setting version to 0.9.33.2 for bugfix release

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>

.gitignore

@@ -1,4 +1,3 @@
-lib/classes/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/*/
 templates/*
 logs/*
 install/update.log

actions/admin/settings/100.panel.php

@@ -93,23 +93,6 @@ return array(
 					'option_options' => array('Manual' => $lng['serversettings']['manual'], 'Dropdown' => $lng['serversettings']['dropdown']),
 					'save_method' => 'storeSettingField',
 					),
-				'use_webfonts' => array(
-					'label' => $lng['serversettings']['enablewebfonts'],
-					'settinggroup' => 'panel',
-					'varname' => 'use_webfonts',
-					'type' => 'bool',
-					'default' => true,
-					'save_method' => 'storeSettingField',
-					),
-				'webfont' => array(
-					'label' => $lng['serversettings']['definewebfont']['title'],
-					'settinggroup' => 'panel',
-					'varname' => 'webfont',
-					'type' => 'string',
-					'default' => 'Numans',
-					'string_emptyallowed' => false,
-					'save_method' => 'storeSettingField',
-					),
 				'panel_adminmail' => array(
 					'label' => $lng['serversettings']['adminmail'],
 					'settinggroup' => 'panel',
@@ -202,6 +185,24 @@ return array(
 					'default' => true,
 					'save_method' => 'storeSettingField',
 					),
+				'customer_show_news_feed' => array(
+					'label' => $lng['admin']['customer_show_news_feed'],
+					'settinggroup' => 'customer',
+					'varname' => 'show_news_feed',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'customer_news_feed_url' => array(
+					'label' => $lng['admin']['customer_news_feed_url'],
+					'settinggroup' => 'customer',
+					'varname' => 'news_feed_url',
+					'type' => 'string',
+					'string_type' => 'url',
+					'string_emptyallowed' => true,
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					),
 				'panel_allow_domain_change_admin' => array(
 					'label' => $lng['serversettings']['panel_allow_domain_change_admin'],
 					'settinggroup' => 'panel',

actions/admin/settings/110.accounts.php

@@ -70,6 +70,46 @@ return array(
 					'default' => 0,
 					'save_method' => 'storeSettingField',
 					),
+				'panel_password_alpha_lower' => array(
+					'label' => $lng['serversettings']['panel_password_alpha_lower'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_alpha_lower',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_alpha_upper' => array(
+					'label' => $lng['serversettings']['panel_password_alpha_upper'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_alpha_upper',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_numeric' => array(
+					'label' => $lng['serversettings']['panel_password_numeric'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_numeric',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_special_char_required' => array(
+					'label' => $lng['serversettings']['panel_password_special_char_required'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_special_char_required',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					),
+				'panel_password_special_char' => array(
+					'label' => $lng['serversettings']['panel_password_special_char'],
+					'settinggroup' => 'panel',
+					'varname' => 'password_special_char',
+					'type' => 'string',
+					'default' => '!?<>§$%&+#=@',
+					'save_method' => 'storeSettingField',
+					),
 				'panel_password_regex' => array(
 					'label' => $lng['serversettings']['panel_password_regex'],
 					'settinggroup' => 'panel',
@@ -150,4 +190,4 @@ return array(
 		),
 	);
 
-?>
+?>

actions/admin/settings/125.cronjob.php

@@ -29,6 +29,14 @@ return array(
 					'default' => '/etc/cron.d/froxlor',
 					'save_method' => 'storeSettingField',
 					),
+				'system_send_cron_errors' => array(
+					'label' => $lng['serversettings']['system_send_cron_errors'],
+					'settinggroup' => 'system',
+					'varname' => 'send_cron_errors',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+				),
 				'system_croncmdline' => array(
 					'label' => $lng['serversettings']['system_croncmdline'],
 					'settinggroup' => 'system',

actions/admin/settings/136.phpfpm.php

@@ -185,9 +185,16 @@ return array(
 					'default' => 30,
 					'save_method' => 'storeSettingField'
 					),
+				'system_phpfpm_use_mod_proxy' => array(
+					'label' => $lng['phpfpm']['use_mod_proxy'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'use_mod_proxy',
+					'type' => 'bool',
+					'default' => false,
+					'visible' => Settings::Get('system.apache24'),
+					'save_method' => 'storeSettingField'
+					),
 				),
 			),
 		),
 	);
-
-?>

actions/admin/settings/160.nameserver.php

@@ -74,10 +74,19 @@ return array(
 					'varname' => 'axfrservers',
 					'type' => 'string',
 					'string_type' => 'validate_ip',
+					'string_delimiter' => ',',
 					'string_emptyallowed' => true,
 					'default' => '',
 					'save_method' => 'storeSettingField',
 				),
+				'system_dns_createhostnameentry' => array(
+					'label' => $lng['serversettings']['dns_createhostnameentry'],
+					'settinggroup' => 'system',
+					'varname' => 'dns_createhostnameentry',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField'
+				),
 				'system_dns_createmailentry' => array(
 					'label' => $lng['serversettings']['mail_also_with_mxservers'],
 					'settinggroup' => 'system',

actions/admin/settings/210.security.php

@@ -45,7 +45,7 @@ return array(
 					'type' => 'option',
 					'default' => 0,
 					'option_mode' => 'one',
-					'option_options' => array(0 => $lng['serversettings']['systemdefault'], 1 => 'MD5', 2 => 'BLOWFISH', 3 => 'SHA-256', 4 => 'SHA-512'),
+					'option_options_method' => 'getAvailablePasswordHashes',
 					'save_method' => 'storeSettingField',
 					),
 				'system_allow_error_report_admin' => array(

admin_admins.php

@@ -68,7 +68,7 @@ if ($page == 'admins'
 				// percent-values for progressbar
 				// For Disk usage
 				if ($row['diskspace'] > 0) {
-					$disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
+					$disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 0);
 					$disk_doublepercent = round($disk_percent*2, 2);
 				} else {
 					$disk_percent = 0;
@@ -76,15 +76,26 @@ if ($page == 'admins'
 				}
 				// For Traffic usage
 				if ($row['traffic'] > 0) {
-					$traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 2);
+					$traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 0);
 					$traffic_doublepercent = round($traffic_percent*2, 2);
 				} else {
 					$traffic_percent = 0;
 					$traffic_doublepercent = 0;
 				}
 
+				// fix progress-bars if value is >100%
+				if ($disk_percent > 100) {
+					$disk_percent = 100;
+				}
+				if ($traffic_percent > 100) {
+					$traffic_percent = 100;
+				}
+
 				$row = str_replace_array('-1', 'UL', $row, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps subdomains tickets');
 				$row = htmlentities_array($row);
+
+				$row['custom_notes'] = ($row['custom_notes'] != '') ? nl2br($row['custom_notes']) : '';
+
 				eval("\$admins.=\"" . getTemplate("admins/admins_admin") . "\";");
 				$count++;
 			}
@@ -190,6 +201,12 @@ if ($page == 'admins'
 			$name = validate($_POST['name'], 'name');
 			$email = $idna_convert->encode(validate($_POST['email'], 'email'));
 
+			$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+			$custom_notes_show = 0;
+			if (isset($_POST['custom_notes_show'])) {
+			    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+			}
+
 			$loginname = validate($_POST['loginname'], 'loginname');
 			$password = validate($_POST['admin_password'], 'password');
 			$password = validatePassword($password);
@@ -358,7 +375,7 @@ if ($page == 'admins'
 
 				$ins_data = array(
 					'loginname' => $loginname,
-					'password' => md5($password),
+					'password' => makeCryptPassword($password),
 					'name' => $name,
 					'email' => $email,
 					'lang' => $def_language,
@@ -380,7 +397,9 @@ if ($page == 'admins'
 					'tickets_see_all' => $tickets_see_all,
 					'mysqls' => $mysqls,
 					'ip' => $ipaddress,
-					'theme' => $_theme
+					'theme' => $_theme,
+					'custom_notes' => $custom_notes,
+					'custom_notes_show' => $custom_notes_show
 				);
 
 				$ins_stmt = Database::prepare("
@@ -408,7 +427,9 @@ if ($page == 'admins'
 					`tickets_see_all` = :tickets_see_all,
 					`mysqls` = :mysqls,
 					`ip` = :ip,
-					`theme` = :theme
+					`theme` = :theme,
+					`custom_notes` = :custom_notes,
+					`custom_notes_show` = :custom_notes_show
 				");
 				Database::pexecute($ins_stmt, $ins_data);
 
@@ -479,6 +500,12 @@ if ($page == 'admins'
 				$name = validate($_POST['name'], 'name');
 				$email = $idna_convert->encode(validate($_POST['email'], 'email'));
 
+				$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+				$custom_notes_show = $result['custom_notes_show'];
+				if (isset($_POST['custom_notes_show'])) {
+				    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+				}
+
 				if ($result['adminid'] == $userinfo['userid']) {
 
 					$password = '';
@@ -616,7 +643,7 @@ if ($page == 'admins'
 				} else {
 					if ($password != '') {
 						$password = validatePassword($password);
-						$password = md5($password);
+						$password = makeCryptPassword($password);
 					} else {
 						$password = $result['password'];
 					}
@@ -713,6 +740,8 @@ if ($page == 'admins'
 						'mysqls' => $mysqls,
 						'ip' => $ipaddress,
 						'deactivated' => $deactivated,
+						'custom_notes' => $custom_notes,
+						'custom_notes_show' => $custom_notes_show,
 						'adminid' => $id
 					);
 
@@ -740,7 +769,9 @@ if ($page == 'admins'
 						`tickets_see_all` = :tickets_see_all,
 						`mysqls` = :mysqls,
 						`ip` = :ip,
-						`deactivated` = :deactivated
+						`deactivated` = :deactivated,
+						`custom_notes` = :custom_notes,
+						`custom_notes_show` = :custom_notes_show
 						WHERE `adminid` = :adminid
 					");
 					Database::pexecute($upd_stmt, $upd_data);

admin_customers.php

@@ -95,7 +95,7 @@ if ($page == 'customers'
 				 */
 				//For Disk usage
 				if ($row['diskspace'] > 0) {
-					$disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 2);
+					$disk_percent = round(($row['diskspace_used']*100)/$row['diskspace'], 0);
 					$disk_doublepercent = round($disk_percent*2, 2);
 				} else {
 					$disk_percent = 0;
@@ -103,7 +103,7 @@ if ($page == 'customers'
 				}
 
 				if ($row['traffic'] > 0) {
-					$traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 2);
+					$traffic_percent = round(($row['traffic_used']*100)/$row['traffic'], 0);
 					$traffic_doublepercent = round($traffic_percent*2, 2);
 				} else {
 					$traffic_percent = 0;
@@ -119,6 +119,17 @@ if ($page == 'customers'
 
 				$row = str_replace_array('-1', 'UL', $row, 'diskspace traffic mysqls emails email_accounts email_forwarders ftps tickets subdomains');
 				$row = htmlentities_array($row);
+
+				// fix progress-bars if value is >100%
+				if ($disk_percent > 100) {
+					$disk_percent = 100;
+				}
+				if ($traffic_percent > 100) {
+					$traffic_percent = 100;
+				}
+
+				$row['custom_notes'] = ($row['custom_notes'] != '') ? nl2br($row['custom_notes']) : '';
+
 				eval("\$customers.=\"" . getTemplate("customers/customers_customer") . "\";");
 				$count++;
 			}
@@ -267,6 +278,13 @@ if ($page == 'customers'
 				Database::pexecute($stmt, array('id' => $id));
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DATABASES . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
+				// first gather all domain-id's to clean up panel_domaintoip accordingly
+				$did_stmt = Database::prepare("SELECT `id` FROM `".TABLE_PANEL_DOMAINS."` WHERE `customerid` = :id");
+				Database::pexecute($did_stmt, array('id' => $id));
+				while ($row = $did_stmt->fetch(PDO::FETCH_ASSOC)) {
+					$stmt = Database::prepare("DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = :did");
+					Database::pexecute($stmt, array('did' => $row['id']));
+				}
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
 				$domains_deleted = $stmt->rowCount();
@@ -401,6 +419,12 @@ if ($page == 'customers'
 				$def_language = validate($_POST['def_language'], 'default language');
 				$gender = intval_ressource($_POST['gender']);
 
+				$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+				$custom_notes_show = 0;
+				if (isset($_POST['custom_notes_show'])) {
+				    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+				}
+
 				$diskspace = intval_ressource($_POST['diskspace']);
 				if (isset($_POST['diskspace_ul'])) {
 					$diskspace = - 1;
@@ -616,7 +640,7 @@ if ($page == 'customers'
 					}
 
 					if ($password == '') {
-						$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
+						$password = generatePassword();
 					}
 
 					$_theme = Settings::Get('panel.default_theme');
@@ -624,7 +648,7 @@ if ($page == 'customers'
 					$ins_data = array(
 						'adminid' => $userinfo['adminid'],
 						'loginname' => $loginname,
-						'passwd' => md5($password),
+						'passwd' => makeCryptPassword($password),
 						'name' => $name,
 						'firstname' => $firstname,
 						'gender' => $gender,
@@ -653,7 +677,9 @@ if ($page == 'customers'
 						'imap' => $email_imap,
 						'pop3' => $email_pop3,
 						'perlenabled' => $perlenabled,
-						'theme' => $_theme
+						'theme' => $_theme,
+						'custom_notes' => $custom_notes,
+						'custom_notes_show' => $custom_notes_show
 					);
 
 					$ins_stmt = Database::prepare("
@@ -690,7 +716,9 @@ if ($page == 'customers'
 						`imap` = :imap,
 						`pop3` = :pop3,
 						`perlenabled` = :perlenabled,
-						`theme` = :theme"
+						`theme` = :theme,
+						`custom_notes` = :custom_notes,
+						`custom_notes_show` = :custom_notes_show"
 					);
 					Database::pexecute($ins_stmt, $ins_data);
 
@@ -817,7 +845,21 @@ if ($page == 'customers'
 							'guid' => $guid,
 							'members' => $loginname.','.Settings::Get('system.httpuser')
 					);
+
+					// also, add froxlor-local user to ftp-group (if exists!) to
+					// allow access to customer-directories from within the panel, which
+					// is necessary when pathedit = Dropdown
+					if ((int)Settings::Get('system.mod_fcgid_ownvhost') == 1 || (int)Settings::Get('phpfpm.enabled_ownvhost') == 1) {
+						if ((int)Settings::Get('system.mod_fcgid') == 1) {
+							$local_user = Settings::Get('system.mod_fcgid_httpuser');
+						} else {
+							$local_user = Settings::Get('phpfpm.vhost_httpuser');
+						}
+						$ins_data['members'] .= ','.$local_user;
+					}
+
 					Database::pexecute($ins_stmt, $ins_data);
+
 					// FTP-Quotatallies
 					$ins_stmt = Database::prepare("
 						INSERT INTO `" . TABLE_FTP_QUOTATALLIES . "` SET `name` = :name, `quota_type` = 'user', `bytes_in_used` = '0',
@@ -850,7 +892,7 @@ if ($page == 'customers'
 							`domain` = :domain,
 							`customerid` = :customerid,
 							`adminid` = :adminid,
-							`parentdomainid` = '-1',
+							`parentdomainid` = '0',
 							`documentroot` = :docroot,
 							`zonefile` = '',
 							`isemaildomain` = '0',
@@ -993,6 +1035,24 @@ if ($page == 'customers'
 		}
 		$result = Database::pexecute_first($result_stmt, $result_data);
 
+		/*
+		 * information for moving customer
+		 */
+		$available_admins_stmt = Database::prepare("
+                        SELECT * FROM `" . TABLE_PANEL_ADMINS . "`
+                        WHERE (`customers` = '-1' OR `customers` > `customers_used`)"
+		);
+		Database::pexecute($available_admins_stmt);
+		$admin_select = makeoption("-----", 0, true, true, true);
+		$admin_select_cnt = 0;
+		while ($available_admin = $available_admins_stmt->fetch()) {
+			$admin_select .= makeoption($available_admin['name']." (".$available_admin['loginname'].")", $available_admin['adminid'], null, true, true);
+			$admin_select_cnt++;
+		}
+		/*
+		 * end of moving customer stuff
+		 */
+
 		if ($result['loginname'] != '') {
 
 			if (isset($_POST['send'])
@@ -1013,6 +1073,14 @@ if ($page == 'customers'
 				$password = validate($_POST['new_customer_password'], 'new password');
 				$gender = intval_ressource($_POST['gender']);
 
+				$move_to_admin = isset($_POST['move_to_admin']) ? intval_ressource($_POST['move_to_admin']) : 0;
+
+				$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+				$custom_notes_show = $result['custom_notes_show'];
+				if (isset($_POST['custom_notes_show'])) {
+				    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+				}
+
 				$diskspace = intval_ressource($_POST['diskspace']);
 				if (isset($_POST['diskspace_ul'])) {
 					$diskspace = - 1;
@@ -1153,7 +1221,7 @@ if ($page == 'customers'
 
 					if ($password != '') {
 						$password = validatePassword($password);
-						$password = md5($password);
+						$password = makeCryptPassword($password);
 					} else {
 						$password = $result['password'];
 					}
@@ -1186,7 +1254,7 @@ if ($page == 'customers'
 							`domain` = :domain,
 							`customerid` = :customerid,
 							`adminid` = :adminid,
-							`parentdomainid` = '-1',
+							`parentdomainid` = '0',
 							`documentroot` = :docroot,
 							`zonefile` = '',
 							`isemaildomain` = '0',
@@ -1348,7 +1416,9 @@ if ($page == 'customers'
 						'phpenabled' => $phpenabled,
 						'imap' => $email_imap,
 						'pop3' => $email_pop3,
-						'perlenabled' => $perlenabled
+						'perlenabled' => $perlenabled,
+						'custom_notes' => $custom_notes,
+						'custom_notes_show' => $custom_notes_show
 					);
 					$upd_stmt = Database::prepare("
 						UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
@@ -1379,7 +1449,9 @@ if ($page == 'customers'
 						`email_quota` = :email_quota,
 						`imap` = :imap,
 						`pop3` = :pop3,
-						`perlenabled` = :perlenabled
+						`perlenabled` = :perlenabled,
+						`custom_notes` = :custom_notes,
+						`custom_notes_show` = :custom_notes_show
 						WHERE `customerid` = :customerid"
 					);
 					Database::pexecute($upd_stmt, $upd_data);
@@ -1491,6 +1563,17 @@ if ($page == 'customers'
 					$admin_update_query.= " WHERE `adminid` = '" . (int)$result['adminid'] . "'";
 					Database::query($admin_update_query);
 					$log->logAction(ADM_ACTION, LOG_INFO, "edited user '" . $result['loginname'] . "'");
+
+					/*
+					 * move customer to another admin/reseller; #1166
+					 */
+					if ($move_to_admin > 0 && $move_to_admin != $result['adminid']) {
+						$move_result = moveCustomerToAdmin($id, $move_to_admin);
+						if ($move_result != true) {
+							standard_error('moveofcustomerfailed', $move_result);
+						}
+					}
+
 					$redirect_props = Array(
 						'page' => $page,
 						's' => $s

admin_domains.php

@@ -351,7 +351,14 @@ if ($page == 'domains'
 					$admin = $userinfo;
 				}
 
-				$documentroot = $customer['documentroot'];
+				// set default path if admin/reseller has "change_serversettings == false" but we still
+				// need to respect the documentroot_use_default_value - setting
+				$path_suffix = '';
+				if (Settings::Get('system.documentroot_use_default_value') == 1) {
+					$path_suffix = '/'.$domain;
+				}
+				$documentroot = makeCorrectDir($customer['documentroot'] . $path_suffix);
+
 				$registration_date = trim($_POST['registration_date']);
 				$registration_date = validate($registration_date, 'registration_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', ''));
 
