set version to 0.9.38-rc2 for second release candidate

fix unnecessary idn encoding
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
2016-11-07 07:28:58 +01:00 · 2016-11-04 18:28:32 +01:00 · 2016-11-03 14:14:33 +01:00 · 2016-11-03 10:52:33 +01:00 · 2016-10-31 20:44:31 +01:00 · 2016-10-31 11:18:40 +01:00
1861 changed files with 53364 additions and 107883 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,11 +1,17 @@
-packages/*
-lib/classes/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/*/
-temp/*
-templates/*
-logs/*
 install/update.log
+templates/*
+lib/userdata.inc.php
+logs/*
 .buildpath
 .project
 .settings/
 *.diff
 *~
+.well-known
+.idea
+*.iml
+
+!templates/Froxlor/
+!templates/Sparkle/
+!templates/misc/
+templates/Froxlor/assets/img/logo_custom.png
--- a/README.md
+++ b/README.md
@@ -51,10 +51,24 @@ http://files.froxlor.org/releases/froxlor-latest.tar.gz [MD5](http://files.froxl
 [HowTo](http://redmine.froxlor.org/projects/froxlor/wiki/Installationdebian)

 /etc/apt/sources.list.d/froxlor.list
-> deb http://debian.froxlor.org [squeeze|wheezy] main
+> deb http://debian.froxlor.org {wheezy|jessie} main

 ### Gentoo repository

 [HowTo](http://redmine.froxlor.org/projects/froxlor/wiki/Installationgentoo)

 http://files.froxlor.org/gentoo/repositories.xml
+
+## Let's Encrypt support
+
+This version of Froxlor contains a test implementation of support for [Let's Encrypt](https://letsencrypt.org). This is (as Let's Encrypt is in itself)
+still a beta version and may break your system. The way it currently works is by creating a (sub-)domain with the default system - certificate,
+after which the Let's Encrypt cronjob orders the certificate for this (sub-)domain and inserts the certificates in the database. With the next run
+of the default cronjob, the certificates will be updated on the disk and the webserver reloaded.
+
+This has 2 known side-effects at the moment:
+* The basic ip/port combinations don't work with the Froxlor - integration of Let's Encrypt, since it needs a certificate for the very first creation
+* After creating a domain, it will have the default certificate for a short time (by default 5 minutes until the cronjob runs the next time)
+
+It may be possible to fix these issues, but they are not a priority at the moment
+
--- a/actions/admin/settings/100.panel.php
+++ b/actions/admin/settings/100.panel.php
@@ -93,23 +93,6 @@ return array(
 					'option_options' => array('Manual' => $lng['serversettings']['manual'], 'Dropdown' => $lng['serversettings']['dropdown']),
 					'save_method' => 'storeSettingField',
 					),
-				'use_webfonts' => array(
-					'label' => $lng['serversettings']['enablewebfonts'],
-					'settinggroup' => 'panel',
-					'varname' => 'use_webfonts',
-					'type' => 'bool',
-					'default' => true,
-					'save_method' => 'storeSettingField',
-					),
-				'webfont' => array(
-					'label' => $lng['serversettings']['definewebfont']['title'],
-					'settinggroup' => 'panel',
-					'varname' => 'webfont',
-					'type' => 'string',
-					'default' => 'Numans',
-					'string_emptyallowed' => false,
-					'save_method' => 'storeSettingField',
-					),
 				'panel_adminmail' => array(
 					'label' => $lng['serversettings']['adminmail'],
 					'settinggroup' => 'panel',
@@ -199,7 +182,25 @@ return array(
 					'settinggroup' => 'admin',
 					'varname' => 'show_news_feed',
 					'type' => 'bool',
-					'default' => true,
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'customer_show_news_feed' => array(
+					'label' => $lng['admin']['customer_show_news_feed'],
+					'settinggroup' => 'customer',
+					'varname' => 'show_news_feed',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'customer_news_feed_url' => array(
+					'label' => $lng['admin']['customer_news_feed_url'],
+					'settinggroup' => 'customer',
+					'varname' => 'news_feed_url',
+					'type' => 'string',
+					'string_type' => 'url',
+					'string_emptyallowed' => true,
+					'default' => '',
 					'save_method' => 'storeSettingField',
 					),
 				'panel_allow_domain_change_admin' => array(
@@ -226,6 +227,31 @@ return array(
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
+				'panel_customer_hide_options' => array(
+					'label' => $lng['serversettings']['panel_customer_hide_options'],
+					'settinggroup' => 'panel',
+					'varname' => 'customer_hide_options',
+					'type' => 'option',
+					'default' => '',
+					'option_mode' => 'multiple',
+					'option_emptyallowed' => true,
+					'option_options' => array(
+						'email'                       => $lng['menue']['email']['email'],
+						'mysql'                       => $lng['menue']['mysql']['mysql'],
+						'domains'                     => $lng['menue']['domains']['domains'],
+						'ftp'                         => $lng['menue']['ftp']['ftp'],
+						'extras'                      => $lng['menue']['extras']['extras'],
+						'extras.directoryprotection'  => $lng['menue']['extras']['extras']." / ".$lng['menue']['extras']['directoryprotection'],
+						'extras.pathoptions'          => $lng['menue']['extras']['extras']." / ".$lng['menue']['extras']['pathoptions'],
+						'extras.logger'               => $lng['menue']['extras']['extras']." / ".$lng['menue']['logger']['logger'],
+						'extras.backup'               => $lng['menue']['extras']['extras']." / ".$lng['menue']['extras']['backup'],
+						'traffic'                     => $lng['menue']['traffic']['traffic'],
+						'traffic.http'                => $lng['menue']['traffic']['traffic']." / HTTP",
+						'traffic.ftp'                 => $lng['menue']['traffic']['traffic']." / FTP",
+						'traffic.mail'                => $lng['menue']['traffic']['traffic']." / Mail",
+					),
+					'save_method' => 'storeSettingField',
+					),
 				),
 			),
 		),
--- a/actions/admin/settings/110.accounts.php
+++ b/actions/admin/settings/110.accounts.php
@@ -70,6 +70,46 @@ return array(
 					'default' => 0,
 					'save_method' => 'storeSettingField',
 					),
+				'panel_password_alpha_lower' => array(
+					'label' => $lng['serversettings']['panel_password_alpha_lower'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_alpha_lower',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_alpha_upper' => array(
+					'label' => $lng['serversettings']['panel_password_alpha_upper'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_alpha_upper',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_numeric' => array(
+					'label' => $lng['serversettings']['panel_password_numeric'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_numeric',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_special_char_required' => array(
+					'label' => $lng['serversettings']['panel_password_special_char_required'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_special_char_required',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_special_char' => array(
+					'label' => $lng['serversettings']['panel_password_special_char'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_special_char',
+					'type' => 'string',
+					'default' => '!?<>§$%+#=@',
+					'save_method' => 'storeSettingField',
+					),
 				'panel_password_regex' => array(
 					'label' => $lng['serversettings']['panel_password_regex'],
 					'settinggroup' => 'panel',
@@ -145,9 +185,17 @@ return array(
 							'onlyif' => 1
 					)
 				),
+				'system_backupenabled' => array(
+					'label' => $lng['serversettings']['backupenabled'],
+					'settinggroup' => 'system',
+					'varname' => 'backupenabled',
+					'type' => 'bool',
+					'default' => false,
+					'cronmodule' => 'froxlor/backup',
+					'save_method' => 'storeSettingField'
 				),
 			),
 		),
+	)
 );

-?>
--- a/actions/admin/settings/120.system.php
+++ b/actions/admin/settings/120.system.php
@@ -55,7 +55,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'defaultip',
 					'type' => 'option',
-					'option_mode' => 'one',
+					'option_mode' => 'multiple',
 					'option_options_method' => 'getIpPortCombinations',
 					'default' => '',
 					'save_method' => 'storeSettingDefaultIp',
@@ -69,14 +69,6 @@ return array(
 					'save_method' => 'storeSettingHostname',
 					'plausibility_check_method' => 'checkHostname',
 					),
-				'system_froxlordirectlyviahostname' => array(
-					'label' => $lng['serversettings']['froxlordirectlyviahostname'],
-					'settinggroup' => 'system',
-					'varname' => 'froxlordirectlyviahostname',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					),
 				'system_validatedomain' => array(
 					'label' => $lng['serversettings']['validate_domain'],
 					'settinggroup' => 'system',
@@ -145,7 +137,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'report_webmax',
 					'type' => 'int',
-					'int_min' => 1,
+					'int_min' => 0,
 					'int_max' => 150,
 					'default' => 90,
 					'save_method' => 'storeSettingField',
@@ -155,22 +147,71 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'report_trafficmax',
 					'type' => 'int',
-					'int_min' => 1,
+					'int_min' => 0,
 					'int_max' => 150,
 					'default' => 90,
 					'save_method' => 'storeSettingField',
 					),
-				'system_debug_cron' => array(
-					'label' => $lng['serversettings']['cron']['debug'],
+
+				'system_mail_use_smtp' => array(
+					'label' => $lng['serversettings']['mail_use_smtp'],
 					'settinggroup' => 'system',
-					'varname' => 'debug_cron',
+					'varname' => 'mail_use_smtp',
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
+				'system_mail_smtp_host' => array(
+					'label' => $lng['serversettings']['mail_smtp_host'],
+					'settinggroup' => 'system',
+					'varname' => 'mail_smtp_host',
+					'type' => 'string',
+					'default' => 'localhost',
+					'save_method' => 'storeSettingField',
+					),
+				'system_mail_smtp_port' => array(
+					'label' => $lng['serversettings']['mail_smtp_port'],
+					'settinggroup' => 'system',
+					'varname' => 'mail_smtp_port',
+					'type' => 'int',
+					'int_min' => 1,
+					'int_max' => 65535,
+					'default' => 25,
+					'save_method' => 'storeSettingField',
+					),
+				'system_mail_smtp_usetls' => array(
+					'label' => $lng['serversettings']['mail_smtp_usetls'],
+					'settinggroup' => 'system',
+					'varname' => 'mail_smtp_usetls',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'system_mail_smtp_auth' => array(
+					'label' => $lng['serversettings']['mail_smtp_auth'],
+					'settinggroup' => 'system',
+					'varname' => 'mail_smtp_auth',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'system_mail_smtp_user' => array(
+					'label' => $lng['serversettings']['mail_smtp_user'],
+					'settinggroup' => 'system',
+					'varname' => 'mail_smtp_user',
+					'type' => 'string',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					),
+				'system_mail_smtp_passwd' => array(
+					'label' => $lng['serversettings']['mail_smtp_passwd'],
+					'settinggroup' => 'system',
+					'varname' => 'mail_smtp_passwd',
+					'type' => 'hiddenString',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					),
 				),
 			),
 		),
 	);
-
-?>
--- a/actions/admin/settings/122.froxlorvhost.php
+++ b/actions/admin/settings/122.froxlorvhost.php
@@ -0,0 +1,163 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2016 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2016-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ *
+ */
+return array(
+	'groups' => array(
+		'froxlorvhost' => array(
+			'title' => $lng['admin']['froxlorvhost'],
+			'fields' => array(
+				/**
+				 * Webserver-Vhost
+				 */
+				'system_froxlordirectlyviahostname' => array(
+					'label' => $lng['serversettings']['froxlordirectlyviahostname'],
+					'settinggroup' => 'system',
+					'varname' => 'froxlordirectlyviahostname',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField'
+				),
+				/**
+				 * SSL / Let's Encrypt
+				 */
+				'system_le_froxlor_enabled' => array(
+					'label' => $lng['serversettings']['le_froxlor_enabled'],
+					'settinggroup' => 'system',
+					'varname' => 'le_froxlor_enabled',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingClearCertificates',
+					'visible' => Settings::Get('system.leenabled')
+				),
+				'system_le_froxlor_redirect' => array(
+					'label' => $lng['serversettings']['le_froxlor_redirect'],
+					'settinggroup' => 'system',
+					'varname' => 'le_froxlor_redirect',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'visible' => Settings::Get('system.leenabled')
+				),
+				/**
+				 * FCGID
+				 */
+				'system_mod_fcgid_enabled_ownvhost' => array(
+					'label' => $lng['serversettings']['mod_fcgid_ownvhost'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_ownvhost',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array(
+						'apache2'
+					),
+					'visible' => Settings::Get('system.mod_fcgid')
+				),
+				'system_mod_fcgid_httpuser' => array(
+					'label' => $lng['admin']['mod_fcgid_user'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_httpuser',
+					'type' => 'string',
+					'default' => 'froxlorlocal',
+					'save_method' => 'storeSettingWebserverFcgidFpmUser',
+					'websrv_avail' => array(
+						'apache2'
+					),
+					'visible' => Settings::Get('system.mod_fcgid')
+				),
+				'system_mod_fcgid_httpgroup' => array(
+					'label' => $lng['admin']['mod_fcgid_group'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_httpgroup',
+					'type' => 'string',
+					'default' => 'froxlorlocal',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array(
+						'apache2'
+					),
+					'visible' => Settings::Get('system.mod_fcgid')
+				),
+				'system_mod_fcgid_defaultini_ownvhost' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['defaultini_ownvhost'],
+					'settinggroup' => 'system',
+					'varname' => 'mod_fcgid_defaultini_ownvhost',
+					'type' => 'option',
+					'default' => '2',
+					'option_mode' => 'one',
+					'option_options_method' => 'getPhpConfigs',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array(
+						'apache2'
+					),
+					'visible' => Settings::Get('system.mod_fcgid')
+				),
+				/**
+				 * php-fpm
+				 */
+				'system_phpfpm_enabled_ownvhost' => array(
+					'label' => $lng['phpfpm']['ownvhost'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'enabled_ownvhost',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					'visible' => Settings::Get('phpfpm.enabled')
+				),
+				'system_phpfpm_httpuser' => array(
+					'label' => $lng['phpfpm']['vhost_httpuser'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'vhost_httpuser',
+					'type' => 'string',
+					'default' => 'froxlorlocal',
+					'save_method' => 'storeSettingWebserverFcgidFpmUser',
+					'visible' => Settings::Get('phpfpm.enabled')
+				),
+				'system_phpfpm_httpgroup' => array(
+					'label' => $lng['phpfpm']['vhost_httpgroup'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'vhost_httpgroup',
+					'type' => 'string',
+					'default' => 'froxlorlocal',
+					'save_method' => 'storeSettingField',
+					'visible' => Settings::Get('phpfpm.enabled')
+				),
+				'system_phpfpm_defaultini_ownvhost' => array(
+					'label' => $lng['serversettings']['mod_fcgid']['defaultini_ownvhost'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'vhost_defaultini',
+					'type' => 'option',
+					'default' => '2',
+					'option_mode' => 'one',
+					'option_options_method' => 'getPhpConfigs',
+					'save_method' => 'storeSettingField',
+					'visible' => Settings::Get('phpfpm.enabled')
+				),
+				/**
+				 * DNS
+				 */
+				'system_dns_createhostnameentry' => array(
+					'label' => $lng['serversettings']['dns_createhostnameentry'],
+					'settinggroup' => 'system',
+					'varname' => 'dns_createhostnameentry',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'visible' => Settings::Get('system.bind_enable')
+				)
+			)
+		)
+	)
+);
--- a/actions/admin/settings/125.cronjob.php
+++ b/actions/admin/settings/125.cronjob.php
@@ -0,0 +1,67 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2014 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ *
+ */
+
+return array(
+	'groups' => array(
+		'crond' => array(
+			'title' => $lng['admin']['cronsettings'],
+			'fields' => array(
+				'system_cronconfig' => array(
+					'label' => $lng['serversettings']['system_cronconfig'],
+					'settinggroup' => 'system',
+					'varname' => 'cronconfig',
+					'type' => 'string',
+					'string_type' => 'file',
+					'default' => '/etc/cron.d/froxlor',
+					'save_method' => 'storeSettingField',
+					),
+				'system_croncmdline' => array(
+					'label' => $lng['serversettings']['system_croncmdline'],
+					'settinggroup' => 'system',
+					'varname' => 'croncmdline',
+					'type' => 'string',
+					'default' => '/usr/bin/nice -n 5 /usr/bin/php -q',
+					'save_method' => 'storeSettingField',
+					),
+				'system_crondreload' => array(
+					'label' => $lng['serversettings']['system_crondreload'],
+					'settinggroup' => 'system',
+					'varname' => 'crondreload',
+					'type' => 'string',
+					'default' => '/etc/init.d/cron reload',
+					'save_method' => 'storeSettingField',
+					),
+				'system_cron_allowautoupdate' => array(
+					'label' => $lng['serversettings']['system_cron_allowautoupdate'],
+					'settinggroup' => 'system',
+					'varname' => 'cron_allowautoupdate',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'system_debug_cron' => array(
+					'label' => $lng['serversettings']['cron']['debug'],
+					'settinggroup' => 'system',
+					'varname' => 'debug_cron',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					)
+			)
+		)
+	)
+);
--- a/actions/admin/settings/130.webserver.php
+++ b/actions/admin/settings/130.webserver.php
@@ -16,7 +16,6 @@
 * @package    Settings
 *
 */
-
 return array(
 	'groups' => array(
 		'webserver' => array(
@@ -29,7 +28,11 @@ return array(
 					'type' => 'option',
 					'default' => 'apache2',
 					'option_mode' => 'one',
-					'option_options' => array('apache2' => 'Apache 2', 'lighttpd' => 'ligHTTPd', 'nginx' => 'Nginx'),
+					'option_options' => array(
+						'apache2' => 'Apache 2',
+						'lighttpd' => 'ligHTTPd',
+						'nginx' => 'Nginx'
+					),
 					'save_method' => 'storeSettingField',
 					'plausibility_check_method' => 'checkPhpInterfaceSetting',
 					'overview_option' => true
@@ -41,7 +44,21 @@ return array(
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2')
+					'websrv_avail' => array(
+						'apache2'
+					)
+				),
+				'system_apache_itksupport' => array(
+					'label' => $lng['serversettings']['apache_itksupport'],
+					'settinggroup' => 'system',
+					'varname' => 'apacheitksupport',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'visible' => (Settings::Get('system.mod_fcgid') == 0 && Settings::Get('phpfpm.enabled') == 0),
+					'websrv_avail' => array(
+						'apache2'
+					)
 				),
 				'system_httpuser' => array(
 					'label' => $lng['admin']['webserver_user'],
@@ -49,7 +66,7 @@ return array(
 					'varname' => 'httpuser',
 					'type' => 'string',
 					'default' => 'www-data',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingWebserverFcgidFpmUser'
 				),
 				'system_httpgroup' => array(
 					'label' => $lng['admin']['webserver_group'],
@@ -57,7 +74,7 @@ return array(
 					'varname' => 'httpgroup',
 					'type' => 'string',
 					'default' => 'www-data',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'system_apacheconf_vhost' => array(
 					'label' => $lng['serversettings']['apacheconf_vhost'],
@@ -66,7 +83,7 @@ return array(
 					'type' => 'string',
 					'string_type' => 'filedir',
 					'default' => '/etc/apache2/sites-enabled/',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'system_apacheconf_diroptions' => array(
 					'label' => $lng['serversettings']['apacheconf_diroptions'],
@@ -75,7 +92,7 @@ return array(
 					'type' => 'string',
 					'string_type' => 'filedir',
 					'default' => '/etc/apache2/sites-enabled/',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'system_apacheconf_htpasswddir' => array(
 					'label' => $lng['serversettings']['apacheconf_htpasswddir'],
@@ -84,7 +101,7 @@ return array(
 					'type' => 'string',
 					'string_type' => 'confdir',
 					'default' => '/etc/apache2/htpasswd/',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'system_logfiles_directory' => array(
 					'label' => $lng['serversettings']['logfiles_directory'],
@@ -93,7 +110,7 @@ return array(
 					'type' => 'string',
 					'string_type' => 'dir',
 					'default' => '/var/customers/logs/',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'system_customersslpath' => array(
 					'label' => $lng['serversettings']['customerssl_directory'],
@@ -102,7 +119,7 @@ return array(
 					'type' => 'string',
 					'string_type' => 'confdir',
 					'default' => '/etc/ssl/froxlor-custom/',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'system_phpappendopenbasedir' => array(
 					'label' => $lng['serversettings']['phpappendopenbasedir'],
@@ -111,7 +128,7 @@ return array(
 					'type' => 'string',
 					'string_emptyallowed' => true,
 					'default' => '',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'system_deactivateddocroot' => array(
 					'label' => $lng['serversettings']['deactivateddocroot'],
@@ -121,7 +138,7 @@ return array(
 					'string_type' => 'dir',
 					'string_emptyallowed' => true,
 					'default' => '',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'system_default_vhostconf' => array(
 					'label' => $lng['serversettings']['default_vhostconf'],
@@ -129,7 +146,19 @@ return array(
 					'varname' => 'default_vhostconf',
 					'type' => 'text',
 					'default' => '',
+					'save_method' => 'storeSettingField'
+				),
+				'system_apache_globaldiropt' => array(
+					'label' => $lng['serversettings']['apache_globaldiropt'],
+					'settinggroup' => 'system',
+					'varname' => 'apacheglobaldiropt',
+					'type' => 'text',
+					'default' => '',
 					'save_method' => 'storeSettingField',
+					'visible' => (Settings::Get('system.mod_fcgid') == 0 && Settings::Get('phpfpm.enabled') == 0),
+					'websrv_avail' => array(
+						'apache2'
+					)
 				),
 				'system_apachereload_command' => array(
 					'label' => $lng['serversettings']['apachereload_command'],
@@ -137,7 +166,7 @@ return array(
 					'varname' => 'apachereload_command',
 					'type' => 'string',
 					'default' => '/etc/init.d/apache2 reload',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'system_phpreload_command' => array(
 					'label' => $lng['serversettings']['phpreload_command'],
@@ -146,7 +175,9 @@ return array(
 					'type' => 'string',
 					'default' => '',
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('nginx')
+					'websrv_avail' => array(
+						'nginx'
+					)
 				),
 				'system_nginx_php_backend' => array(
 					'label' => $lng['serversettings']['nginx_php_backend'],
@@ -155,7 +186,9 @@ return array(
 					'type' => 'string',
 					'default' => '127.0.0.1:8888',
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('nginx')
+					'websrv_avail' => array(
+						'nginx'
+					)
 				),
 				'nginx_fastcgiparams' => array(
 					'label' => $lng['serversettings']['nginx_fastcgiparams'],
@@ -165,7 +198,9 @@ return array(
 					'string_type' => 'file',
 					'default' => '/etc/nginx/fastcgi_params',
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('nginx')
+					'websrv_avail' => array(
+						'nginx'
+					)
 				),
 				'defaultwebsrverrhandler_enabled' => array(
 					'label' => $lng['serversettings']['defaultwebsrverrhandler_enabled'],
@@ -173,7 +208,7 @@ return array(
 					'varname' => 'enabled',
 					'type' => 'bool',
 					'default' => false,
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'defaultwebsrverrhandler_err401' => array(
 					'label' => $lng['serversettings']['defaultwebsrverrhandler_err401'],
@@ -182,7 +217,10 @@ return array(
 					'type' => 'string',
 					'default' => '',
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2', 'nginx')
+					'websrv_avail' => array(
+						'apache2',
+						'nginx'
+					)
 				),
 				'defaultwebsrverrhandler_err403' => array(
 					'label' => $lng['serversettings']['defaultwebsrverrhandler_err403'],
@@ -191,7 +229,10 @@ return array(
 					'type' => 'string',
 					'default' => '',
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2', 'nginx')
+					'websrv_avail' => array(
+						'apache2',
+						'nginx'
+					)
 				),
 				'defaultwebsrverrhandler_err404' => array(
 					'label' => $lng['serversettings']['defaultwebsrverrhandler_err404'],
@@ -199,7 +240,7 @@ return array(
 					'varname' => 'err404',
 					'type' => 'string',
 					'default' => '',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'defaultwebsrverrhandler_err500' => array(
 					'label' => $lng['serversettings']['defaultwebsrverrhandler_err500'],
@@ -208,7 +249,10 @@ return array(
 					'type' => 'string',
 					'default' => '',
 					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2', 'nginx')
+					'websrv_avail' => array(
+						'apache2',
+						'nginx'
+					)
 				),
 				'customredirect_enabled' => array(
 					'label' => $lng['serversettings']['customredirect_enabled'],
@@ -216,8 +260,7 @@ return array(
 					'varname' => 'enabled',
 					'type' => 'bool',
 					'default' => false,
-					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2', 'lighttpd')
+					'save_method' => 'storeSettingField'
 				),
 				'customredirect_default' => array(
 					'label' => $lng['serversettings']['customredirect_default'],
@@ -227,8 +270,7 @@ return array(
 					'default' => '1',
 					'option_mode' => 'one',
 					'option_options_method' => 'getRedirectCodes',
-					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2', 'lighttpd')
+					'save_method' => 'storeSettingField'
 				)
 			)
 		)
--- a/actions/admin/settings/131.ssl.php
+++ b/actions/admin/settings/131.ssl.php
@@ -16,7 +16,6 @@
 * @package    Settings
 *
 */
-
 return array(
 	'groups' => array(
 		'ssl' => array(
@@ -37,8 +36,8 @@ return array(
 					'varname' => 'ssl_cipher_list',
 					'type' => 'string',
 					'string_emptyallowed' => false,
-									'default' => 'ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH',
-									'save_method' => 'storeSettingField',
+					'default' => 'ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128',
+					'save_method' => 'storeSettingField'
 				),
 				'system_ssl_cert_file' => array(
 					'label' => $lng['serversettings']['ssl']['ssl_cert_file'],
@@ -48,7 +47,7 @@ return array(
 					'string_type' => 'file',
 					'string_emptyallowed' => true,
 					'default' => '/etc/apache2/apache2.pem',
-									'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'system_ssl_key_file' => array(
 					'label' => $lng['serversettings']['ssl']['ssl_key_file'],
@@ -58,7 +57,7 @@ return array(
 					'string_type' => 'file',
 					'string_emptyallowed' => true,
 					'default' => '/etc/apache2/apache2.key',
-									'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'system_ssl_cert_chainfile' => array(
 					'label' => $lng['admin']['ipsandports']['ssl_cert_chainfile'],
@@ -68,7 +67,7 @@ return array(
 					'string_type' => 'file',
 					'string_emptyallowed' => true,
 					'default' => '',
-									'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'system_ssl_ca_file' => array(
 					'label' => $lng['serversettings']['ssl']['ssl_ca_file'],
@@ -78,8 +77,109 @@ return array(
 					'string_type' => 'file',
 					'string_emptyallowed' => true,
 					'default' => '',
+					'save_method' => 'storeSettingField'
+				),
+				'system_leenabled' => array(
+					'label' => $lng['serversettings']['leenabled'],
+					'settinggroup' => 'system',
+					'varname' => 'leenabled',
+					'type' => 'bool',
+					'default' => false,
+					'cronmodule' => 'froxlor/letsencrypt',
+					'save_method' => 'storeSettingField'
+				),
+				'system_letsencryptacmeconf' => array(
+					'label' => $lng['serversettings']['letsencryptacmeconf'],
+					'settinggroup' => 'system',
+					'varname' => 'letsencryptacmeconf',
+					'type' => 'string',
+					'string_type' => 'file',
+					'default' => '/etc/apache2/conf-enabled/acme.conf',
 					'save_method' => 'storeSettingField',
-							)
+				),
+				'system_letsencryptca' => array(
+					'label' => $lng['serversettings']['letsencryptca'],
+					'settinggroup' => 'system',
+					'varname' => 'letsencryptca',
+					'type' => 'option',
+					'default' => 'testing',
+					'option_mode' => 'one',
+					'option_options' => array(
+						'testing' => 'https://acme-staging.api.letsencrypt.org (Test)',
+						'production' => 'https://acme-v01.api.letsencrypt.org (Live)'
+					),
+					'save_method' => 'storeSettingField'
+				),
+				'system_letsencryptcountrycode' => array(
+					'label' => $lng['serversettings']['letsencryptcountrycode'],
+					'settinggroup' => 'system',
+					'varname' => 'letsencryptcountrycode',
+					'type' => 'string',
+					'string_emptyallowed' => false,
+					'default' => 'DE',
+					'save_method' => 'storeSettingField'
+				),
+				'system_letsencryptstate' => array(
+					'label' => $lng['serversettings']['letsencryptstate'],
+					'settinggroup' => 'system',
+					'varname' => 'letsencryptstate',
+					'type' => 'string',
+					'string_emptyallowed' => false,
+					'default' => 'Hessen',
+					'save_method' => 'storeSettingField'
+				),
+				'system_letsencryptchallengepath' => array(
+					'label' => $lng['serversettings']['letsencryptchallengepath'],
+					'settinggroup' => 'system',
+					'varname' => 'letsencryptchallengepath',
+					'type' => 'string',
+					'string_emptyallowed' => false,
+					'default' => FROXLOR_INSTALL_DIR,
+					'save_method' => 'storeSettingField'
+				),
+				'system_letsencryptkeysize' => array(
+					'label' => $lng['serversettings']['letsencryptkeysize'],
+					'settinggroup' => 'system',
+					'varname' => 'letsencryptkeysize',
+					'type' => 'int',
+					'int_min' => 2048,
+					'default' => 4096,
+					'save_method' => 'storeSettingField'
+				),
+				'system_letsencryptreuseold' => array(
+					'label' => $lng['serversettings']['letsencryptreuseold'],
+					'settinggroup' => 'system',
+					'varname' => 'letsencryptreuseold',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField'
+				),
+				'system_hsts_maxage' => array(
+					'label' => $lng['admin']['domain_hsts_maxage'],
+					'settinggroup' => 'system',
+					'varname' => 'hsts_maxage',
+					'type' => 'int',
+					'int_min' => 0,
+					'int_max' => 94608000, // 3-years
+					'default' => 0,
+					'save_method' => 'storeSettingField'
+				),
+				'system_hsts_incsub' => array(
+					'label' => $lng['admin']['domain_hsts_incsub'],
+					'settinggroup' => 'system',
+					'varname' => 'hsts_incsub',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField'
+				),
+				'system_hsts_preload' => array(
+					'label' => $lng['admin']['domain_hsts_preload'],
+					'settinggroup' => 'system',
+					'varname' => 'hsts_preload',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField'
+				),
 			)
 		)
 	)
--- a/actions/admin/settings/135.fcgid.php
+++ b/actions/admin/settings/135.fcgid.php
@@ -97,44 +97,6 @@ return array(
 					'option_options_method' => 'getPhpConfigs',
 					'save_method' => 'storeSettingField',
 					),
-				'system_mod_fcgid_enabled_ownvhost' => array(
-					'label' => $lng['serversettings']['mod_fcgid_ownvhost'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_ownvhost',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2')
-					),
-				'system_mod_fcgid_httpuser' => array(
-					'label' => $lng['admin']['mod_fcgid_user'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_httpuser',
-					'type' => 'string',
-					'default' => 'froxlorlocal',
-					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2')
-					),
-				'system_mod_fcgid_httpgroup' => array(
-					'label' => $lng['admin']['mod_fcgid_group'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_httpgroup',
-					'type' => 'string',
-					'default' => 'froxlorlocal',
-					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2')
-					),
-				'system_mod_fcgid_defaultini_ownvhost' => array(
-					'label' => $lng['serversettings']['mod_fcgid']['defaultini_ownvhost'],
-					'settinggroup' => 'system',
-					'varname' => 'mod_fcgid_defaultini_ownvhost',
-					'type' => 'option',
-					'default' => '2',
-					'option_mode' => 'one',
-					'option_options_method' => 'getPhpConfigs',
-					'save_method' => 'storeSettingField',
-					'websrv_avail' => array('apache2')
-					),
 				'system_mod_fcgid_idle_timeout' => array(
 					'label' => $lng['serversettings']['mod_fcgid']['idle_timeout'],
 					'settinggroup' => 'system',
--- a/actions/admin/settings/136.phpfpm.php
+++ b/actions/admin/settings/136.phpfpm.php
@@ -30,30 +30,6 @@ return array(
 					'plausibility_check_method' => 'checkFcgidPhpFpm',
 					'overview_option' => true
 					),
-				'system_phpfpm_enabled_ownvhost' => array(
-					'label' => $lng['phpfpm']['ownvhost'],
-					'settinggroup' => 'phpfpm',
-					'varname' => 'enabled_ownvhost',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField'
-					),
-				'system_phpfpm_httpuser' => array(
-					'label' => $lng['phpfpm']['vhost_httpuser'],
-					'settinggroup' => 'phpfpm',
-					'varname' => 'vhost_httpuser',
-					'type' => 'string',
-					'default' => 'froxlorlocal',
-					'save_method' => 'storeSettingField'
-					),
-				'system_phpfpm_httpgroup' => array(
-					'label' => $lng['phpfpm']['vhost_httpgroup'],
-					'settinggroup' => 'phpfpm',
-					'varname' => 'vhost_httpgroup',
-					'type' => 'string',
-					'default' => 'froxlorlocal',
-					'save_method' => 'storeSettingField'
-					),
 				'system_phpfpm_defaultini' => array(
 					'label' => $lng['serversettings']['mod_fcgid']['defaultini'],
 					'settinggroup' => 'phpfpm',
@@ -64,16 +40,6 @@ return array(
 					'option_options_method' => 'getPhpConfigs',
 					'save_method' => 'storeSettingField'
 					),
-				'system_phpfpm_defaultini_ownvhost' => array(
-					'label' => $lng['serversettings']['mod_fcgid']['defaultini_ownvhost'],
-					'settinggroup' => 'phpfpm',
-					'varname' => 'vhost_defaultini',
-					'type' => 'option',
-					'default' => '2',
-					'option_mode' => 'one',
-					'option_options_method' => 'getPhpConfigs',
-					'save_method' => 'storeSettingField'
-					),
 				'system_phpfpm_configdir' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['configdir'],
 					'settinggroup' => 'phpfpm',
@@ -185,9 +151,16 @@ return array(
 					'default' => 30,
 					'save_method' => 'storeSettingField'
 					),
+				'system_phpfpm_use_mod_proxy' => array(
+					'label' => $lng['phpfpm']['use_mod_proxy'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'use_mod_proxy',
+					'type' => 'bool',
+					'default' => false,
+					'visible' => Settings::Get('system.apache24'),
+					'save_method' => 'storeSettingField'
+					),
 				),
 			),
 		),
 	);
-
-?>
--- a/actions/admin/settings/150.mail.php
+++ b/actions/admin/settings/150.mail.php
@@ -85,21 +85,6 @@ return array(
 					'default' => 100,
 					'save_method' => 'storeSettingField',
 					),
-				'system_autoresponder_enabled' => array(
-					'label' => $lng['serversettings']['autoresponder_active'],
-					'settinggroup' => 'autoresponder',
-					'varname' => 'autoresponder_active',
-					'type' => 'bool',
-					'default' => false,
-					'cronmodule' => 'froxlor/autoresponder',
-					'save_method' => 'storeSettingField',
-					),
-				'system_last_autoresponder_run' => array(
-					'settinggroup' => 'autoresponder',
-					'varname' => 'last_autoresponder_run',
-					'type' => 'hidden',
-					'default' => 0,
-					),
 				'system_catchall_enabled' => array(
 					'label' => $lng['serversettings']['catchall_enabled'],
 					'settinggroup' => 'catchall',
@@ -108,6 +93,54 @@ return array(
 					'default' => true,
 					'save_method' => 'storeSettingResetCatchall',
 					),
+				'system_mailtraffic_enabled' => array(
+					'label' => $lng['serversettings']['mailtraffic_enabled'],
+					'settinggroup' => 'system',
+					'varname' => 'mailtraffic_enabled',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'system_mdaserver' => array(
+					'label' => $lng['serversettings']['mdaserver'],
+					'settinggroup' => 'system',
+					'varname' => 'mdaserver',
+					'type' => 'option',
+					'option_mode' => 'one',
+					'default' => 'dovecot',
+					'option_options' => array('courier' => 'Courier', 'dovecot' => 'Dovecot'),
+					'save_method' => 'storeSettingField',
+					),
+				'system_mdalog' => array(
+					'label' => $lng['serversettings']['mdalog'],
+					'settinggroup' => 'system',
+					'varname' => 'mdalog',
+					'type' => 'string',
+					'string_type' => 'file',
+					'default' => '/var/log/mail.log',
+					'string_emptyallowed' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'system_mtaserver' => array(
+					'label' => $lng['serversettings']['mtaserver'],
+					'settinggroup' => 'system',
+					'varname' => 'mtaserver',
+					'type' => 'option',
+					'option_mode' => 'one',
+					'default' => 'postfix',
+					'option_options' => array('exim4' => 'Exim4', 'postfix' => 'Postfix'),
+					'save_method' => 'storeSettingField',
+					),
+				'system_mtalog' => array(
+					'label' => $lng['serversettings']['mtalog'],
+					'settinggroup' => 'system',
+					'varname' => 'mtalog',
+					'type' => 'string',
+					'string_type' => 'file',
+					'default' => '/var/log/mail.log',
+					'string_emptyallowed' => true,
+					'save_method' => 'storeSettingField',
+					),
 				),
 			),
 		),
--- a/actions/admin/settings/160.nameserver.php
+++ b/actions/admin/settings/160.nameserver.php
@@ -31,6 +31,24 @@ return array(
 					'save_method' => 'storeSettingField',
 					'overview_option' => true
 					),
+				'system_dnsenabled' => array(
+					'label' => $lng['serversettings']['dnseditorenable'],
+					'settinggroup' => 'system',
+					'varname' => 'dnsenabled',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField'
+					),
+				'system_dns_server' => array(
+					'label' => $lng['serversettings']['dns_server'],
+					'settinggroup' => 'system',
+					'varname' => 'dns_server',
+					'type' => 'option',
+					'default' => 'bind',
+					'option_mode' => 'one',
+					'option_options' => array('bind' => 'Bind9', 'pdns' => 'PowerDNS'),
+					'save_method' => 'storeSettingField'
+				),
 				'system_bindconf_directory' => array(
 					'label' => $lng['serversettings']['bindconf_directory'],
 					'settinggroup' => 'system',
@@ -73,7 +91,8 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'axfrservers',
 					'type' => 'string',
-					'string_type' => 'validate_ip',
+					'string_type' => 'validate_ip_incl_private',
+					'string_delimiter' => ',',
 					'string_emptyallowed' => true,
 					'default' => '',
 					'save_method' => 'storeSettingField',
@@ -100,5 +119,3 @@ return array(
 			),
 		),
 	);
-
-?>
--- a/actions/admin/settings/170.logger.php
+++ b/actions/admin/settings/170.logger.php
@@ -65,8 +65,14 @@ return array(
 					'label' => $lng['serversettings']['logger']['logcron'],
 					'settinggroup' => 'logger',
 					'varname' => 'log_cron',
-					'type' => 'bool',
-					'default' => false,
+					'type' => 'option',
+					'default' => 0,
+					'option_mode' => 'one',
+					'option_options' => array(
+							0 => $lng['serversettings']['logger']['logcronoption']['never'],
+							1 => $lng['serversettings']['logger']['logcronoption']['once'],
+							2 => $lng['serversettings']['logger']['logcronoption']['always']
+						),
 					'save_method' => 'storeSettingField',
 					),
 				),
--- a/actions/admin/settings/180.dkim.php
+++ b/actions/admin/settings/180.dkim.php
@@ -17,8 +17,6 @@
 *
 */

-global $settings;
-
 return array(
 	'groups' => array(
 		'dkim' => array(
@@ -83,7 +81,7 @@ return array(
 				'dkim_keylength' => array(
 					'label' => array(
 						'title' => $lng['dkim']['dkim_keylength']['title'],
-						'description' => sprintf($lng['dkim']['dkim_keylength']['description'],$settings['dkim']['dkim_prefix'])
+						'description' => sprintf($lng['dkim']['dkim_keylength']['description'], Settings::Get('dkim.dkim_prefix'))
 					),
 					'settinggroup' => 'dkim',
 					'varname' => 'dkim_keylength',
--- a/actions/admin/settings/185.spf.php
+++ b/actions/admin/settings/185.spf.php
@@ -34,7 +34,7 @@ return array(
 					'settinggroup' => 'spf',
 					'varname' => 'spf_entry',
 					'type' => 'string',
-					'default' => '@	IN	TXT	"v=spf1 a mx -all"',
+					'default' => '"v=spf1 a mx -all"',
 					'save_method' => 'storeSettingField'
 					)
 				)
--- a/actions/admin/settings/200.aps.php
+++ b/actions/admin/settings/200.aps.php
@@ -1,102 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Settings
- *
- */
-
-return array(
-	'groups' => array(
-		'aps' => array(
-			'title' => $lng['admin']['aps'],
-			'fields' => array(
-				'aps_enable' => array(
-					'label' => $lng['aps']['activate_aps'],
-					'settinggroup' => 'aps',
-					'varname' => 'aps_active',
-					'type' => 'bool',
-					'default' => false,
-					'cronmodule' => 'froxlor/aps',
-					'save_method' => 'storeSettingField',
-					'overview_option' => true
-					),
-				'aps_items_per_page' => array(
-					'label' => $lng['aps']['packages_per_page'],
-					'settinggroup' => 'aps',
-					'varname' => 'items_per_page',
-					'type' => 'int',
-					'default' => 20,
-					'save_method' => 'storeSettingField',
-					),
-				'aps_upload_fields' => array(
-					'label' => $lng['aps']['upload_fields'],
-					'settinggroup' => 'aps',
-					'varname' => 'upload_fields',
-					'type' => 'int',
-					'default' => 5,
-					'save_method' => 'storeSettingField',
-					),
-				'aps_exceptions' => array(
-					'label' => $lng['aps']['exceptions'],
-					'type' => 'label',
-					),
-				'aps_php-extension' => array(
-					'label' => $lng['aps']['settings_php_extensions'],
-					'settinggroup' => 'aps',
-					'varname' => 'php-extension',
-					'type' => 'option',
-					'default' => '',
-					'option_mode' => 'multiple',
-					'option_options' => array('gd' => 'GD Library', 'pcre' => 'PCRE', 'ioncube' => 'ionCube', 'ioncube loader' => 'ionCube Loader', 'curl' => 'curl', 'mcrypt' => 'mcrypt', 'imap' => 'imap', 'json' => 'json', 'ldap' => 'LDAP', 'hash' => 'hash', 'mbstring' => 'mbstring', 'Zend Optimizer' => 'Zend Guard'),
-					'save_method' => 'storeSettingApsPhpExtensions',
-					),
-				'aps_php-function' => array(
-					'settinggroup' => 'aps',
-					'varname' => 'php-function',
-					'type' => 'hidden',
-					'default' => '',
-					),
-				'aps_php-configuration' => array(
-					'label' => $lng['aps']['settings_php_configuration'],
-					'settinggroup' => 'aps',
-					'varname' => 'php-configuration',
-					'type' => 'option',
-					'default' => '',
-					'option_mode' => 'multiple',
-					'option_options' => array('short_open_tag' => 'short_open_tag', 'file_uploads' => 'file_uploads', 'magic_quotes_gpc' => 'magic_quotes_gpc', 'register_globals' => 'register_globals', 'allow_url_fopen' => 'allow_url_fopen', 'safe_mode' => 'safe_mode', 'post_max_size' => 'post_max_size', 'memory_limit' => 'memory_limit', 'max_execution_time' => 'max_execution_time'),
-					'save_method' => 'storeSettingField',
-					),
-				'aps_webserver-module' => array(
-					'label' => $lng['aps']['settings_webserver_modules'],
-					'settinggroup' => 'aps',
-					'varname' => 'webserver-module',
-					'type' => 'option',
-					'default' => '',
-					'option_mode' => 'multiple',
-					'option_options' => array('mod_perl' => 'mod_perl', 'mod_rewrite' => 'mod_rewrite', 'mod_access' => 'mod_access', 'fcgid-any' => 'FastCGI/mod_fcgid', 'htaccess' => '.htaccess'),
-					'save_method' => 'storeSettingApsWebserverModules',
-					),
-				'aps_webserver-htaccess' => array(
-					'settinggroup' => 'aps',
-					'varname' => 'webserver-htaccess',
-					'type' => 'hidden',
-					'default' => '',
-					),
-				),
-			),
-		),
-	);
-
-?>
--- a/actions/admin/settings/210.security.php
+++ b/actions/admin/settings/210.security.php
@@ -45,7 +45,7 @@ return array(
 					'type' => 'option',
 					'default' => 0,
 					'option_mode' => 'one',
-					'option_options' => array(0 => $lng['serversettings']['systemdefault'], 1 => 'MD5', 2 => 'BLOWFISH', 3 => 'SHA-256', 4 => 'SHA-512'),
+					'option_options_method' => 'getAvailablePasswordHashes',
 					'save_method' => 'storeSettingField',
 					),
 				'system_allow_error_report_admin' => array(
@@ -63,6 +63,23 @@ return array(
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
+					),
+				'system_allow_customer_shell' => array(
+					'label' => $lng['serversettings']['allow_allow_customer_shell'],
+					'settinggroup' => 'system',
+					'varname' => 'allow_customer_shell',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'system_available_shells' => array(
+					'label' => $lng['serversettings']['available_shells'],
+					'settinggroup' => 'system',
+					'varname' => 'available_shells',
+					'type' => 'string',
+					'string_emptyallowed' => true,
+					'default' => '',
+					'save_method' => 'storeSettingField',
 					)
 				)
 			)
--- a/actions/admin/settings/215.backup.php
+++ b/actions/admin/settings/215.backup.php
@@ -1,118 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Settings
- *
- */
-
-return array(
-	'groups' => array(
-		'backup' => array(
-			'title' => $lng['backup'],
-			'fields' => array(
-				'backup_enabled' => array(
-					'label' => $lng['serversettings']['backup_enabled'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_enabled',
-					'type' => 'bool',
-					'default' => false,
-					'cronmodule' => 'froxlor/backup',
-					'save_method' => 'storeSettingField',
-					'overview_option' => true
-				),
-				'backup_dir' => array(
-					'label' => $lng['serversettings']['backupdir']['description'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_dir',
-					'type' => 'string',
-					'string_type' => 'dir',
-					'default' => '/var/customers/backups/',
-					'string_regexp' => '#^/.*/$#',
-					'save_method' => 'storeSettingField',
-				),
-				'backup_mysqldump_path' => array(
-					'label' => $lng['serversettings']['mysqldump_path']['description'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_mysqldump_path',
-					'type' => 'string',
-					'default' => '/usr/bin/mysqldump',
-					'save_method' => 'storeSettingField',
-				),
-				'backup_count' => array(
-					'label' => $lng['serversettings']['backup_count'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_count',
-					'type' => 'bool',
-					'default' => 'true',
-					'save_method' => 'storeSettingField',
-					'overview_option' => false
-				),				
-				'backup_bigfile' => array(
-					'label' => $lng['serversettings']['backup_bigfile'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_bigfile',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					'overview_option' => false
-				),
-				'backup_ftp_enabled_' => array(
-					'label' => $lng['serversettings']['backup_ftp_enabled'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_ftp_enabled',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					'overview_option' => false
-				),
-				'backup_server' => array(
-					'label' => $lng['serversettings']['backup_ftp_server'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_ftp_server',
-					'type' => 'string',
-					'default' => '',
-					'save_method' => 'storeSettingField',
-				),
-				'backup_user' => array(
-					'label' => $lng['serversettings']['backup_ftp_user'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_ftp_user',
-					'type' => 'string',
-					'default' => '',
-					'save_method' => 'storeSettingField',
-				),
-				'backup_pass' => array(
-					'label' => $lng['serversettings']['backup_ftp_pass'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_ftp_pass',
-					'type' => 'hiddenstring',
-					'default' => '',
-					'save_method' => 'storeSettingField',
-				),
-				'backup_passive_mode' => array(
-					'label' => $lng['serversettings']['backup_ftp_passive_mode'],
-					'settinggroup' => 'system',
-					'varname' => 'backup_ftp_passive',
-					'type' => 'bool',
-					'default' => true,
-					'save_method' => 'storeSettingField',
-					'overview_option' => false,
-				),
-				),
-			),
-		),
-	);
-
-?>
--- a/admin_admins.php
+++ b/admin_admins.php
@@ -42,7 +42,7 @@ if ($page == 'admins'
 			'traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')',
 			'deactivated' => $lng['admin']['deactivated']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_ADMINS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_ADMINS, $fields);
 		$admins = '';
 		$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_ADMINS . "` " . $paging->getSqlWhere(false) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		$numrows_admins = Database::num_rows();
@@ -54,19 +54,21 @@ if ($page == 'admins'
 		$i = 0;
 		$count = 0;

+		$dec_places = Settings::Get('panel.decimal_places');
+
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {

 			if ($paging->checkDisplay($i)) {

-				$row['traffic_used'] = round($row['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-				$row['traffic'] = round($row['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
-				$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
-				$row['diskspace'] = round($row['diskspace'] / 1024, $settings['panel']['decimal_places']);
+				$row['traffic_used'] = round($row['traffic_used'] / (1024 * 1024), $dec_places);
+				$row['traffic'] = round($row['traffic'] / (1024 * 1024), $dec_places);
+				$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $dec_places);
+				$row['diskspace'] = round($row['diskspace'] / 1024, $dec_places);

 				// percent-values for progressbar
 				// For Disk usage
 				if ($row['diskspace'] > 0) {
-					$disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
+					$disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 0);
 					$disk_doublepercent = round($disk_percent*2, 2);
 				} else {
 					$disk_percent = 0;
@@ -74,15 +76,26 @@ if ($page == 'admins'
 				}
 				// For Traffic usage
 				if ($row['traffic'] > 0) {
-					$traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 2);
+					$traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 0);
 					$traffic_doublepercent = round($traffic_percent*2, 2);
 				} else {
 					$traffic_percent = 0;
 					$traffic_doublepercent = 0;
 				}

-				$row = str_replace_array('-1', 'UL', $row, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps subdomains tickets');
+				// fix progress-bars if value is >100%
+				if ($disk_percent > 100) {
+					$disk_percent = 100;
+				}
+				if ($traffic_percent > 100) {
+					$traffic_percent = 100;
+				}
+
+				$row = str_replace_array('-1', 'UL', $row, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps subdomains tickets');
 				$row = htmlentities_array($row);
+
+				$row['custom_notes'] = ($row['custom_notes'] != '') ? nl2br($row['custom_notes']) : '';
+
 				eval("\$admins.=\"" . getTemplate("admins/admins_admin") . "\";");
 				$count++;
 			}
@@ -142,7 +155,6 @@ if ($page == 'admins'
 		if ($result['loginname'] != '') {
 			if ($result['adminid'] == $userinfo['userid']) {
 				standard_error('youcantdeleteyourself');
-				exit;
 			}

 			if (isset($_POST['send'])
@@ -188,6 +200,12 @@ if ($page == 'admins'
 			$name = validate($_POST['name'], 'name');
 			$email = $idna_convert->encode(validate($_POST['email'], 'email'));

+			$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+			$custom_notes_show = 0;
+			if (isset($_POST['custom_notes_show'])) {
+			    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+			}
+
 			$loginname = validate($_POST['loginname'], 'loginname');
 			$password = validate($_POST['admin_password'], 'password');
 			$password = validatePassword($password);
@@ -223,7 +241,7 @@ if ($page == 'admins'
 				$email_forwarders = -1;
 			}

-			if ($settings['system']['mail_quota_enabled'] == '1') {
+			if (Settings::Get('system.mail_quota_enabled') == '1') {

 				$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
 				if (isset($_POST['email_quota_ul'])) {
@@ -233,22 +251,12 @@ if ($page == 'admins'
 				$email_quota = -1;
 			}

-			if ($settings['autoresponder']['autoresponder_active'] == '1') {
-
-				$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
-				if (isset($_POST['email_autoresponder_ul'])) {
-					$email_autoresponder = - 1;
-				}
-			} else {
-				$email_autoresponder = 0;
-			}
-
 			$ftps = intval_ressource($_POST['ftps']);
 			if (isset($_POST['ftps_ul'])) {
 				$ftps = -1;
 			}

-			if ($settings['ticket']['enabled'] == 1) {
+			if (Settings::Get('ticket.enabled') == 1) {

 				$tickets = intval_ressource($_POST['tickets']);
 				if (isset($_POST['tickets_ul'])) {
@@ -263,19 +271,6 @@ if ($page == 'admins'
 				$mysqls = -1;
 			}

-			if ($settings['aps']['aps_active'] == '1') {
-
-				$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
-				if (isset($_POST['number_of_aps_packages_ul'])) {
-					$number_of_aps_packages = - 1;
-				}
-				$can_manage_aps_packages = isset($_POST['can_manage_aps_packages']) ? 1 : 0;
-
-			} else {
-				$number_of_aps_packages = 0;
-				$can_manage_aps_packages = 0;
-			}
-
 			$customers_see_all = 0;
 			if (isset($_POST['customers_see_all'])) {
 				$customers_see_all = intval($_POST['customers_see_all']);
@@ -335,8 +330,8 @@ if ($page == 'admins'
 				standard_error('loginnameexists', $loginname);
 			}
 			// Accounts which match systemaccounts are not allowed, filtering them
-			elseif (preg_match('/^' . preg_quote($settings['customer']['accountprefix'], '/') . '([0-9]+)/', $loginname)) {
-				standard_error('loginnameissystemaccount', $settings['customer']['accountprefix']);
+			elseif (preg_match('/^' . preg_quote(Settings::Get('customer.accountprefix'), '/') . '([0-9]+)/', $loginname)) {
+				standard_error('loginnameissystemaccount', Settings::Get('customer.accountprefix'));
 			}
 			elseif (!validateUsername($loginname)) {
 				standard_error('loginnameiswrong', $loginname);
@@ -375,11 +370,11 @@ if ($page == 'admins'
 					$tickets_see_all  = '0';
 				}

-				$_theme = $settings['panel']['default_theme'];
+				$_theme = Settings::Get('panel.default_theme');

 				$ins_data = array(
 					'loginname' => $loginname,
-					'password' => md5($password),
+					'password' => makeCryptPassword($password),
 					'name' => $name,
 					'email' => $email,
 					'lang' => $def_language,
@@ -401,10 +396,9 @@ if ($page == 'admins'
 					'tickets_see_all' => $tickets_see_all,
 					'mysqls' => $mysqls,
 					'ip' => $ipaddress,
-					'can_manage_aps_packages' => $can_manage_aps_packages,
-					'aps_packages' => $number_of_aps_packages,
-					'autoresponder' => $email_autoresponder,
-					'theme' => $_theme
+					'theme' => $_theme,
+					'custom_notes' => $custom_notes,
+					'custom_notes_show' => $custom_notes_show
 				);

 				$ins_stmt = Database::prepare("
@@ -432,10 +426,9 @@ if ($page == 'admins'
 					`tickets_see_all` = :tickets_see_all,
 					`mysqls` = :mysqls,
 					`ip` = :ip,
-					`can_manage_aps_packages` = :can_manage_aps_packages,
-					`aps_packages` = :aps_packages,
-					`email_autoresponder` = :autoresponder,
-					`theme` = :theme
+					`theme` = :theme,
+					`custom_notes` = :custom_notes,
+					`custom_notes_show` = :custom_notes_show
 				");
 				Database::pexecute($ins_stmt, $ins_data);

@@ -452,19 +445,12 @@ if ($page == 'admins'
 			}

 			$ipaddress = makeoption($lng['admin']['allips'], "-1");
-			$ips = array();
 			$ipsandports_stmt = Database::query("
-				SELECT `id`, `ip` FROM `" . TABLE_PANEL_IPSANDPORTS . "` ORDER BY `ip`, `port` ASC
+				SELECT `id`, `ip` FROM `" . TABLE_PANEL_IPSANDPORTS . "` GROUP BY `ip` ORDER BY `ip` ASC
 			");

 			while ($row = $ipsandports_stmt->fetch(PDO::FETCH_ASSOC)) {
-				if (filter_var($row['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
-					$row['ip'] = '[' . $row['ip'] . ']';
-				}
-				if (!in_array($row['ip'], $ips)) {
 				$ipaddress.= makeoption($row['ip'], $row['id']);
-					$ips[] = $row['ip'];
-				}
 			}

 			$customers_ul = makecheckbox('customers_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
@@ -476,11 +462,9 @@ if ($page == 'admins'
 			$email_accounts_ul = makecheckbox('email_accounts_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$email_forwarders_ul = makecheckbox('email_forwarders_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$email_quota_ul = makecheckbox('email_quota_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
-			$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
-			$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);

 			$admin_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/admin/formfield.admin_add.php';
 			$admin_add_form = htmlform::genHTMLForm($admin_add_data);
@@ -508,6 +492,12 @@ if ($page == 'admins'
 				$name = validate($_POST['name'], 'name');
 				$email = $idna_convert->encode(validate($_POST['email'], 'email'));

+				$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+				$custom_notes_show = $result['custom_notes_show'];
+				if (isset($_POST['custom_notes_show'])) {
+				    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+				}
+
 				if ($result['adminid'] == $userinfo['userid']) {

 					$password = '';
@@ -520,7 +510,6 @@ if ($page == 'admins'
 					$email_accounts = $result['email_accounts'];
 					$email_forwarders = $result['email_forwarders'];
 					$email_quota = $result['email_quota'];
-					$email_autoresponder = $result['email_autoresponder'];
 					$ftps = $result['ftps'];
 					$tickets = $result['tickets'];
 					$mysqls = $result['mysqls'];
@@ -532,8 +521,6 @@ if ($page == 'admins'
 					$diskspace = $result['diskspace'];
 					$traffic = $result['traffic'];
 					$ipaddress = $result['ip'];
-					$can_manage_aps_packages = $result['can_manage_aps_packages'];
-					$number_of_aps_packages = $result['aps_packages'];

 				} else {

@@ -571,7 +558,7 @@ if ($page == 'admins'
 						$email_forwarders = -1;
 					}

-					if ($settings['system']['mail_quota_enabled'] == '1') {
+					if (Settings::Get('system.mail_quota_enabled') == '1') {
 						$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
 						if (isset($_POST['email_quota_ul'])) {
 							$email_quota = -1;
@@ -580,21 +567,12 @@ if ($page == 'admins'
 						$email_quota = -1;
 					}

-					if ($settings['autoresponder']['autoresponder_active'] == '1') {
-						$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
-						if (isset($_POST['email_autoresponder_ul'])) {
-							$email_autoresponder = -1;
-						}
-					} else {
-						$email_autoresponder = 0;
-					}
-
 					$ftps = intval_ressource($_POST['ftps']);
 					if (isset($_POST['ftps_ul'])) {
 						$ftps = -1;
 					}

-					if ($settings['ticket']['enabled'] == 1) {
+					if (Settings::Get('ticket.enabled') == 1) {
 						$tickets = intval_ressource($_POST['tickets']);
 						if (isset($_POST['tickets_ul'])) {
 							$tickets = -1;
@@ -608,16 +586,6 @@ if ($page == 'admins'
 						$mysqls = -1;
 					}

-					if ($settings['aps']['aps_active'] == '1') {
-						$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
-						if (isset($_POST['number_of_aps_packages_ul'])) {
-							$number_of_aps_packages = -1;
-						}
-						$can_manage_aps_packages = isset($_POST['can_manage_aps_packages']) ? 1 : 0;
-					} else {
-						$number_of_aps_packages = 0;
-					}
-
 					$customers_see_all = 0;
 					if (isset($_POST['customers_see_all'])) {
 						$customers_see_all = intval($_POST['customers_see_all']);
@@ -667,7 +635,7 @@ if ($page == 'admins'
 				} else {
 					if ($password != '') {
 						$password = validatePassword($password);
-						$password = md5($password);
+						$password = makeCryptPassword($password);
 					} else {
 						$password = $result['password'];
 					}
@@ -699,10 +667,10 @@ if ($page == 'admins'
 					// check if a resource was set to something lower
 					// than actually used by the admin/reseller
 					$res_warning = "";
-					if ($customers != $result['customers'] && $customers < $result['customers_used']) {
+					if ($customers != $result['customers'] && $customers != -1 && $customers < $result['customers_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'customers');
 					}
-					if ($domains != $result['domains'] && $domains < $result['domains_used']) {
+					if ($domains != $result['domains'] && $domains != -1 && $domains < $result['domains_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'domains');
 					}
 					if ($diskspace != $result['diskspace'] && ($diskspace / 1024) != -1 && $diskspace < $result['diskspace_used']) {
@@ -711,33 +679,27 @@ if ($page == 'admins'
 					if ($traffic != $result['traffic'] && ($traffic / 1024 / 1024) != -1 && $traffic < $result['traffic_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'traffic');
 					}
-					if ($emails != $result['emails'] && $emails < $result['emails_used']) {
+					if ($emails != $result['emails'] && $emails != -1 && $emails < $result['emails_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'emails');
 					}
-					if ($email_accounts != $result['email_accounts'] && $email_accounts < $result['email_accounts_used']) {
+					if ($email_accounts != $result['email_accounts'] && $email_accounts != -1 && $email_accounts < $result['email_accounts_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email accounts');
 					}
-					if ($email_forwarders != $result['email_forwarders'] && $email_forwarders < $result['email_forwarders_used']) {
+					if ($email_forwarders != $result['email_forwarders'] && $email_forwarders != -1 && $email_forwarders < $result['email_forwarders_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email forwarders');
 					}
-					if ($email_quota != $result['email_quota'] && $email_quota < $result['email_quota_used']) {
+					if ($email_quota != $result['email_quota'] && $email_quota != -1 && $email_quota < $result['email_quota_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email quota');
 					}
-					if ($email_autoresponder != $result['email_autoresponder'] && $email_autoresponder < $result['email_autoresponder_used']) {
-						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'email autoresponder');
-					}
-					if ($ftps != $result['ftps'] && $ftps < $result['ftps_used']) {
+					if ($ftps != $result['ftps'] && $ftps != -1 && $ftps < $result['ftps_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'ftps');
 					}
-					if ($tickets != $result['tickets'] && $tickets < $result['tickets_used']) {
+					if ($tickets != $result['tickets'] && $tickets != -1 && $tickets < $result['tickets_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'tickets');
 					}
-					if ($mysqls != $result['mysqls'] && $mysqls < $result['mysqls_used']) {
+					if ($mysqls != $result['mysqls'] && $mysqls != -1 && $mysqls < $result['mysqls_used']) {
 						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'mysqls');
 					}
-					if ($number_of_aps_packages != $result['aps_packages'] && $number_of_aps_packages < $result['aps_packages_used']) {
-						$res_warning .= sprintf($lng['error']['setlessthanalreadyused'], 'aps packages');
-					}

 					if ($res_warning != "") {
 						$link = '';
@@ -770,9 +732,8 @@ if ($page == 'admins'
 						'mysqls' => $mysqls,
 						'ip' => $ipaddress,
 						'deactivated' => $deactivated,
-						'can_manage_aps_packages' => $can_manage_aps_packages,
-						'aps_packages' => $number_of_aps_packages,
-						'autoresponder' => $email_autoresponder,
+						'custom_notes' => $custom_notes,
+						'custom_notes_show' => $custom_notes_show,
 						'adminid' => $id
 					);

@@ -801,9 +762,8 @@ if ($page == 'admins'
 						`mysqls` = :mysqls,
 						`ip` = :ip,
 						`deactivated` = :deactivated,
-						`can_manage_aps_packages` = :can_manage_aps_packages,
-						`aps_packages` = :aps_packages,
-						`email_autoresponder` = :autoresponder
+						`custom_notes` = :custom_notes,
+						`custom_notes_show` = :custom_notes_show
 						WHERE `adminid` = :adminid
 					");
 					Database::pexecute($upd_stmt, $upd_data);
@@ -814,8 +774,9 @@ if ($page == 'admins'

 			} else {

-				$result['traffic'] = round($result['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
-				$result['diskspace'] = round($result['diskspace'] / 1024, $settings['panel']['decimal_places']);
+				$dec_places = Settings::Get('panel.decimal_places');
+				$result['traffic'] = round($result['traffic'] / (1024 * 1024), $dec_places);
+				$result['diskspace'] = round($result['diskspace'] / 1024, $dec_places);
 				$result['email'] = $idna_convert->decode($result['email']);

