 					// Overwrite given ipandports with these of the "main" domain
 					$ipandports = array();
+					$ssl_ipandports = array();
 					$origipresult_stmt = Database::prepare("
 						SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP ."`
 						WHERE `id_domain` = :id"
 					);
 					Database::pexecute($origipresult_stmt, array('id' => $aliasdomain));
-
+					$ipdata_stmt = Database::prepare("SELECT * FROM `".TABLE_PANEL_IPSANDPORTS."` WHERE `id` = :ipid");
 					while ($origip = $origipresult_stmt->fetch(PDO::FETCH_ASSOC)) {
-						$ipandports[] = $origip['id_ipandports'];
+						$_origip_tmp = Database::pexecute_first($ipdata_stmt, array('ipid' => $origip['id_ipandports']));
+						if ($_origip_tmp['ssl'] == 0) {
+							$ipandports[] = $origip['id_ipandports'];
+						} else {
+							$ssl_ipandports[] = $origip['id_ipandports'];
+						}
+					}
+
+					if (count($ssl_ipandports) == 0) {
+						// we need this for the serialize
+						// if ssl is disabled or no ssl-ip/port exists
+						$ssl_ipandports[] = -1;
 					}
 
 					$aliasdomain_check_stmt = Database::prepare("
@@ -651,7 +665,7 @@ if ($page == 'domains'
 					standard_error(array('stringisempty', 'mydomain'));
 				}
 				// Check whether domain validation is enabled and if, validate the domain
-				elseif ($settings['system']['validate_domain'] && !validateDomain($domain)) {
+				elseif (Settings::Get('system.validate_domain') && !validateDomain($domain)) {
 					standard_error(array('stringiswrong', 'mydomain'));
 				} elseif($documentroot == '') {
 					standard_error(array('stringisempty', 'mydocumentroot'));
@@ -749,6 +763,9 @@ if ($page == 'domains'
 						`aliasdomain` = :aliasdomain,
 						`zonefile` = :zonefile,
 						`dkim` = :dkim,
+						`dkim_id` = '0',
+						`dkim_privkey` = '',
+						`dkim_pubkey` = '',
 						`wwwserveralias` = :wwwserveralias,
 						`iswildcarddomain` = :iswildcarddomain,
 						`isbinddomain` = :isbinddomain,
@@ -776,16 +793,17 @@ if ($page == 'domains'
 					);
 					Database::pexecute($upd_stmt, array('adminid' => $adminid));
 
+					$ins_stmt = Database::prepare("
+						INSERT INTO `" . TABLE_DOMAINTOIP . "` SET
+						`id_domain` = :domainid,
+						`id_ipandports` = :ipandportsid
+					");
+
 					foreach ($ipandports as $ipportid) {
 						$ins_data = array(
 							'domainid' => $domainid,
 							'ipandportsid' => $ipportid
 						);
-						$ins_stmt = Database::prepare("
-							INSERT INTO `" . TABLE_DOMAINTOIP . "` SET
-							`id_domain` = :domainid,
-							`id_ipandports` = :ipandportsid
-						");
 						Database::pexecute($ins_stmt, $ins_data);
 					}
 
@@ -795,11 +813,6 @@ if ($page == 'domains'
 								'domainid' => $domainid,
 								'ipandportsid' => $ssl_ipportid
 							);
-							$ins_stmt = Database::prepare("
-								INSERT INTO `" . TABLE_DOMAINTOIP . "` SET
-								`id_domain` = :domainid,
-								`id_ipandports` = :ipandportsid
-							");
 							Database::pexecute($ins_stmt, $ins_data);
 						}
 					}
@@ -877,7 +890,7 @@ if ($page == 'domains'
 						$row_ipandport['ip'] = '[' . $row_ipandport['ip'] . ']';
 					}
 
-					$ipsandports[] = array('label' => $row_ipandport['ip'] . ':' . $row_ipandport['port'], 'value' => $row_ipandport['id']);
+					$ipsandports[] = array('label' => $row_ipandport['ip'] . ':' . $row_ipandport['port'] . '<br />', 'value' => $row_ipandport['id']);
 				}
 
 				$ssl_ipsandports = array();
@@ -887,7 +900,7 @@ if ($page == 'domains'
 						$row_ssl_ipandport['ip'] = '[' . $row_ssl_ipandport['ip'] . ']';
 					}
 
-					$ssl_ipsandports[] = array('label' => $row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'], 'value' => $row_ssl_ipandport['id']);
+					$ssl_ipsandports[] = array('label' => $row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'] . '<br />', 'value' => $row_ssl_ipandport['id']);
 				}
 
 				$standardsubdomains = array();
@@ -940,10 +953,10 @@ if ($page == 'domains'
 				$configs = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
 
 				while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
-					if ((int)$settings['phpfpm']['enabled'] == 1) {
-						$phpconfigs.= makeoption($row['description'], $row['id'], $settings['phpfpm']['defaultini'], true, true);
+					if ((int)Settings::Get('phpfpm.enabled') == 1) {
+						$phpconfigs.= makeoption($row['description'], $row['id'], Settings::Get('phpfpm.defaultini'), true, true);
 					} else {
-						$phpconfigs.= makeoption($row['description'], $row['id'], $settings['system']['mod_fcgid_defaultini'], true, true);
+						$phpconfigs.= makeoption($row['description'], $row['id'], Settings::Get('system.mod_fcgid_defaultini'), true, true);
 					}
 				}
 
@@ -1051,7 +1064,7 @@ if ($page == 'domains'
 
 				if ($customerid > 0
 					&& $customerid != $result['customerid']
-					&& $settings['panel']['allow_domain_change_customer'] == '1'
+					&& Settings::Get('panel.allow_domain_change_customer') == '1'
 				) {
 
 					$customer_stmt = Database::prepare("
@@ -1099,7 +1112,7 @@ if ($page == 'domains'
 
 					if ($adminid > 0
 						&& $adminid != $result['adminid']
-						&& $settings['panel']['allow_domain_change_admin'] == '1'
+						&& Settings::Get('panel.allow_domain_change_admin') == '1'
 					) {
 
 						$admin_stmt = Database::prepare("
@@ -1155,7 +1168,7 @@ if ($page == 'domains'
 				if ($userinfo['change_serversettings'] == '1') {
 					$isbinddomain = $result['isbinddomain'];
 					$zonefile = $result['zonefile'];
-					if ($settings['system']['bind_enable'] == '1') {
+					if (Settings::Get('system.bind_enable') == '1') {
 						if (isset($_POST['isbinddomain'])) {
 							$isbinddomain = (int)$_POST['isbinddomain'];
 						} else {
@@ -1164,7 +1177,7 @@ if ($page == 'domains'
 						$zonefile = validate($_POST['zonefile'], 'zonefile');
 					}
 
-					if ($settings['dkim']['use_dkim'] == '1') {
+					if (Settings::Get('dkim.use_dkim') == '1') {
 						$dkim = isset($_POST['dkim']) ? 1 : 0;
 					} else {
 						$dkim = $result['dkim'];
@@ -1176,7 +1189,7 @@ if ($page == 'domains'
 					if ($documentroot == '') {
 						// If path is empty and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
 						// set default path to subdomain or domain name
-						if ($settings['system']['documentroot_use_default_value'] == 1) {
+						if (Settings::Get('system.documentroot_use_default_value') == 1) {
 							$documentroot = makeCorrectDir($customer['documentroot'] . '/' . $result['domain']);
 						} else {
 							$documentroot = $customer['documentroot'];
@@ -1205,8 +1218,8 @@ if ($page == 'domains'
 
 					$openbasedir = isset($_POST['openbasedir']) ? intval($_POST['openbasedir']) : 0;
 
-					if ((int)$settings['system']['mod_fcgid'] == 1
-						|| (int)$settings['phpfpm']['enabled'] == 1
+					if ((int)Settings::Get('system.mod_fcgid') == 1
+						|| (int)Settings::Get('phpfpm.enabled') == 1
 					) {
 						$phpsettingid = (int)$_POST['phpsettingid'];
 						$phpsettingid_check_stmt = Database::prepare("
@@ -1221,7 +1234,7 @@ if ($page == 'domains'
 							standard_error('phpsettingidwrong');
 						}
 
-						if ((int)$settings['system']['mod_fcgid'] == 1) {
+						if ((int)Settings::Get('system.mod_fcgid') == 1) {
 							$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
 							$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
 						} else {
@@ -1266,7 +1279,7 @@ if ($page == 'domains'
 					}
 				}
 
-				if ($settings['system']['use_ssl'] == '1'
+				if (Settings::Get('system.use_ssl') == '1'
 					&& isset($_POST['ssl_ipandport'])
 				) {
 					$ssl = 1; // if ssl is set and != 0, it can only be 1
@@ -1356,13 +1369,27 @@ if ($page == 'domains'
 				if ($aliasdomain != 0) {
 					// Overwrite given ipandports with these of the "main" domain
 					$ipandports = array();
+					$ssl_ipandports = array();
 					$origipresult_stmt = Database::prepare("
 						SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP ."` WHERE `id_domain` = :aliasdomain
 					");
 					Database::pexecute($origipresult_stmt, array('aliasdomain' => $aliasdomain));
+					$ipdata_stmt = Database::prepare("SELECT * FROM `".TABLE_PANEL_IPSANDPORTS."` WHERE `id` = :ipid");
 					while ($origip = $origipresult_stmt->fetch(PDO::FETCH_ASSOC)) {
-						$ipandports[] = $origip['id_ipandports'];
+						$_origip_tmp = Database::pexecute_first($ipdata_stmt, array('ipid' => $origip['id_ipandports']));
+						if ($_origip_tmp['ssl'] == 0) {
+							$ipandports[] = $origip['id_ipandports'];
+						} else {
+							$ssl_ipandports[] = $origip['id_ipandports'];
+						}
 					}
+
+					if (count($ssl_ipandports) == 0) {
+						// we need this for the serialize
+						// if ssl is disabled or no ssl-ip/port exists
+						$ssl_ipandports[] = -1;
+					}
+
 					$aliasdomain_check_stmt = Database::prepare("
 						SELECT `d`.`id` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c`
 						WHERE `d`.`customerid` = :customerid
@@ -1495,7 +1522,7 @@ if ($page == 'domains'
 				}
 
 				if ($customerid != $result['customerid']
-					&& $settings['panel']['allow_domain_change_customer'] == '1'
+					&& Settings::Get('panel.allow_domain_change_customer') == '1'
 				) {
 					$upd_data = array('customerid' => $customerid, 'domainid' => $result['id']);
 					$upd_stmt = Database::prepare("
@@ -1531,7 +1558,7 @@ if ($page == 'domains'
 				}
 
 				if ($adminid != $result['adminid']
-					&& $settings['panel']['allow_domain_change_admin'] == '1'
+					&& Settings::Get('panel.allow_domain_change_admin') == '1'
 				) {
 					$upd_stmt = Database::prepare("
 						UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` + 1 WHERE `adminid` = :adminid
@@ -1624,6 +1651,13 @@ if ($page == 'domains'
 				$_update_data['mod_fcgid_maxrequests'] = $mod_fcgid_maxrequests;
 				$_update_data['parentdomainid'] = $id;
 
+				// if we have no more ssl-ip's for this domain,
+				// all its subdomains must have "ssl-redirect = 0"
+				$update_sslredirect = '';
+				if (count($ssl_ipandports) == 1 && $ssl_ipandports[0] == -1) {
+					$update_sslredirect = ", `ssl_redirect` = '0' ";
+				}
+
 				$_update_stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
 					`customerid` = :customerid,
@@ -1632,7 +1666,7 @@ if ($page == 'domains'
 					`phpsettingid` = :phpsettingid,
 					`mod_fcgid_starter` = :mod_fcgid_starter,
 					`mod_fcgid_maxrequests` = :mod_fcgid_maxrequests
-					" . $upd_specialsettings . $updatechildren . " 
+					" . $upd_specialsettings . $updatechildren . $update_sslredirect . "
 					WHERE `parentdomainid` = :parentdomainid
 				");
 				Database::pexecute($_update_stmt, $_update_data);
@@ -1640,6 +1674,8 @@ if ($page == 'domains'
 				// FIXME check how many we got and if the amount of assigned IP's
 				// has changed so we can insert a config-rebuild task if only
 				// the ip's of this domain were changed
+				// -> for now, always insert a rebuild-task
+				inserttask('1');
 
 				// Cleanup domain <-> ip mapping
 				$del_stmt = Database::prepare("
@@ -1683,7 +1719,9 @@ if ($page == 'domains'
 						Database::pexecute($ins_stmt, array('rowid' => $row['id'], 'ipportid' => $ipportid));
 					}
 					foreach ($ssl_ipandports as $ssl_ipportid) {
-						Database::pexecute($ins_stmt, array('rowid' => $row['id'], 'ipportid' => $ssl_ipportid));
+						if ($ssl_ipportid > 0) {
+							Database::pexecute($ins_stmt, array('rowid' => $row['id'], 'ipportid' => $ssl_ipportid));
+						}
 					}
 				}
 
@@ -1693,7 +1731,7 @@ if ($page == 'domains'
 			} else {
 
 
-				if ($settings['panel']['allow_domain_change_customer'] == '1') {
+				if (Settings::Get('panel.allow_domain_change_customer') == '1') {
 					$customers = '';
 					$result_customers_stmt = Database::prepare("
 						SELECT `customerid`, `loginname`, `name`, `firstname`, `company` FROM `" . TABLE_PANEL_CUSTOMERS . "`
@@ -1730,7 +1768,7 @@ if ($page == 'domains'
 				}
 
 				if ($userinfo['customers_see_all'] == '1') {
-					if ($settings['panel']['allow_domain_change_admin'] == '1') {
+					if (Settings::Get('panel.allow_domain_change_admin') == '1') {
 
 						$admins = '';
 						$result_admins_stmt = Database::prepare("
@@ -1813,7 +1851,7 @@ if ($page == 'domains'
 					if (filter_var($row_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
 						$row_ipandport['ip'] = '[' . $row_ipandport['ip'] . ']';
 					}
-					$ipsandports[] = array('label' => $row_ipandport['ip'] . ':' . $row_ipandport['port'], 'value' => $row_ipandport['id']);
+					$ipsandports[] = array('label' => $row_ipandport['ip'] . ':' . $row_ipandport['port'] . '<br />', 'value' => $row_ipandport['id']);
 				}
 
 				$ssl_ipsandports = array();
@@ -1821,7 +1859,7 @@ if ($page == 'domains'
 					if (filter_var($row_ssl_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
 						$row_ssl_ipandport['ip'] = '[' . $row_ssl_ipandport['ip'] . ']';
 					}
-					$ssl_ipsandports[] = array('label' => $row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'], 'value' => $row_ssl_ipandport['id']);
+					$ssl_ipsandports[] = array('label' => $row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'] . '<br />', 'value' => $row_ssl_ipandport['id']);
 				}
 
 				$result['specialsettings'] = $result['specialsettings'];
@@ -1865,5 +1903,60 @@ if ($page == 'domains'
 				eval("echo \"" . getTemplate("domains/domains_edit") . "\";");
 			}
 		}
+	} elseif($action == 'import') {
+
+		if (isset($_POST['send'])
+			&& $_POST['send'] == 'send'
+		) {
+
+			$customerid = intval($_POST['customerid']);
+			$separator = validate($_POST['separator'], 'separator');
+			$offset = (int)validate($_POST['offset'], 'offset', "/[0-9]/i");
+
+			$file_name = $_FILES['file']['tmp_name'];
+
+			$result = array();
+
+			try {
+				$bulk = new DomainBulkAction($file_name, $customerid);
+				$result = $bulk->doImport($separator, $offset);
+			} catch (Exception $e) {
+				standard_error('domain_import_error', $e->getMessage());
+			}
+
+			// @FIXME find a way to display $result['notice'] here somehow,
+			//        as it might be important if you've reached your maximum allocation of domains
+
+			// update customer/admin counters
+			updateCounters(false);
+
+			$result_str = $result['imported'] . ' / ' . $result['all'];
+			standard_success('domain_import_successfully', $result_str, array('filename' => $filename, 'action' => '', 'page' => 'domains'));
+		} else {
+			$customers = makeoption($lng['panel']['please_choose'], 0, 0, true);
+			$result_customers_stmt = Database::prepare("
+				SELECT `customerid`, `loginname`, `name`, `firstname`, `company`
+				FROM `" . TABLE_PANEL_CUSTOMERS . "` " .
+				($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = '" . (int)$userinfo['adminid'] . "' ") .
+				" ORDER BY `name` ASC"
+			);
+			$params = array();
+			if ($userinfo['customers_see_all'] == '0') {
+				$params['adminid'] = $userinfo['adminid'];
+			}
+			Database::pexecute($result_customers_stmt, $params);
+
+			while ($row_customer = $result_customers_stmt->fetch(PDO::FETCH_ASSOC)) {
+				$customers.= makeoption(getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
+			}
+
+			$domain_import_data = include_once dirname(__FILE__).'/lib/formfields/admin/domains/formfield.domains_import.php';
+			$domain_import_form = htmlform::genHTMLForm($domain_import_data);
+
+			$title = $domain_import_data['domain_import']['title'];
+			$image = $domain_import_data['domain_import']['image'];
+
+			eval("echo \"" . getTemplate("domains/domains_import") . "\";");
+		}
 	}
 }

admin_index.php

@@ -26,7 +26,7 @@ if ($action == 'logout')  {
 
 	$params = array('adminid' => (int)$userinfo['adminid']);
 
-	if ($settings['session']['allow_multiple_login'] == '1') {
+	if (Settings::Get('session.allow_multiple_login') == '1') {
 		$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "`
 			WHERE `userid` = :adminid
 			AND `adminsession` = '1'
@@ -60,17 +60,16 @@ if ($page == 'overview') {
 				SUM(`email_accounts_used`) AS `email_accounts_used`,
 				SUM(`email_forwarders_used`) AS `email_forwarders_used`,
 				SUM(`email_quota_used`) AS `email_quota_used`,
-				SUM(`email_autoresponder_used`) AS `email_autoresponder_used`,
 				SUM(`ftps_used`) AS `ftps_used`,
 				SUM(`tickets_used`) AS `tickets_used`,
 				SUM(`subdomains_used`) AS `subdomains_used`,
-				SUM(`traffic_used`) AS `traffic_used`,
-				SUM(`aps_packages_used`) AS `aps_packages_used`
+				SUM(`traffic_used`) AS `traffic_used`
 				FROM `" . TABLE_PANEL_CUSTOMERS . "`" . ($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = :adminid "));
 	$overview = Database::pexecute_first($overview_stmt, array('adminid' => $userinfo['adminid']));
 
-	$overview['traffic_used'] = round($overview['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$overview['diskspace_used'] = round($overview['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
+	$dec_places = Settings::Get('panel.decimal_places');
+	$overview['traffic_used'] = round($overview['traffic_used'] / (1024 * 1024), $dec_places);
+	$overview['diskspace_used'] = round($overview['diskspace_used'] / 1024, $dec_places);
 
 	$number_domains_stmt = Database::prepare("
 		SELECT COUNT(*) AS `number_domains` FROM `" . TABLE_PANEL_DOMAINS . "`
@@ -109,7 +108,7 @@ if ($page == 'overview') {
 					$lookfornewversion_addinfo = $_message;
 
 					// not numeric -> error-message
-					if (!is_numeric($_version)) {
+					if (!preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
 						// check for customized version to not output
 						// "There is a newer version of froxlor" besides the error-message
 						$isnewerversion = 2;
@@ -119,13 +118,13 @@ if ($page == 'overview') {
 						$isnewerversion = 0;
 					}
 				} else {
-					redirectTo($update_check_uri.'/pretty', NULL);
+					redirectTo($update_check_uri.'/pretty', NULL, false);
 				}
 			} else {
-				redirectTo($update_check_uri.'/pretty', NULL);
+				redirectTo($update_check_uri.'/pretty', NULL, false);
 			}
 		} else {
-			redirectTo($update_check_uri.'/pretty', NULL);
+			redirectTo($update_check_uri.'/pretty', NULL, false);
 		}
 	} else {
 		$lookfornewversion_lable = $lng['admin']['lookfornewversion']['clickhere'];
@@ -134,11 +133,14 @@ if ($page == 'overview') {
 		$isnewerversion = 0;
 	}
 
-	$userinfo['diskspace'] = round($userinfo['diskspace'] / 1024, $settings['panel']['decimal_places']);
-	$userinfo['diskspace_used'] = round($userinfo['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
-	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps tickets subdomains aps_packages');
+	$dec_places = Settings::Get('panel.decimal_places');
+	$userinfo['diskspace'] = round($userinfo['diskspace'] / 1024, $dec_places);
+	$userinfo['diskspace_used'] = round($userinfo['diskspace_used'] / 1024, $dec_places);
+	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), $dec_places);
+	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $dec_places);
+	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps tickets subdomains');
+
+	$userinfo['custom_notes'] = ($userinfo['custom_notes'] != '') ? nl2br($userinfo['custom_notes']) : '';
 
 	$cron_last_runs = getCronjobsLastRun();
 	$outstanding_tasks = getOutstandingTasks();
@@ -197,7 +199,7 @@ if ($page == 'overview') {
 	) {
 		$old_password = validate($_POST['old_password'], 'old password');
 
-		if (md5($old_password) != $userinfo['password']) {
+		if (!validatePasswordLogin($userinfo,$old_password,TABLE_PANEL_ADMINS,'adminid')) {
 			standard_error('oldpasswordnotcorrect');
 			exit;
 		}
@@ -217,13 +219,11 @@ if ($page == 'overview') {
 			$chgpwd_stmt = Database::prepare("
 				UPDATE `" . TABLE_PANEL_ADMINS . "`
 				SET `password`= :newpasswd
-				WHERE `adminid`= :adminid
-				AND `password`= :oldpasswd"
+				WHERE `adminid`= :adminid"
 			);
 			Database::pexecute($chgpwd_stmt, array(
-				'newpasswd' => md5($new_password),
-				'adminid' => (int)$userinfo['adminid'],
-				'oldpasswd' => md5($old_password)
+				'newpasswd' => makeCryptPassword($new_password),
+				'adminid' => (int)$userinfo['adminid']
 			));
 			$log->logAction(ADM_ACTION, LOG_NOTICE, 'changed password');
 			redirectTo($filename, Array('s' => $s));
@@ -268,7 +268,7 @@ if ($page == 'overview') {
 
 		$language_options = '';
 
-		$default_lang = $settings['panel']['standardlanguage'];
+		$default_lang = Settings::Get('panel.standardlanguage');
 		if ($userinfo['def_language'] != '') {
 			$default_lang = $userinfo['def_language'];
 		}
@@ -314,21 +314,21 @@ if ($page == 'overview') {
 
 		$theme_options = '';
 
-		$default_theme = $settings['panel']['default_theme'];
+		$default_theme = Settings::Get('panel.default_theme');
 		if ($userinfo['theme'] != '') {
 			$default_theme = $userinfo['theme'];
 		}
 
 		$themes_avail = getThemes();
-		foreach ($themes_avail as $t) {
-			$theme_options.= makeoption($t, $t, $default_theme, true);
+		foreach ($themes_avail as $t => $d) {
+			$theme_options.= makeoption($d, $t, $default_theme, true);
 		}
 
 		eval("echo \"" . getTemplate("index/change_theme") . "\";");
 	}
 
 } elseif ($page == 'send_error_report'
-	&& $settings['system']['allow_error_report_admin'] == '1'
+	&& Settings::Get('system.allow_error_report_admin') == '1'
 ) {
 
 	// only show this if we really have an exception to report

admin_ipsandports.php

@@ -37,7 +37,7 @@ if ($page == 'ipsandports'
 			'ip' => $lng['admin']['ipsandports']['ip'],
 			'port' => $lng['admin']['ipsandports']['port']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_IPSANDPORTS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_IPSANDPORTS, $fields);
 		$ipsandports = '';
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` " . $paging->getSqlWhere(false) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		Database::pexecute($result_stmt);
@@ -79,7 +79,7 @@ if ($page == 'ipsandports'
 			$result_checkdomain = Database::pexecute_first($result_checkdomain_stmt, array('id' => $id));
 
 			if ($result_checkdomain['id'] == '') {
-				if ($result['id'] != $settings['system']['defaultip']) {
+				if ($result['id'] != Settings::Get('system.defaultip')) {
 
 					$result_sameipotherport_stmt = Database::prepare("
 						SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "`
@@ -87,8 +87,8 @@ if ($page == 'ipsandports'
 					);
 					$result_sameipotherport = Database::pexecute_first($result_sameipotherport_stmt, array('id' => $id, 'ip' => $result['ip']));
 
-					if (($result['ip'] != $settings['system']['ipaddress'])
-						|| ($result['ip'] == $settings['system']['ipaddress']
+					if (($result['ip'] != Settings::Get('system.ipaddress'))
+						|| ($result['ip'] == Settings::Get('system.ipaddress')
 						&& $result_sameipotherport['id'] != '')
 					) {
 						$result_stmt = Database::prepare("
@@ -152,7 +152,7 @@ if ($page == 'ipsandports'
 			$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
 			$docroot = validate($_POST['docroot'], 'docroot');
 
-			if ((int)$settings['system']['use_ssl'] == 1) {
+			if ((int)Settings::Get('system.use_ssl') == 1) {
 				$ssl = isset($_POST['ssl']) ? intval($_POST['ssl']) : 0;
 				$ssl_cert_file = validate($_POST['ssl_cert_file'], 'ssl_cert_file');
 				$ssl_key_file = validate($_POST['ssl_key_file'], 'ssl_key_file');
@@ -304,7 +304,7 @@ if ($page == 'ipsandports'
 				);
 				$result_sameipotherport = Database::pexecute_first($result_sameipotherport_stmt, array('ip' => $ip, 'id' => $id));
 
-				if ((int)$settings['system']['use_ssl'] == 1
+				if ((int)Settings::Get('system.use_ssl') == 1
 					&& isset($_POST['ssl'])
 					&& $_POST['ssl'] != 0
 				) {
@@ -364,7 +364,7 @@ if ($page == 'ipsandports'
 				}
 
 				if ($result['ip'] != $ip
-					&& $result['ip'] == $settings['system']['ipaddress']
+					&& $result['ip'] == Settings::Get('system.ipaddress')
 					&& $result_sameipotherport['id'] == ''
 				) {
 					standard_error('cantchangesystemip');

admin_logger.php

@@ -30,9 +30,7 @@ if ($page == 'log'
 			'user' => $lng['logger']['user'],
 			'text' => $lng['logger']['action']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$paging->sortfield = 'date';
-		$paging->sortorder = 'desc';
+		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc');
 		$result_stmt = Database::query('
 			SELECT * FROM `' . TABLE_PANEL_LOG . '` ' . $paging->getSqlWhere(false) . ' ' . $paging->getSqlOrderBy() . ' ' . $paging->getSqlLimit()
 		);
@@ -78,19 +76,22 @@ if ($page == 'log'
 								$_action = $lng['admin']['customer'];
 								break;
 							case RES_ACTION:
-								$_action = 'Reseller';
+								$_action = $lng['logger']['reseller'];
 								break;
 							case ADM_ACTION:
-								$_action = 'Administrator';
+								$_action = $lng['logger']['admin'];
 								break;
 							case CRON_ACTION:
-								$_action = 'Cronjob';
+								$_action = $lng['logger']['cron'];
+								break;
+							case LOGIN_ACTION:
+								$_action = $lng['logger']['login'];
 								break;
 							case LOG_ERROR:
-								$_action = 'Internal';
+								$_action = $lng['logger']['intern'];
 								break;
 							default:
-								$_action = 'Unknown';
+								$_action = $lng['logger']['unknown'];
 								break;
 						}
 

admin_phpsettings.php

@@ -48,7 +48,7 @@ if ($page == 'overview') {
 				$query_params['adminid'] = $userinfo['adminid'];
 			}
 
-			if ((int)$settings['panel']['phpconfigs_hidestdsubdomain'] == 1) {
+			if ((int)Settings::Get('panel.phpconfigs_hidestdsubdomain') == 1) {
 				$ssdids_res = Database::query("
 					SELECT DISTINCT `standardsubdomain` FROM `".TABLE_PANEL_CUSTOMERS."`
 					WHERE `standardsubdomain` > 0 ORDER BY `standardsubdomain` ASC;"
@@ -70,9 +70,28 @@ if ($page == 'overview') {
 				while ($row2 = $domainresult_stmt->fetch(PDO::FETCH_ASSOC)) {
 					$domains.= $row2['domain'] . '<br/>';
 				}
-			} else {
+			}
+
+			// check whether we use that config as froxor-vhost config
+			if (Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $row['id']
+				|| Settings::Get('phpfpm.vhost_defaultini') == $row['id']
+			) {
+				$domains .= Settings::Get('system.hostname');
+			}
+
+			if ($domains == '') {
 				$domains = $lng['admin']['phpsettings']['notused'];
 			}
+
+			// check whether this is our default config
+			if ((Settings::Get('system.mod_fcgid') == '1'
+				&& Settings::Get('system.mod_fcgid_defaultini') == $row['id'])
+				|| (Settings::Get('phpfpm.enabled') == '1'
+				&& Settings::Get('phpfpm.defaultini') == $row['id'])
+			) {
+				$row['description'] = '<b>'.$row['description'].'</b>';
+			}
+
 			$count ++;
 			eval("\$tablecontent.=\"" . getTemplate("phpconfig/overview_overview") . "\";");
 		}
@@ -91,7 +110,7 @@ if ($page == 'overview') {
 				$description = validate($_POST['description'], 'description');
 				$phpsettings = validate(str_replace("\r\n", "\n", $_POST['phpsettings']), 'phpsettings', '/^[^\0]*$/');
 
-				if ($settings['system']['mod_fcgid'] == 1) {
+				if (Settings::Get('system.mod_fcgid') == 1) {
 					$binary = makeCorrectFile(validate($_POST['binary'], 'binary'));
 					$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
 					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
@@ -101,7 +120,7 @@ if ($page == 'overview') {
 					$fpm_reqtermtimeout = 0;
 					$fpm_reqslowtimeout = 0;
 				}
-				elseif ($settings['phpfpm']['enabled'] == 1) {
+				elseif (Settings::Get('phpfpm.enabled') == 1) {
 					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int)$_POST['phpfpm_enable_slowlog'] : 0;
 					$fpm_reqtermtimeout = validate($_POST['phpfpm_reqtermtimeout'], 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/');
 					$fpm_reqslowtimeout = validate($_POST['phpfpm_reqslowtimeout'], 'phpfpm_reqslowtimeout', '/^([0-9]+)(|s|m|h|d)$/');
@@ -173,6 +192,22 @@ if ($page == 'overview') {
 		);
 		$result = Database::pexecute_first($result_stmt, array('id' => $id));
 
+		if ((Settings::Get('system.mod_fcgid') == '1'
+			&& Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $id)
+			|| (Settings::Get('phpfpm.enabled') == '1'
+			&& Settings::Get('phpfpm.vhost_defaultini') == $id)
+		) {
+			standard_error('cannotdeletehostnamephpconfig');
+		}
+
+		if ((Settings::Get('system.mod_fcgid') == '1'
+			&& Settings::Get('system.mod_fcgid_defaultini') == $id)
+			|| (Settings::Get('phpfpm.enabled') == '1'
+			&& Settings::Get('phpfpm.defaultini') == $id)
+		) {
+			standard_error('cannotdeletedefaultphpconfig');
+		}
+
 		if ($result['id'] != 0
 			&& $result['id'] == $id
 			&& (int)$userinfo['change_serversettings'] == 1
@@ -186,7 +221,7 @@ if ($page == 'overview') {
 				// config that is to be deleted
 				$upd_stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
-					`phpsettingid` = 1 WHERE `phpsettingid` = :id"
+					`phpsettingid` = '1' WHERE `phpsettingid` = :id"
 				);
 				Database::pexecute($upd_stmt, array('id' => $id));
 
@@ -225,7 +260,7 @@ if ($page == 'overview') {
 				$description = validate($_POST['description'], 'description');
 				$phpsettings = validate(str_replace("\r\n", "\n", $_POST['phpsettings']), 'phpsettings', '/^[^\0]*$/');
 
-				if ($settings['system']['mod_fcgid'] == 1) {
+				if (Settings::Get('system.mod_fcgid') == 1) {
 					$binary = makeCorrectFile(validate($_POST['binary'], 'binary'));
 					$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
 					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
@@ -235,7 +270,7 @@ if ($page == 'overview') {
 					$fpm_reqtermtimeout = 0;
 					$fpm_reqslowtimeout = 0;
 				}
-				elseif ($settings['phpfpm']['enabled'] == 1) {
+				elseif (Settings::Get('phpfpm.enabled') == 1) {
 					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int)$_POST['phpfpm_enable_slowlog'] : 0;
 					$fpm_reqtermtimeout = validate($_POST['phpfpm_reqtermtimeout'], 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/');
 					$fpm_reqslowtimeout = validate($_POST['phpfpm_reqslowtimeout'], 'phpfpm_reqslowtimeout', '/^([0-9]+)(|s|m|h|d)$/');

admin_settings.php

@@ -57,7 +57,7 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 		
 		// check if the session timeout is too low #815
 		if (isset($_POST['session_sessiontimeout'])
-			&& $_POST['session_sessiontimeout'] <= 60
+			&& $_POST['session_sessiontimeout'] < 60
 		) {
 			standard_error($lng['error']['session_timeout'], $lng['error']['session_timeout_desc']);
 		}
@@ -105,14 +105,14 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 } elseif($page == 'phpinfo'
 	&& $userinfo['change_serversettings'] == '1'
 ) {
-		ob_start();
-		phpinfo();
-		$phpinfo = array('phpinfo' => array());
-		if (preg_match_all(
-				'#(?:<h2>(?:<a name=".*?">)?(.*?)(?:</a>)?</h2>)|(?:<tr(?: class=".*?")?><t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>(?:<t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>(?:<t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>)?)?</tr>)#s',
-				ob_get_clean(), $matches, PREG_SET_ORDER
-			)
-		) {
+	ob_start();
+	phpinfo();
+	$phpinfo = array('phpinfo' => array());
+	if (preg_match_all(
+			'#(?:<h2>(?:<a name=".*?">)?(.*?)(?:</a>)?</h2>)|(?:<tr(?: class=".*?")?><t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>(?:<t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>(?:<t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>)?)?</tr>)#s',
+			ob_get_clean(), $matches, PREG_SET_ORDER
+		)
+	) {
 		foreach ($matches as $match) {
 			$end = array_keys($phpinfo);
 			$end = end($end);
@@ -143,6 +143,8 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 			eval("\$phpinfohtml .= \"" . getTemplate("settings/phpinfo/phpinfo_table") . "\";");
 		}
 		$phpinfo = $phpinfohtml;
+	} else {
+		standard_error($lng['error']['no_phpinfo']);
 	}
 	eval("echo \"" . getTemplate("settings/phpinfo") . "\";");
 
@@ -202,7 +204,7 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 		$log->logAction(ADM_ACTION, LOG_WARNING, "wiped all cleartext mail passwords");
 		Database::query("UPDATE `" . TABLE_MAIL_USERS . "` SET `password` = '';");
 		Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '0' WHERE `settinggroup` = 'system' AND `varname` = 'mailpwcleartext'");
-		redirectTo('admin_settings.php', array('s' => $s));
+		redirectTo($filename, array('s' => $s));
 
 	} else {
 		ask_yesno('admin_cleartextmailpws_reallywipe', $filename, array('page' => $page));
@@ -221,7 +223,7 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 		// Set the quota to 0 which means unlimited
 		Database::query("UPDATE `" . TABLE_MAIL_USERS . "` SET `quota` = '0';");
 		Database::query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_quota_used` = '0'");
-		redirectTo('admin_settings.php', array('s' => $s));
+		redirectTo($filename, array('s' => $s));
 
 	} else {
 		ask_yesno('admin_quotas_reallywipe', $filename, array('page' => $page));
@@ -245,7 +247,7 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 			");
 
 			while ($array = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-				$difference = $settings['system']['mail_quota'] - $array['quota'];
+				$difference = Settings::Get('system.mail_quota') - $array['quota'];
 				Database::pexecute($upd_stmt, array('diff' => $difference, 'customerid' => $customerid));
 			}
 		}
@@ -254,14 +256,34 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 		$upd_stmt = Database::prepare("
 			UPDATE `" . TABLE_MAIL_USERS . "` SET `quota` = :quota
 		");
-		Database::pexecute($upd_stmt, array('quota' => $settings['system']['mail_quota']));
+		Database::pexecute($upd_stmt, array('quota' => Settings::Get('system.mail_quota')));
 
 		// Update the Customer, if the used quota is bigger than the allowed quota
 		Database::query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_quota` = `email_quota_used` WHERE `email_quota` < `email_quota_used`");
-		$log->logAction(ADM_ACTION, LOG_WARNING, 'enforcing mailquota to all customers: ' . $settings['system']['mail_quota'] . ' MB');
-		redirectTo('admin_settings.php', array('s' => $s));
+		$log->logAction(ADM_ACTION, LOG_WARNING, 'enforcing mailquota to all customers: ' . Settings::Get('system.mail_quota') . ' MB');
+		redirectTo($filename, array('s' => $s));
 
 	} else {
 		ask_yesno('admin_quotas_reallyenforce', $filename, array('page' => $page));
 	}
+} elseif ($page == 'integritycheck'
+	&& $userinfo['change_serversettings'] == '1'
+) {
+	$integrity = new IntegrityCheck();
+	if (isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {
+		$integrity->fixAll();
+	} elseif(isset($_GET['action'])
+		 && $_GET['action'] == "fix") {
+		ask_yesno('admin_integritycheck_reallyfix', $filename, array('page' => $page));
+	}
+
+	$integritycheck = '';
+	foreach ($integrity->available as $id => $check) {
+		$displayid = $id + 1;
+		$result = $integrity->$check();
+		eval("\$integritycheck.=\"" . getTemplate("settings/integritycheck_row") . "\";");
+	}
+	eval("echo \"" . getTemplate("settings/integritycheck") . "\";");
 }

admin_templates.php

@@ -45,14 +45,14 @@ $available_templates = array(
 );
 
 // only show templates of features that are enabled #1191
-if ((int)$settings['system']['report_enable'] == 1) {
+if ((int)Settings::Get('system.report_enable') == 1) {
 	array_push($available_templates,
 		'trafficmaxpercent',
 		'diskmaxpercent'
 	);
 }
 
-if ((int)$settings['ticket']['enabled'] == 1) {
+if ((int)Settings::Get('ticket.enabled') == 1) {
 	array_push($available_templates,
 		'new_ticket_by_customer',
 		'new_ticket_for_customer',
@@ -70,7 +70,7 @@ if ($action == '') {
 	//email templates
 	$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_templates");
 
-	if ($settings['panel']['sendalternativemail'] == 1) {
+	if (Settings::Get('panel.sendalternativemail') == 1) {
 		$available_templates[] = 'pop_success_alternative';
 	}
 
@@ -206,7 +206,7 @@ if ($action == '') {
 
 } elseif($action == 'add') {
 
-	if ($settings['panel']['sendalternativemail'] == 1) {
+	if (Settings::Get('panel.sendalternativemail') == 1) {
 		$available_templates[] = 'pop_success_alternative';
 	}
 
@@ -214,24 +214,23 @@ if ($action == '') {
 		&& $_POST['prepare'] == 'prepare'
 	) {
 		//email templates
-		$language = validate($_POST['language'], 'language');
-		$templates = array();
-		$result_stmt = Database::prepare("
-			SELECT `varname` FROM `" . TABLE_PANEL_TEMPLATES . "`
-			WHERE `adminid`= :adminid AND `language`= :lang
-			AND `templategroup` = 'mails' AND `varname` LIKE '%_subject'"
-		);
-		Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'lang' => $language));
+		$language = validate($_POST['language'], 'language', '/^[^\r\n\0"\']+$/', 'nolanguageselect');
+		$template = validate($_POST['template'], 'template');
 
-		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-			$templates[] = str_replace('_subject', '', $row['varname']);
+		$lng_bak = $lng;
+		foreach ($langs['English'] as $key => $value) {
+			include_once makeSecurePath($value['file']);
+		}
+		if ($language != 'English') {
+			foreach ($langs[$language] as $key => $value) {
+				include makeSecurePath($value['file']);
+			}
 		}
 
-		$templates = array_diff($available_templates, $templates);
-		$template_options = '';
-		foreach ($templates as $template) {
-			$template_options.= makeoption($lng['admin']['templates'][$template], $template, NULL, true);
-		}
+		$subject = $lng['mails'][$template]['subject'];
+		$body = str_replace('\n', "\n", $lng['mails'][$template]['mailbody']);
+
+		$lng = $lng_bak;
 
 		$template_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/templates/formfield.template_add.php';
 		$template_add_form = htmlform::genHTMLForm($template_add_data);
@@ -328,6 +327,7 @@ if ($action == '') {
 		//email templates
 		$add = false;
 		$language_options = '';
+		$template_options = '';
 
 		while (list($language_file, $language_name) = each($languages)) {
 			$templates = array();
@@ -344,7 +344,13 @@ if ($action == '') {
 
 			if (count(array_diff($available_templates, $templates)) > 0) {
 				$add = true;
-				$language_options.= makeoption($language_name, $language_file, $userinfo['language'], true);
+				$language_options.= makeoption($language_name, $language_file, $userinfo['language'], true, true);
+
+				$templates = array_diff($available_templates, $templates);
+
+				foreach ($templates as $template) {
+					$template_options.= makeoption($lng['admin']['templates'][$template], $template, NULL, true, true, $language_file) . "\n";
+				}
 			}
 		}
 