@@ -572,14 +579,26 @@ if ($page == 'domains'
 				if ($aliasdomain != 0) {
 					// Overwrite given ipandports with these of the "main" domain
 					$ipandports = array();
+					$ssl_ipandports = array();
 					$origipresult_stmt = Database::prepare("
 						SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP ."`
 						WHERE `id_domain` = :id"
 					);
 					Database::pexecute($origipresult_stmt, array('id' => $aliasdomain));
-
+					$ipdata_stmt = Database::prepare("SELECT * FROM `".TABLE_PANEL_IPSANDPORTS."` WHERE `id` = :ipid");
 					while ($origip = $origipresult_stmt->fetch(PDO::FETCH_ASSOC)) {
-						$ipandports[] = $origip['id_ipandports'];
+						$_origip_tmp = Database::pexecute_first($ipdata_stmt, array('ipid' => $origip['id_ipandports']));
+						if ($_origip_tmp['ssl'] == 0) {
+							$ipandports[] = $origip['id_ipandports'];
+						} else {
+							$ssl_ipandports[] = $origip['id_ipandports'];
+						}
+					}
+
+					if (count($ssl_ipandports) == 0) {
+						// we need this for the serialize
+						// if ssl is disabled or no ssl-ip/port exists
+						$ssl_ipandports[] = -1;
 					}
 
 					$aliasdomain_check_stmt = Database::prepare("
@@ -774,16 +793,17 @@ if ($page == 'domains'
 					);
 					Database::pexecute($upd_stmt, array('adminid' => $adminid));
 
+					$ins_stmt = Database::prepare("
+						INSERT INTO `" . TABLE_DOMAINTOIP . "` SET
+						`id_domain` = :domainid,
+						`id_ipandports` = :ipandportsid
+					");
+
 					foreach ($ipandports as $ipportid) {
 						$ins_data = array(
 							'domainid' => $domainid,
 							'ipandportsid' => $ipportid
 						);
-						$ins_stmt = Database::prepare("
-							INSERT INTO `" . TABLE_DOMAINTOIP . "` SET
-							`id_domain` = :domainid,
-							`id_ipandports` = :ipandportsid
-						");
 						Database::pexecute($ins_stmt, $ins_data);
 					}
 
@@ -793,11 +813,6 @@ if ($page == 'domains'
 								'domainid' => $domainid,
 								'ipandportsid' => $ssl_ipportid
 							);
-							$ins_stmt = Database::prepare("
-								INSERT INTO `" . TABLE_DOMAINTOIP . "` SET
-								`id_domain` = :domainid,
-								`id_ipandports` = :ipandportsid
-							");
 							Database::pexecute($ins_stmt, $ins_data);
 						}
 					}
@@ -875,7 +890,7 @@ if ($page == 'domains'
 						$row_ipandport['ip'] = '[' . $row_ipandport['ip'] . ']';
 					}
 
-					$ipsandports[] = array('label' => $row_ipandport['ip'] . ':' . $row_ipandport['port'], 'value' => $row_ipandport['id']);
+					$ipsandports[] = array('label' => $row_ipandport['ip'] . ':' . $row_ipandport['port'] . '<br />', 'value' => $row_ipandport['id']);
 				}
 
 				$ssl_ipsandports = array();
@@ -885,7 +900,7 @@ if ($page == 'domains'
 						$row_ssl_ipandport['ip'] = '[' . $row_ssl_ipandport['ip'] . ']';
 					}
 
-					$ssl_ipsandports[] = array('label' => $row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'], 'value' => $row_ssl_ipandport['id']);
+					$ssl_ipsandports[] = array('label' => $row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'] . '<br />', 'value' => $row_ssl_ipandport['id']);
 				}
 
 				$standardsubdomains = array();
@@ -1354,13 +1369,27 @@ if ($page == 'domains'
 				if ($aliasdomain != 0) {
 					// Overwrite given ipandports with these of the "main" domain
 					$ipandports = array();
+					$ssl_ipandports = array();
 					$origipresult_stmt = Database::prepare("
 						SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP ."` WHERE `id_domain` = :aliasdomain
 					");
 					Database::pexecute($origipresult_stmt, array('aliasdomain' => $aliasdomain));
+					$ipdata_stmt = Database::prepare("SELECT * FROM `".TABLE_PANEL_IPSANDPORTS."` WHERE `id` = :ipid");
 					while ($origip = $origipresult_stmt->fetch(PDO::FETCH_ASSOC)) {
-						$ipandports[] = $origip['id_ipandports'];
+						$_origip_tmp = Database::pexecute_first($ipdata_stmt, array('ipid' => $origip['id_ipandports']));
+						if ($_origip_tmp['ssl'] == 0) {
+							$ipandports[] = $origip['id_ipandports'];
+						} else {
+							$ssl_ipandports[] = $origip['id_ipandports'];
+						}
 					}
+
+					if (count($ssl_ipandports) == 0) {
+						// we need this for the serialize
+						// if ssl is disabled or no ssl-ip/port exists
+						$ssl_ipandports[] = -1;
+					}
+
 					$aliasdomain_check_stmt = Database::prepare("
 						SELECT `d`.`id` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c`
 						WHERE `d`.`customerid` = :customerid
@@ -1645,6 +1674,8 @@ if ($page == 'domains'
 				// FIXME check how many we got and if the amount of assigned IP's
 				// has changed so we can insert a config-rebuild task if only
 				// the ip's of this domain were changed
+				// -> for now, always insert a rebuild-task
+				inserttask('1');
 
 				// Cleanup domain <-> ip mapping
 				$del_stmt = Database::prepare("
@@ -1688,7 +1719,9 @@ if ($page == 'domains'
 						Database::pexecute($ins_stmt, array('rowid' => $row['id'], 'ipportid' => $ipportid));
 					}
 					foreach ($ssl_ipandports as $ssl_ipportid) {
-						Database::pexecute($ins_stmt, array('rowid' => $row['id'], 'ipportid' => $ssl_ipportid));
+						if ($ssl_ipportid > 0) {
+							Database::pexecute($ins_stmt, array('rowid' => $row['id'], 'ipportid' => $ssl_ipportid));
+						}
 					}
 				}
 
@@ -1818,7 +1851,7 @@ if ($page == 'domains'
 					if (filter_var($row_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
 						$row_ipandport['ip'] = '[' . $row_ipandport['ip'] . ']';
 					}
-					$ipsandports[] = array('label' => $row_ipandport['ip'] . ':' . $row_ipandport['port'], 'value' => $row_ipandport['id']);
+					$ipsandports[] = array('label' => $row_ipandport['ip'] . ':' . $row_ipandport['port'] . '<br />', 'value' => $row_ipandport['id']);
 				}
 
 				$ssl_ipsandports = array();
@@ -1826,7 +1859,7 @@ if ($page == 'domains'
 					if (filter_var($row_ssl_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
 						$row_ssl_ipandport['ip'] = '[' . $row_ssl_ipandport['ip'] . ']';
 					}
-					$ssl_ipsandports[] = array('label' => $row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'], 'value' => $row_ssl_ipandport['id']);
+					$ssl_ipsandports[] = array('label' => $row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'] . '<br />', 'value' => $row_ssl_ipandport['id']);
 				}
 
 				$result['specialsettings'] = $result['specialsettings'];
@@ -1870,5 +1903,60 @@ if ($page == 'domains'
 				eval("echo \"" . getTemplate("domains/domains_edit") . "\";");
 			}
 		}
+	} elseif($action == 'import') {
+
+		if (isset($_POST['send'])
+			&& $_POST['send'] == 'send'
+		) {
+
+			$customerid = intval($_POST['customerid']);
+			$separator = validate($_POST['separator'], 'separator');
+			$offset = (int)validate($_POST['offset'], 'offset', "/[0-9]/i");
+
+			$file_name = $_FILES['file']['tmp_name'];
+
+			$result = array();
+
+			try {
+				$bulk = new DomainBulkAction($file_name, $customerid);
+				$result = $bulk->doImport($separator, $offset);
+			} catch (Exception $e) {
+				standard_error('domain_import_error', $e->getMessage());
+			}
+
+			// @FIXME find a way to display $result['notice'] here somehow,
+			//        as it might be important if you've reached your maximum allocation of domains
+
+			// update customer/admin counters
+			updateCounters(false);
+
+			$result_str = $result['imported'] . ' / ' . $result['all'];
+			standard_success('domain_import_successfully', $result_str, array('filename' => $filename, 'action' => '', 'page' => 'domains'));
+		} else {
+			$customers = makeoption($lng['panel']['please_choose'], 0, 0, true);
+			$result_customers_stmt = Database::prepare("
+				SELECT `customerid`, `loginname`, `name`, `firstname`, `company`
+				FROM `" . TABLE_PANEL_CUSTOMERS . "` " .
+				($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = '" . (int)$userinfo['adminid'] . "' ") .
+				" ORDER BY `name` ASC"
+			);
+			$params = array();
+			if ($userinfo['customers_see_all'] == '0') {
+				$params['adminid'] = $userinfo['adminid'];
+			}
+			Database::pexecute($result_customers_stmt, $params);
+
+			while ($row_customer = $result_customers_stmt->fetch(PDO::FETCH_ASSOC)) {
+				$customers.= makeoption(getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']);
+			}
+
+			$domain_import_data = include_once dirname(__FILE__).'/lib/formfields/admin/domains/formfield.domains_import.php';
+			$domain_import_form = htmlform::genHTMLForm($domain_import_data);
+
+			$title = $domain_import_data['domain_import']['title'];
+			$image = $domain_import_data['domain_import']['image'];
+
+			eval("echo \"" . getTemplate("domains/domains_import") . "\";");
+		}
 	}
 }

admin_index.php

@@ -140,6 +140,8 @@ if ($page == 'overview') {
 	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $dec_places);
 	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps tickets subdomains');
 
+	$userinfo['custom_notes'] = ($userinfo['custom_notes'] != '') ? nl2br($userinfo['custom_notes']) : '';
+
 	$cron_last_runs = getCronjobsLastRun();
 	$outstanding_tasks = getOutstandingTasks();
 
@@ -197,7 +199,7 @@ if ($page == 'overview') {
 	) {
 		$old_password = validate($_POST['old_password'], 'old password');
 
-		if (md5($old_password) != $userinfo['password']) {
+		if (!validatePasswordLogin($userinfo,$old_password,TABLE_PANEL_ADMINS,'adminid')) {
 			standard_error('oldpasswordnotcorrect');
 			exit;
 		}
@@ -217,13 +219,11 @@ if ($page == 'overview') {
 			$chgpwd_stmt = Database::prepare("
 				UPDATE `" . TABLE_PANEL_ADMINS . "`
 				SET `password`= :newpasswd
-				WHERE `adminid`= :adminid
-				AND `password`= :oldpasswd"
+				WHERE `adminid`= :adminid"
 			);
 			Database::pexecute($chgpwd_stmt, array(
-				'newpasswd' => md5($new_password),
-				'adminid' => (int)$userinfo['adminid'],
-				'oldpasswd' => md5($old_password)
+				'newpasswd' => makeCryptPassword($new_password),
+				'adminid' => (int)$userinfo['adminid']
 			));
 			$log->logAction(ADM_ACTION, LOG_NOTICE, 'changed password');
 			redirectTo($filename, Array('s' => $s));

admin_settings.php

@@ -105,14 +105,14 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 } elseif($page == 'phpinfo'
 	&& $userinfo['change_serversettings'] == '1'
 ) {
-		ob_start();
-		phpinfo();
-		$phpinfo = array('phpinfo' => array());
-		if (preg_match_all(
-				'#(?:<h2>(?:<a name=".*?">)?(.*?)(?:</a>)?</h2>)|(?:<tr(?: class=".*?")?><t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>(?:<t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>(?:<t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>)?)?</tr>)#s',
-				ob_get_clean(), $matches, PREG_SET_ORDER
-			)
-		) {
+	ob_start();
+	phpinfo();
+	$phpinfo = array('phpinfo' => array());
+	if (preg_match_all(
+			'#(?:<h2>(?:<a name=".*?">)?(.*?)(?:</a>)?</h2>)|(?:<tr(?: class=".*?")?><t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>(?:<t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>(?:<t[hd](?: class=".*?")?>(.*?)\s*</t[hd]>)?)?</tr>)#s',
+			ob_get_clean(), $matches, PREG_SET_ORDER
+		)
+	) {
 		foreach ($matches as $match) {
 			$end = array_keys($phpinfo);
 			$end = end($end);
@@ -143,6 +143,8 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 			eval("\$phpinfohtml .= \"" . getTemplate("settings/phpinfo/phpinfo_table") . "\";");
 		}
 		$phpinfo = $phpinfohtml;
+	} else {
+		standard_error($lng['error']['no_phpinfo']);
 	}
 	eval("echo \"" . getTemplate("settings/phpinfo") . "\";");
 

admin_templates.php

@@ -214,24 +214,23 @@ if ($action == '') {
 		&& $_POST['prepare'] == 'prepare'
 	) {
 		//email templates
-		$language = validate($_POST['language'], 'language');
-		$templates = array();
-		$result_stmt = Database::prepare("
-			SELECT `varname` FROM `" . TABLE_PANEL_TEMPLATES . "`
-			WHERE `adminid`= :adminid AND `language`= :lang
-			AND `templategroup` = 'mails' AND `varname` LIKE '%_subject'"
-		);
-		Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'lang' => $language));
+		$language = validate($_POST['language'], 'language', '/^[^\r\n\0"\']+$/', 'nolanguageselect');
+		$template = validate($_POST['template'], 'template');
 
-		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-			$templates[] = str_replace('_subject', '', $row['varname']);
+		$lng_bak = $lng;
+		foreach ($langs['English'] as $key => $value) {
+			include_once makeSecurePath($value['file']);
+		}
+		if ($language != 'English') {
+			foreach ($langs[$language] as $key => $value) {
+				include makeSecurePath($value['file']);
+			}
 		}
 
-		$templates = array_diff($available_templates, $templates);
-		$template_options = '';
-		foreach ($templates as $template) {
-			$template_options.= makeoption($lng['admin']['templates'][$template], $template, NULL, true);
-		}
+		$subject = $lng['mails'][$template]['subject'];
+		$body = str_replace('\n', "\n", $lng['mails'][$template]['mailbody']);
+
+		$lng = $lng_bak;
 
 		$template_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/templates/formfield.template_add.php';
 		$template_add_form = htmlform::genHTMLForm($template_add_data);
@@ -328,6 +327,7 @@ if ($action == '') {
 		//email templates
 		$add = false;
 		$language_options = '';
+		$template_options = '';
 
 		while (list($language_file, $language_name) = each($languages)) {
 			$templates = array();
@@ -344,7 +344,13 @@ if ($action == '') {
 
 			if (count(array_diff($available_templates, $templates)) > 0) {
 				$add = true;
-				$language_options.= makeoption($language_name, $language_file, $userinfo['language'], true);
+				$language_options.= makeoption($language_name, $language_file, $userinfo['language'], true, true);
+
+				$templates = array_diff($available_templates, $templates);
+
+				foreach ($templates as $template) {
+					$template_options.= makeoption($lng['admin']['templates'][$template], $template, NULL, true, true, $language_file) . "\n";
+				}
 			}
 		}
 
@@ -443,6 +449,8 @@ if ($action == '') {
 			);
 			Database::pexecute($result_stmt, array('id' => $mailbodyid));
 			$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+			
+			$template_name = str_replace('_mailbody', '', $result['varname']);
 
 			$result = htmlentities_array($result);
 			$mailbody = $result['value'];

admin_tickets.php

@@ -158,8 +158,10 @@ if ($page == 'tickets'
 					}
 
 					$row['subject'] = html_entity_decode($row['subject']);
-					if (strlen($row['subject']) > 20) {
-						$row['subject'] = substr($row['subject'], 0, 17) . '...';
+					if (strlen($row['subject']) > 30) {
+						$ts = wordwrap($row['subject'], 30, "|");
+						$ts = explode("|", $ts);
+						$row['subject'] = $ts[0]. '...';
 					}
 
 					eval("\$tickets.=\"" . getTemplate("tickets/tickets_tickets") . "\";");

admin_updates.php

@@ -79,7 +79,7 @@ if ($page == 'overview') {
 				
 				$successful_update = true;
 			} else {
-				$message = '<br /><strong style="color: red">You have to agree that you have read the update notifications.</strong>';
+				$message = '<br /><strong class="red">You have to agree that you have read the update notifications.</strong>';
 			}
 		}
 

customer_domains.php

@@ -230,6 +230,12 @@ if ($page == 'overview') {
 				$domain_check = Database::pexecute_first($domain_stmt, array("domain" => $domain, "customerid" => $userinfo['customerid']));
 
 				$completedomain = $subdomain . '.' . $domain;
+
+				if ($completedomain == Settings::Get('system.hostname')) {
+					standard_error('admin_domain_emailsystemhostname');
+					exit;
+				}
+
 				$completedomain_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE `domain` = :domain
 					AND `customerid` = :customerid
@@ -406,6 +412,7 @@ if ($page == 'overview') {
 				$domains_stmt = Database::prepare("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c`
 					WHERE `d`.`aliasdomain` IS NULL
 					AND `d`.`id` <> `c`.`standardsubdomain`
+					AND `d`.`parentdomainid` = '0'
 					AND `d`.`customerid`=`c`.`customerid`
 					AND `d`.`email_only`='0'
 					AND `d`.`customerid`= :customerid
@@ -607,6 +614,7 @@ if ($page == 'overview') {
 					WHERE `d`.`aliasdomain` IS NULL
 					AND `d`.`id` <> :id
 					AND `c`.`standardsubdomain` <> `d`.`id`
+					AND `d`.`parentdomainid` = '0'
 					AND `d`.`customerid` = :customerid
 					AND `c`.`customerid` = `d`.`customerid`
 					AND `d`.`id` = `dip`.`id_domain`

customer_email.php

@@ -446,9 +446,12 @@ if ($page == 'overview') {
 					}
 					elseif ($password == '' && !(Settings::Get('panel.sendalternativemail') == 1 && validateEmail($alternative_email))) {
 						standard_error(array('stringisempty', 'mypassword'));
+					}
+					elseif ($password == $email_full) {
+						standard_error('passwordshouldnotbeusername');
 					} else {
 						if ($password == '') {
-							$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
+							$password = generatePassword();
 						}
 
 						$cryptPassword = makeCryptPassword($password);
@@ -632,6 +635,10 @@ if ($page == 'overview') {
 					standard_error(array('stringisempty', 'mypassword'));
 					exit;
 				}
+				elseif ($password == $result['email_full']) {
+					standard_error('passwordshouldnotbeusername');
+					exit;
+				}
 
 				$password = validatePassword($password);
 
@@ -887,5 +894,3 @@ if ($page == 'overview') {
 		}
 	}
 }
-
-?>

customer_extras.php

@@ -133,6 +133,8 @@ if ($page == 'overview') {
 				standard_error(array('stringisempty', 'mypassword'));
 			} elseif ($path == '') {
 				standard_error('patherror');
+			} elseif ($_POST['directory_password'] == $username) {
+				standard_error('passwordshouldnotbeusername');
 			} else {
 				$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` SET
 					`customerid` = :customerid,
@@ -184,6 +186,10 @@ if ($page == 'overview') {
 					$password = crypt($_POST['directory_password']);
 				}
 