 				$customers_ul = makecheckbox('customers_ul', $lng['customer']['unlimited'], '-1', false, $result['customers'], true, true);
@@ -863,11 +824,6 @@ if ($page == 'admins'
 					$result['email_quota'] = '';
 				}

-				$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, $result['email_autoresponder'], true, true);
-				if ($result['email_autoresponder'] == '-1') {
-					$result['email_autoresponder'] = '';
-				}
-
 				$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, $result['ftps'], true, true);
 				if ($result['ftps'] == '-1') {
 					$result['ftps'] = '';
@@ -883,30 +839,18 @@ if ($page == 'admins'
 					$result['mysqls'] = '';
 				}

-				$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, $result['aps_packages'], true, true);
-				if ($result['aps_packages'] == '-1') {
-					$result['aps_packages'] = '';
-				}
-
 				$language_options = '';
 				while (list($language_file, $language_name) = each($languages)) {
 					$language_options.= makeoption($language_name, $language_file, $result['def_language'], true);
 				}

 				$ipaddress = makeoption($lng['admin']['allips'], "-1", $result['ip']);
-				$ips = array();
 				$ipsandports_stmt = Database::query("
-					SELECT `id`, `ip` FROM `" . TABLE_PANEL_IPSANDPORTS . "` ORDER BY `ip`, `port` ASC
+					SELECT `id`, `ip` FROM `" . TABLE_PANEL_IPSANDPORTS . "` GROUP BY `ip` ORDER BY `ip`, `port` ASC
 				");

 				while ($row = $ipsandports_stmt->fetch(PDO::FETCH_ASSOC)) {
-					if (filter_var($row['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
-						$row['ip'] = '[' . $row['ip'] . ']';
-					}
-					if (!in_array($row['ip'], $ips)) {
 					$ipaddress.= makeoption($row['ip'], $row['id'], $result['ip']);
-						$ips[] = $row['ip'];
-					}
 				}

 				$result = htmlentities_array($result);
--- a/admin_apcuinfo.php
+++ b/admin_apcuinfo.php
@@ -0,0 +1,415 @@
+<?php
+
+/*
+  +----------------------------------------------------------------------+
+  | APC                                                                  |
+  +----------------------------------------------------------------------+
+  | Copyright (c) 2006-2011 The PHP Group                                |
+  +----------------------------------------------------------------------+
+  | This source file is subject to version 3.01 of the PHP license,      |
+  | that is bundled with this package in the file LICENSE, and is        |
+  | available through the world-wide-web at the following url:           |
+  | http://www.php.net/license/3_01.txt                                  |
+  | If you did not receive a copy of the PHP license and are unable to   |
+  | obtain it through the world-wide-web, please send a note to          |
+  | license@php.net so we can mail you a copy immediately.               |
+  +----------------------------------------------------------------------+
+  | Authors: Ralf Becker <beckerr@php.net>                               |
+  |          Rasmus Lerdorf <rasmus@php.net>                             |
+  |          Ilia Alshanetsky <ilia@prohost.org>                         |
+  +----------------------------------------------------------------------+
+
+   All other licensing and usage conditions are those of the PHP Group.
+
+   Based on https://github.com/krakjoe/apcu/blob/master/apc.php
+   Implemented into Froxlor: Janos Muzsi <muzsij@hypernics.hu>
+
+ */
+
+define('AREA', 'admin');
+require './lib/init.php';
+
+
+$horizontal_bar_size = 950; // 1280px window width
+
+if ($action == 'delete' &&
+        function_exists('apcu_clear_cache') &&
+        $userinfo['change_serversettings'] == '1'
+) {
+    apcu_clear_cache();
+    $log->logAction(ADM_ACTION, LOG_INFO, "cleared APCu cache");
+    header('Location: ' . $linker->getLink(array('section' => 'apcuinfo', 'page' => 'showinfo')));
+    exit();
+}
+
+if (!function_exists('apcu_cache_info') ||
+        !function_exists('apcu_sma_info')
+) {
+    standard_error($lng['error']['no_apcuinfo']);
+}
+
+if ($page == 'showinfo'
+) {
+    $cache = apcu_cache_info();
+    $mem = apcu_sma_info();
+    $time = time();
+    $log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_apcuinfo");
+
+    $passtime = $time - $cache['start_time'] > 0 ? $time - $cache['start_time'] : 1; // zero division
+    $mem_size = $mem['num_seg'] * $mem['seg_size'];
+    $mem_avail = $mem['avail_mem'];
+    $mem_used = $mem_size - $mem_avail;
+    $seg_size = bsize($mem['seg_size']);
+    $sharedmem = sprintf($lng['apcuinfo']['sharedmemval'], $mem['num_seg'], $seg_size, $cache['memory_type']);
+    $req_rate_user = sprintf("%.2f", $cache['num_hits'] ? (($cache['num_hits'] + $cache['num_misses']) / $passtime) : 0);
+    $hit_rate_user = sprintf("%.2f", $cache['num_hits'] ? (($cache['num_hits']) / $passtime) : 0);
+    $miss_rate_user = sprintf("%.2f", $cache['num_misses'] ? (($cache['num_misses']) / $passtime) : 0);
+    $insert_rate_user = sprintf("%.2f", $cache['num_inserts'] ? (($cache['num_inserts']) / $passtime) : 0);
+    $apcversion = phpversion('apcu');
+    $phpversion = phpversion();
+    $number_vars = $cache['num_entries'];
+    $starttime = date('Y-m-d H:i:s', $cache['start_time']);
+    $uptime_duration = duration($cache['start_time']);
+    $size_vars = bsize($cache['mem_size']);
+
+    // check for possible empty values that are used in the templates
+    if (!isset($cache['file_upload_progress'])) {
+        $cache['file_upload_progress'] = $lng['logger']['unknown'];
+    }
+
+    if (!isset($cache['num_expunges'])) {
+        $cache['num_expunges'] = $lng['logger']['unknown'];
+    }
+
+    $runtimelines = '';
+    foreach (ini_get_all('apcu') as $name => $v) {
+        $value = $v['local_value'];
+        eval("\$runtimelines.=\"" . getTemplate("settings/apcuinfo/runtime_line") . "\";");
+    }
+
+    $freemem = bsize($mem_avail) . sprintf(" (%.1f%%)", $mem_avail * 100 / $mem_size);
+    $usedmem = bsize($mem_used) . sprintf(" (%.1f%%)", $mem_used * 100 / $mem_size);
+    $hits = $cache['num_hits'] . @sprintf(" (%.1f%%)", $cache['num_hits'] * 100 / ($cache['num_hits'] + $cache['num_misses']));
+    $misses = $cache['num_misses'] . @sprintf(" (%.1f%%)", $cache['num_misses'] * 100 / ($cache['num_hits'] + $cache['num_misses']));
+
+    // Fragementation: (freeseg - 1) / total_seg
+    $nseg = $freeseg = $fragsize = $freetotal = 0;
+    for ($i = 0; $i < $mem['num_seg']; $i++) {
+        $ptr = 0;
+        foreach ($mem['block_lists'][$i] as $block) {
+            if ($block['offset'] != $ptr) {
+                ++$nseg;
+            }
+            $ptr = $block['offset'] + $block['size'];
+            /* Only consider blocks <5M for the fragmentation % */
+            if ($block['size'] < (5 * 1024 * 1024))
+                $fragsize+=$block['size'];
+            $freetotal+=$block['size'];
+        }
+        $freeseg += count($mem['block_lists'][$i]);
+    }
+
+    if ($freeseg > 1) {
+        $frag = sprintf("%.2f%% (%s out of %s in %d fragments)", ($fragsize / $freetotal) * 100, bsize($fragsize), bsize($freetotal), $freeseg);
+    } else {
+        $frag = "0%";
+    }
+
+    foreach (ini_get_all('apcu') as $name => $v) {
+        $value = $v['local_value'];
+    }
+
+    $img_src1 = '';
+    $img_src2 = '';
+    $img_src3 = '';
+    if (graphics_avail()) {
+        $img_src = $linker->getLink(array('section' => 'apcuinfo', 'page' => 'img1', 'action' => mt_rand(0, 1000000)));
+        eval("\$img_src1=\"" . getTemplate("settings/apcuinfo/img_line") . "\";");
+        $img_src = $linker->getLink(array('section' => 'apcuinfo', 'page' => 'img2', 'action' => mt_rand(0, 1000000)));
+        eval("\$img_src2=\"" . getTemplate("settings/apcuinfo/img_line") . "\";");
+        $img_src = $linker->getLink(array('section' => 'apcuinfo', 'page' => 'img3', 'action' => mt_rand(0, 1000000)));
+        eval("\$img_src3=\"" . getTemplate("settings/apcuinfo/img_line") . "\";");
+    }
+
+    eval("echo \"" . getTemplate("settings/apcuinfo/showinfo") . "\";");
+    
+} elseif ($page == 'img1'
+) {
+
+    $mem = apcu_sma_info();
+
+    $size = 460;
+    $image = imagecreate($size + 5, $size + 5);
+
+    $col_white = imagecolorallocate($image, 0xFF, 0xFF, 0xFF);
+    $col_red = imagecolorallocate($image, 0xD0, 0x60, 0x30);
+    $col_green = imagecolorallocate($image, 0x60, 0xF0, 0x60);
+    $col_black = imagecolorallocate($image, 0, 0, 0);
+
+    imagecolortransparent($image, $col_white);
+
+    $s = $mem['num_seg'] * $mem['seg_size'];
+    $a = $mem['avail_mem'];
+    $x = $y = $size / 2;
+    $fuzz = 0.000001;
+
+    // This block of code creates the pie chart.  It is a lot more complex than you
+    // would expect because we try to visualize any memory fragmentation as well.
+    $angle_from = 0;
+    $string_placement = array();
+    for ($i = 0; $i < $mem['num_seg']; $i++) {
+        $ptr = 0;
+        $free = $mem['block_lists'][$i];
+        uasort($free, 'block_sort');
+        foreach ($free as $block) {
+            if ($block['offset'] != $ptr) {       // Used block
+                $angle_to = $angle_from + ($block['offset'] - $ptr) / $s;
+                if (($angle_to + $fuzz) > 1)
+                    $angle_to = 1;
+                if (($angle_to * 360) - ($angle_from * 360) >= 1) {
+                    fill_arc($image, $x, $y, $size, $angle_from * 360, $angle_to * 360, $col_black, $col_red);
+                    if (($angle_to - $angle_from) > 0.05) {
+                        array_push($string_placement, array($angle_from, $angle_to));
+                    }
+                }
+                $angle_from = $angle_to;
+            }
+            $angle_to = $angle_from + ($block['size']) / $s;
+            if (($angle_to + $fuzz) > 1)
+                $angle_to = 1;
+            if (($angle_to * 360) - ($angle_from * 360) >= 1) {
+                fill_arc($image, $x, $y, $size, $angle_from * 360, $angle_to * 360, $col_black, $col_green);
+                if (($angle_to - $angle_from) > 0.05) {
+                    array_push($string_placement, array($angle_from, $angle_to));
+                }
+            }
+            $angle_from = $angle_to;
+            $ptr = $block['offset'] + $block['size'];
+        }
+        if ($ptr < $mem['seg_size']) { // memory at the end
+            $angle_to = $angle_from + ($mem['seg_size'] - $ptr) / $s;
+            if (($angle_to + $fuzz) > 1)
+                $angle_to = 1;
+            fill_arc($image, $x, $y, $size, $angle_from * 360, $angle_to * 360, $col_black, $col_red);
+            if (($angle_to - $angle_from) > 0.05) {
+                array_push($string_placement, array($angle_from, $angle_to));
+            }
+        }
+    }
+    foreach ($string_placement as $angle) {
+        text_arc($image, $x, $y, $size, $angle[0] * 360, $angle[1] * 360, $col_black, bsize($s * ($angle[1] - $angle[0])));
+    }
+
+    header("Content-type: image/png");
+    imagepng($image);
+    exit;
+} elseif ($page == 'img2'
+) {
+
+    $cache = apcu_cache_info();
+
+    $size = $horizontal_bar_size;
+    $image = imagecreate($size + 5, 140);
+
+    $col_white = imagecolorallocate($image, 0xFF, 0xFF, 0xFF);
+    $col_red = imagecolorallocate($image, 0xD0, 0x60, 0x30);
+    $col_green = imagecolorallocate($image, 0x60, 0xF0, 0x60);
+    $col_black = imagecolorallocate($image, 0, 0, 0);
+
+    imagecolortransparent($image, $col_white);
+
+    $s = $cache['num_hits'] + $cache['num_misses'];
+    $a = $cache['num_hits'];
+
+    fill_box($image, 1, 10, $s ? ($a * ($size - 21) / $s) : $size, 50, $col_black, $col_green/* , sprintf("%.1f%%", $s ? $cache['num_hits'] * 100 / $s : 0) */);
+    fill_box($image, 1, 80, $s ? max(4, ($s - $a) * ($size - 21) / $s) : $size, 50, $col_black, $col_red/* , sprintf("%.1f%%", $s ? $cache['num_misses'] * 100 / $s : 0) */);
+
+    header("Content-type: image/png");
+    imagepng($image);
+    exit;
+} elseif ($page == 'img3'
+) {
+
+    $mem = apcu_sma_info();
+
+    $size = $horizontal_bar_size;
+    $image = imagecreate($size, 70);
+
+    $col_white = imagecolorallocate($image, 0xFF, 0xFF, 0xFF);
+    $col_red = imagecolorallocate($image, 0xD0, 0x60, 0x30);
+    $col_green = imagecolorallocate($image, 0x60, 0xF0, 0x60);
+    $col_black = imagecolorallocate($image, 0, 0, 0);
+
+    imagecolortransparent($image, $col_white);
+
+    $s = $mem['num_seg'] * $mem['seg_size'];
+    $a = $mem['avail_mem'];
+    $x = 10;
+    $y = 0;
+
+    // This block of code creates the bar chart.  It is a lot more complex than you
+    // would expect because we try to visualize any memory fragmentation as well.
+    for ($i = 0; $i < $mem['num_seg']; $i++) {
+        $ptr = 0;
+        $free = $mem['block_lists'][$i];
+        uasort($free, 'block_sort');
+        foreach ($free as $block) {
+            if ($block['offset'] != $ptr) {       // Used block
+                $h = ($size - 5) * ($block['offset'] - $ptr) / $s;
+                if ($h > 0) {
+                    fill_box($image, $y, $x, $h, 50, $col_black, $col_red);
+                }
+                $y+=$h;
+            }
+            $h = ($size - 5) * ($block['size']) / $s;
+            if ($h > 0) {
+                fill_box($image, $y, $x, $h, 50, $col_black, $col_green);
+            }
+            $y+=$h;
+            $ptr = $block['offset'] + $block['size'];
+        }
+        if ($ptr < $mem['seg_size']) { // memory at the end
+            $h = ($size - 5) * ($mem['seg_size'] - $ptr) / $s;
+            if ($h > 0) {
+                fill_box($image, $y, $x, $h, 50, $col_black, $col_red, bsize($mem['seg_size'] - $ptr), $j++);
+            }
+        }
+    }
+
+    header("Content-type: image/png");
+    imagepng($image);
+    exit;
+}
+
+function graphics_avail() {
+    return extension_loaded('gd');
+}
+
+// pretty printer for byte values
+//
+function bsize($s) {
+    foreach (array('', 'K', 'M', 'G') as $i => $k) {
+        if ($s < 1024)
+            break;
+        $s/=1024;
+    }
+    return sprintf("%5.1f %sBytes", $s, $k);
+}
+
+function duration($ts) {
+    global $time;
+    $years = (int) ((($time - $ts) / (7 * 86400)) / 52.177457);
+    $rem = (int) (($time - $ts) - ($years * 52.177457 * 7 * 86400));
+    $weeks = (int) (($rem) / (7 * 86400));
+    $days = (int) (($rem) / 86400) - $weeks * 7;
+    $hours = (int) (($rem) / 3600) - $days * 24 - $weeks * 7 * 24;
+    $mins = (int) (($rem) / 60) - $hours * 60 - $days * 24 * 60 - $weeks * 7 * 24 * 60;
+    $str = '';
+    if ($years == 1)
+        $str .= "$years year, ";
+    if ($years > 1)
+        $str .= "$years years, ";
+    if ($weeks == 1)
+        $str .= "$weeks week, ";
+    if ($weeks > 1)
+        $str .= "$weeks weeks, ";
+    if ($days == 1)
+        $str .= "$days day,";
+    if ($days > 1)
+        $str .= "$days days,";
+    if ($hours == 1)
+        $str .= " $hours hour and";
+    if ($hours > 1)
+        $str .= " $hours hours and";
+    if ($mins == 1)
+        $str .= " 1 minute";
+    else
+        $str .= " $mins minutes";
+    return $str;
+}
+
+function block_sort($array1, $array2) {
+    if ($array1['offset'] > $array2['offset']) {
+        return 1;
+    } else {
+        return -1;
+    }
+}
+
+function fill_arc($im, $centerX, $centerY, $diameter, $start, $end, $color1, $color2, $text = '', $placeindex = 0) {
+    $r = $diameter / 2;
+    $w = deg2rad((360 + $start + ($end - $start) / 2) % 360);
+
+
+    if (function_exists("imagefilledarc")) {
+        // exists only if GD 2.0.1 is available
+        imagefilledarc($im, $centerX + 1, $centerY + 1, $diameter, $diameter, $start, $end, $color1, IMG_ARC_PIE);
+        imagefilledarc($im, $centerX, $centerY, $diameter, $diameter, $start, $end, $color2, IMG_ARC_PIE);
+        imagefilledarc($im, $centerX, $centerY, $diameter, $diameter, $start, $end, $color1, IMG_ARC_NOFILL | IMG_ARC_EDGED);
+    } else {
+        imagearc($im, $centerX, $centerY, $diameter, $diameter, $start, $end, $color2);
+        imageline($im, $centerX, $centerY, $centerX + cos(deg2rad($start)) * $r, $centerY + sin(deg2rad($start)) * $r, $color2);
+        imageline($im, $centerX, $centerY, $centerX + cos(deg2rad($start + 1)) * $r, $centerY + sin(deg2rad($start)) * $r, $color2);
+        imageline($im, $centerX, $centerY, $centerX + cos(deg2rad($end - 1)) * $r, $centerY + sin(deg2rad($end)) * $r, $color2);
+        imageline($im, $centerX, $centerY, $centerX + cos(deg2rad($end)) * $r, $centerY + sin(deg2rad($end)) * $r, $color2);
+        imagefill($im, $centerX + $r * cos($w) / 2, $centerY + $r * sin($w) / 2, $color2);
+    }
+    if ($text) {
+        if ($placeindex > 0) {
+            imageline($im, $centerX + $r * cos($w) / 2, $centerY + $r * sin($w) / 2, $diameter, $placeindex * 12, $color1);
+            imagestring($im, 4, $diameter, $placeindex * 12, $text, $color1);
+        } else {
+            imagestring($im, 4, $centerX + $r * cos($w) / 2, $centerY + $r * sin($w) / 2, $text, $color1);
+        }
+    }
+}
+
+function text_arc($im, $centerX, $centerY, $diameter, $start, $end, $color1, $text, $placeindex = 0) {
+    $r = $diameter / 2;
+    $w = deg2rad((360 + $start + ($end - $start) / 2) % 360);
+
+    if ($placeindex > 0) {
+        imageline($im, $centerX + $r * cos($w) / 2, $centerY + $r * sin($w) / 2, $diameter, $placeindex * 12, $color1);
+        imagestring($im, 4, $diameter, $placeindex * 12, $text, $color1);
+    } else {
+        imagestring($im, 4, $centerX + $r * cos($w) / 2, $centerY + $r * sin($w) / 2, $text, $color1);
+    }
+}
+
+function fill_box($im, $x, $y, $w, $h, $color1, $color2, $text = '', $placeindex = '') {
+    global $col_black;
+    $x1 = $x + $w - 1;
+    $y1 = $y + $h - 1;
+
+    imagerectangle($im, $x, $y1, $x1 + 1, $y + 1, $col_black);
+    if ($y1 > $y)
+        imagefilledrectangle($im, $x, $y, $x1, $y1, $color2);
+    else
+        imagefilledrectangle($im, $x, $y1, $x1, $y, $color2);
+    imagerectangle($im, $x, $y1, $x1, $y, $color1);
+    if ($text) {
+        if ($placeindex > 0) {
+
+            if ($placeindex < 16) {
+                $px = 5;
+                $py = $placeindex * 12 + 6;
+                imagefilledrectangle($im, $px + 90, $py + 3, $px + 90 - 4, $py - 3, $color2);
+                imageline($im, $x, $y + $h / 2, $px + 90, $py, $color2);
+                imagestring($im, 2, $px, $py - 6, $text, $color1);
+            } else {
+                if ($placeindex < 31) {
+                    $px = $x + 40 * 2;
+                    $py = ($placeindex - 15) * 12 + 6;
+                } else {
+                    $px = $x + 40 * 2 + 100 * intval(($placeindex - 15) / 15);
+                    $py = ($placeindex % 15) * 12 + 6;
+                }
+                imagefilledrectangle($im, $px, $py + 3, $px - 4, $py - 3, $color2);
+                imageline($im, $x + $w, $y + $h / 2, $px, $py, $color2);
+                imagestring($im, 2, $px + 2, $py - 6, $text, $color1);
+            }
+        } else {
+            imagestring($im, 4, $x + 5, $y1 - 16, $text, $color1);
+        }
+    }
+}
--- a/admin_aps.php
+++ b/admin_aps.php
@@ -1,33 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Panel
- *
- */
-
-// Required code
-
-define('AREA', 'admin');
-require './lib/init.php';
-$Id = 0;
-
-if(isset($_GET['id']))$Id = (int)$_GET['id'];
-
-if(isset($_POST['id']))$Id = (int)$_POST['id'];
-eval("echo \"" . getTemplate("aps/header") . "\";");
-$Aps = new ApsParser($userinfo, $settings);
-$Aps->MainHandler($action);
-eval("echo \"" . getTemplate("aps/footer") . "\";");
-
--- a/admin_autoupdate.php
+++ b/admin_autoupdate.php
@@ -0,0 +1,209 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2016 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Frontend
+ *
+ * @since      0.9.35
+ *
+ */
+
+define('AREA', 'admin');
+require './lib/init.php';
+
+// define update-uri
+define('UPDATE_URI', "https://version.froxlor.org/Froxlor/legacy/" . $version);
+define('RELEASE_URI', "https://autoupdate.froxlor.org/froxlor-{version}.zip");
+define('CHECKSUM_URI', "https://autoupdate.froxlor.org/froxlor-{version}.zip.sha256");
+
+// check for allow_url_fopen
+if (ini_get('allow_url_fopen') === false) {
+	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 1));
+}
+
+// check for archive-stuff
+if (! extension_loaded('zip')) {
+	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 2));
+}
+
+// display initial version check
+if ($page == 'overview') {
+
+	// log our actions
+	$log->logAction(ADM_ACTION, LOG_NOTICE, "checking auto-update");
+
+	// check for new version
+	$latestversion = @file(UPDATE_URI);
+
+	if (isset($latestversion[0])) {
+		$latestversion = explode('|', $latestversion[0]);
+
+		if (is_array($latestversion)
+				&& count($latestversion) >= 1
+		) {
+			$_version = $latestversion[0];
+			$_message = isset($latestversion[1]) ? $latestversion[1] : '';
+			$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
+
+			// add the branding so debian guys are not gettings confused
+			// about their version-number
+			$version_label = $_version.$branding;
+			$version_link = $_link;
+			$message_addinfo = $_message;
+
+			// not numeric -> error-message
+			if (!preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
+				// check for customized version to not output
+				// "There is a newer version of froxlor" besides the error-message
+				redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 3));
+			} elseif (version_compare2($version, $_version) == -1) {
+				// there is a newer version - yay
+				$isnewerversion = 1;
+			} else {
+				// nothing new
+				$isnewerversion = 0;
+			}
+
+			// anzeige über version-status mit ggfls. formular
+			// zum update schritt #1 -> download
+			if ($isnewerversion == 1) {
+				$text = 'There is a newer version available. Update to version <b>'.$_version.'</b> now?<br/>(Your current version is: '.$version.')';
+				$hiddenparams = '<input type="hidden" name="newversion" value="'.$_version.'" />';
+				$yesfile = $filename.'?s='.$s.'&amp;page=getdownload';
+				eval("echo \"" . getTemplate("misc/question_yesno", true) . "\";");
+				exit;
+			}
+			elseif ($isnewerversion == 0) {
+				// all good
+				standard_success ('noupdatesavail');
+			} else {
+				standard_error ('customized_version');
+			}
+		}
+	}
+	// error (something weird came from version.froxlor.org)
+	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 5));
+}
+// download the new archive
+elseif ($page == 'getdownload') {
+
+	// retrieve the new version from the form
+	$newversion = isset($_POST['newversion']) ? $_POST['newversion'] : null;
+
+	// valid?
+	if ($newversion !== null) {
+
+		// define files to get
+		$toLoad = str_replace('{version}', $newversion, RELEASE_URI);
+		$toCheck = str_replace('{version}', $newversion, CHECKSUM_URI);
+
+		// get archive data
+		$newArchive = @file_get_contents($toLoad);
+
+		// check for local destination folder
+		if (!is_dir(FROXLOR_INSTALL_DIR.'/updates/')) {
+			mkdir(FROXLOR_INSTALL_DIR.'/updates/');
+		}
+
+		// name archive
+		$localArchive = FROXLOR_INSTALL_DIR.'/updates/'.basename($toLoad);
+
+		$log->logAction(ADM_ACTION, LOG_NOTICE, "Downloading ".$toLoad." to ".$localArchive);
+
+		// remove old archive
+		if (file_exists($localArchive)) {
+			@unlink($localArchive);
+		}
+
+		// store archive
+		$fh = fopen($localArchive, 'w');
+		if (!fwrite($fh, $newArchive)) {
+			redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 4));
+		}
+
+		// close file-handle
+		fclose($fh);
+
+		// validate the integrity of the downloaded file
+		$_shouldsum = @file_get_contents($toCheck);
+		if (!empty($_shouldsum)) {
+			$_t = explode(" ", $_shouldsum);
+			$shouldsum = $_t[0];
+		} else {
+			$shouldsum = null;
+		}
+		$filesum = hash_file('sha256', $localArchive);
+
+		if ($filesum != $shouldsum) {
+			redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 9));
+		}
+
+		// to the next step
+		redirectTo($filename, array('s' => $s, 'page' => 'extract', 'archive' => basename($localArchive)));
+	}
+	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 6));
+}
+// extract and install new version
+elseif ($page == 'extract') {
+
+	$toExtract = isset($_GET['archive']) ? $_GET['archive'] : null;
+	$localArchive = FROXLOR_INSTALL_DIR.'/updates/'.$toExtract;
+
+	if (isset($_POST['send'])
+			&& $_POST['send'] == 'send'
+	) {
+		// decompress from zip
+		$zip = new ZipArchive;
+		$res = $zip->open($localArchive);
+		if ($res === true) {
+			$log->logAction(ADM_ACTION, LOG_NOTICE, "Extracting ".$localArchive." to ".FROXLOR_INSTALL_DIR);
+			$zip->extractTo(FROXLOR_INSTALL_DIR);
+			$zip->close();
+			// success - remove unused archive
+			@unlink($localArchive);
+		} else {
+			// error
+			redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 8));
+		}
+
+		// redirect to update-page?
+		redirectTo('admin_updates.php', array('s' => $s));
+	}
+
+	if (!file_exists($localArchive)) {
+		redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 7));
+	}
+
+	$text = 'Extract downloaded archive "'.$toExtract.'"?';
+	$hiddenparams = '';
+	$yesfile = $filename.'?s='.$s.'&amp;page=extract&amp;archive='.$toExtract;
+	eval("echo \"" . getTemplate("misc/question_yesno", true) . "\";");
+}
+
+// display error
+elseif ($page == 'error') {
+
+	// retrieve error-number via url-parameter
+	$errno = isset($_GET['errno']) ? (int)$_GET['errno'] : 0;
+
+	// 1 = no allow_url_fopen
+	// 2 = no Zlib
+	// 3 = custom version detected
+	// 4 = could not store archive to local hdd
+	// 5 = some weird value came from version.froxlor.org
+	// 6 = download without valid version
+	// 7 = local archive does not exist
+	// 8 = could not extract archive
+	// 9 = checksum mismatch
+	standard_error ('autoupdate_'.$errno);
+}
--- a/admin_configfiles.php
+++ b/admin_configfiles.php
@@ -2,7 +2,6 @@

 /**
 * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
 * Copyright (c) 2010 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
@@ -10,173 +9,219 @@
 * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
 *
+ * @since 0.9.34
 */
-
 define('AREA', 'admin');
-$need_db_sql_data = true;
 require './lib/init.php';
-require './lib/configfiles_index.inc.php';

-$distribution = '';
-$distributions_select = '';
-$service = '';
-$services_select = '';
-$daemon = '';
-$daemons_select = '';
+if ($userinfo['change_serversettings'] == '1') {

-if($userinfo['change_serversettings'] == '1')
+	$customer_tmpdir = '/tmp/';
+	if (Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_tmpdir') != '')
 	{
-	if(isset($_GET['distribution'])
-	   && $_GET['distribution'] != ''
-	   && isset($configfiles[$_GET['distribution']])
-	   && is_array($configfiles[$_GET['distribution']]))
-	{
-		$distribution = $_GET['distribution'];
-
-		if(isset($_GET['service'])
-		   && $_GET['service'] != ''
-		   && isset($configfiles[$distribution]['services'][$_GET['service']])
-		   && is_array($configfiles[$distribution]['services'][$_GET['service']]))
-		{
-			$service = $_GET['service'];
-
-			if(isset($_GET['daemon'])
-			   && $_GET['daemon'] != ''
-			   && isset($configfiles[$distribution]['services'][$service]['daemons'][$_GET['daemon']])
-			   && is_array($configfiles[$distribution]['services'][$service]['daemons'][$_GET['daemon']]))
-			{
-				$daemon = $_GET['daemon'];
+		$customer_tmpdir = Settings::Get('system.mod_fcgid_tmpdir');
 	}
-			else
+	elseif (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.tmpdir') != '')
 	{
-				foreach($configfiles[$distribution]['services'][$service]['daemons'] as $daemon_name => $daemon_details)
-				{
-					$daemons_select.= makeoption($daemon_details['label'], $daemon_name);
-				}
-			}
-		}
-		else
-		{
-			foreach($configfiles[$distribution]['services'] as $service_name => $service_details)
-			{
-				$services_select.= makeoption($service_details['label'], $service_name);
-			}
-		}
-	}
-	else
-	{
-		foreach($configfiles as $distribution_name => $distribution_details)
-		{
-			$distributions_select.= makeoption($distribution_details['label'], $distribution_name);
-		}
+		$customer_tmpdir = Settings::Get('phpfpm.tmpdir');
 	}

-	if($distribution != ''
-	   && $service != ''
-	   && $daemon != '')
-	{
 	$replace_arr = Array(
 		'<SQL_UNPRIVILEGED_USER>' => $sql['user'],
 		'<SQL_UNPRIVILEGED_PASSWORD>' => 'MYSQL_PASSWORD',
 		'<SQL_DB>' => $sql['db'],
 		'<SQL_HOST>' => $sql['host'],
-			'<SERVERNAME>' => $settings['system']['hostname'],
-			'<SERVERIP>' => $settings['system']['ipaddress'],
-			'<NAMESERVERS>' => $settings['system']['nameservers'],
-			'<VIRTUAL_MAILBOX_BASE>' => $settings['system']['vmail_homedir'],
-			'<VIRTUAL_UID_MAPS>' => $settings['system']['vmail_uid'],
-			'<VIRTUAL_GID_MAPS>' => $settings['system']['vmail_gid'],
-			'<SSLPROTOCOLS>' => ($settings['system']['use_ssl'] == '1') ? 'imaps pop3s' : '',
-			'<CUSTOMER_TMP>' => ($settings['system']['mod_fcgid_tmpdir'] != '') ? makeCorrectDir($settings['system']['mod_fcgid_tmpdir']) : '/tmp/',
-			'<BASE_PATH>' => makeCorrectDir(dirname(__FILE__)),
-			'<BIND_CONFIG_PATH>' => makeCorrectDir($settings['system']['bindconf_directory']),
-			'<WEBSERVER_RELOAD_CMD>' => $settings['system']['apachereload_command'],
-			'<CUSTOMER_LOGS>' => makeCorrectDir($settings['system']['logfiles_directory']),
-			'<FPM_IPCDIR>' => makeCorrectDir($settings['phpfpm']['fastcgi_ipcdir'])
+		'<SQL_SOCKET>' => isset($sql['socket']) ? $sql['socket'] : null,
+		'<SERVERNAME>' => Settings::Get('system.hostname'),
+		'<SERVERIP>' => Settings::Get('system.ipaddress'),
+		'<NAMESERVERS>' => Settings::Get('system.nameservers'),
+		'<VIRTUAL_MAILBOX_BASE>' => Settings::Get('system.vmail_homedir'),
+		'<VIRTUAL_UID_MAPS>' => Settings::Get('system.vmail_uid'),
+		'<VIRTUAL_GID_MAPS>' => Settings::Get('system.vmail_gid'),
+		'<SSLPROTOCOLS>' => (Settings::Get('system.use_ssl') == '1') ? 'imaps pop3s' : '',
+		'<CUSTOMER_TMP>' => makeCorrectDir($customer_tmpdir),
+		'<BASE_PATH>' => makeCorrectDir(FROXLOR_INSTALL_DIR),
+		'<BIND_CONFIG_PATH>' => makeCorrectDir(Settings::Get('system.bindconf_directory')),
+		'<WEBSERVER_RELOAD_CMD>' => Settings::Get('system.apachereload_command'),
+		'<CUSTOMER_LOGS>' => makeCorrectDir(Settings::Get('system.logfiles_directory')),
+		'<FPM_IPCDIR>' => makeCorrectDir(Settings::Get('phpfpm.fastcgi_ipcdir')),
+		'<WEBSERVER_GROUP>' => Settings::Get('system.httpgroup')
 	);
-		$files = '';
+
+	// get distro from URL param
+	$distribution = (isset($_GET['distribution']) && $_GET['distribution'] != 'choose') ? $_GET['distribution'] : "";
+	$service = (isset($_GET['service']) && $_GET['service'] != 'choose') ? $_GET['service'] : "";
+	$daemon = (isset($_GET['daemon']) && $_GET['daemon'] != 'choose') ? $_GET['daemon'] : "";
+	$distributions_select = "";
+	$services_select = "";
+	$daemons_select = "";
+
+	$configfiles = "";
+	$services = "";
+	$daemons = "";
+
+	$config_dir = makeCorrectDir(FROXLOR_INSTALL_DIR . '/lib/configfiles/');
+
+	if ($distribution != "") {
+		// create configparser object
+		$configfiles = new ConfigParser($config_dir . '/' . $distribution . ".xml");
+
+		// get distro-info
+		$dist_display = getCompleteDistroName($configfiles);
+
+		// get all the services from the distro
+		$services = $configfiles->getServices();
+
+		if ($service != "") {
+
+			$daemons = $services[$service]->getDaemons();
+
+			if ($daemon == "") {
+				foreach ($daemons as $di => $dd) {
+					$title = $dd->title;
+					if ($dd->default) {
+						$title = $title . " (" . strtolower($lng['panel']['default']) . ")";
+					}
+					$daemons_select .= makeoption($title, $di);
+				}
+			}
+		} else {
+			foreach ($services as $si => $sd) {
+				$services_select .= makeoption($sd->title, $si);
+			}
+		}
+	} else {
+
+		// show list of available distro's
+		$distros = glob($config_dir . '*.xml');
+		// tmp array
+		$distributions_select_data = array();
+		// read in all the distros
+		foreach ($distros as $_distribution) {
+			// get configparser object
+			$dist = new ConfigParser($_distribution);
+			// get distro-info
+			$dist_display = getCompleteDistroName($dist);
+			// store in tmp array
+			$distributions_select_data[$dist_display] = str_replace(".xml", "", strtolower(basename($_distribution)));
+		}
+
+		// sort by distribution name
+		ksort($distributions_select_data);
+
+		foreach ($distributions_select_data as $dist_display => $dist_index) {
+			// create select-box-option
+			$distributions_select .= makeoption($dist_display, $dist_index);
+		}
+	}
+
+	if ($distribution != "" && $service != "" && $daemon != "") {
+
+		$confarr = $daemons[$daemon]->getConfig();
+
 		$configpage = '';
-		foreach($configfiles[$distribution]['services'][$service]['daemons'][$daemon] as $action => $value)
-		{
-			if(substr($action, 0, 8) == 'commands')
-			{
+
+		$distro_editor = $configfiles->distributionEditor;
+
+		$commands_pre = "";
+		$commands_file = "";
+		$commands_post = "";
+
+		$lasttype = '';
 		$commands = '';
-
-				if(is_array($value))
-				{
-					$commands = implode("\n", $value);
-					$commands = str_replace("\n\n", "\n", $commands);
-
-					if($commands != '')
-					{
+		foreach ($confarr as $idx => $action) {
+			if ($lasttype != '' && $lasttype != $action['type']) {
+				$commands = trim($commands);
+				$numbrows = count(explode("\n", $commands));
+				eval("\$configpage.=\"" . getTemplate("configfiles/configfiles_commands") . "\";");
+				$lasttype = '';
+				$commands = '';
+			}
+			switch ($action['type']) {
+				case "install":
+					$commands .= strtr($action['content'], $replace_arr) . "\n";
+					$lasttype = "install";
+					break;
+				case "command":
+					$commands .= strtr($action['content'], $replace_arr) . "\n";
+					$lasttype = "command";
+					break;
+				case "file":
+					if (array_key_exists('content', $action)) {
+						$commands_file = getFileContentContainer($action['content'], $replace_arr, $action['name'], $distro_editor);
+					} elseif (array_key_exists('subcommands', $action)) {
+						foreach ($action['subcommands'] as $fileaction) {
+							if (array_key_exists('execute', $fileaction) && $fileaction['execute'] == "pre") {
+								$commands_pre .= $fileaction['content'] . "\n";
+							} elseif (array_key_exists('execute', $fileaction) && $fileaction['execute'] == "post") {
+								$commands_post .= $fileaction['content'] . "\n";
+							} elseif ($fileaction['type'] == 'file') {
+								$commands_file = getFileContentContainer($fileaction['content'], $replace_arr, $action['name'], $distro_editor);
+							}
+						}
+					}
+					$realname = $action['name'];
+					$commands = trim($commands_pre);
+					if ($commands != "") {
+						$numbrows = count(explode("\n", $commands));
+						eval("\$commands_pre=\"" . getTemplate("configfiles/configfiles_commands") . "\";");
+					}
+					$commands = trim($commands_post);
+					if ($commands != "") {
+						$numbrows = count(explode("\n", $commands));
+						eval("\$commands_post=\"" . getTemplate("configfiles/configfiles_commands") . "\";");
+					}
+					eval("\$configpage.=\"" . getTemplate("configfiles/configfiles_subfileblock") . "\";");
+					$commands = '';
+					$commands_pre = '';
+					$commands_post = '';
+					break;
+			}
+		}
+		$commands = trim($commands);
+		if ($commands != '') {
+			$numbrows = count(explode("\n", $commands));
 			eval("\$configpage.=\"" . getTemplate("configfiles/configfiles_commands") . "\";");
 		}
+		eval("echo \"" . getTemplate("configfiles/configfiles") . "\";");
+	} else {
+		eval("echo \"" . getTemplate("configfiles/wizard") . "\";");
 	}
+} else {
+	die('not allowed to see this page');
+	// redirect or similar here
 }
-			elseif(substr($action, 0, 5) == 'files')
-			{
-				$files = '';

-				if(is_array($value))
+// helper functions
+function getFileContentContainer($file_content, &$replace_arr, $realname, $distro_editor)
 {
-					while(list($filename, $realname) = each($value))
-					{
-						$file_content = file_get_contents('./templates/misc/configfiles/' . $distribution . '/' . $daemon . '/' . $filename);
+	$files = "";
+	$file_content = trim($file_content);
+	if ($file_content != '') {
 		$file_content = strtr($file_content, $replace_arr);
 		$file_content = htmlspecialchars($file_content);
 		$numbrows = count(explode("\n", $file_content));
-						eval("\$files.=\"" . getTemplate("configfiles/configfiles_file") . "\";");
+		eval("\$files=\"" . getTemplate("configfiles/configfiles_file") . "\";");
+	}
+	return $files;
 }

-					eval("\$configpage.=\"" . getTemplate("configfiles/configfiles_files") . "\";");
-				}
-			}
-		}
-
-		if(isset($configfiles[$distribution]['services'][$service]['daemons'][$daemon]['restart'])
-		   && is_array($configfiles[$distribution]['services'][$service]['daemons'][$daemon]['restart']))
+function getCompleteDistroName($cparser)
 {
-			$restart = implode("\n", $configfiles[$distribution]['services'][$service]['daemons'][$daemon]['restart']);
+	// get distro-info
+	$dist_display = $cparser->distributionName;
+	if ($cparser->distributionCodename != '') {
+		$dist_display .= " " . $cparser->distributionCodename;
 	}
-		else
-		{
-			$restart = '';
+	if ($cparser->distributionVersion != '') {
+		$dist_display .= " (" . $cparser->distributionVersion . ")";
 	}
-
-		eval("echo \"" . getTemplate("configfiles/configfiles") . "\";");
+	if ($cparser->deprecated) {
+		$dist_display .= " [deprecated]";
 	}
-	elseif($page == 'overview')
-	{
-		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_configfiles");
-		$distributions = '';
-		foreach($configfiles as $distribution_name => $distribution_details)
-		{
-			$services = '';
-			foreach($distribution_details['services'] as $service_name => $service_details)
-			{
-				$daemons = '';
-				foreach($service_details['daemons'] as $daemon_name => $daemon_details)
-				{
-					eval("\$daemons.=\"" . getTemplate("configfiles/choose_daemon") . "\";");
+	return $dist_display;
 }
-
-				eval("\$services.=\"" . getTemplate("configfiles/choose_service") . "\";");
-			}
-
-			eval("\$distributions.=\"" . getTemplate("configfiles/choose_distribution") . "\";");
-		}
-
-		eval("echo \"" . getTemplate("configfiles/choose") . "\";");
-	}
-	else
-	{
-		eval("echo \"" . getTemplate("configfiles/wizard") . "\";");
-	}
-}
-
-?>
--- a/admin_cronjobs.php
+++ b/admin_cronjobs.php
@@ -33,7 +33,7 @@ if ($page == 'cronjobs' || $page == 'overview') {
 			'c.interval' => $lng['cron']['interval'],
 			'c.isactive' => $lng['cron']['isactive']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_CRONRUNS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_CRONRUNS, $fields);

 		$crons = '';
 		$result_stmt = Database::prepare("SELECT `c`.* FROM `" . TABLE_PANEL_CRONRUNS . "` `c` ORDER BY `module` ASC, `cronfile` ASC");
@@ -99,15 +99,17 @@ if ($page == 'cronjobs' || $page == 'overview') {
 				);
 				Database::pexecute($upd, array('isactive' => $isactive, 'int' => $interval, 'id' => $id));

-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				// insert task to re-generate the cron.d-file
+				inserttask('99');
+
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
-				//$isactive = makeyesno('isactive', '1', '0', $result['isactive']);
+
 				// interval
 				$interval_nfo = explode(' ', $result['interval']);
 				$interval_value = $interval_nfo[0];

 				$interval_interval = '';
-				$interval_interval .= makeoption($lng['cronmgmt']['seconds'], 'SECOND', $interval_nfo[1]);
 				$interval_interval .= makeoption($lng['cronmgmt']['minutes'], 'MINUTE', $interval_nfo[1]);
 				$interval_interval .= makeoption($lng['cronmgmt']['hours'], 'HOUR', $interval_nfo[1]);
 				$interval_interval .= makeoption($lng['cronmgmt']['days'], 'DAY', $interval_nfo[1]);
--- a/admin_customers.php
+++ b/admin_customers.php
@@ -47,11 +47,7 @@ if ($page == 'customers'
 			'c.traffic_used' => $lng['customer']['traffic'] . ' (' . $lng['panel']['used'] . ')'
 		);

-		if ($settings['system']['backup_enabled'] == '1') {
-			$field['c.backup_allowed'] = $lng['backup_allowed'];
-		}
-
-		$paging = new paging($userinfo, TABLE_PANEL_CUSTOMERS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_CUSTOMERS, $fields);
 		$customers = '';
 		$result_stmt = Database::prepare("
 			SELECT `c`.*, `a`.`loginname` AS `adminname`
@@ -60,7 +56,7 @@ if ($page == 'customers'
 			($userinfo['customers_see_all'] ? '' : " `c`.`adminid` = :adminid AND ") . "
 			`c`.`adminid` = `a`.`adminid` " .
 			$paging->getSqlWhere(true) . " " .
-			$paging->getSqlOrderBy($settings['panel']['natsorting']) . " " .
+			$paging->getSqlOrderBy() . " " .
 			$paging->getSqlLimit()
 		);
 		Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid']));
@@ -87,10 +83,20 @@ if ($page == 'customers'
 				Database::pexecute($domains_stmt, array('cid' => $row['customerid'], 'stdd' => $row['standardsubdomain']));
 				$domains = $domains_stmt->fetch(PDO::FETCH_ASSOC);
 				$row['domains'] = intval($domains['domains']);
-				$row['traffic_used'] = round($row['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-				$row['traffic'] = round($row['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
-				$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
-				$row['diskspace'] = round($row['diskspace'] / 1024, $settings['panel']['decimal_places']);
+				$dec_places = Settings::Get('panel.decimal_places');
+
+				// get disk-space usages for web, mysql and mail
+				$usages_stmt = Database::prepare("SELECT * FROM `".TABLE_PANEL_DISKSPACE."` WHERE `customerid` = :cid ORDER BY `stamp` DESC LIMIT 1");
+				$usages = Database::pexecute_first($usages_stmt, array('cid' => $row['customerid']));
+
+				$row['webspace_used'] = round($usages['webspace'] / 1024, $dec_places);
+				$row['mailspace_used'] = round($usages['mail'] / 1024, $dec_places);
+				$row['dbspace_used'] = round($usages['mysql'] / 1024, $dec_places);
+
+				$row['traffic_used'] = round($row['traffic_used'] / (1024 * 1024), $dec_places);
+				$row['traffic'] = round($row['traffic'] / (1024 * 1024), $dec_places);
+				$row['diskspace_used'] = round($row['diskspace_used'] / 1024, $dec_places);
+				$row['diskspace'] = round($row['diskspace'] / 1024, $dec_places);
 				$last_login = ((int)$row['lastlogin_succ'] == 0) ? $lng['panel']['neverloggedin'] : date('d.m.Y', $row['lastlogin_succ']);

 				/**
@@ -98,7 +104,7 @@ if ($page == 'customers'
 				 */
 				//For Disk usage
 				if ($row['diskspace'] > 0) {
-					$disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
+					$disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 0);
 					$disk_doublepercent = round($disk_percent*2, 2);
 				} else {
 					$disk_percent = 0;
@@ -106,7 +112,7 @@ if ($page == 'customers'
 				}

 				if ($row['traffic'] > 0) {
-					$traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 2);
+					$traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 0);
 					$traffic_doublepercent = round($traffic_percent*2, 2);
 				} else {
 					$traffic_percent = 0;
@@ -114,14 +120,25 @@ if ($page == 'customers'
 				}

 				$islocked = 0;
-				if ($row['loginfail_count'] >= $settings['login']['maxloginattempts']
-					&& $row['lastlogin_fail'] > (time() - $settings['login']['deactivatetime'])
+				if ($row['loginfail_count'] >= Settings::Get('login.maxloginattempts')
+					&& $row['lastlogin_fail'] > (time() - Settings::Get('login.deactivatetime'))
 				) {
 					$islocked = 1;
 				}

-				$row = str_replace_array('-1', 'UL', $row, 'diskspace traffic mysqls emails email_accounts email_forwarders ftps tickets subdomains email_autoresponder');
+				$row = str_replace_array('-1', 'UL', $row, 'diskspace traffic mysqls emails email_accounts email_forwarders ftps tickets subdomains');
 				$row = htmlentities_array($row);
+
+				// fix progress-bars if value is >100%
+				if ($disk_percent > 100) {
+					$disk_percent = 100;
+				}
+				if ($traffic_percent > 100) {
+					$traffic_percent = 100;
+				}
+
+				$row['custom_notes'] = ($row['custom_notes'] != '') ? nl2br($row['custom_notes']) : '';
+
 				eval("\$customers.=\"" . getTemplate("customers/customers_customer") . "\";");
 				$count++;
 			}
@@ -200,7 +217,11 @@ if ($page == 'customers'
 			WHERE `customerid` = :id" .
 			($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid")
 		);
-		$result = Database::pexecute_first($result_stmt, array('id' => $id, 'adminid' => $userinfo['adminid']));
+		$result_data = array('id' => $id);
+		if ($userinfo['customers_see_all'] == '0') {
+			$result_data['adminid'] = $userinfo['adminid'];
+		}
+		$result = Database::pexecute_first($result_stmt, $result_data);

 		if ($result['loginname'] != '') {

@@ -247,7 +268,7 @@ if ($page == 'customers'
 				Database::needRoot(true);
 				$last_dbserver = 0;

-				$dbm = new DbManager($settings, $log);
+				$dbm = new DbManager($log);

 				while ($row_database = $databases_stmt->fetch(PDO::FETCH_ASSOC)) {

@@ -266,6 +287,15 @@ if ($page == 'customers'
 				Database::pexecute($stmt, array('id' => $id));
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DATABASES . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
+				// first gather all domain-id's to clean up panel_domaintoip and dns-entries accordingly
+				$did_stmt = Database::prepare("SELECT `id` FROM `".TABLE_PANEL_DOMAINS."` WHERE `customerid` = :id");
+				Database::pexecute($did_stmt, array('id' => $id));
+				while ($row = $did_stmt->fetch(PDO::FETCH_ASSOC)) {
+					$stmt = Database::prepare("DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = :did");
+					Database::pexecute($stmt, array('did' => $row['id']));
+					$stmt = Database::prepare("DELETE FROM `" . TABLE_DOMAIN_DNS . "` WHERE `domain_id` = :did");
+					Database::pexecute($stmt, array('did' => $row['id']));
+				}
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
 				$domains_deleted = $stmt->rowCount();
@@ -291,8 +321,6 @@ if ($page == 'customers'
 				Database::pexecute($stmt, array('id' => $id));
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_FTP_USERS . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
-				$stmt = Database::prepare("DELETE FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = :id");
-				Database::pexecute($stmt, array('id' => $id));

 				// Delete all waiting "create user" -tasks for this user, #276
 				// Note: the WHERE selects part of a serialized array, but it should be safe this way
@@ -302,26 +330,6 @@ if ($page == 'customers'
 				);
 				Database::pexecute($del_stmt, array('loginname' => "%:{$result['loginname']};%"));

-				// remove everything APS-related, #216
-				$apsresult_stmt = Database::prepare("SELECT `ID` FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID` = :id");
-				Database::pexecute($apsresult_stmt, array('id' => $id));
-
-				while ($apsrow = $apsresult_stmt->fetch(PDO::FETCH_ASSOC)) {
-					// remove all package related settings
-					$del_stmt = Database::prepare("DELETE FROM `".TABLE_APS_SETTINGS."` WHERE `InstanceID` = :iid");
-					Database::pexecute($del_stmt, array('iid' => $apsrow['ID']));
-					// maybe some leftovers in the tasks
-					$del_stmt = Database::prepare("DELETE FROM `".TABLE_APS_TASKS."` WHERE `InstanceID` = :iid");
-					Database::pexecute($del_stmt, array('iid' => $apsrow['ID']));
-				}
-				// now remove all user instances
-				$stmt = Database::prepare("DELETE FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID` = :id");
-				Database::pexecute($stmt, array('id' => $id));
-				// eventually some temp-setting-leftovers
-				$stmt = Database::prepare("DELETE FROM `".TABLE_APS_TEMP_SETTINGS."` WHERE `CustomerID` = :id");
-				Database::pexecute($stmt, array('id' => $id));
-				// eof APS-related removings, #216
-
 				$admin_update_query = "UPDATE `" . TABLE_PANEL_ADMINS . "` SET `customers_used` = `customers_used` - 1 ";
 				$admin_update_query.= ", `domains_used` = `domains_used` - 0" . (int)($domains_deleted - $result['subdomains_used']);

@@ -345,10 +353,6 @@ if ($page == 'customers'
 					$admin_update_query.= ", `email_quota_used` = `email_quota_used` - 0" . (int)$result['email_quota'];
 				}

-				if ($result['email_autoresponder'] != '-1') {
-					$admin_update_query.= ", `email_autoresponder_used` = `email_autoresponder_used` - 0" . (int)$result['email_autoresponder'];
-				}
-
 				if ($result['subdomains'] != '-1') {
 					$admin_update_query.= ", `subdomains_used` = `subdomains_used` - 0" . (int)$result['subdomains'];
 				}
@@ -361,10 +365,6 @@ if ($page == 'customers'
 					$admin_update_query.= ", `tickets_used` = `tickets_used` - 0" . (int)$result['tickets'];
 				}

-				if ($result['aps_packages'] != '-1') {
-					$admin_update_query.= ", `aps_packages_used` = `aps_packages_used` - 0" . (int)$result['aps_packages'];
-				}
-
 				if (($result['diskspace'] / 1024) != '-1') {
 					$admin_update_query.= ", `diskspace_used` = `diskspace_used` - 0" . (int)$result['diskspace'];
 				}
@@ -393,7 +393,7 @@ if ($page == 'customers'
 				if ($tickets !== false && isset($tickets[0])) {
 					foreach ($tickets as $ticket) {
 						$now = time();
-						$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$ticket);
+						$mainticket = ticket::getInstanceOf($userinfo, (int)$ticket);
 						$mainticket->Set('lastchange', $now, true, true);
 						$mainticket->Set('lastreplier', '1', true, true);
 						$mainticket->Set('status', '3', true, true);
@@ -430,6 +430,12 @@ if ($page == 'customers'
 				$def_language = validate($_POST['def_language'], 'default language');
 				$gender = intval_ressource($_POST['gender']);

+				$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+				$custom_notes_show = 0;
+				if (isset($_POST['custom_notes_show'])) {
+				    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+				}
+
 				$diskspace = intval_ressource($_POST['diskspace']);
 				if (isset($_POST['diskspace_ul'])) {
 					$diskspace = - 1;
@@ -460,7 +466,7 @@ if ($page == 'customers'
 					$email_forwarders = - 1;
 				}

-				if ($settings['system']['mail_quota_enabled'] == '1') {
+				if (Settings::Get('system.mail_quota_enabled') == '1') {
 					$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
 					if (isset($_POST['email_quota_ul'])) {
 						$email_quota = - 1;
@@ -469,15 +475,6 @@ if ($page == 'customers'
 					$email_quota = - 1;
 				}

-				if ($settings['autoresponder']['autoresponder_active'] == '1') {
-					$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
-					if (isset($_POST['email_autoresponder_ul'])) {
-						$email_autoresponder = - 1;
-					}
-				} else {
-					$email_autoresponder = 0;
-				}
-
 				$email_imap = 0;
 				if (isset($_POST['email_imap'])) {
 					$email_imap = intval_ressource($_POST['email_imap']);
@@ -496,9 +493,9 @@ if ($page == 'customers'
 					$ftps = - 1;
 				}

-				$tickets = ($settings['ticket']['enabled'] == 1 ? intval_ressource($_POST['tickets']) : 0);
+				$tickets = (Settings::Get('ticket.enabled') == 1 ? intval_ressource($_POST['tickets']) : 0);
 				if (isset($_POST['tickets_ul'])
-					&& $settings['ticket']['enabled'] == '1'
+					&& Settings::Get('ticket.enabled') == '1'
 				) {
 					$tickets = - 1;
 				}
@@ -508,15 +505,6 @@ if ($page == 'customers'
 					$mysqls = - 1;
 				}

-				if ($settings['aps']['aps_active'] == '1') {
-					$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
-					if (isset($_POST['number_of_aps_packages_ul'])) {
-						$number_of_aps_packages = - 1;
-					}
-				} else {
-					$number_of_aps_packages = 0;
-				}
-
 				$createstdsubdomain = 0;
 				if(isset($_POST['createstdsubdomain'])) {
 					$createstdsubdomain = intval($_POST['createstdsubdomain']);
@@ -529,15 +517,6 @@ if ($page == 'customers'
 					$password = validatePassword($password);
 				}

-				$backup_allowed = 0;
-				if (isset($_POST['backup_allowed'])) {
-					$backup_allowed = intval($_POST['backup_allowed']);
-				}
-
-				if ($backup_allowed != 0) {
-					$backup_allowed = 1;
-				}
-
 				// gender out of range? [0,2]
 				if ($gender < 0 || $gender > 2) {
 					$gender = 0;
@@ -558,6 +537,11 @@ if ($page == 'customers'
 					$perlenabled = intval($_POST['perlenabled']);
 				}

+				$dnsenabled = 0;
+				if (isset($_POST['dnsenabled'])) {
+					$dnsenabled = intval($_POST['dnsenabled']);
+				}
+
 				$store_defaultindex = 0;
 				if (isset($_POST['store_defaultindex'])) {
 					$store_defaultindex = intval($_POST['store_defaultindex']);
@@ -571,26 +555,21 @@ if ($page == 'customers'
 				   || ((($userinfo['emails_used'] + $emails) > $userinfo['emails']) && $userinfo['emails'] != '-1')
 				   || ((($userinfo['email_accounts_used'] + $email_accounts) > $userinfo['email_accounts']) && $userinfo['email_accounts'] != '-1')
 				   || ((($userinfo['email_forwarders_used'] + $email_forwarders) > $userinfo['email_forwarders']) && $userinfo['email_forwarders'] != '-1')
-				   || ((($userinfo['email_quota_used'] + $email_quota) > $userinfo['email_quota']) && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
-				   || ((($userinfo['email_autoresponder_used'] + $email_autoresponder) > $userinfo['email_autoresponder']) && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
+				   || ((($userinfo['email_quota_used'] + $email_quota) > $userinfo['email_quota']) && $userinfo['email_quota'] != '-1' && Settings::Get('system.mail_quota_enabled') == '1')
 				   || ((($userinfo['ftps_used'] + $ftps) > $userinfo['ftps']) && $userinfo['ftps'] != '-1')
 				   || ((($userinfo['tickets_used'] + $tickets) > $userinfo['tickets']) && $userinfo['tickets'] != '-1')
 				   || ((($userinfo['subdomains_used'] + $subdomains) > $userinfo['subdomains']) && $userinfo['subdomains'] != '-1')
-				   || ((($userinfo['aps_packages_used'] + $number_of_aps_packages) > $userinfo['aps_packages']) && $userinfo['aps_packages'] != '-1' && $settings['aps']['aps_active'] == '1')
 				   || (($diskspace / 1024) == '-1' && ($userinfo['diskspace'] / 1024) != '-1')
 				   || ($mysqls == '-1' && $userinfo['mysqls'] != '-1')
 				   || ($emails == '-1' && $userinfo['emails'] != '-1')
 				   || ($email_accounts == '-1' && $userinfo['email_accounts'] != '-1')
 				   || ($email_forwarders == '-1' && $userinfo['email_forwarders'] != '-1')
-				   || ($email_quota == '-1' && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
-				   || ($email_autoresponder == '-1' && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
+				   || ($email_quota == '-1' && $userinfo['email_quota'] != '-1' && Settings::Get('system.mail_quota_enabled') == '1')
 				   || ($ftps == '-1' && $userinfo['ftps'] != '-1')
 				   || ($tickets == '-1' && $userinfo['tickets'] != '-1')
 				   || ($subdomains == '-1' && $userinfo['subdomains'] != '-1')
-				   || ($number_of_aps_packages == '-1' && $userinfo['aps_packages'] != '-1')
 				) {
 					standard_error('youcantallocatemorethanyouhave');
-					exit;
 				}

 				// Either $name and $firstname or the $company must be inserted
@@ -611,12 +590,12 @@ if ($page == 'customers'
 					if (isset($_POST['new_loginname'])
 						&& $_POST['new_loginname'] != ''
 					) {
-						$accountnumber = intval($settings['system']['lastaccountnumber']);
+						$accountnumber = intval(Settings::Get('system.lastaccountnumber'));
 						$loginname = validate($_POST['new_loginname'], 'loginname', '/^[a-z][a-z0-9\-_]+$/i');

 						// Accounts which match systemaccounts are not allowed, filtering them
-						if (preg_match('/^' . preg_quote($settings['customer']['accountprefix'], '/') . '([0-9]+)/', $loginname)) {
-							standard_error('loginnameissystemaccount', $settings['customer']['accountprefix']);
+						if (preg_match('/^' . preg_quote(Settings::Get('customer.accountprefix'), '/') . '([0-9]+)/', $loginname)) {
+							standard_error('loginnameissystemaccount', Settings::Get('customer.accountprefix'));
 						}

 						// Additional filtering for Bug #962
@@ -624,12 +603,12 @@ if ($page == 'customers'
 								&& !in_array("posix_getpwnam", explode(",", ini_get('disable_functions')))
 								&& posix_getpwnam($loginname)
 						) {
-							standard_error('loginnameissystemaccount', $settings['customer']['accountprefix']);
+							standard_error('loginnameissystemaccount', Settings::Get('customer.accountprefix'));
 						}

 					} else {
-						$accountnumber = intval($settings['system']['lastaccountnumber']) + 1;
-						$loginname = $settings['customer']['accountprefix'] . $accountnumber;
+						$accountnumber = intval(Settings::Get('system.lastaccountnumber')) + 1;
+						$loginname = Settings::Get('customer.accountprefix') . $accountnumber;
 					}

 					// Check if the account already exists
@@ -648,16 +627,16 @@ if ($page == 'customers'
 					) {
 						standard_error('loginnameexists', $loginname);

-					} elseif (!validateUsername($loginname, $settings['panel']['unix_names'], 14 - strlen($settings['customer']['mysqlprefix']))) {
-						if (strlen($loginname) > 14 - strlen($settings['customer']['mysqlprefix'])) {
-							standard_error('loginnameiswrong2', 14 - strlen($settings['customer']['mysqlprefix']));
+					} elseif (!validateUsername($loginname, Settings::Get('panel.unix_names'), 14 - strlen(Settings::Get('customer.mysqlprefix')))) {
+						if (strlen($loginname) > 14 - strlen(Settings::Get('customer.mysqlprefix'))) {
+							standard_error('loginnameiswrong2', 14 - strlen(Settings::Get('customer.mysqlprefix')));
 						} else {
 							standard_error('loginnameiswrong', $loginname);
 						}
 					}

-					$guid = intval($settings['system']['lastguid']) + 1;
-					$documentroot = makeCorrectDir($settings['system']['documentroot_prefix'] . '/' . $loginname);
+					$guid = intval(Settings::Get('system.lastguid')) + 1;
+					$documentroot = makeCorrectDir(Settings::Get('system.documentroot_prefix') . '/' . $loginname);

 					if (file_exists($documentroot)) {
 						standard_error('documentrootexists', $documentroot);
@@ -675,16 +654,20 @@ if ($page == 'customers'
 						$perlenabled = '1';
 					}

-					if ($password == '') {
-						$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
+					if ($dnsenabled != '0') {
+						$dnsenabled = '1';
 					}

-					$_theme = $settings['panel']['default_theme'];
+					if ($password == '') {
+						$password = generatePassword();
+					}
+
+					$_theme = Settings::Get('panel.default_theme');