@@ -443,6 +449,8 @@ if ($action == '') {
 			);
 			Database::pexecute($result_stmt, array('id' => $mailbodyid));
 			$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+			
+			$template_name = str_replace('_mailbody', '', $result['varname']);
 
 			$result = htmlentities_array($result);
 			$mailbody = $result['value'];

admin_tickets.php

@@ -67,7 +67,7 @@ if ($page == 'tickets'
 			'subject' => $lng['ticket']['subject'],
 			'lastreplier' => $lng['ticket']['lastreplier']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_TICKETS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_TICKETS, $fields, null, null, 1, 'desc');
 		$result_stmt = Database::prepare("
 			SELECT `main`.`id`, `main`.`customerid`, (
 				SELECT COUNT(`sub`.`id`)
@@ -158,8 +158,10 @@ if ($page == 'tickets'
 					}
 
 					$row['subject'] = html_entity_decode($row['subject']);
-					if (strlen($row['subject']) > 20) {
-						$row['subject'] = substr($row['subject'], 0, 17) . '...';
+					if (strlen($row['subject']) > 30) {
+						$ts = wordwrap($row['subject'], 30, "|");
+						$ts = explode("|", $ts);
+						$row['subject'] = $ts[0]. '...';
 					}
 
 					eval("\$tickets.=\"" . getTemplate("tickets/tickets_tickets") . "\";");
@@ -179,7 +181,7 @@ if ($page == 'tickets'
 			if (isset($_POST['send'])
 				&& $_POST['send'] == 'send'
 			) {
-				$newticket = ticket::getInstanceOf($userinfo, $settings, -1);
+				$newticket = ticket::getInstanceOf($userinfo, -1);
 				$newticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 				$newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 				$newticket->Set('category', validate($_POST['category'], 'category'), true, false);
@@ -246,9 +248,10 @@ if ($page == 'tickets'
 					$customers.= makeoption(getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
 				}
 
-				$priorities = makeoption($lng['ticket']['high'], '1', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['normal'], '2', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['low'], '3', $settings['ticket']['default_priority']);
+				$def_prio = Settings::Get('ticket.default_priority');
+				$priorities = makeoption($lng['ticket']['high'], '1', $def_prio);
+				$priorities.= makeoption($lng['ticket']['normal'], '2', $def_prio);
+				$priorities.= makeoption($lng['ticket']['low'], '3', $def_prio);
 
 				$ticket_new_data = include_once dirname(__FILE__).'/lib/formfields/admin/tickets/formfield.ticket_new.php';
 				$ticket_new_form = htmlform::genHTMLForm($ticket_new_data);
@@ -269,8 +272,7 @@ if ($page == 'tickets'
 		if (isset($_POST['send'])
 			&& $_POST['send'] == 'send'
 		) {
-
-			$replyticket = ticket::getInstanceOf($userinfo, $settings, -1);
+			$replyticket = ticket::getInstanceOf($userinfo, -1);
 			$replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 			$replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 			$replyticket->Set('message', validate(htmlentities(str_replace("\r\n", "\n", $_POST['message'])), 'message', '/^[^\0]*$/'), true, false);
@@ -279,7 +281,7 @@ if ($page == 'tickets'
 				standard_error(array('stringisempty', 'mymessage'));
 			} else {
 				$now = time();
-				$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+				$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 				$replyticket->Set('customer', $mainticket->Get('customer'), true, true);
 				$replyticket->Set('lastchange', $now, true, true);
 				$replyticket->Set('ip', $_SERVER['REMOTE_ADDR'], true, true);
@@ -305,7 +307,7 @@ if ($page == 'tickets'
 		} else {
 
 			$ticket_replies = '';
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
 			$status = ticket::getStatusText($lng, $mainticket->Get('status'));
 
@@ -348,8 +350,7 @@ if ($page == 'tickets'
 			$numrows_andere = Database::num_rows();
 
 			while ($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) {
-
-				$subticket = ticket::getInstanceOf($userinfo, $settings, (int)$row2['id']);
+				$subticket = ticket::getInstanceOf($userinfo, (int)$row2['id']);
 				$lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange'));
 
 				if ($subticket->Get('by') == '1') {
@@ -396,7 +397,7 @@ if ($page == 'tickets'
 			&& $_POST['send'] == 'send'
 		) {
 			$now = time();
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$mainticket->Set('lastchange', $now, true, true);
 			$mainticket->Set('lastreplier', '1', true, true);
 			$mainticket->Set('status', '3', true, true);
@@ -404,7 +405,7 @@ if ($page == 'tickets'
 			$log->logAction(ADM_ACTION, LOG_NOTICE, "closed ticket '" . $mainticket->Get('subject') . "'");
 			redirectTo($filename, array('page' => $page, 's' => $s));
 		} else {
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			ask_yesno('ticket_reallyclose', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}
 
@@ -412,7 +413,7 @@ if ($page == 'tickets'
 		&& $id != 0
 	) {
 		$now = time();
-		$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+		$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 		$mainticket->Set('lastchange', $now, true, true);
 		$mainticket->Set('lastreplier', '1', true, true);
 		$mainticket->Set('status', '0', true, true);
@@ -427,7 +428,7 @@ if ($page == 'tickets'
 			&& $_POST['send'] == 'send'
 		) {
 			$now = time();
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$mainticket->Set('lastchange', $now, true, true);
 			$mainticket->Set('lastreplier', '1', true, true);
 			$mainticket->Set('status', '3', true, true);
@@ -436,7 +437,7 @@ if ($page == 'tickets'
 			$log->logAction(ADM_ACTION, LOG_NOTICE, "archived ticket '" . $mainticket->Get('subject') . "'");
 			redirectTo($filename, array('page' => $page, 's' => $s));
 		} else {
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			ask_yesno('ticket_reallyarchive', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}
 
@@ -446,12 +447,12 @@ if ($page == 'tickets'
 		if (isset($_POST['send'])
 			&& $_POST['send'] == 'send'
 		) {
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$log->logAction(ADM_ACTION, LOG_INFO, "deleted ticket '" . $mainticket->Get('subject') . "'");
 			$mainticket->Delete();
 			redirectTo($filename, array('page' => $page, 's' => $s));
 		} else {
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			ask_yesno('ticket_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}
 	}
@@ -471,7 +472,7 @@ if ($page == 'tickets'
 		if ($userinfo['tickets_see_all'] != '1') {
 			$where = " `main`.`adminid` = :adminid";
 		}
-		$paging = new paging($userinfo, TABLE_PANEL_TICKET_CATS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_TICKET_CATS, $fields);
 		$result_stmt = Database::prepare("
 			SELECT `main`.`id`, `main`.`name`, `main`.`logicalorder`, (
 				SELECT COUNT(`sub`.`id`) FROM `" . TABLE_PANEL_TICKETS . "` `sub`
@@ -636,12 +637,10 @@ if ($page == 'tickets'
 
 			$fields = array(
 				'lastchange' => $lng['ticket']['lastchange'],
-				'ticket_answers' => $lng['ticket']['ticket_answers'],
 				'subject' => $lng['ticket']['subject'],
-				'lastreplier' => $lng['ticket']['lastreplier'],
-				'priority' => $lng['ticket']['priority']
+				'lastreplier' => $lng['ticket']['lastreplier']
 			);
-			$paging = new paging($userinfo, TABLE_PANEL_TICKETS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+			$paging = new paging($userinfo, TABLE_PANEL_TICKETS, $fields);
 			$result_stmt = Database::prepare($query . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 			Database::pexecute($result_stmt, $archive_params);
 			$sortcode = $paging->getHtmlSortCode($lng);
@@ -795,7 +794,7 @@ if ($page == 'tickets'
 	) {
 		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed archived-ticket #" . $id);
 		$ticket_replies = '';
-		$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+		$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 		$lastchange = date("d.m.Y H:i\h", $mainticket->Get('lastchange'));
 		$dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
 		$status = ticket::getStatusText($lng, $mainticket->Get('status'));
@@ -845,8 +844,7 @@ if ($page == 'tickets'
 		$numrows_andere = Database::num_rows();
 
 		while ($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) {
-
-			$subticket = ticket::getInstanceOf($userinfo, $settings, (int)$row2['id']);
+			$subticket = ticket::getInstanceOf($userinfo, (int)$row2['id']);
 			$lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange'));
 
 			if ($subticket->Get('by') == '1') {
@@ -897,12 +895,12 @@ if ($page == 'tickets'
 		if (isset($_POST['send'])
 			&& $_POST['send'] == 'send'
 		) {
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$log->logAction(ADM_ACTION, LOG_INFO, "deleted archived ticket '" . $mainticket->Get('subject') . "'");
 			$mainticket->Delete();
 			redirectTo($filename, array('page' => $page, 's' => $s));
 		} else {
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			ask_yesno('ticket_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}
 	}

admin_traffic.php

@@ -122,7 +122,7 @@ if ($page == 'overview' || $page == 'customers') {
 			Database::pexecute($traffic_list_stmt, array('year' => (date("Y")-$years), 'id' => $customer_name['customerid']));
 
 			while ($traffic_month = $traffic_list_stmt->fetch(PDO::FETCH_ASSOC)) {
-				$virtual_host[$months[(int)$traffic_month['month']]] = size_readable($traffic_month['traffic'], 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
+				$virtual_host[$months[(int)$traffic_month['month']]] = size_readable($traffic_month['traffic'], 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
 				$totals[$months[(int)$traffic_month['month']]] += $traffic_month['traffic'];
 			}
 			eval("\$domain_list .= sprintf(\"%s\", \"" . getTemplate("traffic/index_table_row") . "\");");
@@ -132,7 +132,7 @@ if ($page == 'overview' || $page == 'customers') {
 			'name' => $lng['traffic']['months']['total'],
 		);
 		foreach ($totals as $month => $bytes) {
-			$virtual_host[$month] = ($bytes == 0 ? '-' : size_readable($bytes, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s'));
+			$virtual_host[$month] = ($bytes == 0 ? '-' : size_readable($bytes, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s'));
 		}
 		$customerview = 0;
 		eval("\$total_list = sprintf(\"%s\", \"" . getTemplate("traffic/index_table_row") . "\");");

admin_updates.php

@@ -27,20 +27,13 @@ if ($page == 'overview') {
 	 * so we have to set them both to run a correct upgrade
 	 */
 	if (!isFroxlor()) {
-		if (!isset($settings['panel']['version'])
-			|| $settings['panel']['version'] == ''
+		if (Settings::Get('panel.version') == null
+			|| Settings::Get('panel.version') == ''
 		) {
-			$settings['panel']['version'] = '1.4.2.1';
-			$stmt = Database::prepare("
-				INSERT INTO `" . TABLE_PANEL_SETTINGS . "` SET
-					`settinggroup` = 'panel',
-					`varname` = 'version',
-					`value` = :version"
-			);
-			Database::pexecute($stmt, array('version' => $settings['panel']['version']));
+			Settings::Set('panel.version', '1.4.2.1');
 		}
-		if (!isset($settings['system']['dbversion'])
-			|| $settings['system']['dbversion'] == ''
+		if (Settings::Get('system.dbversion') == null
+			|| Settings::Get('system.dbversion') == ''
 		) {
 			/**
 			 * for syscp-stable (1.4.2.1) this value has to be 0
@@ -54,9 +47,9 @@ if ($page == 'overview') {
 			$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
 
 			if (isset($result['value'])) {
-				$settings['system']['dbversion'] = (int)$result['value'];
+				Settings::Set('system.dbversion', (int)$result['value'], false);
 			} else {
-				$settings['system']['dbversion'] = 0;
+				Settings::Set('system.dbversion', 0, false);
 			}
 		}
 	}
@@ -86,12 +79,12 @@ if ($page == 'overview') {
 				
 				$successful_update = true;
 			} else {
-				$message = '<br /><strong style="color: red">You have to agree that you have read the update notifications.</strong>';
+				$message = '<br /><strong class="red">You have to agree that you have read the update notifications.</strong>';
 			}
 		}
 
 		if (!$successful_update) {
-			$current_version = $settings['panel']['version'];
+			$current_version = Settings::Get('panel.version');
 			$new_version = $version;
 
 			$ui_text = $lng['update']['update_information']['part_a'];

css/jquery.jqplot.min.css

@@ -1 +0,0 @@
-.jqplot-target{position:relative;color:#666;font-family:"Trebuchet MS",Arial,Helvetica,sans-serif;font-size:1em}.jqplot-axis{font-size:.75em}.jqplot-xaxis{margin-top:10px}.jqplot-x2axis{margin-bottom:10px}.jqplot-yaxis{margin-right:10px}.jqplot-y2axis,.jqplot-y3axis,.jqplot-y4axis,.jqplot-y5axis,.jqplot-y6axis,.jqplot-y7axis,.jqplot-y8axis,.jqplot-y9axis,.jqplot-yMidAxis{margin-left:10px;margin-right:10px}.jqplot-axis-tick,.jqplot-xaxis-tick,.jqplot-yaxis-tick,.jqplot-x2axis-tick,.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick,.jqplot-yMidAxis-tick{position:absolute;white-space:pre}.jqplot-xaxis-tick{top:0;left:15px;vertical-align:top}.jqplot-x2axis-tick{bottom:0;left:15px;vertical-align:bottom}.jqplot-yaxis-tick{right:0;top:15px;text-align:right}.jqplot-yaxis-tick.jqplot-breakTick{right:-20px;margin-right:0;padding:1px 5px 1px 5px;z-index:2;font-size:1.5em}.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick{left:0;top:15px;text-align:left}.jqplot-yMidAxis-tick{text-align:center;white-space:nowrap}.jqplot-xaxis-label{margin-top:10px;font-size:11pt;position:absolute}.jqplot-x2axis-label{margin-bottom:10px;font-size:11pt;position:absolute}.jqplot-yaxis-label{margin-right:10px;font-size:11pt;position:absolute}.jqplot-yMidAxis-label{font-size:11pt;position:absolute}.jqplot-y2axis-label,.jqplot-y3axis-label,.jqplot-y4axis-label,.jqplot-y5axis-label,.jqplot-y6axis-label,.jqplot-y7axis-label,.jqplot-y8axis-label,.jqplot-y9axis-label{font-size:11pt;margin-left:10px;position:absolute}.jqplot-meterGauge-tick{font-size:.75em;color:#999}.jqplot-meterGauge-label{font-size:1em;color:#999}table.jqplot-table-legend{margin-top:12px;margin-bottom:12px;margin-left:12px;margin-right:12px}table.jqplot-table-legend,table.jqplot-cursor-legend{background-color:rgba(255,255,255,0.6);border:1px solid #ccc;position:absolute;font-size:.75em}td.jqplot-table-legend{vertical-align:middle}td.jqplot-seriesToggle:hover,td.jqplot-seriesToggle:active{cursor:pointer}.jqplot-table-legend .jqplot-series-hidden{text-decoration:line-through}div.jqplot-table-legend-swatch-outline{border:1px solid #ccc;padding:1px}div.jqplot-table-legend-swatch{width:0;height:0;border-top-width:5px;border-bottom-width:5px;border-left-width:6px;border-right-width:6px;border-top-style:solid;border-bottom-style:solid;border-left-style:solid;border-right-style:solid}.jqplot-title{top:0;left:0;padding-bottom:.5em;font-size:1.2em}table.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em}.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px}.jqplot-highlighter-tooltip,.jqplot-canvasOverlay-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px}.jqplot-point-label{font-size:.75em;z-index:2}td.jqplot-cursor-legend-swatch{vertical-align:middle;text-align:center}div.jqplot-cursor-legend-swatch{width:1.2em;height:.7em}.jqplot-error{text-align:center}.jqplot-error-message{position:relative;top:46%;display:inline-block}div.jqplot-bubble-label{font-size:.8em;padding-left:2px;padding-right:2px;color:rgb(20%,20%,20%)}div.jqplot-bubble-label.jqplot-bubble-label-highlight{background:rgba(90%,90%,90%,0.7)}div.jqplot-noData-container{text-align:center;background-color:rgba(96%,96%,96%,0.3)}

customer_aps.php

@@ -1,34 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Panel
- *
- */
-
-define('AREA', 'customer');
-require './lib/init.php';
-
-$Id = 0;
-if (isset($_GET['id'])) {
-    $Id = (int)$_GET['id'];
-}
-if (isset($_POST['id'])) {
-    $Id = (int)$_POST['id'];
-}
-
-eval("echo \"" . getTemplate('aps/header') . "\";");
-$Aps = new ApsParser($userinfo, $settings);
-$Aps->MainHandler($action);
-eval("echo \"" . getTemplate('aps/footer') . "\";");

customer_autoresponder.php

@@ -1,323 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Panel
- *
- */
-
-define('AREA', 'customer');
-require './lib/init.php';
-
-if ($action == 'add') {
-	// Create new autoresponder
-	if (isset($_POST['send'])
-	   && $_POST['send'] == 'send'
-	) {
-		$account = trim($_POST['account']);
-		$subject = trim($_POST['subject']);
-		$message = trim($_POST['message']);
-
-		$date_from_off = isset($_POST['date_from_off']) ? -1 : 0;
-		$date_until_off = isset($_POST['date_until_off']) ? -1 : 0;
-
-		/*
-		 * @TODO validate date (DD-MM-YYYY)
-		 */
-		$ts_from = -1;
-		$ts_until = -1;
-
-		if ($date_from_off > -1) {
-			$date_from = $_POST['date_from'];
-			$ts_from = mktime(0, 0, 0, substr($date_from, 3, 2), substr($date_from, 0, 2), substr($date_from, 6, 4));
-		}
-		if ($date_until_off > -1) {
-			$date_until = $_POST['date_until'];
-			$ts_until = mktime(0, 0, 0, substr($date_until, 3, 2), substr($date_until, 0, 2), substr($date_until, 6, 4));
-		}
-
-		if (empty($account)
-		   || empty($subject)
-		   || empty($message)
-		) {
-			standard_error('missingfields');
-		}
-		
-		// Does account exist?
-		$stmt = Database::prepare("SELECT `email` FROM `" . TABLE_MAIL_USERS . "`
-			WHERE `customerid` = :customerid
-			AND `email` = :account
-			LIMIT 0,1"
-		);
-		Database::pexecute($stmt, array("account" => $account, "customerid" => $userinfo['customerid']));
-		if (Database::num_rows() == 0) {
-			standard_error('accountnotexisting');
-		}
-
-		// Does autoresponder exist?
-		$stmt = Database::prepare("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "`
-			WHERE `customerid` = :customerid
-			AND `email` = :account
-			LIMIT 0,1"
-		);
-		Database::pexecute($stmt, array("account" => $account, "customerid" => $userinfo['customerid']));
-		if (Database::num_rows() == 1) {
-			standard_error('autoresponderalreadyexists');
-		}
-		
-		// Create autoresponder
-		$stmt = Database::prepare("INSERT INTO `" . TABLE_MAIL_AUTORESPONDER . "`
-			SET `email` = :account,
-			`message` = :message,
-			`enabled` = :enabled,
-			`date_from` = :date_from,
-			`date_until` = :date_until,
-			`subject` = :subject,
-			`customerid` = :customerid"
-		);
-		$params = array(
-			"account" => $account,
-			"message" => $message,
-			"enabled" => $_POST['active'],
-			"date_from" => $ts_from,
-			"date_until" => $ts_until,
-			"subject" => $subject,
-			"customerid" => $userinfo['customerid']
-		);
-		Database::pexecute($stmt, $params);
-		
-		// Update email_autoresponder_used count
-		$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
-			SET `email_autoresponder_used` = `email_autoresponder_used` + 1
-			WHERE `customerid` = :customerid"
-		);
-		Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
-		redirectTo($filename, Array('s' => $s));
-	}
-
-	// Get accounts
-	$params = array("customerid" => $userinfo['customerid']);
-	$acc_stmt = Database::prepare("SELECT `email` FROM `" . TABLE_MAIL_USERS . "`
-		WHERE `customerid` = :customerid
-		AND `email` NOT IN (SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "`)
-		ORDER BY email ASC"
-	);
-	Database::pexecute($acc_stmt, $params);
-	if (Database::num_rows() == 0) {
-		standard_error('noemailaccount');
-	}
-
-	$accounts = '';
-	while ($row = $acc_stmt->fetch(PDO::FETCH_ASSOC)) {
-		$accounts .= '<option value="' . $row['email'] . '">' . $row['email'] . '</option>';
-	}
-
-	$date_from_off = makecheckbox('date_from_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
-	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
-
-	//$isactive = makeyesno('active', '1', '0', '1');
-
-	$autoresponder_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/autoresponder/formfield.autoresponder_add.php';
-	$autoresponder_add_form = htmlform::genHTMLForm($autoresponder_add_data);
-
-	$title = $autoresponder_add_data['autoresponder_add']['title'];
-	$image = $autoresponder_add_data['autoresponder_add']['image'];
-
-	eval("echo \"" . getTemplate('autoresponder/autoresponder_add') . "\";");
-} elseif ($action == 'edit') {
-	// Edit autoresponder
-	if (isset($_POST['send'])
-	   && $_POST['send'] == 'send'
-	) {
-		$account = trim($_POST['account']);
-		$subject = trim($_POST['subject']);
-		$message = trim($_POST['message']);
-
-		$date_from_off = isset($_POST['date_from_off']) ? -1 : 0;
-		$date_until_off = isset($_POST['date_until_off']) ? -1 : 0;
-
-		/*
-		 * @TODO validate date (DD-MM-YYYY)
-		 */
-		$ts_from = -1;
-		$ts_until = -1;
-
-		if ($date_from_off > -1) {
-			$date_from = $_POST['date_from'];
-			$ts_from = mktime(0, 0, 0, substr($date_from, 3, 2), substr($date_from, 0, 2), substr($date_from, 6, 4));
-		}
-		if ($date_until_off > -1) {
-			$date_until = $_POST['date_until'];
-			$ts_until = mktime(0, 0, 0, substr($date_until, 3, 2), substr($date_until, 0, 2), substr($date_until, 6, 4));
-		}
-
-		if (empty($account)
-		   || empty($subject)
-		   || empty($message)
-		) {
-			standard_error('missingfields');
-		}
-
-		// Does account exist?
-		$stmt = Database::prepare("SELECT `email` FROM `" . TABLE_MAIL_USERS . "`
-			WHERE `customerid` = :customerid
-			AND `email` = :account
-			LIMIT 0,1"
-		);
-		Database::pexecute($stmt, array("account" => $account, "customerid" => $userinfo['customerid']));
-		if (Database::num_rows() == 0) {
-			standard_error('accountnotexisting');
-		}
-
-		// Does autoresponder exist?
-		$stmt = Database::prepare("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "`
-			WHERE `customerid` = :customerid
-			AND `email` = :account
-			LIMIT 0,1"
-		);
-		Database::pexecute($stmt, array("account" => $account, "customerid" => $userinfo['customerid']));
-		if (Database::num_rows() == 0) {
-			standard_error('invalidautoresponder');
-		}
-
-		// Update autoresponder
-		$stmt = Database::prepare("UPDATE `" . TABLE_MAIL_AUTORESPONDER . "`
-			SET `message` = :message,
-			`enabled` = :enabled,
-			`date_from` = :date_from,
-			`date_until` = :date_until,
-			`subject` = :subject
-			WHERE `email` = :account
-			AND `customerid` = :customerid"
-		);
-		$params = array(
-			"account" => $account,
-			"message" => $message,
-			"enabled" => $_POST['active'],
-			"date_from" => $ts_from,
-			"date_until" => $ts_until,
-			"subject" => $subject,
-			"customerid" => $userinfo['customerid']
-		);
-		Database::pexecute($stmt, $params);
-		redirectTo($filename, Array('s' => $s));
-	}
-
-	$email = trim(htmlspecialchars($_GET['email']));
-
-	// Get account data
-	$acc_stmt = Database::prepare("SELECT * FROM `" . TABLE_MAIL_AUTORESPONDER . "`
-		WHERE `customerid` = :customerid
-		AND `email` = :account
-		LIMIT 0,1"
-	);
-	Database::pexecute($acc_stmt, array("account" => $email, "customerid" => $userinfo['customerid']));
-	if (Database::num_rows() == 0) {
-		standard_error('invalidautoresponder');
-	}
-
-	$row = $acc_stmt->fetch(PDO::FETCH_ASSOC);
-	$subject = htmlspecialchars($row['subject']);
-	$message = htmlspecialchars($row['message']);
-
-	$date_from = (int)$row['date_from'];
-	$date_until = (int)$row['date_until'];
-
-	if ($date_from == -1) {
-		$deactivated = '-1';
-		$date_from = '';
-	} else {
-		$deactivated = '0';
-		$date_from = date('d-m-Y', $date_from);
-	}
-	$date_from_off = makecheckbox('date_from_off', $lng['panel']['not_activated'], '-1', false, $deactivated, true, true);
-
-	if ($date_until == -1) {
-		$deactivated = '-1';
-		$date_until = '';
-	} else {
-		$deactivated = '0';
-		$date_until = date('d-m-Y', $date_until);
-	}
-	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, $deactivated, true, true);
-
-	//$isactive = makeyesno('active', '1', '0', $row['enabled']);
-
-	$autoresponder_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/autoresponder/formfield.autoresponder_edit.php';
-	$autoresponder_edit_form = htmlform::genHTMLForm($autoresponder_edit_data);
-
-	$title = $autoresponder_edit_data['autoresponder_edit']['title'];
-	$image = $autoresponder_edit_data['autoresponder_edit']['image'];
-
-	eval("echo \"" . getTemplate('autoresponder/autoresponder_edit') . "\";");
-} elseif ($action == 'delete') {
-	// Delete autoresponder
-	if (isset($_POST['send']) && $_POST['send'] == 'send') {
-		$account = trim($_POST['account']);
-
-		// Does autoresponder exist?
-		$stmt = Database::prepare("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "`
-			WHERE `customerid` = :customerid
-			AND `email` = :account
-			LIMIT 0,1"
-		);
-		Database::pexecute($stmt, array("account" => $account, "customerid" => $userinfo['customerid']));
-		if (Database::num_rows() == 0) {
-			standard_error('invalidautoresponder');
-		}
-		
-		// Delete autoresponder
-		$stmt = Database::prepare("DELETE FROM `" . TABLE_MAIL_AUTORESPONDER . "`
-			WHERE `email` = :account
-			AND `customerid` = :customerid"
-		);
-		Database::pexecute($stmt, array("account" => $account, "customerid" => $userinfo['customerid']));
-			
-		// Update email_autoresponder_used count
-		$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
-			SET `email_autoresponder_used` = `email_autoresponder_used` - 1
-			WHERE `customerid` = :customerid"
-		);
-		Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
-		redirectTo($filename, Array('s' => $s));
-	}
-
-	$email = trim(htmlspecialchars($_GET['email']));
-	ask_yesno('autoresponderdelete', $filename, array('action' => $action, 'account' => $email));
-} else {
-	// List existing autoresponders
-	$autoresponder = '';
-	$count = 0;
-	$stmt = Database::prepare("SELECT * FROM `" . TABLE_MAIL_AUTORESPONDER . "`
-		WHERE `customerid` = :customerid
-		ORDER BY email ASC"
-	);
-	Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
-
-	while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
-		if ($row['date_from'] == -1 && $row['date_until'] == -1) {
-			$activated_date = $lng['panel']['not_activated'];
-		} elseif($row['date_from'] == -1 && $row['date_until'] != -1) {
-			$activated_date = $lng['autoresponder']['date_until'].': '.date('d-m-Y', $row['date_until']);
-		} elseif($row['date_from'] != -1 && $row['date_until'] == -1) {
-			$activated_date = $lng['autoresponder']['date_from'].': '.date('d-m-Y', $row['date_from']);
-		} else {
-			$activated_date = date('d-m-Y', $row['date_from']) . ' - ' . date('d-m-Y', $row['date_until']);
-		}
-		eval("\$autoresponder.=\"" . getTemplate('autoresponder/autoresponder_autoresponder') . "\";");
-		$count++;
-	}
-
-	eval("echo \"" . getTemplate('autoresponder/autoresponder') . "\";");
-}

customer_domains.php

@@ -20,22 +20,22 @@
 define('AREA', 'customer');
 require './lib/init.php';
 
-if(isset($_POST['id'])) {
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-} elseif(isset($_GET['id'])) {
+} elseif (isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }
 
-if($page == 'overview') {
+if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_domains");
 	eval("echo \"" . getTemplate("domains/domains") . "\";");
-} elseif($page == 'domains') {
-	if($action == '') {
+} elseif ($page == 'domains') {
+	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_domains::domains");
 		$fields = array(
 			'd.domain' => $lng['domains']['domainname']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_DOMAINS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_DOMAINS, $fields);
 		$domains_stmt = Database::prepare("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`caneditdomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`, `da`.`id` AS `domainaliasid`, `da`.`domain` AS `domainalias` FROM `" . TABLE_PANEL_DOMAINS . "` `d`
 			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id`
 			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `da` ON `da`.`aliasdomain`=`d`.`id`
@@ -54,12 +54,12 @@ if($page == 'overview') {
 		$domains_count = 0;
 		$domain_array = array();
 
-		while($row = $domains_stmt->fetch(PDO::FETCH_ASSOC)) {
+		while ($row = $domains_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$row['domain'] = $idna_convert->decode($row['domain']);
 			$row['aliasdomain'] = $idna_convert->decode($row['aliasdomain']);
 			$row['domainalias'] = $idna_convert->decode($row['domainalias']);
 
-			if($row['parentdomainid'] == '0' && $row['caneditdomain'] == '1') {
+			if ($row['parentdomainid'] == '0' && $row['caneditdomain'] == '1') {
 				$parentdomains_count++;
 			}
 
@@ -93,13 +93,13 @@ if($page == 'overview') {
 
 		ksort($domain_array);
 		$domain_id_array = array();
-		foreach($domain_array as $sortkey => $row) {
+		foreach ($domain_array as $sortkey => $row) {
 			$domain_id_array[$row['id']] = $sortkey;
 		}
 
 		$domain_sort_array = array();
-		foreach($domain_array as $sortkey => $row) {
-			if($row['parentdomainid'] == 0) {
+		foreach ($domain_array as $sortkey => $row) {
+			if ($row['parentdomainid'] == 0) {
 				$domain_sort_array[$sortkey][$sortkey] = $row;
 			} else {
 				$domain_sort_array[$domain_id_array[$row['parentdomainid']]][$sortkey] = $row;
@@ -108,37 +108,37 @@ if($page == 'overview') {
 
 		$domain_array = array();
 
-		if($paging->sortfield == 'd.domain' && $paging->sortorder == 'asc') {
+		if ($paging->sortfield == 'd.domain' && $paging->sortorder == 'asc') {
 			ksort($domain_sort_array);
-		} elseif($paging->sortfield == 'd.domain' && $paging->sortorder == 'desc') {
+		} elseif ($paging->sortfield == 'd.domain' && $paging->sortorder == 'desc') {
 			krsort($domain_sort_array);
 		}
 
 		$i = 0;
-		foreach($domain_sort_array as $sortkey => $domain_array) {
-			if($paging->checkDisplay($i)) {
+		foreach ($domain_sort_array as $sortkey => $domain_array) {
+			if ($paging->checkDisplay($i)) {
 				$row = htmlentities_array($domain_array[$sortkey]);
-				if($settings['system']['awstats_enabled'] == '1') {
+				if (Settings::Get('system.awstats_enabled') == '1') {
 					$statsapp = 'awstats';
 				} else {
 					$statsapp = 'webalizer';
 				}
 				eval("\$domains.=\"" . getTemplate("domains/domains_delimiter") . "\";");
 
-				if($paging->sortfield == 'd.domain' && $paging->sortorder == 'asc') {
+				if ($paging->sortfield == 'd.domain' && $paging->sortorder == 'asc') {
 					ksort($domain_array);
-				} elseif($paging->sortfield == 'd.domain' && $paging->sortorder == 'desc') {
+				} elseif ($paging->sortfield == 'd.domain' && $paging->sortorder == 'desc') {
 					krsort($domain_array);
 				}
 
-				foreach($domain_array as $row) {
-					if(strpos($row['documentroot'], $userinfo['documentroot']) === 0) {
+				foreach ($domain_array as $row) {
+					if (strpos($row['documentroot'], $userinfo['documentroot']) === 0) {
 						$row['documentroot'] = makeCorrectDir(substr($row['documentroot'], strlen($userinfo['documentroot'])));
 					}
 
 					// get ssl-ips if activated
 					$show_ssledit = false;
-					if ($settings['system']['use_ssl'] == '1' && domainHasSslIpPort($row['id']) && $row['caneditdomain'] == '1') {
+					if (Settings::Get('system.use_ssl') == '1' && domainHasSslIpPort($row['id']) && $row['caneditdomain'] == '1') {
 						$show_ssledit = true;
 					}
 					$row = htmlentities_array($row);
@@ -150,69 +150,75 @@ if($page == 'overview') {
 		}
 
 		eval("echo \"" . getTemplate("domains/domainlist") . "\";");
-	} elseif($action == 'delete' && $id != 0) {
+	} elseif ($action == 'delete' && $id != 0) {
 		$stmt = Database::prepare("SELECT `id`, `customerid`, `domain`, `documentroot`, `isemaildomain`, `parentdomainid` FROM `" . TABLE_PANEL_DOMAINS . "`
 			WHERE `customerid` = :customerid
 			AND `id` = :id"
 		);
 		Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
 		$result = $stmt->fetch(PDO::FETCH_ASSOC);
-		
+
 		$alias_stmt = Database::prepare("SELECT COUNT(`id`) AS `count` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `aliasdomain` = :aliasdomain");
 		Database::pexecute($alias_stmt, array("aliasdomain" => $id));
 		$alias_check = $alias_stmt->fetch(PDO::FETCH_ASSOC);
-		
-		if(isset($result['parentdomainid']) && $result['parentdomainid'] != '0' && $alias_check['count'] == 0) {
-			if(isset($_POST['send']) && $_POST['send'] == 'send') {
-				if($result['isemaildomain'] == '1') {
+
+		if (isset($result['parentdomainid']) && $result['parentdomainid'] != '0' && $alias_check['count'] == 0) {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				if ($result['isemaildomain'] == '1') {
 					$emails_stmt = Database::prepare("SELECT COUNT(`id`) AS `count` FROM `" . TABLE_MAIL_VIRTUAL . "`
 						WHERE `customerid` = :customerid
 						AND `domainid` = :domainid"
 					);
 					Database::pexecute($emails_stmt, array("customerid" => $userinfo['customerid'], "domainid" => $id));
 					$emails = $emails_stmt->fetch(PDO::FETCH_ASSOC);
-					
-					if($emails['count'] != '0') {
+
+					if ($emails['count'] != '0') {
 						standard_error('domains_cantdeletedomainwithemail');
 					}
 				}
 
-				/*
-				 * check for APS packages used with this domain, #110
-				 */
-				if(domainHasApsInstances($id)) {
-					standard_error('domains_cantdeletedomainwithapsinstances');
-				}
-
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted subdomain '" . $idna_convert->decode($result['domain']) . "'");
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE
 					`customerid` = :customerid
 					AND `id` = :id"
 				);
 				Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
-				
+
 				$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
 					SET `subdomains_used` = `subdomains_used` - 1
 					WHERE `customerid` = :customerid"
 				);
 				Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
-				
+
+				// remove connections to ips and domainredirects
+				$del_stmt = Database::prepare("
+					DELETE FROM `" . TABLE_DOMAINTOIP . "`
+					WHERE `id_domain` = :domainid"
+				);
+				Database::pexecute($del_stmt, array('domainid' => $id));
+
+				$del_stmt = Database::prepare("
+					DELETE FROM `" . TABLE_PANEL_DOMAINREDIRECTS . "`
+					WHERE `did` = :domainid"
+				);
+				Database::pexecute($del_stmt, array('domainid' => $id));
+
 				inserttask('1');
 
 				// Using nameserver, insert a task which rebuilds the server config
 				inserttask('4');
 
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
 				ask_yesno('domains_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['domain']));
 			}
 		} else {
 			standard_error('domains_cantdeletemaindomain');
 		}
-	} elseif($action == 'add') {
-		if($userinfo['subdomains_used'] < $userinfo['subdomains'] || $userinfo['subdomains'] == '-1') {
-			if(isset($_POST['send']) && $_POST['send'] == 'send') {
-				$subdomain = $idna_convert->encode(preg_replace(Array('/\:(\d)+$/', '/^https?\:\/\//'), '', validate($_POST['subdomain'], 'subdomain', '', 'subdomainiswrong')));
+	} elseif ($action == 'add') {
+		if ($userinfo['subdomains_used'] < $userinfo['subdomains'] || $userinfo['subdomains'] == '-1') {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				$subdomain = $idna_convert->encode(preg_replace(array('/\:(\d)+$/', '/^https?\:\/\//'), '', validate($_POST['subdomain'], 'subdomain', '', 'subdomainiswrong')));
 				$domain = $idna_convert->encode($_POST['domain']);
 				$domain_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE `domain` = :domain
@@ -222,8 +228,14 @@ if($page == 'overview') {
 					AND `caneditdomain` = '1'"
 				);
 				$domain_check = Database::pexecute_first($domain_stmt, array("domain" => $domain, "customerid" => $userinfo['customerid']));
-				
+
 				$completedomain = $subdomain . '.' . $domain;
+
+				if ($completedomain == Settings::Get('system.hostname')) {
+					standard_error('admin_domain_emailsystemhostname');
+					exit;
+				}
+
 				$completedomain_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE `domain` = :domain
 					AND `customerid` = :customerid
@@ -231,12 +243,12 @@ if($page == 'overview') {
 					AND `caneditdomain` = '1'"
 				);
 				$completedomain_check = Database::pexecute_first($completedomain_stmt, array("domain" => $completedomain, "customerid" => $userinfo['customerid']));
-				
+
 				$aliasdomain = intval($_POST['alias']);
 				$aliasdomain_check = array('id' => 0);
 				$_doredirect = false;
 
-				if($aliasdomain != 0) { 
+				if ($aliasdomain != 0) {
 					// also check ip/port combination to be the same, #176
 					$aliasdomain_stmt = Database::prepare("SELECT `d`.`id` FROM `" . TABLE_PANEL_DOMAINS . "` `d` , `" . TABLE_PANEL_CUSTOMERS . "` `c` , `".TABLE_DOMAINTOIP."` `dip`
 						WHERE `d`.`aliasdomain` IS NULL
@@ -248,23 +260,23 @@ if($page == 'overview') {
 						AND `dip`.`id_ipandports`
 						IN (SELECT `id_ipandports` FROM `".TABLE_DOMAINTOIP."`
 							WHERE `id_domain` = :id )
-						GROUP BY `d`.`domain
+						GROUP BY `d`.`domain`
 						ORDER BY `d`.`domain` ASC;"
 					);
 					$aliasdomain_check = Database::pexecute_first($aliasdomain_stmt, array("id" => $aliasdomain, "customerid" => $userinfo['customerid']));
 				}
 
-				if(isset($_POST['url']) && $_POST['url'] != '' && validateUrl($idna_convert->encode($_POST['url']))) {
+				if (isset($_POST['url']) && $_POST['url'] != '' && validateUrl($idna_convert->encode($_POST['url']))) {
 					$path = $_POST['url'];
 					$_doredirect = true;
 				} else {
 					$path = validate($_POST['path'], 'path');
 				}
 
-				if(!preg_match('/^https?\:\/\//', $path) || !validateUrl($idna_convert->encode($path))) {
+				if (!preg_match('/^https?\:\/\//', $path) || !validateUrl($idna_convert->encode($path))) {
 					// If path is empty or '/' and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
 					// set default path to subdomain or domain name
-					if((($path == '') || ($path == '/')) && $settings['system']['documentroot_use_default_value'] == 1) {
+					if ((($path == '') || ($path == '/')) && Settings::Get('system.documentroot_use_default_value') == 1) {
 						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $completedomain);
 					} else {
 						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
@@ -292,19 +304,19 @@ if($page == 'overview') {
 					}
 				}
 
-				if($path == '') {
+				if ($path == '') {
 					standard_error('patherror');
-				} elseif($subdomain == '') {
+				} elseif ($subdomain == '') {
 					standard_error(array('stringisempty', 'domainname'));
-				} elseif($subdomain == 'www' && $domain_check['wwwserveralias'] == '1') {
+				} elseif ($subdomain == 'www' && $domain_check['wwwserveralias'] == '1') {
 					standard_error('wwwnotallowed');
-				} elseif($domain == '') {
+				} elseif ($domain == '') {
 					standard_error('domaincantbeempty');
-				} elseif(strtolower($completedomain_check['domain']) == strtolower($completedomain)) {
+				} elseif (strtolower($completedomain_check['domain']) == strtolower($completedomain)) {
 					standard_error('domainexistalready', $completedomain);
-				} elseif(strtolower($domain_check['domain']) != strtolower($domain)) {
+				} elseif (strtolower($domain_check['domain']) != strtolower($domain)) {
 					standard_error('maindomainnonexist', $domain);
-				} elseif($aliasdomain_check['id'] != $aliasdomain) {
+				} elseif ($aliasdomain_check['id'] != $aliasdomain) {
 					standard_error('domainisaliasorothercustomer');
 				} else {
 					// get the phpsettingid from parentdomain, #107
@@ -313,24 +325,26 @@ if($page == 'overview') {
 					);
 					Database::pexecute($phpsid_stmt, array("id" => $domain_check['id']));
 					$phpsid_result = $phpsid_stmt->fetch(PDO::FETCH_ASSOC);
-					
-					if(!isset($phpsid_result['phpsettingid']) || (int)$phpsid_result['phpsettingid'] <= 0) {
+
+					if (!isset($phpsid_result['phpsettingid']) || (int)$phpsid_result['phpsettingid'] <= 0) {
 						// assign default config
 						$phpsid_result['phpsettingid'] = 1;
 					}
 