+				if ($_POST['directory_password'] == $result['username']) {
+					standard_error('passwordshouldnotbeusername');
+				}
+
 				$params = array(
 					"customerid" => $userinfo['customerid'],
 					"id" => $id

customer_ftp.php

@@ -192,6 +192,8 @@ if ($page == 'overview') {
 					standard_error(array('stringisempty', 'mypassword'));
 				} elseif ($path == '') {
 					standard_error('patherror');
+				} elseif ($username == $password) {
+					standard_error('passwordshouldnotbeusername');
 				} else {
 					$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
 
@@ -264,7 +266,7 @@ if ($page == 'overview') {
 						);
 						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
 						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['ftp_add']['infomail_subject']), $replace_arr));
+						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_ftpaccount_by_customer']['subject']), $replace_arr));
 
 						$def_language = $userinfo['def_language'];
 						$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
@@ -275,7 +277,7 @@ if ($page == 'overview') {
 						);
 						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
 						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['ftp_add']['infomail_body']['main']), $replace_arr));
+						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_ftpaccount_by_customer']['mailbody']), $replace_arr));
 
 						$_mailerror = false;
 						try {
@@ -362,6 +364,9 @@ if ($page == 'overview') {
 					if ($password == '') {
 						standard_error(array('stringisempty', 'mypassword'));
 						exit;
+					} elseif ($result['username'] == $password) {
+						standard_error('passwordshouldnotbeusername');
+						exit;
 					}
 					$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account password for '" . $result['username'] . "'");
 					$cryptPassword = makeCryptPassword($password);

customer_index.php

@@ -85,6 +85,8 @@ if ($page == 'overview') {
 	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), Settings::Get('panel.decimal_places'));
 	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps tickets subdomains');
 
+	$userinfo['custom_notes'] = ($userinfo['custom_notes'] != '') ? nl2br($userinfo['custom_notes']) : '';
+
 	$services_enabled = "";
 	$se = array();
 	if ($userinfo['imap'] == '1') $se[] = "IMAP";
@@ -97,7 +99,7 @@ if ($page == 'overview') {
 } elseif ($page == 'change_password') {
 	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$old_password = validate($_POST['old_password'], 'old password');
-		if (md5($old_password) != $userinfo['password']) {
+		if (!validatePasswordLogin($userinfo,$old_password,TABLE_PANEL_CUSTOMERS,'customerid')) {
 			standard_error('oldpasswordnotcorrect');
 			exit;
 		}
@@ -117,13 +119,11 @@ if ($page == 'overview') {
 			// Update user password
 			$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
 				SET `password` = :newpassword
-				WHERE `customerid` = :customerid
-				AND `password` = :oldpassword"
+				WHERE `customerid` = :customerid"
 			);
 			$params = array(
-				"newpassword" => md5($new_password),
-				"customerid" => $userinfo['customerid'],
-				"oldpassword" => md5($old_password)
+				"newpassword" => makeCryptPassword($new_password),
+				"customerid" => $userinfo['customerid']
 			);
 			Database::pexecute($stmt, $params);
 			$log->logAction(USR_ACTION, LOG_NOTICE, 'changed password');

customer_mysql.php

@@ -178,6 +178,11 @@ if ($page == 'overview') {
 						$userinfo['mysql_lastaccountnumber']
 					);
 
+					// we've checked against the password in dbm->createDatabase
+					if ($username == false) {
+						standard_error('passwordshouldnotbeusername');
+					}
+
 					// Statement modified for Database description -- PH 2004-11-29
 					$stmt = Database::prepare('INSERT INTO `' . TABLE_PANEL_DATABASES . '`
 						(`customerid`, `databasename`, `description`, `dbserver`)
@@ -214,7 +219,7 @@ if ($page == 'overview') {
 							'DB_NAME' => $username,
 							'DB_PASS' => $password,
 							'DB_DESC' => $databasedescription,
-							'DB_SRV' => $sql_root['caption'],
+							'DB_SRV' => $sql_root['host'],
 							'PMA_URI' => $pma
 						);
 
@@ -227,7 +232,7 @@ if ($page == 'overview') {
 						);
 						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
 						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['mysql_add']['infomail_subject']), $replace_arr));
+						$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_database_by_customer']['subject']), $replace_arr));
 
 						$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
 							WHERE `adminid`= :adminid
@@ -237,7 +242,7 @@ if ($page == 'overview') {
 						);
 						Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
 						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['mysql_add']['infomail_body']['main']), $replace_arr));
+						$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['new_database_by_customer']['mailbody']), $replace_arr));
 
 						$_mailerror = false;
 						try {
@@ -307,6 +312,10 @@ if ($page == 'overview') {
 					// validate password
 					$password = validatePassword($password);
 
+					if ($password == $result['databasename']) {
+						standard_error('passwordshouldnotbeusername');
+					}
+
 					// Begin root-session
 					Database::needRoot(true);
 					foreach (array_map('trim', explode(',', Settings::Get('system.mysql_access_host'))) as $mysql_access_host) {

customer_tickets.php

@@ -92,8 +92,10 @@ if ($page == 'overview') {
 				}
 
 				$row['subject'] = html_entity_decode($row['subject']);
-				if (strlen($row['subject']) > 20) {
-					$row['subject'] = substr($row['subject'], 0, 17) . '...';
+				if (strlen($row['subject']) > 30) {
+					$ts = wordwrap($row['subject'], 30, "|");
+					$ts = explode("|", $ts);
+					$row['subject'] = $ts[0]. '...';
 				}
 
 				eval("\$tickets.=\"" . getTemplate("tickets/tickets_tickets") . "\";");
@@ -313,11 +315,20 @@ if ($page == 'overview') {
 				if ($subticket->Get('by') == '1') {
 					$by = $lng['ticket']['staff'];
 				} else {
+					$cid = $subticket->Get('customer');
+					$usr_stmt = Database::prepare('
+						SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
+						FROM `' . TABLE_PANEL_CUSTOMERS . '`
+						WHERE `customerid` = :customerid '
+					);
+					$usr = Database::pexecute_first($usr_stmt, array("customerid" => $cid));
 					$by = getCorrectFullUserDetails($usr);
 				}
 
 				$subject = $subticket->Get('subject');
 				$message = $subticket->Get('message');
+				
+				$row2 = htmlentities_array($row2);
 				eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_list") . "\";");
 			}
 

index.php

@@ -118,16 +118,24 @@ if ($action == 'login') {
 		if ($userinfo['loginfail_count'] >= Settings::Get('login.maxloginattempts') && $userinfo['lastlogin_fail'] > (time() - Settings::Get('login.deactivatetime'))) {
 			redirectTo('index.php', array('showmessage' => '3'));
 			exit;
-		} elseif ($userinfo['password'] == md5($password)) {
-			// login correct
-			// reset loginfail_counter, set lastlogin_succ
-			$stmt = Database::prepare("UPDATE $table
-				SET `lastlogin_succ`= :lastlogin_succ, `loginfail_count`='0'
-				WHERE `$uid`= :uid"
-			);
-			Database::pexecute($stmt, array("lastlogin_succ" => time(), "uid" => $userinfo[$uid]));
-			$userinfo['userid'] = $userinfo[$uid];
-			$userinfo['adminsession'] = $adminsession;
+		} elseif (validatePasswordLogin($userinfo, $password, $table, $uid)) {
+		    // only show "you're banned" if the login was successfull
+		    // because we don't want to publish that the user does exist
+		    if ($userinfo['deactivated']) {
+		        unset($userinfo);
+		        redirectTo('index.php', array('showmessage' => '5'));
+		        exit;
+		    } else {
+		        // login correct
+		        // reset loginfail_counter, set lastlogin_succ
+		        $stmt = Database::prepare("UPDATE $table
+		              SET `lastlogin_succ`= :lastlogin_succ, `loginfail_count`='0'
+		              WHERE `$uid`= :uid"
+		        );
+		        Database::pexecute($stmt, array("lastlogin_succ" => time(), "uid" => $userinfo[$uid]));
+		        $userinfo['userid'] = $userinfo[$uid];
+		        $userinfo['adminsession'] = $adminsession;
+		    }
 		} else {
 			// login incorrect
 			$stmt = Database::prepare("UPDATE $table
@@ -269,6 +277,9 @@ if ($action == 'login') {
 		case 7:
 			$message = $lng['pwdreminder']['wrongcode'];
 			break;
+		case 8:
+		    $message = $lng['pwdreminder']['notallowed'];
+		    break;
 		}
 
 		$update_in_progress = '';
@@ -280,10 +291,14 @@ if ($action == 'login') {
 		$lastscript = "";
 		if (isset($_REQUEST['script']) && $_REQUEST['script'] != "") {
 			$lastscript = $_REQUEST['script'];
+
+			if (!file_exists(__DIR__."/".$lastscript)) {
+				$lastscript = "";
+			}
 		}
 		$lastqrystr = "";
 		if (isset($_REQUEST['qrystr']) && $_REQUEST['qrystr'] != "") {
-			$lastqrystr = $_REQUEST['qrystr'];
+			$lastqrystr = strip_tags($_REQUEST['qrystr']);
 		}
 
 		eval("echo \"" . getTemplate('login') . "\";");
@@ -322,8 +337,8 @@ if ($action == 'forgotpwd') {
 
 			/* Check whether user is banned */
 			if ($user['deactivated']) {
-				$message = $lng['pwdreminder']['notallowed'];
-				redirectTo('index.php', array('showmessage' => '5'));
+				redirectTo('index.php', array('showmessage' => '8'));
+				exit;
 			}
 
 			if (($adminchecked && Settings::Get('panel.allow_preset_admin') == '1') || $adminchecked == false) {
@@ -362,20 +377,27 @@ if ($action == 'forgotpwd') {
 					$rstlog->logAction(USR_ACTION, LOG_WARNING, "User '" . $user['loginname'] . "' requested a link for setting a new password.");
 
 					// Set together our activation link
-					$protocol = empty( $_SERVER['HTTPS'] ) ? 'http' : 'https';				
-					$host = $_SERVER['HTTP_HOST'];
+					$protocol = empty( $_SERVER['HTTPS'] ) ? 'http' : 'https';
+					// this can be a fixed value to avoid potential exploiting by modifying headers
+					$host = Settings::Get('system.hostname'); // $_SERVER['HTTP_HOST'];
 					$port = $_SERVER['SERVER_PORT'] != 80 ? ':' . $_SERVER['SERVER_PORT'] : '';
-					$script = $_SERVER['SCRIPT_NAME'];
+					// don't add :443 when https is used, as it is default (and just looks weird!)
+					if ($protocol == 'https' && $_SERVER['SERVER_PORT'] == '443') {
+						$port = '';
+					}
+					// there can be only one script to handle this so we can use a fixed value here
+					$script = "/index.php"; // $_SERVER['SCRIPT_NAME'];
+					if (Settings::Get('system.froxlordirectlyviahostname') == 0) {
+						$script = makeCorrectFile("/".basename(__DIR__)."/".$script);
+					}
 					$activationlink = $protocol . '://' . $host . $port . $script . '?action=resetpwd&resetcode=' . $activationcode;
 
 					$replace_arr = array(
 						'SALUTATION' => getCorrectUserSalutation($user),
-						'USERNAME' => $user['loginname'],
+						'USERNAME' => $loginname,
 						'LINK' => $activationlink
 					);
 
-					$body = strtr($lng['pwdreminder']['body'], array('%s' => $user['firstname'] . ' ' . $user['name'], '%a' => $activationlink));
-
 					$def_language = ($user['def_language'] != '') ? $user['def_language'] : Settings::Get('panel.standardlanguage');
 					$result_stmt = Database::prepare('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
 						WHERE `adminid`= :adminid
@@ -385,7 +407,7 @@ if ($action == 'forgotpwd') {
 					);
 					Database::pexecute($result_stmt, array("adminid" => $user['adminid'], "lang" => $def_language));
 					$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-					$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['pwdreminder']['subject']), $replace_arr));
+					$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['password_reset']['subject']), $replace_arr));
 
 					$result_stmt = Database::prepare('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
 						WHERE `adminid`= :adminid
@@ -395,14 +417,14 @@ if ($action == 'forgotpwd') {
 					);
 					Database::pexecute($result_stmt, array("adminid" => $user['adminid'], "lang" => $def_language));
 					$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-					$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $body), $replace_arr));
+					$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['password_reset']['mailbody']), $replace_arr));
 
 					$_mailerror = false;
 					try {
 						$mail->Subject = $mail_subject;
 						$mail->AltBody = $mail_body;
 						$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
-						$mail->AddAddress($user['email'], $user['firstname'] . ' ' . $user['name']);
+						$mail->AddAddress($user['email'], getCorrectUserSalutation($user));
 						$mail->Send();
 					} catch(phpmailerException $e) {
 						$mailerr_msg = $e->errorMessage();
@@ -500,7 +522,7 @@ if ($action == 'resetpwd') {
 								WHERE `customerid` = :userid"
 							);
 						}
-						Database::pexecute($stmt, array("newpassword" => md5($new_password), "userid" => $result['userid']));
+						Database::pexecute($stmt, array("newpassword" => makeCryptPassword($new_password), "userid" => $result['userid']));
 
 						$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'));
 						$rstlog->logAction(USR_ACTION, LOG_NOTICE, "changed password using password reset.");

install/froxlor.sql

@@ -91,7 +91,7 @@ DROP TABLE IF EXISTS `panel_admins`;
 CREATE TABLE `panel_admins` (
   `adminid` int(11) unsigned NOT NULL auto_increment,
   `loginname` varchar(50) NOT NULL default '',
-  `password` varchar(50) NOT NULL default '',
+  `password` varchar(255) NOT NULL default '',
   `name` varchar(255) NOT NULL default '',
   `email` varchar(255) NOT NULL default '',
   `def_language` varchar(255) NOT NULL default '',
@@ -131,6 +131,8 @@ CREATE TABLE `panel_admins` (
   `loginfail_count` int(11) unsigned NOT NULL default '0',
   `reportsent` tinyint(4) unsigned NOT NULL default '0',
   `theme` varchar(255) NOT NULL default 'Sparkle',
+  `custom_notes` text,
+  `custom_notes_show` tinyint(1) NOT NULL default '0',
    PRIMARY KEY  (`adminid`),
    UNIQUE KEY `loginname` (`loginname`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -141,7 +143,7 @@ DROP TABLE IF EXISTS `panel_customers`;
 CREATE TABLE `panel_customers` (
   `customerid` int(11) unsigned NOT NULL auto_increment,
   `loginname` varchar(50) NOT NULL default '',
-  `password` varchar(50) NOT NULL default '',
+  `password` varchar(255) NOT NULL default '',
   `adminid` int(11) unsigned NOT NULL default '0',
   `name` varchar(255) NOT NULL default '',
   `firstname` varchar(255) NOT NULL default '',
@@ -190,6 +192,8 @@ CREATE TABLE `panel_customers` (
   `imap` tinyint(1) NOT NULL default '1',
   `perlenabled` tinyint(1) NOT NULL default '0',
   `theme` varchar(255) NOT NULL default 'Sparkle',
+  `custom_notes` text,
+  `custom_notes_show` tinyint(1) NOT NULL default '0',
    PRIMARY KEY  (`customerid`),
    UNIQUE KEY `loginname` (`loginname`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -217,7 +221,6 @@ CREATE TABLE `panel_domains` (
   `customerid` int(11) unsigned NOT NULL default '0',
   `aliasdomain` int(11) unsigned NULL,
   `documentroot` varchar(255) NOT NULL default '',
-  `ipandport` int(11) unsigned NOT NULL default '1',
   `isbinddomain` tinyint(1) NOT NULL default '0',
   `isemaildomain` tinyint(1) NOT NULL default '0',
   `email_only` tinyint(1) NOT NULL default '0',
@@ -227,17 +230,15 @@ CREATE TABLE `panel_domains` (
   `zonefile` varchar(255) NOT NULL default '',
   `dkim` tinyint(1) NOT NULL default '0',
   `dkim_id` int(11) unsigned NOT NULL default '0',
-  `dkim_privkey` text NOT NULL default '',
-  `dkim_pubkey` text NOT NULL default '',
+  `dkim_privkey` text,
+  `dkim_pubkey` text,
   `wwwserveralias` tinyint(1) NOT NULL default '1',
   `parentdomainid` int(11) unsigned NOT NULL default '0',
   `openbasedir` tinyint(1) NOT NULL default '0',
   `openbasedir_path` tinyint(1) NOT NULL default '0',
   `speciallogfile` tinyint(1) NOT NULL default '0',
-  `ssl` tinyint(4) NOT NULL default '0',
   `ssl_redirect` tinyint(4) NOT NULL default '0',
-  `ssl_ipandport` tinyint(4) NOT NULL default '0',
-  `specialsettings` text NOT NULL,
+  `specialsettings` text,
   `deactivated` tinyint(1) NOT NULL default '0',
   `bindserial` varchar(10) NOT NULL default '2000010100',
   `add_date` int( 11 ) NOT NULL default '0',
@@ -263,12 +264,12 @@ CREATE TABLE `panel_ipsandports` (
   `namevirtualhost_statement` tinyint(1) NOT NULL default '0',
   `vhostcontainer` tinyint(1) NOT NULL default '0',
   `vhostcontainer_servername_statement` tinyint(1) NOT NULL default '0',
-  `specialsettings` text NOT NULL default '',
+  `specialsettings` text,
   `ssl` tinyint(4) NOT NULL default '0',
   `ssl_cert_file` varchar(255) NOT NULL,
   `ssl_key_file` varchar(255) NOT NULL,
   `ssl_ca_file` varchar(255) NOT NULL,
-  `default_vhostconf_domain` text NOT NULL,
+  `default_vhostconf_domain` text,
   `ssl_cert_chainfile` varchar(255) NOT NULL,
   `docroot` varchar(255) NOT NULL default '',
   PRIMARY KEY  (`id`)
@@ -341,6 +342,8 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('customer', 'ftpprefix', 'ftp'),
 	('customer', 'mysqlprefix', 'sql'),
 	('customer', 'ftpatdomain', '0'),
+	('customer', 'show_news_feed', '0'),
+	('customer', 'news_feed_url', ''),
 	('ticket', 'noreply_email', 'NO-REPLY@SERVERNAME'),
 	('ticket', 'worktime_all', '1'),
 	('ticket', 'worktime_begin', '00:00'),
@@ -405,6 +408,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('phpfpm', 'defaultini', '1'),
 	('phpfpm', 'vhost_defaultini', '2'),
 	('phpfpm', 'fastcgi_ipcdir', '/var/lib/apache2/fastcgi/'),
+	('phpfpm', 'use_mod_proxy', '0'),
 	('nginx', 'fastcgiparams', '/etc/nginx/fastcgi_params'),
 	('system', 'lastaccountnumber', '0'),
 	('system', 'lastguid', '9999'),
@@ -488,7 +492,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'phpreload_command', ''),
 	('system', 'apache24', '0'),
 	('system', 'documentroot_use_default_value', '0'),
-	('system', 'passwordcryptfunc', '1'),
+	('system', 'passwordcryptfunc', '3'),
 	('system', 'axfrservers', ''),
 	('system', 'customer_ssl_path', '/etc/ssl/froxlor-custom/'),
 	('system', 'allow_error_report_admin', '1'),
@@ -502,6 +506,8 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'crondreload', '/etc/init.d/cron reload'),
 	('system', 'croncmdline', '/usr/bin/nice -n 5 /usr/bin/php5 -q'),
 	('system', 'cron_allowautoupdate', '0'),
+	('system', 'dns_createhostnameentry', '0'),
+	('system', 'send_cron_errors', '0'),
 	('panel', 'decimal_places', '4'),
 	('panel', 'adminmail', 'admin@SERVERNAME'),
 	('panel', 'phpmyadmin_url', ''),
@@ -524,19 +530,22 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('panel', 'allow_preset', '1'),
 	('panel', 'allow_preset_admin', '0'),
 	('panel', 'password_regex', ''),
-	('panel', 'use_webfonts', '0'),
-	('panel', 'webfont', 'Numans'),
 	('panel', 'phpconfigs_hidestdsubdomain', '0'),
 	('panel', 'allow_theme_change_admin', '1'),
 	('panel', 'allow_theme_change_customer', '1'),
-	('panel', 'version', '0.9.32-rc2');
+	('panel', 'password_alpha_lower', '1'),
+	('panel', 'password_alpha_upper', '1'),
+	('panel', 'password_numeric', '0'),
+	('panel', 'password_special_char_required', '0'),
+	('panel', 'password_special_char', '!?<>§$%+#=@'),
+	('panel', 'version', '0.9.33.2');
 