 					$ins_data = array(
 						'adminid' => $userinfo['adminid'],
 						'loginname' => $loginname,
-						'passwd' => md5($password),
+						'passwd' => makeCryptPassword($password),
 						'name' => $name,
 						'firstname' => $firstname,
 						'gender' => $gender,
@@ -712,11 +695,11 @@ if ($page == 'customers'
 						'phpenabled' => $phpenabled,
 						'imap' => $email_imap,
 						'pop3' => $email_pop3,
-						'aps' => $number_of_aps_packages,
 						'perlenabled' => $perlenabled,
-						'email_autoresponder' => $email_autoresponder,
-						'backup_allowed' => $backup_allowed,
-						'theme' => $theme
+						'dnsenabled' => $dnsenabled,
+						'theme' => $_theme,
+						'custom_notes' => $custom_notes,
+						'custom_notes_show' => $custom_notes_show
 					);

 					$ins_stmt = Database::prepare("
@@ -752,11 +735,11 @@ if ($page == 'customers'
 						`phpenabled` = :phpenabled,
 						`imap` = :imap,
 						`pop3` = :pop3,
-						`aps_packages` = :aps,
 						`perlenabled` = :perlenabled,
-						`email_autoresponder` = :email_autoresponder,
-						`backup_allowed` = :backup_allowed,
-						`theme` = :theme"
+						`dnsenabled` = :dnsenabled,
+						`theme` = :theme,
+						`custom_notes` = :custom_notes,
+						`custom_notes_show` = :custom_notes_show"
 					);
 					Database::pexecute($ins_stmt, $ins_data);

@@ -784,12 +767,6 @@ if ($page == 'customers'
 						$admin_update_query.= ", `email_quota_used` = `email_quota_used` + 0" . (int)$email_quota;
 					}

-					if ($email_autoresponder != '-1'
-						&& $settings['autoresponder']['autoresponder_active'] == 1
-					) {
-						$admin_update_query.= ", `email_autoresponder_used` = `email_autoresponder_used` + 0" . (int)$email_autoresponder;
-					}
-
 					if ($subdomains != '-1') {
 						$admin_update_query.= ", `subdomains_used` = `subdomains_used` + 0" . (int)$subdomains;
 					}
@@ -799,7 +776,7 @@ if ($page == 'customers'
 					}

 					if ($tickets != '-1'
-						&& $settings['ticket']['enabled'] == 1
+						&& Settings::Get('ticket.enabled') == 1
 					) {
 						$admin_update_query.= ", `tickets_used` = `tickets_used` + 0" . (int)$tickets;
 					}
@@ -808,10 +785,6 @@ if ($page == 'customers'
 						$admin_update_query.= ", `diskspace_used` = `diskspace_used` + 0" . (int)$diskspace;
 					}

-					if ($number_of_aps_packages != '-1') {
-						$admin_update_query.= ", `aps_packages_used` = `aps_packages_used` + 0" . (int)$number_of_aps_packages;
-					}
-
 					$admin_update_query.= " WHERE `adminid` = '" . (int)$userinfo['adminid'] . "'";
 					Database::query($admin_update_query);

@@ -822,7 +795,7 @@ if ($page == 'customers'
 					);
 					Database::pexecute($upd_stmt, array('guid' => $guid));

-					if ($accountnumber != intval($settings['system']['lastaccountnumber'])) {
+					if ($accountnumber != intval(Settings::Get('system.lastaccountnumber'))) {
 						$upd_stmt = Database::prepare("
 						UPDATE `" . TABLE_PANEL_SETTINGS . "` SET
 							`value` = :accno
@@ -858,7 +831,7 @@ if ($page == 'customers'
 						'passwd' => $htpasswdPassword
 					);

-					if ($settings['system']['awstats_enabled'] == '1') {
+					if (Settings::Get('system.awstats_enabled') == '1') {
 						$ins_data['path'] = makeCorrectDir($documentroot . '/awstats/');
 						$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added awstats htpasswd for user '" . $loginname . "'");
 					} else {
@@ -871,7 +844,7 @@ if ($page == 'customers'
 					$cryptPassword = makeCryptPassword($password);
 					// FTP-User
 					$ins_stmt = Database::prepare("
-						INSERT INTO `" . TABLE_FTP_USERS . "` SET `customerid` = :customerid, `username` = :username,
+						INSERT INTO `" . TABLE_FTP_USERS . "` SET `customerid` = :customerid, `username` = :username, `description` = :desc,
 							`password` = :passwd, `homedir` = :homedir, `login_enabled` = 'y', `uid` = :guid, `gid` = :guid"
 					);
 					$ins_data = array(
@@ -879,7 +852,8 @@ if ($page == 'customers'
 						'username' => $loginname,
 						'passwd' => $cryptPassword,
 						'homedir' => $documentroot,
-						'guid' => $guid
+						'guid' => $guid,
+						'desc' => "Default"
 					);
 					Database::pexecute($ins_stmt, $ins_data);
 					// FTP-Group
@@ -890,9 +864,27 @@ if ($page == 'customers'
 							'customerid' => $customerid,
 							'groupname' => $loginname,
 							'guid' => $guid,
-							'members' => $loginname
+							'members' => $loginname.','.Settings::Get('system.httpuser')
 					);
+
+					// also, add froxlor-local user to ftp-group (if exists!) to
+					// allow access to customer-directories from within the panel, which
+					// is necessary when pathedit = Dropdown
+					if ((int)Settings::Get('system.mod_fcgid_ownvhost') == 1 || (int)Settings::Get('phpfpm.enabled_ownvhost') == 1) {
+						if ((int)Settings::Get('system.mod_fcgid') == 1) {
+							$local_user = Settings::Get('system.mod_fcgid_httpuser');
+						} else {
+							$local_user = Settings::Get('phpfpm.vhost_httpuser');
+						}
+						// check froxlor-local user membership in ftp-group
+						// without this check addition may duplicate user in list if httpuser == local_user
+						if (strpos($ins_data['members'], $local_user) == false) {
+							$ins_data['members'] .= ','.$local_user;
+						}
+					}
+
 					Database::pexecute($ins_stmt, $ins_data);
+
 					// FTP-Quotatallies
 					$ins_stmt = Database::prepare("
 						INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` SET `name` = :name, `quota_type` = 'user', `bytes_in_used` = '0',
@@ -905,12 +897,12 @@ if ($page == 'customers'

 					if ($createstdsubdomain == '1') {

-						if (isset($settings['system']['stdsubdomain'])
-							&& $settings['system']['stdsubdomain'] != ''
+						if (Settings::Get('system.stdsubdomain') !== null
+							&& Settings::Get('system.stdsubdomain') != ''
 						) {
-							$_stdsubdomain = $loginname . '.' . $settings['system']['stdsubdomain'];
+							$_stdsubdomain = $loginname . '.' . Settings::Get('system.stdsubdomain');
 						} else {
-							$_stdsubdomain = $loginname . '.' . $settings['system']['hostname'];
+							$_stdsubdomain = $loginname . '.' . Settings::Get('system.hostname');
 						}

 						$ins_data = array(
@@ -925,7 +917,7 @@ if ($page == 'customers'
 							`domain` = :domain,
 							`customerid` = :customerid,
 							`adminid` = :adminid,
-							`parentdomainid` = '-1',
+							`parentdomainid` = '0',
 							`documentroot` = :docroot,
 							`zonefile` = '',
 							`isemaildomain` = '0',
@@ -933,16 +925,22 @@ if ($page == 'customers'
 							`openbasedir` = '1',
 							`speciallogfile` = '0',
 							`specialsettings` = '',
+							`dkim_id` = '0',
+							`dkim_privkey` = '',
+							`dkim_pubkey` = '',
 							`add_date` = :adddate"
 						);
 						Database::pexecute($ins_stmt, $ins_data);
 						$domainid = Database::lastInsertId();

 						// set ip <-> domain connection
+						$defaultips = explode(',', Settings::Get('system.defaultip'));
 						$ins_stmt = Database::prepare("
 							  INSERT INTO `" . TABLE_DOMAINTOIP . "` SET `id_domain` = :domainid, `id_ipandports` = :ipid"
 						);
-						Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => $settings['system']['defaultip']));
+						foreach ($defaultips as $defaultip) {
+							Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => $defaultip));
+						}

 						$upd_stmt = Database::prepare("
 							UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `standardsubdomain` = :domainid WHERE `customerid` = :customerid"
@@ -954,8 +952,8 @@ if ($page == 'customers'

 					if ($sendpassword == '1') {

-						$srv_hostname = $settings['system']['hostname'];
-						if ($settings['system']['froxlordirectlyviahostname'] == '0') {
+						$srv_hostname = Settings::Get('system.hostname');
+						if (Settings::Get('system.froxlordirectlyviahostname') == '0') {
 							$srv_hostname .= '/froxlor';
 						}

@@ -963,7 +961,9 @@ if ($page == 'customers'
 							SELECT ip, port FROM `".TABLE_PANEL_IPSANDPORTS."`
 							WHERE `id` = :defaultip
 						");
-						$srv_ip = Database::pexecute_first($srv_ip_stmt, array('defaultip' => $settings['system']['defaultip']));
+						$default_ips = Settings::Get('system.defaultip');
+						$default_ips = explode(',', $default_ips);
+						$srv_ip = Database::pexecute_first($srv_ip_stmt, array('defaultip' => reset($default_ips)));

 						$replace_arr = array(
 							'FIRSTNAME' => $firstname,
@@ -1023,7 +1023,7 @@ if ($page == 'customers'
 				$language_options = '';

 				while (list($language_file, $language_name) = each($languages)) {
-					$language_options.= makeoption($language_name, $language_file, $settings['panel']['standardlanguage'], true);
+					$language_options.= makeoption($language_name, $language_file, Settings::Get('panel.standardlanguage'), true);
 				}

 				$diskspace_ul = makecheckbox('diskspace_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
@@ -1033,11 +1033,9 @@ if ($page == 'customers'
 				$email_accounts_ul = makecheckbox('email_accounts_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$email_forwarders_ul = makecheckbox('email_forwarders_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$email_quota_ul = makecheckbox('email_quota_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
-				$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 				$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
-				$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);

 				$gender_options = makeoption($lng['gender']['undef'], 0, true, true, true);
 				$gender_options .= makeoption($lng['gender']['male'], 1, null, true, true);
@@ -1067,6 +1065,24 @@ if ($page == 'customers'
 		}
 		$result = Database::pexecute_first($result_stmt, $result_data);

+		/*
+		 * information for moving customer
+		 */
+		$available_admins_stmt = Database::prepare("
+                        SELECT * FROM `" . TABLE_PANEL_ADMINS . "`
+                        WHERE (`customers` = '-1' OR `customers` > `customers_used`)"
+		);
+		Database::pexecute($available_admins_stmt);
+		$admin_select = makeoption("-----", 0, true, true, true);
+		$admin_select_cnt = 0;
+		while ($available_admin = $available_admins_stmt->fetch()) {
+			$admin_select .= makeoption($available_admin['name']." (".$available_admin['loginname'].")", $available_admin['adminid'], null, true, true);
+			$admin_select_cnt++;
+		}
+		/*
+		 * end of moving customer stuff
+		 */
+
 		if ($result['loginname'] != '') {

 			if (isset($_POST['send'])
@@ -1087,6 +1103,14 @@ if ($page == 'customers'
 				$password = validate($_POST['new_customer_password'], 'new password');
 				$gender = intval_ressource($_POST['gender']);

+				$move_to_admin = isset($_POST['move_to_admin']) ? intval_ressource($_POST['move_to_admin']) : 0;
+
+				$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+				$custom_notes_show = $result['custom_notes_show'];
+				if (isset($_POST['custom_notes_show'])) {
+				    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+				}
+
 				$diskspace = intval_ressource($_POST['diskspace']);
 				if (isset($_POST['diskspace_ul'])) {
 					$diskspace = - 1;
@@ -1117,7 +1141,7 @@ if ($page == 'customers'
 					$email_forwarders = - 1;
 				}

-				if ($settings['system']['mail_quota_enabled'] == '1') {
+				if (Settings::Get('system.mail_quota_enabled') == '1') {
 					$email_quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array('0', ''));
 					if (isset($_POST['email_quota_ul'])) {
 						$email_quota = - 1;
@@ -1126,15 +1150,6 @@ if ($page == 'customers'
 					$email_quota = - 1;
 				}

-				if ($settings['autoresponder']['autoresponder_active'] == '1') {
-					$email_autoresponder = intval_ressource($_POST['email_autoresponder']);
-					if (isset($_POST['email_autoresponder_ul'])) {
-						$email_autoresponder = - 1;
-					}
-				} else {
-					$email_autoresponder = 0;
-				}
-
 				$email_imap = 0;
 				if (isset($_POST['email_imap'])) {
 					$email_imap = intval_ressource($_POST['email_imap']);
@@ -1153,21 +1168,13 @@ if ($page == 'customers'
 					$ftps = - 1;
 				}

-				$tickets = ($settings['ticket']['enabled'] == 1 ? intval_ressource($_POST['tickets']) : 0);
+				$tickets = (Settings::Get('ticket.enabled') == 1 ? intval_ressource($_POST['tickets']) : 0);
 				if (isset($_POST['tickets_ul'])
-					&& $settings['ticket']['enabled'] == '1'
+					&& Settings::Get('ticket.enabled') == '1'
 				) {
 					$tickets = - 1;
 				}

-				$backup_allowed = 0;
-				if (isset($_POST['backup_allowed'])) {
-					$backup_allowed = intval($_POST['backup_allowed']);
-				}
-				if ($backup_allowed != '0') {
-					$backup_allowed = 1;
-				}
-
 				// gender out of range? [0,2]
 				if ($gender < 0 || $gender > 2) {
 					$gender = 0;
@@ -1181,15 +1188,6 @@ if ($page == 'customers'
 					$mysqls = - 1;
 				}

-				if ($settings['aps']['aps_active'] == '1') {
-					$number_of_aps_packages = intval_ressource($_POST['number_of_aps_packages']);
-					if (isset($_POST['number_of_aps_packages_ul'])) {
-						$number_of_aps_packages = - 1;
-					}
-				} else {
-					$number_of_aps_packages = 0;
-				}
-
 				$createstdsubdomain = 0;
 				if (isset($_POST['createstdsubdomain'])) {
 					$createstdsubdomain = intval($_POST['createstdsubdomain']);
@@ -1210,6 +1208,11 @@ if ($page == 'customers'
 					$perlenabled = intval($_POST['perlenabled']);
 				}

+				$dnsenabled = 0;
+				if (isset($_POST['dnsenabled'])) {
+					$dnsenabled = intval($_POST['dnsenabled']);
+				}
+
 				$diskspace = $diskspace * 1024;
 				$traffic = $traffic * 1024 * 1024;

@@ -1218,26 +1221,21 @@ if ($page == 'customers'
 				   || ((($userinfo['emails_used'] + $emails - $result['emails']) > $userinfo['emails']) && $userinfo['emails'] != '-1')
 				   || ((($userinfo['email_accounts_used'] + $email_accounts - $result['email_accounts']) > $userinfo['email_accounts']) && $userinfo['email_accounts'] != '-1')
 				   || ((($userinfo['email_forwarders_used'] + $email_forwarders - $result['email_forwarders']) > $userinfo['email_forwarders']) && $userinfo['email_forwarders'] != '-1')
-				   || ((($userinfo['email_quota_used'] + $email_quota - $result['email_quota']) > $userinfo['email_quota']) && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
-				   || ((($userinfo['email_autoresponder_used'] + $email_autoresponder - $result['email_autoresponder']) > $userinfo['email_autoresponder']) && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
+				   || ((($userinfo['email_quota_used'] + $email_quota - $result['email_quota']) > $userinfo['email_quota']) && $userinfo['email_quota'] != '-1' && Settings::Get('system.mail_quota_enabled') == '1')
 				   || ((($userinfo['ftps_used'] + $ftps - $result['ftps']) > $userinfo['ftps']) && $userinfo['ftps'] != '-1')
 				   || ((($userinfo['tickets_used'] + $tickets - $result['tickets']) > $userinfo['tickets']) && $userinfo['tickets'] != '-1')
 				   || ((($userinfo['subdomains_used'] + $subdomains - $result['subdomains']) > $userinfo['subdomains']) && $userinfo['subdomains'] != '-1')
 				   || (($diskspace / 1024) == '-1' && ($userinfo['diskspace'] / 1024) != '-1')
-				   || ((($userinfo['aps_packages'] + $number_of_aps_packages - $result['aps_packages']) > $userinfo['aps_packages']) && $userinfo['aps_packages'] != '-1' && $settings['aps']['aps_active'] == '1')
 				   || ($mysqls == '-1' && $userinfo['mysqls'] != '-1')
 				   || ($emails == '-1' && $userinfo['emails'] != '-1')
 				   || ($email_accounts == '-1' && $userinfo['email_accounts'] != '-1')
 				   || ($email_forwarders == '-1' && $userinfo['email_forwarders'] != '-1')
-				   || ($email_quota == '-1' && $userinfo['email_quota'] != '-1' && $settings['system']['mail_quota_enabled'] == '1')
-				   || ($email_autoresponder == '-1' && $userinfo['email_autoresponder'] != '-1' && $settings['autoresponder']['autoresponder_active'] == '1')
+				   || ($email_quota == '-1' && $userinfo['email_quota'] != '-1' && Settings::Get('system.mail_quota_enabled') == '1')
 				   || ($ftps == '-1' && $userinfo['ftps'] != '-1')
 				   || ($tickets == '-1' && $userinfo['tickets'] != '-1')
 				   || ($subdomains == '-1' && $userinfo['subdomains'] != '-1')
-				   || ($number_of_aps_packages == '-1' && $userinfo['aps_packages'] != '-1')
 				) {
 					standard_error('youcantallocatemorethanyouhave');
-					exit;
 				}

 				// Either $name and $firstname or the $company must be inserted
@@ -1257,7 +1255,7 @@ if ($page == 'customers'

 					if ($password != '') {
 						$password = validatePassword($password);
-						$password = md5($password);
+						$password = makeCryptPassword($password);
 					} else {
 						$password = $result['password'];
 					}
@@ -1270,12 +1268,12 @@ if ($page == 'customers'
 						&& $result['standardsubdomain'] == '0'
 					) {

-						if (isset($settings['system']['stdsubdomain'])
-							&& $settings['system']['stdsubdomain'] != ''
+						if (Settings::Get('system.stdsubdomain') !== null
+							&& Settings::Get('system.stdsubdomain') != ''
 						) {
-							$_stdsubdomain = $result['loginname'] . '.' . $settings['system']['stdsubdomain'];
+							$_stdsubdomain = $result['loginname'] . '.' . Settings::Get('system.stdsubdomain');
 						} else {
-							$_stdsubdomain = $result['loginname'] . '.' . $settings['system']['hostname'];
+							$_stdsubdomain = $result['loginname'] . '.' . Settings::Get('system.hostname');
 						}

 						$ins_data = array(
@@ -1290,7 +1288,7 @@ if ($page == 'customers'
 							`domain` = :domain,
 							`customerid` = :customerid,
 							`adminid` = :adminid,
-							`parentdomainid` = '-1',
+							`parentdomainid` = '0',
 							`documentroot` = :docroot,
 							`zonefile` = '',
 							`isemaildomain` = '0',
@@ -1304,10 +1302,13 @@ if ($page == 'customers'
 						$domainid = Database::lastInsertId();

 						// set ip <-> domain connection
+						$defaultips = explode(',', Settings::Get('system.defaultip'));
 						$ins_stmt = Database::prepare("
 							  INSERT INTO `" . TABLE_DOMAINTOIP . "` SET `id_domain` = :domainid, `id_ipandports` = :ipid"
 						);
-						Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => $settings['system']['defaultip']));
+						foreach ($defaultips as $defaultip) {
+							Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => $defaultip));
+						}

 						$upd_stmt = Database::prepare("
 							UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `standardsubdomain` = :domainid WHERE `customerid` = :customerid"
@@ -1343,6 +1344,10 @@ if ($page == 'customers'
 						$perlenabled = '1';
 					}

+					if ($dnsenabled != '0') {
+						$dnsenabled = '1';
+					}
+
 					if ($phpenabled != $result['phpenabled']
 						|| $perlenabled != $result['perlenabled']
 					) {
@@ -1378,7 +1383,7 @@ if ($page == 'customers'
 						Database::needRoot(true);
 						$last_dbserver = 0;

-						$dbm = new DbManager($settings, $log);
+						$dbm = new DbManager($log);

 						// For each of them
 						while ($row_database = $databases_stmt->fetch(PDO::FETCH_ASSOC)) {
@@ -1389,7 +1394,7 @@ if ($page == 'customers'
 								$last_dbserver = $row_database['dbserver'];
 							}

-							foreach (array_unique(explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host) {
+							foreach (array_unique(explode(',', Settings::Get('system.mysql_access_host'))) as $mysql_access_host) {
 								$mysql_access_host = trim($mysql_access_host);

 								// Prevent access, if deactivated
@@ -1452,10 +1457,10 @@ if ($page == 'customers'
 						'phpenabled' => $phpenabled,
 						'imap' => $email_imap,
 						'pop3' => $email_pop3,
-						'aps' => $number_of_aps_packages,
 						'perlenabled' => $perlenabled,
-						'email_autoresponder' => $email_autoresponder,
-						'backup_allowed' => $backup_allowed
+						'dnsenabled' => $dnsenabled,
+						'custom_notes' => $custom_notes,
+						'custom_notes_show' => $custom_notes_show
 					);
 					$upd_stmt = Database::prepare("
 						UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
@@ -1486,10 +1491,10 @@ if ($page == 'customers'
 						`email_quota` = :email_quota,
 						`imap` = :imap,
 						`pop3` = :pop3,
-						`aps_packages` = :aps,
 						`perlenabled` = :perlenabled,
-						`email_autoresponder` = :email_autoresponder,
-						`backup_allowed` = :backup_allowed
+						`dnsenabled` = :dnsenabled,
+						`custom_notes` = :custom_notes,
+						`custom_notes_show` = :custom_notes_show
 						WHERE `customerid` = :customerid"
 					);
 					Database::pexecute($upd_stmt, $upd_data);
@@ -1554,17 +1559,6 @@ if ($page == 'customers'
 						}
 					}

-					if ($email_autoresponder != '-1' || $result['email_autoresponder'] != '-1') {
-						$admin_update_query.= ", `email_autoresponder_used` = `email_autoresponder_used` ";
-
-						if ($email_autoresponder != '-1') {
-							$admin_update_query.= " + 0" . (int)$email_autoresponder . " ";
-						}
-						if ($result['email_autoresponder'] != '-1') {
-							$admin_update_query.= " - 0" . (int)$result['email_autoresponder'] . " ";
-						}
-					}
-
 					if ($subdomains != '-1' || $result['subdomains'] != '-1') {
 						$admin_update_query.= ", `subdomains_used` = `subdomains_used` ";

@@ -1609,20 +1603,20 @@ if ($page == 'customers'
 						}
 					}

-					if ($number_of_aps_packages != '-1' || $result['aps_packages'] != '-1') {
-						$admin_update_query.= ", `aps_packages_used` = `aps_packages_used` ";
-
-						if ($number_of_aps_packages != '-1') {
-							$admin_update_query.= " + 0" . (int)$number_of_aps_packages . " ";
-						}
-						if ($result['aps_packages'] != '-1') {
-							$admin_update_query.= " - 0" . (int)$result['aps_packages'] . " ";
-						}
-					}
-
 					$admin_update_query.= " WHERE `adminid` = '" . (int)$result['adminid'] . "'";
 					Database::query($admin_update_query);
 					$log->logAction(ADM_ACTION, LOG_INFO, "edited user '" . $result['loginname'] . "'");
+
+					/*
+					 * move customer to another admin/reseller; #1166
+					 */
+					if ($move_to_admin > 0 && $move_to_admin != $result['adminid']) {
+						$move_result = moveCustomerToAdmin($id, $move_to_admin);
+						if ($move_result != true) {
+							standard_error('moveofcustomerfailed', $move_result);
+						}
+					}
+
 					$redirect_props = Array(
 						'page' => $page,
 						's' => $s
@@ -1638,8 +1632,9 @@ if ($page == 'customers'
 					$language_options.= makeoption($language_name, $language_file, $result['def_language'], true);
 				}

-				$result['traffic'] = round($result['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
-				$result['diskspace'] = round($result['diskspace'] / 1024, $settings['panel']['decimal_places']);
+				$dec_places = Settings::Get('panel.decimal_places');
+				$result['traffic'] = round($result['traffic'] / (1024 * 1024), $dec_places);
+				$result['diskspace'] = round($result['diskspace'] / 1024, $dec_places);
 				$result['email'] = $idna_convert->decode($result['email']);

 				$diskspace_ul = makecheckbox('diskspace_ul', $lng['customer']['unlimited'], '-1', false, $result['diskspace'], true, true);
@@ -1677,11 +1672,6 @@ if ($page == 'customers'
 					$result['email_quota'] = '';
 				}

-				$email_autoresponder_ul = makecheckbox('email_autoresponder_ul', $lng['customer']['unlimited'], '-1', false, $result['email_autoresponder'], true, true);
-				if ($result['email_autoresponder'] == '-1') {
-					$result['email_autoresponder'] = '';
-				}
-
 				$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, $result['ftps'], true, true);
 				if ($result['ftps'] == '-1') {
 					$result['ftps'] = '';
@@ -1697,11 +1687,6 @@ if ($page == 'customers'
 					$result['mysqls'] = '';
 				}

-				$number_of_aps_packages_ul = makecheckbox('number_of_aps_packages_ul', $lng['customer']['unlimited'], '-1', false, $result['aps_packages'], true, true);
-				if ($result['aps_packages'] == '-1') {
-					$result['aps_packages'] = '';
-				}
-
 				$result = htmlentities_array($result);

 				$gender_options = makeoption($lng['gender']['undef'], 0, ($result['gender'] == '0' ? true : false), true, true);
--- a/admin_domains.php
+++ b/admin_domains.php
--- a/admin_index.php
+++ b/admin_index.php
@@ -26,7 +26,7 @@ if ($action == 'logout')  {

 	$params = array('adminid' => (int)$userinfo['adminid']);

-	if ($settings['session']['allow_multiple_login'] == '1') {
+	if (Settings::Get('session.allow_multiple_login') == '1') {
 		$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "`
 			WHERE `userid` = :adminid
 			AND `adminsession` = '1'
@@ -42,7 +42,6 @@ if ($action == 'logout')  {
 	Database::pexecute($stmt, $params);

 	redirectTo('index.php');
-	exit;
 }

 if (isset($_POST['id'])) {
@@ -60,17 +59,16 @@ if ($page == 'overview') {
 				SUM(`email_accounts_used`) AS `email_accounts_used`,
 				SUM(`email_forwarders_used`) AS `email_forwarders_used`,
 				SUM(`email_quota_used`) AS `email_quota_used`,
-				SUM(`email_autoresponder_used`) AS `email_autoresponder_used`,
 				SUM(`ftps_used`) AS `ftps_used`,
 				SUM(`tickets_used`) AS `tickets_used`,
 				SUM(`subdomains_used`) AS `subdomains_used`,
-				SUM(`traffic_used`) AS `traffic_used`,
-				SUM(`aps_packages_used`) AS `aps_packages_used`
+				SUM(`traffic_used`) AS `traffic_used`
 				FROM `" . TABLE_PANEL_CUSTOMERS . "`" . ($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = :adminid "));
 	$overview = Database::pexecute_first($overview_stmt, array('adminid' => $userinfo['adminid']));

-	$overview['traffic_used'] = round($overview['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$overview['diskspace_used'] = round($overview['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
+	$dec_places = Settings::Get('panel.decimal_places');
+	$overview['traffic_used'] = round($overview['traffic_used'] / (1024 * 1024), $dec_places);
+	$overview['diskspace_used'] = round($overview['diskspace_used'] / 1024, $dec_places);

 	$number_domains_stmt = Database::prepare("
 		SELECT COUNT(*) AS `number_domains` FROM `" . TABLE_PANEL_DOMAINS . "`
@@ -109,7 +107,7 @@ if ($page == 'overview') {
 					$lookfornewversion_addinfo = $_message;

 					// not numeric -> error-message
-					if (!is_numeric($_version)) {
+					if (!preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
 						// check for customized version to not output
 						// "There is a newer version of froxlor" besides the error-message
 						$isnewerversion = 2;
@@ -119,13 +117,13 @@ if ($page == 'overview') {
 						$isnewerversion = 0;
 					}
 				} else {
-					redirectTo($update_check_uri.'/pretty', NULL);
+					redirectTo($update_check_uri.'/pretty', NULL, false);
 				}
 			} else {
-				redirectTo($update_check_uri.'/pretty', NULL);
+				redirectTo($update_check_uri.'/pretty', NULL, false);
 			}
 		} else {
-			redirectTo($update_check_uri.'/pretty', NULL);
+			redirectTo($update_check_uri.'/pretty', NULL, false);
 		}
 	} else {
 		$lookfornewversion_lable = $lng['admin']['lookfornewversion']['clickhere'];
@@ -134,15 +132,27 @@ if ($page == 'overview') {
 		$isnewerversion = 0;
 	}

-	$userinfo['diskspace'] = round($userinfo['diskspace'] / 1024, $settings['panel']['decimal_places']);
-	$userinfo['diskspace_used'] = round($userinfo['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
-	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps tickets subdomains aps_packages');
+	$dec_places = Settings::Get('panel.decimal_places');
+	$userinfo['diskspace'] = round($userinfo['diskspace'] / 1024, $dec_places);
+	$userinfo['diskspace_used'] = round($userinfo['diskspace_used'] / 1024, $dec_places);
+	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), $dec_places);
+	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $dec_places);
+	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps tickets subdomains');
+
+	$userinfo['custom_notes'] = ($userinfo['custom_notes'] != '') ? nl2br($userinfo['custom_notes']) : '';

 	$cron_last_runs = getCronjobsLastRun();
 	$outstanding_tasks = getOutstandingTasks();

+	$system_hostname = gethostname();
+	$meminfo= explode("\n", @file_get_contents("/proc/meminfo"));
+	$memory = "";
+	for ($i = 0; $i < sizeof($meminfo); ++$i) {
+		if (substr($meminfo[$i], 0, 3) === "Mem") {
+			$memory.= $meminfo[$i] . PHP_EOL;
+		}
+	}
+
 	if (function_exists('sys_getloadavg')) {
 		$loadArray = sys_getloadavg();
 		$load = number_format($loadArray[0], 2, '.', '') . " / " . number_format($loadArray[1], 2, '.', '') . " / " . number_format($loadArray[2], 2, '.', '');
@@ -197,9 +207,8 @@ if ($page == 'overview') {
 	) {
 		$old_password = validate($_POST['old_password'], 'old password');

-		if (md5($old_password) != $userinfo['password']) {
+		if (!validatePasswordLogin($userinfo,$old_password,TABLE_PANEL_ADMINS,'adminid')) {
 			standard_error('oldpasswordnotcorrect');
-			exit;
 		}

 		$new_password = validate($_POST['new_password'], 'new password');
@@ -217,13 +226,11 @@ if ($page == 'overview') {
 			$chgpwd_stmt = Database::prepare("
 				UPDATE `" . TABLE_PANEL_ADMINS . "`
 				SET `password`= :newpasswd
-				WHERE `adminid`= :adminid
-				AND `password`= :oldpasswd"
+				WHERE `adminid`= :adminid"
 			);
 			Database::pexecute($chgpwd_stmt, array(
-				'newpasswd' => md5($new_password),
-				'adminid' => (int)$userinfo['adminid'],
-				'oldpasswd' => md5($old_password)
+				'newpasswd' => makeCryptPassword($new_password),
+				'adminid' => (int)$userinfo['adminid']
 			));
 			$log->logAction(ADM_ACTION, LOG_NOTICE, 'changed password');
 			redirectTo($filename, Array('s' => $s));
@@ -268,7 +275,7 @@ if ($page == 'overview') {

 		$language_options = '';

-		$default_lang = $settings['panel']['standardlanguage'];
+		$default_lang = Settings::Get('panel.standardlanguage');
 		if ($userinfo['def_language'] != '') {
 			$default_lang = $userinfo['def_language'];
 		}
@@ -314,21 +321,21 @@ if ($page == 'overview') {

 		$theme_options = '';

-		$default_theme = $settings['panel']['default_theme'];
+		$default_theme = Settings::Get('panel.default_theme');
 		if ($userinfo['theme'] != '') {
 			$default_theme = $userinfo['theme'];
 		}

 		$themes_avail = getThemes();
-		foreach ($themes_avail as $t) {
-			$theme_options.= makeoption($t, $t, $default_theme, true);
+		foreach ($themes_avail as $t => $d) {
+			$theme_options.= makeoption($d, $t, $default_theme, true);
 		}

 		eval("echo \"" . getTemplate("index/change_theme") . "\";");
 	}

 } elseif ($page == 'send_error_report'
-	&& $settings['system']['allow_error_report_admin'] == '1'
+	&& Settings::Get('system.allow_error_report_admin') == '1'
 ) {

 	// only show this if we really have an exception to report
@@ -362,7 +369,8 @@ if ($page == 'overview') {
 			$mail_body .= "File: ".$_error['file'].':'.$_error['line']."\n\n";
 			$mail_body .= "Trace:\n".trim($_error['trace'])."\n\n";
 			$mail_body .= "-------------------------------------------------------------\n\n";
-			$mail_body .= "Froxlor-version: ".$version."\n\n";
+			$mail_body .= "Froxlor-version: ".$version."\n";
+			$mail_body .= "DB-version: ".$dbversion."\n\n";
 			$mail_body .= "End of report";
 			$mail_html = nl2br($mail_body);

--- a/admin_ipsandports.php
+++ b/admin_ipsandports.php
@@ -29,6 +29,11 @@ if (isset($_POST['id'])) {
 if ($page == 'ipsandports'
 	|| $page == 'overview'
 ) {
+	// Do not display attributes that are not used by the current webserver
+	$websrv = Settings::Get('system.webserver');
+	$is_nginx = ($websrv == 'nginx');
+	$is_apache = ($websrv == 'apache2');
+	$is_apache24 = $is_apache && (Settings::Get('system.apache24') === '1');

 	if ($action == '') {

@@ -37,7 +42,7 @@ if ($page == 'ipsandports'
 			'ip' => $lng['admin']['ipsandports']['ip'],
 			'port' => $lng['admin']['ipsandports']['port']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_IPSANDPORTS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_IPSANDPORTS, $fields);
 		$ipsandports = '';
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` " . $paging->getSqlWhere(false) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 		Database::pexecute($result_stmt);
@@ -79,7 +84,7 @@ if ($page == 'ipsandports'
 			$result_checkdomain = Database::pexecute_first($result_checkdomain_stmt, array('id' => $id));

 			if ($result_checkdomain['id'] == '') {
-				if ($result['id'] != $settings['system']['defaultip']) {
+				if (!in_array($result['id'], explode(',', Settings::Get('system.defaultip')))) {

 					$result_sameipotherport_stmt = Database::prepare("
 						SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "`
@@ -87,8 +92,8 @@ if ($page == 'ipsandports'
 					);
 					$result_sameipotherport = Database::pexecute_first($result_sameipotherport_stmt, array('id' => $id, 'ip' => $result['ip']));

-					if (($result['ip'] != $settings['system']['ipaddress'])
-						|| ($result['ip'] == $settings['system']['ipaddress']
+					if (($result['ip'] != Settings::Get('system.ipaddress'))
+						|| ($result['ip'] == Settings::Get('system.ipaddress')
 						&& $result_sameipotherport['id'] != '')
 					) {
 						$result_stmt = Database::prepare("
@@ -152,7 +157,7 @@ if ($page == 'ipsandports'
 			$default_vhostconf_domain = validate(str_replace("\r\n", "\n", $_POST['default_vhostconf_domain']), 'default_vhostconf_domain', '/^[^\0]*$/');
 			$docroot = validate($_POST['docroot'], 'docroot');

-			if ((int)$settings['system']['use_ssl'] == 1) {
+			if ((int)Settings::Get('system.use_ssl') == 1) {
 				$ssl = isset($_POST['ssl']) ? intval($_POST['ssl']) : 0;
 				$ssl_cert_file = validate($_POST['ssl_cert_file'], 'ssl_cert_file');
 				$ssl_key_file = validate($_POST['ssl_key_file'], 'ssl_key_file');
@@ -304,7 +309,7 @@ if ($page == 'ipsandports'
 				);
 				$result_sameipotherport = Database::pexecute_first($result_sameipotherport_stmt, array('ip' => $ip, 'id' => $id));

-				if ((int)$settings['system']['use_ssl'] == 1
+				if ((int)Settings::Get('system.use_ssl') == 1
 					&& isset($_POST['ssl'])
 					&& $_POST['ssl'] != 0
 				) {
@@ -364,7 +369,7 @@ if ($page == 'ipsandports'
 				}

 				if ($result['ip'] != $ip
-					&& $result['ip'] == $settings['system']['ipaddress']
+					&& $result['ip'] == Settings::Get('system.ipaddress')
 					&& $result_sameipotherport['id'] == ''
 				) {
 					standard_error('cantchangesystemip');
--- a/admin_logger.php
+++ b/admin_logger.php
@@ -30,13 +30,12 @@ if ($page == 'log'
 			'user' => $lng['logger']['user'],
 			'text' => $lng['logger']['action']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$paging->sortfield = 'date';
-		$paging->sortorder = 'desc';
+		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc');
 		$result_stmt = Database::query('
 			SELECT * FROM `' . TABLE_PANEL_LOG . '` ' . $paging->getSqlWhere(false) . ' ' . $paging->getSqlOrderBy() . ' ' . $paging->getSqlLimit()
 		);
-		$paging->setEntries(Database::num_rows());
+		$logs_count = Database::num_rows();
+		$paging->setEntries($logs_count);
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
@@ -78,19 +77,22 @@ if ($page == 'log'
 								$_action = $lng['admin']['customer'];
 								break;
 							case RES_ACTION:
-								$_action = 'Reseller';
+								$_action = $lng['logger']['reseller'];
 								break;
 							case ADM_ACTION:
-								$_action = 'Administrator';
+								$_action = $lng['logger']['admin'];
 								break;
 							case CRON_ACTION:
-								$_action = 'Cronjob';
+								$_action = $lng['logger']['cron'];
+								break;
+							case LOGIN_ACTION:
+								$_action = $lng['logger']['login'];
 								break;
 							case LOG_ERROR:
-								$_action = 'Internal';
+								$_action = $lng['logger']['intern'];
 								break;
 							default:
-								$_action = 'Unknown';
+								$_action = $lng['logger']['unknown'];
 								break;
 						}

@@ -99,35 +101,12 @@ if ($page == 'log'
 					}

 					$log_count++;
-					$type = $row['type'];
-					$_type = 'unknown';
-
-					switch ($type) {
-						case LOG_INFO:
-							$_type = 'Information';
-							break;
-						case LOG_NOTICE:
-							$_type = 'Notice';
-							break;
-						case LOG_WARNING:
-							$_type = 'Warning';
-							break;
-						case LOG_ERR:
-							$_type = 'Error';
-							break;
-						case LOG_CRIT:
-							$_type = 'Critical';
-							break;
-						default:
-							$_type = 'Unknown';
-							break;
-					}
-
-					$row['type'] = $_type;
+					$row['type'] = getLogLevelDesc($row['type']);
 					eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";");
 					$count++;
 					$_action = $action;
 				}
+				$i++;
 			}
 			$i++;
 		}
--- a/admin_opcacheinfo.php
+++ b/admin_opcacheinfo.php
@@ -0,0 +1,158 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Janos Muzsi <muzsij@hypernics.hu> (2016)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Panel
+ *
+ * Based on https://github.com/amnuts/opcache-gui
+ *
+ */
+
+define('AREA', 'admin');
+require './lib/init.php';
+
+
+if ($action == 'reset' &&
+        function_exists('opcache_reset') &&
+        $userinfo['change_serversettings'] == '1'
+) {
+    opcache_reset();
+    $log->logAction(ADM_ACTION, LOG_INFO, "reseted OPcache");
+    header('Location: ' . $linker->getLink(array('section' => 'opcacheinfo', 'page' => 'showinfo')));
+    exit();
+}
+
+if (!function_exists('opcache_get_configuration')
+) {
+    standard_error($lng['error']['no_opcacheinfo']);
+}
+
+if ($page == 'showinfo'
+) {
+    
+    $opcache_info = opcache_get_configuration();
+    $opcache_status = opcache_get_status(false);
+    $time = time();
+    $log->logAction(ADM_ACTION, LOG_NOTICE, "viewed OPcache info");
+    
+    $runtimelines = '';
+    if (isset($opcache_info['directives']) && is_array($opcache_info['directives'])) {
+        foreach ($opcache_info['directives'] as $name => $value) {
+            $linkname=  str_replace('_', '-', $name);
+            if ($name=='opcache.optimization_level' && is_integer($value)) {
+                $value='0x'.dechex($value);
+            }
+            if ($name=='opcache.memory_consumption' && is_integer($value) && $value%(1024*1024)==0) {
+                $value=$value/(1024*1024);
+            }
+            if ($value===null || $value==='') {
+                $value=$lng['opcacheinfo']['novalue'];
+            }
+            if ($value===true) {
+                $value=$lng['opcacheinfo']['true'];
+            }
+            if ($value===false) {
+                $value=$lng['opcacheinfo']['false'];
+            }
+            if (is_integer($value)) {
+                $value=number_format($value,0,'.',' ');
+            }
+            $name=str_replace('_', ' ', $name);
+            eval("\$runtimelines.=\"" . getTemplate("settings/opcacheinfo/runtime_line") . "\";");
+        }
+    }
+    
+    $cachehits=@$opcache_status['opcache_statistics']['hits'] ?: 0;
+    $cachemiss=@$opcache_status['opcache_statistics']['misses'] ?: 0;
+    $blacklistmiss=@$opcache_status['opcache_statistics']['blacklist_misses'] ?: 0;
+    $cachetotal=$cachehits+$cachemiss+$blacklistmiss;
+    
+    $general=array(
+        'version' => (isset($opcache_info['version']['opcache_product_name']) ? $opcache_info['version']['opcache_product_name'].' ' : '').$opcache_info['version']['version'],
+        'phpversion' => phpversion(),
+        'start_time'         => @$opcache_status['opcache_statistics']['start_time'] ? date('Y-m-d H:i:s',$opcache_status['opcache_statistics']['start_time']) : '',
+        'last_restart_time'  => @$opcache_status['opcache_statistics']['last_restart_time'] ? date('Y-m-d H:i:s',$opcache_status['opcache_statistics']['last_restart_time']) : $lng['opcacheinfo']['never'],
+        'oom_restarts' => number_format(@$opcache_status['opcache_statistics']['oom_restarts'] ?: 0,0,'.',' '),
+        'hash_restarts' => number_format(@$opcache_status['opcache_statistics']['hash_restarts'] ?: 0,0,'.',' '),
+        'manual_restarts' => number_format(@$opcache_status['opcache_statistics']['manual_restarts'] ?: 0,0,'.',' '),
+        'status' => (@$opcache_status['restart_in_progress'] ? $lng['opcacheinfo']['restartinprogress'] :
+            (@$opcache_status['restart_pending'] ? $lng['opcacheinfo']['restartpending'] :
+            (@$opcache_status['cache_full'] ? $lng['opcacheinfo']['cachefull'] :
+            (@$opcache_status['opcache_enabled'] ? $lng['opcacheinfo']['enabled'] : $lng['opcacheinfo']['novalue'])))),
+        'cachedscripts' => number_format(@$opcache_status['opcache_statistics']['num_cached_scripts'] ?: 0,0,'.',' '),
+        'cachehits' => number_format($cachehits,0,'.',' ') . ($cachetotal>0 ? sprintf(" (%.1f %%)", $cachehits/($cachetotal)*100) : ''),
+        'cachemiss' => number_format($cachemiss,0,'.',' ') . ($cachetotal>0 ? sprintf(" (%.1f %%)", $cachemiss/($cachetotal)*100) : ''),
+        'blacklistmiss' => number_format($blacklistmiss,0,'.',' ') . ($cachetotal>0 ? sprintf(" (%.1f %%)", $blacklistmiss/($cachetotal)*100) : ''),
+    );
+    
+    $usedmem=@$opcache_status['memory_usage']['used_memory'] ?: 0;
+    $usedmemstr=bsize($usedmem);
+    $freemem=@$opcache_status['memory_usage']['free_memory'] ?: 0;
+    $freememstr=bsize($freemem);
+    $totalmem=$usedmem+$freemem;
+    $wastedmem=@$opcache_status['memory_usage']['wasted_memory'] ?: 0;
+    $wastedmemstr=bsize($wastedmem);
+    if ($totalmem) {
+        $memory=array(
+            'total' => bsize($totalmem),
+            'used' => $usedmemstr . ($totalmem>0 ? sprintf(" (%.1f %%)", $usedmem/($totalmem)*100) : ''),
+            'free' => $freememstr . ($totalmem>0 ? sprintf(" (%.1f %%)", $freemem/($totalmem)*100) : ''),
+            'wasted' => $wastedmemstr . ($totalmem>0 ? sprintf(" (%.1f %%)", $wastedmem/($totalmem)*100) : ''),
+        );
+    }
+    
+    if (isset($opcache_status['interned_strings_usage'])) {
+        $usedstring=@$opcache_status['interned_strings_usage']['used_memory'] ?: 0;
+        $usedstringstr=bsize($usedstring);
+        $freestring=@$opcache_status['interned_strings_usage']['free_memory'] ?: 0;
+        $freestringstr=bsize($freestring);
+        $totalstring=$usedstring+$freestring;
+        $stringbuffer=array(
+            'total' => bsize($totalstring),
+            'used' => $usedstringstr . ($totalstring>0 ? sprintf(" (%.1f %%)", $usedstring/$totalstring*100) : ''),
+            'free' => $freestringstr . ($totalstring>0 ? sprintf(" (%.1f %%)", $freestring/$totalstring*100) : ''),
+            'strcount' => number_format(@$opcache_status['interned_strings_usage']['number_of_strings'] ?: 0,0,'.',' '),
+        );
+    }
+
+    $usedkey=@$opcache_status['opcache_statistics']['num_cached_keys'] ?: 0;
+    $usedkeystr=number_format($usedkey,0,'.',' ');
+    $totalkey=@$opcache_status['opcache_statistics']['max_cached_keys'] ?: 0;
+    $wastedkey=$usedkey - (@$opcache_status['opcache_statistics']['num_cached_scripts'] ?: 0);
+    if (isset($opcache_status['opcache_statistics'])) {
+        $keystat=array(
+            'total' => number_format($totalkey,0,'.',' '),
+            'used' => $usedkeystr . ($totalkey>0 ? sprintf(" (%.1f %%)", $usedkey/($totalkey)*100) : ''),
+            'wasted' => number_format($wastedkey,0,'.',' ') . ($totalkey>0 ? sprintf(" (%.1f %%)", $wastedkey/($totalkey)*100) : ''),
+        );
+    }
+    
+    $blacklistlines = '';
+    if (isset($opcache_info['blacklist']) && is_array($opcache_info['blacklist'])) {
+        foreach ($opcache_info['blacklist'] as $value) {
+            eval("\$blacklistlines.=\"" . getTemplate("settings/opcacheinfo/blacklist_line") . "\";");
+        }
+    }
+    
+    eval("echo \"" . getTemplate("settings/opcacheinfo/showinfo") . "\";");
+    
+}
+
+function bsize($s) {
+    foreach (array('', 'K', 'M', 'G') as $i => $k) {
+        if ($s < 1024)
+            break;
+        $s/=1024;
+    }
+    return sprintf("%5.1f %sBytes", $s, $k);
+}
--- a/admin_phpsettings.php
+++ b/admin_phpsettings.php
@@ -48,7 +48,7 @@ if ($page == 'overview') {
 				$query_params['adminid'] = $userinfo['adminid'];
 			}

-			if ((int)$settings['panel']['phpconfigs_hidestdsubdomain'] == 1) {
+			if ((int)Settings::Get('panel.phpconfigs_hidestdsubdomain') == 1) {
 				$ssdids_res = Database::query("
 					SELECT DISTINCT `standardsubdomain` FROM `".TABLE_PANEL_CUSTOMERS."`
 					WHERE `standardsubdomain` > 0 ORDER BY `standardsubdomain` ASC;"
@@ -70,9 +70,28 @@ if ($page == 'overview') {
 				while ($row2 = $domainresult_stmt->fetch(PDO::FETCH_ASSOC)) {
 					$domains.= $row2['domain'] . '<br/>';
 				}
-			} else {
+			}
+
+			// check whether we use that config as froxor-vhost config
+			if (Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $row['id']
+				|| Settings::Get('phpfpm.vhost_defaultini') == $row['id']
+			) {
+				$domains .= Settings::Get('system.hostname');
+			}
+
+			if ($domains == '') {
 				$domains = $lng['admin']['phpsettings']['notused'];
 			}
+
+			// check whether this is our default config
+			if ((Settings::Get('system.mod_fcgid') == '1'
+				&& Settings::Get('system.mod_fcgid_defaultini') == $row['id'])
+				|| (Settings::Get('phpfpm.enabled') == '1'
+				&& Settings::Get('phpfpm.defaultini') == $row['id'])
+			) {
+				$row['description'] = '<b>'.$row['description'].'</b>';
+			}
+
 			$count ++;
 			eval("\$tablecontent.=\"" . getTemplate("phpconfig/overview_overview") . "\";");
 		}
@@ -91,17 +110,18 @@ if ($page == 'overview') {
 				$description = validate($_POST['description'], 'description');
 				$phpsettings = validate(str_replace("\r\n", "\n", $_POST['phpsettings']), 'phpsettings', '/^[^\0]*$/');

-				if ($settings['system']['mod_fcgid'] == 1) {
+				if (Settings::Get('system.mod_fcgid') == 1) {
 					$binary = makeCorrectFile(validate($_POST['binary'], 'binary'));
 					$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
 					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
 					$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
+					$mod_fcgid_umask = validate($_POST['mod_fcgid_umask'], 'mod_fcgid_umask', '/^[0-9]*$/');
 					// disable fpm stuff
 					$fpm_enableslowlog = 0;
 					$fpm_reqtermtimeout = 0;
 					$fpm_reqslowtimeout = 0;
 				}
-				elseif ($settings['phpfpm']['enabled'] == 1) {
+				elseif (Settings::Get('phpfpm.enabled') == 1) {
 					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int)$_POST['phpfpm_enable_slowlog'] : 0;
 					$fpm_reqtermtimeout = validate($_POST['phpfpm_reqtermtimeout'], 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/');
 					$fpm_reqslowtimeout = validate($_POST['phpfpm_reqslowtimeout'], 'phpfpm_reqslowtimeout', '/^([0-9]+)(|s|m|h|d)$/');
@@ -110,6 +130,7 @@ if ($page == 'overview') {
 					$file_extensions = 'php';
 					$mod_fcgid_starter = 0;
 					$mod_fcgid_maxrequests = 0;
+					$mod_fcgid_umask = "022";
 				}

 				if (strlen($description) == 0
@@ -125,6 +146,7 @@ if ($page == 'overview') {
 						`file_extensions` = :fext,
 						`mod_fcgid_starter` = :starter,
 						`mod_fcgid_maxrequests` = :mreq,
+						`mod_fcgid_umask` = :umask,
 						`fpm_slowlog` = :fpmslow,
 						`fpm_reqterm` = :fpmreqterm,
 						`fpm_reqslow` = :fpmreqslow,
@@ -136,6 +158,7 @@ if ($page == 'overview') {
 					'fext' => $file_extensions,
 					'starter' => $mod_fcgid_starter,
 					'mreq' => $mod_fcgid_maxrequests,
+					'umask' => $mod_fcgid_umask,
 					'fpmslow' => $fpm_enableslowlog,
 					'fpmreqterm' => $fpm_reqtermtimeout,
 					'fpmreqslow' => $fpm_reqslowtimeout,
@@ -173,6 +196,22 @@ if ($page == 'overview') {
 		);
 		$result = Database::pexecute_first($result_stmt, array('id' => $id));

+		if ((Settings::Get('system.mod_fcgid') == '1'
+			&& Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $id)
+			|| (Settings::Get('phpfpm.enabled') == '1'
+			&& Settings::Get('phpfpm.vhost_defaultini') == $id)
+		) {
+			standard_error('cannotdeletehostnamephpconfig');
+		}
+
+		if ((Settings::Get('system.mod_fcgid') == '1'
+			&& Settings::Get('system.mod_fcgid_defaultini') == $id)
+			|| (Settings::Get('phpfpm.enabled') == '1'
+			&& Settings::Get('phpfpm.defaultini') == $id)
+		) {
+			standard_error('cannotdeletedefaultphpconfig');
+		}
+
 		if ($result['id'] != 0
 			&& $result['id'] == $id
 			&& (int)$userinfo['change_serversettings'] == 1
@@ -186,7 +225,7 @@ if ($page == 'overview') {
 				// config that is to be deleted
 				$upd_stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
-					`phpsettingid` = 1 WHERE `phpsettingid` = :id"
+					`phpsettingid` = '1' WHERE `phpsettingid` = :id"
 				);
 				Database::pexecute($upd_stmt, array('id' => $id));

@@ -225,17 +264,18 @@ if ($page == 'overview') {
 				$description = validate($_POST['description'], 'description');
 				$phpsettings = validate(str_replace("\r\n", "\n", $_POST['phpsettings']), 'phpsettings', '/^[^\0]*$/');

-				if ($settings['system']['mod_fcgid'] == 1) {
+				if (Settings::Get('system.mod_fcgid') == 1) {
 					$binary = makeCorrectFile(validate($_POST['binary'], 'binary'));
 					$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
 					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
 					$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
+					$mod_fcgid_umask = validate($_POST['mod_fcgid_umask'], 'mod_fcgid_umask', '/^[0-9]*$/');
 					// disable fpm stuff
 					$fpm_enableslowlog = 0;
 					$fpm_reqtermtimeout = 0;
 					$fpm_reqslowtimeout = 0;
 				}
-				elseif ($settings['phpfpm']['enabled'] == 1) {
+				elseif (Settings::Get('phpfpm.enabled') == 1) {
 					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int)$_POST['phpfpm_enable_slowlog'] : 0;
 					$fpm_reqtermtimeout = validate($_POST['phpfpm_reqtermtimeout'], 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/');
 					$fpm_reqslowtimeout = validate($_POST['phpfpm_reqslowtimeout'], 'phpfpm_reqslowtimeout', '/^([0-9]+)(|s|m|h|d)$/');
@@ -244,6 +284,7 @@ if ($page == 'overview') {
 					$file_extensions = 'php';
 					$mod_fcgid_starter = 0;
 					$mod_fcgid_maxrequests = 0;
+					$mod_fcgid_umask = "022";
 				}

 				if (strlen($description) == 0
@@ -259,6 +300,7 @@ if ($page == 'overview') {
 						`file_extensions` = :fext,
 						`mod_fcgid_starter` = :starter,
 						`mod_fcgid_maxrequests` = :mreq,
+						`mod_fcgid_umask` = :umask,
 						`fpm_slowlog` = :fpmslow,
 						`fpm_reqterm` = :fpmreqterm,
 						`fpm_reqslow` = :fpmreqslow,
@@ -271,6 +313,7 @@ if ($page == 'overview') {
 						'fext' => $file_extensions,
 						'starter' => $mod_fcgid_starter,
 						'mreq' => $mod_fcgid_maxrequests,
+						'umask' => $mod_fcgid_umask,
 						'fpmslow' => $fpm_enableslowlog,
 						'fpmreqterm' => $fpm_reqtermtimeout,
 						'fpmreqslow' => $fpm_reqslowtimeout,
--- a/admin_settings.php
+++ b/admin_settings.php
@@ -57,7 +57,7 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {

 		// check if the session timeout is too low #815
 		if (isset($_POST['session_sessiontimeout'])
-			&& $_POST['session_sessiontimeout'] <= 60
+			&& $_POST['session_sessiontimeout'] < 60
 		) {
 			standard_error($lng['error']['session_timeout'], $lng['error']['session_timeout_desc']);
 		}
@@ -143,6 +143,8 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 			eval("\$phpinfohtml .= \"" . getTemplate("settings/phpinfo/phpinfo_table") . "\";");
 		}
 		$phpinfo = $phpinfohtml;
+	} else {
+		standard_error($lng['error']['no_phpinfo']);
 	}
 	eval("echo \"" . getTemplate("settings/phpinfo") . "\";");

@@ -158,6 +160,8 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 		inserttask('10');
 		// Using nameserver, insert a task which rebuilds the server config
 		inserttask('4');
+		// cron.d file
+		inserttask('99');

 		standard_success('rebuildingconfigs', '', array('filename' => 'admin_index.php'));

@@ -202,7 +206,7 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 		$log->logAction(ADM_ACTION, LOG_WARNING, "wiped all cleartext mail passwords");
 		Database::query("UPDATE `" . TABLE_MAIL_USERS . "` SET `password` = '';");
 		Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = '0' WHERE `settinggroup` = 'system' AND `varname` = 'mailpwcleartext'");
-		redirectTo('admin_settings.php', array('s' => $s));
+		redirectTo($filename, array('s' => $s));

 	} else {
 		ask_yesno('admin_cleartextmailpws_reallywipe', $filename, array('page' => $page));
@@ -221,7 +225,7 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 		// Set the quota to 0 which means unlimited
 		Database::query("UPDATE `" . TABLE_MAIL_USERS . "` SET `quota` = '0';");
 		Database::query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_quota_used` = '0'");
-		redirectTo('admin_settings.php', array('s' => $s));
+		redirectTo($filename, array('s' => $s));

 	} else {
 		ask_yesno('admin_quotas_reallywipe', $filename, array('page' => $page));
@@ -245,7 +249,7 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 			");

 			while ($array = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-				$difference = $settings['system']['mail_quota'] - $array['quota'];
+				$difference = Settings::Get('system.mail_quota') - $array['quota'];
 				Database::pexecute($upd_stmt, array('diff' => $difference, 'customerid' => $customerid));
 			}
 		}
@@ -254,14 +258,35 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 		$upd_stmt = Database::prepare("
 			UPDATE `" . TABLE_MAIL_USERS . "` SET `quota` = :quota
 		");
-		Database::pexecute($upd_stmt, array('quota' => $settings['system']['mail_quota']));
+		Database::pexecute($upd_stmt, array('quota' => Settings::Get('system.mail_quota')));

 		// Update the Customer, if the used quota is bigger than the allowed quota
 		Database::query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_quota` = `email_quota_used` WHERE `email_quota` < `email_quota_used`");
-		$log->logAction(ADM_ACTION, LOG_WARNING, 'enforcing mailquota to all customers: ' . $settings['system']['mail_quota'] . ' MB');
-		redirectTo('admin_settings.php', array('s' => $s));
+		$log->logAction(ADM_ACTION, LOG_WARNING, 'enforcing mailquota to all customers: ' . Settings::Get('system.mail_quota') . ' MB');
+		redirectTo($filename, array('s' => $s));

 	} else {
 		ask_yesno('admin_quotas_reallyenforce', $filename, array('page' => $page));
 	}
+} elseif ($page == 'integritycheck'
+	&& $userinfo['change_serversettings'] == '1'
+) {
+	$integrity = new IntegrityCheck();
+	if (isset($_POST['send'])
+		&& $_POST['send'] == 'send'
+	) {
+		$integrity->fixAll();
+	} elseif(isset($_GET['action'])
+		 && $_GET['action'] == "fix") {
+		ask_yesno('admin_integritycheck_reallyfix', $filename, array('page' => $page));
+	}
+
+	$integritycheck = '';
+	foreach ($integrity->available as $id => $check) {
+		$displayid = $id + 1;
+		$result = $integrity->$check();
+		$checkdesc = $lng['integrity_check'][$check];
+		eval("\$integritycheck.=\"" . getTemplate("settings/integritycheck_row") . "\";");
+	}
+	eval("echo \"" . getTemplate("settings/integritycheck") . "\";");
 }
--- a/admin_templates.php
+++ b/admin_templates.php
@@ -45,14 +45,14 @@ $available_templates = array(
 );

 // only show templates of features that are enabled #1191
-if ((int)$settings['system']['report_enable'] == 1) {
+if ((int)Settings::Get('system.report_enable') == 1) {
 	array_push($available_templates,
 		'trafficmaxpercent',
 		'diskmaxpercent'
 	);
 }

-if ((int)$settings['ticket']['enabled'] == 1) {
+if ((int)Settings::Get('ticket.enabled') == 1) {
 	array_push($available_templates,
 		'new_ticket_by_customer',
 		'new_ticket_for_customer',
@@ -70,7 +70,7 @@ if ($action == '') {
 	//email templates
 	$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_templates");

-	if ($settings['panel']['sendalternativemail'] == 1) {
+	if (Settings::Get('panel.sendalternativemail') == 1) {
 		$available_templates[] = 'pop_success_alternative';
 	}

@@ -201,12 +201,11 @@ if ($action == '') {

 	} else {
 		standard_error('templatenotfound');
-		exit;
 	}

 } elseif($action == 'add') {

-	if ($settings['panel']['sendalternativemail'] == 1) {
+	if (Settings::Get('panel.sendalternativemail') == 1) {
 		$available_templates[] = 'pop_success_alternative';
 	}

@@ -214,24 +213,23 @@ if ($action == '') {
 		&& $_POST['prepare'] == 'prepare'
 	) {
 		//email templates
-		$language = validate($_POST['language'], 'language');
-		$templates = array();
-		$result_stmt = Database::prepare("
-			SELECT `varname` FROM `" . TABLE_PANEL_TEMPLATES . "`
-			WHERE `adminid`= :adminid AND `language`= :lang
-			AND `templategroup` = 'mails' AND `varname` LIKE '%_subject'"
-		);
-		Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'lang' => $language));
+		$language = htmlentities(validate($_POST['language'], 'language', '/^[^\r\n\0"\']+$/', 'nolanguageselect'));
+		$template = validate($_POST['template'], 'template');

-		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-			$templates[] = str_replace('_subject', '', $row['varname']);
+		$lng_bak = $lng;
+		foreach ($langs['English'] as $key => $value) {
+			include_once makeSecurePath($value['file']);
+		}
+		if ($language != 'English') {
+			foreach ($langs[$language] as $key => $value) {
+				include makeSecurePath($value['file']);
+			}
 		}

-		$templates = array_diff($available_templates, $templates);
-		$template_options = '';
-		foreach ($templates as $template) {
-			$template_options.= makeoption($lng['admin']['templates'][$template], $template, NULL, true);
-		}
+		$subject = $lng['mails'][$template]['subject'];
+		$body = str_replace('\n', "\n", $lng['mails'][$template]['mailbody']);
+
+		$lng = $lng_bak;

 		$template_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/templates/formfield.template_add.php';
 		$template_add_form = htmlform::genHTMLForm($template_add_data);
@@ -245,7 +243,7 @@ if ($action == '') {
 		&& $_POST['send'] == 'send'
 	) {
 		//email templates
-		$language = validate($_POST['language'], 'language', '/^[^\r\n\0"\']+$/', 'nolanguageselect');
+		$language = htmlentities(validate($_POST['language'], 'language', '/^[^\r\n\0"\']+$/', 'nolanguageselect'));
 		$template = validate($_POST['template'], 'template');
 		$subject = validate($_POST['subject'], 'subject', '/^[^\r\n\0]+$/', 'nosubjectcreate');
 		$mailbody = validate($_POST['mailbody'], 'mailbody', '/^[^\0]+$/', 'nomailbodycreate');
@@ -328,6 +326,7 @@ if ($action == '') {
 		//email templates
 		$add = false;
 		$language_options = '';
+		$template_options = '';

 		while (list($language_file, $language_name) = each($languages)) {
 			$templates = array();
@@ -344,7 +343,13 @@ if ($action == '') {

 			if (count(array_diff($available_templates, $templates)) > 0) {
 				$add = true;
-				$language_options.= makeoption($language_name, $language_file, $userinfo['language'], true);
+				$language_options.= makeoption($language_name, $language_file, $userinfo['language'], true, true);
+
+				$templates = array_diff($available_templates, $templates);
+
+				foreach ($templates as $template) {
+					$template_options.= makeoption($lng['admin']['templates'][$template], $template, NULL, true, true, $language_file) . "\n";
+				}
 			}
 		}