-					$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET 
+					$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
 						`customerid` = :customerid,
-						`domain` = :domain, 
-						`documentroot` = :documentroot, 
-						`aliasdomain` = :aliasdomain, 
-						`parentdomainid` = :parentdomainid, 
-						`isemaildomain` = :isemaildomain, 
-						`openbasedir` = :openbasedir, 
+						`domain` = :domain,
+						`documentroot` = :documentroot,
+						`aliasdomain` = :aliasdomain,
+						`parentdomainid` = :parentdomainid,
+						`wwwserveralias` = :wwwserveralias,
+						`isemaildomain` = :isemaildomain,
+						`iswildcarddomain` = :iswildcarddomain,
+						`openbasedir` = :openbasedir,
 						`openbasedir_path` = :openbasedir_path,
-						`speciallogfile` = :speciallogfile, 
-						`specialsettings` = :specialsettings, 
-						`ssl_redirect` = :ssl_redirect, 
+						`speciallogfile` = :speciallogfile,
+						`specialsettings` = :specialsettings,
+						`ssl_redirect` = :ssl_redirect,
 						`phpsettingid` = :phpsettingid"
 					);
 					$params = array(
@@ -339,6 +353,8 @@ if($page == 'overview') {
 						"documentroot" => $path,
 						"aliasdomain" => $aliasdomain != 0 ? $aliasdomain : null,
 						"parentdomainid" => $domain_check['id'],
+						"wwwserveralias" => $domain_check['wwwserveralias'] == '1' ? '1' : '0',
+						"iswildcarddomain" => $domain_check['iswildcarddomain'] == '1' ? '1' : '0',
 						"isemaildomain" => $domain_check['subcanemaildomain'] == '3' ? '1' : '0',
 						"openbasedir" => $domain_check['openbasedir'],
 						"openbasedir_path" => $openbasedir_path,
@@ -349,12 +365,12 @@ if($page == 'overview') {
 					);
 					Database::pexecute($stmt, $params);
 
-					if($_doredirect) {
+					if ($_doredirect) {
 						$did = Database::lastInsertId();
-						$redirect = isset($_POST['redirectcode']) ? (int)$_POST['redirectcode'] : $settings['customredirect']['default'];
+						$redirect = isset($_POST['redirectcode']) ? (int)$_POST['redirectcode'] : Settings::Get('customredirect.default');
 						addRedirectToDomain($did, $redirect);
 					}
-					
+
 					$stmt = Database::prepare("INSERT INTO `".TABLE_DOMAINTOIP."`
 						(`id_domain`, `id_ipandports`)
 						SELECT LAST_INSERT_ID(), `id_ipandports`
@@ -368,7 +384,7 @@ if($page == 'overview') {
 						WHERE `customerid` = :customerid"
 					);
 					Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
-					
+
 					$log->logAction(USR_ACTION, LOG_INFO, "added subdomain '" . $completedomain . "'");
 					inserttask('1');
 
@@ -388,7 +404,7 @@ if($page == 'overview') {
 				Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
 				$domains = '';
 
-				while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
+				while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
 					$domains .= makeoption($idna_convert->decode($row['domain']), $row['domain']);
 				}
 
@@ -396,6 +412,7 @@ if($page == 'overview') {
 				$domains_stmt = Database::prepare("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c`
 					WHERE `d`.`aliasdomain` IS NULL
 					AND `d`.`id` <> `c`.`standardsubdomain`
+					AND `d`.`parentdomainid` = '0'
 					AND `d`.`customerid`=`c`.`customerid`
 					AND `d`.`email_only`='0'
 					AND `d`.`customerid`= :customerid
@@ -403,15 +420,15 @@ if($page == 'overview') {
 				);
 				Database::pexecute($domains_stmt, array("customerid" => $userinfo['customerid']));
 
-				while($row_domain = $domains_stmt->fetch(PDO::FETCH_ASSOC)) {
+				while ($row_domain = $domains_stmt->fetch(PDO::FETCH_ASSOC)) {
 					$aliasdomains .= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id']);
 				}
 
 				$redirectcode = '';
-				if($settings['customredirect']['enabled'] == '1') {
+				if (Settings::Get('customredirect.enabled') == '1') {
 					$codes = getRedirectCodesArray();
-					foreach($codes as $rc) {
-						$redirectcode .= makeoption($rc['code']. ' ('.$lng['redirect_desc'][$rc['desc']].')', $rc['id'], $settings['customredirect']['default']);
+					foreach ($codes as $rc) {
+						$redirectcode .= makeoption($rc['code']. ' ('.$lng['redirect_desc'][$rc['desc']].')', $rc['id']);
 					}
 				}
 
@@ -425,7 +442,7 @@ if($page == 'overview') {
 				}
 
 				$openbasedir = makeoption($lng['domain']['docroot'], 0, NULL, true) . makeoption($lng['domain']['homedir'], 1, NULL, true);
-				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);
 
 				$subdomain_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/domains/formfield.domains_add.php';
 				$subdomain_add_form = htmlform::genHTMLForm($subdomain_add_data);
@@ -436,38 +453,38 @@ if($page == 'overview') {
 				eval("echo \"" . getTemplate("domains/domains_add") . "\";");
 			}
 		}
-	} elseif($action == 'edit' && $id != 0) {
+	} elseif ($action == 'edit' && $id != 0) {
 
 		$stmt = Database::prepare("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`wwwserveralias`, `d`.`iswildcarddomain`,
 			`d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir`, `d`.`openbasedir_path`, `pd`.`subcanemaildomain`
 			FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd`
 			WHERE `d`.`customerid` = :customerid
 			AND `d`.`id` = :id
-			AND ((`d`.`parentdomainid`!='0' 
+			AND ((`d`.`parentdomainid`!='0'
 					AND `pd`.`id` = `d`.`parentdomainid`)
 				OR (`d`.`parentdomainid`='0'
 					AND `pd`.`id` = `d`.`id`))
 			AND `d`.`caneditdomain`='1'");
 		$result = Database::pexecute_first($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
-		
+
 		$alias_stmt = Database::prepare("SELECT COUNT(`id`) AS count FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `aliasdomain`= :aliasdomain");
 		$alias_check = Database::pexecute_first($alias_stmt, array("aliasdomain" => $result['id']));
 		$alias_check = $alias_check['count'];
 		$_doredirect = false;
 
-		if(isset($result['customerid']) && $result['customerid'] == $userinfo['customerid']) {
-			if(isset($_POST['send']) && $_POST['send'] == 'send') {
-				if(isset($_POST['url']) && $_POST['url'] != '' && validateUrl($idna_convert->encode($_POST['url']))) {
+		if (isset($result['customerid']) && $result['customerid'] == $userinfo['customerid']) {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				if (isset($_POST['url']) && $_POST['url'] != '' && validateUrl($idna_convert->encode($_POST['url']))) {
 					$path = $_POST['url'];
 					$_doredirect = true;
 				} else {
 					$path = validate($_POST['path'], 'path');
 				}
 
-				if(!preg_match('/^https?\:\/\//', $path) || !validateUrl($idna_convert->encode($path))) {
+				if (!preg_match('/^https?\:\/\//', $path) || !validateUrl($idna_convert->encode($path))) {
 					// If path is empty or '/' and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
 					// set default path to subdomain or domain name
-					if((($path == '') || ($path == '/')) && $settings['system']['documentroot_use_default_value'] == 1) {
+					if ((($path == '') || ($path == '/')) && Settings::Get('system.documentroot_use_default_value') == 1) {
 						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $result['domain']);
 					} else {
 						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
@@ -481,15 +498,15 @@ if($page == 'overview') {
 
 				$aliasdomain = intval($_POST['alias']);
 
-				if(isset($_POST['selectserveralias']) && $result['parentdomainid'] == '0' ) {
+				if (isset($_POST['selectserveralias']) && $result['parentdomainid'] == '0' ) {
 					$iswildcarddomain = ($_POST['selectserveralias'] == '0') ? '1' : '0';
 					$wwwserveralias = ($_POST['selectserveralias'] == '1') ? '1' : '0';
 				} else {
-					$iswildcarddomain = '0';
-					$wwwserveralias = '0';
+					$iswildcarddomain = $result['iswildcarddomain'];
+					$wwwserveralias = $result['wwwserveralias'];
 				}
 
-				if($result['parentdomainid'] != '0' && ($result['subcanemaildomain'] == '1' || $result['subcanemaildomain'] == '2') && isset($_POST['isemaildomain'])) {
+				if ($result['parentdomainid'] != '0' && ($result['subcanemaildomain'] == '1' || $result['subcanemaildomain'] == '2') && isset($_POST['isemaildomain'])) {
 					$isemaildomain = intval($_POST['isemaildomain']);
 				} else {
 					$isemaildomain = $result['isemaildomain'];
@@ -497,7 +514,7 @@ if($page == 'overview') {
 
 				$aliasdomain_check = array('id' => 0);
 
-				if($aliasdomain != 0) {
+				if ($aliasdomain != 0) {
 					$aliasdomain_stmt = Database::prepare("SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` `d`,`" . TABLE_PANEL_CUSTOMERS . "` `c`
 						WHERE `d`.`customerid`= :customerid
 						AND `d`.`aliasdomain` IS NULL
@@ -508,11 +525,11 @@ if($page == 'overview') {
 					$aliasdomain_check = Database::pexecute_first($aliasdomain_stmt, array("customerid" => $result['customerid'], "id" => $aliasdomain));
 				}
 
-				if($aliasdomain_check['id'] != $aliasdomain) {
+				if ($aliasdomain_check['id'] != $aliasdomain) {
 					standard_error('domainisaliasorothercustomer');
 				}
 
-				if(isset($_POST['openbasedir_path']) && $_POST['openbasedir_path'] == '1') {
+				if (isset($_POST['openbasedir_path']) && $_POST['openbasedir_path'] == '1') {
 					$openbasedir_path = '1';
 				} else {
 					$openbasedir_path = '0';
@@ -530,10 +547,10 @@ if($page == 'overview') {
 					$ssl_redirect = '0';
 				}
 
-				if($path == '') {
+				if ($path == '') {
 					standard_error('patherror');
 				} else {
-					if(($result['isemaildomain'] == '1') && ($isemaildomain == '0')) {
+					if (($result['isemaildomain'] == '1') && ($isemaildomain == '0')) {
 						$params = array("customerid" => $userinfo['customerid'], "domainid" => $id);
 						$stmt = Database::prepare("DELETE FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid`= :customerid AND `domainid`= :domainid");
 						Database::pexecute($stmt, $params);
@@ -542,20 +559,20 @@ if($page == 'overview') {
 						$log->logAction(USR_ACTION, LOG_NOTICE, "automatically deleted mail-table entries for '" . $idna_convert->decode($result['domain']) . "'");
 					}
 
-					if($_doredirect) {
+					if ($_doredirect) {
 						$redirect = isset($_POST['redirectcode']) ? (int)$_POST['redirectcode'] : false;
 						updateRedirectOfDomain($id, $redirect);
 					}
 
-					if($path != $result['documentroot']
-					   || $isemaildomain != $result['isemaildomain']
-					   || $wwwserveralias != $result['wwwserveralias']
-					   || $iswildcarddomain != $result['iswildcarddomain']
-					   || $aliasdomain != $result['aliasdomain']
-					   || $openbasedir_path != $result['openbasedir_path']
-					   || $ssl_redirect != $result['ssl_redirect']) {
+					if ($path != $result['documentroot']
+						|| $isemaildomain != $result['isemaildomain']
+						|| $wwwserveralias != $result['wwwserveralias']
+						|| $iswildcarddomain != $result['iswildcarddomain']
+						|| $aliasdomain != $result['aliasdomain']
+						|| $openbasedir_path != $result['openbasedir_path']
+						|| $ssl_redirect != $result['ssl_redirect']) {
 						$log->logAction(USR_ACTION, LOG_INFO, "edited domain '" . $idna_convert->decode($result['domain']) . "'");
-						
+
 						$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
 							`documentroot`= :documentroot,
 							`isemaildomain`= :isemaildomain,
@@ -586,17 +603,18 @@ if($page == 'overview') {
 
 					}
 
-					redirectTo($filename, Array('page' => $page, 's' => $s));
+					redirectTo($filename, array('page' => $page, 's' => $s));
 				}
 			} else {
 				$result['domain'] = $idna_convert->decode($result['domain']);
-  
+
 				$domains = makeoption($lng['domains']['noaliasdomain'], 0, $result['aliasdomain'], true);
 				// also check ip/port combination to be the same, #176
 				$domains_stmt = Database::prepare("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d` , `" . TABLE_PANEL_CUSTOMERS . "` `c` , `".TABLE_DOMAINTOIP."` `dip`
 					WHERE `d`.`aliasdomain` IS NULL
 					AND `d`.`id` <> :id
 					AND `c`.`standardsubdomain` <> `d`.`id`
+					AND `d`.`parentdomainid` = '0'
 					AND `d`.`customerid` = :customerid
 					AND `c`.`customerid` = `d`.`customerid`
 					AND `d`.`id` = `dip`.`id_domain`
@@ -608,28 +626,28 @@ if($page == 'overview') {
 				);
 				Database::pexecute($domains_stmt, array("id" => $result['id'], "customerid" => $userinfo['customerid']));
 
-				while($row_domain = $domains_stmt->fetch(PDO::FETCH_ASSOC)) {
+				while ($row_domain = $domains_stmt->fetch(PDO::FETCH_ASSOC)) {
 					$domains .= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id'], $result['aliasdomain']);
 				}
 
-				if(preg_match('/^https?\:\/\//', $result['documentroot']) && validateUrl($idna_convert->encode($result['documentroot']))) {
-					if($settings['panel']['pathedit'] == 'Dropdown') {
+				if (preg_match('/^https?\:\/\//', $result['documentroot']) && validateUrl($idna_convert->encode($result['documentroot']))) {
+					if (Settings::Get('panel.pathedit') == 'Dropdown') {
 						$urlvalue = $result['documentroot'];
-						$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+						$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);
 					} else {
 						$urlvalue = '';
-						$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $result['documentroot'], true);						
+						$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $result['documentroot'], true);
 					}
 				} else {
 					$urlvalue = '';
-					$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $result['documentroot']);
+					$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $result['documentroot']);
 				}
 
 				$redirectcode = '';
-				if($settings['customredirect']['enabled'] == '1') {
+				if (Settings::Get('customredirect.enabled') == '1') {
 					$def_code = getDomainRedirectId($id);
 					$codes = getRedirectCodesArray();
-					foreach($codes as $rc) {
+					foreach ($codes as $rc) {
 						$redirectcode .= makeoption($rc['code']. ' ('.$lng['redirect_desc'][$rc['desc']].')', $rc['id'], $def_code);
 					}
 				}
@@ -656,7 +674,7 @@ if($page == 'overview') {
 				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_wildcard'], '0', $_value, true, true);
 				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_www'], '1', $_value, true, true);
 				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_none'], '2', $_value, true, true);
-				
+
 				$ips_stmt = Database::prepare("SELECT `p`.`ip` AS `ip` FROM `".TABLE_PANEL_IPSANDPORTS."` `p`
 					LEFT JOIN `".TABLE_DOMAINTOIP."` `dip`
 					ON ( `dip`.`id_ipandports` = `p`.`id` )
@@ -712,7 +730,7 @@ if($page == 'overview') {
 			// verify certificate content
 			if ($do_verify) {
 				// array openssl_x509_parse ( mixed $x509cert [, bool $shortnames = true ] )
-				// openssl_x509_parse() returns information about the supplied x509cert, including fields such as 
+				// openssl_x509_parse() returns information about the supplied x509cert, including fields such as
 				// subject name, issuer name, purposes, valid from and valid to dates etc.
 				$cert_content = openssl_x509_parse($ssl_cert_file);
 

customer_email.php

@@ -37,7 +37,7 @@ if ($page == 'overview') {
 			'm.email_full' => $lng['emails']['emailaddress'],
 			'm.destination' => $lng['emails']['forwarders']
 		);
-		$paging = new paging($userinfo, TABLE_MAIL_VIRTUAL, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_MAIL_VIRTUAL, $fields);
 		$result_stmt = Database::prepare('SELECT `m`.`id`, `m`.`domainid`, `m`.`email`, `m`.`email_full`, `m`.`iscatchall`, `u`.`quota`, `m`.`destination`, `m`.`popaccountid`, `d`.`domain`, `u`.`mboxsize` FROM `' . TABLE_MAIL_VIRTUAL . '` `m`
 			LEFT JOIN `' . TABLE_PANEL_DOMAINS . '` `d` ON (`m`.`domainid` = `d`.`id`)
 			LEFT JOIN `' . TABLE_MAIL_USERS . '` `u` ON (`m`.`popaccountid` = `u`.`id`)
@@ -56,7 +56,7 @@ if ($page == 'overview') {
 			if (!isset($emails[$row['domain']]) || !is_array($emails[$row['domain']])) {
 				$emails[$row['domain']] = array();
 			}
-			
+
 			$emails[$row['domain']][$row['email_full']] = $row;
 		}
 
@@ -105,8 +105,8 @@ if ($page == 'overview') {
 					if (strlen($row['destination']) > 35) {
 						$row['destination'] = substr($row['destination'], 0, 32) . '... (' . $destinations_count . ')';
 					}
-					
-					$row['mboxsize'] = size_readable($row['mboxsize'], 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
+
+					$row['mboxsize'] = size_readable($row['mboxsize'], 'GiB', 'bi', '%01.' . (int)Settings::Get('panel.decimal_places') . 'f %s');
 
 					$row = htmlentities_array($row);
 					eval("\$accounts.=\"" . getTemplate("email/emails_email") . "\";");
@@ -132,7 +132,7 @@ if ($page == 'overview') {
 			AND `id`= :id"
 		);
 		$result = Database::pexecute_first($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
-		
+
 		if (isset($result['email']) && $result['email'] != '') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$update_users_query_addon = '';
@@ -143,7 +143,7 @@ if ($page == 'overview') {
 
 					if ($result['popaccountid'] != 0) {
 						// Free the Quota used by the email account
-						if ($settings['system']['mail_quota_enabled'] == 1) {
+						if (Settings::Get('system.mail_quota_enabled') == 1) {
 							$stmt = Database::prepare("SELECT `quota` FROM `" . TABLE_MAIL_USERS . "`
 								WHERE `customerid`= :customerid
 								AND `id`= :id"
@@ -176,7 +176,7 @@ if ($page == 'overview') {
 					AND `id`= :id"
 				);
 				Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
-				
+
 				$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
 					SET `emails_used`=`emails_used` - 1 ,
 					`email_forwarders_used` = `email_forwarders_used` - :nforwarders
@@ -184,7 +184,7 @@ if ($page == 'overview') {
 					WHERE `customerid`= :customerid"
 				);
 				Database::pexecute($stmt, array("nforwarders" => $number_forwarders, "customerid" => $userinfo['customerid']));
-				
+
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted email address '" . $result['email'] . "'");
 				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
@@ -207,7 +207,7 @@ if ($page == 'overview') {
 					AND `isemaildomain`='1' "
 				);
 				$domain_check = Database::pexecute_first($stmt, array("domain" => $domain, "customerid" => $userinfo['customerid']));
-				
+
 				if (isset($_POST['iscatchall']) && $_POST['iscatchall'] == '1') {
 					$iscatchall = '1';
 					$email = '@' . $domain;
@@ -233,7 +233,7 @@ if ($page == 'overview') {
 					"cid" => $userinfo['customerid']
 				);
 				$email_check = Database::pexecute_first($stmt, $params);
-				
+
 				if ($email == '' || $email_full == '' || $email_part == '') {
 					standard_error(array('stringisempty', 'emailadd'));
 				} elseif ($domain == '') {
@@ -258,14 +258,14 @@ if ($page == 'overview') {
 						"domainid" => $domain_check['id']
 					);
 					Database::pexecute($stmt, $params);
-					
+
 					$address_id = Database::lastInsertId();
 					$stmt = Database::prepare("UPDATE " . TABLE_PANEL_CUSTOMERS . "
 						SET `emails_used` = `emails_used` + 1
 						WHERE `customerid`= :cid"
 					);
 					Database::pexecute($stmt, array("cid" => $userinfo['customerid']));
-					
+
 					$log->logAction(USR_ACTION, LOG_INFO, "added email address '" . $email_full . "'");
 					redirectTo($filename, array('page' => $page, 'action' => 'edit', 'id' => $address_id, 's' => $s));
 				}
@@ -286,7 +286,7 @@ if ($page == 'overview') {
 
 				$email_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_add.php';
 
-				if ($settings['catchall']['catchall_enabled'] != '1') {
+				if (Settings::Get('catchall.catchall_enabled') != '1') {
 					unset($email_add_data['emails_add']['sections']['section_a']['fields']['iscatchall']);
 				}
 
@@ -302,14 +302,14 @@ if ($page == 'overview') {
 		}
 	} elseif ($action == 'edit' && $id != 0) {
 		$stmt = Database::prepare("SELECT `v`.`id`, `v`.`email`, `v`.`email_full`, `v`.`iscatchall`, `v`.`destination`, `v`.`customerid`, `v`.`popaccountid`, `u`.`quota`
-			FROM `" . TABLE_MAIL_VIRTUAL . "` `v` 
+			FROM `" . TABLE_MAIL_VIRTUAL . "` `v`
 			LEFT JOIN `" . TABLE_MAIL_USERS . "` `u`
 			ON(`v`.`popaccountid` = `u`.`id`)
 			WHERE `v`.`customerid`= :cid
 			AND `v`.`id`= :id"
 		);
 		$result = Database::pexecute_first($stmt, array("cid" => $userinfo['customerid'], "id" => $id));
-		
+
 		if (isset($result['email']) && $result['email'] != '') {
 			$result['email'] = $idna_convert->decode($result['email']);
 			$result['email_full'] = $idna_convert->decode($result['email_full']);
@@ -334,7 +334,7 @@ if ($page == 'overview') {
 
 			$email_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_edit.php';
 
-			if ( $settings['catchall']['catchall_enabled'] != '1' ) {
+			if (Settings::Get('catchall.catchall_enabled') != '1') {
 				unset($email_edit_data['emails_edit']['sections']['section_a']['fields']['mail_catchall']);
 			}
 
@@ -346,13 +346,13 @@ if ($page == 'overview') {
 			eval("echo \"" . getTemplate("email/emails_edit") . "\";");
 		}
 	} elseif ($action == 'togglecatchall' && $id != 0) {
-		if ( $settings['catchall']['catchall_enabled'] == '1' ) {
+		if (Settings::Get('catchall.catchall_enabled') == '1') {
 			$stmt = Database::prepare("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `popaccountid` FROM `" . TABLE_MAIL_VIRTUAL . "`
 				WHERE `customerid`= :cid
 				AND `id`= :id"
 			);
 			$result = Database::pexecute_first($stmt, array("cid" => $userinfo['customerid'], "id" => $id));
-			
+
 			if (isset($result['email']) && $result['email'] != '') {
 				if ($result['iscatchall'] == '1') {
 					$stmt = Database::prepare("UPDATE `" . TABLE_MAIL_VIRTUAL . "`
@@ -374,7 +374,7 @@ if ($page == 'overview') {
 						AND `customerid`= :cid"
 					);
 					$email_check = Database::pexecute_first($stmt, array("email" => $email, "cid" => $userinfo['customerid']));
-					
+
 					if ($email_check['email'] == $email) {
 						standard_error('youhavealreadyacatchallforthisdomain');
 						exit;
@@ -419,7 +419,7 @@ if ($page == 'overview') {
 				AND `id`= :id"
 			);
 			$result = Database::pexecute_first($stmt, array("cid" => $userinfo['customerid'], "id" => $id));
-			
+
 			if (isset($result['email']) && $result['email'] != '' && $result['popaccountid'] == '0') {
 				if (isset($_POST['send']) && $_POST['send'] == 'send') {
 					$email_full = $result['email_full'];
@@ -427,13 +427,13 @@ if ($page == 'overview') {
 					$password = validate($_POST['email_password'], 'password');
 					$password = validatePassword($password);
 
-					if ($settings['panel']['sendalternativemail'] == 1) {
+					if (Settings::Get('panel.sendalternativemail') == 1) {
 						$alternative_email = $idna_convert->encode(validate($_POST['alternative_email'], 'alternative_email'));
 					} else {
 						$alternative_email = '';
 					}
 
-					if ($settings['system']['mail_quota_enabled'] == 1) {
+					if (Settings::Get('system.mail_quota_enabled') == 1) {
 						if ($userinfo['email_quota'] != '-1' && ($quota == 0 || ($quota + $userinfo['email_quota_used']) > $userinfo['email_quota'])) {
 							standard_error('allocatetoomuchquota', $quota);
 						}
@@ -444,41 +444,44 @@ if ($page == 'overview') {
 					if ($email_full == '') {
 						standard_error(array('stringisempty', 'emailadd'));
 					}
-					elseif ($password == '' && !($settings['panel']['sendalternativemail'] == 1 && validateEmail($alternative_email))) {
+					elseif ($password == '' && !(Settings::Get('panel.sendalternativemail') == 1 && validateEmail($alternative_email))) {
 						standard_error(array('stringisempty', 'mypassword'));
+					}
+					elseif ($password == $email_full) {
+						standard_error('passwordshouldnotbeusername');
 					} else {
 						if ($password == '') {
-							$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
+							$password = generatePassword();
 						}
 
 						$cryptPassword = makeCryptPassword($password);
 
 						$email_user=substr($email_full,0,strrpos($email_full,"@"));
 						$email_domain=substr($email_full,strrpos($email_full,"@")+1);
-						$maildirname=trim($settings['system']['vmail_maildirname']);
+						$maildirname=trim(Settings::Get('system.vmail_maildirname'));
 						// Add trailing slash to Maildir if needed
 						$maildirpath=$maildirname;
 						if (!empty($maildirname) and substr($maildirname,-1) != "/") $maildirpath.="/";
 
 						$stmt = Database::prepare("INSERT INTO `" . TABLE_MAIL_USERS . "`
-							(`customerid`, `email`, `username`, " . ($settings['system']['mailpwcleartext'] == '1' ? '`password`, ' : '') . " `password_enc`, `homedir`, `maildir`, `uid`, `gid`, `domainid`, `postfix`, `quota`, `imap`, `pop3`) ".
-							"VALUES (:cid, :email, :username, " . ($settings['system']['mailpwcleartext'] == '1' ? ":password, " : '') . ":password_enc, :homedir, :maildir, :uid, :gid, :domainid, 'y', :quota, :imap, :pop3)"
+							(`customerid`, `email`, `username`, " . (Settings::Get('system.mailpwcleartext') == '1' ? '`password`, ' : '') . " `password_enc`, `homedir`, `maildir`, `uid`, `gid`, `domainid`, `postfix`, `quota`, `imap`, `pop3`) ".
+							"VALUES (:cid, :email, :username, " . (Settings::Get('system.mailpwcleartext') == '1' ? ":password, " : '') . ":password_enc, :homedir, :maildir, :uid, :gid, :domainid, 'y', :quota, :imap, :pop3)"
 						);
 						$params = array(
 							"cid" => $userinfo['customerid'],
 							"email" => $email_full,
 							"username" => $username,
 							"password_enc" => $cryptPassword,
-							"homedir" => $settings['system']['vmail_homedir'],
+							"homedir" => Settings::Get('system.vmail_homedir'),
 							"maildir" => $userinfo['loginname'] . '/' . $email_domain . "/" . $email_user . "/" . $maildirpath,
-							"uid" => $settings['system']['vmail_uid'],
-							"gid" => $settings['system']['vmail_gid'],
+							"uid" => Settings::Get('system.vmail_uid'),
+							"gid" => Settings::Get('system.vmail_gid'),
 							"domainid" => $result['domainid'],
 							"quota" => $quota,
 							"imap" => $userinfo['imap'],
 							"pop3" => $userinfo['pop3']
 						);
-						if ($settings['system']['mailpwcleartext'] == '1') { $params["password"] = $password; }
+						if (Settings::Get('system.mailpwcleartext') == '1') { $params["password"] = $password; }
 						Database::pexecute($stmt, $params);
 
 						$popaccountid = Database::lastInsertId();
@@ -496,24 +499,24 @@ if ($page == 'overview') {
 							"id" => $id
 						);
 						Database::pexecute($stmt, $params);
-						
+
 						$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
 							SET `email_accounts_used`=`email_accounts_used`+1,
 								`email_quota_used`=`email_quota_used`+ :quota
 							WHERE `customerid`= :cid"
 						);
 						Database::pexecute($stmt, array("quota" => $quota, "cid" => $userinfo['customerid']));
-						
+
 						$log->logAction(USR_ACTION, LOG_INFO, "added email account for '" . $email_full . "'");
 						$replace_arr = array(
 							'EMAIL' => $email_full,
 							'USERNAME' => $username,
 							'PASSWORD' => $password
 						);
-						
+
 						$stmt = Database::prepare("SELECT `name`, `email` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid`= :adminid");
 						$admin = Database::pexecute_first($stmt, array("adminid" => $userinfo['adminid']));
-						
+
 						$stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
 							WHERE `adminid`= :adminid
 							AND `language`= :lang
@@ -522,7 +525,7 @@ if ($page == 'overview') {
 						);
 						$result = Database::pexecute_first($stmt, array("adminid" => $userinfo['adminid'], "lang" => $userinfo['def_language']));
 						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['pop_success']['subject']), $replace_arr));
-						
+
 						$stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
 							WHERE `adminid`= :adminid
 							AND `language`= :lang
@@ -555,7 +558,7 @@ if ($page == 'overview') {
 
 						$mail->ClearAddresses();
 
-						if (validateEmail($alternative_email) && $settings['panel']['sendalternativemail'] == 1) {
+						if (validateEmail($alternative_email) && Settings::Get('panel.sendalternativemail') == 1) {
 							$stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
 								WHERE `adminid`= :adminid
 								AND `language`= :lang
@@ -564,7 +567,7 @@ if ($page == 'overview') {
 							);
 							$result = Database::pexecute_first($stmt, array("adminid" => $userinfo['adminid'], "lang" => $userinfo['def_language']));
 							$mail_subject = replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['pop_success_alternative']['subject']), $replace_arr);
-							
+
 							$stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
 								WHERE `adminid`= :adminid
 								AND `language`= :lang
@@ -603,9 +606,9 @@ if ($page == 'overview') {
 				} else {
 					$result['email_full'] = $idna_convert->decode($result['email_full']);
 					$result = htmlentities_array($result);
-					$quota = $settings['system']['mail_quota'];
+					$quota = Settings::Get('system.mail_quota');
 
-					$account_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_addaccount.php';
+					$account_add_data = include_once dirname(__FILE__) . '/lib/formfields/customer/email/formfield.emails_addaccount.php';
 					$account_add_form = htmlform::genHTMLForm($account_add_data);
 
 					$title = $account_add_data['emails_addaccount']['title'];
@@ -623,7 +626,7 @@ if ($page == 'overview') {
 			AND `id`= :id"
 		);
 		$result = Database::pexecute_first($stmt, array("cid" => $userinfo['customerid'], "id" => $id));
-		
+
 		if (isset($result['popaccountid']) && $result['popaccountid'] != '') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$password = validate($_POST['email_password'], 'password');
@@ -632,13 +635,17 @@ if ($page == 'overview') {
 					standard_error(array('stringisempty', 'mypassword'));
 					exit;
 				}
+				elseif ($password == $result['email_full']) {
+					standard_error('passwordshouldnotbeusername');
+					exit;
+				}
 
 				$password = validatePassword($password);
 
 				$log->logAction(USR_ACTION, LOG_NOTICE, "changed email password for '" . $result['email_full'] . "'");
 				$cryptPassword = makeCryptPassword($password);
 				$stmt = Database::prepare("UPDATE `" . TABLE_MAIL_USERS . "`
-					SET " . ($settings['system']['mailpwcleartext'] == '1' ? "`password` = :password, " : '') . "
+					SET " . (Settings::Get('system.mailpwcleartext') == '1' ? "`password` = :password, " : '') . "
 						`password_enc`= :password_enc
 					WHERE `customerid`= :cid
 					AND `id`= :id"
@@ -648,9 +655,9 @@ if ($page == 'overview') {
 					"cid" => $userinfo['customerid'],
 					"id" => $result['popaccountid']
 				);
-				if ($settings['system']['mailpwcleartext'] == '1') { $params["password"] = $password; }
+				if (Settings::Get('system.mailpwcleartext') == '1') { $params["password"] = $password; }
 				Database::pexecute($stmt, $params);
-				
+
 				redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 			} else {
 				$result['email_full'] = $idna_convert->decode($result['email_full']);
@@ -665,7 +672,7 @@ if ($page == 'overview') {
 				eval("echo \"" . getTemplate("email/account_changepw") . "\";");
 			}
 		}
-	} elseif ($action == 'changequota' && $settings['system']['mail_quota_enabled'] == '1' && $id != 0) {
+	} elseif ($action == 'changequota' && Settings::Get('system.mail_quota_enabled') == '1' && $id != 0) {
 		$stmt = Database::prepare("SELECT `v`.`id`, `v`.`email`, `v`.`email_full`, `v`.`iscatchall`, `v`.`destination`, `v`.`customerid`, `v`.`popaccountid`, `u`.`quota`
 			FROM `" . TABLE_MAIL_VIRTUAL . "` `v`
 			LEFT JOIN `" . TABLE_MAIL_USERS . "` `u`
@@ -674,7 +681,7 @@ if ($page == 'overview') {
 			AND `v`.`id`= :id"
 		);
 		$result = Database::pexecute_first($stmt, array("cid" => $userinfo['customerid'], "id" => $id));
-		
+
 		if (isset($result['popaccountid']) && $result['popaccountid'] != '') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$quota = (int)validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong');
@@ -728,7 +735,7 @@ if ($page == 'overview') {
 			AND `v`.`id`='" . (int)$id . "'"
 		);
 		$result = Database::pexecute_first($stmt, array("cid" => $userinfo['customerid'], "id" => $id));
-		
+
 		if (isset($result['popaccountid']) && $result['popaccountid'] != '') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_MAIL_USERS . "`
@@ -737,7 +744,7 @@ if ($page == 'overview') {
 				);
 				Database::pexecute($stmt, array("cid" => $userinfo['customerid'], "id" => $result['popaccountid']));
 				$result['destination'] = str_replace($result['email_full'], '', $result['destination']);
-				
+
 				$stmt = Database::prepare("UPDATE `" . TABLE_MAIL_VIRTUAL . "`
 					SET `destination` = :dest,
 						`popaccountid` = '0'
@@ -751,7 +758,7 @@ if ($page == 'overview') {
 				);
 				Database::pexecute($stmt, $params);
 
-				if ($settings['system']['mail_quota_enabled'] == '1' && $userinfo['email_quota'] != '-1') {
+				if (Settings::Get('system.mail_quota_enabled') == '1' && $userinfo['email_quota'] != '-1') {
 					$quota = (int)$result['quota'];
 				} else {
 					$quota = 0;
@@ -767,7 +774,7 @@ if ($page == 'overview') {
 					WHERE `customerid`= :cid"
 				);
 				Database::pexecute($stmt, array("quota" => $quota, "cid" => $userinfo['customerid']));
-				
+
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted email account for '" . $result['email_full'] . "'");
 				redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 			} else {
@@ -783,7 +790,7 @@ if ($page == 'overview') {
 				AND `id`= :id"
 			);
 			$result = Database::pexecute_first($stmt, array("cid" => $userinfo['customerid'], "id" => $id));
-			
+
 			if (isset($result['email']) && $result['email'] != '') {
 				if (isset($_POST['send']) && $_POST['send'] == 'send') {
 					$destination = $idna_convert->encode($_POST['destination']);
@@ -810,13 +817,13 @@ if ($page == 'overview') {
 							"id" => $id
 						);
 						Database::pexecute($stmt, $params);
-						
+
 						$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
 							SET `email_forwarders_used` = `email_forwarders_used` + 1
 							WHERE `customerid`= :cid"
 						);
 						Database::pexecute($stmt, array("cid" => $userinfo['customerid']));
-						
+
 						$log->logAction(USR_ACTION, LOG_NOTICE, "added email forwarder for '" . $result['email_full'] . "'");
 						redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 					}
@@ -842,7 +849,7 @@ if ($page == 'overview') {
 			AND `id`='" . (int)$id . "'"
 		);
 		$result = Database::pexecute_first($stmt, array("cid" => $userinfo['customerid']));
-		
+
 		if (isset($result['destination']) && $result['destination'] != '') {
 			if (isset($_POST['forwarderid'])) {
 				$forwarderid = intval($_POST['forwarderid']);
@@ -871,13 +878,13 @@ if ($page == 'overview') {
 						"id" => $id
 					);
 					Database::pexecute($stmt, $params);
-					
+
 					$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
 						SET `email_forwarders_used` = `email_forwarders_used` - 1
 						WHERE `customerid`= :cid"
 					);
 					Database::pexecute($stmt, array("cid" => $userinfo['customerid']));
-					
+
 					$log->logAction(USR_ACTION, LOG_NOTICE, "deleted email forwarder for '" . $result['email_full'] . "'");
 					redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 				} else {
@@ -887,5 +894,3 @@ if ($page == 'overview') {
 		}
 	}
 }
-
-?>

customer_extras.php

@@ -20,54 +20,24 @@
 define('AREA', 'customer');
 require './lib/init.php';
 
-if(isset($_POST['id'])) {
+if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-} elseif(isset($_GET['id'])) {
+} elseif (isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }
 
-if($page == 'overview') {
+if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras");
 	eval("echo \"" . getTemplate("extras/extras") . "\";");
-} elseif($page == 'backup') {
-    $log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras_backup");
-
-    $result_stmt = Database::prepare("SELECT `backup_enabled` FROM `" . TABLE_PANEL_CUSTOMERS . "`
-    	WHERE `customerid`= :customerid"
-    );
-    Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
-    $row = $result_stmt->fetch(PDO::FETCH_ASSOC);
-
-    $backup_enabled = makeyesno('backup_enabled', '1', '0', $row['backup_enabled']);
-
-    if(isset($_POST['send']) && $_POST['send'] == 'send') {
-		$backup_enabled = ($_POST['backup_enabled'] == '1' ? '1' : '0');
-	
-        $stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
-        	SET `backup_enabled`= :backupenabled
-        	WHERE `customerid`= :customerid"
-        );
-        Database::pexecute($stmt, array("backupenabled" => $backup_enabled, "customerid" => $userinfo['customerid']));
-		
-		redirectTo($filename, Array('page' => $page, 's' => $s));
-    }
-
-    $backup_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.backup.php';
-	$backup_form = htmlform::genHTMLForm($backup_data);
-
-	$title = $backup_data['backup']['title'];
-	$image = $backup_data['backup']['image'];
-    
-    eval("echo \"" . getTemplate("extras/backup") . "\";");
-} elseif($page == 'htpasswds') {
-	if($action == '') {
+} elseif ($page == 'htpasswds') {
+	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras::htpasswds");
 		$fields = array(
 			'username' => $lng['login']['username'],
 			'path' => $lng['panel']['path']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_HTPASSWDS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "` 
+		$paging = new paging($userinfo, TABLE_PANEL_HTPASSWDS, $fields);
+		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "`
 			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
 		);
 		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
@@ -80,9 +50,9 @@ if($page == 'overview') {
 		$count = 0;
 		$htpasswds = '';
 
-		while($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-			if($paging->checkDisplay($i)) {
-				if(strpos($row['path'], $userinfo['documentroot']) === 0) {
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+			if ($paging->checkDisplay($i)) {
+				if (strpos($row['path'], $userinfo['documentroot']) === 0) {
 					$row['path'] = substr($row['path'], strlen($userinfo['documentroot']));
 				}
 
@@ -95,7 +65,7 @@ if($page == 'overview') {
 		}
 
 		eval("echo \"" . getTemplate("extras/htpasswds") . "\";");
-	} elseif($action == 'delete' && $id != 0) {
+	} elseif ($action == 'delete' && $id != 0) {
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "`
 			WHERE `customerid`= :customerid
 			AND `id`= :id"
@@ -103,34 +73,34 @@ if($page == 'overview') {
 		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
 		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
 
-		if(isset($result['username']) && $result['username'] != '') {
-			if(isset($_POST['send']) && $_POST['send'] == 'send') {
+		if (isset($result['username']) && $result['username'] != '') {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_HTPASSWDS . "`
 					WHERE `customerid`= :customerid
 					AND `id`= :id"
 				);
 				Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
-				
+
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted htpasswd for '" . $result['username'] . " (" . $result['path'] . ")'");
 				inserttask('1');
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
-				if(strpos($result['path'], $userinfo['documentroot']) === 0) {
+				if (strpos($result['path'], $userinfo['documentroot']) === 0) {
 					$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
 				}
 
 				ask_yesno('extras_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username'] . ' (' . $result['path'] . ')');
 			}
 		}
-	} elseif($action == 'add') {
-		if(isset($_POST['send']) && $_POST['send'] == 'send') {
+	} elseif ($action == 'add') {
+		if (isset($_POST['send']) && $_POST['send'] == 'send') {
 			$path = makeCorrectDir(validate($_POST['path'], 'path'));
 			$userpath = $path;
 			$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
 			$username = validate($_POST['username'], 'username', '/^[a-zA-Z0-9][a-zA-Z0-9\-_]+\$?$/');
 			$authname = validate($_POST['directory_authname'], 'directory_authname', '/^[a-zA-Z0-9][a-zA-Z0-9\-_ ]+\$?$/');
 			validate($_POST['directory_password'], 'password');
-			
+
 			$username_path_check_stmt = Database::prepare("SELECT `id`, `username`, `path` FROM `" . TABLE_PANEL_HTPASSWDS . "`
 				WHERE `username`= :username
 				AND `path`= :path
@@ -144,25 +114,27 @@ if($page == 'overview') {
 			Database::pexecute($username_path_check_stmt, $params);
 			$username_path_check = $username_path_check_stmt->fetch(PDO::FETCH_ASSOC);
 