 
 DROP TABLE IF EXISTS `panel_tasks`;
 CREATE TABLE `panel_tasks` (
   `id` int(11) unsigned NOT NULL auto_increment,
   `type` int(11) NOT NULL default '0',
-  `data` text NOT NULL default '',
+  `data` text NOT NULL,
   PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
 
@@ -642,20 +651,10 @@ INSERT INTO `panel_languages` (`id`, `language`, `iso`, `file`) VALUES
     (1, 'Deutsch', 'de', 'lng/german.lng.php'),
     (2, 'English', 'en', 'lng/english.lng.php'),
     (3, 'Français', 'fr', 'lng/french.lng.php'),
-    (4, 'Chinese', 'zh', 'lng/zh-cn.lng.php'),
-    (5, 'Catalan', 'ca', 'lng/catalan.lng.php'),
-    (6, 'Espa&ntilde;ol', 'es', 'lng/spanish.lng.php'),
-    (7, 'Portugu&ecirc;s', 'pt', 'lng/portugues.lng.php'),
-    (8, 'Russian', 'ru', 'lng/russian.lng.php'),
-    (9, 'Danish', 'da', 'lng/danish.lng.php'),
-    (10, 'Italian', 'it', 'lng/italian.lng.php'),
-    (11, 'Bulgarian', 'bg', 'lng/bulgarian.lng.php'),
-    (12, 'Slovak', 'sk', 'lng/slovak.lng.php'),
-    (13, 'Dutch', 'nl', 'lng/dutch.lng.php'),
-    (14, 'Hungarian', 'hu', 'lng/hungarian.lng.php'),
-    (15, 'Swedish', 'sv', 'lng/swedish.lng.php'),
-    (16, 'Czech', 'cz', 'lng/czech.lng.php'),
-    (17, 'Polski', 'pl', 'lng/polish.lng.php');
+    (4, 'Portugu&ecirc;s', 'pt', 'lng/portugues.lng.php'),
+    (5, 'Italian', 'it', 'lng/italian.lng.php'),
+    (6, 'Dutch', 'nl', 'lng/dutch.lng.php'),
+    (7, 'Swedish', 'sv', 'lng/swedish.lng.php');
 
 
 
@@ -723,8 +722,8 @@ CREATE TABLE `panel_phpconfigs` (
 
 
 INSERT INTO `panel_phpconfigs` (`id`, `description`, `binary`, `file_extensions`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`, `phpsettings`) VALUES
-(1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n'),
-(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\nnoutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n');
+(1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\n'),
+(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\nnoutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\n');
 
 
 DROP TABLE IF EXISTS `cronjobs_run`;
@@ -819,8 +818,8 @@ CREATE TABLE IF NOT EXISTS `domain_ssl_settings` (
   `domainid` int(11) NOT NULL,
   `ssl_cert_file` text NOT NULL,
   `ssl_key_file` text NOT NULL,
-  `ssl_ca_file` text NOT NULL,
-  `ssl_cert_chainfile` text NOT NULL,
+  `ssl_ca_file` text,
+  `ssl_cert_chainfile` text,
   PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
 

install/lib/class.FroxlorInstall.php

@@ -65,7 +65,8 @@ class FroxlorInstall {
 	 */
 	private $_languages = array(
 			'german' => 'Deutsch',
-			'english' => 'English'
+			'english' => 'English',
+			'french' => 'Français'
 	);
 
 	/**
@@ -371,7 +372,8 @@ class FroxlorInstall {
 		$content .= $this->_status_message('begin', $this->_lng['install']['adding_admin_user']);
 		$ins_data = array(
 				'loginname' => $this->_data['admin_user'],
-				'password' => md5($this->_data['admin_pass1']),
+				/* use SHA256 default crypt */
+				'password' => crypt($this->_data['admin_pass1'], '$5$'. md5(uniqid(microtime(), 1)) . md5(uniqid(microtime(), 1))),
 				'email' => 'admin@' . $this->_data['servername'],
 				'deflang' => $this->_languages[$this->_activelng]
 		);
@@ -478,6 +480,9 @@ class FroxlorInstall {
 		$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_used_tickets_reset.php';");
 		$db->query("UPDATE `".TABLE_PANEL_CRONRUNS."` SET `lastrun` = '".$ts."' WHERE `cronfile` ='cron_ticketarchive.php';");
 
+		// insert task 99 to generate a correct cron.d-file automatically
+		$db->query("INSERT INTO `".TABLE_PANEL_TASKS."` SET `type` = '99';");
+
 		$content .= $this->_status_message('green', 'OK');
 
 		return $content;
@@ -563,7 +568,7 @@ class FroxlorInstall {
 
 		// we have to create a new user and database for the froxlor unprivileged mysql access
 		$content .= $this->_status_message('begin', $this->_lng['install']['create_mysqluser_and_db']);
-		$ins_stmt = $db_root->prepare("CREATE DATABASE `".str_replace('`', '', $this->_data['mysql_database'])."`");
+		$ins_stmt = $db_root->prepare("CREATE DATABASE `".str_replace('`', '', $this->_data['mysql_database'])."` CHARACTER SET=utf8 COLLATE=utf8_general_ci");
 		$ins_stmt->execute();
 
 		$mysql_access_host_array = array_map('trim', explode(',', $this->_data['mysql_access_host']));
@@ -688,25 +693,25 @@ class FroxlorInstall {
 		$formdata .= $this->_getSectionItemString('mysql_database', true);
 		// unpriv-user has to be different from root
 		if ($this->_data['mysql_unpriv_user'] == $this->_data['mysql_root_user']) {
-			$style = 'color:blue;';
+			$style = 'blue';
 		} else { $style = '';
 		}
 		$formdata .= $this->_getSectionItemString('mysql_unpriv_user', true, $style);
 		// is we posted and no password was given -> red
 		if (!empty($_POST['installstep']) && $this->_data['mysql_unpriv_pass'] == '') {
-			$style = 'color:red;';
+			$style = 'red';
 		} else { $style = '';
 		}
 		$formdata .= $this->_getSectionItemString('mysql_unpriv_pass', true, $style, 'password');
 		// unpriv-user has to be different from root
 		if ($this->_data['mysql_unpriv_user'] == $this->_data['mysql_root_user']) {
-			$style = 'color:blue;';
+			$style = 'blue';
 		} else { $style = '';
 		}
 		$formdata .= $this->_getSectionItemString('mysql_root_user', true, $style);
 		// is we posted and no password was given -> red
 		if (!empty($_POST['installstep']) && $this->_data['mysql_root_pass'] == '') {
-			$style = 'color:red;';
+			$style = 'red';
 		} else { $style = '';
 		}
 		$formdata .= $this->_getSectionItemString('mysql_root_pass', true, $style, 'password');
@@ -846,14 +851,16 @@ class FroxlorInstall {
 			$content .= $this->_status_message('green', PHP_VERSION);
 		}
 
-		// Check if magic_quotes_runtime is active
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpmagic_quotes_runtime']);
-		if (get_magic_quotes_runtime()) {
-			// deactivate it
-			set_magic_quotes_runtime(false);
-			$content .= $this->_status_message('orange', $this->_lng['requirements']['not_true'] . "<br />". $this->_lng['requirements']['phpmagic_quotes_runtime_description']);
-		} else {
-			$content .= $this->_status_message('green', 'off');
+		// Check if magic_quotes_runtime is active | get_magic_quotes_runtime() is always FALSE since 5.4
+		if (version_compare(PHP_VERSION, "5.4.0", "<")) {
+			$content .= $this->_status_message('begin', $this->_lng['requirements']['phpmagic_quotes_runtime']);
+			if (get_magic_quotes_runtime()) {
+				// deactivate it
+				set_magic_quotes_runtime(false);
+				$content .= $this->_status_message('orange', $this->_lng['requirements']['not_true'] . "<br />". $this->_lng['requirements']['phpmagic_quotes_runtime_description']);
+			} else {
+				$content .= $this->_status_message('green', 'off');
+			}
 		}
 
 		// check for php_pdo and pdo_mysql
@@ -976,6 +983,7 @@ class FroxlorInstall {
 			) {
 				// use sparkle theme for the notice
 				$installed_hint = file_get_contents($this->_basepath.'/templates/Sparkle/misc/alreadyinstalledhint.tpl');
+				$installed_hint = str_replace("<CURRENT_YEAR>", date('Y', time()), $installed_hint);
 				die($installed_hint);
 			}
 		}
@@ -1057,9 +1065,9 @@ class FroxlorInstall {
 	 */
 	private function _status_message($case, $text) {
 		if ($case == 'begin') {
-			return '<tr><td style="width: 250px;">'.$text;
+			return '<tr><td class="install-step">'.$text;
 		} else {
-			return '</td><td><span style="color:'.$case.';">'.$text.'</span></td></tr>';
+			return '</td><td><span class="'.$case.'">'.$text.'</span></td></tr>';
 		}
 	}
 

install/lng/french.lng.php

@@ -0,0 +1,88 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Language
+ *
+ */
+
+$lng['requirements']['title'] = 'Vérification des prérequis système...';
+$lng['requirements']['installed'] = 'installé';
+$lng['requirements']['not_true'] = 'non';
+$lng['requirements']['notfound'] = 'introuvable';
+$lng['requirements']['notinstalled'] = 'non installé';
+$lng['requirements']['activated'] = 'activé';
+$lng['requirements']['phpversion'] = 'PHP version >= 5.3';
+$lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime...';
+$lng['requirements']['phpmagic_quotes_runtime_description'] = 'Le réglage PHP "magic_quotes_runtime" doit être positionné à "Off". Nous l\'avons désactivé temporairement pour l\'instant; merci de corriger le php.ini correspondant.';
+$lng['requirements']['phppdo'] = 'extension PHP PDO et pilote PDO-MySQL ...';
+$lng['requirements']['phpxml'] = 'extension PHP XML...';
+$lng['requirements']['phpfilter'] = 'extension PHP filter ...';
+$lng['requirements']['phpposix'] = 'extension PHP posix ...';
+$lng['requirements']['phpbcmath'] = 'extension PHP bcmath ...';
+$lng['requirements']['phpcurl'] = 'extension PHP curl...';
+$lng['requirements']['bcmathdescription'] = 'Les fonctions de calcul de traffic ne fonctionneront pas correctement!';
+$lng['requirements']['curldescription'] = 'Les vérifications de version et les flux d\'information peuvent ne pas fonctionner correctement!';
+$lng['requirements']['openbasedir'] = 'open_basedir...';
+$lng['requirements']['openbasedirenabled'] = 'Froxlor ne fonctionnera pas correctement avec open_basedir activé. Merci de désactiver open_basedir pour Froxlor dans le php.ini correspondant';
+$lng['requirements']['diedbecauseofrequirements'] = 'Impossible d\'installer Froxlor sans ces prérequis! Essayez de les corriger et essayez à nouveau.';
+$lng['requirements']['froxlor_succ_checks'] = 'Tous les prérequis sont vérifiés';
+
+$lng['install']['lngtitle'] = 'Installation de Froxlor - choisisez la langue';
+$lng['install']['language'] = 'Langue d\'installation';
+$lng['install']['lngbtn_go'] = 'Changer la langue';
+$lng['install']['title'] = 'Installation de Froxlor - paramètrage';
+$lng['install']['welcometext'] = 'Merci d\'avoir choisi Froxlor. Merci de remplir les champs suivant avec les informations nécessaires pour démarrer l\'installation.<br /><b>Attention:</b> Si la base de données que vous choisissez existe déjà sur votre système, elle sera écrasée ainsi que les données contenues!';
+$lng['install']['database'] = 'Connexion à la base de données';
+$lng['install']['mysql_host'] = 'Nom d\'hôte MySQL';
+$lng['install']['mysql_database'] = 'Nom de la base de données';
+$lng['install']['mysql_unpriv_user'] = 'Nom d\'utilisateur pour le compte non priviligié MySQL';
+$lng['install']['mysql_unpriv_pass'] = 'Mot de passe pour le compte non priviligié MySQL';
+$lng['install']['mysql_root_user'] = 'Nom d\'utilisateur pour le compte MySQL root';
+$lng['install']['mysql_root_pass'] = 'Mot de passe pour le compte MySQL root';
+$lng['install']['admin_account'] = 'Compte administrateur';
+$lng['install']['admin_user'] = 'Nom d\'utilisateur administrateur';
+$lng['install']['admin_pass1'] = 'Mot de passe administrateur';
+$lng['install']['admin_pass2'] = 'Mot de passe administrateur (confirmez)';
+$lng['install']['serversettings'] = 'Réglages serveur';
+$lng['install']['servername'] = 'Nom du serveur (FQDN, pas d\'adresse IP)';
+$lng['install']['serverip'] = 'Adresse IP du serveur';
+$lng['install']['webserver'] = 'Serveur Web';
+$lng['install']['apache2'] = 'Apache 2';
+$lng['install']['lighttpd'] = 'LigHTTPd';
+$lng['install']['nginx'] = 'NGINX';
+$lng['install']['httpuser'] = 'Nom d\'utilisateur HTTP';
+$lng['install']['httpgroup'] = 'Nom de groupe HTTP';
+
+$lng['install']['testing_mysql'] = 'Vérification de l\'accès root MySQL...';
+$lng['install']['testing_mysql_fail'] = 'Il semble y avoir un problème avec la connexion à la base de données. Impossible de continuer. Merci de revenir en arrière et de vérifier les informations d\'identification.';
+$lng['install']['backup_old_db'] = 'Création des sauvegardes de l\'ancienne base de données...';
+$lng['install']['backup_binary_missing'] = 'Impossible de trouver mysqldump';
+$lng['install']['backup_failed'] = 'Impossible de sauvegarde la base de données';
+$lng['install']['prepare_db'] = 'Préparation de la base de données...';
+$lng['install']['create_mysqluser_and_db'] = 'Création de la base de données et l\'utilisateur...';
+$lng['install']['testing_new_db'] = 'Teste si la base de données et l\'utilisateur ont été créés correctement...';
+$lng['install']['importing_data'] = 'Import des données...';
+$lng['install']['changing_data'] = 'Ajustement des paramètres...';
+$lng['install']['creating_entries'] = 'Insertion des nouvelles valeurs...';
+$lng['install']['adding_admin_user'] = 'Création du compte administrateur...';
+$lng['install']['creating_configfile'] = 'Création du fichier de configuration...';
+$lng['install']['creating_configfile_temp'] = 'Le fichier a été enregistré dans /tmp/userdata.inc.php, merci de le déplacer dans lib/.';
+$lng['install']['creating_configfile_failed'] = 'Impossible de créer lib/userdata.inc.php, merci de le créer manuellement avec le contenu suivant:';
+$lng['install']['froxlor_succ_installed'] = 'Froxlor a été installé avec succès.';
+
+$lng['click_here_to_refresh'] = 'Cliquez ici pour vérifier à nouveau';
+$lng['click_here_to_goback'] = 'Cliquez ici pour revenir';
+$lng['click_here_to_continue'] = 'Cliquez ici pour continuer';
+$lng['click_here_to_login'] = 'Cliquez ici pour vous connecter.';

install/scripts/language-check.php

@@ -27,13 +27,16 @@ if(@php_sapi_name() != 'cli'
 }
 
 // Check argument count
+/*
 if (sizeof($argv) != 2) {
 	print_help($argv);
 	exit;
 }
+*/
 
 // Load the contents of the given path
 $path = $argv[1];
+$_f = isset($argv[2]) ? $argv[2] : null;
 $files = array();
 
 if ($dh = opendir($path)) {
@@ -43,7 +46,9 @@ if ($dh = opendir($path)) {
 		   && !is_dir($file)
 		   && preg_match('/(.+)\.lng\.php/i', $file)
 		) {
-			$files[$file] = str_replace('//', '/', $path . '/' . $file);
+			if (is_null($_f) || (!is_null($_f) && ($file == $_f || $file == $baseLanguage))) {
+				$files[$file] = str_replace('//', '/', $path . '/' . $file);
+			}
 		}
 	}
 

install/templates/assets/css/install.css

@@ -1,5 +1,4 @@
 @charset "UTF-8";
-
 /* RESET */
 html,body,div,ul,ol,li,dl,dt,dd,h1,h2,h3,h4,h5,h6,pre,form,p,blockquote,fieldset,input { margin:0; padding:0; }
 h1,h2,h3,h4,h5,h6,pre,code,address,caption,cite,code,em,strong,th { font-size:1em; font-weight:400; font-style:normal; }
@@ -11,10 +10,10 @@ article,aside,details,figcaption,figure,footer,header,hgroup,menu,nav,section {
 