@@ -352,7 +357,6 @@ if ($action == '') {
 			eval("echo \"" . getTemplate("templates/templates_add_1") . "\";");
 		} else {
 			standard_error('alltemplatesdefined');
-			exit;
 		}

 	} else {
@@ -365,7 +369,6 @@ if ($action == '') {

 		if (Database::num_rows() == count($file_templates)) {
 			standard_error('alltemplatesdefined');
-			exit;

 		} else {

@@ -444,6 +447,10 @@ if ($action == '') {
 			Database::pexecute($result_stmt, array('id' => $mailbodyid));
 			$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
 			
+			$template_name = str_replace('_mailbody', '', $result['varname']);
+
+			// don't escape the already escaped language-string so save up before htmlentities()
+			$language = $result['language'];
 			$result = htmlentities_array($result);
 			$mailbody = $result['value'];

@@ -504,6 +511,5 @@ if ($action == '') {

 	} else {
 		standard_error('templatenotfound');
-		exit;
 	}
 }
--- a/admin_tickets.php
+++ b/admin_tickets.php
@@ -67,7 +67,7 @@ if ($page == 'tickets'
 			'subject' => $lng['ticket']['subject'],
 			'lastreplier' => $lng['ticket']['lastreplier']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_TICKETS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_TICKETS, $fields, null, null, 1, 'desc');
 		$result_stmt = Database::prepare("
 			SELECT `main`.`id`, `main`.`customerid`, (
 				SELECT COUNT(`sub`.`id`)
@@ -158,8 +158,10 @@ if ($page == 'tickets'
 					}

 					$row['subject'] = html_entity_decode($row['subject']);
-					if (strlen($row['subject']) > 20) {
-						$row['subject'] = substr($row['subject'], 0, 17) . '...';
+					if (strlen($row['subject']) > 30) {
+						$ts = wordwrap($row['subject'], 30, "|");
+						$ts = explode("|", $ts);
+						$row['subject'] = $ts[0]. '...';
 					}

 					eval("\$tickets.=\"" . getTemplate("tickets/tickets_tickets") . "\";");
@@ -179,7 +181,7 @@ if ($page == 'tickets'
 			if (isset($_POST['send'])
 				&& $_POST['send'] == 'send'
 			) {
-				$newticket = ticket::getInstanceOf($userinfo, $settings, -1);
+				$newticket = ticket::getInstanceOf($userinfo, -1);
 				$newticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 				$newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 				$newticket->Set('category', validate($_POST['category'], 'category'), true, false);
@@ -246,9 +248,10 @@ if ($page == 'tickets'
 					$customers.= makeoption(getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
 				}

-				$priorities = makeoption($lng['ticket']['high'], '1', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['normal'], '2', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['low'], '3', $settings['ticket']['default_priority']);
+				$def_prio = Settings::Get('ticket.default_priority');
+				$priorities = makeoption($lng['ticket']['high'], '1', $def_prio);
+				$priorities.= makeoption($lng['ticket']['normal'], '2', $def_prio);
+				$priorities.= makeoption($lng['ticket']['low'], '3', $def_prio);

 				$ticket_new_data = include_once dirname(__FILE__).'/lib/formfields/admin/tickets/formfield.ticket_new.php';
 				$ticket_new_form = htmlform::genHTMLForm($ticket_new_data);
@@ -269,8 +272,7 @@ if ($page == 'tickets'
 		if (isset($_POST['send'])
 			&& $_POST['send'] == 'send'
 		) {
-
-			$replyticket = ticket::getInstanceOf($userinfo, $settings, -1);
+			$replyticket = ticket::getInstanceOf($userinfo, -1);
 			$replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 			$replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 			$replyticket->Set('message', validate(htmlentities(str_replace("\r\n", "\n", $_POST['message'])), 'message', '/^[^\0]*$/'), true, false);
@@ -279,7 +281,7 @@ if ($page == 'tickets'
 				standard_error(array('stringisempty', 'mymessage'));
 			} else {
 				$now = time();
-				$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+				$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 				$replyticket->Set('customer', $mainticket->Get('customer'), true, true);
 				$replyticket->Set('lastchange', $now, true, true);
 				$replyticket->Set('ip', $_SERVER['REMOTE_ADDR'], true, true);
@@ -305,7 +307,7 @@ if ($page == 'tickets'
 		} else {

 			$ticket_replies = '';
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
 			$status = ticket::getStatusText($lng, $mainticket->Get('status'));

@@ -348,8 +350,7 @@ if ($page == 'tickets'
 			$numrows_andere = Database::num_rows();

 			while ($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) {
-
-				$subticket = ticket::getInstanceOf($userinfo, $settings, (int)$row2['id']);
+				$subticket = ticket::getInstanceOf($userinfo, (int)$row2['id']);
 				$lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange'));

 				if ($subticket->Get('by') == '1') {
@@ -396,7 +397,7 @@ if ($page == 'tickets'
 			&& $_POST['send'] == 'send'
 		) {
 			$now = time();
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$mainticket->Set('lastchange', $now, true, true);
 			$mainticket->Set('lastreplier', '1', true, true);
 			$mainticket->Set('status', '3', true, true);
@@ -404,7 +405,7 @@ if ($page == 'tickets'
 			$log->logAction(ADM_ACTION, LOG_NOTICE, "closed ticket '" . $mainticket->Get('subject') . "'");
 			redirectTo($filename, array('page' => $page, 's' => $s));
 		} else {
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			ask_yesno('ticket_reallyclose', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}

@@ -412,7 +413,7 @@ if ($page == 'tickets'
 		&& $id != 0
 	) {
 		$now = time();
-		$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+		$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 		$mainticket->Set('lastchange', $now, true, true);
 		$mainticket->Set('lastreplier', '1', true, true);
 		$mainticket->Set('status', '0', true, true);
@@ -427,7 +428,7 @@ if ($page == 'tickets'
 			&& $_POST['send'] == 'send'
 		) {
 			$now = time();
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$mainticket->Set('lastchange', $now, true, true);
 			$mainticket->Set('lastreplier', '1', true, true);
 			$mainticket->Set('status', '3', true, true);
@@ -436,7 +437,7 @@ if ($page == 'tickets'
 			$log->logAction(ADM_ACTION, LOG_NOTICE, "archived ticket '" . $mainticket->Get('subject') . "'");
 			redirectTo($filename, array('page' => $page, 's' => $s));
 		} else {
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			ask_yesno('ticket_reallyarchive', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}

@@ -446,12 +447,12 @@ if ($page == 'tickets'
 		if (isset($_POST['send'])
 			&& $_POST['send'] == 'send'
 		) {
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$log->logAction(ADM_ACTION, LOG_INFO, "deleted ticket '" . $mainticket->Get('subject') . "'");
 			$mainticket->Delete();
 			redirectTo($filename, array('page' => $page, 's' => $s));
 		} else {
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			ask_yesno('ticket_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}
 	}
@@ -471,7 +472,7 @@ if ($page == 'tickets'
 		if ($userinfo['tickets_see_all'] != '1') {
 			$where = " `main`.`adminid` = :adminid";
 		}
-		$paging = new paging($userinfo, TABLE_PANEL_TICKET_CATS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_TICKET_CATS, $fields);
 		$result_stmt = Database::prepare("
 			SELECT `main`.`id`, `main`.`name`, `main`.`logicalorder`, (
 				SELECT COUNT(`sub`.`id`) FROM `" . TABLE_PANEL_TICKETS . "` `sub`
@@ -636,12 +637,10 @@ if ($page == 'tickets'

 			$fields = array(
 				'lastchange' => $lng['ticket']['lastchange'],
-				'ticket_answers' => $lng['ticket']['ticket_answers'],
 				'subject' => $lng['ticket']['subject'],
-				'lastreplier' => $lng['ticket']['lastreplier'],
-				'priority' => $lng['ticket']['priority']
+				'lastreplier' => $lng['ticket']['lastreplier']
 			);
-			$paging = new paging($userinfo, TABLE_PANEL_TICKETS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+			$paging = new paging($userinfo, TABLE_PANEL_TICKETS, $fields);
 			$result_stmt = Database::prepare($query . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
 			Database::pexecute($result_stmt, $archive_params);
 			$sortcode = $paging->getHtmlSortCode($lng);
@@ -795,7 +794,7 @@ if ($page == 'tickets'
 	) {
 		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed archived-ticket #" . $id);
 		$ticket_replies = '';
-		$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+		$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 		$lastchange = date("d.m.Y H:i\h", $mainticket->Get('lastchange'));
 		$dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
 		$status = ticket::getStatusText($lng, $mainticket->Get('status'));
@@ -845,8 +844,7 @@ if ($page == 'tickets'
 		$numrows_andere = Database::num_rows();

 		while ($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) {
-
-			$subticket = ticket::getInstanceOf($userinfo, $settings, (int)$row2['id']);
+			$subticket = ticket::getInstanceOf($userinfo, (int)$row2['id']);
 			$lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange'));

 			if ($subticket->Get('by') == '1') {
@@ -897,12 +895,12 @@ if ($page == 'tickets'
 		if (isset($_POST['send'])
 			&& $_POST['send'] == 'send'
 		) {
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$log->logAction(ADM_ACTION, LOG_INFO, "deleted archived ticket '" . $mainticket->Get('subject') . "'");
 			$mainticket->Delete();
 			redirectTo($filename, array('page' => $page, 's' => $s));
 		} else {
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			ask_yesno('ticket_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}
 	}
--- a/admin_traffic.php
+++ b/admin_traffic.php
@@ -27,7 +27,6 @@ if ($action == 'logout') {
 	);
 	Database::pexecute($logout_stmt, array('adminid' => $userinfo['adminid']));
 	redirectTo('index.php');
-	exit;
 }

 if (isset($_POST['id'])) {
@@ -122,7 +121,7 @@ if ($page == 'overview' || $page == 'customers') {
 			Database::pexecute($traffic_list_stmt, array('year' => (date("Y")-$years), 'id' => $customer_name['customerid']));

 			while ($traffic_month = $traffic_list_stmt->fetch(PDO::FETCH_ASSOC)) {
-				$virtual_host[$months[(int)$traffic_month['month']]] = size_readable($traffic_month['traffic'], 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
+				$virtual_host[$months[(int)$traffic_month['month']]] = size_readable($traffic_month['traffic'], 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
 				$totals[$months[(int)$traffic_month['month']]] += $traffic_month['traffic'];
 			}
 			eval("\$domain_list .= sprintf(\"%s\", \"" . getTemplate("traffic/index_table_row") . "\");");
@@ -132,7 +131,7 @@ if ($page == 'overview' || $page == 'customers') {
 			'name' => $lng['traffic']['months']['total'],
 		);
 		foreach ($totals as $month => $bytes) {
-			$virtual_host[$month] = ($bytes == 0 ? '-' : size_readable($bytes, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s'));
+			$virtual_host[$month] = ($bytes == 0 ? '-' : size_readable($bytes, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s'));
 		}
 		$customerview = 0;
 		eval("\$total_list = sprintf(\"%s\", \"" . getTemplate("traffic/index_table_row") . "\");");
--- a/admin_updates.php
+++ b/admin_updates.php
@@ -27,20 +27,13 @@ if ($page == 'overview') {
 	 * so we have to set them both to run a correct upgrade
 	 */
 	if (!isFroxlor()) {
-		if (!isset($settings['panel']['version'])
-			|| $settings['panel']['version'] == ''
+		if (Settings::Get('panel.version') == null
+			|| Settings::Get('panel.version') == ''
 		) {
-			$settings['panel']['version'] = '1.4.2.1';
-			$stmt = Database::prepare("
-				INSERT INTO `" . TABLE_PANEL_SETTINGS . "` SET
-					`settinggroup` = 'panel',
-					`varname` = 'version',
-					`value` = :version"
-			);
-			Database::pexecute($stmt, array('version' => $settings['panel']['version']));
+			Settings::Set('panel.version', '1.4.2.1');
 		}
-		if (!isset($settings['system']['dbversion'])
-			|| $settings['system']['dbversion'] == ''
+		if (Settings::Get('system.dbversion') == null
+			|| Settings::Get('system.dbversion') == ''
 		) {
 			/**
 			 * for syscp-stable (1.4.2.1) this value has to be 0
@@ -54,14 +47,14 @@ if ($page == 'overview') {
 			$result = $result_stmt->fetch(PDO::FETCH_ASSOC);

 			if (isset($result['value'])) {
-				$settings['system']['dbversion'] = (int)$result['value'];
+				Settings::Set('system.dbversion', (int)$result['value'], false);
 			} else {
-				$settings['system']['dbversion'] = 0;
+				Settings::Set('system.dbversion', 0, false);
 			}
 		}
 	}

-	if (hasUpdates($version)) {
+	if (hasDbUpdates($dbversion) || hasUpdates($version)) {
 		$successful_update = false;
 		$message = '';

@@ -86,21 +79,32 @@ if ($page == 'overview') {

 				$successful_update = true;
 			} else {
-				$message = '<br /><strong style="color: red">You have to agree that you have read the update notifications.</strong>';
+				$message = '<br /><strong class="red">You have to agree that you have read the update notifications.</strong>';
 			}
 		}

 		if (!$successful_update) {
-			$current_version = $settings['panel']['version'];
+			$current_version = Settings::Get('panel.version');
+			$current_db_version = Settings::Get('panel.db_version');
+			if (empty($current_db_version)) {
+			    $current_db_version = "0";
+			}
 			$new_version = $version;
+			$new_db_version = $dbversion;

 			$ui_text = $lng['update']['update_information']['part_a'];
+			if ($version != $current_version) {
 			     $ui_text = str_replace('%curversion', $current_version, $ui_text);
 			     $ui_text = str_replace('%newversion', $new_version, $ui_text);
+			} else {
+			    // show db version
+			    $ui_text = str_replace('%curversion', $current_db_version, $ui_text);
+			    $ui_text = str_replace('%newversion', $new_db_version, $ui_text);
+			}
 			$update_information = $ui_text;

 			include_once './install/updates/preconfig.php';
-			$preconfig = getPreConfig($current_version);
+			$preconfig = getPreConfig($current_version, $current_db_version);
 			if ($preconfig != '') {
 				$update_information .= '<br />' . $preconfig . $message;
 			}
--- a/cache/.gitignore
+++ b/cache/.gitignore
@@ -1 +0,0 @@
-*
--- a/css/images/animated-overlay.gif
+++ b/css/images/animated-overlay.gif
--- a/css/images/ui-bg_diagonals-thick_18_b81900_40x40.png
+++ b/css/images/ui-bg_diagonals-thick_18_b81900_40x40.png
--- a/css/images/ui-bg_diagonals-thick_20_666666_40x40.png
+++ b/css/images/ui-bg_diagonals-thick_20_666666_40x40.png
--- a/css/images/ui-bg_flat_10_000000_40x100.png
+++ b/css/images/ui-bg_flat_10_000000_40x100.png
--- a/css/images/ui-bg_glass_100_f6f6f6_1x400.png
+++ b/css/images/ui-bg_glass_100_f6f6f6_1x400.png
--- a/css/images/ui-bg_glass_100_fdf5ce_1x400.png
+++ b/css/images/ui-bg_glass_100_fdf5ce_1x400.png
--- a/css/images/ui-bg_glass_65_ffffff_1x400.png
+++ b/css/images/ui-bg_glass_65_ffffff_1x400.png
--- a/css/images/ui-bg_gloss-wave_35_f6a828_500x100.png
+++ b/css/images/ui-bg_gloss-wave_35_f6a828_500x100.png
--- a/css/images/ui-bg_highlight-soft_100_eeeeee_1x100.png
+++ b/css/images/ui-bg_highlight-soft_100_eeeeee_1x100.png
--- a/css/images/ui-bg_highlight-soft_75_ffe45c_1x100.png
+++ b/css/images/ui-bg_highlight-soft_75_ffe45c_1x100.png
--- a/css/images/ui-icons_222222_256x240.png
+++ b/css/images/ui-icons_222222_256x240.png
--- a/css/images/ui-icons_228ef1_256x240.png
+++ b/css/images/ui-icons_228ef1_256x240.png
--- a/css/images/ui-icons_ef8c08_256x240.png
+++ b/css/images/ui-icons_ef8c08_256x240.png
--- a/css/images/ui-icons_ffd27a_256x240.png
+++ b/css/images/ui-icons_ffd27a_256x240.png
--- a/css/images/ui-icons_ffffff_256x240.png
+++ b/css/images/ui-icons_ffffff_256x240.png
--- a/css/jquery-ui.min.css
+++ b/css/jquery-ui.min.css
--- a/css/jquery.jqplot.min.css
+++ b/css/jquery.jqplot.min.css
@@ -1 +0,0 @@
-.jqplot-target{position:relative;color:#666;font-family:"Trebuchet MS",Arial,Helvetica,sans-serif;font-size:1em}.jqplot-axis{font-size:.75em}.jqplot-xaxis{margin-top:10px}.jqplot-x2axis{margin-bottom:10px}.jqplot-yaxis{margin-right:10px}.jqplot-y2axis,.jqplot-y3axis,.jqplot-y4axis,.jqplot-y5axis,.jqplot-y6axis,.jqplot-y7axis,.jqplot-y8axis,.jqplot-y9axis,.jqplot-yMidAxis{margin-left:10px;margin-right:10px}.jqplot-axis-tick,.jqplot-xaxis-tick,.jqplot-yaxis-tick,.jqplot-x2axis-tick,.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick,.jqplot-yMidAxis-tick{position:absolute;white-space:pre}.jqplot-xaxis-tick{top:0;left:15px;vertical-align:top}.jqplot-x2axis-tick{bottom:0;left:15px;vertical-align:bottom}.jqplot-yaxis-tick{right:0;top:15px;text-align:right}.jqplot-yaxis-tick.jqplot-breakTick{right:-20px;margin-right:0;padding:1px 5px 1px 5px;z-index:2;font-size:1.5em}.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick{left:0;top:15px;text-align:left}.jqplot-yMidAxis-tick{text-align:center;white-space:nowrap}.jqplot-xaxis-label{margin-top:10px;font-size:11pt;position:absolute}.jqplot-x2axis-label{margin-bottom:10px;font-size:11pt;position:absolute}.jqplot-yaxis-label{margin-right:10px;font-size:11pt;position:absolute}.jqplot-yMidAxis-label{font-size:11pt;position:absolute}.jqplot-y2axis-label,.jqplot-y3axis-label,.jqplot-y4axis-label,.jqplot-y5axis-label,.jqplot-y6axis-label,.jqplot-y7axis-label,.jqplot-y8axis-label,.jqplot-y9axis-label{font-size:11pt;margin-left:10px;position:absolute}.jqplot-meterGauge-tick{font-size:.75em;color:#999}.jqplot-meterGauge-label{font-size:1em;color:#999}table.jqplot-table-legend{margin-top:12px;margin-bottom:12px;margin-left:12px;margin-right:12px}table.jqplot-table-legend,table.jqplot-cursor-legend{background-color:rgba(255,255,255,0.6);border:1px solid #ccc;position:absolute;font-size:.75em}td.jqplot-table-legend{vertical-align:middle}td.jqplot-seriesToggle:hover,td.jqplot-seriesToggle:active{cursor:pointer}.jqplot-table-legend .jqplot-series-hidden{text-decoration:line-through}div.jqplot-table-legend-swatch-outline{border:1px solid #ccc;padding:1px}div.jqplot-table-legend-swatch{width:0;height:0;border-top-width:5px;border-bottom-width:5px;border-left-width:6px;border-right-width:6px;border-top-style:solid;border-bottom-style:solid;border-left-style:solid;border-right-style:solid}.jqplot-title{top:0;left:0;padding-bottom:.5em;font-size:1.2em}table.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em}.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px}.jqplot-highlighter-tooltip,.jqplot-canvasOverlay-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px}.jqplot-point-label{font-size:.75em;z-index:2}td.jqplot-cursor-legend-swatch{vertical-align:middle;text-align:center}div.jqplot-cursor-legend-swatch{width:1.2em;height:.7em}.jqplot-error{text-align:center}.jqplot-error-message{position:relative;top:46%;display:inline-block}div.jqplot-bubble-label{font-size:.8em;padding-left:2px;padding-right:2px;color:rgb(20%,20%,20%)}div.jqplot-bubble-label.jqplot-bubble-label-highlight{background:rgba(90%,90%,90%,0.7)}div.jqplot-noData-container{text-align:center;background-color:rgba(96%,96%,96%,0.3)}
--- a/customer_aps.php
+++ b/customer_aps.php
@@ -1,34 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Panel
- *
- */
-
-define('AREA', 'customer');
-require './lib/init.php';
-
-$Id = 0;
-if (isset($_GET['id'])) {
-    $Id = (int)$_GET['id'];
-}
-if (isset($_POST['id'])) {
-    $Id = (int)$_POST['id'];
-}
-
-eval("echo \"" . getTemplate('aps/header') . "\";");
-$Aps = new ApsParser($userinfo, $settings);
-$Aps->MainHandler($action);
-eval("echo \"" . getTemplate('aps/footer') . "\";");
--- a/customer_autoresponder.php
+++ b/customer_autoresponder.php
@@ -1,323 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Panel
- *
- */
-
-define('AREA', 'customer');
-require './lib/init.php';
-
-if ($action == 'add') {
-	// Create new autoresponder
-	if (isset($_POST['send'])
-	   && $_POST['send'] == 'send'
-	) {
-		$account = trim($_POST['account']);
-		$subject = trim($_POST['subject']);
-		$message = trim($_POST['message']);
-
-		$date_from_off = isset($_POST['date_from_off']) ? -1 : 0;
-		$date_until_off = isset($_POST['date_until_off']) ? -1 : 0;
-
-		/*
-		 * @TODO validate date (DD-MM-YYYY)
-		 */
-		$ts_from = -1;
-		$ts_until = -1;
-
-		if ($date_from_off > -1) {
-			$date_from = $_POST['date_from'];
-			$ts_from = mktime(0, 0, 0, substr($date_from, 3, 2), substr($date_from, 0, 2), substr($date_from, 6, 4));
-		}
-		if ($date_until_off > -1) {
-			$date_until = $_POST['date_until'];
-			$ts_until = mktime(0, 0, 0, substr($date_until, 3, 2), substr($date_until, 0, 2), substr($date_until, 6, 4));
-		}
-
-		if (empty($account)
-		   || empty($subject)
-		   || empty($message)
-		) {
-			standard_error('missingfields');
-		}
-		
-		// Does account exist?
-		$stmt = Database::prepare("SELECT `email` FROM `" . TABLE_MAIL_USERS . "`
-			WHERE `customerid` = :customerid
-			AND `email` = :account
-			LIMIT 0,1"
-		);
-		Database::pexecute($stmt, array("account" => $account, "customerid" => $userinfo['customerid']));
-		if (Database::num_rows() == 0) {
-			standard_error('accountnotexisting');
-		}
-
-		// Does autoresponder exist?
-		$stmt = Database::prepare("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "`
-			WHERE `customerid` = :customerid
-			AND `email` = :account
-			LIMIT 0,1"
-		);
-		Database::pexecute($stmt, array("account" => $account, "customerid" => $userinfo['customerid']));
-		if (Database::num_rows() == 1) {
-			standard_error('autoresponderalreadyexists');
-		}
-		
-		// Create autoresponder
-		$stmt = Database::prepare("INSERT INTO `" . TABLE_MAIL_AUTORESPONDER . "`
-			SET `email` = :account,
-			`message` = :message,
-			`enabled` = :enabled,
-			`date_from` = :date_from,
-			`date_until` = :date_until,
-			`subject` = :subject,
-			`customerid` = :customerid"
-		);
-		$params = array(
-			"account" => $account,
-			"message" => $message,
-			"enabled" => $_POST['active'],
-			"date_from" => $ts_from,
-			"date_until" => $ts_until,
-			"subject" => $subject,
-			"customerid" => $userinfo['customerid']
-		);
-		Database::pexecute($stmt, $params);
-		
-		// Update email_autoresponder_used count
-		$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
-			SET `email_autoresponder_used` = `email_autoresponder_used` + 1
-			WHERE `customerid` = :customerid"
-		);
-		Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
-		redirectTo($filename, Array('s' => $s));
-	}
-
-	// Get accounts
-	$params = array("customerid" => $userinfo['customerid']);
-	$acc_stmt = Database::prepare("SELECT `email` FROM `" . TABLE_MAIL_USERS . "`
-		WHERE `customerid` = :customerid
-		AND `email` NOT IN (SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "`)
-		ORDER BY email ASC"
-	);
-	Database::pexecute($acc_stmt, $params);
-	if (Database::num_rows() == 0) {
-		standard_error('noemailaccount');
-	}
-
-	$accounts = '';
-	while ($row = $acc_stmt->fetch(PDO::FETCH_ASSOC)) {
-		$accounts .= '<option value="' . $row['email'] . '">' . $row['email'] . '</option>';
-	}
-
-	$date_from_off = makecheckbox('date_from_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
-	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, '-1', true, true);
-
-	//$isactive = makeyesno('active', '1', '0', '1');
-
-	$autoresponder_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/autoresponder/formfield.autoresponder_add.php';
-	$autoresponder_add_form = htmlform::genHTMLForm($autoresponder_add_data);
-
-	$title = $autoresponder_add_data['autoresponder_add']['title'];
-	$image = $autoresponder_add_data['autoresponder_add']['image'];
-
-	eval("echo \"" . getTemplate('autoresponder/autoresponder_add') . "\";");
-} elseif ($action == 'edit') {
-	// Edit autoresponder
-	if (isset($_POST['send'])
-	   && $_POST['send'] == 'send'
-	) {
-		$account = trim($_POST['account']);
-		$subject = trim($_POST['subject']);
-		$message = trim($_POST['message']);
-
-		$date_from_off = isset($_POST['date_from_off']) ? -1 : 0;
-		$date_until_off = isset($_POST['date_until_off']) ? -1 : 0;
-
-		/*
-		 * @TODO validate date (DD-MM-YYYY)
-		 */
-		$ts_from = -1;
-		$ts_until = -1;
-
-		if ($date_from_off > -1) {
-			$date_from = $_POST['date_from'];
-			$ts_from = mktime(0, 0, 0, substr($date_from, 3, 2), substr($date_from, 0, 2), substr($date_from, 6, 4));
-		}
-		if ($date_until_off > -1) {
-			$date_until = $_POST['date_until'];
-			$ts_until = mktime(0, 0, 0, substr($date_until, 3, 2), substr($date_until, 0, 2), substr($date_until, 6, 4));
-		}
-
-		if (empty($account)
-		   || empty($subject)
-		   || empty($message)
-		) {
-			standard_error('missingfields');
-		}
-
-		// Does account exist?
-		$stmt = Database::prepare("SELECT `email` FROM `" . TABLE_MAIL_USERS . "`
-			WHERE `customerid` = :customerid
-			AND `email` = :account
-			LIMIT 0,1"
-		);
-		Database::pexecute($stmt, array("account" => $account, "customerid" => $userinfo['customerid']));
-		if (Database::num_rows() == 0) {
-			standard_error('accountnotexisting');
-		}
-
-		// Does autoresponder exist?
-		$stmt = Database::prepare("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "`
-			WHERE `customerid` = :customerid
-			AND `email` = :account
-			LIMIT 0,1"
-		);
-		Database::pexecute($stmt, array("account" => $account, "customerid" => $userinfo['customerid']));
-		if (Database::num_rows() == 0) {
-			standard_error('invalidautoresponder');
-		}
-
-		// Update autoresponder
-		$stmt = Database::prepare("UPDATE `" . TABLE_MAIL_AUTORESPONDER . "`
-			SET `message` = :message,
-			`enabled` = :enabled,
-			`date_from` = :date_from,
-			`date_until` = :date_until,
-			`subject` = :subject
-			WHERE `email` = :account
-			AND `customerid` = :customerid"
-		);
-		$params = array(
-			"account" => $account,
-			"message" => $message,
-			"enabled" => $_POST['active'],
-			"date_from" => $ts_from,
-			"date_until" => $ts_until,
-			"subject" => $subject,
-			"customerid" => $userinfo['customerid']
-		);
-		Database::pexecute($stmt, $params);
-		redirectTo($filename, Array('s' => $s));
-	}
-
-	$email = trim(htmlspecialchars($_GET['email']));
-
-	// Get account data
-	$acc_stmt = Database::prepare("SELECT * FROM `" . TABLE_MAIL_AUTORESPONDER . "`
-		WHERE `customerid` = :customerid
-		AND `email` = :account
-		LIMIT 0,1"
-	);
-	Database::pexecute($acc_stmt, array("account" => $email, "customerid" => $userinfo['customerid']));
-	if (Database::num_rows() == 0) {
-		standard_error('invalidautoresponder');
-	}
-
-	$row = $acc_stmt->fetch(PDO::FETCH_ASSOC);
-	$subject = htmlspecialchars($row['subject']);
-	$message = htmlspecialchars($row['message']);
-
-	$date_from = (int)$row['date_from'];
-	$date_until = (int)$row['date_until'];
-
-	if ($date_from == -1) {
-		$deactivated = '-1';
-		$date_from = '';
-	} else {
-		$deactivated = '0';
-		$date_from = date('d-m-Y', $date_from);
-	}
-	$date_from_off = makecheckbox('date_from_off', $lng['panel']['not_activated'], '-1', false, $deactivated, true, true);
-
-	if ($date_until == -1) {
-		$deactivated = '-1';
-		$date_until = '';
-	} else {
-		$deactivated = '0';
-		$date_until = date('d-m-Y', $date_until);
-	}
-	$date_until_off = makecheckbox('date_until_off', $lng['panel']['not_activated'], '-1', false, $deactivated, true, true);
-
-	//$isactive = makeyesno('active', '1', '0', $row['enabled']);
-
-	$autoresponder_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/autoresponder/formfield.autoresponder_edit.php';
-	$autoresponder_edit_form = htmlform::genHTMLForm($autoresponder_edit_data);
-
-	$title = $autoresponder_edit_data['autoresponder_edit']['title'];
-	$image = $autoresponder_edit_data['autoresponder_edit']['image'];
-
-	eval("echo \"" . getTemplate('autoresponder/autoresponder_edit') . "\";");
-} elseif ($action == 'delete') {
-	// Delete autoresponder
-	if (isset($_POST['send']) && $_POST['send'] == 'send') {
-		$account = trim($_POST['account']);
-
-		// Does autoresponder exist?
-		$stmt = Database::prepare("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "`
-			WHERE `customerid` = :customerid
-			AND `email` = :account
-			LIMIT 0,1"
-		);
-		Database::pexecute($stmt, array("account" => $account, "customerid" => $userinfo['customerid']));
-		if (Database::num_rows() == 0) {
-			standard_error('invalidautoresponder');
-		}
-		
-		// Delete autoresponder
-		$stmt = Database::prepare("DELETE FROM `" . TABLE_MAIL_AUTORESPONDER . "`
-			WHERE `email` = :account
-			AND `customerid` = :customerid"
-		);
-		Database::pexecute($stmt, array("account" => $account, "customerid" => $userinfo['customerid']));
-			
-		// Update email_autoresponder_used count
-		$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
-			SET `email_autoresponder_used` = `email_autoresponder_used` - 1
-			WHERE `customerid` = :customerid"
-		);
-		Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
-		redirectTo($filename, Array('s' => $s));
-	}
-
-	$email = trim(htmlspecialchars($_GET['email']));
-	ask_yesno('autoresponderdelete', $filename, array('action' => $action, 'account' => $email));
-} else {
-	// List existing autoresponders
-	$autoresponder = '';
-	$count = 0;
-	$stmt = Database::prepare("SELECT * FROM `" . TABLE_MAIL_AUTORESPONDER . "`
-		WHERE `customerid` = :customerid
-		ORDER BY email ASC"
-	);
-	Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
-
-	while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
-		if ($row['date_from'] == -1 && $row['date_until'] == -1) {
-			$activated_date = $lng['panel']['not_activated'];
-		} elseif($row['date_from'] == -1 && $row['date_until'] != -1) {
-			$activated_date = $lng['autoresponder']['date_until'].': '.date('d-m-Y', $row['date_until']);
-		} elseif($row['date_from'] != -1 && $row['date_until'] == -1) {
-			$activated_date = $lng['autoresponder']['date_from'].': '.date('d-m-Y', $row['date_from']);
-		} else {
-			$activated_date = date('d-m-Y', $row['date_from']) . ' - ' . date('d-m-Y', $row['date_until']);
-		}
-		eval("\$autoresponder.=\"" . getTemplate('autoresponder/autoresponder_autoresponder') . "\";");
-		$count++;
-	}
-
-	eval("echo \"" . getTemplate('autoresponder/autoresponder') . "\";");
-}
--- a/customer_domains.php
+++ b/customer_domains.php
@@ -20,6 +20,11 @@
 define('AREA', 'customer');
 require './lib/init.php';

+// redirect if this customer page is hidden via settings
+if (Settings::IsInList('panel.customer_hide_options','domains')) {
+	redirectTo('customer_index.php');
+}
+
 if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
 } elseif (isset($_GET['id'])) {
@@ -35,8 +40,8 @@ if($page == 'overview') {
 		$fields = array(
 			'd.domain' => $lng['domains']['domainname']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_DOMAINS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$domains_stmt = Database::prepare("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`caneditdomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`, `da`.`id` AS `domainaliasid`, `da`.`domain` AS `domainalias` FROM `" . TABLE_PANEL_DOMAINS . "` `d`
+		$paging = new paging($userinfo, TABLE_PANEL_DOMAINS, $fields);
+		$domains_stmt = Database::prepare("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isbinddomain`, `d`.`isemaildomain`, `d`.`caneditdomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `d`.`letsencrypt`, `d`.`termination_date`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`, `da`.`id` AS `domainaliasid`, `da`.`domain` AS `domainalias` FROM `" . TABLE_PANEL_DOMAINS . "` `d`
 			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id`
 			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `da` ON `da`.`aliasdomain`=`d`.`id`
 			WHERE `d`.`customerid`= :customerid
@@ -87,6 +92,18 @@ if($page == 'overview') {
 				}
 			}

+			$row['termination_date'] = str_replace("0000-00-00", "", $row['termination_date']);
+			if($row['termination_date'] != "") {
+				$cdate = strtotime($row['termination_date'] . " 23:59:59");
+				$today = time();
+
+				if($cdate < $today) {
+					$row['termination_css'] = 'domain-expired';
+				} else {
+					$row['termination_css'] = 'domain-canceled';
+				}
+			}
+
 			$domains_count++;
 			$domain_array[$row['domain']] = $row;
 		}
@@ -102,6 +119,11 @@ if($page == 'overview') {
 			if ($row['parentdomainid'] == 0) {
 				$domain_sort_array[$sortkey][$sortkey] = $row;
 			} else {
+				// when searching and the results are subdomains only, we need to get
+				// the parent domain to this subdomain
+				if (!isset($domain_id_array[$row['parentdomainid']])) {
+				    $domain_id_array[$row['parentdomainid']] = "[parent-domain]";
+				}
 				$domain_sort_array[$domain_id_array[$row['parentdomainid']]][$sortkey] = $row;
 			}
 		}
@@ -117,13 +139,16 @@ if($page == 'overview') {
 		$i = 0;
 		foreach ($domain_sort_array as $sortkey => $domain_array) {
 			if ($paging->checkDisplay($i)) {
+
+				if (isset($domain_array[$sortkey])) {
 					$row = htmlentities_array($domain_array[$sortkey]);
-				if($settings['system']['awstats_enabled'] == '1') {
+					if (Settings::Get('system.awstats_enabled') == '1') {
 					   $statsapp = 'awstats';
 					} else {
 					   $statsapp = 'webalizer';
 					}
 					eval("\$domains.=\"" . getTemplate("domains/domains_delimiter") . "\";");
+				}

 				if ($paging->sortfield == 'd.domain' && $paging->sortorder == 'asc') {
 					ksort($domain_array);
@@ -133,12 +158,12 @@ if($page == 'overview') {

 				foreach ($domain_array as $row) {
 					if (strpos($row['documentroot'], $userinfo['documentroot']) === 0) {
-						$row['documentroot'] = makeCorrectDir(substr($row['documentroot'], strlen($userinfo['documentroot'])));
+						$row['documentroot'] = makeCorrectDir(str_replace($userinfo['documentroot'], "/", $row['documentroot']));
 					}

 					// get ssl-ips if activated
 					$show_ssledit = false;
-					if ($settings['system']['use_ssl'] == '1' && domainHasSslIpPort($row['id']) && $row['caneditdomain'] == '1') {
+					if (Settings::Get('system.use_ssl') == '1' && domainHasSslIpPort($row['id']) && $row['caneditdomain'] == '1' && $row['letsencrypt'] == 0) {
 						$show_ssledit = true;
 					}
 					$row = htmlentities_array($row);
@@ -151,7 +176,7 @@ if($page == 'overview') {

 		eval("echo \"" . getTemplate("domains/domainlist") . "\";");
 	} elseif ($action == 'delete' && $id != 0) {
-		$stmt = Database::prepare("SELECT `id`, `customerid`, `domain`, `documentroot`, `isemaildomain`, `parentdomainid` FROM `" . TABLE_PANEL_DOMAINS . "`
+		$stmt = Database::prepare("SELECT `id`, `customerid`, `domain`, `documentroot`, `isemaildomain`, `parentdomainid`, `aliasdomain` FROM `" . TABLE_PANEL_DOMAINS . "`
 			WHERE `customerid` = :customerid
 			AND `id` = :id"
 		);
@@ -177,12 +202,7 @@ if($page == 'overview') {
 					}
 				}

-				/*
-				 * check for APS packages used with this domain, #110
-				 */
-				if(domainHasApsInstances($id)) {
-					standard_error('domains_cantdeletedomainwithapsinstances');
-				}
+				triggerLetsEncryptCSRForAliasDestinationDomain($result['aliasdomain'], $log);

 				$log->logAction(USR_ACTION, LOG_INFO, "deleted subdomain '" . $idna_convert->decode($result['domain']) . "'");
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE
@@ -197,12 +217,39 @@ if($page == 'overview') {
 				);
 				Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));

+				// remove connections to ips and domainredirects
+				$del_stmt = Database::prepare("
+					DELETE FROM `" . TABLE_DOMAINTOIP . "`
+					WHERE `id_domain` = :domainid"
+				);
+				Database::pexecute($del_stmt, array('domainid' => $id));
+
+				$del_stmt = Database::prepare("
+					DELETE FROM `" . TABLE_PANEL_DOMAINREDIRECTS . "`
+					WHERE `did` = :domainid"
+				);
+				Database::pexecute($del_stmt, array('domainid' => $id));
+
+				// remove certificate from domain_ssl_settings, fixes #1596
+				$del_stmt = Database::prepare("
+					DELETE FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
+					WHERE `domainid` = :domainid"
+				);
+				Database::pexecute($del_stmt, array('domainid' => $id));
+
+				// remove possible existing DNS entries
+				$del_stmt = Database::prepare("
+					DELETE FROM `" . TABLE_DOMAIN_DNS . "`
+					WHERE `domain_id` = :domainid
+				");
+				Database::pexecute($del_stmt, array('domainid' => $id));
+
 				inserttask('1');

 				// Using nameserver, insert a task which rebuilds the server config
 				inserttask('4');

-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
 				ask_yesno('domains_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['domain']));
 			}
@@ -212,8 +259,13 @@ if($page == 'overview') {
 	} elseif ($action == 'add') {
 		if ($userinfo['subdomains_used'] < $userinfo['subdomains'] || $userinfo['subdomains'] == '-1') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
-				$subdomain = $idna_convert->encode(preg_replace(Array('/\:(\d)+$/', '/^https?\:\/\//'), '', validate($_POST['subdomain'], 'subdomain', '', 'subdomainiswrong')));
-				$domain = $idna_convert->encode($_POST['domain']);
+
+				if (strpos($_POST['subdomain'], '--') !== false) {
+					standard_error('domain_nopunycode');
+				}
+
+				$subdomain = $idna_convert->encode(preg_replace(array('/\:(\d)+$/', '/^https?\:\/\//'), '', validate($_POST['subdomain'], 'subdomain', '', 'subdomainiswrong')));
+				$domain = $_POST['domain'];
 				$domain_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE `domain` = :domain
 					AND `customerid` = :customerid
@@ -224,6 +276,18 @@ if($page == 'overview') {
 				$domain_check = Database::pexecute_first($domain_stmt, array("domain" => $domain, "customerid" => $userinfo['customerid']));

 				$completedomain = $subdomain . '.' . $domain;
+
+				if (Settings::Get('system.validate_domain') && ! validateDomain($completedomain)) {
+					standard_error(array(
+						'stringiswrong',
+						'mydomain'
+					));
+				}
+
+				if ($completedomain == Settings::Get('system.hostname')) {
+					standard_error('admin_domain_emailsystemhostname');
+				}
+
 				$completedomain_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE `domain` = :domain
 					AND `customerid` = :customerid
@@ -248,23 +312,24 @@ if($page == 'overview') {
 						AND `dip`.`id_ipandports`
 						IN (SELECT `id_ipandports` FROM `".TABLE_DOMAINTOIP."`
 							WHERE `id_domain` = :id )
-						GROUP BY `d`.`domain
+						GROUP BY `d`.`domain`
 						ORDER BY `d`.`domain` ASC;"
 					);
 					$aliasdomain_check = Database::pexecute_first($aliasdomain_stmt, array("id" => $aliasdomain, "customerid" => $userinfo['customerid']));
+					triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $log);
 				}

-				if(isset($_POST['url']) && $_POST['url'] != '' && validateUrl($idna_convert->encode($_POST['url']))) {
+				if (isset($_POST['url']) && $_POST['url'] != '' && validateUrl($_POST['url'])) {
 					$path = $_POST['url'];
 					$_doredirect = true;
 				} else {
 					$path = validate($_POST['path'], 'path');
 				}

-				if(!preg_match('/^https?\:\/\//', $path) || !validateUrl($idna_convert->encode($path))) {
+				if (!preg_match('/^https?\:\/\//', $path) || !validateUrl($path)) {
 					// If path is empty or '/' and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
 					// set default path to subdomain or domain name
-					if((($path == '') || ($path == '/')) && $settings['system']['documentroot_use_default_value'] == 1) {
+					if ((($path == '') || ($path == '/')) && Settings::Get('system.documentroot_use_default_value') == 1) {
 						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $completedomain);
 					} else {
 						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
@@ -283,15 +348,37 @@ if($page == 'overview') {

 				$ssl_redirect = '0';
 				if (isset($_POST['ssl_redirect']) && $_POST['ssl_redirect'] == '1') {
-					// a ssl-redirect only works of there actually is a
+					// a ssl-redirect only works if there actually is a
 					// ssl ip/port assigned to the domain
 					if (domainHasSslIpPort($domain_check['id']) == true) {
 						$ssl_redirect = '1';
+						$_doredirect = true;
 					} else {
 						standard_error('sslredirectonlypossiblewithsslipport');
 					}
 				}

+				$letsencrypt = '0';
+				if (isset($_POST['letsencrypt']) && $_POST['letsencrypt'] == '1') {
+					// let's encrypt only works if there actually is a
+					// ssl ip/port assigned to the domain
+					if (domainHasSslIpPort($domain_check['id']) == true) {
+						$letsencrypt = '1';
+					} else {
+						standard_error('letsencryptonlypossiblewithsslipport');
+					}
+				}
+
+				// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
+				if ($ssl_redirect > 0 && $letsencrypt == 1) {
+					$ssl_redirect = 2;
+				}
+
+				// HSTS
+				$hsts_maxage = isset($_POST['hsts_maxage']) ? (int)$_POST['hsts_maxage'] : 0;
+				$hsts_sub = isset($_POST['hsts_sub']) && (int)$_POST['hsts_sub'] == 1 ? 1 : 0;
+				$hsts_preload = isset($_POST['hsts_preload']) && (int)$_POST['hsts_preload'] == 1 ? 1 : 0;
+
 				if ($path == '') {
 					standard_error('patherror');
 				} elseif ($subdomain == '') {
@@ -325,13 +412,19 @@ if($page == 'overview') {
 						`documentroot` = :documentroot,
 						`aliasdomain` = :aliasdomain,
 						`parentdomainid` = :parentdomainid,
+						`wwwserveralias` = :wwwserveralias,
 						`isemaildomain` = :isemaildomain,
+						`iswildcarddomain` = :iswildcarddomain,
 						`openbasedir` = :openbasedir,
 						`openbasedir_path` = :openbasedir_path,
 						`speciallogfile` = :speciallogfile,
 						`specialsettings` = :specialsettings,
 						`ssl_redirect` = :ssl_redirect,
-						`phpsettingid` = :phpsettingid"
+						`phpsettingid` = :phpsettingid,
+						`letsencrypt` = :letsencrypt,
+						`hsts` = :hsts,
+						`hsts_sub` = :hsts_sub,
+						`hsts_preload` = :hsts_preload"
 					);
 					$params = array(
 						"customerid" => $userinfo['customerid'],
@@ -339,19 +432,25 @@ if($page == 'overview') {
 						"documentroot" => $path,
 						"aliasdomain" => $aliasdomain != 0 ? $aliasdomain : null,
 						"parentdomainid" => $domain_check['id'],
+						"wwwserveralias" => $domain_check['wwwserveralias'] == '1' ? '1' : '0',
+						"iswildcarddomain" => $domain_check['iswildcarddomain'] == '1' ? '1' : '0',
 						"isemaildomain" => $domain_check['subcanemaildomain'] == '3' ? '1' : '0',
 						"openbasedir" => $domain_check['openbasedir'],
 						"openbasedir_path" => $openbasedir_path,
 						"speciallogfile" => $domain_check['speciallogfile'],
 						"specialsettings" => $domain_check['specialsettings'],
 						"ssl_redirect" => $ssl_redirect,
-						"phpsettingid" => $phpsid_result['phpsettingid']
+						"phpsettingid" => $phpsid_result['phpsettingid'],
+						"letsencrypt" => $letsencrypt,
+						"hsts" => $hsts_maxage,
+						"hsts_sub" => $hsts_sub,
+						"hsts_preload" => $hsts_preload
 					);
 					Database::pexecute($stmt, $params);

 					if ($_doredirect) {
 						$did = Database::lastInsertId();
-						$redirect = isset($_POST['redirectcode']) ? (int)$_POST['redirectcode'] : $settings['customredirect']['default'];
+						$redirect = isset($_POST['redirectcode']) ? (int)$_POST['redirectcode'] : Settings::Get('customredirect.default');
 						addRedirectToDomain($did, $redirect);
 					}

@@ -378,7 +477,7 @@ if($page == 'overview') {
 					redirectTo($filename, array('page' => $page, 's' => $s));
 				}
 			} else {
-				$stmt = Database::prepare("SELECT `id`, `domain`, `documentroot`, `ssl_redirect`,`isemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "`
+				$stmt = Database::prepare("SELECT `id`, `domain`, `documentroot`, `ssl_redirect`,`isemaildomain`,`letsencrypt` FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE `customerid` = :customerid
 					AND `parentdomainid` = '0'
 					AND `email_only` = '0'
@@ -396,6 +495,7 @@ if($page == 'overview') {
 				$domains_stmt = Database::prepare("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c`
 					WHERE `d`.`aliasdomain` IS NULL
 					AND `d`.`id` <> `c`.`standardsubdomain`
+					AND `d`.`parentdomainid` = '0'
 					AND `d`.`customerid`=`c`.`customerid`
 					AND `d`.`email_only`='0'
 					AND `d`.`customerid`= :customerid
@@ -408,10 +508,10 @@ if($page == 'overview') {
 				}

 				$redirectcode = '';
-				if($settings['customredirect']['enabled'] == '1') {
+				if (Settings::Get('customredirect.enabled') == '1') {
 					$codes = getRedirectCodesArray();
 					foreach ($codes as $rc) {
-						$redirectcode .= makeoption($rc['code']. ' ('.$lng['redirect_desc'][$rc['desc']].')', $rc['id'], $settings['customredirect']['default']);
+						$redirectcode .= makeoption($rc['code']. ' ('.$lng['redirect_desc'][$rc['desc']].')', $rc['id']);
 					}
 				}

@@ -425,7 +525,7 @@ if($page == 'overview') {
 				}

 				$openbasedir = makeoption($lng['domain']['docroot'], 0, NULL, true) . makeoption($lng['domain']['homedir'], 1, NULL, true);
-				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);

 				$subdomain_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/domains/formfield.domains_add.php';
 				$subdomain_add_form = htmlform::genHTMLForm($subdomain_add_data);
@@ -438,8 +538,7 @@ if($page == 'overview') {
 		}
 	} elseif ($action == 'edit' && $id != 0) {

-		$stmt = Database::prepare("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`wwwserveralias`, `d`.`iswildcarddomain`,
-			`d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir`, `d`.`openbasedir_path`, `pd`.`subcanemaildomain`
+		$stmt = Database::prepare("SELECT `d`.*, `pd`.`subcanemaildomain`
 			FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd`
 			WHERE `d`.`customerid` = :customerid
 			AND `d`.`id` = :id
@@ -457,17 +556,17 @@ if($page == 'overview') {

 		if (isset($result['customerid']) && $result['customerid'] == $userinfo['customerid']) {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
-				if(isset($_POST['url']) && $_POST['url'] != '' && validateUrl($idna_convert->encode($_POST['url']))) {
+				if (isset($_POST['url']) && $_POST['url'] != '' && validateUrl($_POST['url'])) {
 					$path = $_POST['url'];
 					$_doredirect = true;
 				} else {
 					$path = validate($_POST['path'], 'path');
 				}

-				if(!preg_match('/^https?\:\/\//', $path) || !validateUrl($idna_convert->encode($path))) {
+				if (!preg_match('/^https?\:\/\//', $path) || !validateUrl($path)) {
 					// If path is empty or '/' and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
 					// set default path to subdomain or domain name
-					if((($path == '') || ($path == '/')) && $settings['system']['documentroot_use_default_value'] == 1) {
+					if ((($path == '') || ($path == '/')) && Settings::Get('system.documentroot_use_default_value') == 1) {
 						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $result['domain']);
 					} else {
 						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
@@ -479,14 +578,14 @@ if($page == 'overview') {
 					$_doredirect = true;
 				}

-				$aliasdomain = intval($_POST['alias']);
+				$aliasdomain = isset($_POST['alias']) ? intval($_POST['alias']) : 0;

-				if(isset($_POST['selectserveralias']) && $result['parentdomainid'] == '0' ) {
+				if (isset($_POST['selectserveralias'])) {
 					$iswildcarddomain = ($_POST['selectserveralias'] == '0') ? '1' : '0';
 					$wwwserveralias = ($_POST['selectserveralias'] == '1') ? '1' : '0';
 				} else {
-					$iswildcarddomain = '0';
-					$wwwserveralias = '0';
+					$iswildcarddomain = $result['iswildcarddomain'];
+					$wwwserveralias = $result['wwwserveralias'];
 				}

 				if ($result['parentdomainid'] != '0' && ($result['subcanemaildomain'] == '1' || $result['subcanemaildomain'] == '2') && isset($_POST['isemaildomain'])) {
@@ -519,10 +618,11 @@ if($page == 'overview') {
 				}

 				if (isset($_POST['ssl_redirect']) && $_POST['ssl_redirect'] == '1') {
-					// a ssl-redirect only works of there actually is a
+					// a ssl-redirect only works if there actually is a
 					// ssl ip/port assigned to the domain
 					if (domainHasSslIpPort($id) == true) {
 						$ssl_redirect = '1';
+						$_doredirect = true;
 					} else {
 						standard_error('sslredirectonlypossiblewithsslipport');
 					}
@@ -530,6 +630,33 @@ if($page == 'overview') {
 					$ssl_redirect = '0';
 				}

+				if (isset($_POST['letsencrypt']) && $_POST['letsencrypt'] == '1') {
+					// let's encrypt only works if there actually is a
+					// ssl ip/port assigned to the domain
+					if (domainHasSslIpPort($id) == true) {
+						$letsencrypt = '1';
+					} else {
+						standard_error('letsencryptonlypossiblewithsslipport');
+					}
+				} else {
+					$letsencrypt = '0';
+				}
+
+				// We can't enable let's encrypt for wildcard - domains
+				if ($iswildcarddomain == '1' && $letsencrypt == '1') {
+					standard_error('nowildcardwithletsencrypt');
+				}
+
+				// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
+				if ($ssl_redirect > 0 && $letsencrypt == 1 && $result['letsencrypt'] != $letsencrypt) {
+					$ssl_redirect = 2;
+				}
+
+				// HSTS
+				$hsts_maxage = isset($_POST['hsts_maxage']) ? (int)$_POST['hsts_maxage'] : 0;
+				$hsts_sub = isset($_POST['hsts_sub']) && (int)$_POST['hsts_sub'] == 1 ? 1 : 0;
+				$hsts_preload = isset($_POST['hsts_preload']) && (int)$_POST['hsts_preload'] == 1 ? 1 : 0;
+
 				if ($path == '') {
 					standard_error('patherror');
 				} else {
@@ -553,7 +680,12 @@ if($page == 'overview') {
 						|| $iswildcarddomain != $result['iswildcarddomain']
 						|| $aliasdomain != $result['aliasdomain']
 						|| $openbasedir_path != $result['openbasedir_path']
-					   || $ssl_redirect != $result['ssl_redirect']) {
+						|| $ssl_redirect != $result['ssl_redirect']
+						|| $letsencrypt != $result['letsencrypt']
+						|| $hsts_maxage != $result['hsts']
+						|| $hsts_sub != $result['hsts_sub']
+						|| $hsts_preload != $result['hsts_preload']
+					) {
 						$log->logAction(USR_ACTION, LOG_INFO, "edited domain '" . $idna_convert->decode($result['domain']) . "'");

 						$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
@@ -563,7 +695,11 @@ if($page == 'overview') {
 							`iswildcarddomain`= :iswildcarddomain,
 							`aliasdomain`= :aliasdomain,
 							`openbasedir_path`= :openbasedir_path,
-							`ssl_redirect`= :ssl_redirect
+							`ssl_redirect`= :ssl_redirect,
+							`letsencrypt`= :letsencrypt,
+							`hsts` = :hsts,
+							`hsts_sub` = :hsts_sub,
+							`hsts_preload` = :hsts_preload
 							WHERE `customerid`= :customerid
 							AND `id`= :id"
 						);
@@ -575,10 +711,34 @@ if($page == 'overview') {
 							"aliasdomain" => ($aliasdomain != 0 && $alias_check == 0) ? $aliasdomain : null,
 							"openbasedir_path" => $openbasedir_path,
 							"ssl_redirect" => $ssl_redirect,
+							"letsencrypt" => $letsencrypt,
+							"hsts" => $hsts_maxage,
+							"hsts_sub" => $hsts_sub,
+							"hsts_preload" => $hsts_preload,
 							"customerid" => $userinfo['customerid'],
 							"id" => $id
 						);
 						Database::pexecute($stmt, $params);
+
+						if ($result['aliasdomain'] != $aliasdomain) {
+							// trigger when domain id for alias destination has changed: both for old and new destination
+							triggerLetsEncryptCSRForAliasDestinationDomain($result['aliasdomain'], $log);
+							triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $log);
+						} elseif ($result['wwwserveralias'] != $wwwserveralias || $result['letsencrypt'] != $letsencrypt) {
+							// or when wwwserveralias or letsencrypt was changed
+							triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $log);
+						}
+
+						// check whether LE has been disabled, so we remove the certificate
+						if ($letsencrypt == '0' && $result['letsencrypt'] == '1')  {
+							$del_stmt = Database::prepare("
+								DELETE FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = :id
+							");
+							Database::pexecute($del_stmt, array(
+								'id' => $id
+							));
+						}
+
 						inserttask('1');

 						// Using nameserver, insert a task which rebuilds the server config
@@ -586,7 +746,7 @@ if($page == 'overview') {

 					}

-					redirectTo($filename, Array('page' => $page, 's' => $s));
+					redirectTo($filename, array('page' => $page, 's' => $s));
 				}
 			} else {
 				$result['domain'] = $idna_convert->decode($result['domain']);
@@ -597,13 +757,14 @@ if($page == 'overview') {
 					WHERE `d`.`aliasdomain` IS NULL
 					AND `d`.`id` <> :id
 					AND `c`.`standardsubdomain` <> `d`.`id`
+					AND `d`.`parentdomainid` = '0'
 					AND `d`.`customerid` = :customerid
 					AND `c`.`customerid` = `d`.`customerid`
 					AND `d`.`id` = `dip`.`id_domain`
 					AND `dip`.`id_ipandports`
 					IN (SELECT `id_ipandports` FROM `".TABLE_DOMAINTOIP."`
 						WHERE `id_domain` = :id)
-					GROUP BY `d`.`domain`
+					GROUP BY `d`.`id`, `d`.`domain`
 					ORDER BY `d`.`domain` ASC"
 				);
 				Database::pexecute($domains_stmt, array("id" => $result['id'], "customerid" => $userinfo['customerid']));
@@ -612,21 +773,21 @@ if($page == 'overview') {
 					$domains .= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id'], $result['aliasdomain']);
 				}

-				if(preg_match('/^https?\:\/\//', $result['documentroot']) && validateUrl($idna_convert->encode($result['documentroot']))) {
-					if($settings['panel']['pathedit'] == 'Dropdown') {
+				if (preg_match('/^https?\:\/\//', $result['documentroot']) && validateUrl($result['documentroot'])) {
+					if (Settings::Get('panel.pathedit') == 'Dropdown') {
 						$urlvalue = $result['documentroot'];
-						$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+						$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);
 					} else {
 						$urlvalue = '';
-						$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $result['documentroot'], true);						
+						$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $result['documentroot'], true);
 					}
 				} else {
 					$urlvalue = '';
-					$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $result['documentroot']);
+					$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $result['documentroot']);
 				}

 				$redirectcode = '';
-				if($settings['customredirect']['enabled'] == '1') {
+				if (Settings::Get('customredirect.enabled') == '1') {
 					$def_code = getDomainRedirectId($id);
 					$codes = getRedirectCodesArray();
 					foreach ($codes as $rc) {
@@ -643,6 +804,10 @@ if($page == 'overview') {
 					$ssl_ipsandports = 'notempty';
 				}

+				// Fudge the result for ssl_redirect to hide the Let's Encrypt steps
+				$result['temporary_ssl_redirect'] = $result['ssl_redirect'];
+				$result['ssl_redirect'] = ($result['ssl_redirect'] == 0 ? 0 : 1);
+
 				$openbasedir = makeoption($lng['domain']['docroot'], 0, $result['openbasedir_path'], true) . makeoption($lng['domain']['homedir'], 1, $result['openbasedir_path'], true);

 				// create serveralias options
@@ -801,4 +966,12 @@ if($page == 'overview') {

 		eval("echo \"" . getTemplate("domains/domain_ssleditor") . "\";");
 	}
+} elseif ($page == 'domaindnseditor' && $userinfo['dnsenabled'] == '1' && Settings::Get('system.dnsenabled') == '1') {
+
+	require_once __DIR__.'/dns_editor.php';
+
+} elseif ($page == 'sslcertificates') {
+
+	require_once __DIR__.'/ssl_certificates.php';
+
 }
--- a/customer_email.php
+++ b/customer_email.php
@@ -20,6 +20,11 @@
 define('AREA', 'customer');
 require './lib/init.php';

+// redirect if this customer page is hidden via settings
+if (Settings::IsInList('panel.customer_hide_options','email')) {
+	redirectTo('customer_index.php');
+}
+
 if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
 } elseif (isset($_GET['id'])) {
@@ -37,7 +42,7 @@ if ($page == 'overview') {
 			'm.email_full' => $lng['emails']['emailaddress'],
 			'm.destination' => $lng['emails']['forwarders']
 		);
-		$paging = new paging($userinfo, TABLE_MAIL_VIRTUAL, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_MAIL_VIRTUAL, $fields);
 		$result_stmt = Database::prepare('SELECT `m`.`id`, `m`.`domainid`, `m`.`email`, `m`.`email_full`, `m`.`iscatchall`, `u`.`quota`, `m`.`destination`, `m`.`popaccountid`, `d`.`domain`, `u`.`mboxsize` FROM `' . TABLE_MAIL_VIRTUAL . '` `m`
 			LEFT JOIN `' . TABLE_PANEL_DOMAINS . '` `d` ON (`m`.`domainid` = `d`.`id`)
 			LEFT JOIN `' . TABLE_MAIL_USERS . '` `u` ON (`m`.`popaccountid` = `u`.`id`)
@@ -106,7 +111,7 @@ if ($page == 'overview') {
 						$row['destination'] = substr($row['destination'], 0, 32) . '... (' . $destinations_count . ')';
 					}

-					$row['mboxsize'] = size_readable($row['mboxsize'], 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
+					$row['mboxsize'] = size_readable($row['mboxsize'], 'GiB', 'bi', '%01.' . (int)Settings::Get('panel.decimal_places') . 'f %s');

 					$row = htmlentities_array($row);
 					eval("\$accounts.=\"" . getTemplate("email/emails_email") . "\";");
@@ -143,7 +148,7 @@ if ($page == 'overview') {

 					if ($result['popaccountid'] != 0) {
 						// Free the Quota used by the email account
-						if ($settings['system']['mail_quota_enabled'] == 1) {
+						if (Settings::Get('system.mail_quota_enabled') == 1) {
 							$stmt = Database::prepare("SELECT `quota` FROM `" . TABLE_MAIL_USERS . "`
 								WHERE `customerid`= :customerid
 								AND `id`= :id"
@@ -200,7 +205,8 @@ if ($page == 'overview') {
 		if ($userinfo['emails_used'] < $userinfo['emails'] || $userinfo['emails'] == '-1') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$email_part = $_POST['email_part'];
-				$domain = $idna_convert->encode(validate($_POST['domain'], 'domain'));
+				// domain does not need idna encoding as the value of the select-box is already Punycode
+				$domain = validate($_POST['domain'], 'domain');
 				$stmt = Database::prepare("SELECT `id`, `domain`, `customerid` FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE `domain`= :domain
 					AND `customerid`= :customerid
@@ -244,7 +250,6 @@ if ($page == 'overview') {
 					standard_error('emailexistalready', $email_full);
 				} elseif ($email_check['email'] == $email) {
 					standard_error('youhavealreadyacatchallforthisdomain');
-					exit;
 				} else {
 					$stmt = Database::prepare("INSERT INTO `" . TABLE_MAIL_VIRTUAL . "`
 						(`customerid`, `email`, `email_full`, `iscatchall`, `domainid`)
@@ -286,7 +291,7 @@ if ($page == 'overview') {

 				$email_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_add.php';

-				if ($settings['catchall']['catchall_enabled'] != '1') {
+				if (Settings::Get('catchall.catchall_enabled') != '1') {
 					unset($email_add_data['emails_add']['sections']['section_a']['fields']['iscatchall']);
 				}

@@ -334,7 +339,7 @@ if ($page == 'overview') {

 			$email_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/email/formfield.emails_edit.php';

-			if ( $settings['catchall']['catchall_enabled'] != '1' ) {
+			if (Settings::Get('catchall.catchall_enabled') != '1') {
 				unset($email_edit_data['emails_edit']['sections']['section_a']['fields']['mail_catchall']);
 			}