-			if(CRYPT_STD_DES == 1) {
+			if (CRYPT_STD_DES == 1) {
 				$saltfordescrypt = substr(md5(uniqid(microtime(), 1)), 4, 2);
 				$password = crypt($_POST['directory_password'], $saltfordescrypt);
 			} else {
 				$password = crypt($_POST['directory_password']);
 			}
 
-			if(!$_POST['path']) {
+			if (!$_POST['path']) {
 				standard_error('invalidpath');
 			}
 
-			if($username == '') {
+			if ($username == '') {
 				standard_error(array('stringisempty', 'myloginname'));
-			} elseif($username_path_check['username'] == $username && $username_path_check['path'] == $path) {
+			} elseif ($username_path_check['username'] == $username && $username_path_check['path'] == $path) {
 				standard_error('userpathcombinationdupe');
-			} elseif($_POST['directory_password'] == '') {
+			} elseif ($_POST['directory_password'] == '') {
 				standard_error(array('stringisempty', 'mypassword'));
-			} elseif($path == '') {
+			} elseif ($path == '') {
 				standard_error('patherror');
+			} elseif ($_POST['directory_password'] == $username) {
+				standard_error('passwordshouldnotbeusername');
 			} else {
 				$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` SET
 					`customerid` = :customerid,
@@ -181,10 +153,10 @@ if($page == 'overview') {
 				Database::pexecute($stmt, $params);
 				$log->logAction(USR_ACTION, LOG_INFO, "added htpasswd for '" . $username . " (" . $path . ")'");
 				inserttask('1');
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			}
 		} else {
-			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);
 
 			$htpasswd_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htpasswd_add.php';
 			$htpasswd_add_form = htmlform::genHTMLForm($htpasswd_add_data);
@@ -194,7 +166,7 @@ if($page == 'overview') {
 
 			eval("echo \"" . getTemplate("extras/htpasswds_add") . "\";");
 		}
-	} elseif($action == 'edit' && $id != 0) {
+	} elseif ($action == 'edit' && $id != 0) {
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "`
 			WHERE `customerid`= :customerid
 			AND `id`= :id"
@@ -202,37 +174,41 @@ if($page == 'overview') {
 		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
 		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
 
-		if(isset($result['username']) && $result['username'] != '') {
-			if(isset($_POST['send']) && $_POST['send'] == 'send') {
+		if (isset($result['username']) && $result['username'] != '') {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				validate($_POST['directory_password'], 'password');
 				$authname = validate($_POST['directory_authname'], 'directory_authname', '/^[a-zA-Z0-9][a-zA-Z0-9\-_ ]+\$?$/');
 
-				if(CRYPT_STD_DES == 1) {
+				if (CRYPT_STD_DES == 1) {
 					$saltfordescrypt = substr(md5(uniqid(microtime(), 1)), 4, 2);
 					$password = crypt($_POST['directory_password'], $saltfordescrypt);
 				} else {
 					$password = crypt($_POST['directory_password']);
 				}
-				
+
+				if ($_POST['directory_password'] == $result['username']) {
+					standard_error('passwordshouldnotbeusername');
+				}
+
 				$params = array(
 					"customerid" => $userinfo['customerid'],
 					"id" => $id
 				);
-				
+
 				$pwd_sql = '';
-				if($_POST['directory_password'] != '') {
+				if ($_POST['directory_password'] != '') {
 					$pwd_sql = "`password`= :password ";
 					$params["password"] = $password;
 				}
-				
+
 				$auth_sql = '';
-				if($authname != $result['authname']) {
+				if ($authname != $result['authname']) {
 					$auth_sql = "`authname`= :authname ";
 					$params["authname"] = $authname;
 				}
 
-				if($pwd_sql != '' || $auth_sql != '') {
-					if($pwd_sql !='' && $auth_sql != '') {
+				if ($pwd_sql != '' || $auth_sql != '') {
+					if ($pwd_sql !='' && $auth_sql != '') {
 						$pwd_sql.= ', ';
 					}
 
@@ -244,10 +220,10 @@ if($page == 'overview') {
 					Database::pexecute($stmt, $params);
 					$log->logAction(USR_ACTION, LOG_INFO, "edited htpasswd for '" . $result['username'] . " (" . $result['path'] . ")'");
 					inserttask('1');
-					redirectTo($filename, Array('page' => $page, 's' => $s));
+					redirectTo($filename, array('page' => $page, 's' => $s));
 				}
 			} else {
-				if(strpos($result['path'], $userinfo['documentroot']) === 0) {
+				if (strpos($result['path'], $userinfo['documentroot']) === 0) {
 					$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
 				}
 
@@ -263,8 +239,8 @@ if($page == 'overview') {
 			}
 		}
 	}
-} elseif($page == 'htaccess') {
-	if($action == '') {
+} elseif ($page == 'htaccess') {
+	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras::htaccess");
 		$fields = array(
 			'path' => $lng['panel']['path'],
@@ -274,7 +250,7 @@ if($page == 'overview') {
 			'error500path' => $lng['extras']['error500path'],
 			'options_cgi' => $lng['extras']['execute_perl']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_HTACCESS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_HTACCESS, $fields);
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "`
 			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
 		);
@@ -290,9 +266,9 @@ if($page == 'overview') {
 
 		$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
 
-		while($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-			if($paging->checkDisplay($i)) {
-				if(strpos($row['path'], $userinfo['documentroot']) === 0) {
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+			if ($paging->checkDisplay($i)) {
+				if (strpos($row['path'], $userinfo['documentroot']) === 0) {
 					$row['path'] = substr($row['path'], strlen($userinfo['documentroot']));
 					// don't show nothing wehn it's the docroot, show slash
 					if ($row['path'] == '') { $row['path'] = '/'; }
@@ -311,7 +287,7 @@ if($page == 'overview') {
 		}
 
 		eval("echo \"" . getTemplate("extras/htaccess") . "\";");
-	} elseif($action == 'delete' && $id != 0) {
+	} elseif ($action == 'delete' && $id != 0) {
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "`
 			WHERE `customerid` = :customerid
 			AND `id` = :id"
@@ -319,8 +295,8 @@ if($page == 'overview') {
 		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
 		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
 
-		if(isset($result['customerid']) && $result['customerid'] != '' && $result['customerid'] == $userinfo['customerid']) {
-			if(isset($_POST['send']) && $_POST['send'] == 'send') {
+		if (isset($result['customerid']) && $result['customerid'] != '' && $result['customerid'] == $userinfo['customerid']) {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_HTACCESS . "`
 					WHERE `customerid`= :customerid
 					AND `id`= :id"
@@ -328,13 +304,13 @@ if($page == 'overview') {
 				Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted htaccess for '" . str_replace($userinfo['documentroot'], '', $result['path']) . "'");
 				inserttask('1');
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
 				ask_yesno('extras_reallydelete_pathoptions', $filename, array('id' => $id, 'page' => $page, 'action' => $action), str_replace($userinfo['documentroot'], '', $result['path']));
 			}
 		}
-	} elseif($action == 'add') {
-		if(isset($_POST['send']) && $_POST['send'] == 'send') {
+	} elseif ($action == 'add') {
+		if (isset($_POST['send']) && $_POST['send'] == 'send') {
 			$path = makeCorrectDir(validate($_POST['path'], 'path'));
 			$userpath = $path;
 			$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
@@ -344,35 +320,35 @@ if($page == 'overview') {
 			);
 			Database::pexecute($path_dupe_check_stmt, array("path" => $path, "customerid" => $userinfo['customerid']));
 			$path_dupe_check = $path_dupe_check_stmt->fetch(PDO::FETCH_ASSOC);
-			
-			if(!$_POST['path']) {
+
+			if (!$_POST['path']) {
 				standard_error('invalidpath');
 			}
 
-			if(isset($_POST['options_cgi']) && (int)$_POST['options_cgi'] != 0) {
+			if (isset($_POST['options_cgi']) && (int)$_POST['options_cgi'] != 0) {
 				$options_cgi = '1';
 			} else {
 				$options_cgi = '0';
-			} 
+			}
 
 			$error404path = '';
 			if (isset($_POST['error404path'])) {
 				$error404path = correctErrorDocument($_POST['error404path']);
 			}
-			
+
 			$error403path = '';
 			if (isset($_POST['error403path'])) {
 				$error403path = correctErrorDocument($_POST['error403path']);
 			}
-			
+
 			$error500path = '';
 			if (isset($_POST['error500path'])) {
 				$error500path = correctErrorDocument($_POST['error500path']);
 			}
 
-			if($path_dupe_check['path'] == $path) {
+			if ($path_dupe_check['path'] == $path) {
 				standard_error('errordocpathdupe', $userpath);
-			} elseif($path == '') {
+			} elseif ($path == '') {
 				standard_error('patherror');
 			} else {
 				$stmt = Database::prepare('INSERT INTO `' . TABLE_PANEL_HTACCESS . '` SET
@@ -397,15 +373,11 @@ if($page == 'overview') {
 
 				$log->logAction(USR_ACTION, LOG_INFO, "added htaccess for '" . $path . "'");
 				inserttask('1');
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			}
 		} else {
-			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);
 			$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
-			/*
-			$options_indexes = makeyesno('options_indexes', '1', '0', '0');
-			$options_cgi = makeyesno('options_cgi', '1', '0', '0');
-			*/
 
 			$htaccess_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htaccess_add.php';
 			$htaccess_add_form = htmlform::genHTMLForm($htaccess_add_data);
@@ -415,24 +387,24 @@ if($page == 'overview') {
 
 			eval("echo \"" . getTemplate("extras/htaccess_add") . "\";");
 		}
-	} elseif(($action == 'edit') && ($id != 0)) {
+	} elseif (($action == 'edit') && ($id != 0)) {
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "`
-			WHERE `customerid` = :customerid 
+			WHERE `customerid` = :customerid
 			AND `id` = :id"
 		);
 		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
 		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
 
-		if((isset($result['customerid'])) && ($result['customerid'] != '') && ($result['customerid'] == $userinfo['customerid'])) {
-			if(isset($_POST['send']) && $_POST['send'] == 'send') {
+		if ((isset($result['customerid'])) && ($result['customerid'] != '') && ($result['customerid'] == $userinfo['customerid'])) {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$option_indexes = intval($_POST['options_indexes']);
 				$options_cgi = isset($_POST['options_cgi']) ? intval($_POST['options_cgi']) : 0;
 
-				if($option_indexes != '1') {
+				if ($option_indexes != '1') {
 					$option_indexes = '0';
 				}
 
-				if($options_cgi != '1') {
+				if ($options_cgi != '1') {
 					$options_cgi = '0';
 				}
 
@@ -440,12 +412,12 @@ if($page == 'overview') {
 				$error403path = correctErrorDocument($_POST['error403path']);
 				$error500path = correctErrorDocument($_POST['error500path']);
 
-				if(($option_indexes != $result['options_indexes'])
+				if (($option_indexes != $result['options_indexes'])
 					|| ($error404path != $result['error404path'])
 					|| ($error403path != $result['error403path'])
 					|| ($error500path != $result['error500path'])
-					|| ($options_cgi != $result['options_cgi'])) {
-					
+					|| ($options_cgi != $result['options_cgi'])
+				) {
 					inserttask('1');
 					$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_HTACCESS . "`
 						SET `options_indexes` = :options_indexes,
@@ -469,9 +441,9 @@ if($page == 'overview') {
 					$log->logAction(USR_ACTION, LOG_INFO, "edited htaccess for '" . str_replace($userinfo['documentroot'], '', $result['path']) . "'");
 				}
 
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
-				if(strpos($result['path'], $userinfo['documentroot']) === 0) {
+				if (strpos($result['path'], $userinfo['documentroot']) === 0) {
 					$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
 					// don't show nothing wehn it's the docroot, show slash
 					if ($result['path'] == '') { $result['path'] = '/'; }
@@ -489,7 +461,7 @@ if($page == 'overview') {
 
 				$htaccess_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htaccess_edit.php';
 				$htaccess_edit_form = htmlform::genHTMLForm($htaccess_edit_data);
-	
+
 				$title = $htaccess_edit_data['htaccess_edit']['title'];
 				$image = $htaccess_edit_data['htaccess_edit']['image'];
 
@@ -498,5 +470,3 @@ if($page == 'overview') {
 		}
 	}
 }
-
-?>

customer_ftp.php

@@ -23,7 +23,7 @@ require './lib/init.php';
 $id = 0;
 if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-} elseif(isset($_GET['id'])) {
+} elseif (isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }
 
@@ -35,13 +35,13 @@ if ($page == 'overview') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_ftp::accounts");
 		$fields = array(
 			'username' => $lng['login']['username'],
-			'homedir' => $lng['panel']['path']
+			'homedir' => $lng['panel']['path'],
+			'description' => $lng['panel']['ftpdesc']
 		);
-		$paging = new paging($userinfo, TABLE_FTP_USERS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		
-		$result_stmt = Database::prepare("SELECT `id`, `username`, `homedir` FROM `" . TABLE_FTP_USERS . "`
-			WHERE `customerid`= :customerid 
-			AND `username` NOT LIKE '%_backup'" . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
+		$paging = new paging($userinfo, TABLE_FTP_USERS, $fields);
+
+		$result_stmt = Database::prepare("SELECT `id`, `username`, `description`, `homedir` FROM `" . TABLE_FTP_USERS . "`
+			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
 		);
 		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
 		$ftps_count = Database::num_rows();
@@ -63,7 +63,7 @@ if ($page == 'overview') {
 				}
 
 				$row['documentroot'] = makeCorrectDir($row['documentroot']);
-				
+
 				$row = htmlentities_array($row);
 				eval("\$accounts.=\"" . getTemplate('ftp/accounts_account') . "\";");
 				$count++;
@@ -80,7 +80,7 @@ if ($page == 'overview') {
 		);
 		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
 		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-		
+
 		if (isset($result['username']) && $result['username'] != $userinfo['loginname']) {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
@@ -98,23 +98,23 @@ if ($page == 'overview') {
 					"username" => $userinfo['loginname']
 				);
 				Database::pexecute($stmt, $params);
-				
+
 				$result_stmt = Database::prepare("SELECT `username`, `homedir` FROM `" . TABLE_FTP_USERS . "`
 					WHERE `customerid` = :customerid
 					AND `id` = :id"
 				);
 				Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
 				$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-				
+
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = :name");
 				Database::pexecute($stmt, array("name" => $result['username']));
-				
+
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_FTP_USERS . "`
 					WHERE `customerid` = :customerid
 					AND `id` = :id"
 				);
 				Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
-				
+
 				$stmt = Database::prepare("
 					UPDATE `" . TABLE_FTP_GROUPS . "` SET
 					`members` = REPLACE(`members`, :username,'')
@@ -130,13 +130,13 @@ if ($page == 'overview') {
 				if (isset($_POST['delete_userfiles']) && (int)$_POST['delete_userfiles'] == 1) {
 					inserttask('8', $userinfo['loginname'], $result['homedir']);
 				}
-				
+
 				$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
 					SET `ftps_used` = `ftps_used` - 1 $resetaccnumber
 					WHERE `customerid` = :customerid"
 				);
 				Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
-				
+
 				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
 				ask_yesno_withcheckbox('ftp_reallydelete', 'admin_customer_alsoremoveftphomedir', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username']);
@@ -147,7 +147,8 @@ if ($page == 'overview') {
 	} elseif ($action == 'add') {
 		if ($userinfo['ftps_used'] < $userinfo['ftps'] || $userinfo['ftps'] == '-1') {
 			if (isset($_POST['send'])
-			   && $_POST['send'] == 'send') {
+				&& $_POST['send'] == 'send') {
+				$description = validate($_POST['ftp_description'], 'description');
 				// @FIXME use a good path-validating regex here (refs #1231)
 				$path = validate($_POST['path'], 'path');
 				$password = validate($_POST['ftp_password'], 'password');
@@ -158,7 +159,7 @@ if ($page == 'overview') {
 					$sendinfomail = 0;
 				}
 
-				if ($settings['customer']['ftpatdomain'] == '1') {
+				if (Settings::Get('customer.ftpatdomain') == '1') {
 					$ftpusername = validate($_POST['ftp_username'], 'username', '/^[a-zA-Z0-9][a-zA-Z0-9\-_]+\$?$/');
 					if ($ftpusername == '') {
 						standard_error(array('stringisempty', 'username'));
@@ -170,58 +171,61 @@ if ($page == 'overview') {
 					);
 					Database::pexecute($ftpdomain_check_stmt, array("domain" => $ftpdomain, "customerid" => $userinfo['customerid']));
 					$ftpdomain_check = $ftpdomain_check_stmt->fetch(PDO::FETCH_ASSOC);
-					
+
 					if ($ftpdomain_check['domain'] != $ftpdomain) {
 						standard_error('maindomainnonexist', $domain);
 					}
 					$username = $ftpusername . "@" . $ftpdomain;
 				} else {
-					$username = $userinfo['loginname'] . $settings['customer']['ftpprefix'] . (intval($userinfo['ftp_lastaccountnumber']) + 1);
+					$username = $userinfo['loginname'] . Settings::Get('customer.ftpprefix') . (intval($userinfo['ftp_lastaccountnumber']) + 1);
 				}
-				
+
 				$username_check_stmt = Database::prepare("SELECT * FROM `" . TABLE_FTP_USERS . "`
 					WHERE `username` = :username"
 				);
 				Database::pexecute($username_check_stmt, array("username" => $username));
 				$username_check = $username_check_stmt->fetch(PDO::FETCH_ASSOC);
-				
+
 				if (!empty($username_check) && $username_check['username'] = $username) {
 					standard_error('usernamealreadyexists', $username);
 				} elseif ($password == '') {
 					standard_error(array('stringisempty', 'mypassword'));
 				} elseif ($path == '') {
 					standard_error('patherror');
+				} elseif ($username == $password) {
+					standard_error('passwordshouldnotbeusername');
 				} else {
 					$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
 
 					$cryptPassword = makeCryptPassword($password);
-					
+
 					$stmt = Database::prepare("INSERT INTO `" . TABLE_FTP_USERS . "`
-						(`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`)
-						VALUES (:customerid, :username, :password, :homedir, 'y', :guid, :guid)"
+						(`customerid`, `username`, `description`, `password`, `homedir`, `login_enabled`, `uid`, `gid`)
+						VALUES (:customerid, :username, :description, :password, :homedir, 'y', :guid, :guid)"
 					);
 					$params = array(
 						"customerid" => $userinfo['customerid'],
 						"username" => $username,
+						"description" => $description,
 						"password" => $cryptPassword,
 						"homedir" => $path,
 						"guid" => $userinfo['guid']
 					);
 					Database::pexecute($stmt, $params);
-					
+
 					$result_stmt = Database::prepare("SELECT `bytes_in_used` FROM `" . TABLE_FTP_QUOTATALLIES . "`
 						WHERE `name` = :name"
 					);
 					Database::pexecute($result_stmt, array("name" => $userinfo['loginname']));
-					
+
 					while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 						$stmt = Database::prepare("INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "`
-							(`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`) 
+							(`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`)
 							VALUES (:name, 'user', :bytes_in_used, '0', '0', '0', '0', '0')"
 						);
 						Database::pexecute($stmt, array("name" => $username, "bytes_in_used" => $row['bytes_in_used']));
 					}
-					
+
 					$stmt = Database::prepare("UPDATE `" . TABLE_FTP_GROUPS . "`
 						SET `members` = CONCAT_WS(',',`members`, :username)
 						WHERE `customerid`= :customerid
@@ -233,7 +237,7 @@ if ($page == 'overview') {
 						"guid" => $userinfo['guid']
 					);
 					Database::pexecute($stmt, $params);
-					
+
 					$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
 						SET `ftps_used` = `ftps_used` + 1,
 						`ftp_lastaccountnumber` = `ftp_lastaccountnumber` + 1
@@ -252,7 +256,7 @@ if ($page == 'overview') {
 							'USR_PASS' => $password,
 							'USR_PATH' => makeCorrectDir(substr($path, strlen($userinfo['documentroot'])))
 						);
-						
+
 						$def_language = $userinfo['def_language'];
 						$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
 							WHERE `adminid` = :adminid
@@ -262,8 +266,8 @@ if ($page == 'overview') {
 						);
 						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
 						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['ftp_add']['infomail_subject']), $replace_arr));
-						
+						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_ftpaccount_by_customer']['subject']), $replace_arr));
+
 						$def_language = $userinfo['def_language'];
 						$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
 							WHERE `adminid` = :adminid
@@ -273,8 +277,8 @@ if ($page == 'overview') {
 						);
 						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
 						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['ftp_add']['infomail_body']['main']), $replace_arr));
-						
+						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_ftpaccount_by_customer']['mailbody']), $replace_arr));
+
 						$_mailerror = false;
 						try {
 							$mail->Subject = $mail_subject;
@@ -298,12 +302,12 @@ if ($page == 'overview') {
 						$mail->ClearAddresses();
 					}
 
-					redirectTo($filename, Array('page' => $page, 's' => $s));
+					redirectTo($filename, array('page' => $page, 's' => $s));
 				}
 			} else {
-				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], '/');
+				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], '/');
 
-				if ($settings['customer']['ftpatdomain'] == '1') {
+				if (Settings::Get('customer.ftpatdomain') == '1') {
 					$domainlist = array();
 					$domains = '';
 
@@ -337,7 +341,7 @@ if ($page == 'overview') {
 			}
 		}
 	} elseif ($action == 'edit' && $id != 0) {
-		$result_stmt = Database::prepare("SELECT `id`, `username`, `homedir`, `uid`, `gid` FROM `" . TABLE_FTP_USERS . "`
+		$result_stmt = Database::prepare("SELECT `id`, `username`, `description`, `homedir`, `uid`, `gid` FROM `" . TABLE_FTP_USERS . "`
 			WHERE `customerid` = :customerid
 			AND `id` = :id"
 		);
@@ -348,7 +352,7 @@ if ($page == 'overview') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				// @FIXME use a good path-validating regex here (refs #1231)
 				$path = validate($_POST['path'], 'path');
-				
+
 				$_setnewpass = false;
 				if (isset($_POST['ftp_password']) && $_POST['ftp_password'] != '') {
 					$password = validate($_POST['ftp_password'], 'password');
@@ -360,45 +364,33 @@ if ($page == 'overview') {
 					if ($password == '') {
 						standard_error(array('stringisempty', 'mypassword'));
 						exit;
+					} elseif ($result['username'] == $password) {
+						standard_error('passwordshouldnotbeusername');
+						exit;
 					}
 					$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account password for '" . $result['username'] . "'");
 					$cryptPassword = makeCryptPassword($password);
-					
+
 					$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
 						SET `password` = :password
 						WHERE `customerid` = :customerid
 						AND `id` = :id"
 					);
 					Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id, "password" => $cryptPassword));
-						
-					// also update customers backup user password if password of main ftp user is changed
-					if(!preg_match('/' . $settings['customer']['ftpprefix'] . '/', $result['username'])) {
-						$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
-							SET `password` = :password
-							WHERE `customerid` = :customerid
-							AND `username` = :username"
-						);
-						$params = array(
-							"password" => $cryptPassword,
-							"customerid" => $userinfo['customerid'],
-							"username" => $result['username'] . "_backup"
-						);
-						Database::pexecute($stmt, $params);
-					}
 				}
-				
+
 				if ($path != '') {
 					$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
 
 					if ($path != $result['homedir']) {
 						if (!file_exists($path)) {
-							// it's the task for "new ftp" but that will 
+							// it's the task for "new ftp" but that will
 							// create all directories and correct their permissions
 							inserttask(5);
 						}
 
 						$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account homdir for '" . $result['username'] . "'");
-						
+
 						$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
 							SET `homedir` = :homedir
 							WHERE `customerid` = :customerid
@@ -409,11 +401,20 @@ if ($page == 'overview') {
 							"customerid" => $userinfo['customerid'],
 							"id" => $id
 						);
-						Database::pexecute($stmt, $params);		
+						Database::pexecute($stmt, $params);
 					}
 				}
 
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				$log->logAction(USR_ACTION, LOG_INFO, "edited ftp-account '" . $result['username'] . "'");
+				$description = validate($_POST['ftp_description'], 'description');
+				$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
+					SET `description` = :desc
+					WHERE `customerid` = :customerid
+					AND `id` = :id"
+				);
+				Database::pexecute($stmt, array("desc" => $description, "customerid" => $userinfo['customerid'], "id" => $id));
+
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
 				if (strpos($result['homedir'], $userinfo['documentroot']) === 0) {
 					$homedir = substr($result['homedir'], strlen($userinfo['documentroot']));
@@ -422,9 +423,9 @@ if ($page == 'overview') {
 				}
 				$homedir = makeCorrectDir($homedir);
 
-				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $homedir);
+				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $homedir);
 
-				if ($settings['customer']['ftpatdomain'] == '1') {
+				if (Settings::Get('customer.ftpatdomain') == '1') {
 					$domains = '';
 
 					$result_domains_stmt = Database::prepare("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "`

customer_index.php

@@ -23,8 +23,8 @@ require './lib/init.php';
 if ($action == 'logout') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, 'logged out');
 
-    $params = array("customerid" => $userinfo['customerid']);
-	if ($settings['session']['allow_multiple_login'] == '1') {
+	$params = array("customerid" => $userinfo['customerid']);
+	if (Settings::Get('session.allow_multiple_login') == '1') {
 		$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "`
 			WHERE `userid` = :customerid
 			AND `adminsession` = '0'
@@ -38,21 +38,21 @@ if ($action == 'logout') {
 		);
 	}
 	Database::pexecute($stmt, $params);
-	
+
 	redirectTo('index.php');
 	exit;
 }
 
 if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_index");
-	
+
 	$domain_stmt = Database::prepare("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "`
 		WHERE `customerid` = :customerid
 		AND `parentdomainid` = '0'
 		AND `id` <> :standardsubdomain
 	");
 	Database::pexecute($domain_stmt, array("customerid" => $userinfo['customerid'], "standardsubdomain" => $userinfo['standardsubdomain']));
-	
+
 	$domains = '';
 	$domainArray = array();
 
@@ -79,11 +79,13 @@ if ($page == 'overview') {
 	$yesterday = time() - (60 * 60 * 24);
 	$month = date('M Y', $yesterday);
 
-	$userinfo['diskspace'] = round($userinfo['diskspace'] / 1024, $settings['panel']['decimal_places']);
-	$userinfo['diskspace_used'] = round($userinfo['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
-	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps tickets subdomains aps_packages');
+	$userinfo['diskspace'] = round($userinfo['diskspace'] / 1024, Settings::Get('panel.decimal_places'));
+	$userinfo['diskspace_used'] = round($userinfo['diskspace_used'] / 1024, Settings::Get('panel.decimal_places'));
+	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), Settings::Get('panel.decimal_places'));
+	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), Settings::Get('panel.decimal_places'));
+	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps tickets subdomains');
+
+	$userinfo['custom_notes'] = ($userinfo['custom_notes'] != '') ? nl2br($userinfo['custom_notes']) : '';
 
 	$services_enabled = "";
 	$se = array();
@@ -91,14 +93,13 @@ if ($page == 'overview') {
 	if ($userinfo['pop3'] == '1') $se[] = "POP3";
 	if ($userinfo['phpenabled'] == '1') $se[] = "PHP";
 	if ($userinfo['perlenabled'] == '1') $se[] = "Perl/CGI";
-	if ($userinfo['backup_enabled'] == '1' && $userinfo['backup_allowed'] == '1') $se[] = "Backup";
 	$services_enabled = implode(", ", $se);
 
 	eval("echo \"" . getTemplate('index/index') . "\";");
 } elseif ($page == 'change_password') {
 	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$old_password = validate($_POST['old_password'], 'old password');
-		if (md5($old_password) != $userinfo['password']) {
+		if (!validatePasswordLogin($userinfo,$old_password,TABLE_PANEL_CUSTOMERS,'customerid')) {
 			standard_error('oldpasswordnotcorrect');
 			exit;
 		}
@@ -108,23 +109,21 @@ if ($page == 'overview') {
 
 		if ($old_password == '') {
 			standard_error(array('stringisempty', 'oldpassword'));
-		} elseif($new_password == '') {
+		} elseif ($new_password == '') {
 			standard_error(array('stringisempty', 'newpassword'));
-		} elseif($new_password_confirm == '') {
+		} elseif ($new_password_confirm == '') {
 			standard_error(array('stringisempty', 'newpasswordconfirm'));
-		} elseif($new_password != $new_password_confirm) {
+		} elseif ($new_password != $new_password_confirm) {
 			standard_error('newpasswordconfirmerror');
 		} else {
 			// Update user password
 			$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
 				SET `password` = :newpassword
-				WHERE `customerid` = :customerid
-				AND `password` = :oldpassword"
+				WHERE `customerid` = :customerid"
 			);
 			$params = array(
-				"newpassword" => md5($new_password),
-				"customerid" => $userinfo['customerid'],
-				"oldpassword" => md5($old_password)
+				"newpassword" => makeCryptPassword($new_password),
+				"customerid" => $userinfo['customerid']
 			);
 			Database::pexecute($stmt, $params);
 			$log->logAction(USR_ACTION, LOG_NOTICE, 'changed password');
@@ -154,7 +153,7 @@ if ($page == 'overview') {
 				} else {
 					$new_webalizer_password = crypt($new_password);
 				}
-				
+
 				$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_HTPASSWDS . "`
 					SET `password` = :password
 					WHERE `customerid` = :customerid
@@ -168,7 +167,7 @@ if ($page == 'overview') {
 				Database::pexecute($stmt, $params);
 			}
 
-			redirectTo($filename, Array('s' => $s));
+			redirectTo($filename, array('s' => $s));
 		}
 	} else {
 		eval("echo \"" . getTemplate('index/change_password') . "\";");
@@ -182,20 +181,20 @@ if ($page == 'overview') {
 				WHERE `customerid` = :customerid"
 			);
 			Database::pexecute($stmt, array("lang" => $def_language, "customerid" => $userinfo['customerid']));
-			
+
 			$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_SESSIONS . "`
 				SET `language` = :lang
 				WHERE `hash` = :hash"
 			);
 			Database::pexecute($stmt, array("lang" => $def_language, "hash" => $s));
-			
+
 			$log->logAction(USR_ACTION, LOG_NOTICE, "changed default language to '" . $def_language . "'");
 		}
 
-		redirectTo($filename, Array('s' => $s));
+		redirectTo($filename, array('s' => $s));
 	} else {
-		$default_lang = $settings['panel']['standardlanguage'];
-		if ($userinfo['def_language'] != '') { 
+		$default_lang = Settings::Get('panel.standardlanguage');
+		if ($userinfo['def_language'] != '') {
 			$default_lang = $userinfo['def_language'];
 		}
 
@@ -209,44 +208,40 @@ if ($page == 'overview') {
 } elseif ($page == 'change_theme') {
 	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$theme = validate($_POST['theme'], 'theme');
- 
+
 		$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
 			SET `theme` = :theme
 			WHERE `customerid` = :customerid"
 		);
 		Database::pexecute($stmt, array("theme" => $theme, "customerid" => $userinfo['customerid']));
-		
+
 		$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_SESSIONS . "`
 			SET `theme` = :theme
 			WHERE `hash` = :hash"
 		);
 		Database::pexecute($stmt, array("theme" => $theme, "hash" => $s));
-		
+
 		$log->logAction(USR_ACTION, LOG_NOTICE, "changed default theme to '" . $theme . "'");
-		redirectTo($filename, Array('s' => $s));
+		redirectTo($filename, array('s' => $s));
 	} else {
-		$default_theme = $settings['panel']['default_theme'];
+		$default_theme = Settings::Get('panel.default_theme');
 		if ($userinfo['theme'] != '') {
 			$default_theme = $userinfo['theme'];
 		}
 
 		$theme_options = '';
 		$themes_avail = getThemes();
-		foreach ($themes_avail as $t) {
-			$theme_options .= makeoption($t, $t, $default_theme, true);
+		foreach ($themes_avail as $t => $d) {
+			$theme_options.= makeoption($d, $t, $default_theme, true);
 		}
 
 		eval("echo \"" . getTemplate('index/change_theme') . "\";");
 	}
 
-} elseif ($page == 'send_error_report'
-	&& $settings['system']['allow_error_report_customer'] == '1'
-) {
+} elseif ($page == 'send_error_report' && Settings::Get('system.allow_error_report_customer') == '1') {
 
 	// only show this if we really have an exception to report
-	if (isset($_GET['errorid'])
-			&& $_GET['errorid'] != ''
-	) {
+	if (isset($_GET['errorid']) && $_GET['errorid'] != '') {
 
 		$errid = $_GET['errorid'];
 		// read error file
@@ -280,7 +275,7 @@ if ($page == 'overview') {
 
 			// send actual report to dev-team
 			if (isset($_POST['send'])
-					&& $_POST['send'] == 'send'
+				&& $_POST['send'] == 'send'
 			) {
 				// send mail and say thanks
 				$_mailerror = false;

customer_mysql.php

@@ -28,7 +28,7 @@ Database::needRoot(false);
 
 if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
-} elseif(isset($_GET['id'])) {
+} elseif (isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }
 
@@ -38,14 +38,14 @@ if ($page == 'overview') {
 	$sql = Database::getSqlData();
 	$lng['mysql']['description'] = str_replace('<SQL_HOST>', $sql['host'], $lng['mysql']['description']);
 	eval("echo \"" . getTemplate('mysql/mysql') . "\";");
-} elseif($page == 'mysqls') {
+} elseif ($page == 'mysqls') {
 	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_mysql::mysqls");
 		$fields = array(
 			'databasename' => $lng['mysql']['databasename'],
 			'description' => $lng['mysql']['databasedescription']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_DATABASES, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_DATABASES, $fields);
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DATABASES . "`
 			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
 		);
@@ -76,7 +76,7 @@ if ($page == 'overview') {
 				);
 				Database::pexecute($mbdata_stmt, array("table_schema" => $row['databasename']));
 				$mbdata = $mbdata_stmt->fetch(PDO::FETCH_ASSOC);
-				$row['size'] = size_readable($mbdata['MB'], 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
+				$row['size'] = size_readable($mbdata['MB'], 'GiB', 'bi', '%01.' . (int)Settings::Get('panel.decimal_places') . 'f %s');
 				eval("\$mysqls.=\"" . getTemplate('mysql/mysqls_database') . "\";");
 				$count++;
 			}
@@ -87,7 +87,7 @@ if ($page == 'overview') {
 
 		eval("echo \"" . getTemplate('mysql/mysqls') . "\";");
 
-	} elseif($action == 'delete' && $id != 0) {
+	} elseif ($action == 'delete' && $id != 0) {
 		$result_stmt = Database::prepare('SELECT `id`, `databasename`, `description`, `dbserver` FROM `' . TABLE_PANEL_DATABASES . '`
 			WHERE `customerid`="' . (int)$userinfo['customerid'] . '"
 			AND `id`="' . (int)$id . '"'
@@ -109,7 +109,7 @@ if ($page == 'overview') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				// Begin root-session
 				Database::needRoot(true, $result['dbserver']);
-				$dbm = new DbManager($settings, $log);
+				$dbm = new DbManager($log);
 				$dbm->getManager()->deleteDatabase($result['databasename']);
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted database '" . $result['databasename'] . "'");
 				Database::needRoot(false);
@@ -171,13 +171,18 @@ if ($page == 'overview') {
 					$databasedescription = validate(trim($_POST['description']), 'description');
 
 					// create database, user, set permissions, etc.pp.
-					$dbm = new DbManager($settings, $log);
+					$dbm = new DbManager($log);
 					$username = $dbm->createDatabase(
 						$userinfo['loginname'],
 						$password,
 						$userinfo['mysql_lastaccountnumber']
 					);
 
+					// we've checked against the password in dbm->createDatabase
+					if ($username == false) {
+						standard_error('passwordshouldnotbeusername');
+					}
+
 					// Statement modified for Database description -- PH 2004-11-29
 					$stmt = Database::prepare('INSERT INTO `' . TABLE_PANEL_DATABASES . '`
 						(`customerid`, `databasename`, `description`, `dbserver`)
@@ -199,8 +204,8 @@ if ($page == 'overview') {
 
 					if ($sendinfomail == 1) {
 						$pma = $lng['admin']['notgiven'];
-						if ($settings['panel']['phpmyadmin_url'] != '') {
-							$pma = $settings['panel']['phpmyadmin_url'];
+						if (Settings::Get('panel.phpmyadmin_url') != '') {
+							$pma = Settings::Get('panel.phpmyadmin_url');
 						}
 
 						Database::needRoot(true, $dbserver);
@@ -214,7 +219,7 @@ if ($page == 'overview') {
 							'DB_NAME' => $username,
 							'DB_PASS' => $password,
 							'DB_DESC' => $databasedescription,
-							'DB_SRV' => $sql_root['caption'],
+							'DB_SRV' => $sql_root['host'],
 							'PMA_URI' => $pma
 						);
 
@@ -227,7 +232,7 @@ if ($page == 'overview') {
 						);
 						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
 						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['mysql_add']['infomail_subject']), $replace_arr));
+						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_database_by_customer']['subject']), $replace_arr));
 
 						$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
 							WHERE `adminid`= :adminid
@@ -237,7 +242,7 @@ if ($page == 'overview') {
 						);
 						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
 						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['mysql_add']['infomail_body']['main']), $replace_arr));
+						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_database_by_customer']['mailbody']), $replace_arr));
 
 						$_mailerror = false;
 						try {
@@ -262,7 +267,7 @@ if ($page == 'overview') {
 						$mail->ClearAddresses();
 					}
 
-					redirectTo($filename, Array('page' => $page, 's' => $s));
+					redirectTo($filename, array('page' => $page, 's' => $s));
 				}
 			} else {
 
@@ -307,9 +312,13 @@ if ($page == 'overview') {
 					// validate password
 					$password = validatePassword($password);
 
+					if ($password == $result['databasename']) {
+						standard_error('passwordshouldnotbeusername');
+					}
+
 					// Begin root-session
 					Database::needRoot(true);
-					foreach (array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host) {
+					foreach (array_map('trim', explode(',', Settings::Get('system.mysql_access_host'))) as $mysql_access_host) {
 						$stmt = Database::prepare("SET PASSWORD FOR :dbname@:host = PASSWORD(:password)");
 						$params = array(
 							"dbname" => $result['databasename'],
@@ -334,7 +343,7 @@ if ($page == 'overview') {
 					AND `id` = :id"
 				);
 				Database::pexecute($stmt, array("desc" => $databasedescription, "customerid" => $userinfo['customerid'], "id" => $id));
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
 
 				$dbservers_stmt = Database::query("SELECT COUNT(DISTINCT `dbserver`) as numservers FROM `".TABLE_PANEL_DATABASES."`");

customer_tickets.php

@@ -32,15 +32,15 @@ if (isset($_POST['id'])) {
 		// no rights to see the requested ticket
 		standard_error(array('ticketnotaccessible'));
 	}
-} elseif(isset($_GET['id'])) {
+} elseif (isset($_GET['id'])) {
 	$id = intval($_GET['id']);
 }
 
-if($page == 'overview') {
+if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_tickets");
 	eval("echo \"" . getTemplate("tickets/ticket") . "\";");
-} elseif($page == 'tickets') {
-	if($action == '') {
+} elseif ($page == 'tickets') {
+	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_tickets::tickets");
 		$fields = array(
 			'status' => $lng['ticket']['status'],
@@ -48,7 +48,7 @@ if($page == 'overview') {
 			'subject' => $lng['ticket']['subject'],
 			'lastreplier' => $lng['ticket']['lastreplier']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_TICKETS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_TICKETS, $fields);
 		$stmt = Database::prepare('SELECT `main`.`id`, (SELECT COUNT(`sub`.`id`) FROM `' . TABLE_PANEL_TICKETS . '` `sub`
 			WHERE `sub`.`answerto` = `main`.`id`) AS `ticket_answers`, `main`.`lastchange`, `main`.`subject`, `main`.`status`, `main`.`lastreplier`, `main`.`priority`
 			FROM `' . TABLE_PANEL_TICKETS . '` as `main`
@@ -68,13 +68,13 @@ if($page == 'overview') {
 		$tickets = '';
 		$tickets_count = 0;
 
-		while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
-			if($paging->checkDisplay($i)) {
+		while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
+			if ($paging->checkDisplay($i)) {
 				$tickets_count++;
 				$row = htmlentities_array($row);
 				$row['lastchange'] = date("d.m.y H:i", $row['lastchange']);
 
-				if($row['status'] >= 0 && $row['status'] <= 2) {
+				if ($row['status'] >= 0 && $row['status'] <= 2) {
 					$reopen = 0;
 				} else {
 					$reopen = 1;
@@ -83,7 +83,7 @@ if($page == 'overview') {
 				$row['status'] = ticket::getStatusText($lng, $row['status']);
 				$row['priority'] = ticket::getPriorityText($lng, $row['priority']);
 
-				if($row['lastreplier'] == '1') {
+				if ($row['lastreplier'] == '1') {
 					$row['lastreplier'] = $lng['ticket']['staff'];
 					$cananswer = 1;
 				} else {
@@ -92,8 +92,10 @@ if($page == 'overview') {
 				}
 