 /* TYPE */
 html,body {
-	font:12px/18px Helvetica,Arial,Verdana,sans-serif;
-	background-color:#f2f2f2;
-	color:#333;
-	-webkit-font-smoothing: antialiased;
+	font:12px/18px 'Lucida Grande','Lucida Sans Unicode',Helvetica,Arial,Verdana,sans-serif;
+	background-color: #f5f5f5;
+	color:#444;
+	-webkit-font-smoothing: subpixel-antialiased;
 }
 
 body {
@@ -557,3 +556,12 @@ select.dropdown {
 	background-color: #35aa47;
 	height:5px;
 }
+
+.red { color: #ff0000; }
+.green { color: green; }
+.orange { color: orange; }
+.blue { color: blue; }
+.install-block { width: 65%; }
+.install-step { width: 250px; }
+.install-h3 { text-align: center; }
+.install-text { margin: 20px 20px 0 !important; }

install/templates/dataform.tpl

@@ -1,4 +1,4 @@
-		<p style="margin: 20px 20px 0 !important">{$this->_lng['install']['title']}</p>
+		<p class="install-text">{$this->_lng['install']['title']}</p>
 		<form action="{$formaction}" method="get">
 			<fieldset>
 				{$formdata}

install/templates/dataform2.tpl

@@ -1,4 +1,4 @@
-		<p style="margin: 20px 20px 0 !important">{$this->_lng['install']['welcometext']}</p>
+		<p class="install-text">{$this->_lng['install']['welcometext']}</p>
 		<form action="{$formaction}" method="post">
 			<hr class="line">
 			<fieldset>

install/templates/dataitem.tpl

@@ -1,4 +1,4 @@
 <p>
-	<label for="{$fieldname}" style="width:65%;{$style}">{$fieldlabel}:</label>&nbsp;
+	<label for="{$fieldname}" class="install-block {$style}">{$fieldlabel}:</label>&nbsp;
 	<input type="{$type}" name="{$fieldname}" id="{$fieldname}" value="{$fieldvalue}" {$required} />
 </p>

install/templates/dataitemchk.tpl

@@ -1,4 +1,4 @@
 <p>
-	<label for="{$fieldname}" style="width:65%;{$style}">{$this->_lng['install']['webserver']} {$fieldlabel}:</label>
+	<label for="{$fieldname}" class="install-block {$style}">{$this->_lng['install']['webserver']} {$fieldlabel}:</label>
 	<input type="radio" name="webserver" id="{$fieldname}" value="{$fieldname}" {$checked} /><span>{$fieldlabel}<span>
 </p>

install/templates/header.tpl

@@ -3,16 +3,11 @@
 <head>
 	<meta charset="utf-8" />
 	<meta http-equiv="Default-Style" content="text/css" />
-	<!--[if lt IE 9]><script src="../js/html5shiv.js"></script><![endif]-->
+	<!--[if lt IE 9]><script src="../js/html5shiv.min.js"></script><![endif]-->
 	<link href="templates/assets/css/install.css" rel="stylesheet" type="text/css" />
 	<!--[if IE]><link rel="stylesheet" href="../templates/{$theme}/css/main_ie.css" type="text/css" /><![endif]-->
 	<link href="templates/assets/img/favicon.ico" rel="icon" type="image/x-icon" />
 	<title>Froxlor Server Management Panel - Installation</title>
-	<style type="text/css">
-	body {
-        font-family: Verdana, Geneva, sans-serif;
-	}
-	</style>
 </head>
 <body>
 	<div class="installsec">

install/templates/pagebottom.tpl

@@ -1,4 +1,4 @@
-<h3 style="color:{$msgcolor};text-align: center">{$message}</h3>
+<h3 class="install-h3 {$msgcolor}">{$message}</h3>
 <aside>
 	<a href="{$link}">{$linktext}</a>
 </aside>

install/updates/froxlor/0.9/update_0.9.inc.php

@@ -15,6 +15,15 @@
  *
  */
 
+if (!defined('AREA')
+		|| (defined('AREA') && AREA != 'admin')
+		|| !isset($userinfo['loginname'])
+		|| (isset($userinfo['loginname']) && $userinfo['loginname'] == '')
+) {
+	header('Location: ../../../../index.php');
+	exit;
+}
+
 if (isFroxlorVersion('0.9-r0')) {
 
 	showUpdateStep("Updating from 0.9-r0 to 0.9-r1", false);
@@ -714,7 +723,7 @@ if (isFroxlorVersion('0.9.7-svn1')) {
 	showUpdateStep("Updating open_basedir due to security - issue");
 	$result = Database::query("SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `documentroot` LIKE '%:%' AND `documentroot` NOT LIKE 'http://%' AND `openbasedir_path` = '0' AND `openbasedir` = '1'");
 	while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
-		Database::query("UPDATE `".TABLE_PANEL_DOMAINS."` SET `openbasedir_path` = '1' WHERE `id` = '" . (int)$row['id'])."'";
+		Database::query("UPDATE `".TABLE_PANEL_DOMAINS."` SET `openbasedir_path` = '1' WHERE `id` = '" . (int)$row['id']."'");
 	}
 	lastStepStatus(0);
 
@@ -2753,3 +2762,149 @@ if (isFroxlorVersion('0.9.32-rc1')) {
 
 	updateToVersion('0.9.32-rc2');
 }
+
+if (isFroxlorVersion('0.9.32-rc2')) {
+	showUpdateStep("Updating from 0.9.32-rc2 to 0.9.32-rc3", false);
+
+	showUpdateStep("Removing outdated languages");
+	Database::query("DELETE FROM `" . TABLE_PANEL_LANGUAGE . "` WHERE `iso` REGEXP '(bg|ca|cz|da|hu|pl|ru|sk|es|zh)';");
+	Database::query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `def_language` = 'English' WHERE `def_language` NOT REGEXP '(Dutch|English|Français|Deutsch|Italian|Portugu\ês|Swedish)';");
+	Database::query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `def_language` = 'English' WHERE `def_language` NOT REGEXP '(Dutch|English|Français|Deutsch|Italian|Português|Swedish)';");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.32-rc3');
+}
+
+if (isFroxlorVersion('0.9.32-rc3')) {
+	showUpdateStep("Updating from 0.9.32-rc3 to 0.9.32 final", false);
+	updateToVersion('0.9.32');
+}
+
+if (isFroxlorVersion('0.9.32')) {
+	showUpdateStep("Updating from 0.9.32 to 0.9.33-dev1", false);
+
+	showUpdateStep("Adding settings for custom newsfeed on customer-dashboard");
+	Settings::AddNew("customer.show_news_feed", isset($_POST['customer_show_news_feed']) ? (int)$_POST['customer_show_news_feed'] : '0');
+	Settings::AddNew("customer.news_feed_url", isset($_POST['customer_news_feed_url']) ? $_POST['customer_news_feed_url'] : '');
+	lastStepStatus(0);
+
+	updateToVersion('0.9.33-dev1');
+}
+
+if (isFroxlorVersion('0.9.33-dev1')) {
+	showUpdateStep("Updating from 0.9.33-dev1 to 0.9.33-dev2", false);
+
+	showUpdateStep("Adding settings for hostname-dns-entry");
+	Settings::AddNew("system.dns_createhostnameentry", isset($_POST['dns_createhostnameentry']) ? (int)$_POST['dns_createhostnameentry'] : '0');
+	lastStepStatus(0);
+
+	updateToVersion('0.9.33-dev2');
+}
+
+if (isFroxlorVersion('0.9.33-dev2')) {
+	showUpdateStep("Updating from 0.9.33-dev2 to 0.9.33-dev3", false);
+
+	showUpdateStep("Adding settings for password-generation options");
+	Settings::AddNew("panel.password_alpha_lower", '1');
+	Settings::AddNew("panel.password_alpha_upper", '1');
+	Settings::AddNew("panel.password_numeric", '0');
+	Settings::AddNew("panel.password_special_char_required", '0');
+	Settings::AddNew("panel.password_special_char", '!?<>§$%&+#=@');
+	lastStepStatus(0);
+
+	showUpdateStep("Adding settings for fpm-apache2.4-mod_proxy integration");
+	Settings::AddNew("phpfpm.use_mod_proxy", '0');
+	lastStepStatus(0);
+
+	updateToVersion('0.9.33-dev3');
+}
+
+if (isFroxlorVersion('0.9.33-dev3')) {
+	showUpdateStep("Updating from 0.9.33-dev3 to 0.9.33-rc1", false);
+
+	showUpdateStep("Updating database-scheme");
+	Database::query("ALTER TABLE `".TABLE_PANEL_DOMAINS."` MODIFY `dkim_privkey` text");
+	Database::query("ALTER TABLE `".TABLE_PANEL_DOMAINS."` MODIFY `dkim_pubkey` text");
+	Database::query("ALTER TABLE `".TABLE_PANEL_DOMAINS."` MODIFY `specialsettings` text");
+	Database::query("ALTER TABLE `".TABLE_PANEL_IPSANDPORTS."` MODIFY `specialsettings` text");
+	Database::query("ALTER TABLE `".TABLE_PANEL_IPSANDPORTS."` MODIFY `default_vhostconf_domain` text");
+	Database::query("ALTER TABLE `".TABLE_PANEL_DOMAIN_SSL_SETTINGS."` MODIFY `ssl_ca_file` text");
+	Database::query("ALTER TABLE `".TABLE_PANEL_DOMAIN_SSL_SETTINGS."` MODIFY `ssl_cert_chainfile` text");
+	lastStepStatus(0);
+
+	showUpdateStep("Removing old settings");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup`='panel' AND `varname` = 'use_webfonts';");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup`='panel' AND `varname` = 'webfont';");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding local froxlor group to customer groups");
+	if ((int)Settings::Get('system.mod_fcgid_ownvhost') == 1 || (int)Settings::Get('phpfpm.enabled_ownvhost') == 1) {
+		if ((int)Settings::Get('system.mod_fcgid') == 1) {
+			$local_user = Settings::Get('system.mod_fcgid_httpuser');
+		} else {
+			$local_user = Settings::Get('phpfpm.vhost_httpuser');
+		}
+		Database::query("UPDATE `".TABLE_FTP_GROUPS."` SET `members` = CONCAT(`members`, ',".$local_user."');");
+		lastStepStatus(0);
+	} else {
+		lastStepStatus(1, "not needed");
+	}
+
+	updateToVersion('0.9.33-rc1');
+}
+
+if (isFroxlorVersion('0.9.33-rc1')) {
+	showUpdateStep("Updating from 0.9.33-rc1 to 0.9.33-rc2", false);
+
+	showUpdateStep("Add new setting for sending cron-errors via mail");
+	$sendcronerrors = isset($_POST['system_send_cron_errors']) ? (int)$_POST['system_send_cron_errors'] : "0";
+	Settings::addNew('system.send_cron_errors', $sendcronerrors);
+	lastStepStatus(0);
+
+	showUpdateStep("Add new custom-notes field for admins and customer");
+	Database::query("ALTER TABLE `".TABLE_PANEL_ADMINS."` ADD `custom_notes` text AFTER `theme`");
+	Database::query("ALTER TABLE `".TABLE_PANEL_ADMINS."` ADD `custom_notes_show` tinyint(1) NOT NULL default '0' AFTER `custom_notes`");
+	Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` ADD `custom_notes` text AFTER `theme`");
+	Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` ADD `custom_notes_show` tinyint(1) NOT NULL default '0' AFTER `custom_notes`");
+	lastStepStatus(0);
+
+	// go from varchar(50) to varchar(255) because of some hashes that are longer than that
+	showUpdateStep("Updating table structure of admins and customers");
+	Database::query("ALTER TABLE `".TABLE_PANEL_ADMINS."` MODIFY `password` varchar(255) NOT NULL default ''");
+	Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` MODIFY `password` varchar(255) NOT NULL default ''");
+	lastStepStatus(0);
+
+	updateToVersion('0.9.33-rc2');
+}
+
+if (isFroxlorVersion('0.9.33-rc2')) {
+
+	showUpdateStep("Updating from 0.9.33-rc2 to 0.9.33-rc3");
+	lastStepStatus(0);
+	updateToVersion('0.9.33-rc3');
+
+}
+
+if (isFroxlorVersion('0.9.33-rc3')) {
+
+        showUpdateStep("Updating from 0.9.33-rc3 to 0.9.33 final");
+        lastStepStatus(0);
+        updateToVersion('0.9.33');
+
+}
+
+if (isFroxlorVersion('0.9.33')) {
+
+        showUpdateStep("Updating from 0.9.33 to 0.9.33.1");
+        lastStepStatus(0);
+        updateToVersion('0.9.33.1');
+
+}
+
+if (isFroxlorVersion('0.9.33.1')) {
+
+        showUpdateStep("Updating from 0.9.33.1 to 0.9.33.2");
+        lastStepStatus(0);
+        updateToVersion('0.9.33.2');
+
+}

install/updates/froxlor/upgrade_syscp.inc.php

@@ -15,6 +15,15 @@
  *
  */
 
+if (!defined('AREA')
+		|| (defined('AREA') && AREA != 'admin')
+		|| !isset($userinfo['loginname'])
+		|| (isset($userinfo['loginname']) && $userinfo['loginname'] == '')
+) {
+	header('Location: ../../../index.php');
+	exit;
+}
+
 $updateto = '0.9-r0';
 $frontend = 'froxlor';
 

install/updates/preconfig.php

@@ -28,7 +28,7 @@
 function getPreConfig($current_version)
 {
 	$has_preconfig = false;
-	$return = '<div class="preconfig"><h3 style="color:#ff0000;">PLEASE NOTE - Important update notifications</h3>';
+	$return = '<div class="preconfig"><h3 class="red">PLEASE NOTE - Important update notifications</h3>';
 
 	include_once makeCorrectFile(dirname(__FILE__).'/preconfig/0.9/preconfig_0.9.inc.php');
 	parseAndOutputPreconfig($has_preconfig, $return, $current_version);

install/updates/preconfig/0.9/preconfig_0.9.inc.php

@@ -440,7 +440,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version) {
 		$description = 'This version introduces a lot of profound changes:';
 		$description .= '<br /><ul><li>Improving the whole template system</li><li>Full UTF-8 support</li><li><strong>Removing support for the former default theme \'Classic\'</strong></li></ul>';
 		$description .= '<br /><br />Notice: This update will <strong>alter your Froxlor database to use UTF-8</strong> as default charset. ';
-		$description .= 'Even though this is already tested, we <span style="color:#ff0000;font-weight:bold;">strongly recommend</span> to ';
+		$description .= 'Even though this is already tested, we <span class="red">strongly recommend</span> to ';
 		$description .= 'test this update in a testing environment using your existing data.<br /><br />';
 
 		$question = '<strong>Select your preferred Classic Theme replacement:</strong>&nbsp;';
@@ -560,7 +560,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version) {
 		) {
 			$has_preconfig = true;
 			$description  = 'The PHP-FPM implementation for apache2 has changed. Please look for the "<b>fastcgi.conf</b>" (Debian/Ubuntu) or "<b>70_fastcgi.conf</b>" (Gentoo) within /etc/apache2/ and change it as shown below:<br /><br />';
-			$description .= '<pre style="width:500px;border:1px solid #ccc;padding:4px;">&lt;IfModule mod_fastcgi.c&gt;
+			$description .= '<pre class="code-block">&lt;IfModule mod_fastcgi.c&gt;
     FastCgiIpcDir /var/lib/apache2/fastcgi/
     &lt;Location "/fastcgiphp"&gt;
         Order Deny,Allow
@@ -658,4 +658,32 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version) {
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}
 
+	if (versionInUpdate($current_version, '0.9.33-dev1')) {
+		$has_preconfig = true;
+		$description  = 'You can enable/disable the display/usage of the custom newsfeed for customers.<br /><br />';
+		$question = '<strong>Do you want to enable the custom newsfeed for customer? (default: no):</strong>&nbsp;';
+		$question.= makeyesno('customer_show_news_feed', '1', '0', '0').'<br />';
+		$question.= '<strong>You have to set the URL for your RSS-feed here, if you have choosen to enable the custom newsfeed on the customer-dashboard:</strong>&nbsp;';
+		$question.= '<input type="text" class="text" name="customer_news_feed_url" value="" /><br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.33-dev2')) {
+		// only if bind is used - if not the default will be set, which is '0' (off)
+		if (Settings::get('system.bind_enable') == 1) {
+			$has_preconfig = true;
+			$description  = 'You can enable/disable the generation of the bind-zone / config for the system hostname.<br /><br />';
+			$question = '<strong>Do you want to generate a bind-zone for the system-hostname? (default: no):</strong>&nbsp;';
+			$question.= makeyesno('dns_createhostnameentry', '1', '0', '0').'<br />';
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		}
+	}
+
+	if (versionInUpdate($current_version, '0.9.33-rc2')) {
+		$has_preconfig = true;
+		$description  = 'You can chose whether you want to receive an e-mail on cronjob errors. Keep in mind that this can lead to an e-mail being sent every 5 minutes.<br /><br />';
+		$question = '<strong>Do you want to receive cron-errors via mail? (default: no):</strong>&nbsp;';
+		$question.= makeyesno('system_send_cron_errors', '1', '0', '0').'<br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
 }

install/updatesql.php

@@ -17,6 +17,15 @@
  *
  */
 
+if (!defined('AREA')
+	|| (defined('AREA') && AREA != 'admin')
+	|| !isset($userinfo['loginname'])
+	|| (isset($userinfo['loginname']) && $userinfo['loginname'] == '')
+) {
+	header('Location: ../index.php');
+	exit;
+}
+
 $updatelog = FroxlorLogger::getInstanceOf(array('loginname' => 'updater'));
 
 $updatelogfile = validateUpdateLogFile(makeCorrectFile(dirname(__FILE__).'/update.log'));

js/html5shiv.js

@@ -1,8 +0,0 @@
-/*
- HTML5 Shiv v3.7.0 | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed
-*/
-(function(l,f){function m(){var a=e.elements;return"string"==typeof a?a.split(" "):a}function i(a){var b=n[a[o]];b||(b={},h++,a[o]=h,n[h]=b);return b}function p(a,b,c){b||(b=f);if(g)return b.createElement(a);c||(c=i(b));b=c.cache[a]?c.cache[a].cloneNode():r.test(a)?(c.cache[a]=c.createElem(a)).cloneNode():c.createElem(a);return b.canHaveChildren&&!s.test(a)?c.frag.appendChild(b):b}function t(a,b){if(!b.cache)b.cache={},b.createElem=a.createElement,b.createFrag=a.createDocumentFragment,b.frag=b.createFrag();
-a.createElement=function(c){return!e.shivMethods?b.createElem(c):p(c,a,b)};a.createDocumentFragment=Function("h,f","return function(){var n=f.cloneNode(),c=n.createElement;h.shivMethods&&("+m().join().replace(/[\w\-]+/g,function(a){b.createElem(a);b.frag.createElement(a);return'c("'+a+'")'})+");return n}")(e,b.frag)}function q(a){a||(a=f);var b=i(a);if(e.shivCSS&&!j&&!b.hasCSS){var c,d=a;c=d.createElement("p");d=d.getElementsByTagName("head")[0]||d.documentElement;c.innerHTML="x<style>article,aside,dialog,figcaption,figure,footer,header,hgroup,main,nav,section{display:block}mark{background:#FF0;color:#000}template{display:none}</style>";
-c=d.insertBefore(c.lastChild,d.firstChild);b.hasCSS=!!c}g||t(a,b);return a}var k=l.html5||{},s=/^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i,r=/^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i,j,o="_html5shiv",h=0,n={},g;(function(){try{var a=f.createElement("a");a.innerHTML="<xyz></xyz>";j="hidden"in a;var b;if(!(b=1==a.childNodes.length)){f.createElement("a");var c=f.createDocumentFragment();b="undefined"==typeof c.cloneNode||
-"undefined"==typeof c.createDocumentFragment||"undefined"==typeof c.createElement}g=b}catch(d){g=j=!0}})();var e={elements:k.elements||"abbr article aside audio bdi canvas data datalist details dialog figcaption figure footer header hgroup main mark meter nav output progress section summary template time video",version:"3.7.0",shivCSS:!1!==k.shivCSS,supportsUnknownElements:g,shivMethods:!1!==k.shivMethods,type:"default",shivDocument:q,createElement:p,createDocumentFragment:function(a,b){a||(a=f);
-if(g)return a.createDocumentFragment();for(var b=b||i(a),c=b.frag.cloneNode(),d=0,e=m(),h=e.length;d<h;d++)c.createElement(e[d]);return c}};l.html5=e;q(f)})(this,document);