@@ -346,7 +351,7 @@ if ($page == 'overview') {
 			eval("echo \"" . getTemplate("email/emails_edit") . "\";");
 		}
 	} elseif ($action == 'togglecatchall' && $id != 0) {
-		if ( $settings['catchall']['catchall_enabled'] == '1' ) {
+		if (Settings::Get('catchall.catchall_enabled') == '1') {
 			$stmt = Database::prepare("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `popaccountid` FROM `" . TABLE_MAIL_VIRTUAL . "`
 				WHERE `customerid`= :cid
 				AND `id`= :id"
@@ -377,7 +382,6 @@ if ($page == 'overview') {

 					if ($email_check['email'] == $email) {
 						standard_error('youhavealreadyacatchallforthisdomain');
-						exit;
 					} else {
 						$stmt = Database::prepare("UPDATE `" . TABLE_MAIL_VIRTUAL . "`
 							SET `email` = :email , `iscatchall` = '1'
@@ -414,10 +418,11 @@ if ($page == 'overview') {
 				standard_error('notallowedtouseaccounts');
 			}

-			$stmt = Database::prepare("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `popaccountid`, `domainid` FROM `" . TABLE_MAIL_VIRTUAL . "`
-				WHERE `customerid`= :cid
-				AND `id`= :id"
-			);
+			$stmt = Database::prepare("
+			    SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `popaccountid`, `domainid`
+			    FROM `" . TABLE_MAIL_VIRTUAL . "`
+			    WHERE `customerid`= :cid AND `id`= :id
+			");
 			$result = Database::pexecute_first($stmt, array("cid" => $userinfo['customerid'], "id" => $id));

 			if (isset($result['email']) && $result['email'] != '' && $result['popaccountid'] == '0') {
@@ -427,13 +432,13 @@ if ($page == 'overview') {
 					$password = validate($_POST['email_password'], 'password');
 					$password = validatePassword($password);

-					if ($settings['panel']['sendalternativemail'] == 1) {
+					if (Settings::Get('panel.sendalternativemail') == 1) {
 						$alternative_email = $idna_convert->encode(validate($_POST['alternative_email'], 'alternative_email'));
 					} else {
 						$alternative_email = '';
 					}

-					if ($settings['system']['mail_quota_enabled'] == 1) {
+					if (Settings::Get('system.mail_quota_enabled') == 1) {
 						if ($userinfo['email_quota'] != '-1' && ($quota == 0 || ($quota + $userinfo['email_quota_used']) > $userinfo['email_quota'])) {
 							standard_error('allocatetoomuchquota', $quota);
 						}
@@ -444,41 +449,46 @@ if ($page == 'overview') {
 					if ($email_full == '') {
 						standard_error(array('stringisempty', 'emailadd'));
 					}
-					elseif ($password == '' && !($settings['panel']['sendalternativemail'] == 1 && validateEmail($alternative_email))) {
+					elseif ($password == '' && !(Settings::Get('panel.sendalternativemail') == 1 && validateEmail($alternative_email))) {
 						standard_error(array('stringisempty', 'mypassword'));
+					}
+					elseif ($password == $email_full) {
+						standard_error('passwordshouldnotbeusername');
 					} else {
 						if ($password == '') {
-							$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
+							$password = generatePassword();
 						}

 						$cryptPassword = makeCryptPassword($password);

 						$email_user=substr($email_full,0,strrpos($email_full,"@"));
 						$email_domain=substr($email_full,strrpos($email_full,"@")+1);
-						$maildirname=trim($settings['system']['vmail_maildirname']);
+						$maildirname=trim(Settings::Get('system.vmail_maildirname'));
 						// Add trailing slash to Maildir if needed
 						$maildirpath=$maildirname;
-						if (!empty($maildirname) and substr($maildirname,-1) != "/") $maildirpath.="/";
+						if (!empty($maildirname) && substr($maildirname,-1) != "/") {
+							$maildirpath.="/";
+						}

 						$stmt = Database::prepare("INSERT INTO `" . TABLE_MAIL_USERS . "`
-							(`customerid`, `email`, `username`, " . ($settings['system']['mailpwcleartext'] == '1' ? '`password`, ' : '') . " `password_enc`, `homedir`, `maildir`, `uid`, `gid`, `domainid`, `postfix`, `quota`, `imap`, `pop3`) ".
-							"VALUES (:cid, :email, :username, " . ($settings['system']['mailpwcleartext'] == '1' ? ":password, " : '') . ":password_enc, :homedir, :maildir, :uid, :gid, :domainid, 'y', :quota, :imap, :pop3)"
+							(`customerid`, `email`, `username`, " . (Settings::Get('system.mailpwcleartext') == '1' ? '`password`, ' : '') . " `password_enc`, `homedir`, `maildir`, `uid`, `gid`, `domainid`, `postfix`, `quota`, `imap`, `pop3`) ".
+							"VALUES (:cid, :email, :username, " . (Settings::Get('system.mailpwcleartext') == '1' ? ":password, " : '') . ":password_enc, :homedir, :maildir, :uid, :gid, :domainid, 'y', :quota, :imap, :pop3)"
 						);
 						$params = array(
 							"cid" => $userinfo['customerid'],
 							"email" => $email_full,
 							"username" => $username,
 							"password_enc" => $cryptPassword,
-							"homedir" => $settings['system']['vmail_homedir'],
+							"homedir" => Settings::Get('system.vmail_homedir'),
 							"maildir" => $userinfo['loginname'] . '/' . $email_domain . "/" . $email_user . "/" . $maildirpath,
-							"uid" => $settings['system']['vmail_uid'],
-							"gid" => $settings['system']['vmail_gid'],
+							"uid" => Settings::Get('system.vmail_uid'),
+							"gid" => Settings::Get('system.vmail_gid'),
 							"domainid" => $result['domainid'],
 							"quota" => $quota,
 							"imap" => $userinfo['imap'],
 							"pop3" => $userinfo['pop3']
 						);
-						if ($settings['system']['mailpwcleartext'] == '1') { $params["password"] = $password; }
+						if (Settings::Get('system.mailpwcleartext') == '1') { $params["password"] = $password; }
 						Database::pexecute($stmt, $params);

 						$popaccountid = Database::lastInsertId();
@@ -555,7 +565,7 @@ if ($page == 'overview') {

 						$mail->ClearAddresses();

-						if (validateEmail($alternative_email) && $settings['panel']['sendalternativemail'] == 1) {
+						if (validateEmail($alternative_email) && Settings::Get('panel.sendalternativemail') == 1) {
 							$stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
 								WHERE `adminid`= :adminid
 								AND `language`= :lang
@@ -592,7 +602,7 @@ if ($page == 'overview') {

 							if ($_mailerror) {
 								$log->logAction(USR_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
-								standard_error(array('errorsendingmail', $alternative_email));
+								standard_error(array('errorsendingmail'), $alternative_email);
 							}

 							$mail->ClearAddresses();
@@ -601,9 +611,14 @@ if ($page == 'overview') {
 						redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 					}
 				} else {
+
+					if (checkMailAccDeletionState($result['email_full'])) {
+					   standard_error(array('mailaccistobedeleted'), $result['email_full']);
+					}
+
 					$result['email_full'] = $idna_convert->decode($result['email_full']);
 					$result = htmlentities_array($result);
-					$quota = $settings['system']['mail_quota'];
+					$quota = Settings::Get('system.mail_quota');

 					$account_add_data = include_once dirname(__FILE__) . '/lib/formfields/customer/email/formfield.emails_addaccount.php';
 					$account_add_form = htmlform::genHTMLForm($account_add_data);
@@ -630,7 +645,9 @@ if ($page == 'overview') {

 				if ($password == '') {
 					standard_error(array('stringisempty', 'mypassword'));
-					exit;
+				}
+				elseif ($password == $result['email_full']) {
+					standard_error('passwordshouldnotbeusername');
 				}

 				$password = validatePassword($password);
@@ -638,7 +655,7 @@ if ($page == 'overview') {
 				$log->logAction(USR_ACTION, LOG_NOTICE, "changed email password for '" . $result['email_full'] . "'");
 				$cryptPassword = makeCryptPassword($password);
 				$stmt = Database::prepare("UPDATE `" . TABLE_MAIL_USERS . "`
-					SET " . ($settings['system']['mailpwcleartext'] == '1' ? "`password` = :password, " : '') . "
+					SET " . (Settings::Get('system.mailpwcleartext') == '1' ? "`password` = :password, " : '') . "
 						`password_enc`= :password_enc
 					WHERE `customerid`= :cid
 					AND `id`= :id"
@@ -648,7 +665,7 @@ if ($page == 'overview') {
 					"cid" => $userinfo['customerid'],
 					"id" => $result['popaccountid']
 				);
-				if ($settings['system']['mailpwcleartext'] == '1') { $params["password"] = $password; }
+				if (Settings::Get('system.mailpwcleartext') == '1') { $params["password"] = $password; }
 				Database::pexecute($stmt, $params);

 				redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
@@ -665,7 +682,7 @@ if ($page == 'overview') {
 				eval("echo \"" . getTemplate("email/account_changepw") . "\";");
 			}
 		}
-	} elseif ($action == 'changequota' && $settings['system']['mail_quota_enabled'] == '1' && $id != 0) {
+	} elseif ($action == 'changequota' && Settings::Get('system.mail_quota_enabled') == '1' && $id != 0) {
 		$stmt = Database::prepare("SELECT `v`.`id`, `v`.`email`, `v`.`email_full`, `v`.`iscatchall`, `v`.`destination`, `v`.`customerid`, `v`.`popaccountid`, `u`.`quota`
 			FROM `" . TABLE_MAIL_VIRTUAL . "` `v`
 			LEFT JOIN `" . TABLE_MAIL_USERS . "` `u`
@@ -751,7 +768,7 @@ if ($page == 'overview') {
 				);
 				Database::pexecute($stmt, $params);

-				if ($settings['system']['mail_quota_enabled'] == '1' && $userinfo['email_quota'] != '-1') {
+				if (Settings::Get('system.mail_quota_enabled') == '1' && $userinfo['email_quota'] != '-1') {
 					$quota = (int)$result['quota'];
 				} else {
 					$quota = 0;
@@ -887,5 +904,3 @@ if ($page == 'overview') {
 		}
 	}
 }
-
-?>
--- a/customer_extras.php
+++ b/customer_extras.php
@@ -16,10 +16,14 @@
 * @package    Panel
 *
 */
-
 define('AREA', 'customer');
 require './lib/init.php';

+// redirect if this customer page is hidden via settings
+if (Settings::IsInList('panel.customer_hide_options','extras')) {
+	redirectTo('customer_index.php');
+}
+
 if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
 } elseif (isset($_GET['id'])) {
@@ -29,48 +33,25 @@ if(isset($_POST['id'])) {
 if ($page == 'overview') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras");
 	eval("echo \"" . getTemplate("extras/extras") . "\";");
-} elseif($page == 'backup') {
-    $log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras_backup");
+} elseif ($page == 'htpasswds') {

-    $result_stmt = Database::prepare("SELECT `backup_enabled` FROM `" . TABLE_PANEL_CUSTOMERS . "`
-    	WHERE `customerid`= :customerid"
-    );
-    Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
-    $row = $result_stmt->fetch(PDO::FETCH_ASSOC);
-
-    $backup_enabled = makeyesno('backup_enabled', '1', '0', $row['backup_enabled']);
-
-    if(isset($_POST['send']) && $_POST['send'] == 'send') {
-		$backup_enabled = ($_POST['backup_enabled'] == '1' ? '1' : '0');
-	
-        $stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
-        	SET `backup_enabled`= :backupenabled
-        	WHERE `customerid`= :customerid"
-        );
-        Database::pexecute($stmt, array("backupenabled" => $backup_enabled, "customerid" => $userinfo['customerid']));
-		
-		redirectTo($filename, Array('page' => $page, 's' => $s));
+	// redirect if this customer sub-page is hidden via settings
+	if (Settings::IsInList('panel.customer_hide_options','extras.directoryprotection')) {
+		redirectTo('customer_index.php');
 	}

-    $backup_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.backup.php';
-	$backup_form = htmlform::genHTMLForm($backup_data);
-
-	$title = $backup_data['backup']['title'];
-	$image = $backup_data['backup']['image'];
-    
-    eval("echo \"" . getTemplate("extras/backup") . "\";");
-} elseif($page == 'htpasswds') {
 	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras::htpasswds");
 		$fields = array(
 			'username' => $lng['login']['username'],
 			'path' => $lng['panel']['path']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_HTPASSWDS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_HTPASSWDS, $fields);
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "`
-			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
-		);
-		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
+			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		Database::pexecute($result_stmt, array(
+			"customerid" => $userinfo['customerid']
+		));
 		$paging->setEntries(Database::num_rows());
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -83,9 +64,9 @@ if($page == 'overview') {
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			if ($paging->checkDisplay($i)) {
 				if (strpos($row['path'], $userinfo['documentroot']) === 0) {
-					$row['path'] = substr($row['path'], strlen($userinfo['documentroot']));
+					$row['path'] = str_replace($userinfo['documentroot'], "/", $row['path']);
 				}
-
+				$row['path'] = makeCorrectDir($row['path']);
 				$row = htmlentities_array($row);
 				eval("\$htpasswds.=\"" . getTemplate("extras/htpasswds_htpasswd") . "\";");
 				$count ++;
@@ -98,28 +79,39 @@ if($page == 'overview') {
 	} elseif ($action == 'delete' && $id != 0) {
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "`
 			WHERE `customerid`= :customerid
-			AND `id`= :id"
-		);
-		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
+			AND `id`= :id");
+		Database::pexecute($result_stmt, array(
+			"customerid" => $userinfo['customerid'],
+			"id" => $id
+		));
 		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);

 		if (isset($result['username']) && $result['username'] != '') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_HTPASSWDS . "`
 					WHERE `customerid`= :customerid
-					AND `id`= :id"
-				);
-				Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
+					AND `id`= :id");
+				Database::pexecute($stmt, array(
+					"customerid" => $userinfo['customerid'],
+					"id" => $id
+				));

 				$log->logAction(USR_ACTION, LOG_INFO, "deleted htpasswd for '" . $result['username'] . " (" . $result['path'] . ")'");
 				inserttask('1');
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
 			} else {
 				if (strpos($result['path'], $userinfo['documentroot']) === 0) {
-					$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
+					$result['path'] = str_replace($userinfo['documentroot'], "/", $result['path']);
 				}

-				ask_yesno('extras_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username'] . ' (' . $result['path'] . ')');
+				ask_yesno('extras_reallydelete', $filename, array(
+					'id' => $id,
+					'page' => $page,
+					'action' => $action
+				), $result['username'] . ' (' . $result['path'] . ')');
 			}
 		}
 	} elseif ($action == 'add') {
@@ -134,8 +126,7 @@ if($page == 'overview') {
 			$username_path_check_stmt = Database::prepare("SELECT `id`, `username`, `path` FROM `" . TABLE_PANEL_HTPASSWDS . "`
 				WHERE `username`= :username
 				AND `path`= :path
-				AND `customerid`= :customerid"
-			);
+				AND `customerid`= :customerid");
 			$params = array(
 				"username" => $username,
 				"path" => $path,
@@ -156,21 +147,28 @@ if($page == 'overview') {
 			}

 			if ($username == '') {
-				standard_error(array('stringisempty', 'myloginname'));
+				standard_error(array(
+					'stringisempty',
+					'myloginname'
+				));
 			} elseif ($username_path_check['username'] == $username && $username_path_check['path'] == $path) {
 				standard_error('userpathcombinationdupe');
 			} elseif ($_POST['directory_password'] == '') {
-				standard_error(array('stringisempty', 'mypassword'));
+				standard_error(array(
+					'stringisempty',
+					'mypassword'
+				));
 			} elseif ($path == '') {
 				standard_error('patherror');
+			} elseif ($_POST['directory_password'] == $username) {
+				standard_error('passwordshouldnotbeusername');
 			} else {
 				$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` SET
 					`customerid` = :customerid,
 					`username` = :username,
 					`password` = :password,
 					`path` = :path,
-					`authname` = :authname"
-				);
+					`authname` = :authname");
 				$params = array(
 					"customerid" => $userinfo['customerid'],
 					"username" => $username,
@@ -181,10 +179,13 @@ if($page == 'overview') {
 				Database::pexecute($stmt, $params);
 				$log->logAction(USR_ACTION, LOG_INFO, "added htpasswd for '" . $username . " (" . $path . ")'");
 				inserttask('1');
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
 			}
 		} else {
-			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);

 			$htpasswd_add_data = include_once dirname(__FILE__) . '/lib/formfields/customer/extras/formfield.htpasswd_add.php';
 			$htpasswd_add_form = htmlform::genHTMLForm($htpasswd_add_data);
@@ -197,9 +198,11 @@ if($page == 'overview') {
 	} elseif ($action == 'edit' && $id != 0) {
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "`
 			WHERE `customerid`= :customerid
-			AND `id`= :id"
-		);
-		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
+			AND `id`= :id");
+		Database::pexecute($result_stmt, array(
+			"customerid" => $userinfo['customerid'],
+			"id" => $id
+		));
 		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);

 		if (isset($result['username']) && $result['username'] != '') {
@@ -214,6 +217,10 @@ if($page == 'overview') {
 					$password = crypt($_POST['directory_password']);
 				}

+				if ($_POST['directory_password'] == $result['username']) {
+					standard_error('passwordshouldnotbeusername');
+				}
+
 				$params = array(
 					"customerid" => $userinfo['customerid'],
 					"id" => $id
@@ -239,16 +246,18 @@ if($page == 'overview') {
 					$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_HTPASSWDS . "`
 						SET " . $pwd_sql . $auth_sql . "
 						WHERE `customerid`= :customerid
-						AND `id`= :id"
-					);
+						AND `id`= :id");
 					Database::pexecute($stmt, $params);
 					$log->logAction(USR_ACTION, LOG_INFO, "edited htpasswd for '" . $result['username'] . " (" . $result['path'] . ")'");
 					inserttask('1');
-					redirectTo($filename, Array('page' => $page, 's' => $s));
+					redirectTo($filename, array(
+						'page' => $page,
+						's' => $s
+					));
 				}
 			} else {
 				if (strpos($result['path'], $userinfo['documentroot']) === 0) {
-					$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
+					$result['path'] = str_replace($userinfo['documentroot'], "/", $result['path']);
 				}

 				$result = htmlentities_array($result);
@@ -264,6 +273,12 @@ if($page == 'overview') {
 		}
 	}
 } elseif ($page == 'htaccess') {
+
+	// redirect if this customer sub-page is hidden via settings
+	if (Settings::IsInList('panel.customer_hide_options','extras.pathoptions')) {
+		redirectTo('customer_index.php');
+	}
+
 	if ($action == '') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras::htaccess");
 		$fields = array(
@@ -274,11 +289,12 @@ if($page == 'overview') {
 			'error500path' => $lng['extras']['error500path'],
 			'options_cgi' => $lng['extras']['execute_perl']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_HTACCESS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_HTACCESS, $fields);
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "`
-			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
-		);
-		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
+			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		Database::pexecute($result_stmt, array(
+			"customerid" => $userinfo['customerid']
+		));
 		$paging->setEntries(Database::num_rows());
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -293,11 +309,9 @@ if($page == 'overview') {
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			if ($paging->checkDisplay($i)) {
 				if (strpos($row['path'], $userinfo['documentroot']) === 0) {
-					$row['path'] = substr($row['path'], strlen($userinfo['documentroot']));
-					// don't show nothing wehn it's the docroot, show slash
-					if ($row['path'] == '') { $row['path'] = '/'; }
+					$row['path'] = str_replace($userinfo['documentroot'], "/", $row['path']);
 				}
-
+				$row['path'] = makeCorrectDir($row['path']);
 				$row['options_indexes'] = str_replace('1', $lng['panel']['yes'], $row['options_indexes']);
 				$row['options_indexes'] = str_replace('0', $lng['panel']['no'], $row['options_indexes']);
 				$row['options_cgi'] = str_replace('1', $lng['panel']['yes'], $row['options_cgi']);
@@ -314,23 +328,50 @@ if($page == 'overview') {
 	} elseif ($action == 'delete' && $id != 0) {
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "`
 			WHERE `customerid` = :customerid
-			AND `id` = :id"
-		);
-		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
+			AND `id` = :id");
+		Database::pexecute($result_stmt, array(
+			"customerid" => $userinfo['customerid'],
+			"id" => $id
+		));
 		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);

 		if (isset($result['customerid']) && $result['customerid'] != '' && $result['customerid'] == $userinfo['customerid']) {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				// do we have to remove the symlink and folder in suexecpath?
+				if ((int) Settings::Get('perl.suexecworkaround') == 1) {
+					$loginname = getCustomerDetail($result['customerid'], 'loginname');
+					$suexecpath = makeCorrectDir(Settings::Get('perl.suexecpath') . '/' . $loginname . '/' . md5($result['path']) . '/');
+					$perlsymlink = makeCorrectFile($result['path'] . '/cgi-bin');
+					// remove symlink
+					if (file_exists($perlsymlink)) {
+						safe_exec('rm -f ' . escapeshellarg($perlsymlink));
+						$log->logAction(USR_ACTION, LOG_DEBUG, "deleted suexecworkaround symlink '" . $perlsymlink . "'");
+					}
+					// remove folder in suexec-path
+					if (file_exists($suexecpath)) {
+						safe_exec('rm -rf ' . escapeshellarg($suexecpath));
+						$log->logAction(USR_ACTION, LOG_DEBUG, "deleted suexecworkaround path '" . $suexecpath . "'");
+					}
+				}
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_HTACCESS . "`
 					WHERE `customerid`= :customerid
-					AND `id`= :id"
-				);
-				Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
-				$log->logAction(USR_ACTION, LOG_INFO, "deleted htaccess for '" . str_replace($userinfo['documentroot'], '', $result['path']) . "'");
+					AND `id`= :id");
+				Database::pexecute($stmt, array(
+					"customerid" => $userinfo['customerid'],
+					"id" => $id
+				));
+				$log->logAction(USR_ACTION, LOG_INFO, "deleted htaccess for '" . str_replace($userinfo['documentroot'], '/', $result['path']) . "'");
 				inserttask('1');
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
 			} else {
-				ask_yesno('extras_reallydelete_pathoptions', $filename, array('id' => $id, 'page' => $page, 'action' => $action), str_replace($userinfo['documentroot'], '', $result['path']));
+				ask_yesno('extras_reallydelete_pathoptions', $filename, array(
+					'id' => $id,
+					'page' => $page,
+					'action' => $action
+				), str_replace($userinfo['documentroot'], '/', $result['path']));
 			}
 		}
 	} elseif ($action == 'add') {
@@ -340,9 +381,11 @@ if($page == 'overview') {
 			$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
 			$path_dupe_check_stmt = Database::prepare("SELECT `id`, `path` FROM `" . TABLE_PANEL_HTACCESS . "`
 				WHERE `path`= :path
-				AND `customerid`= :customerid"
-			);
-			Database::pexecute($path_dupe_check_stmt, array("path" => $path, "customerid" => $userinfo['customerid']));
+				AND `customerid`= :customerid");
+			Database::pexecute($path_dupe_check_stmt, array(
+				"path" => $path,
+				"customerid" => $userinfo['customerid']
+			));
 			$path_dupe_check = $path_dupe_check_stmt->fetch(PDO::FETCH_ASSOC);

 			if (! $_POST['path']) {
@@ -382,8 +425,7 @@ if($page == 'overview') {
 					`error404path` = :error404path,
 					`error403path` = :error403path,
 					`error500path` = :error500path,
-					`options_cgi` = :options_cgi'
-				);
+					`options_cgi` = :options_cgi');
 				$params = array(
 					"customerid" => $userinfo['customerid'],
 					"path" => $path,
@@ -397,15 +439,14 @@ if($page == 'overview') {

 				$log->logAction(USR_ACTION, LOG_INFO, "added htaccess for '" . $path . "'");
 				inserttask('1');
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
 			}
 		} else {
-			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
+			$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);
 			$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
-			/*
-			$options_indexes = makeyesno('options_indexes', '1', '0', '0');
-			$options_cgi = makeyesno('options_cgi', '1', '0', '0');
-			*/

 			$htaccess_add_data = include_once dirname(__FILE__) . '/lib/formfields/customer/extras/formfield.htaccess_add.php';
 			$htaccess_add_form = htmlform::genHTMLForm($htaccess_add_data);
@@ -418,9 +459,11 @@ if($page == 'overview') {
 	} elseif (($action == 'edit') && ($id != 0)) {
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "`
 			WHERE `customerid` = :customerid
-			AND `id` = :id"
-		);
-		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
+			AND `id` = :id");
+		Database::pexecute($result_stmt, array(
+			"customerid" => $userinfo['customerid'],
+			"id" => $id
+		));
 		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);

 		if ((isset($result['customerid'])) && ($result['customerid'] != '') && ($result['customerid'] == $userinfo['customerid'])) {
@@ -440,12 +483,7 @@ if($page == 'overview') {
 				$error403path = correctErrorDocument($_POST['error403path']);
 				$error500path = correctErrorDocument($_POST['error500path']);

-				if(($option_indexes != $result['options_indexes'])
-					|| ($error404path != $result['error404path'])
-					|| ($error403path != $result['error403path'])
-					|| ($error500path != $result['error500path'])
-					|| ($options_cgi != $result['options_cgi'])) {
-					
+				if (($option_indexes != $result['options_indexes']) || ($error404path != $result['error404path']) || ($error403path != $result['error403path']) || ($error500path != $result['error500path']) || ($options_cgi != $result['options_cgi'])) {
 					inserttask('1');
 					$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_HTACCESS . "`
 						SET `options_indexes` = :options_indexes,
@@ -454,8 +492,7 @@ if($page == 'overview') {
 						`error500path` = :error500path,
 						`options_cgi` = :options_cgi
 						WHERE `customerid` = :customerid
-						AND `id` = :id"
-					);
+						AND `id` = :id");
 					$params = array(
 						"customerid" => $userinfo['customerid'],
 						"options_indexes" => $_POST['options_indexes'] == '1' ? '1' : '0',
@@ -466,15 +503,16 @@ if($page == 'overview') {
 						"id" => $id
 					);
 					Database::pexecute($stmt, $params);
-					$log->logAction(USR_ACTION, LOG_INFO, "edited htaccess for '" . str_replace($userinfo['documentroot'], '', $result['path']) . "'");
+					$log->logAction(USR_ACTION, LOG_INFO, "edited htaccess for '" . str_replace($userinfo['documentroot'], '/', $result['path']) . "'");
 				}

-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
 			} else {
 				if (strpos($result['path'], $userinfo['documentroot']) === 0) {
-					$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
-					// don't show nothing wehn it's the docroot, show slash
-					if ($result['path'] == '') { $result['path'] = '/'; }
+					$result['path'] = str_replace($userinfo['documentroot'], "/", $result['path']);
 				}

 				$result['error404path'] = $result['error404path'];
@@ -482,8 +520,8 @@ if($page == 'overview') {
 				$result['error500path'] = $result['error500path'];
 				$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
 				/*
-				$options_indexes = makeyesno('options_indexes', '1', '0', $result['options_indexes']);
-				$options_cgi = makeyesno('options_cgi', '1', '0', $result['options_cgi']);
+				 * $options_indexes = makeyesno('options_indexes', '1', '0', $result['options_indexes']);
+				 * $options_cgi = makeyesno('options_cgi', '1', '0', $result['options_cgi']);
 				 */
 				$result = htmlentities_array($result);

@@ -497,6 +535,106 @@ if($page == 'overview') {
 			}
 		}
 	}
+} elseif ($page == 'backup') {
+
+	// redirect if this customer sub-page is hidden via settings
+	if (Settings::IsInList('panel.customer_hide_options','extras.backup')) {
+		redirectTo('customer_index.php');
 	}

-?>
+	if (Settings::Get('system.backupenabled') == 1)
+	{
+		if ($action == 'abort' && isset($_POST['send']) && $_POST['send'] == 'send') {
+			$log->logAction(USR_ACTION, LOG_NOTICE, "customer_extras::backup - aborted scheduled backupjob");
+			$entry = isset($_POST['backup_job_entry']) ? (int)$_POST['backup_job_entry'] : 0;
+			if ($entry > 0) {
+				$del_stmt = Database::prepare("DELETE FROM `".TABLE_PANEL_TASKS."` WHERE `id` = :tid");
+				Database::pexecute($del_stmt, array('tid' => $entry));
+				standard_success('backupaborted');
+			}
+			redirectTo($filename, array('page' => $page, 'action' => '', 's' => $s));
+		}
+		if ($action == '') {
+			$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras::backup");
+
+			// check whether there is a backup-job for this customer
+			$sel_stmt = Database::prepare("SELECT * FROM `".TABLE_PANEL_TASKS."` WHERE `type` = '20'");
+			Database::pexecute($sel_stmt);
+			$existing_backupJob = null;
+			while ($entry = $sel_stmt->fetch())
+			{
+				$data = unserialize($entry['data']);
+				if ($data['customerid'] == $userinfo['customerid']) {
+					$existing_backupJob = $entry;
+					break;
+				}
+			}
+
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+
+				if (! $_POST['path']) {
+					standard_error('invalidpath');
+				}
+
+				$path = makeCorrectDir(validate($_POST['path'], 'path'));
+				$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
+
+				$backup_dbs = isset($_POST['backup_dbs']) ? intval($_POST['backup_dbs']) : 0;
+				$backup_mail = isset($_POST['backup_mail']) ? intval($_POST['backup_mail']) : 0;
+				$backup_web = isset($_POST['backup_web']) ? intval($_POST['backup_web']) : 0;
+
+				if ($backup_dbs != '1') {
+					$backup_dbs = '0';
+				}
+
+				if ($backup_mail != '1') {
+					$backup_mail = '0';
+				}
+
+				if ($backup_web != '1') {
+					$backup_web = '0';
+				}
+
+				$task_data = array(
+					'customerid' => $userinfo['customerid'],
+					'uid' => $userinfo['guid'],
+					'gid' => $userinfo['guid'],
+					'loginname' => $userinfo['loginname'],
+					'destdir' => $path,
+					'backup_dbs' => $backup_dbs,
+					'backup_mail' => $backup_mail,
+					'backup_web' => $backup_web
+				);
+				// schedule backup job
+				inserttask('20', $task_data);
+
+				standard_success('backupscheduled');
+			} else {
+
+				if (!empty($existing_backupJob)) {
+					$action = "abort";
+					$row = unserialize($entry['data']);
+					$row['path'] = makeCorrectDir(str_replace($userinfo['documentroot'], "/", $row['destdir']));
+					$row['backup_web'] = ($row['backup_web'] == '1') ? $lng['panel']['yes'] : $lng['panel']['no'];
+					$row['backup_mail'] = ($row['backup_mail'] == '1') ? $lng['panel']['yes'] : $lng['panel']['no'];
+					$row['backup_dbs'] = ($row['backup_dbs'] == '1') ? $lng['panel']['yes'] : $lng['panel']['no'];
+				}
+				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);
+				$backup_data = include_once dirname(__FILE__) . '/lib/formfields/customer/extras/formfield.backup.php';
+				$backup_form = htmlform::genHTMLForm($backup_data);
+				$title = $backup_data['backup']['title'];
+				$image = $backup_data['backup']['image'];
+
+				if (!empty($existing_backupJob)) {
+					// overwrite backup_form after we took everything from it we needed
+					eval("\$backup_form = \"" . getTemplate("extras/backup_listexisting") . "\";");
+				}
+				eval("echo \"" . getTemplate("extras/backup") . "\";");
+			}
+		}
+	}
+	else
+	{
+		standard_error('backupfunctionnotenabled');
+	}
+}
--- a/customer_ftp.php
+++ b/customer_ftp.php
@@ -20,6 +20,11 @@
 define('AREA', 'customer');
 require './lib/init.php';

+// redirect if this customer page is hidden via settings
+if (Settings::IsInList('panel.customer_hide_options','ftp')) {
+	redirectTo('customer_index.php');
+}
+
 $id = 0;
 if (isset($_POST['id'])) {
 	$id = intval($_POST['id']);
@@ -35,13 +40,13 @@ if ($page == 'overview') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_ftp::accounts");
 		$fields = array(
 			'username' => $lng['login']['username'],
-			'homedir' => $lng['panel']['path']
+			'homedir' => $lng['panel']['path'],
+			'description' => $lng['panel']['ftpdesc']
 		);
-		$paging = new paging($userinfo, TABLE_FTP_USERS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_FTP_USERS, $fields);

-		$result_stmt = Database::prepare("SELECT `id`, `username`, `homedir` FROM `" . TABLE_FTP_USERS . "`
-			WHERE `customerid`= :customerid 
-			AND `username` NOT LIKE '%_backup'" . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
+		$result_stmt = Database::prepare("SELECT `id`, `username`, `description`, `homedir`, `shell` FROM `" . TABLE_FTP_USERS . "`
+			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
 		);
 		Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
 		$ftps_count = Database::num_rows();
@@ -57,7 +62,7 @@ if ($page == 'overview') {
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			if ($paging->checkDisplay($i)) {
 				if (strpos($row['homedir'], $userinfo['documentroot']) === 0) {
-					$row['documentroot'] = substr($row['homedir'], strlen($userinfo['documentroot']));
+					$row['documentroot'] = str_replace($userinfo['documentroot'], "/", $row['homedir']);
 				} else {
 					$row['documentroot'] = $row['homedir'];
 				}
@@ -148,17 +153,22 @@ if ($page == 'overview') {
 		if ($userinfo['ftps_used'] < $userinfo['ftps'] || $userinfo['ftps'] == '-1') {
 			if (isset($_POST['send'])
 				&& $_POST['send'] == 'send') {
+				$description = validate($_POST['ftp_description'], 'description');
 				// @FIXME use a good path-validating regex here (refs #1231)
 				$path = validate($_POST['path'], 'path');
 				$password = validate($_POST['ftp_password'], 'password');
 				$password = validatePassword($password);
+				$shell = "/bin/false";
+				if (Settings::Get('system.allow_customer_shell') == '1') {
+					$shell = isset($_POST['shell']) ? validate($_POST['shell'], 'shell') : '/bin/false';
+				}

 				$sendinfomail = isset($_POST['sendinfomail']) ? 1 : 0;
 				if ($sendinfomail != 1) {
 					$sendinfomail = 0;
 				}

-				if ($settings['customer']['ftpatdomain'] == '1') {
+				if (Settings::Get('customer.ftpatdomain') == '1') {
 					$ftpusername = validate($_POST['ftp_username'], 'username', '/^[a-zA-Z0-9][a-zA-Z0-9\-_]+\$?$/');
 					if ($ftpusername == '') {
 						standard_error(array('stringisempty', 'username'));
@@ -176,7 +186,7 @@ if ($page == 'overview') {
 					}
 					$username = $ftpusername . "@" . $ftpdomain;
 				} else {
-					$username = $userinfo['loginname'] . $settings['customer']['ftpprefix'] . (intval($userinfo['ftp_lastaccountnumber']) + 1);
+					$username = $userinfo['loginname'] . Settings::Get('customer.ftpprefix') . (intval($userinfo['ftp_lastaccountnumber']) + 1);
 				}

 				$username_check_stmt = Database::prepare("SELECT * FROM `" . TABLE_FTP_USERS . "`
@@ -191,21 +201,25 @@ if ($page == 'overview') {
 					standard_error(array('stringisempty', 'mypassword'));
 				} elseif ($path == '') {
 					standard_error('patherror');
+				} elseif ($username == $password) {
+					standard_error('passwordshouldnotbeusername');
 				} else {
 					$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);

 					$cryptPassword = makeCryptPassword($password);

 					$stmt = Database::prepare("INSERT INTO `" . TABLE_FTP_USERS . "`
-						(`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`)
-						VALUES (:customerid, :username, :password, :homedir, 'y', :guid, :guid)"
+						(`customerid`, `username`, `description`, `password`, `homedir`, `login_enabled`, `uid`, `gid`, `shell`)
+						VALUES (:customerid, :username, :description, :password, :homedir, 'y', :guid, :guid, :shell)"
 					);
 					$params = array(
 						"customerid" => $userinfo['customerid'],
 						"username" => $username,
+						"description" => $description,
 						"password" => $cryptPassword,
 						"homedir" => $path,
-						"guid" => $userinfo['guid']
+						"guid" => $userinfo['guid'],
+						"shell" => $shell
 					);
 					Database::pexecute($stmt, $params);

@@ -250,7 +264,7 @@ if ($page == 'overview') {
 							'CUST_NAME' => getCorrectUserSalutation($userinfo), // < keep this for compatibility
 							'USR_NAME' => $username,
 							'USR_PASS' => $password,
-							'USR_PATH' => makeCorrectDir(substr($path, strlen($userinfo['documentroot'])))
+							'USR_PATH' => makeCorrectDir(str_replace($userinfo['documentroot'], "/", $path))
 						);

 						$def_language = $userinfo['def_language'];
@@ -262,7 +276,7 @@ if ($page == 'overview') {
 						);
 						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
 						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['ftp_add']['infomail_subject']), $replace_arr));
+						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_ftpaccount_by_customer']['subject']), $replace_arr));

 						$def_language = $userinfo['def_language'];
 						$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
@@ -273,7 +287,7 @@ if ($page == 'overview') {
 						);
 						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
 						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['ftp_add']['infomail_body']['main']), $replace_arr));
+						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_ftpaccount_by_customer']['mailbody']), $replace_arr));

 						$_mailerror = false;
 						try {
@@ -298,12 +312,12 @@ if ($page == 'overview') {
 						$mail->ClearAddresses();
 					}

-					redirectTo($filename, Array('page' => $page, 's' => $s));
+					redirectTo($filename, array('page' => $page, 's' => $s));
 				}
 			} else {
-				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], '/');
+				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], '/');

-				if ($settings['customer']['ftpatdomain'] == '1') {
+				if (Settings::Get('customer.ftpatdomain') == '1') {
 					$domainlist = array();
 					$domains = '';

@@ -325,6 +339,18 @@ if ($page == 'overview') {
 					}
 				}

+				if (Settings::Get('system.allow_customer_shell') == '1') {
+					$shells = makeoption("/bin/false", "/bin/false", "/bin/false");
+					$shells_avail = Settings::Get('system.available_shells');
+					if (!empty($shells_avail)) {
+						$shells_avail = explode(",", $shells_avail);
+						$shells_avail = array_map("trim", $shells_avail);
+						foreach ($shells_avail as $_shell) {
+							$shells .= makeoption($_shell, $_shell, "/bin/false");
+						}
+					}
+				}
+
 				//$sendinfomail = makeyesno('sendinfomail', '1', '0', '0');

 				$ftp_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/ftp/formfield.ftp_add.php';
@@ -337,7 +363,7 @@ if ($page == 'overview') {
 			}
 		}
 	} elseif ($action == 'edit' && $id != 0) {
-		$result_stmt = Database::prepare("SELECT `id`, `username`, `homedir`, `uid`, `gid` FROM `" . TABLE_FTP_USERS . "`
+		$result_stmt = Database::prepare("SELECT `id`, `username`, `description`, `homedir`, `uid`, `gid`, `shell` FROM `" . TABLE_FTP_USERS . "`
 			WHERE `customerid` = :customerid
 			AND `id` = :id"
 		);
@@ -349,6 +375,11 @@ if ($page == 'overview') {
 				// @FIXME use a good path-validating regex here (refs #1231)
 				$path = validate($_POST['path'], 'path');

+				$shell = "/bin/false";
+				if (Settings::Get('system.allow_customer_shell') == '1') {
+					$shell = isset($_POST['shell']) ? validate($_POST['shell'], 'shell') : '/bin/false';
+				}
+
 				$_setnewpass = false;
 				if (isset($_POST['ftp_password']) && $_POST['ftp_password'] != '') {
 					$password = validate($_POST['ftp_password'], 'password');
@@ -359,7 +390,8 @@ if ($page == 'overview') {
 				if ($_setnewpass) {
 					if ($password == '') {
 						standard_error(array('stringisempty', 'mypassword'));
-						exit;
+					} elseif ($result['username'] == $password) {
+						standard_error('passwordshouldnotbeusername');
 					}
 					$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account password for '" . $result['username'] . "'");
 					$cryptPassword = makeCryptPassword($password);
@@ -370,21 +402,6 @@ if ($page == 'overview') {
 						AND `id` = :id"
 					);
 					Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id, "password" => $cryptPassword));
-						
-					// also update customers backup user password if password of main ftp user is changed
-					if(!preg_match('/' . $settings['customer']['ftpprefix'] . '/', $result['username'])) {
-						$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
-							SET `password` = :password
-							WHERE `customerid` = :customerid
-							AND `username` = :username"
-						);
-						$params = array(
-							"password" => $cryptPassword,
-							"customerid" => $userinfo['customerid'],
-							"username" => $result['username'] . "_backup"
-						);
-						Database::pexecute($stmt, $params);
-					}
 				}

 				if ($path != '') {
@@ -413,18 +430,27 @@ if ($page == 'overview') {
 					}
 				}

-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				$log->logAction(USR_ACTION, LOG_INFO, "edited ftp-account '" . $result['username'] . "'");
+				$description = validate($_POST['ftp_description'], 'description');
+				$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
+					SET `description` = :desc, `shell` = :shell
+					WHERE `customerid` = :customerid
+					AND `id` = :id"
+				);
+				Database::pexecute($stmt, array("desc" => $description, "shell" => $shell, "customerid" => $userinfo['customerid'], "id" => $id));
+
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
 				if (strpos($result['homedir'], $userinfo['documentroot']) === 0) {
-					$homedir = substr($result['homedir'], strlen($userinfo['documentroot']));
+					$homedir = str_replace($userinfo['documentroot'], "/", $result['homedir']);
 				} else {
 					$homedir = $result['homedir'];
 				}
 				$homedir = makeCorrectDir($homedir);

-				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit'], $homedir);
+				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $homedir);

-				if ($settings['customer']['ftpatdomain'] == '1') {
+				if (Settings::Get('customer.ftpatdomain') == '1') {
 					$domains = '';

 					$result_domains_stmt = Database::prepare("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "`
@@ -437,6 +463,18 @@ if ($page == 'overview') {
 					}
 				}

+				if (Settings::Get('system.allow_customer_shell') == '1') {
+					$shells = makeoption("/bin/false", "/bin/false", $result['shell']);
+					$shells_avail = Settings::Get('system.available_shells');
+					if (!empty($shells_avail)) {
+						$shells_avail = explode(",", $shells_avail);
+						$shells_avail = array_map("trim", $shells_avail);
+						foreach ($shells_avail as $_shell) {
+							$shells .= makeoption($_shell, $_shell, $result['shell']);
+						}
+					}
+				}
+
 				$ftp_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/ftp/formfield.ftp_edit.php';
 				$ftp_edit_form = htmlform::genHTMLForm($ftp_edit_data);

--- a/customer_index.php
+++ b/customer_index.php
@@ -24,7 +24,7 @@ if ($action == 'logout') {
 	$log->logAction(USR_ACTION, LOG_NOTICE, 'logged out');

 	$params = array("customerid" => $userinfo['customerid']);
-	if ($settings['session']['allow_multiple_login'] == '1') {
+	if (Settings::Get('session.allow_multiple_login') == '1') {
 		$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "`
 			WHERE `userid` = :customerid
 			AND `adminsession` = '0'
@@ -40,7 +40,6 @@ if ($action == 'logout') {
 	Database::pexecute($stmt, $params);

 	redirectTo('index.php');
-	exit;
 }

 if ($page == 'overview') {
@@ -79,11 +78,20 @@ if ($page == 'overview') {
 	$yesterday = time() - (60 * 60 * 24);
 	$month = date('M Y', $yesterday);

-	$userinfo['diskspace'] = round($userinfo['diskspace'] / 1024, $settings['panel']['decimal_places']);
-	$userinfo['diskspace_used'] = round($userinfo['diskspace_used'] / 1024, $settings['panel']['decimal_places']);
-	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $settings['panel']['decimal_places']);
-	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'diskspace traffic mysqls emails email_accounts email_forwarders email_quota email_autoresponder ftps tickets subdomains aps_packages');
+	// get disk-space usages for web, mysql and mail
+	$usages_stmt = Database::prepare("SELECT * FROM `".TABLE_PANEL_DISKSPACE."` WHERE `customerid` = :cid ORDER BY `stamp` DESC LIMIT 1");
+	$usages = Database::pexecute_first($usages_stmt, array('cid' => $userinfo['customerid']));
+
+	$userinfo['diskspace'] = round($userinfo['diskspace'] / 1024, Settings::Get('panel.decimal_places'));
+	$userinfo['diskspace_used'] = round($usages['webspace'] / 1024, Settings::Get('panel.decimal_places'));
+	$userinfo['mailspace_used'] = round($usages['mail'] / 1024, Settings::Get('panel.decimal_places'));
+	$userinfo['dbspace_used'] = round($usages['mysql'] / 1024, Settings::Get('panel.decimal_places'));
+
+	$userinfo['traffic'] = round($userinfo['traffic'] / (1024 * 1024), Settings::Get('panel.decimal_places'));
+	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), Settings::Get('panel.decimal_places'));
+	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps tickets subdomains');
+
+	$userinfo['custom_notes'] = ($userinfo['custom_notes'] != '') ? nl2br($userinfo['custom_notes']) : '';

 	$services_enabled = "";
 	$se = array();
@@ -91,16 +99,14 @@ if ($page == 'overview') {
 	if ($userinfo['pop3'] == '1') $se[] = "POP3";
 	if ($userinfo['phpenabled'] == '1') $se[] = "PHP";
 	if ($userinfo['perlenabled'] == '1') $se[] = "Perl/CGI";
-	if ($userinfo['backup_enabled'] == '1' && $userinfo['backup_allowed'] == '1') $se[] = "Backup";
 	$services_enabled = implode(", ", $se);

 	eval("echo \"" . getTemplate('index/index') . "\";");
 } elseif ($page == 'change_password') {
 	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$old_password = validate($_POST['old_password'], 'old password');
-		if (md5($old_password) != $userinfo['password']) {
+		if (!validatePasswordLogin($userinfo,$old_password,TABLE_PANEL_CUSTOMERS,'customerid')) {
 			standard_error('oldpasswordnotcorrect');
-			exit;
 		}

 		$new_password = validatePassword($_POST['new_password'], 'new password');
@@ -118,13 +124,11 @@ if ($page == 'overview') {
 			// Update user password
 			$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
 				SET `password` = :newpassword
-				WHERE `customerid` = :customerid
-				AND `password` = :oldpassword"
+				WHERE `customerid` = :customerid"
 			);
 			$params = array(
-				"newpassword" => md5($new_password),
-				"customerid" => $userinfo['customerid'],
-				"oldpassword" => md5($old_password)
+				"newpassword" => makeCryptPassword($new_password),
+				"customerid" => $userinfo['customerid']
 			);
 			Database::pexecute($stmt, $params);
 			$log->logAction(USR_ACTION, LOG_NOTICE, 'changed password');
@@ -168,7 +172,7 @@ if ($page == 'overview') {
 				Database::pexecute($stmt, $params);
 			}

-			redirectTo($filename, Array('s' => $s));
+			redirectTo($filename, array('s' => $s));
 		}
 	} else {
 		eval("echo \"" . getTemplate('index/change_password') . "\";");
@@ -192,9 +196,9 @@ if ($page == 'overview') {
 			$log->logAction(USR_ACTION, LOG_NOTICE, "changed default language to '" . $def_language . "'");
 		}

-		redirectTo($filename, Array('s' => $s));
+		redirectTo($filename, array('s' => $s));
 	} else {
-		$default_lang = $settings['panel']['standardlanguage'];
+		$default_lang = Settings::Get('panel.standardlanguage');
 		if ($userinfo['def_language'] != '') {
 			$default_lang = $userinfo['def_language'];
 		}
@@ -223,30 +227,26 @@ if ($page == 'overview') {
 		Database::pexecute($stmt, array("theme" => $theme, "hash" => $s));

 		$log->logAction(USR_ACTION, LOG_NOTICE, "changed default theme to '" . $theme . "'");
-		redirectTo($filename, Array('s' => $s));
+		redirectTo($filename, array('s' => $s));
 	} else {
-		$default_theme = $settings['panel']['default_theme'];
+		$default_theme = Settings::Get('panel.default_theme');
 		if ($userinfo['theme'] != '') {
 			$default_theme = $userinfo['theme'];
 		}

 		$theme_options = '';
 		$themes_avail = getThemes();
-		foreach ($themes_avail as $t) {
-			$theme_options .= makeoption($t, $t, $default_theme, true);
+		foreach ($themes_avail as $t => $d) {
+			$theme_options.= makeoption($d, $t, $default_theme, true);
 		}

 		eval("echo \"" . getTemplate('index/change_theme') . "\";");
 	}

-} elseif ($page == 'send_error_report'
-	&& $settings['system']['allow_error_report_customer'] == '1'
-) {
+} elseif ($page == 'send_error_report' && Settings::Get('system.allow_error_report_customer') == '1') {

 	// only show this if we really have an exception to report
-	if (isset($_GET['errorid'])
-			&& $_GET['errorid'] != ''
-	) {
+	if (isset($_GET['errorid']) && $_GET['errorid'] != '') {

 		$errid = $_GET['errorid'];
 		// read error file
@@ -274,7 +274,8 @@ if ($page == 'overview') {
 			$mail_body .= "File: ".$_error['file'].':'.$_error['line']."\n\n";
 			$mail_body .= "Trace:\n".trim($_error['trace'])."\n\n";
 			$mail_body .= "-------------------------------------------------------------\n\n";
-			$mail_body .= "Froxlor-version: ".$version."\n\n";
+			$mail_body .= "Froxlor-version: ".$version."\n";
+			$mail_body .= "DB-version: ".$dbversion."\n\n";
 			$mail_body .= "End of report";
 			$mail_html = str_replace("\n", "<br />", $mail_body);

--- a/customer_logger.php
+++ b/customer_logger.php
@@ -0,0 +1,122 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Panel
+ *
+ */
+
+define('AREA', 'customer');
+require './lib/init.php';
+
+// redirect if this customer page is hidden via settings
+if (Settings::IsInList('panel.customer_hide_options','extras.logger')) {
+	redirectTo('customer_index.php');
+}
+
+if ($page == 'log'
+) {
+	if ($action == '') {
+		$fields = array(
+			'date' => $lng['logger']['date'],
+			'type' => $lng['logger']['type'],
+			'user' => $lng['logger']['user'],
+			'text' => $lng['logger']['action']
+		);
+		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc');
+		$result_stmt = Database::prepare('
+			SELECT * FROM `' . TABLE_PANEL_LOG . '` WHERE `user` = :loginname ' . $paging->getSqlWhere(true) . ' ' . $paging->getSqlOrderBy() . ' ' . $paging->getSqlLimit()
+		);
+		Database::pexecute($result_stmt, array("loginname" => $userinfo['loginname']));
+		$logs_count = Database::num_rows();
+		$paging->setEntries($logs_count);
+		$sortcode = $paging->getHtmlSortCode($lng);
+		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
+		$searchcode = $paging->getHtmlSearchCode($lng);
+		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
+		$clog = array();
+
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+
+			if (!isset($clog[$row['action']])
+				|| !is_array($clog[$row['action']])
+			) {
+				$clog[$row['action']] = array();
+			}
+			$clog[$row['action']][$row['logid']] = $row;
+		}
+
+		if ($paging->sortfield == 'date'
+			&& $paging->sortorder == 'desc'
+		) {
+			krsort($clog);
+		} else {
+			ksort($clog);
+		}
+
+		$i = 0;
+		$count = 0;
+		$log_count = 0;
+		$log = '';
+		foreach ($clog as $action => $logrows) {
+			$_action = 0;
+			foreach ($logrows as $row) {
+				if ($paging->checkDisplay($i)) {
+					$row = htmlentities_array($row);
+					$row['date'] = date("d.m.y H:i:s", $row['date']);
+
+					if ($_action != $action) {
+						switch ($action) {
+							case USR_ACTION:
+								$_action = $lng['admin']['customer'];
+								break;
+							case RES_ACTION:
+								$_action = $lng['logger']['reseller'];
+								break;
+							case ADM_ACTION:
+								$_action = $lng['logger']['admin'];
+								break;
+							case CRON_ACTION:
+								$_action = $lng['logger']['cron'];
+								break;
+							case LOGIN_ACTION:
+								$_action = $lng['logger']['login'];
+								break;
+							case LOG_ERROR:
+								$_action = $lng['logger']['intern'];
+								break;
+							default:
+								$_action = $lng['logger']['unknown'];
+								break;
+						}
+
+						$row['action'] = $_action;
+						eval("\$log.=\"" . getTemplate('logger/logger_action') . "\";");
+					}
+
+					$log_count++;
+					$row['type'] = getLogLevelDesc($row['type']);
+					eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";");
+					$count++;
+					$_action = $action;
+				}
+				$i++;
+			}
+			$i++;
+		}
+
+		eval("echo \"" . getTemplate('logger/logger') . "\";");
+
+	}
+}
--- a/customer_mysql.php
+++ b/customer_mysql.php
@@ -20,6 +20,11 @@
 define('AREA', 'customer');
 require './lib/init.php';

+// redirect if this customer page is hidden via settings
+if (Settings::IsInList('panel.customer_hide_options','mysql')) {
+	redirectTo('customer_index.php');
+}
+
 // get sql-root access data
 Database::needRoot(true);
 Database::needSqlData();
@@ -45,7 +50,7 @@ if ($page == 'overview') {
 			'databasename' => $lng['mysql']['databasename'],
 			'description' => $lng['mysql']['databasedescription']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_DATABASES, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_DATABASES, $fields);
 		$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DATABASES . "`
 			WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
 		);
@@ -76,7 +81,7 @@ if ($page == 'overview') {
 				);
 				Database::pexecute($mbdata_stmt, array("table_schema" => $row['databasename']));
 				$mbdata = $mbdata_stmt->fetch(PDO::FETCH_ASSOC);
-				$row['size'] = size_readable($mbdata['MB'], 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
+				$row['size'] = size_readable($mbdata['MB'], 'GiB', 'bi', '%01.' . (int)Settings::Get('panel.decimal_places') . 'f %s');
 				eval("\$mysqls.=\"" . getTemplate('mysql/mysqls_database') . "\";");
 				$count++;
 			}
@@ -109,7 +114,7 @@ if ($page == 'overview') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				// Begin root-session
 				Database::needRoot(true, $result['dbserver']);
-				$dbm = new DbManager($settings, $log);
+				$dbm = new DbManager($log);
 				$dbm->getManager()->deleteDatabase($result['databasename']);
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted database '" . $result['databasename'] . "'");
 				Database::needRoot(false);
@@ -171,13 +176,18 @@ if ($page == 'overview') {
 					$databasedescription = validate(trim($_POST['description']), 'description');

 					// create database, user, set permissions, etc.pp.
-					$dbm = new DbManager($settings, $log);
+					$dbm = new DbManager($log);
 					$username = $dbm->createDatabase(
 						$userinfo['loginname'],
 						$password,
 						$userinfo['mysql_lastaccountnumber']
 					);

+					// we've checked against the password in dbm->createDatabase
+					if ($username == false) {
+						standard_error('passwordshouldnotbeusername');
+					}
+
 					// Statement modified for Database description -- PH 2004-11-29
 					$stmt = Database::prepare('INSERT INTO `' . TABLE_PANEL_DATABASES . '`
 						(`customerid`, `databasename`, `description`, `dbserver`)
@@ -199,8 +209,8 @@ if ($page == 'overview') {

 					if ($sendinfomail == 1) {
 						$pma = $lng['admin']['notgiven'];
-						if ($settings['panel']['phpmyadmin_url'] != '') {
-							$pma = $settings['panel']['phpmyadmin_url'];
+						if (Settings::Get('panel.phpmyadmin_url') != '') {
+							$pma = Settings::Get('panel.phpmyadmin_url');
 						}

 						Database::needRoot(true, $dbserver);
@@ -214,7 +224,7 @@ if ($page == 'overview') {
 							'DB_NAME' => $username,
 							'DB_PASS' => $password,
 							'DB_DESC' => $databasedescription,
-							'DB_SRV' => $sql_root['caption'],
+							'DB_SRV' => $sql_root['host'],
 							'PMA_URI' => $pma
 						);

@@ -227,7 +237,7 @@ if ($page == 'overview') {
 						);
 						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
 						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['mysql_add']['infomail_subject']), $replace_arr));
+						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_database_by_customer']['subject']), $replace_arr));

 						$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
 							WHERE `adminid`= :adminid
@@ -237,7 +247,7 @@ if ($page == 'overview') {
 						);
 						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
 						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['mysql_add']['infomail_body']['main']), $replace_arr));
+						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_database_by_customer']['mailbody']), $replace_arr));

 						$_mailerror = false;
 						try {
@@ -262,7 +272,7 @@ if ($page == 'overview') {
 						$mail->ClearAddresses();
 					}

-					redirectTo($filename, Array('page' => $page, 's' => $s));
+					redirectTo($filename, array('page' => $page, 's' => $s));
 				}
 			} else {

@@ -307,9 +317,13 @@ if ($page == 'overview') {
 					// validate password
 					$password = validatePassword($password);

+					if ($password == $result['databasename']) {
+						standard_error('passwordshouldnotbeusername');
+					}
+
 					// Begin root-session
 					Database::needRoot(true);
-					foreach (array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host) {
+					foreach (array_map('trim', explode(',', Settings::Get('system.mysql_access_host'))) as $mysql_access_host) {
 						$stmt = Database::prepare("SET PASSWORD FOR :dbname@:host = PASSWORD(:password)");
 						$params = array(
 							"dbname" => $result['databasename'],
@@ -334,7 +348,7 @@ if ($page == 'overview') {
 					AND `id` = :id"
 				);
 				Database::pexecute($stmt, array("desc" => $databasedescription, "customerid" => $userinfo['customerid'], "id" => $id));
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {

 				$dbservers_stmt = Database::query("SELECT COUNT(DISTINCT `dbserver`) as numservers FROM `".TABLE_PANEL_DATABASES."`");
--- a/customer_tickets.php
+++ b/customer_tickets.php
@@ -20,6 +20,11 @@
 define('AREA', 'customer');
 require './lib/init.php';

+// redirect if this customer page is hidden via settings
+if (Settings::IsInList('panel.customer_hide_options','domains')) {
+	redirectTo('customer_index.php');
+}
+
 if (isset($_POST['id'])) {

 	$id = intval($_POST['id']);
@@ -48,7 +53,7 @@ if($page == 'overview') {
 			'subject' => $lng['ticket']['subject'],
 			'lastreplier' => $lng['ticket']['lastreplier']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_TICKETS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
+		$paging = new paging($userinfo, TABLE_PANEL_TICKETS, $fields);
 		$stmt = Database::prepare('SELECT `main`.`id`, (SELECT COUNT(`sub`.`id`) FROM `' . TABLE_PANEL_TICKETS . '` `sub`
 			WHERE `sub`.`answerto` = `main`.`id`) AS `ticket_answers`, `main`.`lastchange`, `main`.`subject`, `main`.`status`, `main`.`lastreplier`, `main`.`priority`
 			FROM `' . TABLE_PANEL_TICKETS . '` as `main`
@@ -92,8 +97,10 @@ if($page == 'overview') {
 				}

 				$row['subject'] = html_entity_decode($row['subject']);
-				if(strlen($row['subject']) > 20) {
-					$row['subject'] = substr($row['subject'], 0, 17) . '...';
+				if (strlen($row['subject']) > 30) {
+					$ts = wordwrap($row['subject'], 30, "|");
+					$ts = explode("|", $ts);
+					$row['subject'] = $ts[0]. '...';
 				}

 				eval("\$tickets.=\"" . getTemplate("tickets/tickets_tickets") . "\";");
@@ -106,22 +113,22 @@ if($page == 'overview') {
 		$supportavailable = 0;
 		$time = date("Hi", time());
 		$day = date("w", time());
-		$start = substr($settings['ticket']['worktime_begin'], 0, 2) . substr($settings['ticket']['worktime_begin'], 3, 2);
-		$end = substr($settings['ticket']['worktime_end'], 0, 2) . substr($settings['ticket']['worktime_end'], 3, 2);
+		$start = substr(Settings::Get('ticket.worktime_begin'), 0, 2) . substr(Settings::Get('ticket.worktime_begin'), 3, 2);
+		$end = substr(Settings::Get('ticket.worktime_end'), 0, 2) . substr(Settings::Get('ticket.worktime_end'), 3, 2);

 		if ($time >= $start && $time <= $end) {
 			$supportavailable = 1;
 		}

-		if($settings['ticket']['worktime_sat'] == "0" && $day == "6") {
+		if (Settings::Get('ticket.worktime_sat') == "0" && $day == "6") {
 			$supportavailable = 0;
 		}

-		if($settings['ticket']['worktime_sun'] == "0" && $day == "0") {
+		if (Settings::Get('ticket.worktime_sun') == "0" && $day == "0") {
 			$supportavailable = 0;
 		}

-		if($settings['ticket']['worktime_all'] == "1") {
+		if (Settings::Get('ticket.worktime_all') == "1") {
 			$supportavailable = 1;
 		}

@@ -133,8 +140,8 @@ if($page == 'overview') {
 		);
 		$opentickets = Database::pexecute_first($stmt, array("customerid" => $userinfo['customerid']));

-		if($settings['ticket']['concurrently_open'] != - 1 && $settings['ticket']['concurrently_open'] != '') {
-			$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => $settings['ticket']['concurrently_open']));
+		if (Settings::Get('ticket.concurrently_open') != - 1 && Settings::Get('ticket.concurrently_open') != '') {
+			$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => Settings::Get('ticket.concurrently_open')));
 		} else {
 			$notmorethanxopentickets = '';
 		}
@@ -145,7 +152,7 @@ if($page == 'overview') {
 	} elseif ($action == 'new') {
 		if ($userinfo['tickets_used'] < $userinfo['tickets'] || $userinfo['tickets'] == '-1') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
-				$newticket = ticket::getInstanceOf($userinfo, $settings, -1);
+				$newticket = ticket::getInstanceOf($userinfo, -1);
 				$newticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 				$newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 				$newticket->Set('category', validate($_POST['category'], 'category'), true, false);
@@ -203,9 +210,9 @@ if($page == 'overview') {
 					$categories = makeoption($lng['ticket']['no_cat'], '0');
 				}

-				$priorities = makeoption($lng['ticket']['high'], '1', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['normal'], '2', $settings['ticket']['default_priority']);
-				$priorities.= makeoption($lng['ticket']['low'], '3', $settings['ticket']['default_priority']);
+				$priorities = makeoption($lng['ticket']['high'], '1');
+				$priorities.= makeoption($lng['ticket']['normal'], '2');
+				$priorities.= makeoption($lng['ticket']['low'], '3');
 				$ticketsopen = 0;
 				$opentickets_stmt = Database::prepare('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
 					WHERE `customerid` = :customerid
@@ -214,10 +221,8 @@ if($page == 'overview') {
 				);
 				$opentickets = Database::pexecute_first($opentickets_stmt, array("customerid" => $userinfo['customerid']));

-				if ($settings['ticket']['concurrently_open'] != - 1
-					&& $settings['ticket']['concurrently_open'] != ''
-				) {
-					$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => $settings['ticket']['concurrently_open']));
+				if (Settings::Get('ticket.concurrently_open') != -1 && Settings::Get('ticket.concurrently_open') != '') {
+					$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => Settings::Get('ticket.concurrently_open')));
 				} else {
 					$notmorethanxopentickets = '';
 				}
@@ -237,7 +242,7 @@ if($page == 'overview') {
 		}
 	} elseif ($action == 'answer' && $id != 0) {
 		if (isset($_POST['send']) && $_POST['send'] == 'send') {
-			$replyticket = ticket::getInstanceOf($userinfo, $settings, -1);
+			$replyticket = ticket::getInstanceOf($userinfo, -1);
 			$replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 			$replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 			$replyticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);
@@ -255,7 +260,7 @@ if($page == 'overview') {
 				$replyticket->Insert();