 				$row['subject'] = html_entity_decode($row['subject']);
-				if(strlen($row['subject']) > 20) {
-					$row['subject'] = substr($row['subject'], 0, 17) . '...';
+				if (strlen($row['subject']) > 30) {
+					$ts = wordwrap($row['subject'], 30, "|");
+					$ts = explode("|", $ts);
+					$row['subject'] = $ts[0]. '...';
 				}
 
 				eval("\$tickets.=\"" . getTemplate("tickets/tickets_tickets") . "\";");
@@ -106,22 +108,22 @@ if($page == 'overview') {
 		$supportavailable = 0;
 		$time = date("Hi", time());
 		$day = date("w", time());
-		$start = substr($settings['ticket']['worktime_begin'], 0, 2) . substr($settings['ticket']['worktime_begin'], 3, 2);
-		$end = substr($settings['ticket']['worktime_end'], 0, 2) . substr($settings['ticket']['worktime_end'], 3, 2);
+		$start = substr(Settings::Get('ticket.worktime_begin'), 0, 2) . substr(Settings::Get('ticket.worktime_begin'), 3, 2);
+		$end = substr(Settings::Get('ticket.worktime_end'), 0, 2) . substr(Settings::Get('ticket.worktime_end'), 3, 2);
 
-		if($time >= $start && $time <= $end) {
+		if ($time >= $start && $time <= $end) {
 			$supportavailable = 1;
 		}
 
-		if($settings['ticket']['worktime_sat'] == "0" && $day == "6") {
+		if (Settings::Get('ticket.worktime_sat') == "0" && $day == "6") {
 			$supportavailable = 0;
 		}
 
-		if($settings['ticket']['worktime_sun'] == "0" && $day == "0") {
+		if (Settings::Get('ticket.worktime_sun') == "0" && $day == "0") {
 			$supportavailable = 0;
 		}
 
-		if($settings['ticket']['worktime_all'] == "1") {
+		if (Settings::Get('ticket.worktime_all') == "1") {
 			$supportavailable = 1;
 		}
 
@@ -133,8 +135,8 @@ if($page == 'overview') {
 		);
 		$opentickets = Database::pexecute_first($stmt, array("customerid" => $userinfo['customerid']));
 
-		if($settings['ticket']['concurrently_open'] != - 1 && $settings['ticket']['concurrently_open'] != '') {
-			$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => $settings['ticket']['concurrently_open']));
+		if (Settings::Get('ticket.concurrently_open') != - 1 && Settings::Get('ticket.concurrently_open') != '') {
+			$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => Settings::Get('ticket.concurrently_open')));
 		} else {
 			$notmorethanxopentickets = '';
 		}
@@ -142,10 +144,10 @@ if($page == 'overview') {
 		$ticketsopen = (int)$opentickets['count'];
 		eval("echo \"" . getTemplate("tickets/tickets") . "\";");
 
-	} elseif($action == 'new') {
-		if($userinfo['tickets_used'] < $userinfo['tickets'] || $userinfo['tickets'] == '-1') {
-			if(isset($_POST['send']) && $_POST['send'] == 'send') {
-				$newticket = ticket::getInstanceOf($userinfo, $settings, -1);
+	} elseif ($action == 'new') {
+		if ($userinfo['tickets_used'] < $userinfo['tickets'] || $userinfo['tickets'] == '-1') {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				$newticket = ticket::getInstanceOf($userinfo, -1);
 				$newticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 				$newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 				$newticket->Set('category', validate($_POST['category'], 'category'), true, false);
@@ -153,9 +155,9 @@ if($page == 'overview') {
 				$newticket->Set('admin', (int)$userinfo['adminid'], true, false);
 				$newticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);
 
-				if($newticket->Get('subject') == null) {
+				if ($newticket->Get('subject') == null) {
 					standard_error(array('stringisempty', 'mysubject'));
-				} elseif($newticket->Get('message') == null) {
+				} elseif ($newticket->Get('message') == null) {
 					standard_error(array('stringisempty', 'mymessage'));
 				} else {
 					$now = time();
@@ -196,16 +198,16 @@ if($page == 'overview') {
 					);
 					Database::pexecute($result2_stmt, array("adminid" => $userinfo['adminid']));
 
-					while($row = $result2_stmt->fetch(PDO::FETCH_ASSOC)) {
+					while ($row = $result2_stmt->fetch(PDO::FETCH_ASSOC)) {
 						$categories.= makeoption($row['name'], $row['id']);
 					}
 				} else {
 					$categories = makeoption($lng['ticket']['no_cat'], '0');
 				}
 
-				$priorities = makeoption($lng['ticket']['high'], '1', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['normal'], '2', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['low'], '3', $settings['ticket']['default_priority']);
+				$priorities = makeoption($lng['ticket']['high'], '1');
+				$priorities.= makeoption($lng['ticket']['normal'], '2');
+				$priorities.= makeoption($lng['ticket']['low'], '3');
 				$ticketsopen = 0;
 				$opentickets_stmt = Database::prepare('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
 					WHERE `customerid` = :customerid
@@ -214,10 +216,8 @@ if($page == 'overview') {
 				);
 				$opentickets = Database::pexecute_first($opentickets_stmt, array("customerid" => $userinfo['customerid']));
 
-				if ($settings['ticket']['concurrently_open'] != - 1
-					&& $settings['ticket']['concurrently_open'] != ''
-				) {
-					$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => $settings['ticket']['concurrently_open']));
+				if (Settings::Get('ticket.concurrently_open') != -1 && Settings::Get('ticket.concurrently_open') != '') {
+					$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => Settings::Get('ticket.concurrently_open')));
 				} else {
 					$notmorethanxopentickets = '';
 				}
@@ -235,14 +235,14 @@ if($page == 'overview') {
 		} else {
 			standard_error('nomoreticketsavailable');
 		}
-	} elseif($action == 'answer' && $id != 0) {
-		if(isset($_POST['send']) && $_POST['send'] == 'send') {
-			$replyticket = ticket::getInstanceOf($userinfo, $settings, -1);
+	} elseif ($action == 'answer' && $id != 0) {
+		if (isset($_POST['send']) && $_POST['send'] == 'send') {
+			$replyticket = ticket::getInstanceOf($userinfo, -1);
 			$replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 			$replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 			$replyticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);
 
-			if($replyticket->Get('message') == null) {
+			if ($replyticket->Get('message') == null) {
 				standard_error(array('stringisempty', 'mymessage'));
 			} else {
 				$now = time();
@@ -255,9 +255,9 @@ if($page == 'overview') {
 				$replyticket->Insert();
 
 				// Update priority if changed
-				$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+				$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 
-				if($replyticket->Get('priority') != $mainticket->Get('priority')) {
+				if ($replyticket->Get('priority') != $mainticket->Get('priority')) {
 					$mainticket->Set('priority', $replyticket->Get('priority'), true);
 				}
 
@@ -267,21 +267,21 @@ if($page == 'overview') {
 				$mainticket->Update();
 				$log->logAction(USR_ACTION, LOG_NOTICE, "answered support-ticket '" . $mainticket->Get('subject') . "'");
 				$mainticket->sendMail(-1, 'new_reply_ticket_by_customer_subject', $lng['mails']['new_reply_ticket_by_customer']['subject'], 'new_reply_ticket_by_customer_mailbody', $lng['mails']['new_reply_ticket_by_customer']['mailbody']);
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			}
 		} else {
 			$ticket_replies = '';
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
 			$status = ticket::getStatusText($lng, $mainticket->Get('status'));
 
-			if($mainticket->Get('status') >= 0 && $mainticket->Get('status') <= 2) {
+			if ($mainticket->Get('status') >= 0 && $mainticket->Get('status') <= 2) {
 				$isclosed = 0;
 			} else {
 				$isclosed = 1;
 			}
 
-			if($mainticket->Get('by') == '1') {
+			if ($mainticket->Get('by') == '1') {
 				$by = $lng['ticket']['staff'];
 			} else {
 				$cid = $mainticket->Get('customer');
@@ -308,18 +308,27 @@ if($page == 'overview') {
 			Database::pexecute($andere_stmt, array("answerto" => $id));
 			$numrows_andere = Database::num_rows();
 
-			while($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) {
-				$subticket = ticket::getInstanceOf($userinfo, $settings, (int)$row2['id']);
+			while ($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) {
+				$subticket = ticket::getInstanceOf($userinfo, (int)$row2['id']);
 				$lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange'));
 
-				if($subticket->Get('by') == '1') {
+				if ($subticket->Get('by') == '1') {
 					$by = $lng['ticket']['staff'];
 				} else {
+					$cid = $subticket->Get('customer');
+					$usr_stmt = Database::prepare('
+						SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
+						FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						WHERE `customerid` = :customerid '
+					);
+					$usr = Database::pexecute_first($usr_stmt, array("customerid" => $cid));
 					$by = getCorrectFullUserDetails($usr);
 				}
 
 				$subject = $subticket->Get('subject');
 				$message = $subticket->Get('message');
+				
+				$row2 = htmlentities_array($row2);
 				eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_list") . "\";");
 			}
 
@@ -338,21 +347,21 @@ if($page == 'overview') {
 
 			eval("echo \"" . getTemplate("tickets/tickets_reply") . "\";");
 		}
-	} elseif($action == 'close' && $id != 0) {
-		if(isset($_POST['send']) && $_POST['send'] == 'send') {
+	} elseif ($action == 'close' && $id != 0) {
+		if (isset($_POST['send']) && $_POST['send'] == 'send') {
 			$now = time();
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$mainticket->Set('lastchange', $now, true, true);
 			$mainticket->Set('lastreplier', '0', true, true);
 			$mainticket->Set('status', '3', true, true);
 			$mainticket->Update();
 			$log->logAction(USR_ACTION, LOG_NOTICE, "closed support-ticket '" . $mainticket->Get('subject') . "'");
-			redirectTo($filename, Array('page' => $page, 's' => $s));
+			redirectTo($filename, array('page' => $page, 's' => $s));
 		} else {
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			ask_yesno('ticket_reallyclose', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}
-	} elseif($action == 'reopen' && $id != 0) {
+	} elseif ($action == 'reopen' && $id != 0) {
 		$ticketsopen = 0;
 		$opentickets_stmt = Database::prepare('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
 			WHERE `customerid` = :customerid
@@ -362,12 +371,12 @@ if($page == 'overview') {
 		$opentickets = Database::pexecute_first($opentickets_stmt, array("customerid" => $userinfo['customerid']));
 		$ticketsopen = (int)$opentickets['count'];
 
-		if($ticketsopen > $settings['ticket']['concurrently_open'] && $settings['ticket']['concurrently_open'] != - 1 && $settings['ticket']['concurrently_open'] != '') {
-			standard_error('notmorethanxopentickets', $settings['ticket']['concurrently_open']);
+		if ($ticketsopen > Settings::Get('ticket.concurrently_open') && Settings::Get('ticket.concurrently_open') != - 1 && Settings::Get('ticket.concurrently_open') != '') {
+			standard_error('notmorethanxopentickets', Settings::Get('ticket.concurrently_open'));
 		}
 
 		$now = time();
-		$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+		$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 		$mainticket->Set('lastchange', $now, true, true);
 		$mainticket->Set('lastreplier', '0', true, true);
 		$mainticket->Set('status', '0', true, true);

customer_traffic.php

@@ -55,7 +55,7 @@ if (!is_null($month) && !is_null($year)) {
 		AND `month` = :month
 		AND `year` = :year
 		GROUP BY `day`
-		ORDER BY `day` ASC"
+		ORDER BY `day` DESC"
 	);
 	$params = array(
 		"customerid" => $userinfo['customerid'],
@@ -79,30 +79,30 @@ if (!is_null($month) && !is_null($year)) {
 		$traf['day'] = $row['day'] . '.';
 
 		if (extension_loaded('bcmath')) {
-			$traf['ftptext'] = bcdiv($row['ftp_up'], 1024, $settings['panel']['decimal_places']) . " MiB up/ " . bcdiv($row['ftp_down'], 1024, $settings['panel']['decimal_places']) . " MiB down (FTP)";
-			$traf['httptext'] = bcdiv($http, 1024, $settings['panel']['decimal_places']) . " MiB (HTTP)";
-			$traf['mailtext'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']) . " MiB (Mail)";
-			$traf['ftp'] = bcdiv($ftp, 1024, $settings['panel']['decimal_places']);
-			$traf['http'] = bcdiv($http, 1024, $settings['panel']['decimal_places']);
-			$traf['mail'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']);
-			$traf['byte'] = bcdiv($traf['byte'], 1024, $settings['panel']['decimal_places']);
+			$traf['ftptext'] = bcdiv($row['ftp_up'], 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . bcdiv($row['ftp_down'], 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
+			$traf['httptext'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
+			$traf['mailtext'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
+			$traf['ftp'] = bcdiv($ftp, 1024, Settings::Get('panel.decimal_places'));
+			$traf['http'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places'));
+			$traf['mail'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places'));
+			$traf['byte'] = bcdiv($traf['byte'], 1024, Settings::Get('panel.decimal_places'));
 		} else {
-			$traf['ftptext'] = round($row['ftp_up'] / 1024, $settings['panel']['decimal_places']) . " MiB up/ " . round($row['ftp_down'] / 1024, $settings['panel']['decimal_places']) . " MiB down (FTP)";
-			$traf['httptext'] = round($http / 1024, $settings['panel']['decimal_places']) . " MiB (HTTP)";
-			$traf['mailtext'] = round($mail / 1024, $settings['panel']['decimal_places']) . " MiB (Mail)";
-			$traf['http'] = round($http, $settings['panel']['decimal_places']);
-			$traf['ftp'] = round($ftp, $settings['panel']['decimal_places']);
-			$traf['mail'] = round($mail, $settings['panel']['decimal_places']);
-			$traf['byte'] = round($traf['byte'] / 1024, $settings['panel']['decimal_places']);
+			$traf['ftptext'] = round($row['ftp_up'] / 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . round($row['ftp_down'] / 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
+			$traf['httptext'] = round($http / 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
+			$traf['mailtext'] = round($mail / 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
+			$traf['http'] = round($http, Settings::Get('panel.decimal_places'));
+			$traf['ftp'] = round($ftp, Settings::Get('panel.decimal_places'));
+			$traf['mail'] = round($mail, Settings::Get('panel.decimal_places'));
+			$traf['byte'] = round($traf['byte'] / 1024, Settings::Get('panel.decimal_places'));
 		}
 
 		eval("\$traffic.=\"" . getTemplate('traffic/traffic_month') . "\";");
 		$show = $lng['traffic']['months'][intval($row['month'])] . ' ' . $row['year'];
 	}
-	
-	$traffic_complete['http'] = size_readable($traffic_complete['http'] * 1024, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
-	$traffic_complete['ftp'] = size_readable($traffic_complete['ftp'] * 1024, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
-	$traffic_complete['mail'] = size_readable($traffic_complete['mail'] * 1024, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
+
+	$traffic_complete['http'] = size_readable($traffic_complete['http'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
+	$traffic_complete['ftp'] = size_readable($traffic_complete['ftp'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
+	$traffic_complete['mail'] = size_readable($traffic_complete['mail'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
 
 	eval("echo \"" . getTemplate('traffic/traffic_details') . "\";");
 } else {
@@ -132,29 +132,29 @@ if (!is_null($month) && !is_null($year)) {
 		$traf['byte'] = $http + $ftp_up + $ftp_down + $mail;
 
 		if (extension_loaded('bcmath')) {
-			$traf['ftptext'] = bcdiv($ftp_up, 1024, $settings['panel']['decimal_places']) . " MiB up/ " . bcdiv($ftp_down, 1024, $settings['panel']['decimal_places']) . " MiB down (FTP)";
-			$traf['httptext'] = bcdiv($http, 1024, $settings['panel']['decimal_places']) . " MiB (HTTP)";
-			$traf['mailtext'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']) . " MiB (Mail)";
-			$traf['ftp'] = bcdiv(($ftp_up + $ftp_down), 1024, $settings['panel']['decimal_places']);
-			$traf['http'] = bcdiv($http, 1024, $settings['panel']['decimal_places']);
-			$traf['mail'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']);
-			$traf['byte'] = bcdiv($traf['byte'], 1024 * 1024, $settings['panel']['decimal_places']);
+			$traf['ftptext'] = bcdiv($ftp_up, 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . bcdiv($ftp_down, 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
+			$traf['httptext'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
+			$traf['mailtext'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
+			$traf['ftp'] = bcdiv(($ftp_up + $ftp_down), 1024, Settings::Get('panel.decimal_places'));
+			$traf['http'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places'));
+			$traf['mail'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places'));
+			$traf['byte'] = bcdiv($traf['byte'], 1024 * 1024, Settings::Get('panel.decimal_places'));
 		} else {
-			$traf['ftptext'] = round($ftp_up / 1024, $settings['panel']['decimal_places']) . " MiB up/ " . round($ftp_down / 1024, $settings['panel']['decimal_places']) . " MiB down (FTP)";
-			$traf['httptext'] = round($http / 1024, $settings['panel']['decimal_places']) . " MiB (HTTP)";
-			$traf['mailtext'] = round($mail / 1024, $settings['panel']['decimal_places']) . " MiB (Mail)";
-			$traf['ftp'] = round(($ftp_up + $ftp_down) / 1024, $settings['panel']['decimal_places']);
-			$traf['http'] = round($http / 1024, $settings['panel']['decimal_places']);
-			$traf['mail'] = round($mail / 1024, $settings['panel']['decimal_places']);
-			$traf['byte'] = round($traf['byte'] / (1024 * 1024), $settings['panel']['decimal_places']);
+			$traf['ftptext'] = round($ftp_up / 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . round($ftp_down / 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
+			$traf['httptext'] = round($http / 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
+			$traf['mailtext'] = round($mail / 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
+			$traf['ftp'] = round(($ftp_up + $ftp_down) / 1024, Settings::Get('panel.decimal_places'));
+			$traf['http'] = round($http / 1024, Settings::Get('panel.decimal_places'));
+			$traf['mail'] = round($mail / 1024, Settings::Get('panel.decimal_places'));
+			$traf['byte'] = round($traf['byte'] / (1024 * 1024), Settings::Get('panel.decimal_places'));
 		}
 
 		eval("\$traffic.=\"" . getTemplate('traffic/traffic_traffic') . "\";");
 	}
 
-	$traffic_complete['http'] = size_readable($traffic_complete['http'] * 1024, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
-	$traffic_complete['ftp'] = size_readable($traffic_complete['ftp'] * 1024, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
-	$traffic_complete['mail'] = size_readable($traffic_complete['mail'] * 1024, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
+	$traffic_complete['http'] = size_readable($traffic_complete['http'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
+	$traffic_complete['ftp'] = size_readable($traffic_complete['ftp'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
+	$traffic_complete['mail'] = size_readable($traffic_complete['mail'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
 
 	eval("echo \"" . getTemplate('traffic/traffic') . "\";");
 }

index.php

@@ -42,8 +42,8 @@ if ($action == 'login') {
 			$is_admin = false;
 		} else {
 			$is_admin = true;
-			if ((int)$settings['login']['domain_login'] == 1) {
-				$domainname = $idna_convert->encode(preg_replace(Array('/\:(\d)+$/', '/^https?\:\/\//'), '', $loginname));
+			if ((int)Settings::Get('login.domain_login') == 1) {
+				$domainname = $idna_convert->encode(preg_replace(array('/\:(\d)+$/', '/^https?\:\/\//'), '', $loginname));
 				$stmt = Database::prepare("SELECT `customerid` FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE `domain` = :domain"
 				);
@@ -100,7 +100,11 @@ if ($action == 'login') {
 				$uid = 'adminid';
 				$adminsession = '1';
 			} else {
-				redirectTo('index.php', Array('showmessage' => '2'), true);
+				// Log failed login
+				$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => $_SERVER['REMOTE_ADDR']));
+				$rstlog->logAction(LOGIN_ACTION, LOG_WARNING, "Unknown user '" . $loginname . "' tried to login.");
+
+				redirectTo('index.php', array('showmessage' => '2'));
 				exit;
 			}
 		}
@@ -111,19 +115,27 @@ if ($action == 'login') {
 		Database::pexecute($userinfo_stmt, array("loginname" => $loginname));
 		$userinfo = $userinfo_stmt->fetch(PDO::FETCH_ASSOC);
 
-		if ($userinfo['loginfail_count'] >= $settings['login']['maxloginattempts'] && $userinfo['lastlogin_fail'] > (time() - $settings['login']['deactivatetime'])) {
-			redirectTo('index.php', Array('showmessage' => '3'), true);
+		if ($userinfo['loginfail_count'] >= Settings::Get('login.maxloginattempts') && $userinfo['lastlogin_fail'] > (time() - Settings::Get('login.deactivatetime'))) {
+			redirectTo('index.php', array('showmessage' => '3'));
 			exit;
-		} elseif($userinfo['password'] == md5($password)) {
-			// login correct
-			// reset loginfail_counter, set lastlogin_succ
-			$stmt = Database::prepare("UPDATE $table
-				SET `lastlogin_succ`= :lastlogin_succ, `loginfail_count`='0'
-				WHERE `$uid`= :uid"
-			);
-			Database::pexecute($stmt, array("lastlogin_succ" => time(), "uid" => $userinfo[$uid]));
-			$userinfo['userid'] = $userinfo[$uid];
-			$userinfo['adminsession'] = $adminsession;
+		} elseif (validatePasswordLogin($userinfo, $password, $table, $uid)) {
+		    // only show "you're banned" if the login was successfull
+		    // because we don't want to publish that the user does exist
+		    if ($userinfo['deactivated']) {
+		        unset($userinfo);
+		        redirectTo('index.php', array('showmessage' => '5'));
+		        exit;
+		    } else {
+		        // login correct
+		        // reset loginfail_counter, set lastlogin_succ
+		        $stmt = Database::prepare("UPDATE $table
+		              SET `lastlogin_succ`= :lastlogin_succ, `loginfail_count`='0'
+		              WHERE `$uid`= :uid"
+		        );
+		        Database::pexecute($stmt, array("lastlogin_succ" => time(), "uid" => $userinfo[$uid]));
+		        $userinfo['userid'] = $userinfo[$uid];
+		        $userinfo['adminsession'] = $adminsession;
+		    }
 		} else {
 			// login incorrect
 			$stmt = Database::prepare("UPDATE $table
@@ -131,8 +143,13 @@ if ($action == 'login') {
 				WHERE `$uid`= :uid"
 			);
 			Database::pexecute($stmt, array("lastlogin_fail" => time(), "uid" => $userinfo[$uid]));
+
+			// Log failed login
+			$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => $_SERVER['REMOTE_ADDR']));
+			$rstlog->logAction(LOGIN_ACTION, LOG_WARNING, "User '" . $loginname . "' tried to login with wrong password.");
+
 			unset($userinfo);
-			redirectTo('index.php', Array('showmessage' => '2'), true);
+			redirectTo('index.php', array('showmessage' => '2'));
 			exit;
 		}
 
@@ -143,20 +160,20 @@ if ($action == 'login') {
 				$language = validate($_POST['language'], 'language');
 				if ($language == 'profile') {
 					$language = $userinfo['def_language'];
-				} elseif(!isset($languages[$language])) {
-					$language = $settings['panel']['standardlanguage'];
+				} elseif (!isset($languages[$language])) {
+					$language = Settings::Get('panel.standardlanguage');
 				}
 			} else {
-				$language = $settings['panel']['standardlanguage'];
+				$language = Settings::Get('panel.standardlanguage');
 			}
 
 			if (isset($userinfo['theme']) && $userinfo['theme'] != '') {
 				$theme = $userinfo['theme'];
 			} else {
-				$theme = $settings['panel']['default_theme'];
+				$theme = Settings::Get('panel.default_theme');
 			}
 
-			if ($settings['session']['allow_multiple_login'] != '1') {
+			if (Settings::Get('session.allow_multiple_login') != '1') {
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "`
 					WHERE `userid` = :uid
 					AND `adminsession` = :adminsession"
@@ -190,25 +207,39 @@ if ($action == 'login') {
 					(`hash`, `userid`, `ipaddress`, `useragent`, `lastactivity`, `language`, `adminsession`, `theme`)
 					VALUES (:hash, :userid, :ipaddress, :useragent, :lastactivity, :language, :adminsession, :theme)"
 				);
-    		} else {
-    			$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_SESSIONS . "`
+			} else {
+				$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_SESSIONS . "`
 					(`hash`, `userid`, `ipaddress`, `useragent`, `lastactivity`, `language`, `adminsession`)
 					VALUES (:hash, :userid, :ipaddress, :useragent, :lastactivity, :language, :adminsession)"
 				);
-    		}
-    		Database::pexecute($stmt, $params);
+			}
+			Database::pexecute($stmt, $params);
+
+			$qryparams = array();
+			if (isset($_POST['qrystr']) && $_POST['qrystr'] != "") {
+				parse_str(urldecode($_POST['qrystr']), $qryparams);
+			}
+			$qryparams['s'] = $s;
 
 			if ($userinfo['adminsession'] == '1') {
 				if (hasUpdates($version)) {
-					redirectTo('admin_updates.php', Array('s' => $s), true);
+					redirectTo('admin_updates.php', array('s' => $s));
 				} else {
-					redirectTo('admin_index.php', Array('s' => $s), true);
+					if (isset($_POST['script']) && $_POST['script'] != "") {
+						redirectTo($_POST['script'], $qryparams);
+					} else {
+						redirectTo('admin_index.php', $qryparams);
+					}
 				}
 			} else {
-				redirectTo('customer_index.php', Array('s' => $s), true);
+				if (isset($_POST['script']) && $_POST['script'] != "") {
+					redirectTo($_POST['script'], $qryparams);
+				} else {
+					redirectTo('customer_index.php', $qryparams);
+				}
 			}
 		} else {
-			redirectTo('index.php', Array('showmessage' => '2'), true);
+			redirectTo('index.php', array('showmessage' => '2'));
 		}
 		exit;
 	} else {
@@ -224,34 +255,51 @@ if ($action == 'login') {
 		$successmessage = '';
 
 		switch ($smessage) {
-			case 1:
-				$successmessage = $lng['pwdreminder']['success'];
-				break;
-			case 2:
-				$message = $lng['error']['login'];
-				break;
-			case 3:
-				$message = sprintf($lng['error']['login_blocked'],$settings['login']['deactivatetime']);
-				break;
-			case 4:
-				$cmail = isset($_GET['customermail']) ? $_GET['customermail'] : 'unknown';
-				$message = str_replace('%s', $cmail, $lng['error']['errorsendingmail']);
-				break;
-			case 5:
-				$message = $lng['error']['user_banned'];
-				break;
-			case 6:
-				$successmessage = $lng['pwdreminder']['changed'];
-				break;
-			case 7:
-				$message = $lng['pwdreminder']['wrongcode'];
-				break;
+		case 1:
+			$successmessage = $lng['pwdreminder']['success'];
+			break;
+		case 2:
+			$message = $lng['error']['login'];
+			break;
+		case 3:
+			$message = sprintf($lng['error']['login_blocked'], Settings::Get('login.deactivatetime'));
+			break;
+		case 4:
+			$cmail = isset($_GET['customermail']) ? $_GET['customermail'] : 'unknown';
+			$message = str_replace('%s', $cmail, $lng['error']['errorsendingmail']);
+			break;
+		case 5:
+			$message = $lng['error']['user_banned'];
+			break;
+		case 6:
+			$successmessage = $lng['pwdreminder']['changed'];
+			break;
+		case 7:
+			$message = $lng['pwdreminder']['wrongcode'];
+			break;
+		case 8:
+		    $message = $lng['pwdreminder']['notallowed'];
+		    break;
 		}
 
 		$update_in_progress = '';
 		if (hasUpdates($version)) {
 			$update_in_progress = $lng['update']['updateinprogress_onlyadmincanlogin'];
 		}
+		
+		// Pass the last used page if needed
+		$lastscript = "";
+		if (isset($_REQUEST['script']) && $_REQUEST['script'] != "") {
+			$lastscript = $_REQUEST['script'];
+
+			if (!file_exists(__DIR__."/".$lastscript)) {
+				$lastscript = "";
+			}
+		}
+		$lastqrystr = "";
+		if (isset($_REQUEST['qrystr']) && $_REQUEST['qrystr'] != "") {
+			$lastqrystr = strip_tags($_REQUEST['qrystr']);
+		}
 
 		eval("echo \"" . getTemplate('login') . "\";");
 	}
@@ -289,18 +337,18 @@ if ($action == 'forgotpwd') {
 
 			/* Check whether user is banned */
 			if ($user['deactivated']) {
-				$message = $lng['pwdreminder']['notallowed'];
-				redirectTo('index.php', Array('showmessage' => '5'), true);
+				redirectTo('index.php', array('showmessage' => '8'));
+				exit;
 			}
 
-			if (($adminchecked && $settings['panel']['allow_preset_admin'] == '1') || $adminchecked == false) {
+			if (($adminchecked && Settings::Get('panel.allow_preset_admin') == '1') || $adminchecked == false) {
 				if ($user !== false) {
 					// build a activation code
 					$timestamp = time();
 					$first = substr(md5($user['loginname'] . $timestamp . rand(0, $timestamp)), 0, 15);
 					$third = substr(md5($user['email'] . $timestamp . rand(0, $timestamp)), -15);
 					$activationcode = $first . $timestamp . $third . substr(md5($third . $timestamp), 0, 10);
-					
+
 					// Drop all existing activation codes for this user
 					$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_ACTIVATION . "`
 						WHERE `userid` = :userid
@@ -311,7 +359,7 @@ if ($action == 'forgotpwd') {
 						"admin" => $adminchecked ? 1 : 0
 					);
 					Database::pexecute($stmt, $params);
-					
+
 					// Add new activation code to database
 					$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_ACTIVATION . "`
 						(userid, admin, creation, activationcode)
@@ -325,25 +373,32 @@ if ($action == 'forgotpwd') {
 					);
 					Database::pexecute($stmt, $params);
 
-					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $settings);
+					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'));
 					$rstlog->logAction(USR_ACTION, LOG_WARNING, "User '" . $user['loginname'] . "' requested a link for setting a new password.");
-					
+
 					// Set together our activation link
-					$protocol = strpos(strtolower($_SERVER['SERVER_PROTOCOL']),'https') === FALSE ? 'http' : 'https';
-					$host = $_SERVER['HTTP_HOST'];
+					$protocol = empty( $_SERVER['HTTPS'] ) ? 'http' : 'https';
+					// this can be a fixed value to avoid potential exploiting by modifying headers
+					$host = Settings::Get('system.hostname'); // $_SERVER['HTTP_HOST'];
 					$port = $_SERVER['SERVER_PORT'] != 80 ? ':' . $_SERVER['SERVER_PORT'] : '';
-					$script = $_SERVER['SCRIPT_NAME'];
+					// don't add :443 when https is used, as it is default (and just looks weird!)
+					if ($protocol == 'https' && $_SERVER['SERVER_PORT'] == '443') {
+						$port = '';
+					}
+					// there can be only one script to handle this so we can use a fixed value here
+					$script = "/index.php"; // $_SERVER['SCRIPT_NAME'];
+					if (Settings::Get('system.froxlordirectlyviahostname') == 0) {
+						$script = makeCorrectFile("/".basename(__DIR__)."/".$script);
+					}
 					$activationlink = $protocol . '://' . $host . $port . $script . '?action=resetpwd&resetcode=' . $activationcode;
-					
+
 					$replace_arr = array(
 						'SALUTATION' => getCorrectUserSalutation($user),
-						'USERNAME' => $user['loginname'],
+						'USERNAME' => $loginname,
 						'LINK' => $activationlink
 					);
 
-					$body = strtr($lng['pwdreminder']['body'], array('%s' => $user['firstname'] . ' ' . $user['name'], '%a' => $activationlink));
-
-					$def_language = ($user['def_language'] != '') ? $user['def_language'] : $settings['panel']['standardlanguage'];
+					$def_language = ($user['def_language'] != '') ? $user['def_language'] : Settings::Get('panel.standardlanguage');
 					$result_stmt = Database::prepare('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
 						WHERE `adminid`= :adminid
 						AND `language`= :lang
@@ -352,7 +407,7 @@ if ($action == 'forgotpwd') {
 					);
 					Database::pexecute($result_stmt, array("adminid" => $user['adminid'], "lang" => $def_language));
 					$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-					$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['pwdreminder']['subject']), $replace_arr));
+					$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['password_reset']['subject']), $replace_arr));
 
 					$result_stmt = Database::prepare('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
 						WHERE `adminid`= :adminid
@@ -362,14 +417,14 @@ if ($action == 'forgotpwd') {
 					);
 					Database::pexecute($result_stmt, array("adminid" => $user['adminid'], "lang" => $def_language));
 					$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-					$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $body), $replace_arr));
+					$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['password_reset']['mailbody']), $replace_arr));
 
 					$_mailerror = false;
 					try {
 						$mail->Subject = $mail_subject;
 						$mail->AltBody = $mail_body;
 						$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
-						$mail->AddAddress($user['email'], $user['firstname'] . ' ' . $user['name']);
+						$mail->AddAddress($user['email'], getCorrectUserSalutation($user));
 						$mail->Send();
 					} catch(phpmailerException $e) {
 						$mailerr_msg = $e->errorMessage();
@@ -380,17 +435,17 @@ if ($action == 'forgotpwd') {
 					}
 
 					if ($_mailerror) {
-						$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $settings);
+						$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'));
 						$rstlog->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
-						redirectTo('index.php', array('showmessage' => '4', 'customermail' => $user['email']), true);
+						redirectTo('index.php', array('showmessage' => '4', 'customermail' => $user['email']));
 						exit;
 					}
 
 					$mail->ClearAddresses();
-					redirectTo('index.php', array('showmessage' => '1'), true);
+					redirectTo('index.php', array('showmessage' => '1'));
 					exit;
 				} else {
-					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $settings);
+					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'));
 					$rstlog->logAction(USR_ACTION, LOG_WARNING, "User '" . $loginname . "' requested to set a new password, but was not found in database!");
 					$message = $lng['login']['combination_not_found'];
 				}
@@ -403,12 +458,12 @@ if ($action == 'forgotpwd') {
 	}
 
 	if ($adminchecked) {
-		if ($settings['panel']['allow_preset_admin'] != '1') {
+		if (Settings::Get('panel.allow_preset_admin') != '1') {
 			$message = $lng['pwdreminder']['notallowed'];
 			unset ($adminchecked);
 		}
 	} else {
-		if ($settings['panel']['allow_preset'] != '1') {
+		if (Settings::Get('panel.allow_preset') != '1') {
 			$message = $lng['pwdreminder']['notallowed'];
 		}
 	}
@@ -418,27 +473,27 @@ if ($action == 'forgotpwd') {
 
 if ($action == 'resetpwd') {
 	$message = '';
-	
+
 	// Remove old activation codes
 	$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_ACTIVATION . "`
 		WHERE creation < :oldest"
 	);
 	Database::pexecute($stmt, array("oldest" => time() - 86400));
-	
+
 	if (isset($_GET['resetcode']) && strlen($_GET['resetcode']) == 50) {
 		// Check if activation code is valid
 		$activationcode = $_GET['resetcode'];
 		$timestamp = substr($activationcode, 15, 10);
 		$third = substr($activationcode, 25, 15);
 		$check = substr($activationcode, 40, 10);
-		
+
 		if (substr(md5($third . $timestamp), 0, 10) == $check && $timestamp >= time() - 86400) {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$stmt = Database::prepare("SELECT `userid`, `admin` FROM `" . TABLE_PANEL_ACTIVATION . "`
 					WHERE `activationcode` = :activationcode"
 				);
 				$result = Database::pexecute_first($stmt, array("activationcode" => $activationcode));
-				
+
 				if ($result !== false) {
 					if ($result['admin'] == 1) {
 						$new_password = validate($_POST['new_password'], 'new password');
@@ -447,12 +502,12 @@ if ($action == 'resetpwd') {
 						$new_password = validatePassword($_POST['new_password'], 'new password');
 						$new_password_confirm = validatePassword($_POST['new_password_confirm'], 'new password confirm');
 					}
-					
+
 					if ($new_password == '') {
 						$message = $new_password;
-					} elseif($new_password_confirm == '') {
+					} elseif ($new_password_confirm == '') {
 						$message = $new_password_confirm;
-					} elseif($new_password != $new_password_confirm) {
+					} elseif ($new_password != $new_password_confirm) {
 						$message = $new_password . " != " . $new_password_confirm;
 					} else {
 						// Update user password
@@ -467,30 +522,30 @@ if ($action == 'resetpwd') {
 								WHERE `customerid` = :userid"
 							);
 						}
-						Database::pexecute($stmt, array("newpassword" => md5($new_password), "userid" => $result['userid']));
-						
-						$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $settings);
+						Database::pexecute($stmt, array("newpassword" => makeCryptPassword($new_password), "userid" => $result['userid']));
+
+						$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'));
 						$rstlog->logAction(USR_ACTION, LOG_NOTICE, "changed password using password reset.");
-						
+
 						// Remove activation code from DB
 						$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_ACTIVATION . "`
 							WHERE `activationcode` = :activationcode
 							AND `userid` = :userid"
 						);
 						Database::pexecute($stmt, array("activationcode" => $activationcode, "userid" => $result['userid']));
-						redirectTo('index.php', array("showmessage" => '6'), true);
+						redirectTo('index.php', array("showmessage" => '6'));
 					}
 				} else {
-					redirectTo('index.php', array("showmessage" => '7'), true);
+					redirectTo('index.php', array("showmessage" => '7'));
 				}
 			}
-			
+
 			eval("echo \"" . getTemplate('rpwd') . "\";");
-			
+
 		} else {
-			redirectTo('index.php', array("showmessage" => '7'), true);
+			redirectTo('index.php', array("showmessage" => '7'));
 		}
-		
+
 	} else {
 		redirectTo('index.php');
 	}

install/froxlor.sql

@@ -1,3 +1,4 @@
+DROP TABLE IF EXISTS `ftp_groups`;
 CREATE TABLE `ftp_groups` (
   `id` int(20) NOT NULL auto_increment,
   `groupname` varchar(60) NOT NULL default '',
@@ -28,6 +29,7 @@ CREATE TABLE `ftp_users` (
   `down_count` int(15) NOT NULL default '0',
   `down_bytes` bigint(30) NOT NULL default '0',
   `customerid` int(11) NOT NULL default '0',
+  `description` varchar(255) NOT NULL DEFAULT '',
   PRIMARY KEY  (`id`),
   UNIQUE KEY `username` (`username`),
   KEY `customerid` (`customerid`)
@@ -89,7 +91,7 @@ DROP TABLE IF EXISTS `panel_admins`;
 CREATE TABLE `panel_admins` (
   `adminid` int(11) unsigned NOT NULL auto_increment,
   `loginname` varchar(50) NOT NULL default '',
-  `password` varchar(50) NOT NULL default '',
+  `password` varchar(255) NOT NULL default '',
   `name` varchar(255) NOT NULL default '',
   `email` varchar(255) NOT NULL default '',
   `def_language` varchar(255) NOT NULL default '',
@@ -128,12 +130,9 @@ CREATE TABLE `panel_admins` (
   `lastlogin_fail` int(11) unsigned NOT NULL default '0',
   `loginfail_count` int(11) unsigned NOT NULL default '0',
   `reportsent` tinyint(4) unsigned NOT NULL default '0',
-  `can_manage_aps_packages` tinyint(1) NOT NULL default '1',
-  `aps_packages` int(5) NOT NULL default '0',
-  `aps_packages_used` int(5) NOT NULL default '0',
-  `email_autoresponder` int(5) NOT NULL default '0',
-  `email_autoresponder_used` int(5) NOT NULL default '0',
   `theme` varchar(255) NOT NULL default 'Sparkle',
+  `custom_notes` text,
+  `custom_notes_show` tinyint(1) NOT NULL default '0',
    PRIMARY KEY  (`adminid`),
    UNIQUE KEY `loginname` (`loginname`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -144,7 +143,7 @@ DROP TABLE IF EXISTS `panel_customers`;
 CREATE TABLE `panel_customers` (
   `customerid` int(11) unsigned NOT NULL auto_increment,
   `loginname` varchar(50) NOT NULL default '',
-  `password` varchar(50) NOT NULL default '',
+  `password` varchar(255) NOT NULL default '',
   `adminid` int(11) unsigned NOT NULL default '0',
   `name` varchar(255) NOT NULL default '',
   `firstname` varchar(255) NOT NULL default '',
@@ -191,14 +190,10 @@ CREATE TABLE `panel_customers` (
   `reportsent` tinyint(4) unsigned NOT NULL default '0',
   `pop3` tinyint(1) NOT NULL default '1',
   `imap` tinyint(1) NOT NULL default '1',
-  `aps_packages` int(5) NOT NULL default '0',
-  `aps_packages_used` int(5) NOT NULL default '0',
   `perlenabled` tinyint(1) NOT NULL default '0',
-  `email_autoresponder` int(5) NOT NULL default '0',
-  `email_autoresponder_used` int(5) NOT NULL default '0',
   `theme` varchar(255) NOT NULL default 'Sparkle',
-  `backup_allowed` TINYINT( 1 ) NOT NULL DEFAULT '1',
-  `backup_enabled` TINYINT( 1 ) NOT NULL DEFAULT '0',
+  `custom_notes` text,
+  `custom_notes_show` tinyint(1) NOT NULL default '0',
    PRIMARY KEY  (`customerid`),
    UNIQUE KEY `loginname` (`loginname`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -212,7 +207,6 @@ CREATE TABLE `panel_databases` (
   `databasename` varchar(255) NOT NULL default '',
   `description` varchar(255) NOT NULL default '',
   `dbserver` int(11) unsigned NOT NULL default '0',
-  `apsdb` tinyint(1) NOT NULL default '0',
   PRIMARY KEY  (`id`),
   KEY `customerid` (`customerid`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -227,7 +221,6 @@ CREATE TABLE `panel_domains` (
   `customerid` int(11) unsigned NOT NULL default '0',
   `aliasdomain` int(11) unsigned NULL,
   `documentroot` varchar(255) NOT NULL default '',
-  `ipandport` int(11) unsigned NOT NULL default '1',
   `isbinddomain` tinyint(1) NOT NULL default '0',
   `isemaildomain` tinyint(1) NOT NULL default '0',
   `email_only` tinyint(1) NOT NULL default '0',
@@ -236,18 +229,16 @@ CREATE TABLE `panel_domains` (
   `caneditdomain` tinyint(1) NOT NULL default '1',
   `zonefile` varchar(255) NOT NULL default '',
   `dkim` tinyint(1) NOT NULL default '0',
-  `dkim_id` int(11) unsigned NOT NULL,
-  `dkim_privkey` text NOT NULL,
-  `dkim_pubkey` text NOT NULL,
+  `dkim_id` int(11) unsigned NOT NULL default '0',
+  `dkim_privkey` text,
+  `dkim_pubkey` text,
   `wwwserveralias` tinyint(1) NOT NULL default '1',
   `parentdomainid` int(11) unsigned NOT NULL default '0',
   `openbasedir` tinyint(1) NOT NULL default '0',
   `openbasedir_path` tinyint(1) NOT NULL default '0',
   `speciallogfile` tinyint(1) NOT NULL default '0',
-  `ssl` tinyint(4) NOT NULL default '0',
   `ssl_redirect` tinyint(4) NOT NULL default '0',
-  `ssl_ipandport` tinyint(4) NOT NULL default '0',
-  `specialsettings` text NOT NULL,
+  `specialsettings` text,
   `deactivated` tinyint(1) NOT NULL default '0',
   `bindserial` varchar(10) NOT NULL default '2000010100',
   `add_date` int( 11 ) NOT NULL default '0',
@@ -273,12 +264,12 @@ CREATE TABLE `panel_ipsandports` (
   `namevirtualhost_statement` tinyint(1) NOT NULL default '0',
   `vhostcontainer` tinyint(1) NOT NULL default '0',
   `vhostcontainer_servername_statement` tinyint(1) NOT NULL default '0',
-  `specialsettings` text NOT NULL default '',
+  `specialsettings` text,
   `ssl` tinyint(4) NOT NULL default '0',
   `ssl_cert_file` varchar(255) NOT NULL,
   `ssl_key_file` varchar(255) NOT NULL,
   `ssl_ca_file` varchar(255) NOT NULL,
-  `default_vhostconf_domain` text NOT NULL,
+  `default_vhostconf_domain` text,
   `ssl_cert_chainfile` varchar(255) NOT NULL,
   `docroot` varchar(255) NOT NULL default '',
   PRIMARY KEY  (`id`)
@@ -343,8 +334,6 @@ CREATE TABLE `panel_settings` (
   PRIMARY KEY  (`settingid`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
 