js/html5shiv.min.js

@@ -0,0 +1,4 @@
+/**
+* @preserve HTML5 Shiv 3.7.2 | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed
+*/
+!function(a,b){function c(a,b){var c=a.createElement("p"),d=a.getElementsByTagName("head")[0]||a.documentElement;return c.innerHTML="x<style>"+b+"</style>",d.insertBefore(c.lastChild,d.firstChild)}function d(){var a=t.elements;return"string"==typeof a?a.split(" "):a}function e(a,b){var c=t.elements;"string"!=typeof c&&(c=c.join(" ")),"string"!=typeof a&&(a=a.join(" ")),t.elements=c+" "+a,j(b)}function f(a){var b=s[a[q]];return b||(b={},r++,a[q]=r,s[r]=b),b}function g(a,c,d){if(c||(c=b),l)return c.createElement(a);d||(d=f(c));var e;return e=d.cache[a]?d.cache[a].cloneNode():p.test(a)?(d.cache[a]=d.createElem(a)).cloneNode():d.createElem(a),!e.canHaveChildren||o.test(a)||e.tagUrn?e:d.frag.appendChild(e)}function h(a,c){if(a||(a=b),l)return a.createDocumentFragment();c=c||f(a);for(var e=c.frag.cloneNode(),g=0,h=d(),i=h.length;i>g;g++)e.createElement(h[g]);return e}function i(a,b){b.cache||(b.cache={},b.createElem=a.createElement,b.createFrag=a.createDocumentFragment,b.frag=b.createFrag()),a.createElement=function(c){return t.shivMethods?g(c,a,b):b.createElem(c)},a.createDocumentFragment=Function("h,f","return function(){var n=f.cloneNode(),c=n.createElement;h.shivMethods&&("+d().join().replace(/[\w\-:]+/g,function(a){return b.createElem(a),b.frag.createElement(a),'c("'+a+'")'})+");return n}")(t,b.frag)}function j(a){a||(a=b);var d=f(a);return!t.shivCSS||k||d.hasCSS||(d.hasCSS=!!c(a,"article,aside,dialog,figcaption,figure,footer,header,hgroup,main,nav,section{display:block}mark{background:#FF0;color:#000}template{display:none}")),l||i(a,d),a}var k,l,m="3.7.2",n=a.html5||{},o=/^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i,p=/^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i,q="_html5shiv",r=0,s={};!function(){try{var a=b.createElement("a");a.innerHTML="<xyz></xyz>",k="hidden"in a,l=1==a.childNodes.length||function(){b.createElement("a");var a=b.createDocumentFragment();return"undefined"==typeof a.cloneNode||"undefined"==typeof a.createDocumentFragment||"undefined"==typeof a.createElement}()}catch(c){k=!0,l=!0}}();var t={elements:n.elements||"abbr article aside audio bdi canvas data datalist details dialog figcaption figure footer header hgroup main mark meter nav output picture progress section summary template time video",version:m,shivCSS:n.shivCSS!==!1,supportsUnknownElements:l,shivMethods:n.shivMethods!==!1,type:"default",shivDocument:j,createElement:g,createDocumentFragment:h,addElements:e};a.html5=t,j(b)}(this,document);

js/plugins/flot.resize.min.js

@@ -1 +0,0 @@
-(function($,t,n){function p(){for(var n=r.length-1;n>=0;n--){var o=$(r[n]);if(o[0]==t||o.is(":visible")){var h=o.width(),d=o.height(),v=o.data(a);!v||h===v.w&&d===v.h?i[f]=i[l]:(i[f]=i[c],o.trigger(u,[v.w=h,v.h=d]))}else v=o.data(a),v.w=0,v.h=0}s!==null&&(s=t.requestAnimationFrame(p))}var r=[],i=$.resize=$.extend($.resize,{}),s,o="setTimeout",u="resize",a=u+"-special-event",f="delay",l="pendingDelay",c="activeDelay",h="throttleWindow";i[l]=250,i[c]=20,i[f]=i[l],i[h]=!0,$.event.special[u]={setup:function(){if(!i[h]&&this[o])return!1;var t=$(this);r.push(this),t.data(a,{w:t.width(),h:t.height()}),r.length===1&&(s=n,p())},teardown:function(){if(!i[h]&&this[o])return!1;var t=$(this);for(var n=r.length-1;n>=0;n--)if(r[n]==this){r.splice(n,1);break}t.removeData(a),r.length||(cancelAnimationFrame(s),s=null)},add:function(t){function s(t,i,s){var o=$(this),u=o.data(a);u.w=i!==n?i:o.width(),u.h=s!==n?s:o.height(),r.apply(this,arguments)}if(!i[h]&&this[o])return!1;var r;if($.isFunction(t))return r=t,s;r=t.handler,t.handler=s}},t.requestAnimationFrame||(t.requestAnimationFrame=function(){return t.webkitRequestAnimationFrame||t.mozRequestAnimationFrame||t.oRequestAnimationFrame||t.msRequestAnimationFrame||function(e,n){return t.setTimeout(e,i[f])}}()),t.cancelAnimationFrame||(t.cancelAnimationFrame=function(){return t.webkitCancelRequestAnimationFrame||t.mozCancelRequestAnimationFrame||t.oCancelRequestAnimationFrame||t.msCancelRequestAnimationFrame||clearTimeout}())})(jQuery,this);(function($){var options={};function init(plot){function onResize(){var placeholder=plot.getPlaceholder();if(placeholder.width()==0||placeholder.height()==0)return;plot.resize();plot.setupGrid();plot.draw()}function bindEvents(plot,eventHolder){plot.getPlaceholder().resize(onResize)}function shutdown(plot,eventHolder){plot.getPlaceholder().unbind("resize",onResize)}plot.hooks.bindEvents.push(bindEvents);plot.hooks.shutdown.push(shutdown)}$.plot.plugins.push({init:init,options:options,name:"resize",version:"1.0"})})(jQuery);

js/plugins/jquery.flot.resize.min.js

@@ -0,0 +1,7 @@
+/* Javascript plotting library for jQuery, version 0.8.3.
+
+Copyright (c) 2007-2014 IOLA and Ole Laursen.
+Licensed under the MIT license.
+
+*/
+(function($,e,t){"$:nomunge";var i=[],n=$.resize=$.extend($.resize,{}),a,r=false,s="setTimeout",u="resize",m=u+"-special-event",o="pendingDelay",l="activeDelay",f="throttleWindow";n[o]=200;n[l]=20;n[f]=true;$.event.special[u]={setup:function(){if(!n[f]&&this[s]){return false}var e=$(this);i.push(this);e.data(m,{w:e.width(),h:e.height()});if(i.length===1){a=t;h()}},teardown:function(){if(!n[f]&&this[s]){return false}var e=$(this);for(var t=i.length-1;t>=0;t--){if(i[t]==this){i.splice(t,1);break}}e.removeData(m);if(!i.length){if(r){cancelAnimationFrame(a)}else{clearTimeout(a)}a=null}},add:function(e){if(!n[f]&&this[s]){return false}var i;function a(e,n,a){var r=$(this),s=r.data(m)||{};s.w=n!==t?n:r.width();s.h=a!==t?a:r.height();i.apply(this,arguments)}if($.isFunction(e)){i=e;return a}else{i=e.handler;e.handler=a}}};function h(t){if(r===true){r=t||1}for(var s=i.length-1;s>=0;s--){var l=$(i[s]);if(l[0]==e||l.is(":visible")){var f=l.width(),c=l.height(),d=l.data(m);if(d&&(f!==d.w||c!==d.h)){l.trigger(u,[d.w=f,d.h=c]);r=t||true}}else{d=l.data(m);d.w=0;d.h=0}}if(a!==null){if(r&&(t==null||t-r<1e3)){a=e.requestAnimationFrame(h)}else{a=setTimeout(h,n[o]);r=false}}}if(!e.requestAnimationFrame){e.requestAnimationFrame=function(){return e.webkitRequestAnimationFrame||e.mozRequestAnimationFrame||e.oRequestAnimationFrame||e.msRequestAnimationFrame||function(t,i){return e.setTimeout(function(){t((new Date).getTime())},n[l])}}()}if(!e.cancelAnimationFrame){e.cancelAnimationFrame=function(){return e.webkitCancelRequestAnimationFrame||e.mozCancelRequestAnimationFrame||e.oCancelRequestAnimationFrame||e.msCancelRequestAnimationFrame||clearTimeout}()}})(jQuery,this);(function($){var options={};function init(plot){function onResize(){var placeholder=plot.getPlaceholder();if(placeholder.width()==0||placeholder.height()==0)return;plot.resize();plot.setupGrid();plot.draw()}function bindEvents(plot,eventHolder){plot.getPlaceholder().resize(onResize)}function shutdown(plot,eventHolder){plot.getPlaceholder().unbind("resize",onResize)}plot.hooks.bindEvents.push(bindEvents);plot.hooks.shutdown.push(shutdown)}$.plot.plugins.push({init:init,options:options,name:"resize",version:"1.0"})})(jQuery);

js/plugins/jquery.tablesorter.sizeparser.min.js

@@ -0,0 +1,23 @@
+$.tablesorter.addParser({
+	id: 'filesize',
+	is: function(s) {
+		return s.match(new RegExp(/[0-9]+(\.[0-9]+)?\ (KiB|B|GiB|MiB|TiB)/));
+	},
+	format: function(s) {
+		var suf = s.match(new RegExp(/(KiB|B|GiB|MiB|TiB)/))[1];
+		var num = parseFloat(s.match(new RegExp(/^[0-9]+(\.[0-9]+)?/))[0]);
+		switch (suf) {
+		case 'B':
+			return num;
+		case 'KiB':
+			return num * 1024;
+		case 'MiB':
+			return num * 1024 * 1024;
+		case 'GiB':
+			return num * 1024 * 1024 * 1024;
+		case 'TiB':
+			return num * 1024 * 1024 * 1024 * 1024;
+		}
+	},
+	type: 'numeric'
+});

lib/ajax.php

@@ -16,6 +16,18 @@
  *
  */
 
+// Load the user settings
+define('FROXLOR_INSTALL_DIR', dirname(dirname(__FILE__)));
+if (!file_exists('./userdata.inc.php')) {
+	die();
+}
+require './userdata.inc.php';
+require './tables.inc.php';
+require './classes/database/class.Database.php';
+require './classes/settings/class.Settings.php';
+require './functions/validate/function.validate_ip.php';
+require './functions/validate/function.validateDomain.php';
+
 if(isset($_POST['action'])) {
 	$action = $_POST['action'];
 } elseif(isset($_GET['action'])) {
@@ -25,15 +37,16 @@ if(isset($_POST['action'])) {
 }
 
 if ($action == "newsfeed") {
-	$feed = "http://inside.froxlor.org/news/";
+	if (isset($_GET['role']) && $_GET['role'] == "customer") {
+		$feed = Settings::Get("customer.news_feed_url");
+	} else {
+		$feed = "http://inside.froxlor.org/news/";
+	}
 
 	if (function_exists("simplexml_load_file") == false) {
 		die();
 	}
 
-	// get version
-	require './tables.inc.php';
-
 	if (function_exists('curl_version')) {
 		$ch = curl_init();
 		curl_setopt($ch, CURLOPT_URL, $feed);
@@ -61,7 +74,19 @@ if ($action == "newsfeed") {
 			$content = preg_replace("/[\r\n]+/", " ", strip_tags($item->description));
 			$content = substr($content, 0, 150) . "...";
 
-			echo "<tr class=\"newsitem\"><td><small>" . $date . "</small><br /><a href=\"" . $link . "\" target=\"_blank\"><b>" . $title . "</b><br />" . $content . "</a></td></tr>";
+			echo "<li class=\"clearfix\">
+                <div class=\"newsfeed-body clearfix\">
+                    <div class=\"header\">
+                        <strong class=\"primary-font\"><a href=\"{$link}\" target=\"_blank\">{$title}</a></strong>
+                        <small class=\"pull-right text-muted\">
+                            <i class=\"fa fa-clock-o fa-fw\"></i> {$date}
+                        </small>
+                    </div>
+                    <p>
+                        {$content}
+                    </p>
+                </div>
+            </li>";
 		}
 	} else {
 		echo "";

lib/classes/Smarty

@@ -1 +1 @@
-Smarty-3.1.15/libs/
+Smarty-3.1.21/libs/

lib/classes/Smarty-3.1.15/demo/index.php

@@ -1,30 +0,0 @@
-<?php
- /**
- * Example Application
-
- * @package Example-application
- */
-
-require '../libs/Smarty.class.php';
-
-$smarty = new Smarty;
-
-//$smarty->force_compile = true;
-$smarty->debugging = true;
-$smarty->caching = true;
-$smarty->cache_lifetime = 120;
-
-$smarty->assign("Name","Fred Irving Johnathan Bradley Peppergill",true);
-$smarty->assign("FirstName",array("John","Mary","James","Henry"));
-$smarty->assign("LastName",array("Doe","Smith","Johnson","Case"));
-$smarty->assign("Class",array(array("A","B","C","D"), array("E", "F", "G", "H"),
-      array("I", "J", "K", "L"), array("M", "N", "O", "P")));
-
-$smarty->assign("contacts", array(array("phone" => "1", "fax" => "2", "cell" => "3"),
-      array("phone" => "555-4444", "fax" => "555-3333", "cell" => "760-1234")));
-
-$smarty->assign("option_values", array("NY","NE","KS","IA","OK","TX"));
-$smarty->assign("option_output", array("New York","Nebraska","Kansas","Iowa","Oklahoma","Texas"));
-$smarty->assign("option_selected", "NE");
-
-$smarty->display('index.tpl');

lib/classes/Smarty-3.1.15/demo/templates/index.tpl

@@ -1,82 +0,0 @@
-{config_load file="test.conf" section="setup"}
-{include file="header.tpl" title=foo}
-
-<PRE>
-
-{* bold and title are read from the config file *}
-{if #bold#}<b>{/if}
-{* capitalize the first letters of each word of the title *}
-Title: {#title#|capitalize}
-{if #bold#}</b>{/if}
-
-The current date and time is {$smarty.now|date_format:"%Y-%m-%d %H:%M:%S"}
-
-The value of global assigned variable $SCRIPT_NAME is {$SCRIPT_NAME}
-
-Example of accessing server environment variable SERVER_NAME: {$smarty.server.SERVER_NAME}
-
-The value of {ldelim}$Name{rdelim} is <b>{$Name}</b>
-
-variable modifier example of {ldelim}$Name|upper{rdelim}
-
-<b>{$Name|upper}</b>
-
-
-An example of a section loop:
-
-{section name=outer 
-loop=$FirstName}
-{if $smarty.section.outer.index is odd by 2}
-	{$smarty.section.outer.rownum} . {$FirstName[outer]} {$LastName[outer]}
-{else}
-	{$smarty.section.outer.rownum} * {$FirstName[outer]} {$LastName[outer]}
-{/if}
-{sectionelse}
-	none
-{/section}
-
-An example of section looped key values:
-
-{section name=sec1 loop=$contacts}
-	phone: {$contacts[sec1].phone}<br>
-	fax: {$contacts[sec1].fax}<br>
-	cell: {$contacts[sec1].cell}<br>
-{/section}
-<p>
-
-testing strip tags
-{strip}
-<table border=0>
-	<tr>
-		<td>
-			<A HREF="{$SCRIPT_NAME}">
-			<font color="red">This is a  test     </font>
-			</A>
-		</td>
-	</tr>
-</table>
-{/strip}
-
-</PRE>
-
-This is an example of the html_select_date function:
-
-<form>
-{html_select_date start_year=1998 end_year=2010}
-</form>
-
-This is an example of the html_select_time function:
-
-<form>
-{html_select_time use_24_hours=false}
-</form>
-
-This is an example of the html_options function:
-
-<form>
-<select name=states>
-{html_options values=$option_values selected=$option_selected output=$option_output}
-</select>
-</form>
-
-{include file="footer.tpl"}

lib/classes/Smarty-3.1.15/libs/debug.tpl

@@ -1,133 +0,0 @@
-{capture name='_smarty_debug' assign=debug_output}
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
-<head>
-    <title>Smarty Debug Console</title>
-<style type="text/css">
-{literal}
-body, h1, h2, td, th, p {
-    font-family: sans-serif;
-    font-weight: normal;
-    font-size: 0.9em;
-    margin: 1px;
-    padding: 0;
-}
-
-h1 {
-    margin: 0;
-    text-align: left;
-    padding: 2px;
-    background-color: #f0c040;
-    color:  black;
-    font-weight: bold;
-    font-size: 1.2em;
- }
-
-h2 {
-    background-color: #9B410E;
-    color: white;
-    text-align: left;
-    font-weight: bold;
-    padding: 2px;
-    border-top: 1px solid black;
-}
-
-body {
-    background: black; 
-}
-
-p, table, div {
-    background: #f0ead8;
-} 
-
-p {
-    margin: 0;
-    font-style: italic;
-    text-align: center;
-}
-
-table {
-    width: 100%;
-}
-
-th, td {
-    font-family: monospace;
-    vertical-align: top;
-    text-align: left;
-    width: 50%;
-}
-
-td {
-    color: green;
-}
-
-.odd {
-    background-color: #eeeeee;
-}
-
-.even {
-    background-color: #fafafa;
-}
-
-.exectime {
-    font-size: 0.8em;
-    font-style: italic;
-}
-
-#table_assigned_vars th {
-    color: blue;
-}
-
-#table_config_vars th {
-    color: maroon;
-}
-{/literal}
-</style>
-</head>
-<body>
-
-<h1>Smarty Debug Console  -  {if isset($template_name)}{$template_name|debug_print_var nofilter}{else}Total Time {$execution_time|string_format:"%.5f"}{/if}</h1>
-
-{if !empty($template_data)}
-<h2>included templates &amp; config files (load time in seconds)</h2>
-
-<div>
-{foreach $template_data as $template}
-  <font color=brown>{$template.name}</font>
-  <span class="exectime">
-   (compile {$template['compile_time']|string_format:"%.5f"}) (render {$template['render_time']|string_format:"%.5f"}) (cache {$template['cache_time']|string_format:"%.5f"})
-  </span>
-  <br>
-{/foreach}
-</div>
-{/if}
-
-<h2>assigned template variables</h2>
-
-<table id="table_assigned_vars">
-    {foreach $assigned_vars as $vars}
-       <tr class="{if $vars@iteration % 2 eq 0}odd{else}even{/if}">   
-       <th>${$vars@key|escape:'html'}</th>
-       <td>{$vars|debug_print_var nofilter}</td></tr>
-    {/foreach}
-</table>
-
-<h2>assigned config file variables (outer template scope)</h2>
-
-<table id="table_config_vars">
-    {foreach $config_vars as $vars}
-       <tr class="{if $vars@iteration % 2 eq 0}odd{else}even{/if}">   
-       <th>{$vars@key|escape:'html'}</th>
-       <td>{$vars|debug_print_var nofilter}</td></tr>
-    {/foreach}
-
-</table>
-</body>
-</html>
-{/capture}
-<script type="text/javascript">
-{$id = $template_name|default:''|md5}
-    _smarty_console = window.open("","console{$id}","width=680,height=600,resizable,scrollbars=yes");
-    _smarty_console.document.write("{$debug_output|escape:'javascript' nofilter}");
-    _smarty_console.document.close();
-</script>