 				// Update priority if changed
-				$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+				$mainticket = ticket::getInstanceOf($userinfo, (int)$id);

 				if ($replyticket->Get('priority') != $mainticket->Get('priority')) {
 					$mainticket->Set('priority', $replyticket->Get('priority'), true);
@@ -267,11 +272,11 @@ if($page == 'overview') {
 				$mainticket->Update();
 				$log->logAction(USR_ACTION, LOG_NOTICE, "answered support-ticket '" . $mainticket->Get('subject') . "'");
 				$mainticket->sendMail(-1, 'new_reply_ticket_by_customer_subject', $lng['mails']['new_reply_ticket_by_customer']['subject'], 'new_reply_ticket_by_customer_mailbody', $lng['mails']['new_reply_ticket_by_customer']['mailbody']);
-				redirectTo($filename, Array('page' => $page, 's' => $s));
+				redirectTo($filename, array('page' => $page, 's' => $s));
 			}
 		} else {
 			$ticket_replies = '';
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
 			$status = ticket::getStatusText($lng, $mainticket->Get('status'));

@@ -309,17 +314,26 @@ if($page == 'overview') {
 			$numrows_andere = Database::num_rows();

 			while ($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) {
-				$subticket = ticket::getInstanceOf($userinfo, $settings, (int)$row2['id']);
+				$subticket = ticket::getInstanceOf($userinfo, (int)$row2['id']);
 				$lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange'));

 				if ($subticket->Get('by') == '1') {
 					$by = $lng['ticket']['staff'];
 				} else {
+					$cid = $subticket->Get('customer');
+					$usr_stmt = Database::prepare('
+						SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
+						FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						WHERE `customerid` = :customerid '
+					);
+					$usr = Database::pexecute_first($usr_stmt, array("customerid" => $cid));
 					$by = getCorrectFullUserDetails($usr);
 				}

 				$subject = $subticket->Get('subject');
 				$message = $subticket->Get('message');
+
+				$row2 = htmlentities_array($row2);
 				eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_list") . "\";");
 			}

@@ -341,15 +355,15 @@ if($page == 'overview') {
 	} elseif ($action == 'close' && $id != 0) {
 		if (isset($_POST['send']) && $_POST['send'] == 'send') {
 			$now = time();
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			$mainticket->Set('lastchange', $now, true, true);
 			$mainticket->Set('lastreplier', '0', true, true);
 			$mainticket->Set('status', '3', true, true);
 			$mainticket->Update();
 			$log->logAction(USR_ACTION, LOG_NOTICE, "closed support-ticket '" . $mainticket->Get('subject') . "'");
-			redirectTo($filename, Array('page' => $page, 's' => $s));
+			redirectTo($filename, array('page' => $page, 's' => $s));
 		} else {
-			$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 			ask_yesno('ticket_reallyclose', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}
 	} elseif ($action == 'reopen' && $id != 0) {
@@ -362,12 +376,12 @@ if($page == 'overview') {
 		$opentickets = Database::pexecute_first($opentickets_stmt, array("customerid" => $userinfo['customerid']));
 		$ticketsopen = (int)$opentickets['count'];

-		if($ticketsopen > $settings['ticket']['concurrently_open'] && $settings['ticket']['concurrently_open'] != - 1 && $settings['ticket']['concurrently_open'] != '') {
-			standard_error('notmorethanxopentickets', $settings['ticket']['concurrently_open']);
+		if ($ticketsopen > Settings::Get('ticket.concurrently_open') && Settings::Get('ticket.concurrently_open') != - 1 && Settings::Get('ticket.concurrently_open') != '') {
+			standard_error('notmorethanxopentickets', Settings::Get('ticket.concurrently_open'));
 		}

 		$now = time();
-		$mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id);
+		$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
 		$mainticket->Set('lastchange', $now, true, true);
 		$mainticket->Set('lastreplier', '0', true, true);
 		$mainticket->Set('status', '0', true, true);
--- a/customer_traffic.php
+++ b/customer_traffic.php
@@ -20,6 +20,12 @@
 define('AREA', 'customer');
 $intrafficpage = 1;
 require './lib/init.php';
+
+// redirect if this customer page is hidden via settings
+if (Settings::IsInList('panel.customer_hide_options','traffic')) {
+	redirectTo('customer_index.php');
+}
+
 $traffic = '';
 $month = null;
 $year = null;
@@ -55,7 +61,7 @@ if (!is_null($month) && !is_null($year)) {
 		AND `month` = :month
 		AND `year` = :year
 		GROUP BY `day`
-		ORDER BY `day` ASC"
+		ORDER BY `day` DESC"
 	);
 	$params = array(
 		"customerid" => $userinfo['customerid'],
@@ -79,38 +85,37 @@ if (!is_null($month) && !is_null($year)) {
 		$traf['day'] = $row['day'] . '.';

 		if (extension_loaded('bcmath')) {
-			$traf['ftptext'] = bcdiv($row['ftp_up'], 1024, $settings['panel']['decimal_places']) . " MiB up/ " . bcdiv($row['ftp_down'], 1024, $settings['panel']['decimal_places']) . " MiB down (FTP)";
-			$traf['httptext'] = bcdiv($http, 1024, $settings['panel']['decimal_places']) . " MiB (HTTP)";
-			$traf['mailtext'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']) . " MiB (Mail)";
-			$traf['ftp'] = bcdiv($ftp, 1024, $settings['panel']['decimal_places']);
-			$traf['http'] = bcdiv($http, 1024, $settings['panel']['decimal_places']);
-			$traf['mail'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']);
-			$traf['byte'] = bcdiv($traf['byte'], 1024, $settings['panel']['decimal_places']);
+			$traf['ftptext'] = bcdiv($row['ftp_up'], 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . bcdiv($row['ftp_down'], 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
+			$traf['httptext'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
+			$traf['mailtext'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
+			$traf['ftp'] = bcdiv($ftp, 1024, Settings::Get('panel.decimal_places'));
+			$traf['http'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places'));
+			$traf['mail'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places'));
+			$traf['byte'] = bcdiv($traf['byte'], 1024, Settings::Get('panel.decimal_places'));
 		} else {
-			$traf['ftptext'] = round($row['ftp_up'] / 1024, $settings['panel']['decimal_places']) . " MiB up/ " . round($row['ftp_down'] / 1024, $settings['panel']['decimal_places']) . " MiB down (FTP)";
-			$traf['httptext'] = round($http / 1024, $settings['panel']['decimal_places']) . " MiB (HTTP)";
-			$traf['mailtext'] = round($mail / 1024, $settings['panel']['decimal_places']) . " MiB (Mail)";
-			$traf['http'] = round($http, $settings['panel']['decimal_places']);
-			$traf['ftp'] = round($ftp, $settings['panel']['decimal_places']);
-			$traf['mail'] = round($mail, $settings['panel']['decimal_places']);
-			$traf['byte'] = round($traf['byte'] / 1024, $settings['panel']['decimal_places']);
+			$traf['ftptext'] = round($row['ftp_up'] / 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . round($row['ftp_down'] / 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
+			$traf['httptext'] = round($http / 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
+			$traf['mailtext'] = round($mail / 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
+			$traf['http'] = round($http, Settings::Get('panel.decimal_places'));
+			$traf['ftp'] = round($ftp, Settings::Get('panel.decimal_places'));
+			$traf['mail'] = round($mail, Settings::Get('panel.decimal_places'));
+			$traf['byte'] = round($traf['byte'] / 1024, Settings::Get('panel.decimal_places'));
 		}

 		eval("\$traffic.=\"" . getTemplate('traffic/traffic_month') . "\";");
 		$show = $lng['traffic']['months'][intval($row['month'])] . ' ' . $row['year'];
 	}

-	$traffic_complete['http'] = size_readable($traffic_complete['http'] * 1024, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
-	$traffic_complete['ftp'] = size_readable($traffic_complete['ftp'] * 1024, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
-	$traffic_complete['mail'] = size_readable($traffic_complete['mail'] * 1024, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
+	$traffic_complete['http'] = size_readable($traffic_complete['http'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
+	$traffic_complete['ftp'] = size_readable($traffic_complete['ftp'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
+	$traffic_complete['mail'] = size_readable($traffic_complete['mail'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');

 	eval("echo \"" . getTemplate('traffic/traffic_details') . "\";");
 } else {
 	$result_stmt = Database::prepare("SELECT `month`, `year`, SUM(`http`) AS http, SUM(`ftp_up`) AS ftp_up, SUM(`ftp_down`) AS ftp_down, SUM(`mail`) AS mail
 		FROM `" . TABLE_PANEL_TRAFFIC . "`
 		WHERE `customerid` = :customerid
-		GROUP BY CONCAT(`year`,`month`)
-		ORDER BY CONCAT(`year`,`month`) DESC
+		GROUP BY `year` DESC, `month` DESC
 		LIMIT 12"
 	);
 	Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
@@ -132,29 +137,29 @@ if (!is_null($month) && !is_null($year)) {
 		$traf['byte'] = $http + $ftp_up + $ftp_down + $mail;

 		if (extension_loaded('bcmath')) {
-			$traf['ftptext'] = bcdiv($ftp_up, 1024, $settings['panel']['decimal_places']) . " MiB up/ " . bcdiv($ftp_down, 1024, $settings['panel']['decimal_places']) . " MiB down (FTP)";
-			$traf['httptext'] = bcdiv($http, 1024, $settings['panel']['decimal_places']) . " MiB (HTTP)";
-			$traf['mailtext'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']) . " MiB (Mail)";
-			$traf['ftp'] = bcdiv(($ftp_up + $ftp_down), 1024, $settings['panel']['decimal_places']);
-			$traf['http'] = bcdiv($http, 1024, $settings['panel']['decimal_places']);
-			$traf['mail'] = bcdiv($mail, 1024, $settings['panel']['decimal_places']);
-			$traf['byte'] = bcdiv($traf['byte'], 1024 * 1024, $settings['panel']['decimal_places']);
+			$traf['ftptext'] = bcdiv($ftp_up, 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . bcdiv($ftp_down, 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
+			$traf['httptext'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
+			$traf['mailtext'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
+			$traf['ftp'] = bcdiv(($ftp_up + $ftp_down), 1024, Settings::Get('panel.decimal_places'));
+			$traf['http'] = bcdiv($http, 1024, Settings::Get('panel.decimal_places'));
+			$traf['mail'] = bcdiv($mail, 1024, Settings::Get('panel.decimal_places'));
+			$traf['byte'] = bcdiv($traf['byte'], 1024 * 1024, Settings::Get('panel.decimal_places'));
 		} else {
-			$traf['ftptext'] = round($ftp_up / 1024, $settings['panel']['decimal_places']) . " MiB up/ " . round($ftp_down / 1024, $settings['panel']['decimal_places']) . " MiB down (FTP)";
-			$traf['httptext'] = round($http / 1024, $settings['panel']['decimal_places']) . " MiB (HTTP)";
-			$traf['mailtext'] = round($mail / 1024, $settings['panel']['decimal_places']) . " MiB (Mail)";
-			$traf['ftp'] = round(($ftp_up + $ftp_down) / 1024, $settings['panel']['decimal_places']);
-			$traf['http'] = round($http / 1024, $settings['panel']['decimal_places']);
-			$traf['mail'] = round($mail / 1024, $settings['panel']['decimal_places']);
-			$traf['byte'] = round($traf['byte'] / (1024 * 1024), $settings['panel']['decimal_places']);
+			$traf['ftptext'] = round($ftp_up / 1024, Settings::Get('panel.decimal_places')) . " MiB up/ " . round($ftp_down / 1024, Settings::Get('panel.decimal_places')) . " MiB down (FTP)";
+			$traf['httptext'] = round($http / 1024, Settings::Get('panel.decimal_places')) . " MiB (HTTP)";
+			$traf['mailtext'] = round($mail / 1024, Settings::Get('panel.decimal_places')) . " MiB (Mail)";
+			$traf['ftp'] = round(($ftp_up + $ftp_down) / 1024, Settings::Get('panel.decimal_places'));
+			$traf['http'] = round($http / 1024, Settings::Get('panel.decimal_places'));
+			$traf['mail'] = round($mail / 1024, Settings::Get('panel.decimal_places'));
+			$traf['byte'] = round($traf['byte'] / (1024 * 1024), Settings::Get('panel.decimal_places'));
 		}

 		eval("\$traffic.=\"" . getTemplate('traffic/traffic_traffic') . "\";");
 	}

-	$traffic_complete['http'] = size_readable($traffic_complete['http'] * 1024, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
-	$traffic_complete['ftp'] = size_readable($traffic_complete['ftp'] * 1024, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
-	$traffic_complete['mail'] = size_readable($traffic_complete['mail'] * 1024, 'GiB', 'bi', '%01.'.(int)$settings['panel']['decimal_places'].'f %s');
+	$traffic_complete['http'] = size_readable($traffic_complete['http'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
+	$traffic_complete['ftp'] = size_readable($traffic_complete['ftp'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
+	$traffic_complete['mail'] = size_readable($traffic_complete['mail'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');

 	eval("echo \"" . getTemplate('traffic/traffic') . "\";");
 }
--- a/dns_editor.php
+++ b/dns_editor.php
@@ -0,0 +1,306 @@
+<?php
+if (! defined('AREA'))
+	die('You cannot access this file directly!');
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2016 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright (c) the authors
+ * @author Froxlor team <team@froxlor.org> (2016-)
+ * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package Panel
+ *
+ */
+
+// This file is being included in admin_domains and customer_domains
+	// and therefore does not need to require lib/init.php
+
+$domain_id = isset($_GET['domain_id']) ? (int) $_GET['domain_id'] : null;
+
+$record = isset($_POST['record']['record']) ? trim($_POST['record']['record']) : null;
+$type = isset($_POST['record']['type']) ? $_POST['record']['type'] : 'A';
+$prio = isset($_POST['record']['prio']) ? (int) $_POST['record']['prio'] : null;
+$content = isset($_POST['record']['content']) ? trim($_POST['record']['content']) : null;
+$ttl = isset($_POST['record']['ttl']) ? (int) $_POST['record']['ttl'] : 18000;
+
+// get domain-name
+$domain = getAllowedDomainEntry($domain_id, AREA, $userinfo, $idna_convert);
+
+// select all entries
+$sel_stmt = Database::prepare("SELECT * FROM `" . TABLE_DOMAIN_DNS . "` WHERE domain_id = :did");
+Database::pexecute($sel_stmt, array(
+	'did' => $domain_id
+));
+$dom_entries = $sel_stmt->fetchAll(PDO::FETCH_ASSOC);
+
+$errors = array();
+$success_message = "";
+
+// action for adding a new entry
+if ($action == 'add_record' && ! empty($_POST)) {
+
+	// validation
+	if (empty($record)) {
+		$record = "@";
+	}
+
+	$record = strtolower($record);
+
+	if ($record != '@' && $record != '*') {
+		// validate record
+		if (strpos($record, '--') !== false) {
+			$errors[] = $lng['error']['domain_nopunycode'];
+		} else {
+			$record = $idna_convert->encode($record);
+			if ($type != 'SRV' && $type != 'TXT') {
+				$check_dom = $record . '.example.com';
+				if (! validateDomain($check_dom)) {
+					$errors[] = sprintf($lng['error']['subdomainiswrong'], $idna_convert->decode($record));
+				}
+			}
+			if (strlen($record) > 63) {
+				$errors[] = $lng['error']['dns_record_toolong'];
+			}
+		}
+	}
+
+	// TODO regex validate content for invalid characters
+
+	if ($ttl <= 0) {
+		$ttl = 18000;
+	}
+
+	if (empty($content)) {
+		$errors[] = $lng['error']['dns_content_empty'];
+	}
+
+	// types
+	if ($type == 'A' && filter_var($content, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === false) {
+		$errors[] = $lng['error']['dns_arec_noipv4'];
+	} elseif ($type == 'AAAA' && filter_var($content, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false) {
+		$errors[] = $lng['error']['dns_aaaarec_noipv6'];
+	} elseif ($type == 'MX') {
+		if ($prio === null || $prio < 0) {
+			$errors[] = $lng['error']['dns_mx_prioempty'];
+		}
+		// check for trailing dot
+		if (substr($content, - 1) == '.') {
+			// remove it for checks
+			$content = substr($content, 0, - 1);
+		}
+		if (! validateDomain($content)) {
+			$errors[] = $lng['error']['dns_mx_needdom'];
+		} else {
+			// check whether there is a CNAME-record for the same resource
+			foreach ($dom_entries as $existing_entries) {
+				$fqdn = $existing_entries['record'] . '.' . $domain;
+				if ($existing_entries['type'] == 'CNAME' && $fqdn == $content) {
+					$errors[] = $lng['error']['dns_mx_noalias'];
+					break;
+				}
+			}
+		}
+		// append trailing dot (again)
+		$content .= '.';
+	} elseif ($type == 'CNAME') {
+		// check for trailing dot
+		if (substr($content, - 1) == '.') {
+			// remove it for checks
+			$content = substr($content, 0, - 1);
+		}
+		if (! validateDomain($content)) {
+			$errors[] = $lng['error']['dns_cname_invaliddom'];
+		} else {
+			// check whether there are RR-records for the same resource
+			foreach ($dom_entries as $existing_entries) {
+				if (($existing_entries['type'] == 'A' || $existing_entries['type'] == 'AAAA' || $existing_entries['type'] == 'MX' || $existing_entries['type'] == 'NS') && $existing_entries['record'] == $record) {
+					$errors[] = $lng['error']['dns_cname_nomorerr'];
+					break;
+				}
+			}
+		}
+		// append trailing dot (again)
+		$content .= '.';
+	} elseif ($type == 'NS') {
+		// check for trailing dot
+		if (substr($content, - 1) == '.') {
+			// remove it for checks
+			$content = substr($content, 0, - 1);
+		}
+		if (! validateDomain($content)) {
+			$errors[] = $lng['error']['dns_ns_invaliddom'];
+		}
+		// append trailing dot (again)
+		$content .= '.';
+	} elseif ($type == 'TXT' && ! empty($content)) {
+		// check that TXT content is enclosed in " "
+		$content = encloseTXTContent($content);
+	} elseif ($type == 'SRV') {
+		if ($prio === null || $prio < 0) {
+			$errors[] = $lng['error']['dns_srv_prioempty'];
+		}
+		// check only last part of content, as it can look like:
+		// _service._proto.name. TTL class SRV priority weight port target.
+		$_split_content = explode(" ", $content);
+		// SRV content must be [weight] [port] [target]
+		if (count($_split_content) != 3) {
+			$errors[] = $lng['error']['dns_srv_invalidcontent'];
+		}
+		$target = trim($_split_content[count($_split_content) - 1]);
+		if ($target != '.') {
+			// check for trailing dot
+			if (substr($target, - 1) == '.') {
+				// remove it for checks
+				$target = substr($target, 0, - 1);
+			}
+		}
+		if ($target != '.' && ! validateDomain($target)) {
+			$errors[] = $lng['error']['dns_srv_needdom'];
+		} else {
+			// check whether there is a CNAME-record for the same resource
+			foreach ($dom_entries as $existing_entries) {
+				$fqdn = $existing_entries['record'] . '.' . $domain;
+				if ($existing_entries['type'] == 'CNAME' && $fqdn == $target) {
+					$errors[] = $lng['error']['dns_srv_noalias'];
+					break;
+				}
+			}
+		}
+		// append trailing dot (again)
+		if ($target != '.') {
+			$content .= '.';
+		}
+	}
+
+	$new_entry = array(
+		'record' => $record,
+		'type' => $type,
+		'prio' => $prio,
+		'content' => $content,
+		'ttl' => $ttl,
+		'domain_id' => $domain_id
+	);
+	ksort($new_entry);
+
+	// check for duplicate
+	foreach ($dom_entries as $existing_entry) {
+		// compare serialized string of array
+		$check_entry = $existing_entry;
+		// new entry has no ID yet
+		unset($check_entry['id']);
+		// sort by key
+		ksort($check_entry);
+		// format integer fields to real integer (as they are read as string from the DB)
+		$check_entry['prio'] = (int) $check_entry['prio'];
+		$check_entry['ttl'] = (int) $check_entry['ttl'];
+		$check_entry['domain_id'] = (int) $check_entry['domain_id'];
+		// serialize both
+		$check_entry = serialize($check_entry);
+		$new = serialize($new_entry);
+		// compare
+		if ($check_entry === $new) {
+			$errors[] = $lng['error']['dns_duplicate_entry'];
+			unset($check_entry);
+			break;
+		}
+	}
+
+	if (empty($errors)) {
+		$ins_stmt = Database::prepare("
+			INSERT INTO `" . TABLE_DOMAIN_DNS . "` SET
+			`record` = :record,
+			`type` = :type,
+			`prio` = :prio,
+			`content` = :content,
+			`ttl` = :ttl,
+			`domain_id` = :domain_id
+		");
+
+		Database::pexecute($ins_stmt, $new_entry);
+
+		$new_entry_id = Database::lastInsertId();
+
+		// add temporary to the entries-array (no reread of DB necessary)
+		$new_entry['id'] = $new_entry_id;
+		$dom_entries[] = $new_entry;
+
+		// success message (inline)
+		$success_message = $lng['success']['dns_record_added'];
+
+		$record = "";
+		$type = 'A';
+		$prio = "";
+		$content = "";
+		$ttl = "";
+
+		// re-generate bind configs
+		inserttask('4');
+	} else {
+		// show $errors
+		$errors = implode("<br>", $errors);
+	}
+} elseif ($action == 'delete') {
+	// remove entry
+	$entry_id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
+	if ($entry_id > 0) {
+		$del_stmt = Database::prepare("DELETE FROM `" . TABLE_DOMAIN_DNS . "` WHERE `id` = :id");
+		Database::pexecute($del_stmt, array(
+			'id' => $entry_id
+		));
+
+		// remove deleted entry from internal data array (no reread of DB necessary)
+		$_t = $dom_entries;
+		foreach ($_t as $idx => $entry) {
+			if ($entry['id'] == $entry_id) {
+				unset($dom_entries[$idx]);
+				break;
+			}
+		}
+		unset($_t);
+		// success message (inline)
+		$success_message = $lng['success']['dns_record_deleted'];
+
+		// re-generate bind configs
+		inserttask('4');
+	}
+}
+
+// show editor
+$record_list = "";
+$existing_entries = "";
+$type_select = "";
+$entriescount = 0;
+
+if (! empty($dom_entries)) {
+	$entriescount = count($dom_entries);
+	foreach ($dom_entries as $entry) {
+		$entry['content'] = wordwrap($entry['content'], 100, '<br>', true);
+		eval("\$existing_entries.=\"" . getTemplate("dns_editor/entry_bit", true) . "\";");
+	}
+}
+
+// available types
+$type_select_values = array(
+	'A',
+	'AAAA',
+	'NS',
+	'MX',
+	'SRV',
+	'TXT',
+	'CNAME'
+);
+asort($type_select_values);
+foreach ($type_select_values as $_type) {
+	$type_select .= makeoption($_type, $_type, $type);
+}
+
+eval("\$record_list=\"" . getTemplate("dns_editor/list", true) . "\";");
+
+$zone = createDomainZone($domain_id);
+$zonefile = (string) $zone;
+eval("echo \"" . getTemplate("dns_editor/index", true) . "\";");
--- a/index.php
+++ b/index.php
@@ -42,8 +42,8 @@ if ($action == 'login') {
 			$is_admin = false;
 		} else {
 			$is_admin = true;
-			if ((int)$settings['login']['domain_login'] == 1) {
-				$domainname = $idna_convert->encode(preg_replace(Array('/\:(\d)+$/', '/^https?\:\/\//'), '', $loginname));
+			if ((int)Settings::Get('login.domain_login') == 1) {
+				$domainname = $idna_convert->encode(preg_replace(array('/\:(\d)+$/', '/^https?\:\/\//'), '', $loginname));
 				$stmt = Database::prepare("SELECT `customerid` FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE `domain` = :domain"
 				);
@@ -69,13 +69,13 @@ if ($action == 'login') {
 			}
 		}

-		if (hasUpdates($version) && $is_admin == false) {
+		if ((hasUpdates($version) || hasDbUpdates($dbversion)) && $is_admin == false) {
 			redirectTo('index.php');
 			exit;
 		}

 		if ($is_admin) {
-			if (hasUpdates($version)) {
+			if (hasUpdates($version) || hasDbUpdates($dbversion)) {
 				$stmt = Database::prepare("SELECT `loginname` AS `admin` FROM `" . TABLE_PANEL_ADMINS . "`
 					WHERE `loginname`= :loginname
 					AND `change_serversettings` = '1'"
@@ -100,7 +100,11 @@ if ($action == 'login') {
 				$uid = 'adminid';
 				$adminsession = '1';
 			} else {
-				redirectTo('index.php', Array('showmessage' => '2'), true);
+				// Log failed login
+				$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => $_SERVER['REMOTE_ADDR']));
+				$rstlog->logAction(LOGIN_ACTION, LOG_WARNING, "Unknown user '" . $loginname . "' tried to login.");
+
+				redirectTo('index.php', array('showmessage' => '2'));
 				exit;
 			}
 		}
@@ -111,10 +115,17 @@ if ($action == 'login') {
 		Database::pexecute($userinfo_stmt, array("loginname" => $loginname));
 		$userinfo = $userinfo_stmt->fetch(PDO::FETCH_ASSOC);

-		if ($userinfo['loginfail_count'] >= $settings['login']['maxloginattempts'] && $userinfo['lastlogin_fail'] > (time() - $settings['login']['deactivatetime'])) {
-			redirectTo('index.php', Array('showmessage' => '3'), true);
+		if ($userinfo['loginfail_count'] >= Settings::Get('login.maxloginattempts') && $userinfo['lastlogin_fail'] > (time() - Settings::Get('login.deactivatetime'))) {
+			redirectTo('index.php', array('showmessage' => '3'));
 			exit;
-		} elseif($userinfo['password'] == md5($password)) {
+		} elseif (validatePasswordLogin($userinfo, $password, $table, $uid)) {
+		    // only show "you're banned" if the login was successful
+		    // because we don't want to publish that the user does exist
+		    if ($userinfo['deactivated']) {
+		        unset($userinfo);
+		        redirectTo('index.php', array('showmessage' => '5'));
+		        exit;
+		    } else {
 		        // login correct
 		        // reset loginfail_counter, set lastlogin_succ
 		        $stmt = Database::prepare("UPDATE $table
@@ -124,6 +135,7 @@ if ($action == 'login') {
 		        Database::pexecute($stmt, array("lastlogin_succ" => time(), "uid" => $userinfo[$uid]));
 		        $userinfo['userid'] = $userinfo[$uid];
 		        $userinfo['adminsession'] = $adminsession;
+		    }
 		} else {
 			// login incorrect
 			$stmt = Database::prepare("UPDATE $table
@@ -131,8 +143,13 @@ if ($action == 'login') {
 				WHERE `$uid`= :uid"
 			);
 			Database::pexecute($stmt, array("lastlogin_fail" => time(), "uid" => $userinfo[$uid]));
+
+			// Log failed login
+			$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => $_SERVER['REMOTE_ADDR']));
+			$rstlog->logAction(LOGIN_ACTION, LOG_WARNING, "User '" . $loginname . "' tried to login with wrong password.");
+
 			unset($userinfo);
-			redirectTo('index.php', Array('showmessage' => '2'), true);
+			redirectTo('index.php', array('showmessage' => '2'));
 			exit;
 		}

@@ -144,19 +161,19 @@ if ($action == 'login') {
 				if ($language == 'profile') {
 					$language = $userinfo['def_language'];
 				} elseif (!isset($languages[$language])) {
-					$language = $settings['panel']['standardlanguage'];
+					$language = Settings::Get('panel.standardlanguage');
 				}
 			} else {
-				$language = $settings['panel']['standardlanguage'];
+				$language = Settings::Get('panel.standardlanguage');
 			}

 			if (isset($userinfo['theme']) && $userinfo['theme'] != '') {
 				$theme = $userinfo['theme'];
 			} else {
-				$theme = $settings['panel']['default_theme'];
+				$theme = Settings::Get('panel.default_theme');
 			}

-			if ($settings['session']['allow_multiple_login'] != '1') {
+			if (Settings::Get('session.allow_multiple_login') != '1') {
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "`
 					WHERE `userid` = :uid
 					AND `adminsession` = :adminsession"
@@ -198,17 +215,35 @@ if ($action == 'login') {
 			}
 			Database::pexecute($stmt, $params);

+			$qryparams = array();
+			if (isset($_POST['qrystr']) && $_POST['qrystr'] != "") {
+				parse_str(urldecode($_POST['qrystr']), $qryparams);
+			}
+			$qryparams['s'] = $s;
+
 			if ($userinfo['adminsession'] == '1') {
-				if (hasUpdates($version)) {
-					redirectTo('admin_updates.php', Array('s' => $s), true);
+				if (hasUpdates($version) || hasDbUpdates($dbversion)) {
+					redirectTo('admin_updates.php', array('s' => $s));
 				} else {
-					redirectTo('admin_index.php', Array('s' => $s), true);
+					if (isset($_POST['script']) && $_POST['script'] != "") {
+						if (preg_match("/customer\_/", $_POST['script']) === 1) {
+							redirectTo('admin_customers.php', array("page" => "customers"));
+						} else {
+							redirectTo($_POST['script'], $qryparams);
 						}
 					} else {
-				redirectTo('customer_index.php', Array('s' => $s), true);
+						redirectTo('admin_index.php', $qryparams);
+					}
 				}
 			} else {
-			redirectTo('index.php', Array('showmessage' => '2'), true);
+				if (isset($_POST['script']) && $_POST['script'] != "") {
+					redirectTo($_POST['script'], $qryparams);
+				} else {
+					redirectTo('customer_index.php', $qryparams);
+				}
+			}
+		} else {
+			redirectTo('index.php', array('showmessage' => '2'));
 		}
 		exit;
 	} else {
@@ -231,7 +266,7 @@ if ($action == 'login') {
 			$message = $lng['error']['login'];
 			break;
 		case 3:
-				$message = sprintf($lng['error']['login_blocked'],$settings['login']['deactivatetime']);
+			$message = sprintf($lng['error']['login_blocked'], Settings::Get('login.deactivatetime'));
 			break;
 		case 4:
 			$cmail = isset($_GET['customermail']) ? $_GET['customermail'] : 'unknown';
@@ -246,13 +281,30 @@ if ($action == 'login') {
 		case 7:
 			$message = $lng['pwdreminder']['wrongcode'];
 			break;
+		case 8:
+		    $message = $lng['pwdreminder']['notallowed'];
+		    break;
 		}

 		$update_in_progress = '';
-		if (hasUpdates($version)) {
+		if (hasUpdates($version) || hasDbUpdates($dbversion)) {
 			$update_in_progress = $lng['update']['updateinprogress_onlyadmincanlogin'];
 		}
 		
+		// Pass the last used page if needed
+		$lastscript = "";
+		if (isset($_REQUEST['script']) && $_REQUEST['script'] != "") {
+			$lastscript = $_REQUEST['script'];
+
+			if (!file_exists(__DIR__."/".$lastscript)) {
+				$lastscript = "";
+			}
+		}
+		$lastqrystr = "";
+		if (isset($_REQUEST['qrystr']) && $_REQUEST['qrystr'] != "") {
+			$lastqrystr = htmlspecialchars($_REQUEST['qrystr'], ENT_QUOTES);
+		}
+
 		eval("echo \"" . getTemplate('login') . "\";");
 	}
 }
@@ -289,16 +341,16 @@ if ($action == 'forgotpwd') {

 			/* Check whether user is banned */
 			if ($user['deactivated']) {
-				$message = $lng['pwdreminder']['notallowed'];
-				redirectTo('index.php', Array('showmessage' => '5'), true);
+				redirectTo('index.php', array('showmessage' => '8'));
+				exit;
 			}

-			if (($adminchecked && $settings['panel']['allow_preset_admin'] == '1') || $adminchecked == false) {
+			if (($adminchecked && Settings::Get('panel.allow_preset_admin') == '1') || $adminchecked == false) {
 				if ($user !== false) {
 					// build a activation code
 					$timestamp = time();
-					$first = substr(md5($user['loginname'] . $timestamp . rand(0, $timestamp)), 0, 15);
-					$third = substr(md5($user['email'] . $timestamp . rand(0, $timestamp)), -15);
+					$first = substr(md5($user['loginname'] . $timestamp . randomStr(16)), 0, 15);
+					$third = substr(md5($user['email'] . $timestamp . randomStr(16)), -15);
 					$activationcode = $first . $timestamp . $third . substr(md5($third . $timestamp), 0, 10);

 					// Drop all existing activation codes for this user
@@ -325,25 +377,32 @@ if ($action == 'forgotpwd') {
 					);
 					Database::pexecute($stmt, $params);

-					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $settings);
+					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'));
 					$rstlog->logAction(USR_ACTION, LOG_WARNING, "User '" . $user['loginname'] . "' requested a link for setting a new password.");

 					// Set together our activation link
-					$protocol = strpos(strtolower($_SERVER['SERVER_PROTOCOL']),'https') === FALSE ? 'http' : 'https';
-					$host = $_SERVER['HTTP_HOST'];
+					$protocol = empty( $_SERVER['HTTPS'] ) ? 'http' : 'https';
+					// this can be a fixed value to avoid potential exploiting by modifying headers
+					$host = Settings::Get('system.hostname'); // $_SERVER['HTTP_HOST'];
 					$port = $_SERVER['SERVER_PORT'] != 80 ? ':' . $_SERVER['SERVER_PORT'] : '';
-					$script = $_SERVER['SCRIPT_NAME'];
+					// don't add :443 when https is used, as it is default (and just looks weird!)
+					if ($protocol == 'https' && $_SERVER['SERVER_PORT'] == '443') {
+						$port = '';
+					}
+					// there can be only one script to handle this so we can use a fixed value here
+					$script = "/index.php"; // $_SERVER['SCRIPT_NAME'];
+					if (Settings::Get('system.froxlordirectlyviahostname') == 0) {
+						$script = makeCorrectFile("/".basename(__DIR__)."/".$script);
+					}
 					$activationlink = $protocol . '://' . $host . $port . $script . '?action=resetpwd&resetcode=' . $activationcode;

 					$replace_arr = array(
 						'SALUTATION' => getCorrectUserSalutation($user),
-						'USERNAME' => $user['loginname'],
+						'USERNAME' => $loginname,
 						'LINK' => $activationlink
 					);

-					$body = strtr($lng['pwdreminder']['body'], array('%s' => $user['firstname'] . ' ' . $user['name'], '%a' => $activationlink));
-
-					$def_language = ($user['def_language'] != '') ? $user['def_language'] : $settings['panel']['standardlanguage'];
+					$def_language = ($user['def_language'] != '') ? $user['def_language'] : Settings::Get('panel.standardlanguage');
 					$result_stmt = Database::prepare('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
 						WHERE `adminid`= :adminid
 						AND `language`= :lang
@@ -352,7 +411,7 @@ if ($action == 'forgotpwd') {
 					);
 					Database::pexecute($result_stmt, array("adminid" => $user['adminid'], "lang" => $def_language));
 					$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-					$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['pwdreminder']['subject']), $replace_arr));
+					$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['password_reset']['subject']), $replace_arr));

 					$result_stmt = Database::prepare('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
 						WHERE `adminid`= :adminid
@@ -362,14 +421,14 @@ if ($action == 'forgotpwd') {
 					);
 					Database::pexecute($result_stmt, array("adminid" => $user['adminid'], "lang" => $def_language));
 					$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-					$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $body), $replace_arr));
+					$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['password_reset']['mailbody']), $replace_arr));

 					$_mailerror = false;
 					try {
 						$mail->Subject = $mail_subject;
 						$mail->AltBody = $mail_body;
 						$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
-						$mail->AddAddress($user['email'], $user['firstname'] . ' ' . $user['name']);
+						$mail->AddAddress($user['email'], getCorrectUserSalutation($user));
 						$mail->Send();
 					} catch(phpmailerException $e) {
 						$mailerr_msg = $e->errorMessage();
@@ -380,17 +439,17 @@ if ($action == 'forgotpwd') {
 					}

 					if ($_mailerror) {
-						$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $settings);
+						$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'));
 						$rstlog->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
-						redirectTo('index.php', array('showmessage' => '4', 'customermail' => $user['email']), true);
+						redirectTo('index.php', array('showmessage' => '4', 'customermail' => $user['email']));
 						exit;
 					}

 					$mail->ClearAddresses();
-					redirectTo('index.php', array('showmessage' => '1'), true);
+					redirectTo('index.php', array('showmessage' => '1'));
 					exit;
 				} else {
-					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $settings);
+					$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'));
 					$rstlog->logAction(USR_ACTION, LOG_WARNING, "User '" . $loginname . "' requested to set a new password, but was not found in database!");
 					$message = $lng['login']['combination_not_found'];
 				}
@@ -403,12 +462,12 @@ if ($action == 'forgotpwd') {
 	}

 	if ($adminchecked) {
-		if ($settings['panel']['allow_preset_admin'] != '1') {
+		if (Settings::Get('panel.allow_preset_admin') != '1') {
 			$message = $lng['pwdreminder']['notallowed'];
 			unset ($adminchecked);
 		}
 	} else {
-		if ($settings['panel']['allow_preset'] != '1') {
+		if (Settings::Get('panel.allow_preset') != '1') {
 			$message = $lng['pwdreminder']['notallowed'];
 		}
 	}
@@ -467,9 +526,9 @@ if ($action == 'resetpwd') {
 								WHERE `customerid` = :userid"
 							);
 						}
-						Database::pexecute($stmt, array("newpassword" => md5($new_password), "userid" => $result['userid']));
+						Database::pexecute($stmt, array("newpassword" => makeCryptPassword($new_password), "userid" => $result['userid']));

-						$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'), $settings);
+						$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'));
 						$rstlog->logAction(USR_ACTION, LOG_NOTICE, "changed password using password reset.");

 						// Remove activation code from DB
@@ -478,17 +537,17 @@ if ($action == 'resetpwd') {
 							AND `userid` = :userid"
 						);
 						Database::pexecute($stmt, array("activationcode" => $activationcode, "userid" => $result['userid']));
-						redirectTo('index.php', array("showmessage" => '6'), true);
+						redirectTo('index.php', array("showmessage" => '6'));
 					}
 				} else {
-					redirectTo('index.php', array("showmessage" => '7'), true);
+					redirectTo('index.php', array("showmessage" => '7'));
 				}
 			}

 			eval("echo \"" . getTemplate('rpwd') . "\";");

 		} else {
-			redirectTo('index.php', array("showmessage" => '7'), true);
+			redirectTo('index.php', array("showmessage" => '7'));
 		}

 	} else {
--- a/install/froxlor.sql
+++ b/install/froxlor.sql
@@ -1,3 +1,4 @@
+DROP TABLE IF EXISTS `ftp_groups`;
 CREATE TABLE `ftp_groups` (
  `id` int(20) NOT NULL auto_increment,
  `groupname` varchar(60) NOT NULL default '',
@@ -22,12 +23,13 @@ CREATE TABLE `ftp_users` (
  `shell` varchar(255) NOT NULL default '/bin/false',
  `login_enabled` enum('N','Y') NOT NULL default 'N',
  `login_count` int(15) NOT NULL default '0',
-  `last_login` datetime NOT NULL default '0000-00-00 00:00:00',
+  `last_login` datetime default NULL,
  `up_count` int(15) NOT NULL default '0',
  `up_bytes` bigint(30) NOT NULL default '0',
  `down_count` int(15) NOT NULL default '0',
  `down_bytes` bigint(30) NOT NULL default '0',
  `customerid` int(11) NOT NULL default '0',
+  `description` varchar(255) NOT NULL DEFAULT '',
  PRIMARY KEY  (`id`),
  UNIQUE KEY `username` (`username`),
  KEY `customerid` (`customerid`)
@@ -64,7 +66,7 @@ CREATE TABLE `mail_virtual` (
  `id` int(11) NOT NULL auto_increment,
  `email` varchar(255) NOT NULL default '',
  `email_full` varchar(255) NOT NULL default '',
-  `destination` text NOT NULL,
+  `destination` text NOT NULL default '',
  `domainid` int(11) NOT NULL default '0',
  `customerid` int(11) NOT NULL default '0',
  `popaccountid` int(11) NOT NULL default '0',
@@ -89,7 +91,7 @@ DROP TABLE IF EXISTS `panel_admins`;
 CREATE TABLE `panel_admins` (
  `adminid` int(11) unsigned NOT NULL auto_increment,
  `loginname` varchar(50) NOT NULL default '',
-  `password` varchar(50) NOT NULL default '',
+  `password` varchar(255) NOT NULL default '',
  `name` varchar(255) NOT NULL default '',
  `email` varchar(255) NOT NULL default '',
  `def_language` varchar(255) NOT NULL default '',
@@ -128,12 +130,9 @@ CREATE TABLE `panel_admins` (
  `lastlogin_fail` int(11) unsigned NOT NULL default '0',
  `loginfail_count` int(11) unsigned NOT NULL default '0',
  `reportsent` tinyint(4) unsigned NOT NULL default '0',
-  `can_manage_aps_packages` tinyint(1) NOT NULL default '1',
-  `aps_packages` int(5) NOT NULL default '0',
-  `aps_packages_used` int(5) NOT NULL default '0',
-  `email_autoresponder` int(5) NOT NULL default '0',
-  `email_autoresponder_used` int(5) NOT NULL default '0',
  `theme` varchar(255) NOT NULL default 'Sparkle',
+  `custom_notes` text,
+  `custom_notes_show` tinyint(1) NOT NULL default '0',
   PRIMARY KEY  (`adminid`),
   UNIQUE KEY `loginname` (`loginname`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -144,7 +143,7 @@ DROP TABLE IF EXISTS `panel_customers`;
 CREATE TABLE `panel_customers` (
  `customerid` int(11) unsigned NOT NULL auto_increment,
  `loginname` varchar(50) NOT NULL default '',
-  `password` varchar(50) NOT NULL default '',
+  `password` varchar(255) NOT NULL default '',
  `adminid` int(11) unsigned NOT NULL default '0',
  `name` varchar(255) NOT NULL default '',
  `firstname` varchar(255) NOT NULL default '',
@@ -191,14 +190,13 @@ CREATE TABLE `panel_customers` (
  `reportsent` tinyint(4) unsigned NOT NULL default '0',
  `pop3` tinyint(1) NOT NULL default '1',
  `imap` tinyint(1) NOT NULL default '1',
-  `aps_packages` int(5) NOT NULL default '0',
-  `aps_packages_used` int(5) NOT NULL default '0',
  `perlenabled` tinyint(1) NOT NULL default '0',
-  `email_autoresponder` int(5) NOT NULL default '0',
-  `email_autoresponder_used` int(5) NOT NULL default '0',
+  `dnsenabled` tinyint(1) NOT NULL default '0',
  `theme` varchar(255) NOT NULL default 'Sparkle',
-  `backup_allowed` TINYINT( 1 ) NOT NULL DEFAULT '1',
-  `backup_enabled` TINYINT( 1 ) NOT NULL DEFAULT '0',
+  `custom_notes` text,
+  `custom_notes_show` tinyint(1) NOT NULL default '0',
+  `lepublickey` mediumtext DEFAULT NULL,
+  `leprivatekey` mediumtext DEFAULT NULL,
   PRIMARY KEY  (`customerid`),
   UNIQUE KEY `loginname` (`loginname`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -212,7 +210,6 @@ CREATE TABLE `panel_databases` (
  `databasename` varchar(255) NOT NULL default '',
  `description` varchar(255) NOT NULL default '',
  `dbserver` int(11) unsigned NOT NULL default '0',
-  `apsdb` tinyint(1) NOT NULL default '0',
  PRIMARY KEY  (`id`),
  KEY `customerid` (`customerid`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -227,7 +224,6 @@ CREATE TABLE `panel_domains` (
  `customerid` int(11) unsigned NOT NULL default '0',
  `aliasdomain` int(11) unsigned NULL,
  `documentroot` varchar(255) NOT NULL default '',
-  `ipandport` int(11) unsigned NOT NULL default '1',
  `isbinddomain` tinyint(1) NOT NULL default '0',
  `isemaildomain` tinyint(1) NOT NULL default '0',
  `email_only` tinyint(1) NOT NULL default '0',
@@ -236,26 +232,29 @@ CREATE TABLE `panel_domains` (
  `caneditdomain` tinyint(1) NOT NULL default '1',
  `zonefile` varchar(255) NOT NULL default '',
  `dkim` tinyint(1) NOT NULL default '0',
-  `dkim_id` int(11) unsigned NOT NULL,
-  `dkim_privkey` text NOT NULL,
-  `dkim_pubkey` text NOT NULL,
+  `dkim_id` int(11) unsigned NOT NULL default '0',
+  `dkim_privkey` text,
+  `dkim_pubkey` text,
  `wwwserveralias` tinyint(1) NOT NULL default '1',
-  `parentdomainid` int(11) unsigned NOT NULL default '0',
+  `parentdomainid` int(11) NOT NULL default '0',
  `openbasedir` tinyint(1) NOT NULL default '0',
  `openbasedir_path` tinyint(1) NOT NULL default '0',
  `speciallogfile` tinyint(1) NOT NULL default '0',
-  `ssl` tinyint(4) NOT NULL default '0',
  `ssl_redirect` tinyint(4) NOT NULL default '0',
-  `ssl_ipandport` tinyint(4) NOT NULL default '0',
-  `specialsettings` text NOT NULL,
+  `specialsettings` text,
  `deactivated` tinyint(1) NOT NULL default '0',
  `bindserial` varchar(10) NOT NULL default '2000010100',
  `add_date` int( 11 ) NOT NULL default '0',
-  `registration_date` date NOT NULL,
+  `registration_date` date DEFAULT NULL,
+  `termination_date` date DEFAULT NULL,
  `phpsettingid` INT( 11 ) UNSIGNED NOT NULL DEFAULT '1',
  `mod_fcgid_starter` int(4) default '-1',
  `mod_fcgid_maxrequests` int(4) default '-1',
  `ismainbutsubto` int(11) unsigned NOT NULL default '0',
+  `letsencrypt` tinyint(1) NOT NULL default '0',
+  `hsts` varchar(10) NOT NULL default '0',
+  `hsts_sub` tinyint(1) NOT NULL default '0',
+  `hsts_preload` tinyint(1) NOT NULL default '0',
  PRIMARY KEY  (`id`),
  KEY `customerid` (`customerid`),
  KEY `parentdomain` (`parentdomainid`),
@@ -273,12 +272,12 @@ CREATE TABLE `panel_ipsandports` (
  `namevirtualhost_statement` tinyint(1) NOT NULL default '0',
  `vhostcontainer` tinyint(1) NOT NULL default '0',
  `vhostcontainer_servername_statement` tinyint(1) NOT NULL default '0',
-  `specialsettings` text NOT NULL default '',
+  `specialsettings` text,
  `ssl` tinyint(4) NOT NULL default '0',
  `ssl_cert_file` varchar(255) NOT NULL,
  `ssl_key_file` varchar(255) NOT NULL,
  `ssl_ca_file` varchar(255) NOT NULL,
-  `default_vhostconf_domain` text NOT NULL,
+  `default_vhostconf_domain` text,
  `ssl_cert_chainfile` varchar(255) NOT NULL,
  `docroot` varchar(255) NOT NULL default '',
  PRIMARY KEY  (`id`)
@@ -343,8 +342,6 @@ CREATE TABLE `panel_settings` (
  PRIMARY KEY  (`settingid`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;

-
-
 INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('catchall', 'catchall_enabled', '1'),
 	('session', 'allow_multiple_login', '0'),
@@ -353,6 +350,8 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('customer', 'ftpprefix', 'ftp'),
 	('customer', 'mysqlprefix', 'sql'),
 	('customer', 'ftpatdomain', '0'),
+	('customer', 'show_news_feed', '0'),
+	('customer', 'news_feed_url', ''),
 	('ticket', 'noreply_email', 'NO-REPLY@SERVERNAME'),
 	('ticket', 'worktime_all', '1'),
 	('ticket', 'worktime_begin', '00:00'),
@@ -374,21 +373,11 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('dkim', 'dkim_domains', 'domains'),
 	('dkim', 'dkim_dkimkeys', 'dkim-keys.conf'),
 	('dkim', 'dkimrestart_command', '/etc/init.d/dkim-filter restart'),
-	('autoresponder', 'autoresponder_active', '0'),
-	('autoresponder', 'last_autoresponder_run', '0'),
-	('admin', 'show_news_feed', '1'),
+	('admin', 'show_news_feed', '0'),
 	('admin', 'show_version_login', '0'),
 	('admin', 'show_version_footer', '0'),
-	('aps', 'items_per_page', '20'),
-	('aps', 'upload_fields', '5'),
-	('aps', 'aps_active', '0'),
-	('aps', 'php-extension', ''),
-	('aps', 'php-configuration', ''),
-	('aps', 'webserver-htaccess', ''),
-	('aps', 'php-function', ''),
-	('aps', 'webserver-module', ''),
 	('spf', 'use_spf', '0'),
-	('spf', 'spf_entry', '@	IN	TXT	"v=spf1 a mx -all"'),
+	('spf', 'spf_entry', '"v=spf1 a mx -all"'),
 	('dkim', 'dkim_algorithm', 'all'),
 	('dkim', 'dkim_add_adsp', '1'),
 	('dkim', 'dkim_keylength', '1024'),
@@ -425,8 +414,9 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('phpfpm', 'idle_timeout', '30'),
 	('phpfpm', 'aliasconfigdir', '/var/www/php-fpm/'),
 	('phpfpm', 'defaultini', '1'),
-	('phpfpm', 'vhost_defaultini', '1'),
+	('phpfpm', 'vhost_defaultini', '2'),
 	('phpfpm', 'fastcgi_ipcdir', '/var/lib/apache2/fastcgi/'),
+	('phpfpm', 'use_mod_proxy', '0'),
 	('nginx', 'fastcgiparams', '/etc/nginx/fastcgi_params'),
 	('system', 'lastaccountnumber', '0'),
 	('system', 'lastguid', '9999'),
@@ -462,7 +452,6 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'mod_fcgid_tmpdir', '/var/customers/tmp'),
 	('system', 'ssl_cert_file', '/etc/apache2/apache2.pem'),
 	('system', 'use_ssl', '0'),
-	('system', 'openssl_cnf', '[ req ]\r\ndefault_bits = 1024\r\ndistinguished_name = req_distinguished_name\r\nattributes = req_attributes\r\nprompt = no\r\noutput_password =\r\ninput_password =\r\n[ req_distinguished_name ]\r\nC = DE\r\nST = froxlor\r\nL = froxlor    \r\nO = Testcertificate\r\nOU = froxlor        \r\nCN = @@domain_name@@\r\nemailAddress = @@email@@    \r\n[ req_attributes ]\r\nchallengePassword =\r\n'),
 	('system', 'default_vhostconf', ''),
 	('system', 'mail_quota_enabled', '0'),
 	('system', 'mail_quota', '100'),
@@ -492,16 +481,6 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'report_webmax', '90'),
 	('system', 'report_trafficmax', '90'),
 	('system', 'validate_domain', '1'),
-	('system', 'backup_enabled', '0'),
-	('system', 'backup_dir', '/var/customers/backups/'),
-	('system', 'backup_mysqldump_path', '/usr/bin/mysqldump'),
-	('system', 'backup_count', '1'),
-	('system', 'backup_bigfile', '1'),
-	('system', 'backup_ftp_enabled', '0'),
-	('system', 'backup_ftp_server', ''),
-	('system', 'backup_ftp_user', ''),
-	('system', 'backup_ftp_pass', ''),
-	('system', 'backup_ftp_passive', '1'),
 	('system', 'diskquota_enabled', '0'),
 	('system', 'diskquota_repquota_path', '/usr/sbin/repquota'),
 	('system', 'diskquota_quotatool_path', '/usr/bin/quotatool'),
@@ -512,20 +491,60 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'mod_fcgid_httpuser', 'froxlorlocal'),
 	('system', 'mod_fcgid_httpgroup', 'froxlorlocal'),
 	('system', 'awstats_awstatspath', '/usr/bin/'),
-	('system', 'mod_fcgid_defaultini_ownvhost', '1'),
+	('system', 'mod_fcgid_defaultini_ownvhost', '2'),
 	('system', 'awstats_icons', '/usr/share/awstats/icon/'),
 	('system', 'ssl_cert_chainfile', ''),
-	('system', 'ssl_cipher_list', 'ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH'),
+	('system', 'ssl_cipher_list', 'ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128'),
 	('system', 'nginx_php_backend', '127.0.0.1:8888'),
 	('system', 'perl_server', 'unix:/var/run/nginx/cgiwrap-dispatch.sock'),
 	('system', 'phpreload_command', ''),
 	('system', 'apache24', '0'),
 	('system', 'documentroot_use_default_value', '0'),
-	('system', 'passwordcryptfunc', '1'),
+	('system', 'passwordcryptfunc', '3'),
 	('system', 'axfrservers', ''),
 	('system', 'customer_ssl_path', '/etc/ssl/froxlor-custom/'),
 	('system', 'allow_error_report_admin', '1'),
 	('system', 'allow_error_report_customer', '0'),
+	('system', 'mdalog', '/var/log/mail.log'),
+	('system', 'mtalog', '/var/log/mail.log'),
+	('system', 'mdaserver', 'dovecot'),
+	('system', 'mtaserver', 'postfix'),
+	('system', 'mailtraffic_enabled', '1'),
+	('system', 'cronconfig', '/etc/cron.d/froxlor'),
+	('system', 'crondreload', '/etc/init.d/cron reload'),
+	('system', 'croncmdline', '/usr/bin/nice -n 5 /usr/bin/php -q'),
+	('system', 'cron_allowautoupdate', '0'),
+	('system', 'dns_createhostnameentry', '0'),
+	('system', 'send_cron_errors', '0'),
+	('system', 'apacheitksupport', '0'),
+	('system', 'leprivatekey', 'unset'),
+	('system', 'lepublickey', 'unset'),
+	('system', 'letsencryptca', 'production'),
+	('system', 'letsencryptcountrycode', 'DE'),
+	('system', 'letsencryptstate', 'Hessen'),
+	('system', 'letsencryptchallengepath', '/var/www/froxlor'),
+	('system', 'letsencryptkeysize', '4096'),
+	('system', 'letsencryptreuseold', 0),
+	('system', 'leenabled', '0'),
+	('system', 'backupenabled', '0'),
+	('system', 'dnsenabled', '0'),
+	('system', 'dns_server', 'bind'),
+	('system', 'apacheglobaldiropt', ''),
+	('system', 'allow_customer_shell', '0'),
+	('system', 'available_shells', ''),
+	('system', 'le_froxlor_enabled', '0'),
+	('system', 'le_froxlor_redirect', '0'),
+	('system', 'letsencryptacmeconf', '/etc/apache2/conf-enabled/acme.conf'),
+	('system', 'mail_use_smtp', '0'),
+	('system', 'mail_smtp_host', 'localhost'),
+	('system', 'mail_smtp_port', '25'),
+	('system', 'mail_smtp_usetls', '1'),
+	('system', 'mail_smtp_auth', '1'),
+	('system', 'mail_smtp_user', ''),
+	('system', 'mail_smtp_passwd', ''),
+	('system', 'hsts_maxage', '0'),
+	('system', 'hsts_sub', '0'),
+	('system', 'hsts_preload', '0'),
 	('panel', 'decimal_places', '4'),
 	('panel', 'adminmail', 'admin@SERVERNAME'),
 	('panel', 'phpmyadmin_url', ''),
@@ -548,22 +567,28 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('panel', 'allow_preset', '1'),
 	('panel', 'allow_preset_admin', '0'),
 	('panel', 'password_regex', ''),
-	('panel', 'use_webfonts', '0'),
-	('panel', 'webfont', 'Numans'),
 	('panel', 'phpconfigs_hidestdsubdomain', '0'),
 	('panel', 'allow_theme_change_admin', '1'),
 	('panel', 'allow_theme_change_customer', '1'),
-	('panel', 'version', '0.9.31.1');
+	('panel', 'password_alpha_lower', '1'),
+	('panel', 'password_alpha_upper', '1'),
+	('panel', 'password_numeric', '0'),
+	('panel', 'password_special_char_required', '0'),
+	('panel', 'password_special_char', '!?<>§$%+#=@'),
+	('panel', 'customer_hide_options', ''),
+	('panel', 'version', '0.9.38-rc2'),
+	('panel', 'db_version', '201610070');


 DROP TABLE IF EXISTS `panel_tasks`;
 CREATE TABLE `panel_tasks` (
  `id` int(11) unsigned NOT NULL auto_increment,
  `type` int(11) NOT NULL default '0',
-  `data` text NOT NULL,
+  `data` text,
  PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;

+INSERT INTO `panel_tasks` (`type`) VALUES ('99');


 DROP TABLE IF EXISTS `panel_templates`;
@@ -664,21 +689,11 @@ CREATE TABLE `panel_languages` (
 INSERT INTO `panel_languages` (`id`, `language`, `iso`, `file`) VALUES
    (1, 'Deutsch', 'de', 'lng/german.lng.php'),
    (2, 'English', 'en', 'lng/english.lng.php'),
-    (3, 'Français', 'fr', 'lng/french.lng.php'),
-    (4, 'Chinese', 'zh', 'lng/zh-cn.lng.php'),
-    (5, 'Catalan', 'ca', 'lng/catalan.lng.php'),
-    (6, 'Espa&ntilde;ol', 'es', 'lng/spanish.lng.php'),
-    (7, 'Portugu&ecirc;s', 'pt', 'lng/portugues.lng.php'),
-    (8, 'Russian', 'ru', 'lng/russian.lng.php'),
-    (9, 'Danish', 'da', 'lng/danish.lng.php'),
-    (10, 'Italian', 'it', 'lng/italian.lng.php'),
-    (11, 'Bulgarian', 'bg', 'lng/bulgarian.lng.php'),
-    (12, 'Slovak', 'sk', 'lng/slovak.lng.php'),
-    (13, 'Dutch', 'nl', 'lng/dutch.lng.php'),
-    (14, 'Hungarian', 'hu', 'lng/hungarian.lng.php'),
-    (15, 'Swedish', 'sv', 'lng/swedish.lng.php'),
-    (16, 'Czech', 'cz', 'lng/czech.lng.php'),
-    (17, 'Polski', 'pl', 'lng/polish.lng.php');
+    (3, 'Fran&ccedil;ais', 'fr', 'lng/french.lng.php'),
+    (4, 'Portugu&ecirc;s', 'pt', 'lng/portugues.lng.php'),
+    (5, 'Italiano', 'it', 'lng/italian.lng.php'),
+    (6, 'Nederlands', 'nl', 'lng/dutch.lng.php'),
+    (7, 'Svenska', 'sv', 'lng/swedish.lng.php');



@@ -728,23 +743,6 @@ CREATE TABLE IF NOT EXISTS `panel_syslog` (
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;


-
-DROP TABLE IF EXISTS `mail_autoresponder`;
-CREATE TABLE `mail_autoresponder` (
-  `email` varchar(255) NOT NULL default '',
-  `message` text NOT NULL,
-  `enabled` tinyint(1) NOT NULL default '0',
-  `date_from` int(15) NOT NULL default '-1',
-  `date_until` int(15) NOT NULL default '-1',
-  `subject` varchar(255) NOT NULL default '',
-  `customerid` int(11) NOT NULL default '0',
-  PRIMARY KEY  (`email`),
-  KEY `customerid` (`customerid`),
-  FULLTEXT KEY `message` (`message`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
 DROP TABLE IF EXISTS `panel_phpconfigs`;
 CREATE TABLE `panel_phpconfigs` (
  `id` int(11) unsigned NOT NULL auto_increment,
@@ -753,6 +751,7 @@ CREATE TABLE `panel_phpconfigs` (
  `file_extensions` varchar(255) NOT NULL,
  `mod_fcgid_starter` int(4) NOT NULL DEFAULT '-1',
  `mod_fcgid_maxrequests` int(4) NOT NULL DEFAULT '-1',
+  `mod_fcgid_umask` varchar(15) NOT NULL DEFAULT '022',
  `fpm_slowlog` tinyint(1) NOT NULL default '0',
  `fpm_reqterm` varchar(15) NOT NULL default '60s',
  `fpm_reqslow` varchar(15) NOT NULL default '5s',
@@ -763,65 +762,8 @@ CREATE TABLE `panel_phpconfigs` (


 INSERT INTO `panel_phpconfigs` (`id`, `description`, `binary`, `file_extensions`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`, `phpsettings`) VALUES
-(1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n'),
-(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\nnoutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n');
-
-
-DROP TABLE IF EXISTS `aps_instances`;
-CREATE TABLE IF NOT EXISTS `aps_instances` (
-  `ID` int(4) NOT NULL auto_increment,
-  `CustomerID` int(4) NOT NULL,
-  `PackageID` int(4) NOT NULL,
-  `Status` int(4) NOT NULL,
-  PRIMARY KEY  (`ID`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
-DROP TABLE IF EXISTS `aps_packages`;
-CREATE TABLE IF NOT EXISTS `aps_packages` (
-  `ID` int(4) NOT NULL auto_increment,
-  `Path` varchar(500) NOT NULL,
-  `Name` varchar(500) NOT NULL,
-  `Version` varchar(20) NOT NULL,
-  `Release` int(4) NOT NULL,
-  `Status` int(1) NOT NULL default '1',
-  PRIMARY KEY  (`ID`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
-DROP TABLE IF EXISTS `aps_settings`;
-CREATE TABLE IF NOT EXISTS `aps_settings` (
-  `ID` int(4) NOT NULL auto_increment,
-  `InstanceID` int(4) NOT NULL,
-  `Name` varchar(250) NOT NULL,
-  `Value` varchar(250) NOT NULL,
-  PRIMARY KEY  (`ID`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
-DROP TABLE IF EXISTS `aps_tasks`;
-CREATE TABLE IF NOT EXISTS `aps_tasks` (
-  `ID` int(4) NOT NULL auto_increment,
-  `InstanceID` int(4) NOT NULL,
-  `Task` int(4) NOT NULL,
-  PRIMARY KEY  (`ID`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
-
-
-DROP TABLE IF EXISTS `aps_temp_settings`;
-CREATE TABLE IF NOT EXISTS `aps_temp_settings` (
-  `ID` int(4) NOT NULL auto_increment,
-  `PackageID` int(4) NOT NULL,
-  `CustomerID` int(4) NOT NULL,
-  `Name` varchar(250) NOT NULL,
-  `Value` varchar(250) NOT NULL,
-  PRIMARY KEY  (`ID`)
-) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
-
+(1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = "{DOCUMENT_ROOT}"\r\n'),
+(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\nnoutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = ""\r\n');


 DROP TABLE IF EXISTS `cronjobs_run`;
@@ -837,18 +779,15 @@ CREATE TABLE IF NOT EXISTS `cronjobs_run` (
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;


-
 INSERT INTO `cronjobs_run` (`id`, `module`, `cronfile`, `interval`, `isactive`, `desc_lng_key`) VALUES
-	(1, 'froxlor/core', 'cron_tasks.php', '5 MINUTE', '1', 'cron_tasks'),
-	(2, 'froxlor/aps', 'cron_apsinstaller.php', '5 MINUTE', '0', 'cron_apsinstaller'),
-	(3, 'froxlor/autoresponder', 'cron_autoresponder.php', '5 MINUTE', '0', 'cron_autoresponder'),
-	(4, 'froxlor/aps', 'cron_apsupdater.php', '1 HOUR', '0', 'cron_apsupdater'),
-	(5, 'froxlor/core', 'cron_traffic.php', '1 DAY', '1', 'cron_traffic'),
-	(6, 'froxlor/ticket', 'cron_used_tickets_reset.php', '1 DAY', '1', 'cron_ticketsreset'),
-	(7, 'froxlor/ticket', 'cron_ticketarchive.php', '1 MONTH', '1', 'cron_ticketarchive'),
-	(8, 'froxlor/reports', 'cron_usage_report.php', '1 DAY', '1', 'cron_usage_report'),
-	(9, 'froxlor/backup', 'cron_backup.php', '1 DAY', '1', 'cron_backup'),
-	(10, 'froxlor/core', 'cron_mailboxsize.php', '6 HOUR', '1', 'cron_mailboxsize');
+	(1, 'froxlor/core', 'tasks', '5 MINUTE', '1', 'cron_tasks'),
+	(2, 'froxlor/core', 'traffic', '1 DAY', '1', 'cron_traffic'),
+	(3, 'froxlor/ticket', 'used_tickets_reset', '1 DAY', '1', 'cron_ticketsreset'),
+	(4, 'froxlor/ticket', 'ticketarchive', '1 MONTH', '1', 'cron_ticketarchive'),
+	(5, 'froxlor/reports', 'usage_report', '1 DAY', '1', 'cron_usage_report'),
+	(6, 'froxlor/core', 'mailboxsize', '6 HOUR', '1', 'cron_mailboxsize'),
+	(7, 'froxlor/letsencrypt', 'letsencrypt', '5 MINUTE', '0', 'cron_letsencrypt'),
+	(8, 'froxlor/backup', 'backup', '1 DAY', '1', 'cron_backup');