-
-
 INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('catchall', 'catchall_enabled', '1'),
 	('session', 'allow_multiple_login', '0'),
@@ -353,6 +342,8 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('customer', 'ftpprefix', 'ftp'),
 	('customer', 'mysqlprefix', 'sql'),
 	('customer', 'ftpatdomain', '0'),
+	('customer', 'show_news_feed', '0'),
+	('customer', 'news_feed_url', ''),
 	('ticket', 'noreply_email', 'NO-REPLY@SERVERNAME'),
 	('ticket', 'worktime_all', '1'),
 	('ticket', 'worktime_begin', '00:00'),
@@ -374,19 +365,9 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('dkim', 'dkim_domains', 'domains'),
 	('dkim', 'dkim_dkimkeys', 'dkim-keys.conf'),
 	('dkim', 'dkimrestart_command', '/etc/init.d/dkim-filter restart'),
-	('autoresponder', 'autoresponder_active', '0'),
-	('autoresponder', 'last_autoresponder_run', '0'),
 	('admin', 'show_news_feed', '1'),
 	('admin', 'show_version_login', '0'),
 	('admin', 'show_version_footer', '0'),
-	('aps', 'items_per_page', '20'),
-	('aps', 'upload_fields', '5'),
-	('aps', 'aps_active', '0'),
-	('aps', 'php-extension', ''),
-	('aps', 'php-configuration', ''),
-	('aps', 'webserver-htaccess', ''),
-	('aps', 'php-function', ''),
-	('aps', 'webserver-module', ''),
 	('spf', 'use_spf', '0'),
 	('spf', 'spf_entry', '@	IN	TXT	"v=spf1 a mx -all"'),
 	('dkim', 'dkim_algorithm', 'all'),
@@ -425,8 +406,9 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('phpfpm', 'idle_timeout', '30'),
 	('phpfpm', 'aliasconfigdir', '/var/www/php-fpm/'),
 	('phpfpm', 'defaultini', '1'),
-	('phpfpm', 'vhost_defaultini', '1'),
+	('phpfpm', 'vhost_defaultini', '2'),
 	('phpfpm', 'fastcgi_ipcdir', '/var/lib/apache2/fastcgi/'),
+	('phpfpm', 'use_mod_proxy', '0'),
 	('nginx', 'fastcgiparams', '/etc/nginx/fastcgi_params'),
 	('system', 'lastaccountnumber', '0'),
 	('system', 'lastguid', '9999'),
@@ -462,7 +444,6 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'mod_fcgid_tmpdir', '/var/customers/tmp'),
 	('system', 'ssl_cert_file', '/etc/apache2/apache2.pem'),
 	('system', 'use_ssl', '0'),
-	('system', 'openssl_cnf', '[ req ]\r\ndefault_bits = 1024\r\ndistinguished_name = req_distinguished_name\r\nattributes = req_attributes\r\nprompt = no\r\noutput_password =\r\ninput_password =\r\n[ req_distinguished_name ]\r\nC = DE\r\nST = froxlor\r\nL = froxlor    \r\nO = Testcertificate\r\nOU = froxlor        \r\nCN = @@domain_name@@\r\nemailAddress = @@email@@    \r\n[ req_attributes ]\r\nchallengePassword =\r\n'),
 	('system', 'default_vhostconf', ''),
 	('system', 'mail_quota_enabled', '0'),
 	('system', 'mail_quota', '100'),
@@ -492,16 +473,6 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'report_webmax', '90'),
 	('system', 'report_trafficmax', '90'),
 	('system', 'validate_domain', '1'),
-	('system', 'backup_enabled', '0'),
-	('system', 'backup_dir', '/var/customers/backups/'),
-	('system', 'backup_mysqldump_path', '/usr/bin/mysqldump'),
-	('system', 'backup_count', '1'),
-	('system', 'backup_bigfile', '1'),
-	('system', 'backup_ftp_enabled', '0'),
-	('system', 'backup_ftp_server', ''),
-	('system', 'backup_ftp_user', ''),
-	('system', 'backup_ftp_pass', ''),
-	('system', 'backup_ftp_passive', '1'),
 	('system', 'diskquota_enabled', '0'),
 	('system', 'diskquota_repquota_path', '/usr/sbin/repquota'),
 	('system', 'diskquota_quotatool_path', '/usr/bin/quotatool'),
@@ -512,7 +483,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'mod_fcgid_httpuser', 'froxlorlocal'),
 	('system', 'mod_fcgid_httpgroup', 'froxlorlocal'),
 	('system', 'awstats_awstatspath', '/usr/bin/'),
-	('system', 'mod_fcgid_defaultini_ownvhost', '1'),
+	('system', 'mod_fcgid_defaultini_ownvhost', '2'),
 	('system', 'awstats_icons', '/usr/share/awstats/icon/'),
 	('system', 'ssl_cert_chainfile', ''),
 	('system', 'ssl_cipher_list', 'ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH'),
@@ -521,11 +492,22 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'phpreload_command', ''),
 	('system', 'apache24', '0'),
 	('system', 'documentroot_use_default_value', '0'),
-	('system', 'passwordcryptfunc', '1'),
+	('system', 'passwordcryptfunc', '3'),
 	('system', 'axfrservers', ''),
 	('system', 'customer_ssl_path', '/etc/ssl/froxlor-custom/'),
 	('system', 'allow_error_report_admin', '1'),
 	('system', 'allow_error_report_customer', '0'),
+	('system', 'mdalog', '/var/log/mail.log'),
+	('system', 'mtalog', '/var/log/mail.log'),
+	('system', 'mdaserver', 'dovecot'),
+	('system', 'mtaserver', 'postfix'),
+	('system', 'mailtraffic_enabled', '1'),
+	('system', 'cronconfig', '/etc/cron.d/froxlor'),
+	('system', 'crondreload', '/etc/init.d/cron reload'),
+	('system', 'croncmdline', '/usr/bin/nice -n 5 /usr/bin/php5 -q'),
+	('system', 'cron_allowautoupdate', '0'),
+	('system', 'dns_createhostnameentry', '0'),
+	('system', 'send_cron_errors', '0'),
 	('panel', 'decimal_places', '4'),
 	('panel', 'adminmail', 'admin@SERVERNAME'),
 	('panel', 'phpmyadmin_url', ''),
@@ -548,12 +530,15 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('panel', 'allow_preset', '1'),
 	('panel', 'allow_preset_admin', '0'),
 	('panel', 'password_regex', ''),
-	('panel', 'use_webfonts', '0'),
-	('panel', 'webfont', 'Numans'),
 	('panel', 'phpconfigs_hidestdsubdomain', '0'),
 	('panel', 'allow_theme_change_admin', '1'),
 	('panel', 'allow_theme_change_customer', '1'),
-	('panel', 'version', '0.9.31.1');
+	('panel', 'password_alpha_lower', '1'),
+	('panel', 'password_alpha_upper', '1'),
+	('panel', 'password_numeric', '0'),
+	('panel', 'password_special_char_required', '0'),
+	('panel', 'password_special_char', '!?<>§$%+#=@'),
+	('panel', 'version', '0.9.33.2');
 
 
 DROP TABLE IF EXISTS `panel_tasks`;
@@ -564,6 +549,7 @@ CREATE TABLE `panel_tasks` (
   PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
 
+INSERT INTO `panel_tasks` (`type`) VALUES ('99');
 
 
 DROP TABLE IF EXISTS `panel_templates`;
@@ -665,20 +651,10 @@ INSERT INTO `panel_languages` (`id`, `language`, `iso`, `file`) VALUES
     (1, 'Deutsch', 'de', 'lng/german.lng.php'),
     (2, 'English', 'en', 'lng/english.lng.php'),
     (3, 'Français', 'fr', 'lng/french.lng.php'),
-    (4, 'Chinese', 'zh', 'lng/zh-cn.lng.php'),
-    (5, 'Catalan', 'ca', 'lng/catalan.lng.php'),
-    (6, 'Espa&ntilde;ol', 'es', 'lng/spanish.lng.php'),
-    (7, 'Portugu&ecirc;s', 'pt', 'lng/portugues.lng.php'),
-    (8, 'Russian', 'ru', 'lng/russian.lng.php'),
-    (9, 'Danish', 'da', 'lng/danish.lng.php'),
-    (10, 'Italian', 'it', 'lng/italian.lng.php'),
-    (11, 'Bulgarian', 'bg', 'lng/bulgarian.lng.php'),
-    (12, 'Slovak', 'sk', 'lng/slovak.lng.php'),
-    (13, 'Dutch', 'nl', 'lng/dutch.lng.php'),
-    (14, 'Hungarian', 'hu', 'lng/hungarian.lng.php'),
-    (15, 'Swedish', 'sv', 'lng/swedish.lng.php'),
-    (16, 'Czech', 'cz', 'lng/czech.lng.php'),
-    (17, 'Polski', 'pl', 'lng/polish.lng.php');
+    (4, 'Portugu&ecirc;s', 'pt', 'lng/portugues.lng.php'),
+    (5, 'Italian', 'it', 'lng/italian.lng.php'),
+    (6, 'Dutch', 'nl', 'lng/dutch.lng.php'),
+    (7, 'Swedish', 'sv', 'lng/swedish.lng.php');
 
 
 
@@ -728,23 +704,6 @@ CREATE TABLE IF NOT EXISTS `panel_syslog` (
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
 
 
-
-DROP TABLE IF EXISTS `mail_autoresponder`;
-CREATE TABLE `mail_autoresponder` (
-  `email` varchar(255) NOT NULL default '',
-  `message` text NOT NULL,
-  `enabled` tinyint(1) NOT NULL default '0',
-  `date_from` int(15) NOT NULL default '-1',
-  `date_until` int(15) NOT NULL default '-1',
-  `subject` varchar(255) NOT NULL default '',
-  `customerid` int(11) NOT NULL default '0',
-  PRIMARY KEY  (`email`),
-  KEY `customerid` (`customerid`),
-  FULLTEXT KEY `message` (`message`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
 DROP TABLE IF EXISTS `panel_phpconfigs`;
 CREATE TABLE `panel_phpconfigs` (
   `id` int(11) unsigned NOT NULL auto_increment,
@@ -763,65 +722,8 @@ CREATE TABLE `panel_phpconfigs` (
 
 
 INSERT INTO `panel_phpconfigs` (`id`, `description`, `binary`, `file_extensions`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`, `phpsettings`) VALUES
-(1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n'),
-(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\nnoutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n');
-
-
-DROP TABLE IF EXISTS `aps_instances`;
-CREATE TABLE IF NOT EXISTS `aps_instances` (
-  `ID` int(4) NOT NULL auto_increment,
-  `CustomerID` int(4) NOT NULL,
-  `PackageID` int(4) NOT NULL,
-  `Status` int(4) NOT NULL,
-  PRIMARY KEY  (`ID`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
-DROP TABLE IF EXISTS `aps_packages`;
-CREATE TABLE IF NOT EXISTS `aps_packages` (
-  `ID` int(4) NOT NULL auto_increment,
-  `Path` varchar(500) NOT NULL,
-  `Name` varchar(500) NOT NULL,
-  `Version` varchar(20) NOT NULL,
-  `Release` int(4) NOT NULL,
-  `Status` int(1) NOT NULL default '1',
-  PRIMARY KEY  (`ID`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
-DROP TABLE IF EXISTS `aps_settings`;
-CREATE TABLE IF NOT EXISTS `aps_settings` (
-  `ID` int(4) NOT NULL auto_increment,
-  `InstanceID` int(4) NOT NULL,
-  `Name` varchar(250) NOT NULL,
-  `Value` varchar(250) NOT NULL,
-  PRIMARY KEY  (`ID`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
-DROP TABLE IF EXISTS `aps_tasks`;
-CREATE TABLE IF NOT EXISTS `aps_tasks` (
-  `ID` int(4) NOT NULL auto_increment,
-  `InstanceID` int(4) NOT NULL,
-  `Task` int(4) NOT NULL,
-  PRIMARY KEY  (`ID`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
-DROP TABLE IF EXISTS `aps_temp_settings`;
-CREATE TABLE IF NOT EXISTS `aps_temp_settings` (
-  `ID` int(4) NOT NULL auto_increment,
-  `PackageID` int(4) NOT NULL,
-  `CustomerID` int(4) NOT NULL,
-  `Name` varchar(250) NOT NULL,
-  `Value` varchar(250) NOT NULL,
-  PRIMARY KEY  (`ID`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
+(1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\n'),
+(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\nnoutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\n');
 
 
 DROP TABLE IF EXISTS `cronjobs_run`;
@@ -837,18 +739,13 @@ CREATE TABLE IF NOT EXISTS `cronjobs_run` (
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
 
 
-
 INSERT INTO `cronjobs_run` (`id`, `module`, `cronfile`, `interval`, `isactive`, `desc_lng_key`) VALUES
-	(1, 'froxlor/core', 'cron_tasks.php', '5 MINUTE', '1', 'cron_tasks'),
-	(2, 'froxlor/aps', 'cron_apsinstaller.php', '5 MINUTE', '0', 'cron_apsinstaller'),
-	(3, 'froxlor/autoresponder', 'cron_autoresponder.php', '5 MINUTE', '0', 'cron_autoresponder'),
-	(4, 'froxlor/aps', 'cron_apsupdater.php', '1 HOUR', '0', 'cron_apsupdater'),
-	(5, 'froxlor/core', 'cron_traffic.php', '1 DAY', '1', 'cron_traffic'),
-	(6, 'froxlor/ticket', 'cron_used_tickets_reset.php', '1 DAY', '1', 'cron_ticketsreset'),
-	(7, 'froxlor/ticket', 'cron_ticketarchive.php', '1 MONTH', '1', 'cron_ticketarchive'),
-	(8, 'froxlor/reports', 'cron_usage_report.php', '1 DAY', '1', 'cron_usage_report'),
-	(9, 'froxlor/backup', 'cron_backup.php', '1 DAY', '1', 'cron_backup'),
-	(10, 'froxlor/core', 'cron_mailboxsize.php', '6 HOUR', '1', 'cron_mailboxsize');
+	(1, 'froxlor/core', 'tasks', '5 MINUTE', '1', 'cron_tasks'),
+	(2, 'froxlor/core', 'traffic', '1 DAY', '1', 'cron_traffic'),
+	(3, 'froxlor/ticket', 'used_tickets_reset', '1 DAY', '1', 'cron_ticketsreset'),
+	(4, 'froxlor/ticket', 'ticketarchive', '1 MONTH', '1', 'cron_ticketarchive'),
+	(5, 'froxlor/reports', 'usage_report', '1 DAY', '1', 'cron_usage_report'),
+	(6, 'froxlor/core', 'mailboxsize', '6 HOUR', '1', 'cron_mailboxsize');
 
 
 
@@ -921,8 +818,8 @@ CREATE TABLE IF NOT EXISTS `domain_ssl_settings` (
   `domainid` int(11) NOT NULL,
   `ssl_cert_file` text NOT NULL,
   `ssl_key_file` text NOT NULL,
-  `ssl_ca_file` text NOT NULL,
-  `ssl_cert_chainfile` text NOT NULL,
+  `ssl_ca_file` text,
+  `ssl_cert_chainfile` text,
   PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
 
@@ -933,3 +830,4 @@ CREATE TABLE IF NOT EXISTS `panel_domaintoip` (
   `id_ipandports` int(11) unsigned NOT NULL,
   PRIMARY KEY (`id_domain`,`id_ipandports`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
+

install/lib/class.FroxlorInstall.php

@@ -65,7 +65,8 @@ class FroxlorInstall {
 	 */
 	private $_languages = array(
 			'german' => 'Deutsch',
-			'english' => 'English'
+			'english' => 'English',
+			'french' => 'Français'
 	);
 
 	/**
@@ -275,7 +276,7 @@ class FroxlorInstall {
 			$navigation = '';
 			$msgcolor = 'red';
 			$message = $this->_lng['install']['testing_mysql_fail'];
-			$link = 'install.php';
+			$link = 'install.php?check=1';
 			$linktext = $this->_lng['click_here_to_goback'];
 		} else {
 			// all good
@@ -371,7 +372,8 @@ class FroxlorInstall {
 		$content .= $this->_status_message('begin', $this->_lng['install']['adding_admin_user']);
 		$ins_data = array(
 				'loginname' => $this->_data['admin_user'],
-				'password' => md5($this->_data['admin_pass1']),
+				/* use SHA256 default crypt */
+				'password' => crypt($this->_data['admin_pass1'], '$5$'. md5(uniqid(microtime(), 1)) . md5(uniqid(microtime(), 1))),
 				'email' => 'admin@' . $this->_data['servername'],
 				'deflang' => $this->_languages[$this->_activelng]
 		);
@@ -398,10 +400,7 @@ class FroxlorInstall {
 				`tickets` = -1,
 				`tickets_see_all` = 1,
 				`subdomains` = -1,
-				`traffic` = -1048576,
-				`can_manage_aps_packages` = 1,
-				`aps_packages` = -1,
-				`email_autoresponder` = -1
+				`traffic` = -1048576
 				");
 
 		$ins_stmt->execute($ins_data);
@@ -481,6 +480,9 @@ class FroxlorInstall {
 		$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_used_tickets_reset.php';");
 		$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_ticketarchive.php';");
 
+		// insert task 99 to generate a correct cron.d-file automatically
+		$db->query("INSERT INTO `".TABLE_PANEL_TASKS."` SET `type` = '99';");
+
 		$content .= $this->_status_message('green', 'OK');
 
 		return $content;
@@ -566,7 +568,7 @@ class FroxlorInstall {
 
 		// we have to create a new user and database for the froxlor unprivileged mysql access
 		$content .= $this->_status_message('begin', $this->_lng['install']['create_mysqluser_and_db']);
-		$ins_stmt = $db_root->prepare("CREATE DATABASE `".str_replace('`', '', $this->_data['mysql_database'])."`");
+		$ins_stmt = $db_root->prepare("CREATE DATABASE `".str_replace('`', '', $this->_data['mysql_database'])."` CHARACTER SET=utf8 COLLATE=utf8_general_ci");
 		$ins_stmt->execute();
 
 		$mysql_access_host_array = array_map('trim', explode(',', $this->_data['mysql_access_host']));
@@ -691,25 +693,25 @@ class FroxlorInstall {
 		$formdata .= $this->_getSectionItemString('mysql_database', true);
 		// unpriv-user has to be different from root
 		if ($this->_data['mysql_unpriv_user'] == $this->_data['mysql_root_user']) {
-			$style = 'color:blue;';
+			$style = 'blue';
 		} else { $style = '';
 		}
 		$formdata .= $this->_getSectionItemString('mysql_unpriv_user', true, $style);
 		// is we posted and no password was given -> red
 		if (!empty($_POST['installstep']) && $this->_data['mysql_unpriv_pass'] == '') {
-			$style = 'color:red;';
+			$style = 'red';
 		} else { $style = '';
 		}
 		$formdata .= $this->_getSectionItemString('mysql_unpriv_pass', true, $style, 'password');
 		// unpriv-user has to be different from root
 		if ($this->_data['mysql_unpriv_user'] == $this->_data['mysql_root_user']) {
-			$style = 'color:blue;';
+			$style = 'blue';
 		} else { $style = '';
 		}
 		$formdata .= $this->_getSectionItemString('mysql_root_user', true, $style);
 		// is we posted and no password was given -> red
 		if (!empty($_POST['installstep']) && $this->_data['mysql_root_pass'] == '') {
-			$style = 'color:red;';
+			$style = 'red';
 		} else { $style = '';
 		}
 		$formdata .= $this->_getSectionItemString('mysql_root_pass', true, $style, 'password');
@@ -849,14 +851,16 @@ class FroxlorInstall {
 			$content .= $this->_status_message('green', PHP_VERSION);
 		}
 
-		// Check if magic_quotes_runtime is active
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpmagic_quotes_runtime']);
-		if (get_magic_quotes_runtime()) {
-			// deactivate it
-			set_magic_quotes_runtime(false);
-			$content .= $this->_status_message('orange', $this->_lng['requirements']['not_true'] . "<br />". $this->_lng['requirements']['phpmagic_quotes_runtime_description']);
-		} else {
-			$content .= $this->_status_message('green', 'off');
+		// Check if magic_quotes_runtime is active | get_magic_quotes_runtime() is always FALSE since 5.4
+		if (version_compare(PHP_VERSION, "5.4.0", "<")) {
+			$content .= $this->_status_message('begin', $this->_lng['requirements']['phpmagic_quotes_runtime']);
+			if (get_magic_quotes_runtime()) {
+				// deactivate it
+				set_magic_quotes_runtime(false);
+				$content .= $this->_status_message('orange', $this->_lng['requirements']['not_true'] . "<br />". $this->_lng['requirements']['phpmagic_quotes_runtime_description']);
+			} else {
+				$content .= $this->_status_message('green', 'off');
+			}
 		}
 
 		// check for php_pdo and pdo_mysql
@@ -908,6 +912,15 @@ class FroxlorInstall {
 			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
 		}
 
+		// check for curl extension
+		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpcurl']);
+
+		if (!extension_loaded('curl')) {
+			$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['curldescription']);
+		} else {
+			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
+		}
+
 		// check for open_basedir
 		$content .= $this->_status_message('begin', $this->_lng['requirements']['openbasedir']);
 		$php_ob = @ini_get("open_basedir");
@@ -970,6 +983,7 @@ class FroxlorInstall {
 			) {
 				// use sparkle theme for the notice
 				$installed_hint = file_get_contents($this->_basepath.'/templates/Sparkle/misc/alreadyinstalledhint.tpl');
+				$installed_hint = str_replace("<CURRENT_YEAR>", date('Y', time()), $installed_hint);
 				die($installed_hint);
 			}
 		}
@@ -1051,9 +1065,9 @@ class FroxlorInstall {
 	 */
 	private function _status_message($case, $text) {
 		if ($case == 'begin') {
-			return '<tr><td style="width: 250px;">'.$text;
+			return '<tr><td class="install-step">'.$text;
 		} else {
-			return '</td><td><span style="color:'.$case.';">'.$text.'</span></td></tr>';
+			return '</td><td><span class="'.$case.'">'.$text.'</span></td></tr>';
 		}
 	}
 

install/lng/english.lng.php

@@ -23,7 +23,7 @@ $lng['requirements']['not_true'] = 'no';
 $lng['requirements']['notfound'] = 'not found';
 $lng['requirements']['notinstalled'] = 'not installed';
 $lng['requirements']['activated'] = 'enabled';
-$lng['requirements']['phpversion'] = 'PHP version >= 5.2';
+$lng['requirements']['phpversion'] = 'PHP version >= 5.3';
 $lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime...';
 $lng['requirements']['phpmagic_quotes_runtime_description'] = 'PHP setting "magic_quotes_runtime" must be set to "Off". We have disabled it temporary for now please fix the coresponding php.ini.';
 $lng['requirements']['phppdo'] = 'PHP PDO extension and PDO-MySQL driver...';
@@ -31,7 +31,9 @@ $lng['requirements']['phpxml'] = 'PHP XML-extension...';
 $lng['requirements']['phpfilter'] = 'PHP filter-extension...';
 $lng['requirements']['phpposix'] = 'PHP posix-extension...';
 $lng['requirements']['phpbcmath'] = 'PHP bcmath-extension...';
+$lng['requirements']['phpcurl'] = 'PHP curl-extension...';
 $lng['requirements']['bcmathdescription'] = 'Traffic-calculation related functions will not work correctly!';
+$lng['requirements']['curldescription'] = 'Version-check and news-feed may not work correctly!';
 $lng['requirements']['openbasedir'] = 'open_basedir...';
 $lng['requirements']['openbasedirenabled'] = 'Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor in the coresponding php.ini';
 $lng['requirements']['diedbecauseofrequirements'] = 'Cannot install Froxlor without these requirements! Try to fix them and retry.';

install/lng/french.lng.php

@@ -0,0 +1,88 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Language
+ *
+ */
+
+$lng['requirements']['title'] = 'Vérification des prérequis système...';
+$lng['requirements']['installed'] = 'installé';
+$lng['requirements']['not_true'] = 'non';
+$lng['requirements']['notfound'] = 'introuvable';
+$lng['requirements']['notinstalled'] = 'non installé';
+$lng['requirements']['activated'] = 'activé';
+$lng['requirements']['phpversion'] = 'PHP version >= 5.3';
+$lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime...';
+$lng['requirements']['phpmagic_quotes_runtime_description'] = 'Le réglage PHP "magic_quotes_runtime" doit être positionné à "Off". Nous l\'avons désactivé temporairement pour l\'instant; merci de corriger le php.ini correspondant.';
+$lng['requirements']['phppdo'] = 'extension PHP PDO et pilote PDO-MySQL ...';
+$lng['requirements']['phpxml'] = 'extension PHP XML...';
+$lng['requirements']['phpfilter'] = 'extension PHP filter ...';
+$lng['requirements']['phpposix'] = 'extension PHP posix ...';
+$lng['requirements']['phpbcmath'] = 'extension PHP bcmath ...';
+$lng['requirements']['phpcurl'] = 'extension PHP curl...';
+$lng['requirements']['bcmathdescription'] = 'Les fonctions de calcul de traffic ne fonctionneront pas correctement!';
+$lng['requirements']['curldescription'] = 'Les vérifications de version et les flux d\'information peuvent ne pas fonctionner correctement!';
+$lng['requirements']['openbasedir'] = 'open_basedir...';
+$lng['requirements']['openbasedirenabled'] = 'Froxlor ne fonctionnera pas correctement avec open_basedir activé. Merci de désactiver open_basedir pour Froxlor dans le php.ini correspondant';
+$lng['requirements']['diedbecauseofrequirements'] = 'Impossible d\'installer Froxlor sans ces prérequis! Essayez de les corriger et essayez à nouveau.';
+$lng['requirements']['froxlor_succ_checks'] = 'Tous les prérequis sont vérifiés';
+
+$lng['install']['lngtitle'] = 'Installation de Froxlor - choisisez la langue';
+$lng['install']['language'] = 'Langue d\'installation';
+$lng['install']['lngbtn_go'] = 'Changer la langue';
+$lng['install']['title'] = 'Installation de Froxlor - paramètrage';
+$lng['install']['welcometext'] = 'Merci d\'avoir choisi Froxlor. Merci de remplir les champs suivant avec les informations nécessaires pour démarrer l\'installation.<br /><b>Attention:</b> Si la base de données que vous choisissez existe déjà sur votre système, elle sera écrasée ainsi que les données contenues!';
+$lng['install']['database'] = 'Connexion à la base de données';
+$lng['install']['mysql_host'] = 'Nom d\'hôte MySQL';
+$lng['install']['mysql_database'] = 'Nom de la base de données';
+$lng['install']['mysql_unpriv_user'] = 'Nom d\'utilisateur pour le compte non priviligié MySQL';
+$lng['install']['mysql_unpriv_pass'] = 'Mot de passe pour le compte non priviligié MySQL';
+$lng['install']['mysql_root_user'] = 'Nom d\'utilisateur pour le compte MySQL root';
+$lng['install']['mysql_root_pass'] = 'Mot de passe pour le compte MySQL root';
+$lng['install']['admin_account'] = 'Compte administrateur';
+$lng['install']['admin_user'] = 'Nom d\'utilisateur administrateur';
+$lng['install']['admin_pass1'] = 'Mot de passe administrateur';
+$lng['install']['admin_pass2'] = 'Mot de passe administrateur (confirmez)';
+$lng['install']['serversettings'] = 'Réglages serveur';
+$lng['install']['servername'] = 'Nom du serveur (FQDN, pas d\'adresse IP)';
+$lng['install']['serverip'] = 'Adresse IP du serveur';
+$lng['install']['webserver'] = 'Serveur Web';
+$lng['install']['apache2'] = 'Apache 2';
+$lng['install']['lighttpd'] = 'LigHTTPd';
+$lng['install']['nginx'] = 'NGINX';
+$lng['install']['httpuser'] = 'Nom d\'utilisateur HTTP';
+$lng['install']['httpgroup'] = 'Nom de groupe HTTP';
+
+$lng['install']['testing_mysql'] = 'Vérification de l\'accès root MySQL...';
+$lng['install']['testing_mysql_fail'] = 'Il semble y avoir un problème avec la connexion à la base de données. Impossible de continuer. Merci de revenir en arrière et de vérifier les informations d\'identification.';
+$lng['install']['backup_old_db'] = 'Création des sauvegardes de l\'ancienne base de données...';
+$lng['install']['backup_binary_missing'] = 'Impossible de trouver mysqldump';
+$lng['install']['backup_failed'] = 'Impossible de sauvegarde la base de données';
+$lng['install']['prepare_db'] = 'Préparation de la base de données...';
+$lng['install']['create_mysqluser_and_db'] = 'Création de la base de données et l\'utilisateur...';
+$lng['install']['testing_new_db'] = 'Teste si la base de données et l\'utilisateur ont été créés correctement...';
+$lng['install']['importing_data'] = 'Import des données...';
+$lng['install']['changing_data'] = 'Ajustement des paramètres...';
+$lng['install']['creating_entries'] = 'Insertion des nouvelles valeurs...';
+$lng['install']['adding_admin_user'] = 'Création du compte administrateur...';
+$lng['install']['creating_configfile'] = 'Création du fichier de configuration...';
+$lng['install']['creating_configfile_temp'] = 'Le fichier a été enregistré dans /tmp/userdata.inc.php, merci de le déplacer dans lib/.';
+$lng['install']['creating_configfile_failed'] = 'Impossible de créer lib/userdata.inc.php, merci de le créer manuellement avec le contenu suivant:';
+$lng['install']['froxlor_succ_installed'] = 'Froxlor a été installé avec succès.';
+
+$lng['click_here_to_refresh'] = 'Cliquez ici pour vérifier à nouveau';
+$lng['click_here_to_goback'] = 'Cliquez ici pour revenir';
+$lng['click_here_to_continue'] = 'Cliquez ici pour continuer';
+$lng['click_here_to_login'] = 'Cliquez ici pour vous connecter.';

install/lng/german.lng.php

@@ -23,7 +23,7 @@ $lng['requirements']['not_true'] = 'nein';
 $lng['requirements']['notfound'] = 'nicht gefunden';
 $lng['requirements']['notinstalled'] = 'nicht installiert';
 $lng['requirements']['activated'] = 'ist aktiviert.';
-$lng['requirements']['phpversion'] = 'PHP Version >= 5.2';
+$lng['requirements']['phpversion'] = 'PHP Version >= 5.3';
 $lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime';
 $lng['requirements']['phpmagic_quotes_runtime_description'] = 'Die PHP Einstellung "magic_quotes_runtime" muss deaktiviert sein ("Off"). Die Einstellung wurde temporär deaktiviert, bitte ändern Sie diese in der entsprechenden php.ini.';
 $lng['requirements']['phppdo'] = 'PHP PDO Erweiterung und PDO-MySQL Treiber...';
@@ -31,10 +31,12 @@ $lng['requirements']['phpxml'] = 'PHP XML-Erweiterung...';
 $lng['requirements']['phpfilter'] = 'PHP filter-Erweiterung...';
 $lng['requirements']['phpposix'] = 'PHP posix-Erweiterung...';
 $lng['requirements']['phpbcmath'] = 'PHP bcmath-Erweiterung...';
+$lng['requirements']['phpcurl'] = 'PHP curl-Erweiterung...';
 $lng['requirements']['bcmathdescription'] = 'Traffic-Berechnungs bezogene Funktionen stehen nicht vollständig zur Verfügung!';
+$lng['requirements']['curldescription'] = 'Versions-Prüfung und News-Feed stehen nicht vollständig zur Verfügung!';
 $lng['requirements']['openbasedir'] = 'open_basedir genutzt wird...';
 $lng['requirements']['openbasedirenabled'] = 'Froxlor wird mit aktiviertem open_basedir nicht vollständig funktionieren. Bitte deaktivieren Sie open_basedir für Froxlor in der entsprechenden php.ini';
-$lng['requirements']['diedbecauseofrequirements'] = 'Kann Froxlor ohne diese Voraussetzungen nicht installieren! Versuchen Sie die angezeigten Problem zu beheben und versuchen Sie es erneut.';
+$lng['requirements']['diedbecauseofrequirements'] = 'Kann Froxlor ohne diese Voraussetzungen nicht installieren! Beheben Sie die angezeigten Probleme und versuchen Sie es erneut.';
 $lng['requirements']['froxlor_succ_checks'] = 'Alle Vorraussetzungen sind erfüllt';
 
 $lng['install']['lngtitle'] = 'Froxlor Installation - Sprache auswählen';

install/scripts/language-check.php

@@ -27,13 +27,16 @@ if(@php_sapi_name() != 'cli'
 }
 
 // Check argument count
+/*
 if (sizeof($argv) != 2) {
 	print_help($argv);
 	exit;
 }
+*/
 
 // Load the contents of the given path
 $path = $argv[1];
+$_f = isset($argv[2]) ? $argv[2] : null;
 $files = array();
 
 if ($dh = opendir($path)) {
@@ -43,7 +46,9 @@ if ($dh = opendir($path)) {
 		   && !is_dir($file)
 		   && preg_match('/(.+)\.lng\.php/i', $file)
 		) {
-			$files[$file] = str_replace('//', '/', $path . '/' . $file);
+			if (is_null($_f) || (!is_null($_f) && ($file == $_f || $file == $baseLanguage))) {
+				$files[$file] = str_replace('//', '/', $path . '/' . $file);
+			}
 		}
 	}
 

install/templates/assets/css/install.css

@@ -1,5 +1,4 @@
 @charset "UTF-8";
-
 /* RESET */
 html,body,div,ul,ol,li,dl,dt,dd,h1,h2,h3,h4,h5,h6,pre,form,p,blockquote,fieldset,input { margin:0; padding:0; }
 h1,h2,h3,h4,h5,h6,pre,code,address,caption,cite,code,em,strong,th { font-size:1em; font-weight:400; font-style:normal; }
@@ -11,10 +10,10 @@ article,aside,details,figcaption,figure,footer,header,hgroup,menu,nav,section {
 
 /* TYPE */
 html,body {
-	font:12px/18px Helvetica,Arial,Verdana,sans-serif;
-	background-color:#f2f2f2;
-	color:#333;
-	-webkit-font-smoothing: antialiased;
+	font:12px/18px 'Lucida Grande','Lucida Sans Unicode',Helvetica,Arial,Verdana,sans-serif;
+	background-color: #f5f5f5;
+	color:#444;
+	-webkit-font-smoothing: subpixel-antialiased;
 }
 
 body {
@@ -415,6 +414,7 @@ table tfoot td {
 /* input elements */
 input {
 	background: #fff url(../img/text_align_left.png) no-repeat 5px 4px;
+	color: #333;
 	padding:2px 4px 2px 24px;
 	height:22px;
 	border: 1px solid #d9d9d9;
@@ -424,6 +424,7 @@ input {
 
 textarea {
 	background:#fff url(../img/text_align_left.png) no-repeat 5px 4px;
+	color: #333;
 	padding:4px 4px 2px 24px;
 	border:1px solid #d9d9d9;
 	margin-bottom: 5px;
@@ -501,6 +502,7 @@ input[type="radio"] {
 select {
 	background:#fff;
 	padding:4px;
+	color: #333;
 	border:1px solid #d9d9d9;
 	margin-bottom: 5px;
 	min-width: 100px;
@@ -553,4 +555,13 @@ select.dropdown {
 .installprogress .bar {
 	background-color: #35aa47;
 	height:5px;
-}
+}
+
+.red { color: #ff0000; }
+.green { color: green; }
+.orange { color: orange; }
+.blue { color: blue; }
+.install-block { width: 65%; }
+.install-step { width: 250px; }
+.install-h3 { text-align: center; }
+.install-text { margin: 20px 20px 0 !important; }

install/templates/dataform.tpl

@@ -1,4 +1,4 @@
-		<p style="margin: 20px 20px 0 !important">{$this->_lng['install']['title']}</p>
+		<p class="install-text">{$this->_lng['install']['title']}</p>
 		<form action="{$formaction}" method="get">
 			<fieldset>
 				{$formdata}

install/templates/dataform2.tpl

@@ -1,4 +1,4 @@
-		<p style="margin: 20px 20px 0 !important">{$this->_lng['install']['welcometext']}</p>
+		<p class="install-text">{$this->_lng['install']['welcometext']}</p>
 		<form action="{$formaction}" method="post">
 			<hr class="line">
 			<fieldset>

install/templates/dataitem.tpl

@@ -1,4 +1,4 @@
 <p>
-	<label for="{$fieldname}" style="width:65%;{$style}">{$fieldlabel}:</label>&nbsp;
+	<label for="{$fieldname}" class="install-block {$style}">{$fieldlabel}:</label>&nbsp;
 	<input type="{$type}" name="{$fieldname}" id="{$fieldname}" value="{$fieldvalue}" {$required} />
 </p>

install/templates/dataitemchk.tpl

@@ -1,4 +1,4 @@
 <p>
-	<label for="{$fieldname}" style="width:65%;{$style}">{$this->_lng['install']['webserver']} {$fieldlabel}:</label>
+	<label for="{$fieldname}" class="install-block {$style}">{$this->_lng['install']['webserver']} {$fieldlabel}:</label>
 	<input type="radio" name="webserver" id="{$fieldname}" value="{$fieldname}" {$checked} /><span>{$fieldlabel}<span>
 </p>

install/templates/header.tpl

@@ -3,16 +3,11 @@
 <head>
 	<meta charset="utf-8" />
 	<meta http-equiv="Default-Style" content="text/css" />
-	<!--[if lt IE 9]><script src="../js/html5shiv.js"></script><![endif]-->
+	<!--[if lt IE 9]><script src="../js/html5shiv.min.js"></script><![endif]-->
 	<link href="templates/assets/css/install.css" rel="stylesheet" type="text/css" />
 	<!--[if IE]><link rel="stylesheet" href="../templates/{$theme}/css/main_ie.css" type="text/css" /><![endif]-->
 	<link href="templates/assets/img/favicon.ico" rel="icon" type="image/x-icon" />
 	<title>Froxlor Server Management Panel - Installation</title>
-	<style type="text/css">
-	body {
-        font-family: Verdana, Geneva, sans-serif;
-	}
-	</style>
 </head>
 <body>
 	<div class="installsec">

install/templates/pagebottom.tpl

@@ -1,4 +1,4 @@
-<h3 style="color:{$msgcolor};text-align: center">{$message}</h3>
+<h3 class="install-h3 {$msgcolor}">{$message}</h3>
 <aside>
 	<a href="{$link}">{$linktext}</a>
 </aside>

install/updates/froxlor/0.9/update_0.9.inc.php

@@ -15,19 +15,27 @@
  *
  */
 
+if (!defined('AREA')
+		|| (defined('AREA') && AREA != 'admin')
+		|| !isset($userinfo['loginname'])
+		|| (isset($userinfo['loginname']) && $userinfo['loginname'] == '')
+) {
+	header('Location: ../../../../index.php');
+	exit;
+}
+
 if (isFroxlorVersion('0.9-r0')) {
 
 	showUpdateStep("Updating from 0.9-r0 to 0.9-r1", false);
 	showUpdateStep("Performing database updates");
 