lib/classes/Smarty-3.1.15/libs/sysplugins/smarty_internal_cacheresource_file.php

@@ -1,277 +0,0 @@
-<?php
-    /**
-    * Smarty Internal Plugin CacheResource File
-    *
-    * @package Smarty
-    * @subpackage Cacher
-    * @author Uwe Tews
-    * @author Rodney Rehm
-    */
-
-    /**
-    * This class does contain all necessary methods for the HTML cache on file system
-    *
-    * Implements the file system as resource for the HTML cache Version ussing nocache inserts.
-    *
-    * @package Smarty
-    * @subpackage Cacher
-    */
-    class Smarty_Internal_CacheResource_File extends Smarty_CacheResource
-    {
-        /**
-        * populate Cached Object with meta data from Resource
-        *
-        * @param Smarty_Template_Cached   $cached    cached object
-        * @param Smarty_Internal_Template $_template template object
-        * @return void
-        */
-        public function populate(Smarty_Template_Cached $cached, Smarty_Internal_Template $_template)
-        {
-            $_source_file_path = str_replace(':', '.', $_template->source->filepath);
-            $_cache_id = isset($_template->cache_id) ? preg_replace('![^\w\|]+!', '_', $_template->cache_id) : null;
-            $_compile_id = isset($_template->compile_id) ? preg_replace('![^\w\|]+!', '_', $_template->compile_id) : null;
-            $_filepath = $_template->source->uid;
-            // if use_sub_dirs, break file into directories
-            if ($_template->smarty->use_sub_dirs) {
-                $_filepath = substr($_filepath, 0, 2) . DS
-                . substr($_filepath, 2, 2) . DS
-                . substr($_filepath, 4, 2) . DS
-                . $_filepath;
-            }
-            $_compile_dir_sep = $_template->smarty->use_sub_dirs ? DS : '^';
-            if (isset($_cache_id)) {
-                $_cache_id = str_replace('|', $_compile_dir_sep, $_cache_id) . $_compile_dir_sep;
-            } else {
-                $_cache_id = '';
-            }
-            if (isset($_compile_id)) {
-                $_compile_id = $_compile_id . $_compile_dir_sep;
-            } else {
-                $_compile_id = '';
-            }
-            $_cache_dir = $_template->smarty->getCacheDir();
-            if ($_template->smarty->cache_locking) {
-                // create locking file name
-                // relative file name?
-                if (!preg_match('/^([\/\\\\]|[a-zA-Z]:[\/\\\\])/', $_cache_dir)) {
-                    $_lock_dir = rtrim(getcwd(), '/\\') . DS . $_cache_dir;
-                } else {
-                    $_lock_dir = $_cache_dir;
-                }
-                $cached->lock_id = $_lock_dir.sha1($_cache_id.$_compile_id.$_template->source->uid).'.lock';
-            }
-            $cached->filepath = $_cache_dir . $_cache_id . $_compile_id . $_filepath . '.' . basename($_source_file_path) . '.php';
-            $cached->timestamp = @filemtime($cached->filepath);
-            $cached->exists = !!$cached->timestamp;
-        }
-
-        /**
-        * populate Cached Object with timestamp and exists from Resource
-        *
-        * @param Smarty_Template_Cached $cached cached object
-        * @return void
-        */
-        public function populateTimestamp(Smarty_Template_Cached $cached)
-        {
-            $cached->timestamp = @filemtime($cached->filepath);
-            $cached->exists = !!$cached->timestamp;
-        }
-
-        /**
-        * Read the cached template and process its header
-        *
-        * @param Smarty_Internal_Template $_template template object
-        * @param Smarty_Template_Cached $cached cached object
-        * @return booelan true or false if the cached content does not exist
-        */
-        public function process(Smarty_Internal_Template $_template, Smarty_Template_Cached $cached=null)
-        {
-            $_smarty_tpl = $_template;
-
-            return @include $_template->cached->filepath;
-        }
-
-        /**
-        * Write the rendered template output to cache
-        *
-        * @param Smarty_Internal_Template $_template template object
-        * @param string                   $content   content to cache
-        * @return boolean success
-        */
-        public function writeCachedContent(Smarty_Internal_Template $_template, $content)
-        {
-            if (Smarty_Internal_Write_File::writeFile($_template->cached->filepath, $content, $_template->smarty) === true) {
-                $_template->cached->timestamp = @filemtime($_template->cached->filepath);
-                $_template->cached->exists = !!$_template->cached->timestamp;
-                if ($_template->cached->exists) {
-                    return true;
-                }
-            }
-
-            return false;
-        }
-
-        /**
-        * Empty cache
-        *
-        * @param Smarty_Internal_Template $_template template object
-        * @param integer                  $exp_time  expiration time (number of seconds, not timestamp)
-        * @return integer number of cache files deleted
-        */
-        public function clearAll(Smarty $smarty, $exp_time = null)
-        {
-            return $this->clear($smarty, null, null, null, $exp_time);
-        }
-
-        /**
-        * Empty cache for a specific template
-        *
-        * @param Smarty  $_template     template object
-        * @param string  $resource_name template name
-        * @param string  $cache_id      cache id
-        * @param string  $compile_id    compile id
-        * @param integer $exp_time      expiration time (number of seconds, not timestamp)
-        * @return integer number of cache files deleted
-        */
-        public function clear(Smarty $smarty, $resource_name, $cache_id, $compile_id, $exp_time)
-        {
-            $_cache_id = isset($cache_id) ? preg_replace('![^\w\|]+!', '_', $cache_id) : null;
-            $_compile_id = isset($compile_id) ? preg_replace('![^\w\|]+!', '_', $compile_id) : null;
-            $_dir_sep = $smarty->use_sub_dirs ? '/' : '^';
-            $_compile_id_offset = $smarty->use_sub_dirs ? 3 : 0;
-            $_dir = $smarty->getCacheDir();
-            $_dir_length = strlen($_dir);
-            if (isset($_cache_id)) {
-                $_cache_id_parts = explode('|', $_cache_id);
-                $_cache_id_parts_count = count($_cache_id_parts);
-                if ($smarty->use_sub_dirs) {
-                    foreach ($_cache_id_parts as $id_part) {
-                        $_dir .= $id_part . DS;
-                    }
-                }
-            }
-            if (isset($resource_name)) {
-                $_save_stat = $smarty->caching;
-                $smarty->caching = true;
-                $tpl = new $smarty->template_class($resource_name, $smarty);
-                $smarty->caching = $_save_stat;
-
-                // remove from template cache
-                $tpl->source; // have the template registered before unset()
-                if ($smarty->allow_ambiguous_resources) {
-                    $_templateId = $tpl->source->unique_resource . $tpl->cache_id . $tpl->compile_id;
-                } else {
-                    $_templateId = $smarty->joined_template_dir . '#' . $resource_name . $tpl->cache_id . $tpl->compile_id;
-                }
-                if (isset($_templateId[150])) {
-                    $_templateId = sha1($_templateId);
-                }
-                unset($smarty->template_objects[$_templateId]);
-
-                if ($tpl->source->exists) {
-                    $_resourcename_parts = basename(str_replace('^', '/', $tpl->cached->filepath));
-                } else {
-                    return 0;
-                }
-            }
-            $_count = 0;
-            $_time = time();
-            if (file_exists($_dir)) {
-                $_cacheDirs = new RecursiveDirectoryIterator($_dir);
-                $_cache = new RecursiveIteratorIterator($_cacheDirs, RecursiveIteratorIterator::CHILD_FIRST);
-                foreach ($_cache as $_file) {
-                    if (substr(basename($_file->getPathname()),0,1) == '.' || strpos($_file, '.svn') !== false) continue;
-                    // directory ?
-                    if ($_file->isDir()) {
-                        if (!$_cache->isDot()) {
-                            // delete folder if empty
-                            @rmdir($_file->getPathname());
-                        }
-                    } else {
-                        $_parts = explode($_dir_sep, str_replace('\\', '/', substr((string) $_file, $_dir_length)));
-                        $_parts_count = count($_parts);
-                        // check name
-                        if (isset($resource_name)) {
-                            if ($_parts[$_parts_count-1] != $_resourcename_parts) {
-                                continue;
-                            }
-                        }
-                        // check compile id
-                        if (isset($_compile_id) && (!isset($_parts[$_parts_count-2 - $_compile_id_offset]) || $_parts[$_parts_count-2 - $_compile_id_offset] != $_compile_id)) {
-                            continue;
-                        }
-                        // check cache id
-                        if (isset($_cache_id)) {
-                            // count of cache id parts
-                            $_parts_count = (isset($_compile_id)) ? $_parts_count - 2 - $_compile_id_offset : $_parts_count - 1 - $_compile_id_offset;
-                            if ($_parts_count < $_cache_id_parts_count) {
-                                continue;
-                            }
-                            for ($i = 0; $i < $_cache_id_parts_count; $i++) {
-                                if ($_parts[$i] != $_cache_id_parts[$i]) continue 2;
-                            }
-                        }
-                        // expired ?
-                        if (isset($exp_time)) {
-                            if ($exp_time < 0) {
-                                preg_match('#\'cache_lifetime\' =>\s*(\d*)#', file_get_contents($_file), $match);
-                                if ($_time < (@filemtime($_file) + $match[1])) {
-                                    continue;
-                                }
-                            } else {
-                                if ($_time - @filemtime($_file) < $exp_time) {
-                                    continue;
-                                }
-                            }
-                        }
-                        $_count += @unlink((string) $_file) ? 1 : 0;
-                    }
-                }
-            }
-
-            return $_count;
-        }
-
-        /**
-        * Check is cache is locked for this template
-        *
-        * @param Smarty $smarty Smarty object
-        * @param Smarty_Template_Cached $cached cached object
-        * @return booelan true or false if cache is locked
-        */
-        public function hasLock(Smarty $smarty, Smarty_Template_Cached $cached)
-        {
-            if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
-                clearstatcache(true, $cached->lock_id);
-            } else {
-                clearstatcache();
-            }
-            $t = @filemtime($cached->lock_id);
-
-            return $t && (time() - $t < $smarty->locking_timeout);
-        }
-
-        /**
-        * Lock cache for this template
-        *
-        * @param Smarty $smarty Smarty object
-        * @param Smarty_Template_Cached $cached cached object
-        */
-        public function acquireLock(Smarty $smarty, Smarty_Template_Cached $cached)
-        {
-            $cached->is_locked = true;
-            touch($cached->lock_id);
-        }
-
-        /**
-        * Unlock cache for this template
-        *
-        * @param Smarty $smarty Smarty object
-        * @param Smarty_Template_Cached $cached cached object
-        */
-        public function releaseLock(Smarty $smarty, Smarty_Template_Cached $cached)
-        {
-            $cached->is_locked = false;
-            @unlink($cached->lock_id);
-        }
-    }

lib/classes/Smarty-3.1.15/libs/sysplugins/smarty_internal_resource_stream.php

@@ -1,80 +0,0 @@
-<?php
-/**
-* Smarty Internal Plugin Resource Stream
-*
-* Implements the streams as resource for Smarty template
-*
-* @package Smarty
-* @subpackage TemplateResources
-* @author Uwe Tews
-* @author Rodney Rehm
-*/
-
-/**
-* Smarty Internal Plugin Resource Stream
-*
-* Implements the streams as resource for Smarty template
-*
-* @link http://php.net/streams
-* @package Smarty
-* @subpackage TemplateResources
-*/
-class Smarty_Internal_Resource_Stream extends Smarty_Resource_Recompiled
-{
-    /**
-    * populate Source Object with meta data from Resource
-    *
-    * @param Smarty_Template_Source   $source    source object
-    * @param Smarty_Internal_Template $_template template object
-    * @return void
-    */
-    public function populate(Smarty_Template_Source $source, Smarty_Internal_Template $_template=null)
-    {
-        if (strpos($source->resource, '://') !== false) {
-            $source->filepath = $source->resource;
-        } else {
-            $source->filepath = str_replace(':', '://', $source->resource);
-        }
-        $source->uid = false;
-        $source->content = $this->getContent($source);
-        $source->timestamp = false;
-        $source->exists = !!$source->content;
-    }
-
-    /**
-    * Load template's source from stream into current template object
-    *
-    * @param Smarty_Template_Source $source source object
-    * @return string template source
-    * @throws SmartyException if source cannot be loaded
-    */
-    public function getContent(Smarty_Template_Source $source)
-    {
-        $t = '';
-        // the availability of the stream has already been checked in Smarty_Resource::fetch()
-        $fp = fopen($source->filepath, 'r+');
-        if ($fp) {
-            while (!feof($fp) && ($current_line = fgets($fp)) !== false) {
-                $t .= $current_line;
-            }
-            fclose($fp);
-
-            return $t;
-        } else {
-            return false;
-        }
-    }
-
-    /**
-    * modify resource_name according to resource handlers specifications
-    *
-    * @param Smarty $smarty        Smarty instance
-    * @param string $resource_name resource_name to make unique
-     * @param  boolean $is_config    flag for config resource
-    * @return string unique resource name
-    */
-    protected function buildUniqueResourceName(Smarty $smarty, $resource_name, $is_config = false)
-    {
-        return get_class($this) . '#' . $resource_name;
-    }
-}

lib/classes/Smarty-3.1.21/README

@@ -1,4 +1,4 @@
-Smarty 3.1.15
+Smarty 3.1.21
 
 Author: Monte Ohrt <monte at ohrt dot com >
 Author: Uwe Tews

lib/classes/Smarty-3.1.21/change_log.txt

@@ -1,5 +1,169 @@
- ===== trunk =====
- ===== Smarty-3.1.15 =====
+ ===== 3.1.22-dev ===== (xx.xx.2014)
+ ===== 3.1.21 ===== (18.10.2014)
+ 18.10.2014
+ - composer moved to github
+ - add COMPOSER_RELEASE_NOTES
+
+ 17.10.2014
+ - bugfix on $php_handling security and optimization of smarty_internal_parsetree (Thue Kristensen)
+
+ 16.10.2014
+ - bugfix composer.json update
+
+ 15.10.2014
+ - bugfix calling a new created cache file with fetch() and Smarty::CACHING_LIFETIME_SAVED multiple times did fail (forum 22350)
+
+ 14.10.2014
+ - bugfix any tag placed within "<script language=php>" will throw a security exception to close all thinkable holes
+ - bugfix classmap in root composer.json should start at "libs/..."
+ - improvement cache is_file(file_exists) results of loadPlugin() to avoid unnecessary calls during compilation (Issue 201}
+
+ 12.10.2014
+ - bugfix a comment like "<script{*foo*} language=php>" bypassed $php_handling checking (Thue Kristensen)
+ - bugfix change of 08.10.2014 could create E_NOTICE meassage when using "<?php" tags
+ - bugfix "<script language=php>" with $php_handling PHP_PASSTHRU was executed in {nocache} sections
+
+ ===== 3.1.20 ===== (09.10.2014)
+ 08.10.2014
+ - bugfix security mode of "<script language=php>" must be controlled by $php_handling property (Thue Kristensen)
+ 
+ 01.10.2014
+ - bugfix template resource of inheritance blocks could get invalid if the default resource type is not 'file'(Issue 202)
+ - bugfix existing child {block} tag must override parent {block} tag append / prepend setting (topic 25259)
+ 
+ 02.08.2014
+ - bugfix modifier wordwrap did output break string wrong if first word was exceeding length with cut = true (topic 25193)
+ 
+ 24.07.2014
+ - bugfix cache clear when cache folder does not exist
+
+ 16.07.2014
+ - enhancement remove BOM automatically from template source (topic 25161)
+ 
+ 04.07.2014
+ - bugfix the bufix of 02.06.2014 broke correct handling of child templates with same name but different template folders in extends resource (issue 194 and topic 25099)
+ 
+ ===== 3.1.19 ===== (06.30.2014)
+ 20.06.2014
+ - bugfix template variables could not be passed as parameter in {include} when the include was in a {nocache} section (topic 25131)
+ 
+ 17.06.2014
+ - bugfix large template text of some charsets could cause parsing errors (topic 24630)
+ 
+ 08.06.2014
+ - bugfix registered objects did not work after spelling fixes of 06.06.2014
+ - bugfix {block} tags within {literal} .. {/literal} got not displayed correctly (topic 25024)
+ - bugfix UNC WINDOWS PATH like "\\psf\path\to\dir" did not work as template directory (Issue 192)
+ - bugfix {html_image} security check did fail on files relative to basedir (Issue 191)
+ 
+ 06.06.2014
+ - fixed PHPUnit outputFilterTrimWhitespaceTests.php assertion of test result
+ - fixed spelling, PHPDoc , minor errors, code cleanup
+ 
+ 02.06.2014
+ - using multiple cwd with relative template dirs could result in identical compiled file names. (issue 194 and topic 25099)
+ 
+ 19.04.2014
+ - bugfix calling createTemplate(template, data) with empty data array caused notice of array to string conversion (Issue 189)
+ - bugfix clearCompiledTemplate() did not delete files on WINDOWS when a compile_id was specified
+ 
+ 18.04.2014
+ - revert bugfix of 5.4.2014 because %-e date format is not supported on all operating systems
+
+ ===== 3.1.18 ===== (07.04.2014)
+ 06.04.2014 
+ - bugfix template inheritance fail when using custom resource after patch of 8.3.2014 (Issue 187)
+ - bugfix update of composer file (Issue 168 and 184)
+
+ 05.04.2014
+ - bugfix default date format leads to extra spaces when displaying dates with single digit days (Issue 165)
+ 
+ 26.03.2014
+ - bugfix Smart_Resource_Custom should not lowercase the resource name (Issue 183)
+ 
+ 24.03.2014
+ - bugfix using a {foreach} property like @iteration could fail when used in inheritance parent templates (Issue 182)
+ 
+ 20.03.2014
+ - bugfix $smarty->auto_literal and mbsting.func_overload 2, 6 or 7 did fail (forum topic 24899)
+ 
+ 18.03.2014
+ - revert change of 17.03.2014
+ 
+17.03.2014
+ - bugfix $smarty->auto_literal and mbsting.func_overload 2, 6 or 7 did fail (forum topic 24899)
+ 
+ 15.03.2014
+ - bugfix Smarty_CacheResource_Keyvaluestore did use different keys on read/writes and clearCache() calls (Issue 169)
+
+ 13.03.2014
+ - bugfix clearXxx() change of 27.1.2014 did not work when specifing cache_id or compile_id  (forum topic 24868 and 24867)
+ 
+ ===== 3.1.17 =====
+ 08.03.2014
+ - bugfix relative file path {include} within {block} of child templates did throw exception on first call (Issue 177)
+ 
+ 17.02.2014
+ - bugfix Smarty failed when executing PHP on HHVM (Hip Hop 2.4) because uniqid('',true) does return string with ',' (forum topic 20343)
+ 
+ 16.02.2014
+ - bugfix a '//' or '\\' in template_dir path could produce wrong path on relative filepath in {include} (Issue 175)
+ 
+ 05.02.2014
+ - bugfix shared.literal_compiler_param.php did throw an exception when literal did contain a '-' (smarty-developers group)
+ 
+ 27.01.2014
+ - bugfix $smarty->debugging = true; did show the variable of the $smarty object not the variables used in display() call (forum topic 24764)
+ - bugfix clearCompiledTemplate(), clearAll() and clear() should use realpath to avoid possible exception from RecursiveDirectoryIterator (Issue 171)
+ 
+ 26.01.2014
+ - bugfix  undo block nesting checks for {nocache} for reasons like forum topic 23280 (forum topic 24762)
+ 
+ 18.01.2014
+ - bugfix the compiler did fail when using template inheritance and recursive {include} (smarty-developers group)
+ 
+ 11.01.2014
+ - bugfix "* }" (spaces before right delimiter) was interpreted by mistake as comment end tag (Issue 170)
+ - internals  content cache should be clear when updating cache file
+ 
+ 08.01.2014
+ - bugfix Smarty_CacheResource_Custom did not handle template resource type specifications on clearCache() calls (Issue 169)
+ - bugfix SmartyBC.class.php should use require_once to load Smarty.class.php (forum topic 24683)
+ 
+ ===== 3.1.16 =====
+ 15.12.2013
+ - bugfix {include} with {block} tag handling (forum topic 24599, 24594, 24682) (Issue 161)
+   Read 3.1.16_RELEASE_NOTES for more details
+ - enhancement additional debug output at $smarty->_parserdebug = true;
+ 
+ 07.11.2013
+ - bugfix too restrictive handling of {include} within {block} tags. 3.1.15 did throw errors where 3.1.14 did not (forum topic 24599)
+ - bugfix compiler could fail if PHP mbstring.func_overload is enabled  (Issue 164)
+ 
+ 28.10.2013
+ - bugfix variable resource name at custom resource plugin did not work within {block} tags (Issue 163)
+ - bugfix notice "Trying to get property of non-object" removed (Issue 163)
+ - bugfix correction of modifier capitalize fix from 3.10.2013  (issue 159)
+ - bugfix multiple {block}s with same name in parent did not work (forum topic 24631) 
+ 
+ 20.10.2013
+ - bugfix a variable file name at {extends} tag did fail (forum topic 24618)
+ 
+ 14.10.2013
+ - bugfix yesterdays fix could result in an undefined variable
+ 
+ 13.10.2013
+ - bugfix variable names on {include} in template inheritance did unextepted error message (forum topic 24594) (Issue 161)
+.- bugfix relative includes with same name like {include './foo.tpl'} from different folder failed (forum topic 24590)(Issue 161) 
+
+ 04.10.2013
+ - bugfix variable file names at {extends} had been disbabled by mistake with the rewrite of 
+   template inheritance of 24.08.2013   (forum topic 24585)
+   
+03.10.2013
+ - bugfix loops using modifier capitalize did eat up memory (issue 159)
+ 
+ ===== Smarty 3.1.15 =====
 01.10.2013
  - use current delimiters in compiler error messages (issue 157)
  - improvement on performance when using error handler and multiple template folders (issue 152)