@@ -919,10 +858,12 @@ DROP TABLE IF EXISTS `domain_ssl_settings`;
 CREATE TABLE IF NOT EXISTS `domain_ssl_settings` (
  `id` int(5) NOT NULL auto_increment,
  `domainid` int(11) NOT NULL,
-  `ssl_cert_file` text NOT NULL,
-  `ssl_key_file` text NOT NULL,
-  `ssl_ca_file` text NOT NULL,
-  `ssl_cert_chainfile` text NOT NULL,
+  `ssl_cert_file` mediumtext NOT NULL,
+  `ssl_key_file` mediumtext NOT NULL,
+  `ssl_ca_file` mediumtext,
+  `ssl_cert_chainfile` mediumtext,
+  `ssl_csr_file` mediumtext,
+  `expirationdate` datetime DEFAULT NULL,
  PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;

@@ -933,3 +874,17 @@ CREATE TABLE IF NOT EXISTS `panel_domaintoip` (
  `id_ipandports` int(11) unsigned NOT NULL,
  PRIMARY KEY (`id_domain`,`id_ipandports`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
+
+
+DROP TABLE IF EXISTS `domain_dns_entries`;
+CREATE TABLE `domain_dns_entries` (
+  `id` int(20) NOT NULL auto_increment,
+  `domain_id` int(15) NOT NULL,
+  `record` varchar(255) NOT NULL,
+  `type` varchar(10) NOT NULL DEFAULT 'A',
+  `content` text NOT NULL,
+  `ttl` int(11) NOT NULL DEFAULT '18000',
+  `prio` int(11) DEFAULT NULL,
+  PRIMARY KEY  (`id`)
+) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
+
--- a/install/lib/class.FroxlorInstall.php
+++ b/install/lib/class.FroxlorInstall.php
@@ -30,10 +30,12 @@
 * @package Install
 *
 */
-class FroxlorInstall {
+class FroxlorInstall
+{

 	/**
-	 * define froxlor basepath e.g. /var/www/froxlor
+	 * define froxlor basepath e.g.
+	 * /var/www/froxlor
 	 *
 	 * @var string
 	 */
@@ -65,11 +67,13 @@ class FroxlorInstall {
 	 */
 	private $_languages = array(
 		'german' => 'Deutsch',
-			'english' => 'English'
+		'english' => 'English',
+		'french' => 'Français'
 	);

 	/**
 	 * currently used language
+	 *
 	 * @var unknown
 	 */
 	private $_activelng = 'english';
@@ -77,7 +81,8 @@ class FroxlorInstall {
 	/**
 	 * Class constructor
 	 */
-	public function __construct() {
+	public function __construct()
+	{
 		$this->_basepath = dirname(dirname(dirname(__FILE__)));
 		$this->_data = array();
 	}
@@ -85,7 +90,8 @@ class FroxlorInstall {
 	/**
 	 * FC
 	 */
-	public function run() {
+	public function run()
+	{
 		// send headers
 		$this->_sendHeaders();
 		// check if we have a valid installation already
@@ -103,15 +109,13 @@ class FroxlorInstall {
 	/**
 	 * build up and show the install-process-pages
 	 */
-	private function _showPage() {
+	private function _showPage()
+	{
 		// set theme for templates
 		$theme = $this->_theme;
 		eval("echo \"" . $this->_getTemplate("header") . "\";");
 		// check install-state
-		if ((isset($_POST['installstep'])
-				&& $_POST['installstep'] == '1')
-				|| (isset($_GET['check']) && $_GET['check'] == '1')
-		) {
+		if ((isset($_POST['installstep']) && $_POST['installstep'] == '1') || (isset($_GET['check']) && $_GET['check'] == '1')) {
 			$pagetitle = $this->_lng['install']['title'];
 			if ($this->_checkPostData()) {
 				// ceck data and create userdata etc.etc.etc.
@@ -145,7 +149,8 @@ class FroxlorInstall {
 	 *
 	 * @return boolean
 	 */
-	private function _checkPostData() {
+	private function _checkPostData()
+	{
 		$this->_guessServerName();
 		$this->_guessServerIP();
 		$this->_guessWebserver();
@@ -159,14 +164,13 @@ class FroxlorInstall {
 		$this->_getPostField('admin_user', 'admin');
 		$this->_getPostField('admin_pass1');
 		$this->_getPostField('admin_pass2');
+		$this->_getPostField('activate_newsfeed', 1);
 		$posixusername = posix_getpwuid(posix_getuid());
 		$this->_getPostField('httpuser', $posixusername['name']);
 		$posixgroup = posix_getgrgid(posix_getgid());
 		$this->_getPostField('httpgroup', $posixgroup['name']);

-		if ($this->_data['mysql_host'] == 'localhost'
-				|| $this->_data['mysql_host'] == '127.0.0.1'
-		) {
+		if ($this->_data['mysql_host'] == 'localhost' || $this->_data['mysql_host'] == '127.0.0.1') {
 			$this->_data['mysql_access_host'] = $this->_data['mysql_host'];
 		} else {
 			$this->_data['mysql_access_host'] = $this->_data['serverip'];
@@ -177,19 +181,7 @@ class FroxlorInstall {
 			$this->_data['servername'] = '';
 		}

-		if (isset($_POST['installstep'])
-				&& $_POST['installstep'] == '1'
-				&& $this->_data['admin_pass1'] == $this->_data['admin_pass2']
-				&& $this->_data['admin_pass1'] != ''
-				&& $this->_data['admin_pass2'] != ''
-				&& $this->_data['mysql_unpriv_pass'] != ''
-				&& $this->_data['mysql_root_pass'] != ''
-				&& $this->_data['servername'] != ''
-				&& $this->_data['serverip'] != ''
-				&& $this->_data['httpuser'] != ''
-				&& $this->_data['httpgroup'] != ''
-				&& $this->_data['mysql_unpriv_user'] != $this->_data['mysql_root_user']
-		) {
+		if (isset($_POST['installstep']) && $_POST['installstep'] == '1' && $this->_data['admin_pass1'] == $this->_data['admin_pass2'] && $this->_data['admin_pass1'] != '' && $this->_data['admin_pass2'] != '' && $this->_data['mysql_unpriv_pass'] != '' && $this->_data['mysql_root_pass'] != '' && $this->_data['servername'] != '' && $this->_data['serverip'] != '' && $this->_data['httpuser'] != '' && $this->_data['httpgroup'] != '' && $this->_data['mysql_unpriv_user'] != $this->_data['mysql_root_user']) {
 			return true;
 		}
 		return false;
@@ -200,31 +192,31 @@ class FroxlorInstall {
 	 *
 	 * @return array
 	 */
-	private function _doInstall() {
-
+	private function _doInstall()
+	{
 		$content = "<table class=\"noborder\">";

 		// check for mysql-root-connection
 		$content .= $this->_status_message('begin', $this->_lng['install']['testing_mysql']);

-		$options = array('PDO::MYSQL_ATTR_INIT_COMMAND' => 'set names utf8');
+		$options = array(
+			'PDO::MYSQL_ATTR_INIT_COMMAND' => 'set names utf8'
+		);
 		$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";";
 		$fatal_fail = false;
 		try {
-			$db_root = new PDO(
-					$dsn, $this->_data['mysql_root_user'], $this->_data['mysql_root_pass'], $options
-			);
+			$db_root = new PDO($dsn, $this->_data['mysql_root_user'], $this->_data['mysql_root_pass'], $options);
 		} catch (PDOException $e) {
 			// possibly without passwd?
 			try {
-				$db_root = new PDO(
-						$dsn, $this->_data['mysql_root_user'], '', $options
-				);
+				$db_root = new PDO($dsn, $this->_data['mysql_root_user'], '', $options);
 				// set the given password
 				$passwd_stmt = $db_root->prepare("
 						SET PASSWORD = PASSWORD(:passwd)
 						");
-				$passwd_stmt->execute(array('passwd' => $this->_data['mysql_root_pass']));
+				$passwd_stmt->execute(array(
+					'passwd' => $this->_data['mysql_root_pass']
+				));
 			} catch (PDOException $e) {
 				// nope
 				$content .= $this->_status_message('red', $e->getMessage());
@@ -243,18 +235,19 @@ class FroxlorInstall {
 			// importing data to new database
 			$content .= $this->_importDatabaseData();
 			// create DB object for new database
-			$options = array('PDO::MYSQL_ATTR_INIT_COMMAND' => 'set names utf8');
+			$options = array(
+				'PDO::MYSQL_ATTR_INIT_COMMAND' => 'set names utf8'
+			);
 			$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";dbname=" . $this->_data['mysql_database'] . ";";
 			$another_fail = false;
 			try {
-				$db = new PDO(
-						$dsn, $this->_data['mysql_unpriv_user'], $this->_data['mysql_unpriv_pass'], $options
-				);
+				$db = new PDO($dsn, $this->_data['mysql_unpriv_user'], $this->_data['mysql_unpriv_pass'], $options);
 			} catch (PDOException $e) {
 				// dafuq? this should have happened in _importDatabaseData()
 				$content .= $this->_status_message('red', $e->getMessage());
 				$another_fail = true;
-			};
+			}
+			;

 			if (! $another_fail) {
 				// change settings accordingly
@@ -275,7 +268,7 @@ class FroxlorInstall {
 			$navigation = '';
 			$msgcolor = 'red';
 			$message = $this->_lng['install']['testing_mysql_fail'];
-			$link = 'install.php';
+			$link = 'install.php?check=1';
 			$linktext = $this->_lng['click_here_to_goback'];
 		} else {
 			// all good
@@ -288,14 +281,17 @@ class FroxlorInstall {

 		eval("\$navigation .= \"" . $this->_getTemplate("pagebottom") . "\";");

-		return array('pagecontent' => $content, 'pagenavigation' => $navigation);
+		return array(
+			'pagecontent' => $content,
+			'pagenavigation' => $navigation
+		);
 	}

 	/**
 	 * Create userdata.inc.php file
 	 */
-	private function _createUserdataConf() {
-
+	private function _createUserdataConf()
+	{
 		$content = "";

 		$content .= $this->_status_message('begin', $this->_lng['install']['creating_configfile']);
@@ -309,6 +305,8 @@ class FroxlorInstall {
 		$userdata .= "\$sql_root[0]['host']='" . addcslashes($this->_data['mysql_host'], "'\\") . "';\n";
 		$userdata .= "\$sql_root[0]['user']='" . addcslashes($this->_data['mysql_root_user'], "'\\") . "';\n";
 		$userdata .= "\$sql_root[0]['password']='" . addcslashes($this->_data['mysql_root_pass'], "'\\") . "';\n";
+		$userdata .= "// enable debugging to browser in case of SQL errors\n";
+		$userdata .= "\$sql['debug'] = false;\n";
 		$userdata .= "?>";

 		// test if we can store the userdata.inc.php in ../lib
@@ -317,8 +315,7 @@ class FroxlorInstall {
 			@fclose($fp);
 			$content .= $this->_status_message('green', 'OK');
 			chmod('../lib/userdata.inc.php', 0440);
-		}
-		elseif ($fp = @fopen('/tmp/userdata.inc.php', 'w')) {
+		} elseif ($fp = @fopen('/tmp/userdata.inc.php', 'w')) {
 			$result = @fputs($fp, $userdata, strlen($userdata));
 			@fclose($fp);
 			$content .= $this->_status_message('orange', $this->_lng['install']['creating_configfile_temp']);
@@ -339,8 +336,8 @@ class FroxlorInstall {
 	 *
 	 * @return string status messages
 	 */
-	private function _doDataEntries(&$db) {
-
+	private function _doDataEntries(&$db)
+	{
 		$content = "";

 		$content .= $this->_status_message('begin', $this->_lng['install']['creating_entries']);
@@ -354,7 +351,9 @@ class FroxlorInstall {
 				`vhostcontainer` = '1',
 				`vhostcontainer_servername_statement` = '1'
 				");
-		$stmt->execute(array('serverip' => $this->_data['serverip']));
+		$stmt->execute(array(
+			'serverip' => $this->_data['serverip']
+		));
 		$defaultip = $db->lastInsertId();

 		// insert the defaultip
@@ -363,7 +362,9 @@ class FroxlorInstall {
 				`value` = :defaultip
 				WHERE `settinggroup` = 'system' AND `varname` = 'defaultip'
 				");
-		$upd_stmt->execute(array('defaultip' => $defaultip));
+		$upd_stmt->execute(array(
+			'defaultip' => $defaultip
+		));

 		$content .= $this->_status_message('green', 'OK');

@@ -371,7 +372,8 @@ class FroxlorInstall {
 		$content .= $this->_status_message('begin', $this->_lng['install']['adding_admin_user']);
 		$ins_data = array(
 			'loginname' => $this->_data['admin_user'],
-				'password' => md5($this->_data['admin_pass1']),
+				/* use SHA256 default crypt */
+				'password' => crypt($this->_data['admin_pass1'], '$5$' . md5(uniqid(microtime(), 1)) . md5(uniqid(microtime(), 1))),
 			'email' => 'admin@' . $this->_data['servername'],
 			'deflang' => $this->_languages[$this->_activelng]
 		);
@@ -398,10 +400,7 @@ class FroxlorInstall {
 				`tickets` = -1,
 				`tickets_see_all` = 1,
 				`subdomains` = -1,
-				`traffic` = -1048576,
-				`can_manage_aps_packages` = 1,
-				`aps_packages` = -1,
-				`email_autoresponder` = -1
+				`traffic` = -1048576
 				");

 		$ins_stmt->execute($ins_data);
@@ -419,7 +418,8 @@ class FroxlorInstall {
 	 * @param string $varname
 	 * @param string $value
 	 */
-	private function _updateSetting(&$stmt = null, $value = null, $group = null, $varname = null) {
+	private function _updateSetting(&$stmt = null, $value = null, $group = null, $varname = null)
+	{
 		$stmt->execute(array(
 			'group' => $group,
 			'varname' => $varname,
@@ -434,8 +434,8 @@ class FroxlorInstall {
 	 *
 	 * @return string status messages
 	 */
-	private function _doSettings(&$db) {
-
+	private function _doSettings(&$db)
+	{
 		$content = "";

 		$content .= $this->_status_message('begin', $this->_lng['install']['changing_data']);
@@ -455,7 +455,10 @@ class FroxlorInstall {
 		$this->_updateSetting($upd_stmt, $this->_data['httpgroup'], 'system', 'httpgroup');

 		// necessary changes for webservers != apache2
-		if ($this->_data['webserver'] == "lighttpd") {
+		if ($this->_data['webserver'] == "apache24") {
+			$this->_updateSetting($upd_stmt, 'apache2', 'system', 'webserver');
+			$this->_updateSetting($upd_stmt, '1', 'system', 'apache24');
+		} elseif ($this->_data['webserver'] == "lighttpd") {
 			$this->_updateSetting($upd_stmt, '/etc/lighttpd/conf-enabled/', 'system', 'apacheconf_vhost');
 			$this->_updateSetting($upd_stmt, '/etc/lighttpd/froxlor-diroptions/', 'system', 'apacheconf_diroptions');
 			$this->_updateSetting($upd_stmt, '/etc/lighttpd/froxlor-htpasswd/', 'system', 'apacheconf_htpasswddir');
@@ -468,9 +471,12 @@ class FroxlorInstall {
 			$this->_updateSetting($upd_stmt, '/etc/nginx/froxlor-htpasswd/', 'system', 'apacheconf_htpasswddir');
 			$this->_updateSetting($upd_stmt, '/etc/init.d/nginx reload', 'system', 'apachereload_command');
 			$this->_updateSetting($upd_stmt, '/etc/nginx/nginx.pem', 'system', 'ssl_cert_file');
-			$this->_updateSetting($upd_stmt, '/var/run/nginx/', 'phpfpm', 'fastcgi_ipcdir');
+			$this->_updateSetting($upd_stmt, '/var/run/', 'phpfpm', 'fastcgi_ipcdir');
 		}

+		$this->_updateSetting($upd_stmt, $this->_data['activate_newsfeed'], 'admin', 'show_news_feed');
+		$this->_updateSetting($upd_stmt, dirname(dirname(dirname(__FILE__))), 'system', 'letsencryptchallengepath');
+
 		// insert the lastcronrun to be the installation date
 		$this->_updateSetting($upd_stmt, time(), 'system', 'lastcronrun');

@@ -481,6 +487,9 @@ class FroxlorInstall {
 		$db->query("UPDATE `" . TABLE_PANEL_CRONRUNS . "` SET `lastrun` = '" . $ts . "' WHERE `cronfile` ='cron_used_tickets_reset.php';");
 		$db->query("UPDATE `" . TABLE_PANEL_CRONRUNS . "` SET `lastrun` = '" . $ts . "' WHERE `cronfile` ='cron_ticketarchive.php';");

+		// insert task 99 to generate a correct cron.d-file automatically
+		$db->query("INSERT INTO `" . TABLE_PANEL_TASKS . "` SET `type` = '99';");
+
 		$content .= $this->_status_message('green', 'OK');

 		return $content;
@@ -493,21 +502,22 @@ class FroxlorInstall {
 	 *
 	 * @return string status messages
 	 */
-	private function _importDatabaseData() {
-
+	private function _importDatabaseData()
+	{
 		$content = "";
 		$content .= $this->_status_message('begin', $this->_lng['install']['testing_new_db']);
-		$options = array('PDO::MYSQL_ATTR_INIT_COMMAND' => 'set names utf8');
+		$options = array(
+			'PDO::MYSQL_ATTR_INIT_COMMAND' => 'set names utf8'
+		);
 		$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";dbname=" . $this->_data['mysql_database'] . ";";
 		$fatal_fail = false;
 		try {
-			$db = new PDO(
-					$dsn, $this->_data['mysql_unpriv_user'], $this->_data['mysql_unpriv_pass'], $options
-			);
+			$db = new PDO($dsn, $this->_data['mysql_unpriv_user'], $this->_data['mysql_unpriv_pass'], $options);
 		} catch (PDOException $e) {
 			$content .= $this->_status_message('red', $e->getMessage());
 			$fatal_fail = true;
-		};
+		}
+		;

 		if (! $fatal_fail) {

@@ -538,8 +548,8 @@ class FroxlorInstall {
 	 *
 	 * @return string status messages
 	 */
-	private function _createDatabaseAndUser(&$db_root) {
-
+	private function _createDatabaseAndUser(&$db_root)
+	{
 		$content = "";

 		// so first we have to delete the database and
@@ -547,16 +557,28 @@ class FroxlorInstall {
 		$content .= $this->_status_message('begin', $this->_lng['install']['prepare_db']);

 		$del_stmt = $db_root->prepare("DELETE FROM `mysql`.`user` WHERE `User` = :user AND `Host` = :accesshost");
-		$del_stmt->execute(array('user' => $this->_data['mysql_unpriv_user'], 'accesshost' => $this->_data['mysql_access_host']));
+		$del_stmt->execute(array(
+			'user' => $this->_data['mysql_unpriv_user'],
+			'accesshost' => $this->_data['mysql_access_host']
+		));

 		$del_stmt = $db_root->prepare("DELETE FROM `mysql`.`db` WHERE `User` = :user AND `Host` = :accesshost");
-		$del_stmt->execute(array('user' => $this->_data['mysql_unpriv_user'], 'accesshost' => $this->_data['mysql_access_host']));
+		$del_stmt->execute(array(
+			'user' => $this->_data['mysql_unpriv_user'],
+			'accesshost' => $this->_data['mysql_access_host']
+		));

 		$del_stmt = $db_root->prepare("DELETE FROM `mysql`.`tables_priv` WHERE `User` = :user AND `Host` =:accesshost");
-		$del_stmt->execute(array('user' => $this->_data['mysql_unpriv_user'], 'accesshost' => $this->_data['mysql_access_host']));
+		$del_stmt->execute(array(
+			'user' => $this->_data['mysql_unpriv_user'],
+			'accesshost' => $this->_data['mysql_access_host']
+		));

 		$del_stmt = $db_root->prepare("DELETE FROM `mysql`.`columns_priv` WHERE `User` = :user AND `Host` = :accesshost");
-		$del_stmt->execute(array('user' => $this->_data['mysql_unpriv_user'], 'accesshost' => $this->_data['mysql_access_host']));
+		$del_stmt->execute(array(
+			'user' => $this->_data['mysql_unpriv_user'],
+			'accesshost' => $this->_data['mysql_access_host']
+		));

 		$del_stmt = $db_root->prepare("DROP DATABASE IF EXISTS `" . str_replace('`', '', $this->_data['mysql_database']) . "`;");
 		$del_stmt->execute();
@@ -566,20 +588,16 @@ class FroxlorInstall {

 		// we have to create a new user and database for the froxlor unprivileged mysql access
 		$content .= $this->_status_message('begin', $this->_lng['install']['create_mysqluser_and_db']);
-		$ins_stmt = $db_root->prepare("CREATE DATABASE `".str_replace('`', '', $this->_data['mysql_database'])."`");
+		$ins_stmt = $db_root->prepare("CREATE DATABASE `" . str_replace('`', '', $this->_data['mysql_database']) . "` CHARACTER SET=utf8 COLLATE=utf8_general_ci");
 		$ins_stmt->execute();

 		$mysql_access_host_array = array_map('trim', explode(',', $this->_data['mysql_access_host']));

-		if (in_array('127.0.0.1', $mysql_access_host_array)
-				&& !in_array('localhost', $mysql_access_host_array)
-		) {
+		if (in_array('127.0.0.1', $mysql_access_host_array) && ! in_array('localhost', $mysql_access_host_array)) {
 			$mysql_access_host_array[] = 'localhost';
 		}

-		if (!in_array('127.0.0.1', $mysql_access_host_array)
-				&& in_array('localhost', $mysql_access_host_array)
-		) {
+		if (! in_array('127.0.0.1', $mysql_access_host_array) && in_array('localhost', $mysql_access_host_array)) {
 			$mysql_access_host_array[] = '127.0.0.1';
 		}

@@ -589,11 +607,17 @@ class FroxlorInstall {
 			$stmt = $db_root->prepare("
 					GRANT ALL PRIVILEGES ON `" . $_db . "`.*
 					TO :username@:host
-					IDENTIFIED BY 'password'"
-			);
-			$stmt->execute(array("username" => $this->_data['mysql_unpriv_user'], "host" => $mysql_access_host));
+					IDENTIFIED BY 'password'");
+			$stmt->execute(array(
+				"username" => $this->_data['mysql_unpriv_user'],
+				"host" => $mysql_access_host
+			));
 			$stmt = $db_root->prepare("SET PASSWORD FOR :username@:host = PASSWORD(:password)");
-			$stmt->execute(array("username" => $this->_data['mysql_unpriv_user'], "host" => $mysql_access_host, "password" => $this->_data['mysql_unpriv_pass']));
+			$stmt->execute(array(
+				"username" => $this->_data['mysql_unpriv_user'],
+				"host" => $mysql_access_host,
+				"password" => $this->_data['mysql_unpriv_pass']
+			));
 		}

 		$db_root->query("FLUSH PRIVILEGES;");
@@ -610,15 +634,17 @@ class FroxlorInstall {
 	 *
 	 * @return string status messages
 	 */
-	private function _backupExistingDatabase(&$db_root) {
-
+	private function _backupExistingDatabase(&$db_root)
+	{
 		$content = "";

 		// check for existing of former database
 		$tables_exist = false;
 		$sql = "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = :database";
 		$result_stmt = $db_root->prepare($sql);
-		$result_stmt->execute(array('database' => $this->_data['mysql_database']));
+		$result_stmt->execute(array(
+			'database' => $this->_data['mysql_database']
+		));
 		$rows = $db_root->query("SELECT FOUND_ROWS()")->fetchColumn();

 		// check result
@@ -662,8 +688,8 @@ class FroxlorInstall {
 	/**
 	 * show form to collect all needed data for the install
 	 */
-	private function _showDataForm() {
-
+	private function _showDataForm()
+	{
 		$content = "";
 		// form action
 		$formaction = htmlspecialchars($_SERVER['PHP_SELF']);
@@ -691,26 +717,30 @@ class FroxlorInstall {
 		$formdata .= $this->_getSectionItemString('mysql_database', true);
 		// unpriv-user has to be different from root
 		if ($this->_data['mysql_unpriv_user'] == $this->_data['mysql_root_user']) {
-			$style = 'color:blue;';
-		} else { $style = '';
+			$style = 'blue';
+		} else {
+			$style = '';
 		}
 		$formdata .= $this->_getSectionItemString('mysql_unpriv_user', true, $style);
 		// is we posted and no password was given -> red
 		if (! empty($_POST['installstep']) && $this->_data['mysql_unpriv_pass'] == '') {
-			$style = 'color:red;';
-		} else { $style = '';
+			$style = 'red';
+		} else {
+			$style = '';
 		}
 		$formdata .= $this->_getSectionItemString('mysql_unpriv_pass', true, $style, 'password');
 		// unpriv-user has to be different from root
 		if ($this->_data['mysql_unpriv_user'] == $this->_data['mysql_root_user']) {
-			$style = 'color:blue;';
-		} else { $style = '';
+			$style = 'blue';
+		} else {
+			$style = '';
 		}
 		$formdata .= $this->_getSectionItemString('mysql_root_user', true, $style);
 		// is we posted and no password was given -> red
 		if (! empty($_POST['installstep']) && $this->_data['mysql_root_pass'] == '') {
-			$style = 'color:red;';
-		} else { $style = '';
+			$style = 'red';
+		} else {
+			$style = '';
 		}
 		$formdata .= $this->_getSectionItemString('mysql_root_pass', true, $style, 'password');

@@ -722,23 +752,21 @@ class FroxlorInstall {
 		// user
 		$formdata .= $this->_getSectionItemString('admin_user', true);
 		// check for admin passwords to be equal
-		if (!empty($_POST['installstep']) &&
-				($this->_data['admin_pass1'] == ''
-						|| $this->_data['admin_pass1'] != $this->_data['admin_pass2'])
-		) {
+		if (! empty($_POST['installstep']) && ($this->_data['admin_pass1'] == '' || $this->_data['admin_pass1'] != $this->_data['admin_pass2'])) {
 			$style = 'color:red;';
-		} else { $style = '';
+		} else {
+			$style = '';
 		}
 		$formdata .= $this->_getSectionItemString('admin_pass1', true, $style, 'password');
 		// check for admin passwords to be equal
-		if (!empty($_POST['installstep']) &&
-				($this->_data['admin_pass2'] == ''
-						|| $this->_data['admin_pass1'] != $this->_data['admin_pass2'])
-		) {
+		if (! empty($_POST['installstep']) && ($this->_data['admin_pass2'] == '' || $this->_data['admin_pass1'] != $this->_data['admin_pass2'])) {
 			$style = 'color:red;';
-		} else { $style = '';
+		} else {
+			$style = '';
 		}
 		$formdata .= $this->_getSectionItemString('admin_pass2', true, $style, 'password');
+		// activate newsfeed?
+		$formdata .= $this->_getSectionItemYesNo('activate_newsfeed', true);

 		/**
 		 * Server data
@@ -748,22 +776,26 @@ class FroxlorInstall {
 		// servername
 		if (! empty($_POST['installstep']) && $this->_data['servername'] == '') {
 			$style = 'color:red;';
-		} else { $style = '';
+		} else {
+			$style = '';
 		}
 		$formdata .= $this->_getSectionItemString('servername', true, $style);
 		// serverip
 		if (! empty($_POST['installstep']) && $this->_data['serverip'] == '') {
 			$style = 'color:red;';
-		} else { $style = '';
+		} else {
+			$style = '';
 		}
 		$formdata .= $this->_getSectionItemString('serverip', true, $style);
 		// webserver
 		if (! empty($_POST['installstep']) && $this->_data['webserver'] == '') {
 			$websrvstyle = 'color:red;';
-		} else { $websrvstyle = '';
+		} else {
+			$websrvstyle = '';
 		}
 		// apache
 		$formdata .= $this->_getSectionItemCheckbox('apache2', ($this->_data['webserver'] == 'apache2'), $websrvstyle);
+		$formdata .= $this->_getSectionItemCheckbox('apache24', ($this->_data['webserver'] == 'apache24'), $websrvstyle);
 		// lighttpd
 		$formdata .= $this->_getSectionItemCheckbox('lighttpd', ($this->_data['webserver'] == 'lighttpd'), $websrvstyle);
 		// nginx
@@ -771,13 +803,15 @@ class FroxlorInstall {
 		// webserver-user
 		if (! empty($_POST['installstep']) && $this->_data['httpuser'] == '') {
 			$style = 'color:red;';
-		} else { $style = '';
+		} else {
+			$style = '';
 		}
 		$formdata .= $this->_getSectionItemString('httpuser', true, $style);
 		// webserver-group
 		if (! empty($_POST['installstep']) && $this->_data['httpgroup'] == '') {
 			$style = 'color:red;';
-		} else { $style = '';
+		} else {
+			$style = '';
 		}
 		$formdata .= $this->_getSectionItemString('httpgroup', true, $style);

@@ -786,7 +820,10 @@ class FroxlorInstall {
 		eval("\$content .= \"" . $this->_getTemplate("dataform2") . "\";");

 		$navigation = '';
-		return array('pagecontent' => $content, 'pagenavigation' => $navigation);
+		return array(
+			'pagecontent' => $content,
+			'pagenavigation' => $navigation
+		);
 	}

 	/**
@@ -794,12 +831,15 @@ class FroxlorInstall {
 	 *
 	 * @param string $fieldname
 	 * @param boolean $required
-	 * @param string $style optional css
-	 * @param string $type optional type of input-box (default: text)
+	 * @param string $style
+	 *        	optional css
+	 * @param string $type
+	 *        	optional type of input-box (default: text)
 	 *
 	 * @return string
 	 */
-	private function _getSectionItemString($fieldname = null, $required = false, $style = "", $type = 'text') {
+	private function _getSectionItemString($fieldname = null, $required = false, $style = "", $type = 'text')
+	{
 		$fieldlabel = $this->_lng['install'][$fieldname];
 		$fieldvalue = htmlspecialchars($this->_data[$fieldname]);
 		if ($required) {
@@ -811,15 +851,16 @@ class FroxlorInstall {
 	}

 	/**
-	 * generate form checkbox field
+	 * generate form radio field for webserver-selection
 	 *
 	 * @param string $fieldname
-	 * @param boolean $required
+	 * @param boolean $checked
 	 * @param string $style
 	 *
 	 * @return string
 	 */
-	private function _getSectionItemCheckbox($fieldname = null, $checked = false, $style = "") {
+	private function _getSectionItemCheckbox($fieldname = null, $checked = false, $style = "")
+	{
 		$fieldlabel = $this->_lng['install'][$fieldname];
 		if ($checked) {
 			$checked = 'checked="checked"';
@@ -829,10 +870,31 @@ class FroxlorInstall {
 		return $sectionitem;
 	}

+	/**
+	 * generate form checkbox field
+	 *
+	 * @param string $fieldname
+	 * @param boolean $checked
+	 * @param string $style
+	 *
+	 * @return string
+	 */
+	private function _getSectionItemYesNo($fieldname = null, $checked = false, $style = "")
+	{
+		$fieldlabel = $this->_lng['install'][$fieldname];
+		if ($checked) {
+			$checked = 'checked="checked"';
+		}
+		$sectionitem = "";
+		eval("\$sectionitem .= \"" . $this->_getTemplate("dataitemyesno") . "\";");
+		return $sectionitem;
+	}
+
 	/**
 	 * check for requirements froxlor needs
 	 */
-	private function _requirementCheck() {
+	private function _requirementCheck()
+	{

 		// indicator whether we need to abort or not
 		$_die = false;
@@ -845,11 +907,16 @@ class FroxlorInstall {
 		if (version_compare("5.3.0", PHP_VERSION, ">=")) {
 			$content .= $this->_status_message('red', $this->_lng['requirements']['notfound'] . ' (' . PHP_VERSION . ')');
 			$_die = true;
+		} else {
+			if (version_compare("5.6.0", PHP_VERSION, ">=")) {
+				$content .= $this->_status_message('orange', $this->_lng['requirements']['newerphpprefered'] . ' (' .PHP_VERSION . ')');
 			} else {
 				$content .= $this->_status_message('green', PHP_VERSION);
 			}
+		}

-		// Check if magic_quotes_runtime is active
+		// Check if magic_quotes_runtime is active | get_magic_quotes_runtime() is always FALSE since 5.4
+		if (version_compare(PHP_VERSION, "5.4.0", "<")) {
 			$content .= $this->_status_message('begin', $this->_lng['requirements']['phpmagic_quotes_runtime']);
 			if (get_magic_quotes_runtime()) {
 				// deactivate it
@@ -858,6 +925,7 @@ class FroxlorInstall {
 			} else {
 				$content .= $this->_status_message('green', 'off');
 			}
+		}

 		// check for php_pdo and pdo_mysql
 		$content .= $this->_status_message('begin', $this->_lng['requirements']['phppdo']);
@@ -899,6 +967,26 @@ class FroxlorInstall {
 			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
 		}

+		// check for bstring-extension
+		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpmbstring']);
+
+		if (! extension_loaded('mbstring')) {
+			$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
+			$_die = true;
+		} else {
+			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
+		}
+
+		// check for curl extension
+		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpcurl']);
+
+		if (! extension_loaded('curl')) {
+			$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
+			$_die = true;
+		} else {
+			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
+		}
+
 		// check for bcmath extension
 		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpbcmath']);

@@ -908,6 +996,15 @@ class FroxlorInstall {
 			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
 		}

+		// check for zip extension
+		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpzip']);
+
+		if (! extension_loaded('zip')) {
+			$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['zipdescription']);
+		} else {
+			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
+		}
+
 		// check for open_basedir
 		$content .= $this->_status_message('begin', $this->_lng['requirements']['openbasedir']);
 		$php_ob = @ini_get("open_basedir");
@@ -933,13 +1030,17 @@ class FroxlorInstall {
 		}
 		eval("\$navigation .= \"" . $this->_getTemplate("pagebottom") . "\";");

-		return array('pagecontent' => $content, 'pagenavigation' => $navigation);
+		return array(
+			'pagecontent' => $content,
+			'pagenavigation' => $navigation
+		);
 	}

 	/**
 	 * send no-caching headers and set the default timezone
 	 */
-	private function _sendHeaders() {
+	private function _sendHeaders()
+	{
 		// no caching
 		header("Cache-Control: no-store, no-cache, must-revalidate");
 		header("Pragma: no-cache");
@@ -947,9 +1048,7 @@ class FroxlorInstall {
 		header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time()));

 		// ensure that default timezone is set
-		if (function_exists("date_default_timezone_set")
-				&& function_exists("date_default_timezone_get")
-		) {
+		if (function_exists("date_default_timezone_set") && function_exists("date_default_timezone_get")) {
 			@date_default_timezone_set(@date_default_timezone_get());
 		}
 	}
@@ -958,18 +1057,18 @@ class FroxlorInstall {
 	 * check for the userdata - if it exists then froxlor is
 	 * already installed and we show a nice note
 	 */
-	private function _checkUserDataFile() {
+	private function _checkUserDataFile()
+	{
 		$userdata = $this->_basepath . '/lib/userdata.inc.php';
 		if (file_exists($userdata)) {
 			// includes the usersettings (MySQL-Username/Passwort)
 			// to test if Froxlor is already installed
 			require $this->_basepath . '/lib/userdata.inc.php';

-			if (isset($sql)
-					&& is_array($sql)
-			) {
+			if (isset($sql) && is_array($sql)) {
 				// use sparkle theme for the notice
 				$installed_hint = file_get_contents($this->_basepath . '/templates/Sparkle/misc/alreadyinstalledhint.tpl');
+				$installed_hint = str_replace("<CURRENT_YEAR>", date('Y', time()), $installed_hint);
 				die($installed_hint);
 			}
 		}
@@ -978,18 +1077,15 @@ class FroxlorInstall {
 	/**
 	 * include the chose language or else default (english)
 	 */
-	private function _includeLanguageFile() {
+	private function _includeLanguageFile()
+	{
 		// set default
 		$standardlanguage = 'english';

 		// check either _GET or _POST
-		if (isset($_GET['language'])
-				&& isset($this->_languages[$_GET['language']])
-		) {
+		if (isset($_GET['language']) && isset($this->_languages[$_GET['language']])) {
 			$this->_activelng = $_GET['language'];
-		} elseif (isset($_POST['language'])
-				&& isset($this->_languages[$_POST['language']])
-		) {
+		} elseif (isset($_POST['language']) && isset($this->_languages[$_POST['language']])) {
 			$this->_activelng = $_POST['language'];
 		} else {
 			// try to guess the right language
@@ -1018,17 +1114,17 @@ class FroxlorInstall {
 	/**
 	 * Get template from filesystem
 	 *
-	 * @param string $template name of the template including subdirectory
+	 * @param string $template
+	 *        	name of the template including subdirectory
 	 *
 	 * @return string
 	 */
-	private function _getTemplate($template = null) {
+	private function _getTemplate($template = null)
+	{
 		// build filename
 		$filename = $this->_basepath . '/install/templates/' . $template . '.tpl';
-		// check existance
-		if(file_exists($filename)
-				&& is_readable($filename)
-		) {
+		// check existence
+		if (file_exists($filename) && is_readable($filename)) {
 			$templatefile = addcslashes(file_get_contents($filename), '"\\');
 			// loop through template more than once in case we have an "if"-statement in another one
 			while (preg_match('/<if[ \t]*(.*)>(.*)(<\/if>|<else>(.*)<\/if>)/Uis', $templatefile)) {
@@ -1049,24 +1145,27 @@ class FroxlorInstall {
 	 *
 	 * @return string
 	 */
-	private function _status_message($case, $text) {
+	private function _status_message($case, $text)
+	{
 		if ($case == 'begin') {
-			return '<tr><td style="width: 250px;">'.$text;
+			return '<tr><td class="install-step">' . $text;
 		} else {
-			return '</td><td><span style="color:'.$case.';">'.$text.'</span></td></tr>';
+			return '</td><td><span class="' . $case . '">' . $text . '</span></td></tr>';
 		}
 	}

 	/**
 	 * get/guess servername
 	 */
-	private function _guessServerName() {
+	private function _guessServerName()
+	{
 		// from form?
 		if (! empty($_POST['servername'])) {
 			$this->_data['servername'] = $_POST['servername'];
 			return;
 			// from $_SERVER
-		} else if (!empty($_SERVER['SERVER_NAME'])) {
+		} else
+			if (! empty($_SERVER['SERVER_NAME'])) {
 				// no ips
 				if ($this->_validate_ip($_SERVER['SERVER_NAME']) == false) {
 					$this->_data['servername'] = $_SERVER['SERVER_NAME'];
@@ -1080,7 +1179,8 @@ class FroxlorInstall {
 	/**
 	 * get/guess serverip
 	 */
-	private function _guessServerIP() {
+	private function _guessServerIP()
+	{
 		// from form
 		if (! empty($_POST['serverip'])) {
 			$this->_data['serverip'] = $_POST['serverip'];
@@ -1097,22 +1197,17 @@ class FroxlorInstall {
 	/**
 	 * get/guess webserver-software
 	 */
-	private function _guessWebserver() {
+	private function _guessWebserver()
+	{
 		// post
 		if (! empty($_POST['webserver'])) {
 			$this->_data['webserver'] = $_POST['webserver'];
 		} else {
-			if (strtoupper(@php_sapi_name()) == "APACHE2HANDLER"
-					|| stristr($_SERVER['SERVER_SOFTWARE'], "apache/2")
-			) {
+			if (strtoupper(@php_sapi_name()) == "APACHE2HANDLER" || stristr($_SERVER['SERVER_SOFTWARE'], "apache/2")) {
 				$this->_data['webserver'] = 'apache2';
-			} elseif(substr(strtoupper(@php_sapi_name()), 0, 8) == "LIGHTTPD"
-					|| stristr($_SERVER['SERVER_SOFTWARE'], "lighttpd")
-			) {
+			} elseif (substr(strtoupper(@php_sapi_name()), 0, 8) == "LIGHTTPD" || stristr($_SERVER['SERVER_SOFTWARE'], "lighttpd")) {
 				$this->_data['webserver'] = 'lighttpd';
-			} elseif(substr(strtoupper(@php_sapi_name()), 0, 8) == "NGINX"
-					|| stristr($_SERVER['SERVER_SOFTWARE'], "nginx")
-			) {
+			} elseif (substr(strtoupper(@php_sapi_name()), 0, 8) == "NGINX" || stristr($_SERVER['SERVER_SOFTWARE'], "nginx")) {
 				$this->_data['webserver'] = 'nginx';
 			} else {
 				// we don't need to bail out, since unknown does not affect any critical installation routines
@@ -1129,7 +1224,8 @@ class FroxlorInstall {
 	 * @param string $default
 	 *
 	 */
-	private function _getPostField($fieldname = null, $default = null) {
+	private function _getPostField($fieldname = null, $default = null)
+	{
 		// initialize
 		$this->_data[$fieldname] = '';
 		// set default
@@ -1149,11 +1245,9 @@ class FroxlorInstall {
 	 *
 	 * @return boolean|string
 	 */
-	private function _validate_ip($ip = null) {
-		if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false
-				&& filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === false
-				&& filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE) === false
-		) {
+	private function _validate_ip($ip = null)
+	{
+		if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false && filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === false && filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE) === false) {
 			return false;
 		}
 		return $ip;
@@ -1166,17 +1260,15 @@ class FroxlorInstall {
 	 *
 	 * @return string
 	 */
-	private function _remove_remarks($sql) {
-
+	private function _remove_remarks($sql)
+	{
 		$lines = explode("\n", $sql);
 		// try to keep mem. use down
 		$sql = "";
 		$linecount = count($lines);
 		$output = "";
 		for ($i = 0; $i < $linecount; $i ++) {
-			if ($i != ($linecount - 1)
-					|| strlen($lines[$i]) > 0
-			) {
+			if ($i != ($linecount - 1) || strlen($lines[$i]) > 0) {
 				if (substr($lines[$i], 0, 1) != "#") {
 					$output .= $lines[$i] . "\n";
 				} else {
@@ -1196,7 +1288,8 @@ class FroxlorInstall {
 	 * The whole function has been taken from the phpbb installer,
 	 * copyright by the phpbb team, phpbb in summer 2004.
 	 */
-	private function _split_sql_file($sql, $delimiter) {
+	private function _split_sql_file($sql, $delimiter)
+	{

 		// Split up our string into "possible" SQL statements.
 		$tokens = explode($delimiter, $sql);
@@ -1208,13 +1301,11 @@ class FroxlorInstall {
 		// we don't actually care about the matches preg gives us.
 		$matches = array();

-		// this is faster than calling count($oktens) every time thru the loop.
+		// this is faster than calling count($tokens) every time through the loop.
 		$token_count = count($tokens);
 		for ($i = 0; $i < $token_count; $i ++) {
-			// Don't wanna add an empty string as the last thing in the array.
-			if (($i != ($token_count - 1))
-					|| (strlen($tokens[$i] > 0))
-			) {
+			// Don't want to add an empty string as the last thing in the array.
+			if (($i != ($token_count - 1)) || (strlen($tokens[$i] > 0))) {
 				// This is the total number of single quotes in the token.
 				$total_quotes = preg_match_all("/'/", $tokens[$i], $matches);

@@ -1270,5 +1361,4 @@ class FroxlorInstall {
 		}
 		return $output;
 	}
-
 }
--- a/install/lng/english.lng.php
+++ b/install/lng/english.lng.php
@@ -23,7 +23,8 @@ $lng['requirements']['not_true'] = 'no';
 $lng['requirements']['notfound'] = 'not found';
 $lng['requirements']['notinstalled'] = 'not installed';
 $lng['requirements']['activated'] = 'enabled';
-$lng['requirements']['phpversion'] = 'PHP version >= 5.2';
+$lng['requirements']['phpversion'] = 'PHP version >= 5.3';
+$lng['requirements']['newerphpprefered'] = 'Good, but php-5.6 is prefered.';
 $lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime...';
 $lng['requirements']['phpmagic_quotes_runtime_description'] = 'PHP setting "magic_quotes_runtime" must be set to "Off". We have disabled it temporary for now please fix the coresponding php.ini.';
 $lng['requirements']['phppdo'] = 'PHP PDO extension and PDO-MySQL driver...';
@@ -31,7 +32,11 @@ $lng['requirements']['phpxml'] = 'PHP XML-extension...';
 $lng['requirements']['phpfilter'] = 'PHP filter-extension...';
 $lng['requirements']['phpposix'] = 'PHP posix-extension...';
 $lng['requirements']['phpbcmath'] = 'PHP bcmath-extension...';
+$lng['requirements']['phpcurl'] = 'PHP curl-extension...';
+$lng['requirements']['phpmbstring'] = 'PHP mbstring-extension...';
+$lng['requirements']['phpzip'] = 'PHP zip-extension...';
 $lng['requirements']['bcmathdescription'] = 'Traffic-calculation related functions will not work correctly!';
+$lng['requirements']['zipdescription'] = 'The auto-update feature requires the zip extension.';
 $lng['requirements']['openbasedir'] = 'open_basedir...';
 $lng['requirements']['openbasedirenabled'] = 'Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor in the coresponding php.ini';
 $lng['requirements']['diedbecauseofrequirements'] = 'Cannot install Froxlor without these requirements! Try to fix them and retry.';
@@ -53,11 +58,13 @@ $lng['install']['admin_account'] = 'Administrator Account';
 $lng['install']['admin_user'] = 'Administrator Username';
 $lng['install']['admin_pass1'] = 'Administrator Password';
 $lng['install']['admin_pass2'] = 'Administrator-Password (confirm)';
+$lng['install']['activate_newsfeed'] = 'Enable the official newsfeed<br><small>(https://inside.froxlor.org/news/)</small>';
 $lng['install']['serversettings'] = 'Server settings';
 $lng['install']['servername'] = 'Server name (FQDN, no ip-address)';
 $lng['install']['serverip'] = 'Server IP';
 $lng['install']['webserver'] = 'Webserver';
 $lng['install']['apache2'] = 'Apache 2';
+$lng['install']['apache24'] = 'Apache 2.4';
 $lng['install']['lighttpd'] = 'LigHTTPd';
 $lng['install']['nginx'] = 'NGINX';
 $lng['install']['httpuser'] = 'HTTP username';
--- a/install/lng/french.lng.php
+++ b/install/lng/french.lng.php
@@ -0,0 +1,89 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Language
+ *
+ */
+
+$lng['requirements']['title'] = 'Vérification des prérequis système...';
+$lng['requirements']['installed'] = 'installé';
+$lng['requirements']['not_true'] = 'non';
+$lng['requirements']['notfound'] = 'introuvable';
+$lng['requirements']['notinstalled'] = 'non installé';
+$lng['requirements']['activated'] = 'activé';
+$lng['requirements']['phpversion'] = 'PHP version >= 5.3';
+$lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime...';
+$lng['requirements']['phpmagic_quotes_runtime_description'] = 'Le réglage PHP "magic_quotes_runtime" doit être positionné à "Off". Nous l\'avons désactivé temporairement pour l\'instant; merci de corriger le php.ini correspondant.';
+$lng['requirements']['phppdo'] = 'extension PHP PDO et pilote PDO-MySQL ...';
+$lng['requirements']['phpxml'] = 'extension PHP XML...';
+$lng['requirements']['phpfilter'] = 'extension PHP filter ...';
+$lng['requirements']['phpposix'] = 'extension PHP posix ...';
+$lng['requirements']['phpbcmath'] = 'extension PHP bcmath ...';
+$lng['requirements']['phpcurl'] = 'extension PHP curl...';
+$lng['requirements']['phpmbstring'] = 'extension PHP mbstring...';
+$lng['requirements']['bcmathdescription'] = 'Les fonctions de calcul de traffic ne fonctionneront pas correctement!';
+$lng['requirements']['openbasedir'] = 'open_basedir...';
+$lng['requirements']['openbasedirenabled'] = 'Froxlor ne fonctionnera pas correctement avec open_basedir activé. Merci de désactiver open_basedir pour Froxlor dans le php.ini correspondant';
+$lng['requirements']['diedbecauseofrequirements'] = 'Impossible d\'installer Froxlor sans ces prérequis! Essayez de les corriger et essayez à nouveau.';
+$lng['requirements']['froxlor_succ_checks'] = 'Tous les prérequis sont vérifiés';
+
+$lng['install']['lngtitle'] = 'Installation de Froxlor - choisisez la langue';
+$lng['install']['language'] = 'Langue d\'installation';
+$lng['install']['lngbtn_go'] = 'Changer la langue';
+$lng['install']['title'] = 'Installation de Froxlor - paramètrage';
+$lng['install']['welcometext'] = 'Merci d\'avoir choisi Froxlor. Merci de remplir les champs suivant avec les informations nécessaires pour démarrer l\'installation.<br /><b>Attention:</b> Si la base de données que vous choisissez existe déjà sur votre système, elle sera écrasée ainsi que les données contenues!';
+$lng['install']['database'] = 'Connexion à la base de données';
+$lng['install']['mysql_host'] = 'Nom d\'hôte MySQL';
+$lng['install']['mysql_database'] = 'Nom de la base de données';
+$lng['install']['mysql_unpriv_user'] = 'Nom d\'utilisateur pour le compte non priviligié MySQL';
+$lng['install']['mysql_unpriv_pass'] = 'Mot de passe pour le compte non priviligié MySQL';
+$lng['install']['mysql_root_user'] = 'Nom d\'utilisateur pour le compte MySQL root';
+$lng['install']['mysql_root_pass'] = 'Mot de passe pour le compte MySQL root';
+$lng['install']['admin_account'] = 'Compte administrateur';
+$lng['install']['admin_user'] = 'Nom d\'utilisateur administrateur';
+$lng['install']['admin_pass1'] = 'Mot de passe administrateur';
+$lng['install']['admin_pass2'] = 'Mot de passe administrateur (confirmez)';
+$lng['install']['serversettings'] = 'Réglages serveur';
+$lng['install']['servername'] = 'Nom du serveur (FQDN, pas d\'adresse IP)';
+$lng['install']['serverip'] = 'Adresse IP du serveur';
+$lng['install']['webserver'] = 'Serveur Web';
+$lng['install']['apache2'] = 'Apache 2';
+$lng['install']['apache24'] = 'Apache 2.4';
+$lng['install']['lighttpd'] = 'LigHTTPd';
+$lng['install']['nginx'] = 'NGINX';
+$lng['install']['httpuser'] = 'Nom d\'utilisateur HTTP';
+$lng['install']['httpgroup'] = 'Nom de groupe HTTP';
+
+$lng['install']['testing_mysql'] = 'Vérification de l\'accès root MySQL...';
+$lng['install']['testing_mysql_fail'] = 'Il semble y avoir un problème avec la connexion à la base de données. Impossible de continuer. Merci de revenir en arrière et de vérifier les informations d\'identification.';
+$lng['install']['backup_old_db'] = 'Création des sauvegardes de l\'ancienne base de données...';
+$lng['install']['backup_binary_missing'] = 'Impossible de trouver mysqldump';
+$lng['install']['backup_failed'] = 'Impossible de sauvegarde la base de données';
+$lng['install']['prepare_db'] = 'Préparation de la base de données...';
+$lng['install']['create_mysqluser_and_db'] = 'Création de la base de données et l\'utilisateur...';
+$lng['install']['testing_new_db'] = 'Teste si la base de données et l\'utilisateur ont été créés correctement...';
+$lng['install']['importing_data'] = 'Import des données...';
+$lng['install']['changing_data'] = 'Ajustement des paramètres...';
+$lng['install']['creating_entries'] = 'Insertion des nouvelles valeurs...';
+$lng['install']['adding_admin_user'] = 'Création du compte administrateur...';
+$lng['install']['creating_configfile'] = 'Création du fichier de configuration...';
+$lng['install']['creating_configfile_temp'] = 'Le fichier a été enregistré dans /tmp/userdata.inc.php, merci de le déplacer dans lib/.';
+$lng['install']['creating_configfile_failed'] = 'Impossible de créer lib/userdata.inc.php, merci de le créer manuellement avec le contenu suivant:';
+$lng['install']['froxlor_succ_installed'] = 'Froxlor a été installé avec succès.';
+
+$lng['click_here_to_refresh'] = 'Cliquez ici pour vérifier à nouveau';
+$lng['click_here_to_goback'] = 'Cliquez ici pour revenir';
+$lng['click_here_to_continue'] = 'Cliquez ici pour continuer';
+$lng['click_here_to_login'] = 'Cliquez ici pour vous connecter.';
--- a/install/lng/german.lng.php
+++ b/install/lng/german.lng.php
@@ -23,7 +23,8 @@ $lng['requirements']['not_true'] = 'nein';
 $lng['requirements']['notfound'] = 'nicht gefunden';
 $lng['requirements']['notinstalled'] = 'nicht installiert';
 $lng['requirements']['activated'] = 'ist aktiviert.';
-$lng['requirements']['phpversion'] = 'PHP Version >= 5.2';
+$lng['requirements']['phpversion'] = 'PHP Version >= 5.3';
+$lng['requirements']['newerphpprefered'] = 'Passt, aber php-5.6 wird bevorzugt.';
 $lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime';
 $lng['requirements']['phpmagic_quotes_runtime_description'] = 'Die PHP Einstellung "magic_quotes_runtime" muss deaktiviert sein ("Off"). Die Einstellung wurde temporär deaktiviert, bitte ändern Sie diese in der entsprechenden php.ini.';
 $lng['requirements']['phppdo'] = 'PHP PDO Erweiterung und PDO-MySQL Treiber...';
@@ -31,10 +32,14 @@ $lng['requirements']['phpxml'] = 'PHP XML-Erweiterung...';
 $lng['requirements']['phpfilter'] = 'PHP filter-Erweiterung...';
 $lng['requirements']['phpposix'] = 'PHP posix-Erweiterung...';
 $lng['requirements']['phpbcmath'] = 'PHP bcmath-Erweiterung...';
+$lng['requirements']['phpcurl'] = 'PHP curl-Erweiterung...';
+$lng['requirements']['phpmbstring'] = 'PHP mbstring-Erweiterung...';
+$lng['requirements']['phpzip'] = 'PHP zip-Erweiterung...';
 $lng['requirements']['bcmathdescription'] = 'Traffic-Berechnungs bezogene Funktionen stehen nicht vollständig zur Verfügung!';
+$lng['requirements']['zipdescription'] = 'Die Auto-Update Funktion benötigt die zip Erweiterung.';
 $lng['requirements']['openbasedir'] = 'open_basedir genutzt wird...';
 $lng['requirements']['openbasedirenabled'] = 'Froxlor wird mit aktiviertem open_basedir nicht vollständig funktionieren. Bitte deaktivieren Sie open_basedir für Froxlor in der entsprechenden php.ini';
-$lng['requirements']['diedbecauseofrequirements'] = 'Kann Froxlor ohne diese Voraussetzungen nicht installieren! Versuchen Sie die angezeigten Problem zu beheben und versuchen Sie es erneut.';
+$lng['requirements']['diedbecauseofrequirements'] = 'Kann Froxlor ohne diese Voraussetzungen nicht installieren! Beheben Sie die angezeigten Probleme und versuchen Sie es erneut.';
 $lng['requirements']['froxlor_succ_checks'] = 'Alle Vorraussetzungen sind erfüllt';

 $lng['install']['lngtitle'] = 'Froxlor Installation - Sprache auswählen';
@@ -53,11 +58,13 @@ $lng['install']['admin_account'] = 'Admin-Zugang';
 $lng['install']['admin_user'] = 'Administrator-Benutzername';
 $lng['install']['admin_pass1'] = 'Administrator-Passwort';
 $lng['install']['admin_pass2'] = 'Administrator-Passwort (Bestätigung)';
+$lng['install']['activate_newsfeed'] = 'Aktiviere das offizielle Newsfeed<br><small>(https://inside.froxlor.org/news/)</small>';
 $lng['install']['serversettings'] = 'Servereinstellungen';
 $lng['install']['servername'] = 'Servername (FQDN, keine IP-Adresse)';
 $lng['install']['serverip'] = 'Server-IP';
 $lng['install']['webserver'] = 'Webserver';
 $lng['install']['apache2'] = 'Apache 2';
+$lng['install']['apache24'] = 'Apache 2.4';
 $lng['install']['lighttpd'] = 'LigHTTPd';
 $lng['install']['nginx'] = 'NGINX';
 $lng['install']['httpuser'] = 'HTTP Username';
--- a/install/scripts/language-check.php
+++ b/install/scripts/language-check.php
@@ -19,21 +19,21 @@
 $baseLanguage = 'english.lng.php';

 // Check if we're in the CLI
-if(@php_sapi_name() != 'cli'
-   && @php_sapi_name() != 'cgi'
-   && @php_sapi_name() != 'cgi-fcgi'
-) {
+if(@php_sapi_name() !== 'cli') {
 	die('This script will only work in the shell.');
 }

 // Check argument count
+/*
 if (sizeof($argv) != 2) {
 	print_help($argv);
 	exit;
 }
+*/

 // Load the contents of the given path
 $path = $argv[1];
+$_f = isset($argv[2]) ? $argv[2] : null;
 $files = array();

 if ($dh = opendir($path)) {
@@ -43,15 +43,17 @@ if ($dh = opendir($path)) {
 		   && !is_dir($file)
 		   && preg_match('/(.+)\.lng\.php/i', $file)
 		) {
+			if (is_null($_f) || (!is_null($_f) && ($file == $_f || $file == $baseLanguage))) {
 				$files[$file] = str_replace('//', '/', $path . '/' . $file);
 			}
 		}
+	}

 	closedir($dh);
 } else {
 	print "ERROR: The path you requested cannot be read! \n ";
 	print "\n";
-	print_help();
+	print_help($argv);
 	exit;
 }

@@ -59,7 +61,7 @@ if ($dh = opendir($path)) {
 if (!isset($files[$baseLanguage])) {
 	print "ERROR: The baselanguage cannot be found! \n";
 	print "\n";
-	print_help();
+	print_help($argv);
 	exit;
 }