 	// add missing database-updates if necessary (old: update/update_database.php)
-	if (isset($settings['system']['dbversion']) && (int)$settings['system']['dbversion'] < 1) {
+	if (Settings::Get('system.dbversion') !== null && (int)Settings::Get('system.dbversion') < 1) {
 		Database::query("
 			ALTER TABLE `panel_databases` ADD `dbserver` INT( 11 ) UNSIGNED NOT NULL default '0';"
 		);
 	}
-	if(isset($settings['system']['dbversion']) && (int)$settings['system']['dbversion'] < 2)
-	{
+	if (Settings::Get('system.dbversion') !== null && (int)Settings::Get('system.dbversion') < 2) {
 		Database::query("ALTER TABLE `panel_ipsandports` CHANGE `ssl_cert` `ssl_cert_file` VARCHAR( 255 ) NOT NULL,
 				ADD `ssl_key_file` VARCHAR( 255 ) NOT NULL,
 				ADD `ssl_ca_file` VARCHAR( 255 ) NOT NULL,
@@ -181,22 +189,19 @@ if (isFroxlorVersion('0.9-r0')) {
 
 if (isFroxlorVersion('0.9-r1')) {
 	showUpdateStep("Updating from 0.9-r1 to 0.9-r2", false);
-	showUpdateStep("Updating settings table");
 
+	showUpdateStep("Updating settings table");
 	Database::query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('spf', 'use_spf', '0');");
 	Database::query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('spf', 'spf_entry', '@	IN	TXT	\"v=spf1 a mx -all\"');");
 	Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `varname` = 'froxlor_graphic' WHERE `varname` = 'syscp_graphic'");
 
-	if(isset($settings['admin']['syscp_graphic'])
-			&& $settings['admin']['syscp_graphic'] != ''
+	if (Settings::Get('admin.syscp_graphic') !== null
+			&& Settings::Get('admin.syscp_graphic') != ''
 	){
-		$settings['admin']['froxlor_graphic'] = $settings['admin']['syscp_graphic'];
+		Settings::Set('admin.froxlor_graphic', Settings::Get('admin.syscp_graphic'));
+	} else {
+		Settings::Set('admin.froxlor_graphic', 'images/header.gif');
 	}
-	else
-	{
-		$settings['admin']['froxlor_graphic'] = 'images/header.gif';
-	}
-
 	lastStepStatus(0);
 
 	updateToVersion('0.9-r2');
@@ -236,19 +241,19 @@ if (isFroxlorVersion('0.9-r3')) {
 
 	// checking for active ticket-module
 	$ticket_active = 0;
-	if ((int)$settings['ticket']['enabled'] == 1) {
+	if ((int)Settings::Get('ticket.enabled') == 1) {
 		$ticket_active = 1;
 	}
 
 	// checking for active aps-module
 	$aps_active = 0;
-	if ((int)$settings['aps']['aps_active'] == 1) {
+	if ((int)Settings::Get('aps.aps_active') == 1) {
 		$aps_active = 1;
 	}
 
 	// checking for active autoresponder-module
 	$ar_active = 0;
-	if ((int)$settings['autoresponder']['autoresponder_active'] == 1) {
+	if ((int)Settings::Get('autoresponder.autoresponder_active') == 1) {
 		$ar_active = 1;
 	}
 
@@ -297,7 +302,7 @@ if (isFroxlorVersion('0.9.1')) {
 
 	if (isset($result['latestguid'])
 			&& (int)$result['latestguid'] > 0
-			&& $result['latestguid'] != $settings['system']['lastguid']
+			&& $result['latestguid'] != Settings::Get('system.lastguid')
 	) {
 		checkLastGuid();
 		lastStepStatus(1, 'fixed');
@@ -399,22 +404,22 @@ if (isFroxlorVersion('0.9.4')) {
 	 * because we already had this back in older versions.
 	 * To not confuse Froxlor, we just update old settings.
 	*/
-	if(isset($settings['system']['awstats_path'])
-			&& $settings['system']['awstats_path'] != ''
+	if(Settings::Get('system.awstats_path') !== null
+			&& Settings::Get('system.awstats_path') != ''
 	) {
 		showUpdateStep("Updating awstats path setting");
 		Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '/usr/bin/' WHERE `settinggroup` = 'system' AND `varname` = 'awstats_path';");
 		lastStepStatus(0);
 	}
-	elseif(!isset($settings['system']['awstats_path']))
+	elseif(Settings::Get('system.awstats_path') == null)
 	{
 		showUpdateStep("Adding new awstats path setting");
 		Database::query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('system', 'awstats_path', '/usr/bin/');");
 		lastStepStatus(0);
 	}
 
-	if(isset($settings['system']['awstats_domain_file'])
-			&& $settings['system']['awstats_domain_file'] != ''
+	if(Settings::Get('system.awstats_domain_file') !== null
+			&& Settings::Get('system.awstats_domain_file') != ''
 	) {
 		showUpdateStep("Updating awstats configuration path setting");
 		Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `varname` = 'awstats_conf' WHERE `varname` = 'awstats_domain_file';");
@@ -635,7 +640,7 @@ if (isFroxlorVersion('0.9.6-svn5')) {
 	while ($row_ftp_users = $result_ftp_users_stmt->fetch(PDO::FETCH_ASSOC)) {
 		$result_ftp_quota_stmt = Database::query("
 			SELECT diskspace_used FROM `" . TABLE_PANEL_CUSTOMERS . "`
-			WHERE loginname = SUBSTRING_INDEX('" . $row_ftp_users['username'] . "', '" . $settings['customer']['ftpprefix'] . "', 1);"
+			WHERE loginname = SUBSTRING_INDEX('" . $row_ftp_users['username'] . "', '" . Settings::Get('customer.ftpprefix') . "', 1);"
 		);
 		$row_ftp_quota = $result_ftp_quota_stmt->fetch(PDO::FETCH_ASSOC);
 		Database::query("INSERT INTO `ftp_quotatallies` (`name`, `quota_type`, `bytes_in_used`, `bytes_out_used`, `bytes_xfer_used`, `files_in_used`, `files_out_used`, `files_xfer_used`) VALUES ('" . $row_ftp_users['username'] . "', 'user', '" . $row_ftp_quota[0] . "'*1024, '0', '0', '0', '0', '0');");
@@ -697,13 +702,13 @@ if (isFroxlorVersion('0.9.6')) {
 
 	// need to fix default-error-copy-and-paste-shizzle
 	showUpdateStep("Checking if anything is ok with the default-error-handler");
-	if (!isset($settings['defaultwebsrverrhandler']['err404'])) {
+	if (Settings::Get('defaultwebsrverrhandler.err404') == null) {
 		Database::query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'err404', '');");
 	}
-	if (!isset($settings['defaultwebsrverrhandler']['err403'])) {
+	if (Settings::Get('defaultwebsrverrhandler.err403') == null) {
 		Database::query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'err403', '');");
 	}
-	if (!isset($settings['defaultwebsrverrhandler']['err401'])) {
+	if (Settings::Get('defaultwebsrverrhandler.err401') == null) {
 		Database::query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` (`settinggroup`, `varname`, `value`) VALUES ('defaultwebsrverrhandler', 'err401', '');");
 	}
 	lastStepStatus(0);
@@ -718,7 +723,7 @@ if (isFroxlorVersion('0.9.7-svn1')) {
 	showUpdateStep("Updating open_basedir due to security - issue");
 	$result = Database::query("SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `documentroot` LIKE '%:%' AND `documentroot` NOT LIKE 'http://%' AND `openbasedir_path` = '0' AND `openbasedir` = '1'");
 	while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
-		Database::query("UPDATE `".TABLE_PANEL_DOMAINS."` SET `openbasedir_path` = '1' WHERE `id` = '" . (int)$row['id'])."'";
+		Database::query("UPDATE `".TABLE_PANEL_DOMAINS."` SET `openbasedir_path` = '1' WHERE `id` = '" . (int)$row['id']."'");
 	}
 	lastStepStatus(0);
 
@@ -1009,7 +1014,7 @@ if (isFroxlorVersion('0.9.12-svn3')) {
 
 	showUpdateStep("Updating from 0.9.12-svn3 to 0.9.12-svn4", false);
 
-	$update_awstats_awstatspath = isset($_POST['update_awstats_awstatspath']) ? makeCorrectDir($_POST['update_awstats_awstatspath']) : $settings['system']['awstats_path'];
+	$update_awstats_awstatspath = isset($_POST['update_awstats_awstatspath']) ? makeCorrectDir($_POST['update_awstats_awstatspath']) : Settings::Get('system.awstats_path');
 
 	showUpdateStep("Adding new settings for awstats");
 	$stmt = Database::prepare("
@@ -1066,7 +1071,7 @@ if (isFroxlorVersion('0.9.12')) {
 	Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` ADD `email_autoresponder_used` int(5) NOT NULL default '0' AFTER `email_autoresponder`;");
 	lastStepStatus(0);
 
-	if ((int)$settings['autoresponder']['autoresponder_active'] == 1) {
+	if ((int)Settings::Get('autoresponder.autoresponder_active') == 1) {
 		$update_autoresponder_default = isset($_POST['update_autoresponder_default']) ? intval_ressource($_POST['update_autoresponder_default']) : 0;
 		if (isset($_POST['update_autoresponder_default_ul'])) {
 			$update_autoresponder_default = -1;
@@ -1121,9 +1126,9 @@ if (isFroxlorVersion('0.9.14-svn1')) {
 if (isFroxlorVersion('0.9.13.1')) {
 	showUpdateStep("Updating from 0.9.13.1 to 0.9.14-svn2", false);
 
-	if ($settings['ticket']['enabled'] == '1') {
+	if (Settings::Get('ticket.enabled') == '1') {
 		showUpdateStep("Setting INTERVAL for used-tickets cronjob");
-		setCycleOfCronjob(null, null, $settings['ticket']['reset_cycle'], null);
+		setCycleOfCronjob(null, null, Settings::Get('ticket.reset_cycle'), null);
 		lastStepStatus(0);
 	}
 	updateToVersion('0.9.14-svn2');
@@ -1132,7 +1137,7 @@ if (isFroxlorVersion('0.9.13.1')) {
 if (isFroxlorVersion('0.9.14-svn2')) {
 	showUpdateStep("Updating from 0.9.14-svn2 to 0.9.14-svn3", false);
 
-	$update_awstats_icons = isset($_POST['update_awstats_icons']) ? makeCorrectDir($_POST['update_awstats_icons']) : $settings['system']['awstats_icons'];
+	$update_awstats_icons = isset($_POST['update_awstats_icons']) ? makeCorrectDir($_POST['update_awstats_icons']) : Settings::Get('system.awstats_icons');
 
 	showUpdateStep("Adding AWStats icons path to the settings");
 	$stmt = Database::prepare("
@@ -1504,7 +1509,7 @@ if (isFroxlorVersion('0.9.17')) {
 			`varname` = 'httpgroup',
 			`value` = :value"
 		);
-		Database::pexecute($stmt, array('value' => $settings['system']['httpuser']));
+		Database::pexecute($stmt, array('value' => Settings::Get('system.httpuser')));
 		lastStepStatus(0);
 	}
 
@@ -1984,7 +1989,7 @@ if (isFroxlorVersion('0.9.28-svn3')) {
 	showUpdateStep('Setting replacement for the discontinued and removed Classic theme (if active)', true);
 
 	// Updating default theme setting
-	if ($settings['panel']['default_theme'] == 'Classic') {
+	if (Settings::Get('panel.default_theme') == 'Classic') {
 		$upd_stmt = Database::prepare("
 			UPDATE `" . TABLE_PANEL_SETTINGS . "` SET
 				`value` = :theme
@@ -2159,7 +2164,7 @@ if (isFroxlorVersion('0.9.28.1')) {
 	// don't advertise security questions - just set a default silently
 	Database::query("INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('system', 'passwordcryptfunc', '1');");
 
-	$fastcgiparams = $settings['nginx']['fastcgiparams'];
+	$fastcgiparams = Settings::Get('nginx.fastcgiparams');
 	// check the faulty value explicitly
 	if ($fastcgiparams == '/etc/nginx/fastcgi_params/') {
 		$fastcgiparams = makeCorrectFile(substr($fastcgiparams,0,-1));
@@ -2272,9 +2277,9 @@ if (isFroxlorVersion('0.9.29-dev4')) {
 		`varname` = :varname,
 		`value` = :value"
 	);
-	$dval = (isset($settings['system']['mod_fcgid_defaultini']) ? $settings['system']['mod_fcgid_defaultini'] : '1');
+	$dval = (Settings::Get('system.mod_fcgid_defaultini') !== null ? Settings::Get('system.mod_fcgid_defaultini') : '1');
 	Database::pexecute($stmt, array('varname' => 'defaultini', 'value' => $dval));
-	$dval = (isset($settings['system']['mod_fcgid_ownvhost']) ? $settings['system']['mod_fcgid_ownvhost'] : '1');
+	$dval = (Settings::Get('system.mod_fcgid_ownvhost') !== null ? Settings::Get('system.mod_fcgid_ownvhost') : '1');
 	Database::pexecute($stmt, array('varname' => 'vhost_defaultini', 'value' => $dval));
 	lastStepStatus(0);
 
@@ -2434,11 +2439,11 @@ if (isFroxlorVersion('0.9.31-dev1')) {
 		INSERT INTO `".TABLE_PANEL_SETTINGS."` SET `settinggroup` = 'phpfpm', `varname` = 'fastcgi_ipcdir', `value` = :value
 	");
 	$params = array();
-	if ($settings['system']['webserver'] == 'apache2') {
-		$params['value'] = '/var/lib/apache2/fastcgi/';
-	} elseif ($settings['system']['webserver'] == 'lighttpd') {
+	// set default for apache (which will suite in most cases)
+	$params['value'] = '/var/lib/apache2/fastcgi/';
+	if (Settings::Get('system.webserver') == 'lighttpd') {
 		$params['value'] = '/var/run/lighttpd/';
-	} elseif ($settings['system']['webserver'] == 'nginx') {
+	} elseif (Settings::Get('system.webserver') == 'nginx') {
 		$params['value'] = '/var/run/nginx/';
 	}
 	Database::pexecute($ins_stmt, $params);
@@ -2548,13 +2553,13 @@ if (isFroxlorVersion('0.9.31-rc2')) {
 	");
 	$frxvhostconfid = Database::lastInsertId();
 	// update default vhosts-config for froxlor if they are on the system-default
-	if ($settings['system']['mod_fcgid_defaultini_ownvhost'] == '1') {
+	if (Settings::Get('system.mod_fcgid_defaultini_ownvhost') == '1') {
 		$upd_stmt = Database::prepare("
 			UPDATE `".TABLE_PANEL_SETTINGS."` SET `value` = :value WHERE `settinggroup` = 'system' AND `varname` = 'mod_fcgid_defaultini_ownvhost'
 		");
 		Database::pexecute($upd_stmt, array('value' => $frxvhostconfid));
 	}
-	if ($settings['phpfpm']['vhost_defaultini'] == '1') {
+	if (Settings::Get('phpfpm.vhost_defaultini') == '1') {
 		$upd_stmt = Database::prepare("
 			UPDATE `".TABLE_PANEL_SETTINGS."` SET `value` = :value WHERE `settinggroup` = 'phpfpm' AND `varname` = 'vhost_defaultini'
 		");
@@ -2566,13 +2571,340 @@ if (isFroxlorVersion('0.9.31-rc2')) {
 }
 
 if (isFroxlorVersion('0.9.31-rc3')) {
-	showUpdateStep("Updating from 0.9.31-rc3 to 0.9.31 final", true);
-	lastStepStatus(0);
-	updateToVersion('0.9.31');
+        showUpdateStep("Updating from 0.9.31-rc3 to 0.9.31 final", true);
+        lastStepStatus(0);
+        updateToVersion('0.9.31');
 }
 
 if (isFroxlorVersion('0.9.31')) {
-        showUpdateStep("Updating from 0.9.31 to 0.9.31.1 final", true);
-        lastStepStatus(0);
-        updateToVersion('0.9.31.1');
+	showUpdateStep("Updating from 0.9.31 to 0.9.31.1 final", true);
+	lastStepStatus(0);
+	updateToVersion('0.9.31.1');
+}
+
+if (isFroxlorVersion('0.9.31.1')) {
+        showUpdateStep("Updating from 0.9.31.1 to 0.9.31.2 final", true);
+        lastStepStatus(0);
+        updateToVersion('0.9.31.2');
+}
+
+if (isFroxlorVersion('0.9.31.2')) {
+
+	showUpdateStep("Updating from 0.9.31.2 to 0.9.32-dev1");
+	lastStepStatus(0);
+
+	showUpdateStep("Removing APS-module (deprecated)");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'aps';");
+	Database::query("ALTER TABLE `".TABLE_PANEL_ADMINS."` DROP `can_manage_aps_packages`;");
+	Database::query("ALTER TABLE `".TABLE_PANEL_ADMINS."` DROP `aps_packages`;");
+	Database::query("ALTER TABLE `".TABLE_PANEL_ADMINS."` DROP `aps_packages_used`;");
+	Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` DROP `aps_packages`;");
+	Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` DROP `aps_packages_used`;");
+	Database::query("ALTER TABLE `".TABLE_PANEL_DATABASES."` DROP `apsdb`;");
+	Database::query("DROP TABLE IF EXISTS `aps_packages`;");
+	Database::query("DROP TABLE IF EXISTS `aps_instances`;");
+	Database::query("DROP TABLE IF EXISTS `aps_settings`;");
+	Database::query("DROP TABLE IF EXISTS `aps_tasks`;");
+	Database::query("DROP TABLE IF EXISTS `aps_temp_settings`;");
+	Database::query("DELETE FROM `".TABLE_PANEL_CRONRUNS."` WHERE `module` = 'froxlor/aps';");
+	lastStepStatus(0);
+
+	showUpdateStep("Removing backup-module (deprecated)");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `varname` = 'backup_enabled';");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `varname` = 'backup_dir';");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `varname` = 'backup_mysqldump_path';");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `varname` = 'backup_count';");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `varname` = 'backup_bigfile';");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `varname` = 'backup_ftp_enabled';");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `varname` = 'backup_ftp_server';");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `varname` = 'backup_ftp_user';");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `varname` = 'backup_ftp_pass';");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `varname` = 'backup_ftp_passive';");
+	Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` DROP `backup_allowed`;");
+	Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` DROP `backup_enabled`;");
+	Database::query("DELETE FROM `".TABLE_PANEL_CRONRUNS."` WHERE `module` = 'froxlor/backup';");
+	lastStepStatus(0);
+
+	showUpdateStep("Removing autoresponder-module (deprecated)");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'autoresponder';");
+	Database::query("ALTER TABLE `".TABLE_PANEL_ADMINS."` DROP `email_autoresponder`;");
+	Database::query("ALTER TABLE `".TABLE_PANEL_ADMINS."` DROP `email_autoresponder_used`;");
+	Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` DROP `email_autoresponder`;");
+	Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` DROP `email_autoresponder_used`;");
+	Database::query("DROP TABLE IF EXISTS `mail_autoresponder`;");
+	lastStepStatus(0);
+
+	showUpdateStep("Updating ftp-groups entries");
+	Database::query("UPDATE `".TABLE_FTP_GROUPS."` SET `members` = CONCAT(`members`, ',".Settings::Get('system.httpuser')."');");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.32-dev1');
+}
+
+if (isFroxlorVersion('0.9.32-dev1')) {
+
+	showUpdateStep("Updating from 0.9.32-dev1 to 0.9.32-dev2");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding mailserver - settings for traffic analysis");
+	$ins_stmt = Database::prepare("
+		INSERT INTO `".TABLE_PANEL_SETTINGS."` SET `settinggroup` = 'system', `varname` = :varname, `value` = :value
+	");
+
+	Database::pexecute($ins_stmt, array('varname' => 'mailtraffic_enabled', 'value' => isset($_POST['mailtraffic_enabled']) ? (int)$_POST['mailtraffic_enabled'] : '1'));
+	Database::pexecute($ins_stmt, array('varname' => 'mdalog', 'value' => isset($_POST['mdalog']) ? $_POST['mdalog'] : '/var/log/mail.log'));
+	Database::pexecute($ins_stmt, array('varname' => 'mtalog', 'value' => isset($_POST['mtalog']) ? $_POST['mtalog'] : '/var/log/mail.log'));
+	Database::pexecute($ins_stmt, array('varname' => 'mdaserver', 'value' => isset($_POST['mdaserver']) ? $_POST['mdaserver'] : 'dovecot'));
+	Database::pexecute($ins_stmt, array('varname' => 'mtaserver', 'value' => isset($_POST['mtaserver']) ? $_POST['mtaserver'] : 'postfix'));
+	lastStepStatus(0);
+
+	updateToVersion('0.9.32-dev2');
+}
+
+if (isFroxlorVersion('0.9.32-dev2')) {
+
+	showUpdateStep("Updating from 0.9.32-dev2 to 0.9.32-dev3");
+	lastStepStatus(0);
+
+	showUpdateStep("Updating froxlor - theme");
+	Database::query("UPDATE `".TABLE_PANEL_ADMINS."` SET `theme` = 'Sparkle_froxlor' WHERE `theme` = 'Froxlor';");
+	Database::query("UPDATE `".TABLE_PANEL_CUSTOMERS."` SET `theme` = 'Sparkle_froxlor' WHERE `theme` = 'Froxlor';");
+	Database::query("UPDATE `".TABLE_PANEL_SESSIONS."` SET `theme` = 'Sparkle_froxlor' WHERE `theme` = 'Froxlor';");
+	if (Settings::Get('panel.default_theme') == 'Froxlor') {
+		Settings::Set('panel.default_theme', 'Sparkle_froxlor');
+	}
+	lastStepStatus(0);
+
+	updateToVersion('0.9.32-dev3');
+}
+
+if (isFroxlorVersion('0.9.32-dev3')) {
+
+	showUpdateStep("Updating from 0.9.32-dev3 to 0.9.32-dev4");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding new FTP-description field");
+	Database::query("ALTER TABLE `".TABLE_FTP_USERS."` ADD `description` varchar(255) NOT NULL DEFAULT '' AFTER `customerid`;");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.32-dev4');
+}
+
+if (isFroxlorVersion('0.9.32-dev4')) {
+
+	showUpdateStep("Updating from 0.9.32-dev4 to 0.9.32-dev5");
+	lastStepStatus(0);
+
+	showUpdateStep("Updating cronjob table");
+	Database::query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `cronfile` = REPLACE( REPLACE(`cronfile`, 'cron_', ''), '.php', '')");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding new settings for cron");
+	// get user-chosen value
+	$crondfile = isset($_POST['crondfile']) ? $_POST['crondfile'] : "/etc/cron.d/froxlor";
+	$crondfile = makeCorrectFile($crondfile);
+	Settings::AddNew("system.cronconfig", $crondfile);
+	// add task to generate cron.d-file
+	inserttask('99');
+	lastStepStatus(0);
+
+	updateToVersion('0.9.32-dev5');
+}
+
+if (isFroxlorVersion('0.9.32-dev5')) {
+
+	showUpdateStep("Updating from 0.9.32-dev5 to 0.9.32-dev6", false);
+
+	showUpdateStep("Adding new settings for cron-daemon reload command");
+	// get user-chosen value
+	$crondreload = isset($_POST['crondreload']) ? $_POST['crondreload'] : "/etc/init.d/cron reload";
+	Settings::AddNew("system.crondreload", $crondreload);
+	// add task to generate cron.d-file
+	inserttask('99');
+	lastStepStatus(0);
+
+	updateToVersion('0.9.32-dev6');
+}
+
+if (isFroxlorVersion('0.9.32-dev6')) {
+
+	showUpdateStep("Updating from 0.9.32-dev6 to 0.9.32-rc1", false);
+
+	showUpdateStep("Enhancing tasks-table");
+	Database::query("ALTER TABLE `".TABLE_PANEL_TASKS."` MODIFY `data` text NOT NULL default ''");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.32-rc1');
+}
+
+if (isFroxlorVersion('0.9.32-rc1')) {
+
+	showUpdateStep("Updating from 0.9.32-rc1 to 0.9.32-rc2", false);
+
+	showUpdateStep("Removing autoresponder-cronjob (deprecated)");
+	Database::query("DELETE FROM `".TABLE_PANEL_CRONRUNS."` WHERE `module` = 'froxlor/autoresponder';");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding new settings for cron");
+	// get user-chosen value
+	$croncmdline = isset($_POST['croncmdline']) ? $_POST['croncmdline'] : "/usr/bin/nice -n 5 /usr/bin/php5 -q";
+	Settings::AddNew("system.croncmdline", $croncmdline);
+	// add task to generate cron.d-file
+	inserttask('99');
+	// silenty add the auto-update setting - we do not want everybody to know and use this
+	// as it is a very dangerous setting
+	Settings::AddNew("system.cron_allowautoupdate", 0);
+	lastStepStatus(0);
+
+	showUpdateStep("Removing backup-module ftp-users (deprecated)");
+	Database::query("DELETE FROM `".TABLE_FTP_USERS."` WHERE `username` LIKE '%_backup';");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.32-rc2');
+}
+
+if (isFroxlorVersion('0.9.32-rc2')) {
+	showUpdateStep("Updating from 0.9.32-rc2 to 0.9.32-rc3", false);
+
+	showUpdateStep("Removing outdated languages");
+	Database::query("DELETE FROM `" . TABLE_PANEL_LANGUAGE . "` WHERE `iso` REGEXP '(bg|ca|cz|da|hu|pl|ru|sk|es|zh)';");
+	Database::query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `def_language` = 'English' WHERE `def_language` NOT REGEXP '(Dutch|English|Français|Deutsch|Italian|Portugu\&ecirc;s|Swedish)';");
+	Database::query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `def_language` = 'English' WHERE `def_language` NOT REGEXP '(Dutch|English|Français|Deutsch|Italian|Portugu&ecirc;s|Swedish)';");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.32-rc3');
+}
+
+if (isFroxlorVersion('0.9.32-rc3')) {
+	showUpdateStep("Updating from 0.9.32-rc3 to 0.9.32 final", false);
+	updateToVersion('0.9.32');
+}
+
+if (isFroxlorVersion('0.9.32')) {
+	showUpdateStep("Updating from 0.9.32 to 0.9.33-dev1", false);
+
+	showUpdateStep("Adding settings for custom newsfeed on customer-dashboard");
+	Settings::AddNew("customer.show_news_feed", isset($_POST['customer_show_news_feed']) ? (int)$_POST['customer_show_news_feed'] : '0');
+	Settings::AddNew("customer.news_feed_url", isset($_POST['customer_news_feed_url']) ? $_POST['customer_news_feed_url'] : '');
+	lastStepStatus(0);
+
+	updateToVersion('0.9.33-dev1');
+}
+
+if (isFroxlorVersion('0.9.33-dev1')) {
+	showUpdateStep("Updating from 0.9.33-dev1 to 0.9.33-dev2", false);
+
+	showUpdateStep("Adding settings for hostname-dns-entry");
+	Settings::AddNew("system.dns_createhostnameentry", isset($_POST['dns_createhostnameentry']) ? (int)$_POST['dns_createhostnameentry'] : '0');
+	lastStepStatus(0);
+
+	updateToVersion('0.9.33-dev2');
+}
+
+if (isFroxlorVersion('0.9.33-dev2')) {
+	showUpdateStep("Updating from 0.9.33-dev2 to 0.9.33-dev3", false);
+
+	showUpdateStep("Adding settings for password-generation options");
+	Settings::AddNew("panel.password_alpha_lower", '1');
+	Settings::AddNew("panel.password_alpha_upper", '1');
+	Settings::AddNew("panel.password_numeric", '0');
+	Settings::AddNew("panel.password_special_char_required", '0');
+	Settings::AddNew("panel.password_special_char", '!?<>§$%&+#=@');
+	lastStepStatus(0);
+
+	showUpdateStep("Adding settings for fpm-apache2.4-mod_proxy integration");
+	Settings::AddNew("phpfpm.use_mod_proxy", '0');
+	lastStepStatus(0);
+
+	updateToVersion('0.9.33-dev3');
+}
+
+if (isFroxlorVersion('0.9.33-dev3')) {
+	showUpdateStep("Updating from 0.9.33-dev3 to 0.9.33-rc1", false);
+
+	showUpdateStep("Updating database-scheme");
+	Database::query("ALTER TABLE `".TABLE_PANEL_DOMAINS."` MODIFY `dkim_privkey` text");
+	Database::query("ALTER TABLE `".TABLE_PANEL_DOMAINS."` MODIFY `dkim_pubkey` text");
+	Database::query("ALTER TABLE `".TABLE_PANEL_DOMAINS."` MODIFY `specialsettings` text");
+	Database::query("ALTER TABLE `".TABLE_PANEL_IPSANDPORTS."` MODIFY `specialsettings` text");
+	Database::query("ALTER TABLE `".TABLE_PANEL_IPSANDPORTS."` MODIFY `default_vhostconf_domain` text");
+	Database::query("ALTER TABLE `".TABLE_PANEL_DOMAIN_SSL_SETTINGS."` MODIFY `ssl_ca_file` text");
+	Database::query("ALTER TABLE `".TABLE_PANEL_DOMAIN_SSL_SETTINGS."` MODIFY `ssl_cert_chainfile` text");
+	lastStepStatus(0);
+
+	showUpdateStep("Removing old settings");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup`='panel' AND `varname` = 'use_webfonts';");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup`='panel' AND `varname` = 'webfont';");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding local froxlor group to customer groups");
+	if ((int)Settings::Get('system.mod_fcgid_ownvhost') == 1 || (int)Settings::Get('phpfpm.enabled_ownvhost') == 1) {
+		if ((int)Settings::Get('system.mod_fcgid') == 1) {
+			$local_user = Settings::Get('system.mod_fcgid_httpuser');
+		} else {
+			$local_user = Settings::Get('phpfpm.vhost_httpuser');
+		}
+		Database::query("UPDATE `".TABLE_FTP_GROUPS."` SET `members` = CONCAT(`members`, ',".$local_user."');");
+		lastStepStatus(0);
+	} else {
+		lastStepStatus(1, "not needed");
+	}
+
+	updateToVersion('0.9.33-rc1');
+}
+
+if (isFroxlorVersion('0.9.33-rc1')) {
+	showUpdateStep("Updating from 0.9.33-rc1 to 0.9.33-rc2", false);
+
+	showUpdateStep("Add new setting for sending cron-errors via mail");
+	$sendcronerrors = isset($_POST['system_send_cron_errors']) ? (int)$_POST['system_send_cron_errors'] : "0";
+	Settings::addNew('system.send_cron_errors', $sendcronerrors);
+	lastStepStatus(0);
+
+	showUpdateStep("Add new custom-notes field for admins and customer");
+	Database::query("ALTER TABLE `".TABLE_PANEL_ADMINS."` ADD `custom_notes` text AFTER `theme`");
+	Database::query("ALTER TABLE `".TABLE_PANEL_ADMINS."` ADD `custom_notes_show` tinyint(1) NOT NULL default '0' AFTER `custom_notes`");
+	Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` ADD `custom_notes` text AFTER `theme`");
+	Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` ADD `custom_notes_show` tinyint(1) NOT NULL default '0' AFTER `custom_notes`");
+	lastStepStatus(0);
+
+	// go from varchar(50) to varchar(255) because of some hashes that are longer than that
+	showUpdateStep("Updating table structure of admins and customers");
+	Database::query("ALTER TABLE `".TABLE_PANEL_ADMINS."` MODIFY `password` varchar(255) NOT NULL default ''");
+	Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` MODIFY `password` varchar(255) NOT NULL default ''");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.33-rc2');
+}
+
+if (isFroxlorVersion('0.9.33-rc2')) {
+
+	showUpdateStep("Updating from 0.9.33-rc2 to 0.9.33-rc3");
+	lastStepStatus(0);
+	updateToVersion('0.9.33-rc3');
+
+}
+
+if (isFroxlorVersion('0.9.33-rc3')) {
+
+        showUpdateStep("Updating from 0.9.33-rc3 to 0.9.33 final");
+        lastStepStatus(0);
+        updateToVersion('0.9.33');
+
+}
+
+if (isFroxlorVersion('0.9.33')) {
+
+        showUpdateStep("Updating from 0.9.33 to 0.9.33.1");
+        lastStepStatus(0);
+        updateToVersion('0.9.33.1');
+
+}
+
+if (isFroxlorVersion('0.9.33.1')) {
+
+        showUpdateStep("Updating from 0.9.33.1 to 0.9.33.2");
+        lastStepStatus(0);
+        updateToVersion('0.9.33.2');
+
 }

install/updates/froxlor/upgrade_syscp.inc.php

@@ -15,10 +15,19 @@
  *
  */
 
+if (!defined('AREA')
+		|| (defined('AREA') && AREA != 'admin')
+		|| !isset($userinfo['loginname'])
+		|| (isset($userinfo['loginname']) && $userinfo['loginname'] == '')
+) {
+	header('Location: ../../../index.php');
+	exit;
+}
+
 $updateto = '0.9-r0';
 $frontend = 'froxlor';
 
-showUpdateStep("Upgrading SysCP ".$settings['panel']['version']." to Froxlor ". $updateto, false);
+showUpdateStep("Upgrading SysCP ".Settings::Get('panel.version')." to Froxlor ". $updateto, false);
 updateToVersion($updateto);
 
 // add field frontend
@@ -27,4 +36,4 @@ Database::query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` SET
 	`varname` = 'frontend',
 	`value` = 'froxlor'"
 );
-$settings['panel']['frontend'] = $frontend;
+Settings::Set('panel.frontend', $frontend);

install/updates/preconfig.php

@@ -28,7 +28,7 @@
 function getPreConfig($current_version)
 {
 	$has_preconfig = false;
-	$return = '<div class="preconfig"><h3 style="color:#ff0000;">PLEASE NOTE - Important update notifications</h3>';
+	$return = '<div class="preconfig"><h3 class="red">PLEASE NOTE - Important update notifications</h3>';
 
 	include_once makeCorrectFile(dirname(__FILE__).'/preconfig/0.9/preconfig_0.9.inc.php');
 	parseAndOutputPreconfig($has_preconfig, $return, $current_version);

install/updates/preconfig/0.9/preconfig_0.9.inc.php

@@ -24,9 +24,9 @@
  *
  * @return null
  */
-function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
-{
-	global $settings, $lng;
+function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version) {
+
+	global $lng;
 
 	if(versionInUpdate($current_version, '0.9.4-svn2'))
 	{
@@ -42,11 +42,11 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 
 	if(versionInUpdate($current_version, '0.9.6-svn2'))
 	{
-		if(!PHPMailer::ValidateAddress($settings['panel']['adminmail']))
+		if(!PHPMailer::ValidateAddress(Settings::Get('panel.adminmail')))
 		{
 			$has_preconfig = true;
 			$description = 'Froxlor uses a newer version of the phpMailerClass and determined that your current admin-mail address is invalid.';
-			$question = '<strong>Please specify a new admin-email address:</strong>&nbsp;<input type="text" class="text" name="update_adminmail" value="'.$settings['panel']['adminmail'].'" />';
+			$question = '<strong>Please specify a new admin-email address:</strong>&nbsp;<input type="text" class="text" name="update_adminmail" value="'.Settings::Get('panel.adminmail').'" />';
 			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 		}
 	}
@@ -57,7 +57,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		$description = 'You now have the possibility to define default error-documents for your webserver which replace the default webserver error-messages.';
 		$question = '<strong>Do you want to enable default error-documents?:</strong>&nbsp;';
 		$question .= makeyesno('update_deferr_enable', '1', '0', '0').'<br /><br />';
-		if($settings['system']['webserver'] == 'apache2')
+		if(Settings::Get('system.webserver') == 'apache2')
 		{
 			$question .= 'Path/URL for error 500:&nbsp;<input type="text" class="text" name="update_deferr_500" /><br /><br />';
 			$question .= 'Path/URL for error 401:&nbsp;<input type="text" class="text" name="update_deferr_401" /><br /><br />';
@@ -244,7 +244,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 
 	if(versionInUpdate($current_version, '0.9.12-svn1'))
 	{
-		if($settings['system']['mod_fcgid'] == 1)
+		if(Settings::Get('system.mod_fcgid') == 1)
 		{
 			$has_preconfig = true;
 			$description = 'You can chose whether you want Froxlor to use FCGID itself too now.';
@@ -273,19 +273,19 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 
 	if(versionInUpdate($current_version, '0.9.12-svn4'))
 	{
-		if((int)$settings['system']['awstats_enabled'] == 1)
+		if((int)Settings::Get('system.awstats_enabled') == 1)
 		{
 			$has_preconfig = true;
 			$description = 'Due to different paths of awstats_buildstaticpages.pl and awstats.pl you can set a different path for awstats.pl now.';
 			$question = '<strong>Path to \'awstats.pl\'?:</strong>&nbsp;';
-			$question.= '<input type="text" class="text" name="update_awstats_awstatspath" value="'.$settings['system']['awstats_path'].'" /><br />';
+			$question.= '<input type="text" class="text" name="update_awstats_awstatspath" value="'.Settings::Get('system.awstats_path').'" /><br />';
 			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 		}
 	}
 
 	if(versionInUpdate($current_version, '0.9.13-svn1'))
 	{
-		if((int)$settings['autoresponder']['autoresponder_active'] == 1)
+		if((int)Settings::Get('autoresponder.autoresponder_active') == 1)
 		{
 			$has_preconfig = true;
 			$description = 'Froxlor can now limit the number of autoresponder-entries for each user. Here you can set the value which will be available for each customer (Of course you can change the value for each customer separately after the update).';
@@ -297,7 +297,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 
 	if(versionInUpdate($current_version, '0.9.13.1'))
 	{
-		if((int)$settings['system']['mod_fcgid_ownvhost'] == 1)
+		if((int)Settings::Get('system.mod_fcgid_ownvhost') == 1)
 		{
 			$has_preconfig = true;
 			$description = 'You have FCGID for Froxlor itself activated. You can now specify a PHP-configuration for this.';
@@ -316,24 +316,24 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 
 	if(versionInUpdate($current_version, '0.9.14-svn3'))
 	{
-		if((int)$settings['system']['awstats_enabled'] == 1)
+		if((int)Settings::Get('system.awstats_enabled') == 1)
 		{
 			$has_preconfig = true;
 			$description = 'To have icons in AWStats statistic-pages please enter the path to AWStats icons folder.';
 			$question = '<strong>Path to AWSTats icons folder:</strong>&nbsp;';
-			$question.= '<input type="text" class="text" name="update_awstats_icons" value="'.$settings['system']['awstats_icons'].'" />';
+			$question.= '<input type="text" class="text" name="update_awstats_icons" value="'.Settings::Get('system.awstats_icons').'" />';
 			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 		}
 	}
 
 	if(versionInUpdate($current_version, '0.9.14-svn4'))
 	{
-		if((int)$settings['system']['use_ssl'] == 1)
+		if((int)Settings::Get('system.use_ssl') == 1)
 		{
 			$has_preconfig = true;
 			$description = 'Froxlor now has the possibility to set \'SSLCertificateChainFile\' for the apache webserver.';
 			$question = '<strong>Enter filename (leave empty for none):</strong>&nbsp;';
-			$question.= '<input type="text" class="text" name="update_ssl_cert_chainfile" value="'.$settings['system']['ssl_cert_chainfile'].'" />';
+			$question.= '<input type="text" class="text" name="update_ssl_cert_chainfile" value="'.Settings::Get('system.ssl_cert_chainfile').'" />';
 			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 		}
 	}
@@ -390,7 +390,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 
 	if(versionInUpdate($current_version, '0.9.16-svn2'))
 	{
-		if((int)$settings['phpfpm']['enabled'] == 1)
+		if((int)Settings::Get('phpfpm.enabled') == 1)
 		{
 			$has_preconfig = true;
 			$description = 'You can chose whether you want Froxlor to use PHP-FPM itself too now.';
@@ -398,9 +398,9 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 			$question.= makeyesno('update_phpfpm_enabled_ownvhost', '1', '0', '0').'<br /><br />';
 			$question.= '<strong>If \'yes\', please specify local user/group (have to exist, Froxlor does not add them automatically):</strong><br /><br />';
 			$question.= 'Local user:&nbsp;';
-			$question.= '<input type="text" class="text" name="update_phpfpm_httpuser" value="'.$settings['system']['mod_fcgid_httpuser'].'" /><br /><br />';
+			$question.= '<input type="text" class="text" name="update_phpfpm_httpuser" value="'.Settings::Get('system.mod_fcgid_httpuser').'" /><br /><br />';
 			$question.= 'Local group:&nbsp;';
-			$question.= '<input type="text" class="text" name="update_phpfpm_httpgroup" value="'.$settings['system']['mod_fcgid_httpgroup'].'" /><br />';
+			$question.= '<input type="text" class="text" name="update_phpfpm_httpgroup" value="'.Settings::Get('system.mod_fcgid_httpgroup').'" /><br />';
 			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 		}
 	}
@@ -440,7 +440,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		$description = 'This version introduces a lot of profound changes:';
 		$description .= '<br /><ul><li>Improving the whole template system</li><li>Full UTF-8 support</li><li><strong>Removing support for the former default theme \'Classic\'</strong></li></ul>';
 		$description .= '<br /><br />Notice: This update will <strong>alter your Froxlor database to use UTF-8</strong> as default charset. ';
-		$description .= 'Even though this is already tested, we <span style="color:#ff0000;font-weight:bold;">strongly recommend</span> to ';
+		$description .= 'Even though this is already tested, we <span class="red">strongly recommend</span> to ';
 		$description .= 'test this update in a testing environment using your existing data.<br /><br />';
 
 		$question = '<strong>Select your preferred Classic Theme replacement:</strong>&nbsp;';
@@ -457,7 +457,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 
 	if (versionInUpdate($current_version, '0.9.28-svn6')) {
 
-		if ($settings['system']['webserver'] == 'apache2') {
+		if (Settings::Get('system.webserver') == 'apache2') {
 			$has_preconfig = true;
 			$description = 'Froxlor now supports the new Apache 2.4. Please be aware that you need to load additional apache-modules in ordner to use it.<br />';
 			$description.= '<pre>LoadModule authz_core_module modules/mod_authz_core.so
@@ -465,7 +465,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 			$question = '<strong>Do you want to enable the Apache-2.4 modification?:</strong>&nbsp;';
 			$question.= makeyesno('update_system_apache24', '1', '0', '0');
 			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
-		} elseif ($settings['system']['webserver'] == 'nginx') {
+		} elseif (Settings::Get('system.webserver') == 'nginx') {
 			$has_preconfig = true;
 			$description = 'The path to nginx\'s fastcgi_params file is now customizable.<br /><br />';
 			$question = '<strong>Please enter full path to you nginx/fastcgi_params file (including filename):</strong>&nbsp;';
@@ -494,8 +494,8 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		$description  = 'Froxlor changed the default parameter-set of sendmail (php.ini)<br />';
 		$description .= 'sendmail_path = "/usr/sbin/sendmail -t <strong>-i</strong> -f {CUSTOMER_EMAIL}"<br /><br />';
 		$description .= 'If you don\'t have any problems with sending mails, you don\'t need to change this';
-		if ($settings['system']['mod_fcgid'] == '1'
-				|| $settings['phpfpm']['enabled'] == '1'
+		if (Settings::Get('system.mod_fcgid') == '1'
+				|| Settings::Get('phpfpm.enabled') == '1'
 		) {
 			// information about removal of php's safe_mode
 			$description .= '<br /><br />The php safe_mode flag has been removed as current versions of PHP<br />';
@@ -509,8 +509,8 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 
 	if (versionInUpdate($current_version, '0.9.29-dev1')) {
 		// we only need to ask if fcgid|php-fpm is enabled
-		if ($settings['system']['mod_fcgid'] == '1'
-				|| $settings['phpfpm']['enabled'] == '1'
+		if (Settings::Get('system.mod_fcgid') == '1'
+				|| Settings::Get('phpfpm.enabled') == '1'
 		) {
 			$has_preconfig = true;
 			$description  = 'Standard-subdomains can now be hidden from the php-configuration overview.<br />';
@@ -555,12 +555,12 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 	// let the apache+fpm users know that they MUST change their config
 	// for the domains / webserver to work after the update
 	if (versionInUpdate($current_version, '0.9.30-dev1')) {
-		if ($settings['system']['webserver'] == 'apache2'
-			&& $settings['phpfpm']['enabled'] == '1'
+		if (Settings::Get('system.webserver') == 'apache2'
+			&& Settings::Get('phpfpm.enabled') == '1'
 		) {
 			$has_preconfig = true;
 			$description  = 'The PHP-FPM implementation for apache2 has changed. Please look for the "<b>fastcgi.conf</b>" (Debian/Ubuntu) or "<b>70_fastcgi.conf</b>" (Gentoo) within /etc/apache2/ and change it as shown below:<br /><br />';
-			$description .= '<pre style="width:500px;border:1px solid #ccc;padding:4px;">&lt;IfModule mod_fastcgi.c&gt;
+			$description .= '<pre class="code-block">&lt;IfModule mod_fastcgi.c&gt;
     FastCgiIpcDir /var/lib/apache2/fastcgi/
     &lt;Location "/fastcgiphp"&gt;
         Order Deny,Allow
@@ -575,8 +575,8 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 	}
 
 	if (versionInUpdate($current_version, '0.9.31-dev2')) {
-		if ($settings['system']['webserver'] == 'apache2'
-				&& $settings['phpfpm']['enabled'] == '1'
+		if (Settings::Get('system.webserver') == 'apache2'
+				&& Settings::Get('phpfpm.enabled') == '1'
 		) {
 			$has_preconfig = true;
 			$description  = 'The FPM socket directory is now a setting in froxlor. Its default is <b>/var/lib/apache2/fastcgi/</b>.<br/>If you are using <b>/var/run/apache2</b> in the "<b>fastcgi.conf</b>" (Debian/Ubuntu) or "<b>70_fastcgi.conf</b>" (Gentoo) please correct this path accordingly<br />';
@@ -610,4 +610,80 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}
 
+	if (versionInUpdate($current_version, '0.9.32-dev2')) {
+		$has_preconfig = true;
+		$description  = 'To enable logging of the mail-traffic, you need to set the following settings accordingly<br /><br />';
+		$question = '<strong>Do you want to enable the traffic collection for mail? (default: yes):</strong>&nbsp;';
+		$question.= makeyesno('mailtraffic_enabled', '1', '0', '1').'<br />';
+		$question.= '<strong>Mail Transfer Agent</strong><br />';
+		$question.= 'Type of your MTA:&nbsp;';
+		$question.= '<select name="mtaserver">';
+		$question.= makeoption('Postfix', 'postfix', 'postfix');
+		$question.= makeoption('Exim4', 'exim4', 'postfix');
+		$question.= '</select><br />';
+		$question.= 'Logfile for your MTA:&nbsp;';
+		$question.= '<input type="text" class="text" name="mtalog" value="/var/log/mail.log" /><br />';
+		$question.= '<strong>Mail Delivery Agent</strong><br />';
+		$question.= 'Type of your MDA:&nbsp;';
+		$question.= '<select name="mdaserver">';
+		$question.= makeoption('Dovecot', 'dovecot', 'dovecot');
+		$question.= makeoption('Courier', 'courier', 'dovecot');
+		$question.= '</select><br /><br />';
+		$question.= 'Logfile for your MDA:&nbsp;';
+		$question.= '<input type="text" class="text" name="mdalog" value="/var/log/mail.log" /><br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.32-dev5')) {
+		$has_preconfig = true;
+		$description = 'Froxlor now generates a cron-configuration file for the cron-daemon. Please set a filename which will be included automatically by your crond (e.g. files in /etc/cron.d/)<br /><br />';
+		$question = '<strong>Path to the cron-service configuration-file.</strong> This file will be updated regularly and automatically by froxlor.<br />Note: please <b>be sure</b> to use the same filename as for the main froxlor cronjob (default: /etc/cron.d/froxlor)!<br />';
+		$question.= '<input type="text" class="text" name="crondfile" value="/etc/cron.d/froxlor" /><br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.32-dev6')) {
+		$has_preconfig = true;
+		$description = 'In order for the new cron.d file to work properly, we need to know about the cron-service reload command.<br /><br />';
+		$question = '<strong>Please specify the reload-command of your cron-daemon</strong> (default: /etc/init.d/cron reload)<br />';
+		$question.= '<input type="text" class="text" name="crondreload" value="/etc/init.d/cron reload" /><br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.32-rc2')) {
+		$has_preconfig = true;
+		$description = 'To customize the command which executes the cronjob (php - basically) change the path below according to your system.<br /><br />';
+		$question = '<strong>Please specify the command to execute cronscripts</strong> (default: "/usr/bin/nice -n 5 /usr/bin/php5 -q")<br />';
+		$question.= '<input type="text" class="text" name="croncmdline" value="/usr/bin/nice -n 5 /usr/bin/php5 -q" /><br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.33-dev1')) {
+		$has_preconfig = true;
+		$description  = 'You can enable/disable the display/usage of the custom newsfeed for customers.<br /><br />';
+		$question = '<strong>Do you want to enable the custom newsfeed for customer? (default: no):</strong>&nbsp;';
+		$question.= makeyesno('customer_show_news_feed', '1', '0', '0').'<br />';
+		$question.= '<strong>You have to set the URL for your RSS-feed here, if you have choosen to enable the custom newsfeed on the customer-dashboard:</strong>&nbsp;';
+		$question.= '<input type="text" class="text" name="customer_news_feed_url" value="" /><br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.33-dev2')) {
+		// only if bind is used - if not the default will be set, which is '0' (off)
+		if (Settings::get('system.bind_enable') == 1) {
+			$has_preconfig = true;
+			$description  = 'You can enable/disable the generation of the bind-zone / config for the system hostname.<br /><br />';
+			$question = '<strong>Do you want to generate a bind-zone for the system-hostname? (default: no):</strong>&nbsp;';
+			$question.= makeyesno('dns_createhostnameentry', '1', '0', '0').'<br />';
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		}
+	}
+
+	if (versionInUpdate($current_version, '0.9.33-rc2')) {
+		$has_preconfig = true;
+		$description  = 'You can chose whether you want to receive an e-mail on cronjob errors. Keep in mind that this can lead to an e-mail being sent every 5 minutes.<br /><br />';
+		$question = '<strong>Do you want to receive cron-errors via mail? (default: no):</strong>&nbsp;';
+		$question.= makeyesno('system_send_cron_errors', '1', '0', '0').'<br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
 }

install/updatesql.php

@@ -17,10 +17,19 @@
  *
  */
 
-$updatelog = FroxlorLogger::getInstanceOf(array('loginname' => 'updater'), $settings);
+if (!defined('AREA')
+	|| (defined('AREA') && AREA != 'admin')
+	|| !isset($userinfo['loginname'])
+	|| (isset($userinfo['loginname']) && $userinfo['loginname'] == '')
+) {
+	header('Location: ../index.php');
+	exit;
+}
+
+$updatelog = FroxlorLogger::getInstanceOf(array('loginname' => 'updater'));
 
 $updatelogfile = validateUpdateLogFile(makeCorrectFile(dirname(__FILE__).'/update.log'));
-$filelog = FileLogger::getInstanceOf(array('loginname' => 'updater'), $settings);
+$filelog = FileLogger::getInstanceOf(array('loginname' => 'updater'));
 $filelog->setLogFile($updatelogfile);
 
 // if first writing does not work we'll stop, tell the user to fix it
@@ -44,6 +53,23 @@ if(!isFroxlor()) {
 
 if (isFroxlor()) {
 	include_once (makeCorrectFile(dirname(__FILE__).'/updates/froxlor/0.9/update_0.9.inc.php'));
+
+	// Check Froxlor - database integrity (only happens after all updates are done, so we know the db-layout is okay)
+	showUpdateStep("Checking database integrity");
+
+	$integrity = new IntegrityCheck();
+	if (!$integrity->checkAll()) {
+		lastStepStatus(2, 'Monkeys ate the integrity');
+		showUpdateStep("Trying to remove monkeys, feeding bananas");
+		if(!$integrity->fixAll()) {
+			lastStepStatus(2, 'Some monkeys just would not move');
+		} else {
+			lastStepStatus(0);
+		}
+	} else {
+		lastStepStatus(0);
+	}
+
 	$filelog->logAction(ADM_ACTION, LOG_WARNING, '--------------- END LOG ---------------');
 	unset($filelog);
 }

js/html5shiv.js

@@ -1,8 +0,0 @@
-/*
- HTML5 Shiv v3.7.0 | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed
-*/
-(function(l,f){function m(){var a=e.elements;return"string"==typeof a?a.split(" "):a}function i(a){var b=n[a[o]];b||(b={},h++,a[o]=h,n[h]=b);return b}function p(a,b,c){b||(b=f);if(g)return b.createElement(a);c||(c=i(b));b=c.cache[a]?c.cache[a].cloneNode():r.test(a)?(c.cache[a]=c.createElem(a)).cloneNode():c.createElem(a);return b.canHaveChildren&&!s.test(a)?c.frag.appendChild(b):b}function t(a,b){if(!b.cache)b.cache={},b.createElem=a.createElement,b.createFrag=a.createDocumentFragment,b.frag=b.createFrag();
-a.createElement=function(c){return!e.shivMethods?b.createElem(c):p(c,a,b)};a.createDocumentFragment=Function("h,f","return function(){var n=f.cloneNode(),c=n.createElement;h.shivMethods&&("+m().join().replace(/[\w\-]+/g,function(a){b.createElem(a);b.frag.createElement(a);return'c("'+a+'")'})+");return n}")(e,b.frag)}function q(a){a||(a=f);var b=i(a);if(e.shivCSS&&!j&&!b.hasCSS){var c,d=a;c=d.createElement("p");d=d.getElementsByTagName("head")[0]||d.documentElement;c.innerHTML="x<style>article,aside,dialog,figcaption,figure,footer,header,hgroup,main,nav,section{display:block}mark{background:#FF0;color:#000}template{display:none}</style>";
-c=d.insertBefore(c.lastChild,d.firstChild);b.hasCSS=!!c}g||t(a,b);return a}var k=l.html5||{},s=/^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i,r=/^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i,j,o="_html5shiv",h=0,n={},g;(function(){try{var a=f.createElement("a");a.innerHTML="<xyz></xyz>";j="hidden"in a;var b;if(!(b=1==a.childNodes.length)){f.createElement("a");var c=f.createDocumentFragment();b="undefined"==typeof c.cloneNode||
-"undefined"==typeof c.createDocumentFragment||"undefined"==typeof c.createElement}g=b}catch(d){g=j=!0}})();var e={elements:k.elements||"abbr article aside audio bdi canvas data datalist details dialog figcaption figure footer header hgroup main mark meter nav output progress section summary template time video",version:"3.7.0",shivCSS:!1!==k.shivCSS,supportsUnknownElements:g,shivMethods:!1!==k.shivMethods,type:"default",shivDocument:q,createElement:p,createDocumentFragment:function(a,b){a||(a=f);
-if(g)return a.createDocumentFragment();for(var b=b||i(a),c=b.frag.cloneNode(),d=0,e=m(),h=e.length;d<h;d++)c.createElement(e[d]);return c}};l.html5=e;q(f)})(this,document);

js/html5shiv.min.js

@@ -0,0 +1,4 @@
+/**
+* @preserve HTML5 Shiv 3.7.2 | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed
+*/
+!function(a,b){function c(a,b){var c=a.createElement("p"),d=a.getElementsByTagName("head")[0]||a.documentElement;return c.innerHTML="x<style>"+b+"</style>",d.insertBefore(c.lastChild,d.firstChild)}function d(){var a=t.elements;return"string"==typeof a?a.split(" "):a}function e(a,b){var c=t.elements;"string"!=typeof c&&(c=c.join(" ")),"string"!=typeof a&&(a=a.join(" ")),t.elements=c+" "+a,j(b)}function f(a){var b=s[a[q]];return b||(b={},r++,a[q]=r,s[r]=b),b}function g(a,c,d){if(c||(c=b),l)return c.createElement(a);d||(d=f(c));var e;return e=d.cache[a]?d.cache[a].cloneNode():p.test(a)?(d.cache[a]=d.createElem(a)).cloneNode():d.createElem(a),!e.canHaveChildren||o.test(a)||e.tagUrn?e:d.frag.appendChild(e)}function h(a,c){if(a||(a=b),l)return a.createDocumentFragment();c=c||f(a);for(var e=c.frag.cloneNode(),g=0,h=d(),i=h.length;i>g;g++)e.createElement(h[g]);return e}function i(a,b){b.cache||(b.cache={},b.createElem=a.createElement,b.createFrag=a.createDocumentFragment,b.frag=b.createFrag()),a.createElement=function(c){return t.shivMethods?g(c,a,b):b.createElem(c)},a.createDocumentFragment=Function("h,f","return function(){var n=f.cloneNode(),c=n.createElement;h.shivMethods&&("+d().join().replace(/[\w\-:]+/g,function(a){return b.createElem(a),b.frag.createElement(a),'c("'+a+'")'})+");return n}")(t,b.frag)}function j(a){a||(a=b);var d=f(a);return!t.shivCSS||k||d.hasCSS||(d.hasCSS=!!c(a,"article,aside,dialog,figcaption,figure,footer,header,hgroup,main,nav,section{display:block}mark{background:#FF0;color:#000}template{display:none}")),l||i(a,d),a}var k,l,m="3.7.2",n=a.html5||{},o=/^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i,p=/^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i,q="_html5shiv",r=0,s={};!function(){try{var a=b.createElement("a");a.innerHTML="<xyz></xyz>",k="hidden"in a,l=1==a.childNodes.length||function(){b.createElement("a");var a=b.createDocumentFragment();return"undefined"==typeof a.cloneNode||"undefined"==typeof a.createDocumentFragment||"undefined"==typeof a.createElement}()}catch(c){k=!0,l=!0}}();var t={elements:n.elements||"abbr article aside audio bdi canvas data datalist details dialog figcaption figure footer header hgroup main mark meter nav output picture progress section summary template time video",version:m,shivCSS:n.shivCSS!==!1,supportsUnknownElements:l,shivMethods:n.shivMethods!==!1,type:"default",shivDocument:j,createElement:g,createDocumentFragment:h,addElements:e};a.html5=t,j(b)}(this,document);

js/jquery-ui.min.js

@@ -1 +0,0 @@
-jquery-ui-1.9.2.min.js

js/plugins/jqplot.blockRenderer.min.js

@@ -1,3 +0,0 @@
-/* jqPlot 1.0.8r1250 | (c) 2009-2013 Chris Leonello | jplot.com
-   jsDate | (c) 2010-2013 Chris Leonello
- */(function(a){a.jqplot.BlockRenderer=function(){a.jqplot.LineRenderer.call(this)};a.jqplot.BlockRenderer.prototype=new a.jqplot.LineRenderer();a.jqplot.BlockRenderer.prototype.constructor=a.jqplot.BlockRenderer;a.jqplot.BlockRenderer.prototype.init=function(b){this.css={padding:"2px",border:"1px solid #999",textAlign:"center"};this.escapeHtml=false;this.insertBreaks=true;this.varyBlockColors=false;a.extend(true,this,b);if(this.css.backgroundColor){this.color=this.css.backgroundColor}else{if(this.css.background){this.color=this.css.background}else{if(!this.varyBlockColors){this.css.background=this.color}}}this.canvas=new a.jqplot.BlockCanvas();this.shadowCanvas=new a.jqplot.BlockCanvas();this.canvas._plotDimensions=this._plotDimensions;this.shadowCanvas._plotDimensions=this._plotDimensions;this._type="block";this.moveBlock=function(l,j,i,e){var c=this.canvas._elem.children(":eq("+l+")");this.data[l][0]=j;this.data[l][1]=i;this._plotData[l][0]=j;this._plotData[l][1]=i;this._stackData[l][0]=j;this._stackData[l][1]=i;this.gridData[l][0]=this._xaxis.series_u2p(j);this.gridData[l][1]=this._yaxis.series_u2p(i);var k=c.outerWidth();var f=c.outerHeight();var d=this.gridData[l][0]-k/2+"px";var g=this.gridData[l][1]-f/2+"px";if(e){if(parseInt(e,10)){e=parseInt(e,10)}c.animate({left:d,top:g},e)}else{c.css({left:d,top:g})}c=null}};a.jqplot.BlockRenderer.prototype.draw=function(q,o,r){if(this.plugins.pointLabels){this.plugins.pointLabels.show=false}var f,c,l,o,p,k,n,g,e,m;var b=(r!=undefined)?r:{};var j=new a.jqplot.ColorGenerator(this.seriesColors);this.canvas._elem.empty();for(f=0;f<this.gridData.length;f++){l=this.data[f];o=this.gridData[f];p="";k={};if(typeof l[2]=="string"){p=l[2]}else{if(typeof l[2]=="object"){k=l[2]}}if(typeof l[3]=="object"){k=l[3]}if(this.insertBreaks){p=p.replace(/ /g,"<br />")}k=a.extend(true,{},this.css,k);c=a('<div style="position:absolute;margin-left:auto;margin-right:auto;"></div>');this.canvas._elem.append(c);this.escapeHtml?c.text(p):c.html(p);delete k.position;delete k.marginRight;delete k.marginLeft;if(!k.background&&!k.backgroundColor&&!k.backgroundImage){k.background=j.next()}c.css(k);n=c.outerWidth();g=c.outerHeight();e=o[0]-n/2+"px";m=o[1]-g/2+"px";c.css({left:e,top:m});c=null}};a.jqplot.BlockCanvas=function(){a.jqplot.ElemContainer.call(this);this._ctx};a.jqplot.BlockCanvas.prototype=new a.jqplot.ElemContainer();a.jqplot.BlockCanvas.prototype.constructor=a.jqplot.BlockCanvas;a.jqplot.BlockCanvas.prototype.createElement=function(i,e,c){this._offsets=i;var b="jqplot-blockCanvas";if(e!=undefined){b=e}var g;if(this._elem){g=this._elem.get(0)}else{g=document.createElement("div")}if(c!=undefined){this._plotDimensions=c}var d=this._plotDimensions.width-this._offsets.left-this._offsets.right+"px";var f=this._plotDimensions.height-this._offsets.top-this._offsets.bottom+"px";this._elem=a(g);this._elem.css({position:"absolute",width:d,height:f,left:this._offsets.left,top:this._offsets.top});this._elem.addClass(b);return this._elem};a.jqplot.BlockCanvas.prototype.setContext=function(){this._ctx={canvas:{width:0,height:0},clearRect:function(){return null}};return this._ctx}})(jQuery);

js/plugins/jqplot.canvasAxisLabelRenderer.min.js

@@ -1,3 +0,0 @@
-/* jqPlot 1.0.8r1250 | (c) 2009-2013 Chris Leonello | jplot.com
-   jsDate | (c) 2010-2013 Chris Leonello
- */(function(a){a.jqplot.CanvasAxisLabelRenderer=function(b){this.angle=0;this.axis;this.show=true;this.showLabel=true;this.label="";this.fontFamily='"Trebuchet MS", Arial, Helvetica, sans-serif';this.fontSize="11pt";this.fontWeight="normal";this.fontStretch=1;this.textColor="#666666";this.enableFontSupport=true;this.pt2px=null;this._elem;this._ctx;this._plotWidth;this._plotHeight;this._plotDimensions={height:null,width:null};a.extend(true,this,b);if(b.angle==null&&this.axis!="xaxis"&&this.axis!="x2axis"){this.angle=-90}var c={fontSize:this.fontSize,fontWeight:this.fontWeight,fontStretch:this.fontStretch,fillStyle:this.textColor,angle:this.getAngleRad(),fontFamily:this.fontFamily};if(this.pt2px){c.pt2px=this.pt2px}if(this.enableFontSupport){if(a.jqplot.support_canvas_text()){this._textRenderer=new a.jqplot.CanvasFontRenderer(c)}else{this._textRenderer=new a.jqplot.CanvasTextRenderer(c)}}else{this._textRenderer=new a.jqplot.CanvasTextRenderer(c)}};a.jqplot.CanvasAxisLabelRenderer.prototype.init=function(b){a.extend(true,this,b);this._textRenderer.init({fontSize:this.fontSize,fontWeight:this.fontWeight,fontStretch:this.fontStretch,fillStyle:this.textColor,angle:this.getAngleRad(),fontFamily:this.fontFamily})};a.jqplot.CanvasAxisLabelRenderer.prototype.getWidth=function(d){if(this._elem){return this._elem.outerWidth(true)}else{var f=this._textRenderer;var c=f.getWidth(d);var e=f.getHeight(d);var b=Math.abs(Math.sin(f.angle)*e)+Math.abs(Math.cos(f.angle)*c);return b}};a.jqplot.CanvasAxisLabelRenderer.prototype.getHeight=function(d){if(this._elem){return this._elem.outerHeight(true)}else{var f=this._textRenderer;var c=f.getWidth(d);var e=f.getHeight(d);var b=Math.abs(Math.cos(f.angle)*e)+Math.abs(Math.sin(f.angle)*c);return b}};a.jqplot.CanvasAxisLabelRenderer.prototype.getAngleRad=function(){var b=this.angle*Math.PI/180;return b};a.jqplot.CanvasAxisLabelRenderer.prototype.draw=function(c,f){if(this._elem){if(a.jqplot.use_excanvas&&window.G_vmlCanvasManager.uninitElement!==undefined){window.G_vmlCanvasManager.uninitElement(this._elem.get(0))}this._elem.emptyForce();this._elem=null}var e=f.canvasManager.getCanvas();this._textRenderer.setText(this.label,c);var b=this.getWidth(c);var d=this.getHeight(c);e.width=b;e.height=d;e.style.width=b;e.style.height=d;e=f.canvasManager.initCanvas(e);this._elem=a(e);this._elem.css({position:"absolute"});this._elem.addClass("jqplot-"+this.axis+"-label");e=null;return this._elem};a.jqplot.CanvasAxisLabelRenderer.prototype.pack=function(){this._textRenderer.draw(this._elem.get(0).getContext("2d"),this.label)}})(jQuery);

js/plugins/jqplot.canvasAxisTickRenderer.min.js

@@ -1,3 +0,0 @@
-/* jqPlot 1.0.8r1250 | (c) 2009-2013 Chris Leonello | jplot.com
-   jsDate | (c) 2010-2013 Chris Leonello
- */(function(a){a.jqplot.CanvasAxisTickRenderer=function(b){this.mark="outside";this.showMark=true;this.showGridline=true;this.isMinorTick=false;this.angle=0;this.markSize=4;this.show=true;this.showLabel=true;this.labelPosition="auto";this.label="";this.value=null;this._styles={};this.formatter=a.jqplot.DefaultTickFormatter;this.formatString="";this.prefix="";this.fontFamily='"Trebuchet MS", Arial, Helvetica, sans-serif';this.fontSize="10pt";this.fontWeight="normal";this.fontStretch=1;this.textColor="#666666";this.enableFontSupport=true;this.pt2px=null;this._elem;this._ctx;this._plotWidth;this._plotHeight;this._plotDimensions={height:null,width:null};a.extend(true,this,b);var c={fontSize:this.fontSize,fontWeight:this.fontWeight,fontStretch:this.fontStretch,fillStyle:this.textColor,angle:this.getAngleRad(),fontFamily:this.fontFamily};if(this.pt2px){c.pt2px=this.pt2px}if(this.enableFontSupport){if(a.jqplot.support_canvas_text()){this._textRenderer=new a.jqplot.CanvasFontRenderer(c)}else{this._textRenderer=new a.jqplot.CanvasTextRenderer(c)}}else{this._textRenderer=new a.jqplot.CanvasTextRenderer(c)}};a.jqplot.CanvasAxisTickRenderer.prototype.init=function(b){a.extend(true,this,b);this._textRenderer.init({fontSize:this.fontSize,fontWeight:this.fontWeight,fontStretch:this.fontStretch,fillStyle:this.textColor,angle:this.getAngleRad(),fontFamily:this.fontFamily})};a.jqplot.CanvasAxisTickRenderer.prototype.getWidth=function(d){if(this._elem){return this._elem.outerWidth(true)}else{var f=this._textRenderer;var c=f.getWidth(d);var e=f.getHeight(d);var b=Math.abs(Math.sin(f.angle)*e)+Math.abs(Math.cos(f.angle)*c);return b}};a.jqplot.CanvasAxisTickRenderer.prototype.getHeight=function(d){if(this._elem){return this._elem.outerHeight(true)}else{var f=this._textRenderer;var c=f.getWidth(d);var e=f.getHeight(d);var b=Math.abs(Math.cos(f.angle)*e)+Math.abs(Math.sin(f.angle)*c);return b}};a.jqplot.CanvasAxisTickRenderer.prototype.getTop=function(b){if(this._elem){return this._elem.position().top}else{return null}};a.jqplot.CanvasAxisTickRenderer.prototype.getAngleRad=function(){var b=this.angle*Math.PI/180;return b};a.jqplot.CanvasAxisTickRenderer.prototype.setTick=function(b,d,c){this.value=b;if(c){this.isMinorTick=true}return this};a.jqplot.CanvasAxisTickRenderer.prototype.draw=function(c,f){if(!this.label){this.label=this.prefix+this.formatter(this.formatString,this.value)}if(this._elem){if(a.jqplot.use_excanvas&&window.G_vmlCanvasManager.uninitElement!==undefined){window.G_vmlCanvasManager.uninitElement(this._elem.get(0))}this._elem.emptyForce();this._elem=null}var e=f.canvasManager.getCanvas();this._textRenderer.setText(this.label,c);var b=this.getWidth(c);var d=this.getHeight(c);e.width=b;e.height=d;e.style.width=b;e.style.height=d;e.style.textAlign="left";e.style.position="absolute";e=f.canvasManager.initCanvas(e);this._elem=a(e);this._elem.css(this._styles);this._elem.addClass("jqplot-"+this.axis+"-tick");e=null;return this._elem};a.jqplot.CanvasAxisTickRenderer.prototype.pack=function(){this._textRenderer.draw(this._elem.get(0).getContext("2d"),this.label)}})(jQuery);

js/plugins/jqplot.ciParser.min.js

@@ -1,3 +0,0 @@
-/* jqPlot 1.0.8r1250 | (c) 2009-2013 Chris Leonello | jplot.com
-   jsDate | (c) 2010-2013 Chris Leonello
- */(function(a){a.jqplot.ciParser=function(g,l){var m=[],o,n,h,f,e,c;if(typeof(g)=="string"){g=a.jqplot.JSON.parse(g,d)}else{if(typeof(g)=="object"){for(e in g){for(h=0;h<g[e].length;h++){for(c in g[e][h]){g[e][h][c]=d(c,g[e][h][c])}}}}else{return null}}function d(j,k){var i;if(k!=null){if(k.toString().indexOf("Date")>=0){i=/^\/Date\((-?[0-9]+)\)\/$/.exec(k);if(i){return parseInt(i[1],10)}}return k}}for(var b in g){o=[];n=g[b];switch(b){case"PriceTicks":for(h=0;h<n.length;h++){o.push([n[h]["TickDate"],n[h]["Price"]])}break;case"PriceBars":for(h=0;h<n.length;h++){o.push([n[h]["BarDate"],n[h]["Open"],n[h]["High"],n[h]["Low"],n[h]["Close"]])}break}m.push(o)}return m}})(jQuery);

js/plugins/jqplot.dragable.min.js

@@ -1,3 +0,0 @@
-/* jqPlot 1.0.8r1250 | (c) 2009-2013 Chris Leonello | jplot.com
-   jsDate | (c) 2010-2013 Chris Leonello
- */(function(d){d.jqplot.Dragable=function(g){this.markerRenderer=new d.jqplot.MarkerRenderer({shadow:false});this.shapeRenderer=new d.jqplot.ShapeRenderer();this.isDragging=false;this.isOver=false;this._ctx;this._elem;this._point;this._gridData;this.color;this.constrainTo="none";d.extend(true,this,g)};function b(){d.jqplot.GenericCanvas.call(this);this.isDragging=false;this.isOver=false;this._neighbor;this._cursors=[]}b.prototype=new d.jqplot.GenericCanvas();b.prototype.constructor=b;d.jqplot.Dragable.parseOptions=function(i,h){var g=h||{};this.plugins.dragable=new d.jqplot.Dragable(g.dragable);this.isDragable=d.jqplot.config.enablePlugins};d.jqplot.Dragable.postPlotDraw=function(){if(this.plugins.dragable&&this.plugins.dragable.highlightCanvas){this.plugins.dragable.highlightCanvas.resetCanvas();this.plugins.dragable.highlightCanvas=null}this.plugins.dragable={previousCursor:"auto",isOver:false};this.plugins.dragable.dragCanvas=new b();this.eventCanvas._elem.before(this.plugins.dragable.dragCanvas.createElement(this._gridPadding,"jqplot-dragable-canvas",this._plotDimensions,this));var g=this.plugins.dragable.dragCanvas.setContext()};d.jqplot.preParseSeriesOptionsHooks.push(d.jqplot.Dragable.parseOptions);d.jqplot.postDrawHooks.push(d.jqplot.Dragable.postPlotDraw);d.jqplot.eventListenerHooks.push(["jqplotMouseMove",e]);d.jqplot.eventListenerHooks.push(["jqplotMouseDown",c]);d.jqplot.eventListenerHooks.push(["jqplotMouseUp",a]);function f(n,p){var q=n.series[p.seriesIndex];var m=q.plugins.dragable;var h=q.markerRenderer;var i=m.markerRenderer;i.style=h.style;i.lineWidth=h.lineWidth+2.5;i.size=h.size+5;if(!m.color){var l=d.jqplot.getColorComponents(h.color);var o=[l[0],l[1],l[2]];var k=(l[3]>=0.6)?l[3]*0.6:l[3]*(2-l[3]);m.color="rgba("+o[0]+","+o[1]+","+o[2]+","+k+")"}i.color=m.color;i.init();var g=(p.pointIndex>0)?p.pointIndex-1:0;var j=p.pointIndex+2;m._gridData=q.gridData.slice(g,j)}function e(o,l,h,t,m){if(m.plugins.dragable.dragCanvas.isDragging){var u=m.plugins.dragable.dragCanvas;var i=u._neighbor;var w=m.series[i.seriesIndex];var k=w.plugins.dragable;var r=w.gridData;var p=(k.constrainTo=="y")?i.gridData[0]:l.x;var n=(k.constrainTo=="x")?i.gridData[1]:l.y;var g=w._xaxis.series_p2u(p);var q=w._yaxis.series_p2u(n);var v=u._ctx;v.clearRect(0,0,v.canvas.width,v.canvas.height);if(i.pointIndex>0){k._gridData[1]=[p,n]}else{k._gridData[0]=[p,n]}m.series[i.seriesIndex].draw(u._ctx,{gridData:k._gridData,shadow:false,preventJqPlotSeriesDrawTrigger:true,color:k.color,markerOptions:{color:k.color,shadow:false},trendline:{show:false}});m.target.trigger("jqplotSeriesPointChange",[i.seriesIndex,i.pointIndex,[g,q],[p,n]])}else{if(t!=null){var j=m.series[t.seriesIndex];if(j.isDragable){var u=m.plugins.dragable.dragCanvas;if(!u.isOver){u._cursors.push(o.target.style.cursor);o.target.style.cursor="pointer"}u.isOver=true}}else{if(t==null){var u=m.plugins.dragable.dragCanvas;if(u.isOver){o.target.style.cursor=u._cursors.pop();u.isOver=false}}}}}function c(k,i,g,l,j){var m=j.plugins.dragable.dragCanvas;m._cursors.push(k.target.style.cursor);if(l!=null){var o=j.series[l.seriesIndex];var h=o.plugins.dragable;if(o.isDragable&&!m.isDragging){m._neighbor=l;m.isDragging=true;f(j,l);h.markerRenderer.draw(o.gridData[l.pointIndex][0],o.gridData[l.pointIndex][1],m._ctx);k.target.style.cursor="move";j.target.trigger("jqplotDragStart",[l.seriesIndex,l.pointIndex,i,g])}}else{var n=m._ctx;n.clearRect(0,0,n.canvas.width,n.canvas.height);m.isDragging=false}}function a(m,j,g,o,k){if(k.plugins.dragable.dragCanvas.isDragging){var p=k.plugins.dragable.dragCanvas;var q=p._ctx;q.clearRect(0,0,q.canvas.width,q.canvas.height);p.isDragging=false;var h=p._neighbor;var r=k.series[h.seriesIndex];var i=r.plugins.dragable;var n=(i.constrainTo=="y")?h.data[0]:g[r.xaxis];var l=(i.constrainTo=="x")?h.data[1]:g[r.yaxis];r.data[h.pointIndex][0]=n;r.data[h.pointIndex][1]=l;k.drawSeries({preventJqPlotSeriesDrawTrigger:true},h.seriesIndex);p._neighbor=null;m.target.style.cursor=p._cursors.pop();k.target.trigger("jqplotDragStop",[j,g])}}})(jQuery);

js/plugins/jqplot.enhancedLegendRenderer.min.js

@@ -1,3 +0,0 @@
-/* jqPlot 1.0.8r1250 | (c) 2009-2013 Chris Leonello | jplot.com
-   jsDate | (c) 2010-2013 Chris Leonello
- */(function(c){c.jqplot.EnhancedLegendRenderer=function(){c.jqplot.TableLegendRenderer.call(this)};c.jqplot.EnhancedLegendRenderer.prototype=new c.jqplot.TableLegendRenderer();c.jqplot.EnhancedLegendRenderer.prototype.constructor=c.jqplot.EnhancedLegendRenderer;c.jqplot.EnhancedLegendRenderer.prototype.init=function(d){this.numberRows=null;this.numberColumns=null;this.seriesToggle="normal";this.seriesToggleReplot=false;this.disableIEFading=true;c.extend(true,this,d);if(this.seriesToggle){c.jqplot.postDrawHooks.push(b)}};c.jqplot.EnhancedLegendRenderer.prototype.draw=function(m,y){var f=this;if(this.show){var r=this._series;var u;var w="position:absolute;";w+=(this.background)?"background:"+this.background+";":"";w+=(this.border)?"border:"+this.border+";":"";w+=(this.fontSize)?"font-size:"+this.fontSize+";":"";w+=(this.fontFamily)?"font-family:"+this.fontFamily+";":"";w+=(this.textColor)?"color:"+this.textColor+";":"";w+=(this.marginTop!=null)?"margin-top:"+this.marginTop+";":"";w+=(this.marginBottom!=null)?"margin-bottom:"+this.marginBottom+";":"";w+=(this.marginLeft!=null)?"margin-left:"+this.marginLeft+";":"";w+=(this.marginRight!=null)?"margin-right:"+this.marginRight+";":"";this._elem=c('<table class="jqplot-table-legend" style="'+w+'"></table>');if(this.seriesToggle){this._elem.css("z-index","3")}var C=false,q=false,d,o;if(this.numberRows){d=this.numberRows;if(!this.numberColumns){o=Math.ceil(r.length/d)}else{o=this.numberColumns}}else{if(this.numberColumns){o=this.numberColumns;d=Math.ceil(r.length/this.numberColumns)}else{d=r.length;o=1}}var B,z,e,l,k,n,p,t,h,g;var v=0;for(B=r.length-1;B>=0;B--){if(o==1&&r[B]._stack||r[B].renderer.constructor==c.jqplot.BezierCurveRenderer){q=true}}for(B=0;B<d;B++){e=c(document.createElement("tr"));e.addClass("jqplot-table-legend");if(q){e.prependTo(this._elem)}else{e.appendTo(this._elem)}for(z=0;z<o;z++){if(v<r.length&&(r[v].show||r[v].showLabel)){u=r[v];n=this.labels[v]||u.label.toString();if(n){var x=u.color;if(!q){if(B>0){C=true}else{C=false}}else{if(B==d-1){C=false}else{C=true}}p=(C)?this.rowSpacing:"0";l=c(document.createElement("td"));l.addClass("jqplot-table-legend jqplot-table-legend-swatch");l.css({textAlign:"center",paddingTop:p});h=c(document.createElement("div"));h.addClass("jqplot-table-legend-swatch-outline");g=c(document.createElement("div"));g.addClass("jqplot-table-legend-swatch");g.css({backgroundColor:x,borderColor:x});l.append(h.append(g));k=c(document.createElement("td"));k.addClass("jqplot-table-legend jqplot-table-legend-label");k.css("paddingTop",p);if(this.escapeHtml){k.text(n)}else{k.html(n)}if(q){if(this.showLabels){k.prependTo(e)}if(this.showSwatches){l.prependTo(e)}}else{if(this.showSwatches){l.appendTo(e)}if(this.showLabels){k.appendTo(e)}}if(this.seriesToggle){var A;if(typeof(this.seriesToggle)==="string"||typeof(this.seriesToggle)==="number"){if(!c.jqplot.use_excanvas||!this.disableIEFading){A=this.seriesToggle}}if(this.showSwatches){l.bind("click",{series:u,speed:A,plot:y,replot:this.seriesToggleReplot},a);l.addClass("jqplot-seriesToggle")}if(this.showLabels){k.bind("click",{series:u,speed:A,plot:y,replot:this.seriesToggleReplot},a);k.addClass("jqplot-seriesToggle")}if(!u.show&&u.showLabel){l.addClass("jqplot-series-hidden");k.addClass("jqplot-series-hidden")}}C=true}}v++}l=k=h=g=null}}return this._elem};var a=function(j){var i=j.data,m=i.series,k=i.replot,h=i.plot,f=i.speed,l=m.index,g=false;if(m.canvas._elem.is(":hidden")||!m.show){g=true}var e=function(){if(k){var n={};if(c.isPlainObject(k)){c.extend(true,n,k)}h.replot(n);if(g&&f){var d=h.series[l];if(d.shadowCanvas._elem){d.shadowCanvas._elem.hide().fadeIn(f)}d.canvas._elem.hide().fadeIn(f);d.canvas._elem.nextAll(".jqplot-point-label.jqplot-series-"+d.index).hide().fadeIn(f)}}else{var d=h.series[l];if(d.canvas._elem.is(":hidden")||!d.show){if(typeof h.options.legend.showSwatches==="undefined"||h.options.legend.showSwatches===true){h.legend._elem.find("td").eq(l*2).addClass("jqplot-series-hidden")}if(typeof h.options.legend.showLabels==="undefined"||h.options.legend.showLabels===true){h.legend._elem.find("td").eq((l*2)+1).addClass("jqplot-series-hidden")}}else{if(typeof h.options.legend.showSwatches==="undefined"||h.options.legend.showSwatches===true){h.legend._elem.find("td").eq(l*2).removeClass("jqplot-series-hidden")}if(typeof h.options.legend.showLabels==="undefined"||h.options.legend.showLabels===true){h.legend._elem.find("td").eq((l*2)+1).removeClass("jqplot-series-hidden")}}}};m.toggleDisplay(j,e)};var b=function(){if(this.legend.renderer.constructor==c.jqplot.EnhancedLegendRenderer&&this.legend.seriesToggle){var d=this.legend._elem.detach();this.eventCanvas._elem.after(d)}}})(jQuery);