--- a/install/scripts/switch-server-ip.php
+++ b/install/scripts/switch-server-ip.php
@@ -0,0 +1,417 @@
+#!/usr/bin/php
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2016 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright (c) the authors
+ * @author Froxlor team <team@froxlor.org> (2016-)
+ * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package Cron
+ *
+ */
+
+// Check if we're in the CLI
+if(@php_sapi_name() !== 'cli') {
+	die('This script will only work in the shell.');
+}
+
+// give control to command line handler
+try {
+	CmdLineHandler::processParameters($argc, $argv);
+} catch (Exception $e) {
+	CmdLineHandler::printerr($e->getMessage());
+}
+
+class CmdLineHandler
+{
+
+	/**
+	 * internal variable for passed arguments
+	 *
+	 * @var array
+	 */
+	private static $args = null;
+
+	/**
+	 * Action object read from commandline/config
+	 *
+	 * @var Action
+	 */
+	private $_action = null;
+
+	/**
+	 * list of valid parameters/switches
+	 */
+	public static $switches = array(
+		/* 'd', // debug / output information for everything */
+		'h'
+	);
+ // same as --help
+	public static $params = array(
+		'switch',
+		'list',
+		'froxlor-dir',
+		'help'
+	);
+
+	/**
+	 * Returns a CmdLineHandler object with given
+	 * arguments from command line
+	 *
+	 * @param int $argc
+	 * @param array $argv
+	 *
+	 * @return CmdLineHandler
+	 */
+	public static function processParameters($argc, $argv)
+	{
+		return new CmdLineHandler($argc, $argv);
+	}
+
+	/**
+	 * returns the Action object generated in
+	 * the class constructor
+	 *
+	 * @return Action
+	 */
+	public function getAction()
+	{
+		return $this->_action;
+	}
+
+	/**
+	 * class constructor, validates the command line parameters
+	 * and sets the Action-object if valid
+	 *
+	 * @param int $argc
+	 * @param string[] $argv
+	 *
+	 * @return null
+	 * @throws Exception
+	 */
+	private function __construct($argc, $argv)
+	{
+		self::$args = $this->_parseArgs($argv);
+		$this->_action = $this->_createAction();
+	}
+
+	/**
+	 * Parses the arguments given via the command line;
+	 * three types are supported:
+	 * 1.
+	 * --parm1 or --parm2=value
+	 * 2. -xyz (multiple switches in one) or -a=value
+	 * 3. parm1 parm2
+	 *
+	 * The 1. will be mapped as
+	 * ["parm1"] => true, ["parm2"] => "value"
+	 * The 2. as
+	 * ["x"] => true, ["y"] => true, ["z"] => true, ["a"] => "value"
+	 * And the 3. as
+	 * [0] => "parm1", [1] => "parm2"
+	 *
+	 * @param array $argv
+	 *
+	 * @return array
+	 */
+	private function _parseArgs($argv)
+	{
+		array_shift($argv);
+		$o = array();
+		foreach ($argv as $a) {
+			if (substr($a, 0, 2) == '--') {
+				$eq = strpos($a, '=');
+				if ($eq !== false) {
+					$o[substr($a, 2, $eq - 2)] = substr($a, $eq + 1);
+				} else {
+					$k = substr($a, 2);
+					if (! isset($o[$k])) {
+						$o[$k] = true;
+					}
+				}
+			} else
+				if (substr($a, 0, 1) == '-') {
+					if (substr($a, 2, 1) == '=') {
+						$o[substr($a, 1, 1)] = substr($a, 3);
+					} else {
+						foreach (str_split(substr($a, 1)) as $k) {
+							if (! isset($o[$k])) {
+								$o[$k] = true;
+							}
+						}
+					}
+				} else {
+					$o[] = $a;
+				}
+		}
+		return $o;
+	}
+
+	/**
+	 * Creates an Action-Object for the Action-Handler
+	 *
+	 * @return Action
+	 * @throws Exception
+	 */
+	private function _createAction()
+	{
+
+		// Test for help-switch
+		if (empty(self::$args) || array_key_exists("help", self::$args) || array_key_exists("h", self::$args)) {
+			self::printHelp();
+			// end of execution
+		}
+		// check if no unknown parameters are present
+		foreach (self::$args as $arg => $value) {
+
+			if (is_numeric($arg)) {
+				throw new Exception("Unknown parameter '" . $value . "' in argument list");
+			} elseif (! in_array($arg, self::$params) && ! in_array($arg, self::$switches)) {
+				throw new Exception("Unknown parameter '" . $arg . "' in argument list");
+			}
+		}
+
+		// set debugger switch
+		if (isset(self::$args["d"]) && self::$args["d"] == true) {
+			// Debugger::getInstance()->setEnabled(true);
+			// Debugger::getInstance()->debug("debug output enabled");
+		}
+
+		return new Action(self::$args);
+	}
+
+	public static function printHelp()
+	{
+		self::println("");
+		self::println("Help / command line parameters:");
+		self::println("");
+		// commands
+		self::println("--switch\t\tlets you switch ip-address A with ip-address B");
+		self::println("\t\t\tExample: --switch=A,B");
+		self::println("\t\t\tExample: --switch=\"A1,B1 A2,B2 A3,B3 ...\"");
+		self::println("");
+		self::println("--list\t\t\tshow all currently used ip-addresses in froxlor");
+		self::println("");
+		self::println("--froxlor-dir\t\tpath to froxlor installation");
+		self::println("\t\t\tExample: --froxlor-dir=/var/www/froxlor/");
+		self::println("");
+		self::println("--help\t\t\tshow help screen (this)");
+		self::println("");
+		// switches
+		// self::println("-d\t\t\tenable debug output");
+		self::println("-h\t\t\tsame as --help");
+		self::println("");
+
+		die(); // end of execution
+	}
+
+	public static function println($msg = "")
+	{
+		print $msg . PHP_EOL;
+	}
+
+	private static function _printcolor($msg = "", $color = "0")
+	{
+		print "\033[" . $color . "m" . $msg . "\033[0m" . PHP_EOL;
+	}
+
+	public static function printerr($msg = "")
+	{
+		self::_printcolor($msg, "31");
+	}
+
+	public static function printsucc($msg = "")
+	{
+		self::_printcolor($msg, "32");
+	}
+
+	public static function printwarn($msg = "")
+	{
+		self::_printcolor($msg, "33");
+	}
+}
+
+class Action
+{
+
+	private $_args = null;
+
+	private $_name = null;
+
+	private $_db = null;
+
+	public function __construct($args)
+	{
+		$this->_args = $args;
+		$this->_validate();
+	}
+
+	public function getActionName()
+	{
+		return $this->_name;
+	}
+
+	/**
+	 * validates the parsed command line parameters
+	 *
+	 * @throws Exception
+	 */
+	private function _validate()
+	{
+		$need_config = false;
+		if (array_key_exists("list", $this->_args) || array_key_exists("switch", $this->_args)) {
+			$need_config = true;
+		}
+
+		$this->_checkConfigParam($need_config);
+
+		$this->_parseConfig();
+
+		if (array_key_exists("list", $this->_args)) {
+			$this->_listIPs();
+		}
+		if (array_key_exists("switch", $this->_args)) {
+			$this->_switchIPs();
+		}
+	}
+
+	private function _listIPs()
+	{
+		$sel_stmt = Database::prepare("SELECT * FROM panel_ipsandports ORDER BY ip ASC, port ASC");
+		Database::pexecute($sel_stmt);
+		$ips = $sel_stmt->fetchAll(PDO::FETCH_ASSOC);
+		$mask = "|%-10.10s |%-50.50s | %10.10s |\n";
+		printf($mask, str_repeat("-", 10), str_repeat("-", 50), str_repeat("-", 10));
+		printf($mask, 'id', 'IP address', 'port');
+		printf($mask, str_repeat("-", 10), str_repeat("-", 50), str_repeat("-", 10));
+		foreach ($ips as $ipdata) {
+			printf($mask, $ipdata['id'], $ipdata['ip'], $ipdata['port']);
+		}
+		printf($mask, str_repeat("-", 10), str_repeat("-", 50), str_repeat("-", 10));
+		echo PHP_EOL . PHP_EOL;
+	}
+
+	private function _switchIPs()
+	{
+		$ip_list = $this->_args['switch'];
+
+		if (empty($ip_list) || is_bool($ip_list)) {
+			throw new Exception("No paramters given for --switch action.");
+		}
+
+		$ips_to_switch = array();
+		$ip_list = explode(" ", $ip_list);
+		foreach ($ip_list as $ips_combo) {
+			$ip_pair = explode(",", $ips_combo);
+			if (count($ip_pair) != 2) {
+				throw new Exception("Invalid parameter given for --switch");
+			} else {
+				if (filter_var($ip_pair[0], FILTER_VALIDATE_IP) == false) {
+					throw new Exception("Invalid source ip address: " . $ip_pair[0]);
+				}
+				if (filter_var($ip_pair[1], FILTER_VALIDATE_IP) == false) {
+					throw new Exception("Invalid target ip address: " . $ip_pair[1]);
+				}
+				if ($ip_pair[0] == $ip_pair[1]) {
+					throw new Exception("Source and target ip address are equal");
+				}
+			}
+			$ips_to_switch[] = $ip_pair;
+		}
+
+		if (count($ips_to_switch) > 0) {
+			$upd_stmt = Database::prepare("UPDATE panel_ipsandports SET `ip` = :newip WHERE `ip` = :oldip");
+
+			// system.ipaddress
+			$check_sysip_stmt = Database::prepare("SELECT `value` FROM `panel_settings` WHERE `settinggroup` = 'system' and `varname` = 'ipaddress'");
+			$check_sysip = Database::pexecute_first($check_sysip_stmt);
+
+			// system.mysql_access_host
+			$check_mysqlip_stmt = Database::prepare("SELECT `value` FROM `panel_settings` WHERE `settinggroup` = 'system' and `varname` = 'mysql_access_host'");
+			$check_mysqlip = Database::pexecute_first($check_mysqlip_stmt);
+
+			// system.axfrservers
+			$check_axfrip_stmt = Database::prepare("SELECT `value` FROM `panel_settings` WHERE `settinggroup` = 'system' and `varname` = 'axfrservers'");
+			$check_axfrip = Database::pexecute_first($check_axfrip_stmt);
+
+			foreach ($ips_to_switch as $ip_pair) {
+				echo "Switching IP \033[1m" . $ip_pair[0] . "\033[0m to IP \033[1m" . $ip_pair[1] . "\033[0m" . PHP_EOL;
+				Database::pexecute($upd_stmt, array(
+					'newip' => $ip_pair[1],
+					'oldip' => $ip_pair[0]
+				));
+				$rows_updated = $upd_stmt->rowCount();
+
+				if ($rows_updated == 0) {
+					CmdLineHandler::printwarn("Note: " . $ip_pair[0] . " not updated to " . $ip_pair[1] . " (possibly no entry found in froxlor database. Use --list to see what IP addresses are added in froxlor");
+				}
+
+				// check whether the system.ipaddress needs updating
+				if ($check_sysip['value'] == $ip_pair[0]) {
+					$upd2_stmt = Database::prepare("UPDATE `panel_settings` SET `value` = :newip WHERE `settinggroup` = 'system' and `varname` = 'ipaddress'");
+					Database::pexecute($upd2_stmt, array(
+						'newip' => $ip_pair[1]
+					));
+					CmdLineHandler::printsucc("Updated system-ipaddress from '" . $ip_pair[0] . "' to '" . $ip_pair[1] . "'");
+				}
+
+				// check whether the system.mysql_access_host needs updating
+				if (strstr($check_mysqlip['value'], $ip_pair[0]) !== false) {
+					$new_mysqlip = str_replace($ip_pair[0], $ip_pair[1], $check_mysqlip['value']);
+					$upd2_stmt = Database::prepare("UPDATE `panel_settings` SET `value` = :newmysql WHERE `settinggroup` = 'system' and `varname` = 'mysql_access_host'");
+					Database::pexecute($upd2_stmt, array(
+						'newmysql' => $new_mysqlip
+					));
+					CmdLineHandler::printsucc("Updated mysql_access_host from '" . $check_mysqlip['value'] . "' to '" . $new_mysqlip . "'");
+				}
+
+				// check whether the system.axfrservers needs updating
+				if (strstr($check_axfrip['value'], $ip_pair[0]) !== false) {
+					$new_axfrip = str_replace($ip_pair[0], $ip_pair[1], $check_axfrip['value']);
+					$upd2_stmt = Database::prepare("UPDATE `panel_settings` SET `value` = :newaxfr WHERE `settinggroup` = 'system' and `varname` = 'axfrservers'");
+					Database::pexecute($upd2_stmt, array(
+						'newaxfr' => $new_axfrip
+					));
+					CmdLineHandler::printsucc("Updated axfrservers from '" . $check_axfrip['value'] . "' to '" . $new_axfrip . "'");
+				}
+			}
+		}
+
+		echo PHP_EOL;
+		CmdLineHandler::printwarn("*** ATTENTION *** Remember to replace IP addresses in configuration files if used anywhere.");
+		CmdLineHandler::printsucc("IP addresses updated");
+	}
+
+	private function _parseConfig()
+	{
+		define('FROXLOR_INSTALL_DIR', $this->_args['froxlor-dir']);
+		if (!file_exists(FROXLOR_INSTALL_DIR . '/lib/classes/database/class.Database.php')) {
+			throw new Exception("Could not find froxlor's Database class. Is froxlor really installed to '".FROXLOR_INSTALL_DIR."'?");
+		}
+		if (!file_exists(FROXLOR_INSTALL_DIR . '/lib/userdata.inc.php')) {
+			throw new Exception("Could not find froxlor's userdata.inc.php file. You should use this script only with a fully installed and setup froxlor system.");
+		}
+		require FROXLOR_INSTALL_DIR . '/lib/classes/database/class.Database.php';
+	}
+
+	private function _checkConfigParam($needed = false)
+	{
+		if ($needed) {
+			if (! isset($this->_args["froxlor-dir"])) {
+				throw new Exception("No configuration given (missing --froxlor-dir parameter?)");
+			} elseif (! is_dir($this->_args["froxlor-dir"])) {
+				throw new Exception("Given --froxlor-dir parameter is not a directory");
+			} elseif (! file_exists($this->_args["froxlor-dir"])) {
+				throw new Exception("Given froxlor directory cannot be found ('" . $this->_args["froxlor-dir"] . "')");
+			} elseif (! is_readable($this->_args["froxlor-dir"])) {
+				throw new Exception("Given froxlor direcotry cannot be read ('" . $this->_args["froxlor-dir"] . "')");
+			}
+		}
+	}
+}
--- a/install/templates/assets/css/install.css
+++ b/install/templates/assets/css/install.css
@@ -1,5 +1,4 @@
@charset "UTF-8";
-
 /* RESET */
 html,body,div,ul,ol,li,dl,dt,dd,h1,h2,h3,h4,h5,h6,pre,form,p,blockquote,fieldset,input { margin:0; padding:0; }
 h1,h2,h3,h4,h5,h6,pre,code,address,caption,cite,code,em,strong,th { font-size:1em; font-weight:400; font-style:normal; }
@@ -11,10 +10,10 @@ article,aside,details,figcaption,figure,footer,header,hgroup,menu,nav,section {

 /* TYPE */
 html,body {
-	font:12px/18px Helvetica,Arial,Verdana,sans-serif;
-	background-color:#f2f2f2;
-	color:#333;
-	-webkit-font-smoothing: antialiased;
+	font:12px/18px 'Lucida Grande','Lucida Sans Unicode',Helvetica,Arial,Verdana,sans-serif;
+	background-color: #f5f5f5;
+	color:#444;
+	-webkit-font-smoothing: subpixel-antialiased;
 }

 body {
@@ -415,6 +414,7 @@ table tfoot td {
 /* input elements */
 input {
 	background: #fff url(../img/text_align_left.png) no-repeat 5px 4px;
+	color: #333;
 	padding:2px 4px 2px 24px;
 	height:22px;
 	border: 1px solid #d9d9d9;
@@ -424,6 +424,7 @@ input {

 textarea {
 	background:#fff url(../img/text_align_left.png) no-repeat 5px 4px;
+	color: #333;
 	padding:4px 4px 2px 24px;
 	border:1px solid #d9d9d9;
 	margin-bottom: 5px;
@@ -501,6 +502,7 @@ input[type="radio"] {
 select {
 	background:#fff;
 	padding:4px;
+	color: #333;
 	border:1px solid #d9d9d9;
 	margin-bottom: 5px;
 	min-width: 100px;
@@ -554,3 +556,12 @@ select.dropdown {
 	background-color: #35aa47;
 	height:5px;
 }
+
+.red { color: #ff0000; }
+.green { color: green; }
+.orange { color: orange; }
+.blue { color: blue; }
+.install-block { width: 65%; }
+.install-step { width: 250px; }
+.install-h3 { text-align: center; }
+.install-text { margin: 20px 20px 0 !important; }
--- a/install/templates/assets/img/favicon.ico
+++ b/install/templates/assets/img/favicon.ico
--- a/install/templates/assets/img/logo.png
+++ b/install/templates/assets/img/logo.png
--- a/install/templates/assets/img/password.png
+++ b/install/templates/assets/img/password.png
--- a/install/templates/assets/img/text_align_left.png
+++ b/install/templates/assets/img/text_align_left.png
--- a/install/templates/dataform.tpl
+++ b/install/templates/dataform.tpl
@@ -1,4 +1,4 @@
-		<p style="margin: 20px 20px 0 !important">{$this->_lng['install']['title']}</p>
+		<p class="install-text">{$this->_lng['install']['title']}</p>
 		<form action="{$formaction}" method="get">
 			<fieldset>
 				{$formdata}
--- a/install/templates/dataform2.tpl
+++ b/install/templates/dataform2.tpl
@@ -1,4 +1,4 @@
-		<p style="margin: 20px 20px 0 !important">{$this->_lng['install']['welcometext']}</p>
+		<p class="install-text">{$this->_lng['install']['welcometext']}</p>
 		<form action="{$formaction}" method="post">
 			<hr class="line">
 			<fieldset>
--- a/install/templates/dataitem.tpl
+++ b/install/templates/dataitem.tpl
@@ -1,4 +1,4 @@
 <p>
-	<label for="{$fieldname}" style="width:65%;{$style}">{$fieldlabel}:</label>&nbsp;
+	<label for="{$fieldname}" class="install-block {$style}">{$fieldlabel}:</label>&nbsp;
 	<input type="{$type}" name="{$fieldname}" id="{$fieldname}" value="{$fieldvalue}" {$required} />
 </p>
--- a/install/templates/dataitemchk.tpl
+++ b/install/templates/dataitemchk.tpl
@@ -1,4 +1,4 @@
 <p>
-	<label for="{$fieldname}" style="width:65%;{$style}">{$this->_lng['install']['webserver']} {$fieldlabel}:</label>
+	<label for="{$fieldname}" class="install-block {$style}">{$this->_lng['install']['webserver']} {$fieldlabel}:</label>
 	<input type="radio" name="webserver" id="{$fieldname}" value="{$fieldname}" {$checked} /><span>{$fieldlabel}<span>
 </p>
--- a/install/templates/dataitemyesno.tpl
+++ b/install/templates/dataitemyesno.tpl
@@ -0,0 +1,4 @@
+<p>
+	<label for="{$fieldname}" class="install-block {$style}">{$fieldlabel}:</label>
+	<input type="checkbox" name="{$fieldname}" id="{$fieldname}" value="1" {$checked} />
+</p>
--- a/install/templates/datasection.tpl
+++ b/install/templates/datasection.tpl
--- a/install/templates/footer.tpl
+++ b/install/templates/footer.tpl
--- a/install/templates/header.tpl
+++ b/install/templates/header.tpl
@@ -3,16 +3,11 @@
 <head>
 	<meta charset="utf-8" />
 	<meta http-equiv="Default-Style" content="text/css" />
-	<!--[if lt IE 9]><script src="../js/html5shiv.js"></script><![endif]-->
+	<!--[if lt IE 9]><script src="../js/html5shiv.min.js"></script><![endif]-->
 	<link href="templates/assets/css/install.css" rel="stylesheet" type="text/css" />
 	<!--[if IE]><link rel="stylesheet" href="../templates/{$theme}/css/main_ie.css" type="text/css" /><![endif]-->
 	<link href="templates/assets/img/favicon.ico" rel="icon" type="image/x-icon" />
 	<title>Froxlor Server Management Panel - Installation</title>
-	<style type="text/css">
-	body {
-        font-family: Verdana, Geneva, sans-serif;
-	}
-	</style>
 </head>
 <body>
 	<div class="installsec">
--- a/install/templates/lngform.tpl
+++ b/install/templates/lngform.tpl
--- a/install/templates/page.tpl
+++ b/install/templates/page.tpl
--- a/install/templates/pagebottom.tpl
+++ b/install/templates/pagebottom.tpl
@@ -1,4 +1,4 @@
-<h3 style="color:{$msgcolor};text-align: center">{$message}</h3>
+<h3 class="install-h3 {$msgcolor}">{$message}</h3>
 <aside>
 	<a href="{$link}">{$linktext}</a>
 </aside>
--- a/install/templates/textarea.tpl
+++ b/install/templates/textarea.tpl
--- a/install/tsmarty2c.php
+++ b/install/tsmarty2c.php
@@ -1,124 +0,0 @@
-#!/usr/bin/php
-<?php
-/**
- * tsmarty2c.php - rips gettext strings from smarty template
- *
- * ------------------------------------------------------------------------- *
- * This library is free software; you can redistribute it and/or             *
- * modify it under the terms of the GNU Lesser General Public                *
- * License as published by the Free Software Foundation; either              *
- * version 2.1 of the License, or (at your option) any later version.        *
- *                                                                           *
- * This library is distributed in the hope that it will be useful,           *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of            *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU         *
- * Lesser General Public License for more details.                           *
- *                                                                           *
- * You should have received a copy of the GNU Lesser General Public          *
- * License along with this library; if not, write to the Free Software       *
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA *
- * ------------------------------------------------------------------------- *
- *
- * This command line script rips gettext strings from smarty file, 
- * and prints them to stdout in C format, that can later be used with the 
- * standard gettext tools.
- *
- * Usage:
- * ./tsmarty2c.php <filename or directory> <file2> <..> > smarty.c
- *
- * If a parameter is a directory, the template files within will be parsed.
- *
- * @package	smarty-gettext
- * @version	$Id: tsmarty2c.php,v 1.3 2005/07/27 17:59:39 sagi Exp $
- * @link	http://smarty-gettext.sf.net/
- * @author	Sagi Bashari <sagi@boom.org.il>
- * @copyright 2004-2005 Sagi Bashari
- */
-
-// smarty open tag
-$ldq = preg_quote('{');
-
-// smarty close tag
-$rdq = preg_quote('}');
-
-// smarty command
-$cmd = preg_quote('t');
-
-// extensions of smarty files, used when going through a directory
-$extensions = array('tpl');
-
-// "fix" string - strip slashes, escape and convert new lines to \n
-function fs($str)
-{
-	$str = stripslashes($str);
-	$str = str_replace('"', '\"', $str);
-	$str = str_replace("\n", '\n', $str);
-	return $str;
-}
-
-// rips gettext strings from $file and prints them in C format
-function do_file($file)
-{
-	$content = @file_get_contents($file);
-
-	if (empty($content)) {
-		return;
-	}
-
-	global $ldq, $rdq, $cmd;
-
-	preg_match_all(
-			"/{$ldq}\s*({$cmd})\s*([^{$rdq}]*){$rdq}([^{$ldq}]*){$ldq}\/\\1{$rdq}/",
-			$content,
-			$matches
-	);
-	
-	for ($i=0; $i < count($matches[0]); $i++) {
-		// TODO: add line number
-		echo "/* $file */\n"; // credit: Mike van Lammeren 2005-02-14
-		
-		if (preg_match('/plural\s*=\s*["\']?\s*(.[^\"\']*)\s*["\']?/', $matches[2][$i], $match)) {
-			echo 'ngettext("'.fs($matches[3][$i]).'","'.fs($match[1]).'",x);'."\n";
-		} else {
-			echo 'gettext("'.fs($matches[3][$i]).'");'."\n";
-		}
-
-		echo "\n";
-	}
-}
-
-// go through a directory
-function do_dir($dir)
-{
-	$d = dir($dir);
-
-	while (false !== ($entry = $d->read())) {
-		if ($entry == '.' || $entry == '..') {
-			continue;
-		}
-
-		$entry = $dir.'/'.$entry;
-
-		if (is_dir($entry)) { // if a directory, go through it
-			do_dir($entry);
-		} else { // if file, parse only if extension is matched
-			$pi = pathinfo($entry);
-			
-			if (isset($pi['extension']) && in_array($pi['extension'], $GLOBALS['extensions'])) {
-				do_file($entry);
-			}
-		}
-	}
-
-	$d->close();
-}
-
-for ($ac=1; $ac < $_SERVER['argc']; $ac++) {
-	if (is_dir($_SERVER['argv'][$ac])) { // go through directory
-		do_dir($_SERVER['argv'][$ac]);
-	} else { // do file
-		do_file($_SERVER['argv'][$ac]);
-	}
-}
-
-?>
--- a/install/updates/froxlor/0.9/update_0.9.inc.php
+++ b/install/updates/froxlor/0.9/update_0.9.inc.php
--- a/install/updates/froxlor/upgrade_syscp.inc.php
+++ b/install/updates/froxlor/upgrade_syscp.inc.php
@@ -15,10 +15,19 @@
 *
 */

+if (!defined('AREA')
+		|| (defined('AREA') && AREA != 'admin')
+		|| !isset($userinfo['loginname'])
+		|| (isset($userinfo['loginname']) && $userinfo['loginname'] == '')
+) {
+	header('Location: ../../../index.php');
+	exit;
+}
+
 $updateto = '0.9-r0';
 $frontend = 'froxlor';

-showUpdateStep("Upgrading SysCP ".$settings['panel']['version']." to Froxlor ". $updateto, false);
+showUpdateStep("Upgrading SysCP ".Settings::Get('panel.version')." to Froxlor ". $updateto, false);
 updateToVersion($updateto);

 // add field frontend
@@ -27,4 +36,4 @@ Database::query("INSERT INTO `" . TABLE_PANEL_SETTINGS . "` SET
 	`varname` = 'frontend',
 	`value` = 'froxlor'"
 );
-$settings['panel']['frontend'] = $frontend;
+Settings::Set('panel.frontend', $frontend);
--- a/install/updates/preconfig.php
+++ b/install/updates/preconfig.php
@@ -21,17 +21,18 @@
 * outputs various content before the update process
 * can be continued (askes for agreement whatever is being asked)
 *
- * @param string version
+ * @param string $current_version
+ * @param int $current_db_version
 *
 * @return string
 */
-function getPreConfig($current_version)
+function getPreConfig($current_version, $current_db_version)
 {
 	$has_preconfig = false;
-	$return = '<div class="preconfig"><h3 style="color:#ff0000;">PLEASE NOTE - Important update notifications</h3>';
+	$return = '<div class="preconfig"><h3 class="red">PLEASE NOTE - Important update notifications</h3>';

 	include_once makeCorrectFile(dirname(__FILE__).'/preconfig/0.9/preconfig_0.9.inc.php');
-	parseAndOutputPreconfig($has_preconfig, $return, $current_version);
+	parseAndOutputPreconfig($has_preconfig, $return, $current_version, $current_db_version);

 	$return .= '<br /><br />'.makecheckbox('update_changesagreed', '<strong>I have read the update notifications above and I am aware of the changes made to my system.</strong>', '1', true, '0', true);
 	$return .= '</div>';
--- a/install/updates/preconfig/0.9/preconfig_0.9.inc.php
+++ b/install/updates/preconfig/0.9/preconfig_0.9.inc.php
@@ -18,18 +18,20 @@
 /**
 * checks if the new-version has some updating to do
 *
- * @param boolean $has_preconfig   pointer to check if any preconfig has to be output
- * @param string  $return          pointer to output string
- * @param string  $current_version current froxlor version
+ * @param boolean $has_preconfig
+ *        	pointer to check if any preconfig has to be output
+ * @param string $return
+ *        	pointer to output string
+ * @param string $current_version
+ *        	current froxlor version
 *
 * @return null
 */
-function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
+function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $current_db_version)
 {
-	global $settings, $lng;
+	global $lng;

-	if(versionInUpdate($current_version, '0.9.4-svn2'))
-	{
+	if (versionInUpdate($current_version, '0.9.4-svn2')) {
 		$has_preconfig = true;
 		$description = 'Froxlor now enables the usage of a domain-wildcard entry and subdomains for this domain at the same time (subdomains are parsed before the main-domain vhost container).';
 		$description .= 'This makes it possible to catch all non-existing subdomains with the main vhost but also have the ability to use subdomains for that domain.<br />';
@@ -40,25 +42,21 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.6-svn2'))
-	{
-		if(!PHPMailer::ValidateAddress($settings['panel']['adminmail']))
-		{
+	if (versionInUpdate($current_version, '0.9.6-svn2')) {
+		if (! PHPMailer::ValidateAddress(Settings::Get('panel.adminmail'))) {
 			$has_preconfig = true;
 			$description = 'Froxlor uses a newer version of the phpMailerClass and determined that your current admin-mail address is invalid.';
-			$question = '<strong>Please specify a new admin-email address:</strong>&nbsp;<input type="text" class="text" name="update_adminmail" value="'.$settings['panel']['adminmail'].'" />';
+			$question = '<strong>Please specify a new admin-email address:</strong>&nbsp;<input type="text" class="text" name="update_adminmail" value="' . Settings::Get('panel.adminmail') . '" />';
 			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 		}
 	}

-	if(versionInUpdate($current_version, '0.9.6-svn3'))
-	{
+	if (versionInUpdate($current_version, '0.9.6-svn3')) {
 		$has_preconfig = true;
 		$description = 'You now have the possibility to define default error-documents for your webserver which replace the default webserver error-messages.';
 		$question = '<strong>Do you want to enable default error-documents?:</strong>&nbsp;';
 		$question .= makeyesno('update_deferr_enable', '1', '0', '0') . '<br /><br />';
-		if($settings['system']['webserver'] == 'apache2')
-		{
+		if (Settings::Get('system.webserver') == 'apache2') {
 			$question .= 'Path/URL for error 500:&nbsp;<input type="text" class="text" name="update_deferr_500" /><br /><br />';
 			$question .= 'Path/URL for error 401:&nbsp;<input type="text" class="text" name="update_deferr_401" /><br /><br />';
 			$question .= 'Path/URL for error 403:&nbsp;<input type="text" class="text" name="update_deferr_403" /><br /><br />';
@@ -67,8 +65,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.6-svn4'))
-	{
+	if (versionInUpdate($current_version, '0.9.6-svn4')) {
 		$has_preconfig = true;
 		$description = 'You can define a default support-ticket priority level which is pre-selected for new support-tickets.';
 		$question = '<strong>Which should be the default ticket-priority?:</strong>&nbsp;';
@@ -80,24 +77,21 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.6-svn5'))
-	{
+	if (versionInUpdate($current_version, '0.9.6-svn5')) {
 		$has_preconfig = true;
 		$description = 'If you have more than one PHP configurations defined in Froxlor you can now set a default one which will be used for every domain.';
 		$question = '<strong>Select default PHP configuration:</strong>&nbsp;';
 		$question .= '<select name="update_defsys_phpconfig">';
 		$configs_array = getPhpConfigs();
 		$configs = '';
-		foreach($configs_array as $idx => $desc)
-		{
+		foreach ($configs_array as $idx => $desc) {
 			$configs .= makeoption($desc, $idx, '1');
 		}
 		$question .= $configs . '</select>';
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.6-svn6'))
-	{
+	if (versionInUpdate($current_version, '0.9.6-svn6')) {
 		$has_preconfig = true;
 		$description = 'For the new FTP-quota feature, you can now chose the currently used ftpd-software.';
 		$question = '<strong>Used FTPd-software:</strong>&nbsp;';
@@ -108,8 +102,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.7-svn1'))
-	{
+	if (versionInUpdate($current_version, '0.9.7-svn1')) {
 		$has_preconfig = true;
 		$description = 'You can now choose whether customers can select the http-redirect code and which of them acts as default.';
 		$question = '<strong>Allow customer chosen redirects?:</strong>&nbsp;';
@@ -125,23 +118,20 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.7-svn2'))
-	{
+	if (versionInUpdate($current_version, '0.9.7-svn2')) {
 		$result = Database::query("SELECT `domain` FROM " . TABLE_PANEL_DOMAINS . " WHERE `documentroot` LIKE '%:%' AND `documentroot` NOT LIKE 'http://%' AND `openbasedir_path` = '0' AND `openbasedir` = '1'");
 		$wrongOpenBasedirDomain = array();
 		while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
 			$wrongOpenBasedirDomain[] = $row['domain'];
 		}

-		if(count($wrongOpenBasedirDomain) > 0)
-		{
+		if (count($wrongOpenBasedirDomain) > 0) {
 			$has_preconfig = true;
 			$description = 'Resetting the open_basedir to customer - root';
 			$question = '<strong>Due to a security - issue regarding open_basedir, Froxlor will set the open_basedir for the following domains to the customers root instead of the chosen documentroot:</strong><br />&nbsp;';
 			$question .= '<ul>';
 			$idna_convert = new idna_convert_wrapper();
-			foreach($wrongOpenBasedirDomain as $domain)
-			{
+			foreach ($wrongOpenBasedirDomain as $domain) {
 				$question .= '<li>' . $idna_convert->decode($domain) . '</li>';
 			}
 			$question .= '</ul>';
@@ -149,8 +139,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		}
 	}

-	if(versionInUpdate($current_version, '0.9.9-svn1'))
-	{
+	if (versionInUpdate($current_version, '0.9.9-svn1')) {
 		$has_preconfig = true;
 		$description = 'When entering MX servers to Froxlor there was no mail-, imap-, pop3- and smtp-"A record" created. You can now chose whether this should be done or not.';
 		$question = '<strong>Do you want these A-records to be created even with MX servers given?:</strong>&nbsp;';
@@ -158,22 +147,18 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.10-svn1'))
-	{
+	if (versionInUpdate($current_version, '0.9.10-svn1')) {
 		$has_nouser = false;
 		$has_nogroup = false;

 		$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'system' AND `varname` = 'httpuser'");
 		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);

-		if(!isset($result) || !isset($result['value']))
-		{
+		if (! isset($result) || ! isset($result['value'])) {
 			$has_preconfig = true;
 			$has_nouser = true;
 			$guessed_user = 'www-data';
-			if(function_exists('posix_getuid')
-					&& function_exists('posix_getpwuid')
-			) {
+			if (function_exists('posix_getuid') && function_exists('posix_getpwuid')) {
 				$_httpuser = posix_getpwuid(posix_getuid());
 				$guessed_user = $_httpuser['name'];
 			}
@@ -182,28 +167,21 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'system' AND `varname` = 'httpgroup'");
 		$result = $result_stmt->fetch(PDO::FETCH_ASSOC);

-		if(!isset($result) || !isset($result['value']))
-		{
+		if (! isset($result) || ! isset($result['value'])) {
 			$has_preconfig = true;
 			$has_nogroup = true;
 			$guessed_group = 'www-data';
-			if(function_exists('posix_getgid')
-					&& function_exists('posix_getgrgid')
-			) {
+			if (function_exists('posix_getgid') && function_exists('posix_getgrgid')) {
 				$_httpgroup = posix_getgrgid(posix_getgid());
 				$guessed_group = $_httpgroup['name'];
 			}
 		}

-		if($has_nouser || $has_nogroup)
-		{
+		if ($has_nouser || $has_nogroup) {
 			$description = 'Please enter the correct username/groupname of the webserver on your system We\'re guessing the user but it might not be correct, so please check.';
-			if($has_nouser)
-			{
+			if ($has_nouser) {
 				$question = '<strong>Please enter the webservers username:</strong>&nbsp;<input type="text" class="text" name="update_httpuser" value="' . $guessed_user . '" />';
-			}
-			elseif($has_nogroup)
-			{
+			} elseif ($has_nogroup) {
 				$question2 = '<strong>Please enter the webservers groupname:</strong>&nbsp;<input type="text" class="text" name="update_httpgroup" value="' . $guessed_group . '" />';
 				if ($has_nouser) {
 					$question .= '<br /><br />' . $question2;
@@ -215,8 +193,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		}
 	}

-	if(versionInUpdate($current_version, '0.9.10'))
-	{
+	if (versionInUpdate($current_version, '0.9.10')) {
 		$has_preconfig = true;
 		$description = 'you can now decide whether Froxlor should be reached via hostname/froxlor or directly via the hostname.';
 		$question = '<strong>Do you want Froxlor to be reached directly via the hostname?:</strong>&nbsp;';
@@ -224,8 +201,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.11-svn1'))
-	{
+	if (versionInUpdate($current_version, '0.9.11-svn1')) {
 		$has_preconfig = true;
 		$description = 'It is possible to enhance security with setting a regular expression to force your customers to enter more complex passwords.';
 		$question = '<strong>Enter a regular expression to force a higher password complexity (leave empty for none):</strong>&nbsp;';
@@ -233,8 +209,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.11-svn3'))
-	{
+	if (versionInUpdate($current_version, '0.9.11-svn3')) {
 		$has_preconfig = true;
 		$description = 'As Froxlor can now handle perl, you have to specify where the perl executable is (only if you\'re running lighttpd, else just leave empty).';
 		$question = '<strong>Path to perl (default \'/usr/bin/perl\'):</strong>&nbsp;';
@@ -242,10 +217,8 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.12-svn1'))
-	{
-		if($settings['system']['mod_fcgid'] == 1)
-		{
+	if (versionInUpdate($current_version, '0.9.12-svn1')) {
+		if (Settings::Get('system.mod_fcgid') == 1) {
 			$has_preconfig = true;
 			$description = 'You can chose whether you want Froxlor to use FCGID itself too now.';
 			$question = '<strong>Use FCGID for the Froxlor Panel?:</strong>&nbsp;';
@@ -259,8 +232,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		}
 	}

-	if(versionInUpdate($current_version, '0.9.12-svn2'))
-	{
+	if (versionInUpdate($current_version, '0.9.12-svn2')) {
 		$has_preconfig = true;
 		$description = 'Many apache user will have problems using perl/CGI as the customer docroots are not within the suexec path. Froxlor provides a simple workaround for that.';
 		$question = '<strong>Enable Apache/SuExec/Perl workaround?:</strong>&nbsp;';
@@ -271,22 +243,18 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.12-svn4'))
-	{
-		if((int)$settings['system']['awstats_enabled'] == 1)
-		{
+	if (versionInUpdate($current_version, '0.9.12-svn4')) {
+		if ((int) Settings::Get('system.awstats_enabled') == 1) {
 			$has_preconfig = true;
 			$description = 'Due to different paths of awstats_buildstaticpages.pl and awstats.pl you can set a different path for awstats.pl now.';
 			$question = '<strong>Path to \'awstats.pl\'?:</strong>&nbsp;';
-			$question.= '<input type="text" class="text" name="update_awstats_awstatspath" value="'.$settings['system']['awstats_path'].'" /><br />';
+			$question .= '<input type="text" class="text" name="update_awstats_awstatspath" value="' . Settings::Get('system.awstats_path') . '" /><br />';
 			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 		}
 	}

-	if(versionInUpdate($current_version, '0.9.13-svn1'))
-	{
-		if((int)$settings['autoresponder']['autoresponder_active'] == 1)
-		{
+	if (versionInUpdate($current_version, '0.9.13-svn1')) {
+		if ((int) Settings::Get('autoresponder.autoresponder_active') == 1) {
 			$has_preconfig = true;
 			$description = 'Froxlor can now limit the number of autoresponder-entries for each user. Here you can set the value which will be available for each customer (Of course you can change the value for each customer separately after the update).';
 			$question = '<strong>How many autoresponders should your customers be able to add?:</strong>&nbsp;';
@@ -295,18 +263,15 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		}
 	}

-	if(versionInUpdate($current_version, '0.9.13.1'))
-	{
-		if((int)$settings['system']['mod_fcgid_ownvhost'] == 1)
-		{
+	if (versionInUpdate($current_version, '0.9.13.1')) {
+		if ((int) Settings::Get('system.mod_fcgid_ownvhost') == 1) {
 			$has_preconfig = true;
 			$description = 'You have FCGID for Froxlor itself activated. You can now specify a PHP-configuration for this.';
 			$question = '<strong>Select Froxlor-vhost PHP configuration:</strong>&nbsp;';
 			$question .= '<select name="update_defaultini_ownvhost">';
 			$configs_array = getPhpConfigs();
 			$configs = '';
-			foreach($configs_array as $idx => $desc)
-			{
+			foreach ($configs_array as $idx => $desc) {
 				$configs .= makeoption($desc, $idx, '1');
 			}
 			$question .= $configs . '</select>';
@@ -314,32 +279,27 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		}
 	}

-	if(versionInUpdate($current_version, '0.9.14-svn3'))
-	{
-		if((int)$settings['system']['awstats_enabled'] == 1)
-		{
+	if (versionInUpdate($current_version, '0.9.14-svn3')) {
+		if ((int) Settings::Get('system.awstats_enabled') == 1) {
 			$has_preconfig = true;
 			$description = 'To have icons in AWStats statistic-pages please enter the path to AWStats icons folder.';
 			$question = '<strong>Path to AWSTats icons folder:</strong>&nbsp;';
-			$question.= '<input type="text" class="text" name="update_awstats_icons" value="'.$settings['system']['awstats_icons'].'" />';
+			$question .= '<input type="text" class="text" name="update_awstats_icons" value="' . Settings::Get('system.awstats_icons') . '" />';
 			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 		}
 	}

-	if(versionInUpdate($current_version, '0.9.14-svn4'))
-	{
-		if((int)$settings['system']['use_ssl'] == 1)
-		{
+	if (versionInUpdate($current_version, '0.9.14-svn4')) {
+		if ((int) Settings::Get('system.use_ssl') == 1) {
 			$has_preconfig = true;
 			$description = 'Froxlor now has the possibility to set \'SSLCertificateChainFile\' for the apache webserver.';
 			$question = '<strong>Enter filename (leave empty for none):</strong>&nbsp;';
-			$question.= '<input type="text" class="text" name="update_ssl_cert_chainfile" value="'.$settings['system']['ssl_cert_chainfile'].'" />';
+			$question .= '<input type="text" class="text" name="update_ssl_cert_chainfile" value="' . Settings::Get('system.ssl_cert_chainfile') . '" />';
 			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 		}
 	}

-	if(versionInUpdate($current_version, '0.9.14-svn6'))
-	{
+	if (versionInUpdate($current_version, '0.9.14-svn6')) {
 		$has_preconfig = true;
 		$description = 'You can now allow customers to use any of their domains as username for the login.';
 		$question = '<strong>Do you want to enable domain-login for all customers?:</strong>&nbsp;';
@@ -347,16 +307,14 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.14-svn10'))
-	{
+	if (versionInUpdate($current_version, '0.9.14-svn10')) {
 		$has_preconfig = true;
 		$description = '<strong>This update removes the unsupported real-time option. Additionally the deprecated tables for navigation and cronscripts are removed, any modules using these tables need to be updated to the new structure!</strong>';
 		$question = '';
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.16-svn1'))
-	{
+	if (versionInUpdate($current_version, '0.9.16-svn1')) {
 		$has_preconfig = true;
 		$description = 'Froxlor now features support for php-fpm.';
 		$question = '<strong>Do you want to enable php-fpm?:</strong>&nbsp;';
@@ -388,25 +346,22 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.16-svn2'))
-	{
-		if((int)$settings['phpfpm']['enabled'] == 1)
-		{
+	if (versionInUpdate($current_version, '0.9.16-svn2')) {
+		if ((int) Settings::Get('phpfpm.enabled') == 1) {
 			$has_preconfig = true;
 			$description = 'You can chose whether you want Froxlor to use PHP-FPM itself too now.';
 			$question = '<strong>Use PHP-FPM for the Froxlor Panel?:</strong>&nbsp;';
 			$question .= makeyesno('update_phpfpm_enabled_ownvhost', '1', '0', '0') . '<br /><br />';
 			$question .= '<strong>If \'yes\', please specify local user/group (have to exist, Froxlor does not add them automatically):</strong><br /><br />';
 			$question .= 'Local user:&nbsp;';
-			$question.= '<input type="text" class="text" name="update_phpfpm_httpuser" value="'.$settings['system']['mod_fcgid_httpuser'].'" /><br /><br />';
+			$question .= '<input type="text" class="text" name="update_phpfpm_httpuser" value="' . Settings::Get('system.mod_fcgid_httpuser') . '" /><br /><br />';
 			$question .= 'Local group:&nbsp;';
-			$question.= '<input type="text" class="text" name="update_phpfpm_httpgroup" value="'.$settings['system']['mod_fcgid_httpgroup'].'" /><br />';
+			$question .= '<input type="text" class="text" name="update_phpfpm_httpgroup" value="' . Settings::Get('system.mod_fcgid_httpgroup') . '" /><br />';
 			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 		}
 	}

-	if(versionInUpdate($current_version, '0.9.17-svn1'))
-	{
+	if (versionInUpdate($current_version, '0.9.17-svn1')) {
 		$has_preconfig = true;
 		$description = 'Select if you want to enable the web- and traffic-reports';
 		$question = '<strong>Enable?:</strong>&nbsp;';
@@ -419,8 +374,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.18-svn2'))
-	{
+	if (versionInUpdate($current_version, '0.9.18-svn2')) {
 		$has_preconfig = true;
 		$description = 'As you can (obviously) see, Froxlor now comes with a new theme. You also have the possibility to switch back to "Classic" if you want to.';
 		$question = '<strong>Select default panel theme:</strong>&nbsp;';
@@ -434,20 +388,18 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

-	if(versionInUpdate($current_version, '0.9.28-svn4'))
-	{
+	if (versionInUpdate($current_version, '0.9.28-svn4')) {
 		$has_preconfig = true;
 		$description = 'This version introduces a lot of profound changes:';
 		$description .= '<br /><ul><li>Improving the whole template system</li><li>Full UTF-8 support</li><li><strong>Removing support for the former default theme \'Classic\'</strong></li></ul>';
 		$description .= '<br /><br />Notice: This update will <strong>alter your Froxlor database to use UTF-8</strong> as default charset. ';
-		$description .= 'Even though this is already tested, we <span style="color:#ff0000;font-weight:bold;">strongly recommend</span> to ';
+		$description .= 'Even though this is already tested, we <span class="red">strongly recommend</span> to ';
 		$description .= 'test this update in a testing environment using your existing data.<br /><br />';

 		$question = '<strong>Select your preferred Classic Theme replacement:</strong>&nbsp;';
 		$question .= '<select name="classic_theme_replacement">';
 		$themes = getThemes();
-		foreach($themes as $cur_theme)
-		{
+		foreach ($themes as $cur_theme) {
 			$question .= makeoption($cur_theme, $cur_theme, 'Froxlor');
 		}
 		$question .= '</select>';
@@ -457,7 +409,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)

 	if (versionInUpdate($current_version, '0.9.28-svn6')) {

-		if ($settings['system']['webserver'] == 'apache2') {
+		if (Settings::Get('system.webserver') == 'apache2') {
 			$has_preconfig = true;
 			$description = 'Froxlor now supports the new Apache 2.4. Please be aware that you need to load additional apache-modules in ordner to use it.<br />';
 			$description .= '<pre>LoadModule authz_core_module modules/mod_authz_core.so
@@ -465,7 +417,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 			$question = '<strong>Do you want to enable the Apache-2.4 modification?:</strong>&nbsp;';
 			$question .= makeyesno('update_system_apache24', '1', '0', '0');
 			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
-		} elseif ($settings['system']['webserver'] == 'nginx') {
+		} elseif (Settings::Get('system.webserver') == 'nginx') {
 			$has_preconfig = true;
 			$description = 'The path to nginx\'s fastcgi_params file is now customizable.<br /><br />';
 			$question = '<strong>Please enter full path to you nginx/fastcgi_params file (including filename):</strong>&nbsp;';
@@ -494,9 +446,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		$description = 'Froxlor changed the default parameter-set of sendmail (php.ini)<br />';
 		$description .= 'sendmail_path = "/usr/sbin/sendmail -t <strong>-i</strong> -f {CUSTOMER_EMAIL}"<br /><br />';
 		$description .= 'If you don\'t have any problems with sending mails, you don\'t need to change this';
-		if ($settings['system']['mod_fcgid'] == '1'
-				|| $settings['phpfpm']['enabled'] == '1'
-		) {
+		if (Settings::Get('system.mod_fcgid') == '1' || Settings::Get('phpfpm.enabled') == '1') {
 			// information about removal of php's safe_mode
 			$description .= '<br /><br />The php safe_mode flag has been removed as current versions of PHP<br />';
 			$description .= 'do not support it anymore.<br /><br />';
@@ -509,9 +459,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)

 	if (versionInUpdate($current_version, '0.9.29-dev1')) {
 		// we only need to ask if fcgid|php-fpm is enabled
-		if ($settings['system']['mod_fcgid'] == '1'
-				|| $settings['phpfpm']['enabled'] == '1'
-		) {
+		if (Settings::Get('system.mod_fcgid') == '1' || Settings::Get('phpfpm.enabled') == '1') {
 			$has_preconfig = true;
 			$description = 'Standard-subdomains can now be hidden from the php-configuration overview.<br />';
 			$question = '<strong>Do you want to hide the standard-subdomains (this can be changed in the settings any time)?:</strong>&nbsp;';
@@ -555,12 +503,10 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 	// let the apache+fpm users know that they MUST change their config
 	// for the domains / webserver to work after the update
 	if (versionInUpdate($current_version, '0.9.30-dev1')) {
-		if ($settings['system']['webserver'] == 'apache2'
-			&& $settings['phpfpm']['enabled'] == '1'
-		) {
+		if (Settings::Get('system.webserver') == 'apache2' && Settings::Get('phpfpm.enabled') == '1') {
 			$has_preconfig = true;
 			$description = 'The PHP-FPM implementation for apache2 has changed. Please look for the "<b>fastcgi.conf</b>" (Debian/Ubuntu) or "<b>70_fastcgi.conf</b>" (Gentoo) within /etc/apache2/ and change it as shown below:<br /><br />';
-			$description .= '<pre style="width:500px;border:1px solid #ccc;padding:4px;">&lt;IfModule mod_fastcgi.c&gt;
+			$description .= '<pre class="code-block">&lt;IfModule mod_fastcgi.c&gt;
    FastCgiIpcDir /var/lib/apache2/fastcgi/
    &lt;Location "/fastcgiphp"&gt;
        Order Deny,Allow
@@ -575,9 +521,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 	}

 	if (versionInUpdate($current_version, '0.9.31-dev2')) {
-		if ($settings['system']['webserver'] == 'apache2'
-				&& $settings['phpfpm']['enabled'] == '1'
-		) {
+		if (Settings::Get('system.webserver') == 'apache2' && Settings::Get('phpfpm.enabled') == '1') {
 			$has_preconfig = true;
 			$description = 'The FPM socket directory is now a setting in froxlor. Its default is <b>/var/lib/apache2/fastcgi/</b>.<br/>If you are using <b>/var/run/apache2</b> in the "<b>fastcgi.conf</b>" (Debian/Ubuntu) or "<b>70_fastcgi.conf</b>" (Gentoo) please correct this path accordingly<br />';
 			$question = '';
@@ -610,4 +554,159 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}

+	if (versionInUpdate($current_version, '0.9.32-dev2')) {
+		$has_preconfig = true;
+		$description = 'To enable logging of the mail-traffic, you need to set the following settings accordingly<br /><br />';
+		$question = '<strong>Do you want to enable the traffic collection for mail? (default: yes):</strong>&nbsp;';
+		$question .= makeyesno('mailtraffic_enabled', '1', '0', '1') . '<br />';
+		$question .= '<strong>Mail Transfer Agent</strong><br />';
+		$question .= 'Type of your MTA:&nbsp;';
+		$question .= '<select name="mtaserver">';
+		$question .= makeoption('Postfix', 'postfix', 'postfix');
+		$question .= makeoption('Exim4', 'exim4', 'postfix');
+		$question .= '</select><br />';
+		$question .= 'Logfile for your MTA:&nbsp;';
+		$question .= '<input type="text" class="text" name="mtalog" value="/var/log/mail.log" /><br />';
+		$question .= '<strong>Mail Delivery Agent</strong><br />';
+		$question .= 'Type of your MDA:&nbsp;';
+		$question .= '<select name="mdaserver">';
+		$question .= makeoption('Dovecot', 'dovecot', 'dovecot');
+		$question .= makeoption('Courier', 'courier', 'dovecot');
+		$question .= '</select><br /><br />';
+		$question .= 'Logfile for your MDA:&nbsp;';
+		$question .= '<input type="text" class="text" name="mdalog" value="/var/log/mail.log" /><br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.32-dev5')) {
+		$has_preconfig = true;
+		$description = 'Froxlor now generates a cron-configuration file for the cron-daemon. Please set a filename which will be included automatically by your crond (e.g. files in /etc/cron.d/)<br /><br />';
+		$question = '<strong>Path to the cron-service configuration-file.</strong> This file will be updated regularly and automatically by froxlor.<br />Note: please <b>be sure</b> to use the same filename as for the main froxlor cronjob (default: /etc/cron.d/froxlor)!<br />';
+		$question .= '<input type="text" class="text" name="crondfile" value="/etc/cron.d/froxlor" /><br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.32-dev6')) {
+		$has_preconfig = true;
+		$description = 'In order for the new cron.d file to work properly, we need to know about the cron-service reload command.<br /><br />';
+		$question = '<strong>Please specify the reload-command of your cron-daemon</strong> (default: /etc/init.d/cron reload)<br />';
+		$question .= '<input type="text" class="text" name="crondreload" value="/etc/init.d/cron reload" /><br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.32-rc2')) {
+		$has_preconfig = true;
+		$description = 'To customize the command which executes the cronjob (php - basically) change the path below according to your system.<br /><br />';
+		$question = '<strong>Please specify the command to execute cronscripts</strong> (default: "/usr/bin/nice -n 5 /usr/bin/php5 -q")<br />';
+		$question .= '<input type="text" class="text" name="croncmdline" value="/usr/bin/nice -n 5 /usr/bin/php5 -q" /><br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.33-dev1')) {
+		$has_preconfig = true;
+		$description = 'You can enable/disable the display/usage of the custom newsfeed for customers.<br /><br />';
+		$question = '<strong>Do you want to enable the custom newsfeed for customer? (default: no):</strong>&nbsp;';
+		$question .= makeyesno('customer_show_news_feed', '1', '0', '0') . '<br />';
+		$question .= '<strong>You have to set the URL for your RSS-feed here, if you have chosen to enable the custom newsfeed on the customer-dashboard:</strong>&nbsp;';
+		$question .= '<input type="text" class="text" name="customer_news_feed_url" value="" /><br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.33-dev2')) {
+		// only if bind is used - if not the default will be set, which is '0' (off)
+		if (Settings::get('system.bind_enable') == 1) {
+			$has_preconfig = true;
+			$description = 'You can enable/disable the generation of the bind-zone / config for the system hostname.<br /><br />';
+			$question = '<strong>Do you want to generate a bind-zone for the system-hostname? (default: no):</strong>&nbsp;';
+			$question .= makeyesno('dns_createhostnameentry', '1', '0', '0') . '<br />';
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		}
+	}
+
+	if (versionInUpdate($current_version, '0.9.33-rc2')) {
+		$has_preconfig = true;
+		$description = 'You can chose whether you want to receive an e-mail on cronjob errors. Keep in mind that this can lead to an e-mail being sent every 5 minutes.<br /><br />';
+		$question = '<strong>Do you want to receive cron-errors via mail? (default: no):</strong>&nbsp;';
+		$question .= makeyesno('system_send_cron_errors', '1', '0', '0') . '<br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.34-dev3')) {
+		$has_preconfig = true;
+		$description = 'Froxlor now requires the PHP mbstring-extension as we need to be multibyte-character safe in some cases';
+		$question = '<strong>PHP mbstring</strong> is currently: ';
+		if (! extension_loaded('mbstring')) {
+			$question .= '<span class="red">not installed/loaded</span>';
+			$question .= '<br>Please install the PHP mbstring extension in order to finish the update';
+		} else {
+			$question .= '<span class="green">installed/loaded</span>';
+		}
+		$question .= '<br>';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_db_version, '201603070')) {
+		$has_preconfig = true;
+		$description = 'You can chose whether you want to enable or disable our Let\'s Encrypt implementation.<br />Please remember that you need to go through the webserver-configuration when enabled because this feature needs a special configuration.<br /><br />';
+		$question = '<strong>Do you want to enable Let\'s Encrypt? (default: yes):</strong>&nbsp;';
+		$question .= makeyesno('enable_letsencrypt', '1', '0', '1') . '<br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_db_version, '201604270')) {
+		$has_preconfig = true;
+		$description = 'You can chose whether you want to enable or disable our backup function.<br /><br />';
+		$question = '<strong>Do you want to enable Backup? (default: no):</strong>&nbsp;';
+		$question .= makeyesno('enable_backup', '1', '0', '0') . '<br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_db_version, '201605090')) {
+		$has_preconfig = true;
+		$description = 'You can chose whether you want to enable or disable our DNS editor<br /><br />';
+		$question = '<strong>Do you want to enable the DNS editor? (default: no):</strong>&nbsp;';
+		$question .= makeyesno('enable_dns', '1', '0', '0') . '<br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_db_version, '201605170')) {
+		$has_preconfig = true;
+		$description = 'Froxlor now supports the dns-daemon Power-DNS, you can chose between bind and powerdns now.';
+		$question = '<strong>Select dns-daemon you want to use:</strong>&nbsp;';
+		$question .= '<select name="new_dns_daemon">';
+		$dnsdaemons = makeoption('Bind9', 'bind', 'bind');
+		$dnsdaemons .= makeoption('PowerDNS', 'pdns', 'bind');
+		$question .= $dnsdaemons . '</select>';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_db_version, '201609120')) {
+		if (Settings::Get('system.leenabled') == 1) {
+			$has_preconfig = true;
+			$description = 'You can now customize the path to your acme.conf file (global alias for Let\'s Encrypt). If you already set up Let\'s Encrypt and the acme.conf file, please set this to the complete path to the file!<br /><br />';
+			$question = '<strong>Path to the acme.conf alias-file.</strong><br />';
+			$question .= '<input type="text" class="text" name="acmeconffile" value="/etc/apache2/conf-enabled/acme.conf" /><br />';
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		}
+	}
+
+	if (versionInUpdate($current_db_version, '201609200')) {
+		$has_preconfig = true;
+		$description = 'Specify SMTP settings which froxlor should use to send mail (optional)<br /><br />';
+		$question = '<strong>Enable sending mails via SMTP?</strong><br />';
+		$question .= makeyesno('smtp_enable', '1', '0', '0') . '<br />';
+		$question .= '<strong>Enable sending mails via SMTP?</strong><br />';
+		$question .= '<input type="text" class="text" name="smtp_host" value="localhost" /><br />';
+		$question .= '<strong>TCP port to connect to?</strong><br />';
+		$question .= '<input type="text" class="text" name="smtp_port" value="25" /><br />';
+		$question .= '<strong>Enable TLS encryption?</strong><br />';
+		$question .= makeyesno('smtp_usetls', '1', '0', '1') . '<br />';
+		$question .= '<strong>Enable SMTP authentication?</strong><br />';
+		$question .= makeyesno('smtp_auth', '1', '0', '1') . '<br />';
+		$question .= '<strong>SMTP user?</strong><br />';
+		$question .= '<input type="text" class="text" name="smtp_user" value="" /><br />';
+		$question .= '<strong>SMTP password?</strong><br />';
+		$question .= '<input type="password" class="text" name="smtp_passwd" value="" /><br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
 }
--- a/install/updatesql.php
+++ b/install/updatesql.php
@@ -17,10 +17,19 @@
 *
 */

-$updatelog = FroxlorLogger::getInstanceOf(array('loginname' => 'updater'), $settings);
+if (!defined('AREA')
+	|| (defined('AREA') && AREA != 'admin')
+	|| !isset($userinfo['loginname'])
+	|| (isset($userinfo['loginname']) && $userinfo['loginname'] == '')
+) {
+	header('Location: ../index.php');
+	exit;
+}
+
+$updatelog = FroxlorLogger::getInstanceOf(array('loginname' => 'updater'));

 $updatelogfile = validateUpdateLogFile(makeCorrectFile(dirname(__FILE__).'/update.log'));
-$filelog = FileLogger::getInstanceOf(array('loginname' => 'updater'), $settings);
+$filelog = FileLogger::getInstanceOf(array('loginname' => 'updater'));
 $filelog->setLogFile($updatelogfile);

 // if first writing does not work we'll stop, tell the user to fix it
@@ -44,6 +53,23 @@ if(!isFroxlor()) {

 if (isFroxlor()) {
 	include_once (makeCorrectFile(dirname(__FILE__).'/updates/froxlor/0.9/update_0.9.inc.php'));
+
+	// Check Froxlor - database integrity (only happens after all updates are done, so we know the db-layout is okay)
+	showUpdateStep("Checking database integrity");
+
+	$integrity = new IntegrityCheck();
+	if (!$integrity->checkAll()) {
+		lastStepStatus(1, 'Monkeys ate the integrity');
+		showUpdateStep("Trying to remove monkeys, feeding bananas");
+		if(!$integrity->fixAll()) {
+			lastStepStatus(2, 'Some monkeys just would not move, you should contact team@froxlor.org');
+		} else {
+			lastStepStatus(0, 'Integrity restored');
+		}
+	} else {
+		lastStepStatus(0);
+	}
+
 	$filelog->logAction(ADM_ACTION, LOG_WARNING, '--------------- END LOG ---------------');
 	unset($filelog);
 }
--- a/js/excanvas.min.js
+++ b/js/excanvas.min.js
--- a/js/html5shiv.js
+++ b/js/html5shiv.js
@@ -1,8 +0,0 @@
-/*
- HTML5 Shiv v3.7.0 | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed
-*/
-(function(l,f){function m(){var a=e.elements;return"string"==typeof a?a.split(" "):a}function i(a){var b=n[a[o]];b||(b={},h++,a[o]=h,n[h]=b);return b}function p(a,b,c){b||(b=f);if(g)return b.createElement(a);c||(c=i(b));b=c.cache[a]?c.cache[a].cloneNode():r.test(a)?(c.cache[a]=c.createElem(a)).cloneNode():c.createElem(a);return b.canHaveChildren&&!s.test(a)?c.frag.appendChild(b):b}function t(a,b){if(!b.cache)b.cache={},b.createElem=a.createElement,b.createFrag=a.createDocumentFragment,b.frag=b.createFrag();
-a.createElement=function(c){return!e.shivMethods?b.createElem(c):p(c,a,b)};a.createDocumentFragment=Function("h,f","return function(){var n=f.cloneNode(),c=n.createElement;h.shivMethods&&("+m().join().replace(/[\w\-]+/g,function(a){b.createElem(a);b.frag.createElement(a);return'c("'+a+'")'})+");return n}")(e,b.frag)}function q(a){a||(a=f);var b=i(a);if(e.shivCSS&&!j&&!b.hasCSS){var c,d=a;c=d.createElement("p");d=d.getElementsByTagName("head")[0]||d.documentElement;c.innerHTML="x<style>article,aside,dialog,figcaption,figure,footer,header,hgroup,main,nav,section{display:block}mark{background:#FF0;color:#000}template{display:none}</style>";
-c=d.insertBefore(c.lastChild,d.firstChild);b.hasCSS=!!c}g||t(a,b);return a}var k=l.html5||{},s=/^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i,r=/^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i,j,o="_html5shiv",h=0,n={},g;(function(){try{var a=f.createElement("a");a.innerHTML="<xyz></xyz>";j="hidden"in a;var b;if(!(b=1==a.childNodes.length)){f.createElement("a");var c=f.createDocumentFragment();b="undefined"==typeof c.cloneNode||
-"undefined"==typeof c.createDocumentFragment||"undefined"==typeof c.createElement}g=b}catch(d){g=j=!0}})();var e={elements:k.elements||"abbr article aside audio bdi canvas data datalist details dialog figcaption figure footer header hgroup main mark meter nav output progress section summary template time video",version:"3.7.0",shivCSS:!1!==k.shivCSS,supportsUnknownElements:g,shivMethods:!1!==k.shivMethods,type:"default",shivDocument:q,createElement:p,createDocumentFragment:function(a,b){a||(a=f);
-if(g)return a.createDocumentFragment();for(var b=b||i(a),c=b.frag.cloneNode(),d=0,e=m(),h=e.length;d<h;d++)c.createElement(e[d]);return c}};l.html5=e;q(f)})(this,document);
--- a/Show More
+++ b/Show More
				`@@ -1 +0,0 @@`
				.jqplot-target{position:relative;color:#666;font-family:"Trebuchet MS",Arial,Helvetica,sans-serif;font-size:1em}.jqplot-axis{font-size:.75em}.jqplot-xaxis{margin-top:10px}.jqplot-x2axis{margin-bottom:10px}.jqplot-yaxis{margin-right:10px}.jqplot-y2axis,.jqplot-y3axis,.jqplot-y4axis,.jqplot-y5axis,.jqplot-y6axis,.jqplot-y7axis,.jqplot-y8axis,.jqplot-y9axis,.jqplot-yMidAxis{margin-left:10px;margin-right:10px}.jqplot-axis-tick,.jqplot-xaxis-tick,.jqplot-yaxis-tick,.jqplot-x2axis-tick,.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick,.jqplot-yMidAxis-tick{position:absolute;white-space:pre}.jqplot-xaxis-tick{top:0;left:15px;vertical-align:top}.jqplot-x2axis-tick{bottom:0;left:15px;vertical-align:bottom}.jqplot-yaxis-tick{right:0;top:15px;text-align:right}.jqplot-yaxis-tick.jqplot-breakTick{right:-20px;margin-right:0;padding:1px 5px 1px 5px;z-index:2;font-size:1.5em}.jqplot-y2axis-tick,.jqplot-y3axis-tick,.jqplot-y4axis-tick,.jqplot-y5axis-tick,.jqplot-y6axis-tick,.jqplot-y7axis-tick,.jqplot-y8axis-tick,.jqplot-y9axis-tick{left:0;top:15px;text-align:left}.jqplot-yMidAxis-tick{text-align:center;white-space:nowrap}.jqplot-xaxis-label{margin-top:10px;font-size:11pt;position:absolute}.jqplot-x2axis-label{margin-bottom:10px;font-size:11pt;position:absolute}.jqplot-yaxis-label{margin-right:10px;font-size:11pt;position:absolute}.jqplot-yMidAxis-label{font-size:11pt;position:absolute}.jqplot-y2axis-label,.jqplot-y3axis-label,.jqplot-y4axis-label,.jqplot-y5axis-label,.jqplot-y6axis-label,.jqplot-y7axis-label,.jqplot-y8axis-label,.jqplot-y9axis-label{font-size:11pt;margin-left:10px;position:absolute}.jqplot-meterGauge-tick{font-size:.75em;color:#999}.jqplot-meterGauge-label{font-size:1em;color:#999}table.jqplot-table-legend{margin-top:12px;margin-bottom:12px;margin-left:12px;margin-right:12px}table.jqplot-table-legend,table.jqplot-cursor-legend{background-color:rgba(255,255,255,0.6);border:1px solid #ccc;position:absolute;font-size:.75em}td.jqplot-table-legend{vertical-align:middle}td.jqplot-seriesToggle:hover,td.jqplot-seriesToggle:active{cursor:pointer}.jqplot-table-legend .jqplot-series-hidden{text-decoration:line-through}div.jqplot-table-legend-swatch-outline{border:1px solid #ccc;padding:1px}div.jqplot-table-legend-swatch{width:0;height:0;border-top-width:5px;border-bottom-width:5px;border-left-width:6px;border-right-width:6px;border-top-style:solid;border-bottom-style:solid;border-left-style:solid;border-right-style:solid}.jqplot-title{top:0;left:0;padding-bottom:.5em;font-size:1.2em}table.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em}.jqplot-cursor-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px}.jqplot-highlighter-tooltip,.jqplot-canvasOverlay-tooltip{border:1px solid #ccc;font-size:.75em;white-space:nowrap;background:rgba(208,208,208,0.5);padding:1px}.jqplot-point-label{font-size:.75em;z-index:2}td.jqplot-cursor-legend-swatch{vertical-align:middle;text-align:center}div.jqplot-cursor-legend-swatch{width:1.2em;height:.7em}.jqplot-error{text-align:center}.jqplot-error-message{position:relative;top:46%;display:inline-block}div.jqplot-bubble-label{font-size:.8em;padding-left:2px;padding-right:2px;color:rgb(20%,20%,20%)}div.jqplot-bubble-label.jqplot-bubble-label-highlight{background:rgba(90%,90%,90%,0.7)}div.jqplot-noData-container{text-align:center;background-color:rgba(96%,96%,96%,0.3)}