lib/classes/Smarty-3.1.21/demo/index.php

@@ -0,0 +1,30 @@
+<?php
+/**
+ * Example Application
+ *
+ * @package Example-application
+ */
+
+require '../libs/Smarty.class.php';
+
+$smarty = new Smarty;
+
+//$smarty->force_compile = true;
+$smarty->debugging = true;
+$smarty->caching = true;
+$smarty->cache_lifetime = 120;
+
+$smarty->assign("Name", "Fred Irving Johnathan Bradley Peppergill", true);
+$smarty->assign("FirstName", array("John", "Mary", "James", "Henry"));
+$smarty->assign("LastName", array("Doe", "Smith", "Johnson", "Case"));
+$smarty->assign("Class", array(array("A", "B", "C", "D"), array("E", "F", "G", "H"),
+                               array("I", "J", "K", "L"), array("M", "N", "O", "P")));
+
+$smarty->assign("contacts", array(array("phone" => "1", "fax" => "2", "cell" => "3"),
+                                  array("phone" => "555-4444", "fax" => "555-3333", "cell" => "760-1234")));
+
+$smarty->assign("option_values", array("NY", "NE", "KS", "IA", "OK", "TX"));
+$smarty->assign("option_output", array("New York", "Nebraska", "Kansas", "Iowa", "Oklahoma", "Texas"));
+$smarty->assign("option_selected", "NE");
+
+$smarty->display('index.tpl');

lib/classes/Smarty-3.1.21/demo/plugins/cacheresource.apc.php

@@ -2,12 +2,12 @@
 
 /**
  * APC CacheResource
- *
  * CacheResource Implementation based on the KeyValueStore API to use
  * memcache as the storage resource for Smarty's output caching.
  * *
+ *
  * @package CacheResource-examples
- * @author Uwe Tews
+ * @author  Uwe Tews
  */
 class Smarty_CacheResource_Apc extends Smarty_CacheResource_KeyValueStore
 {
@@ -22,7 +22,8 @@ class Smarty_CacheResource_Apc extends Smarty_CacheResource_KeyValueStore
     /**
      * Read values for a set of keys from cache
      *
-     * @param  array   $keys list of keys to fetch
+     * @param  array $keys list of keys to fetch
+     *
      * @return array   list of values with the given keys used as indexes
      * @return boolean true on success, false on failure
      */
@@ -40,11 +41,12 @@ class Smarty_CacheResource_Apc extends Smarty_CacheResource_KeyValueStore
     /**
      * Save values for a set of keys to cache
      *
-     * @param  array   $keys   list of values to save
-     * @param  int     $expire expiration time
+     * @param  array $keys   list of values to save
+     * @param  int   $expire expiration time
+     *
      * @return boolean true on success, false on failure
      */
-    protected function write(array $keys, $expire=null)
+    protected function write(array $keys, $expire = null)
     {
         foreach ($keys as $k => $v) {
             apc_store($k, $v, $expire);
@@ -56,7 +58,8 @@ class Smarty_CacheResource_Apc extends Smarty_CacheResource_KeyValueStore
     /**
      * Remove values from cache
      *
-     * @param  array   $keys list of keys to delete
+     * @param  array $keys list of keys to delete
+     *
      * @return boolean true on success, false on failure
      */
     protected function delete(array $keys)

lib/classes/Smarty-3.1.21/demo/plugins/cacheresource.memcache.php

@@ -2,20 +2,19 @@
 
 /**
  * Memcache CacheResource
- *
  * CacheResource Implementation based on the KeyValueStore API to use
  * memcache as the storage resource for Smarty's output caching.
- *
  * Note that memcache has a limitation of 256 characters per cache-key.
  * To avoid complications all cache-keys are translated to a sha1 hash.
  *
  * @package CacheResource-examples
- * @author Rodney Rehm
+ * @author  Rodney Rehm
  */
 class Smarty_CacheResource_Memcache extends Smarty_CacheResource_KeyValueStore
 {
     /**
      * memcache instance
+     *
      * @var Memcache
      */
     protected $memcache = null;
@@ -23,13 +22,14 @@ class Smarty_CacheResource_Memcache extends Smarty_CacheResource_KeyValueStore
     public function __construct()
     {
         $this->memcache = new Memcache();
-        $this->memcache->addServer( '127.0.0.1', 11211 );
+        $this->memcache->addServer('127.0.0.1', 11211);
     }
 
     /**
      * Read values for a set of keys from cache
      *
-     * @param  array   $keys list of keys to fetch
+     * @param  array $keys list of keys to fetch
+     *
      * @return array   list of values with the given keys used as indexes
      * @return boolean true on success, false on failure
      */
@@ -53,11 +53,12 @@ class Smarty_CacheResource_Memcache extends Smarty_CacheResource_KeyValueStore
     /**
      * Save values for a set of keys to cache
      *
-     * @param  array   $keys   list of values to save
-     * @param  int     $expire expiration time
+     * @param  array $keys   list of values to save
+     * @param  int   $expire expiration time
+     *
      * @return boolean true on success, false on failure
      */
-    protected function write(array $keys, $expire=null)
+    protected function write(array $keys, $expire = null)
     {
         foreach ($keys as $k => $v) {
             $k = sha1($k);
@@ -70,7 +71,8 @@ class Smarty_CacheResource_Memcache extends Smarty_CacheResource_KeyValueStore
     /**
      * Remove values from cache
      *
-     * @param  array   $keys list of keys to delete
+     * @param  array $keys list of keys to delete
+     *
      * @return boolean true on success, false on failure
      */
     protected function delete(array $keys)
@@ -90,6 +92,6 @@ class Smarty_CacheResource_Memcache extends Smarty_CacheResource_KeyValueStore
      */
     protected function purge()
     {
-        return $this->memcache->flush();
+        $this->memcache->flush();
     }
 }

lib/classes/Smarty-3.1.21/demo/plugins/cacheresource.mysql.php

@@ -2,10 +2,8 @@
 
 /**
  * MySQL CacheResource
- *
  * CacheResource Implementation based on the Custom API to use
  * MySQL as the storage resource for Smarty's output caching.
- *
  * Table definition:
  * <pre>CREATE TABLE IF NOT EXISTS `output_cache` (
  *   `id` CHAR(40) NOT NULL COMMENT 'sha1 hash',
@@ -22,7 +20,7 @@
  * ) ENGINE = InnoDB;</pre>
  *
  * @package CacheResource-examples
- * @author Rodney Rehm
+ * @author  Rodney Rehm
  */
 class Smarty_CacheResource_Mysql extends Smarty_CacheResource_Custom
 {
@@ -36,7 +34,8 @@ class Smarty_CacheResource_Mysql extends Smarty_CacheResource_Custom
     {
         try {
             $this->db = new PDO("mysql:dbname=test;host=127.0.0.1", "smarty");
-        } catch (PDOException $e) {
+        }
+        catch (PDOException $e) {
             throw new SmartyException('Mysql Resource failed: ' . $e->getMessage());
         }
         $this->fetch = $this->db->prepare('SELECT modified, content FROM output_cache WHERE id = :id');
@@ -54,6 +53,7 @@ class Smarty_CacheResource_Mysql extends Smarty_CacheResource_Custom
      * @param  string  $compile_id compile id
      * @param  string  $content    cached content
      * @param  integer $mtime      cache modification timestamp (epoch)
+     *
      * @return void
      */
     protected function fetch($id, $name, $cache_id, $compile_id, &$content, &$mtime)
@@ -74,10 +74,12 @@ class Smarty_CacheResource_Mysql extends Smarty_CacheResource_Custom
      * Fetch cached content's modification timestamp from data source
      *
      * @note implementing this method is optional. Only implement it if modification times can be accessed faster than loading the complete cached content.
-     * @param  string          $id         unique cache content identifier
-     * @param  string          $name       template name
-     * @param  string          $cache_id   cache id
-     * @param  string          $compile_id compile id
+     *
+     * @param  string $id         unique cache content identifier
+     * @param  string $name       template name
+     * @param  string $cache_id   cache id
+     * @param  string $compile_id compile id
+     *
      * @return integer|boolean timestamp (epoch) the template was modified, or false if not found
      */
     protected function fetchTimestamp($id, $name, $cache_id, $compile_id)
@@ -98,17 +100,18 @@ class Smarty_CacheResource_Mysql extends Smarty_CacheResource_Custom
      * @param  string       $compile_id compile id
      * @param  integer|null $exp_time   seconds till expiration time in seconds or null
      * @param  string       $content    content to cache
+     *
      * @return boolean      success
      */
     protected function save($id, $name, $cache_id, $compile_id, $exp_time, $content)
     {
         $this->save->execute(array(
-            'id' => $id,
-            'name' => $name,
-            'cache_id' => $cache_id,
-            'compile_id' => $compile_id,
-            'content' => $content,
-        ));
+                                 'id'         => $id,
+                                 'name'       => $name,
+                                 'cache_id'   => $cache_id,
+                                 'compile_id' => $compile_id,
+                                 'content'    => $content,
+                             ));
 
         return !!$this->save->rowCount();
     }
@@ -120,6 +123,7 @@ class Smarty_CacheResource_Mysql extends Smarty_CacheResource_Custom
      * @param  string       $cache_id   cache id
      * @param  string       $compile_id compile id
      * @param  integer|null $exp_time   seconds till expiration or null
+     *
      * @return integer      number of deleted caches
      */
     protected function delete($name, $cache_id, $compile_id, $exp_time)
@@ -129,7 +133,7 @@ class Smarty_CacheResource_Mysql extends Smarty_CacheResource_Custom
             // returning the number of deleted caches would require a second query to count them
             $query = $this->db->query('TRUNCATE TABLE output_cache');
 
-            return -1;
+            return - 1;
         }
         // build the filter
         $where = array();
@@ -147,8 +151,8 @@ class Smarty_CacheResource_Mysql extends Smarty_CacheResource_Custom
         }
         // equal test cache_id and match sub-groups
         if ($cache_id !== null) {
-            $where[] = '(cache_id = '. $this->db->quote($cache_id)
-                . ' OR cache_id LIKE '. $this->db->quote($cache_id .'|%') .')';
+            $where[] = '(cache_id = ' . $this->db->quote($cache_id)
+                . ' OR cache_id LIKE ' . $this->db->quote($cache_id . '|%') . ')';
         }
         // run delete query
         $query = $this->db->query('DELETE FROM output_cache WHERE ' . join(' AND ', $where));

lib/classes/Smarty-3.1.21/demo/plugins/resource.extendsall.php

@@ -2,12 +2,11 @@
 
 /**
  * Extends All Resource
- *
  * Resource Implementation modifying the extends-Resource to walk
  * through the template_dirs and inherit all templates of the same name
  *
  * @package Resource-examples
- * @author Rodney Rehm
+ * @author  Rodney Rehm
  */
 class Smarty_Resource_Extendsall extends Smarty_Internal_Resource_Extends
 {
@@ -16,22 +15,25 @@ class Smarty_Resource_Extendsall extends Smarty_Internal_Resource_Extends
      *
      * @param  Smarty_Template_Source   $source    source object
      * @param  Smarty_Internal_Template $_template template object
+     *
      * @return void
      */
-    public function populate(Smarty_Template_Source $source, Smarty_Internal_Template $_template=null)
+    public function populate(Smarty_Template_Source $source, Smarty_Internal_Template $_template = null)
     {
         $uid = '';
         $sources = array();
         $exists = true;
         foreach ($_template->smarty->getTemplateDir() as $key => $directory) {
             try {
-                $s = Smarty_Resource::source(null, $source->smarty, '[' . $key . ']' . $source->name );
+                $s = Smarty_Resource::source(null, $source->smarty, '[' . $key . ']' . $source->name);
                 if (!$s->exists) {
                     continue;
                 }
                 $sources[$s->uid] = $s;
                 $uid .= $s->filepath;
-            } catch (SmartyException $e) {}
+            }
+            catch (SmartyException $e) {
+            }
         }
 
         if (!$sources) {

lib/classes/Smarty-3.1.21/demo/plugins/resource.mysql.php

@@ -2,10 +2,8 @@
 
 /**
  * MySQL Resource
- *
  * Resource Implementation based on the Custom API to use
  * MySQL as the storage resource for Smarty's templates and configs.
- *
  * Table definition:
  * <pre>CREATE TABLE IF NOT EXISTS `templates` (
  *   `name` varchar(100) NOT NULL,
@@ -13,12 +11,11 @@
  *   `source` text,
  *   PRIMARY KEY (`name`)
  * ) ENGINE=InnoDB DEFAULT CHARSET=utf8;</pre>
- *
  * Demo data:
  * <pre>INSERT INTO `templates` (`name`, `modified`, `source`) VALUES ('test.tpl', "2010-12-25 22:00:00", '{$x="hello world"}{$x}');</pre>
  *
  * @package Resource-examples
- * @author Rodney Rehm
+ * @author  Rodney Rehm
  */
 class Smarty_Resource_Mysql extends Smarty_Resource_Custom
 {
@@ -33,7 +30,8 @@ class Smarty_Resource_Mysql extends Smarty_Resource_Custom
     {
         try {
             $this->db = new PDO("mysql:dbname=test;host=127.0.0.1", "smarty");
-        } catch (PDOException $e) {
+        }
+        catch (PDOException $e) {
             throw new SmartyException('Mysql Resource failed: ' . $e->getMessage());
         }
         $this->fetch = $this->db->prepare('SELECT modified, source FROM templates WHERE name = :name');
@@ -46,6 +44,7 @@ class Smarty_Resource_Mysql extends Smarty_Resource_Custom
      * @param  string  $name   template name
      * @param  string  $source template source
      * @param  integer $mtime  template modification timestamp (epoch)
+     *
      * @return void
      */
     protected function fetch($name, &$source, &$mtime)
@@ -66,7 +65,9 @@ class Smarty_Resource_Mysql extends Smarty_Resource_Custom
      * Fetch a template's modification time from database
      *
      * @note implementing this method is optional. Only implement it if modification times can be accessed faster than loading the comple template source.
-     * @param  string  $name template name
+     *
+     * @param  string $name template name
+     *
      * @return integer timestamp (epoch) the template was modified
      */
     protected function fetchTimestamp($name)

lib/classes/Smarty-3.1.21/demo/plugins/resource.mysqls.php

@@ -2,13 +2,10 @@
 
 /**
  * MySQL Resource
- *
  * Resource Implementation based on the Custom API to use
  * MySQL as the storage resource for Smarty's templates and configs.
- *
  * Note that this MySQL implementation fetches the source and timestamps in
  * a single database query, instead of two separate like resource.mysql.php does.
- *
  * Table definition:
  * <pre>CREATE TABLE IF NOT EXISTS `templates` (
  *   `name` varchar(100) NOT NULL,
@@ -16,12 +13,11 @@
  *   `source` text,
  *   PRIMARY KEY (`name`)
  * ) ENGINE=InnoDB DEFAULT CHARSET=utf8;</pre>
- *
  * Demo data:
  * <pre>INSERT INTO `templates` (`name`, `modified`, `source`) VALUES ('test.tpl', "2010-12-25 22:00:00", '{$x="hello world"}{$x}');</pre>
  *
  * @package Resource-examples
- * @author Rodney Rehm
+ * @author  Rodney Rehm
  */
 class Smarty_Resource_Mysqls extends Smarty_Resource_Custom
 {
@@ -34,7 +30,8 @@ class Smarty_Resource_Mysqls extends Smarty_Resource_Custom
     {
         try {
             $this->db = new PDO("mysql:dbname=test;host=127.0.0.1", "smarty");
-        } catch (PDOException $e) {
+        }
+        catch (PDOException $e) {
             throw new SmartyException('Mysql Resource failed: ' . $e->getMessage());
         }
         $this->fetch = $this->db->prepare('SELECT modified, source FROM templates WHERE name = :name');
@@ -46,6 +43,7 @@ class Smarty_Resource_Mysqls extends Smarty_Resource_Custom
      * @param  string  $name   template name
      * @param  string  $source template source
      * @param  integer $mtime  template modification timestamp (epoch)
+     *
      * @return void
      */
     protected function fetch($name, &$source, &$mtime)

lib/classes/Smarty-3.1.21/demo/templates/header.tpl

@@ -1,5 +1,5 @@
 <HTML>
 <HEAD>
-<TITLE>{$title} - {$Name}</TITLE>
+    <TITLE>{$title} - {$Name}</TITLE>
 </HEAD>
 <BODY bgcolor="#ffffff">

lib/classes/Smarty-3.1.21/demo/templates/index.tpl

@@ -0,0 +1,87 @@
+{config_load file="test.conf" section="setup"}
+{include file="header.tpl" title=foo}
+
+<PRE>
+
+{* bold and title are read from the config file *}
+    {if #bold#}<b>{/if}
+        {* capitalize the first letters of each word of the title *}
+        Title: {#title#|capitalize}
+        {if #bold#}</b>{/if}
+
+    The current date and time is {$smarty.now|date_format:"%Y-%m-%d %H:%M:%S"}
+
+    The value of global assigned variable $SCRIPT_NAME is {$SCRIPT_NAME}
+
+    Example of accessing server environment variable SERVER_NAME: {$smarty.server.SERVER_NAME}
+
+    The value of {ldelim}$Name{rdelim} is <b>{$Name}</b>
+
+variable modifier example of {ldelim}$Name|upper{rdelim}
+
+<b>{$Name|upper}</b>
+
+
+An example of a section loop:
+
+    {section name=outer
+    loop=$FirstName}
+        {if $smarty.section.outer.index is odd by 2}
+            {$smarty.section.outer.rownum} . {$FirstName[outer]} {$LastName[outer]}
+        {else}
+            {$smarty.section.outer.rownum} * {$FirstName[outer]} {$LastName[outer]}
+        {/if}
+        {sectionelse}
+        none
+    {/section}
+
+    An example of section looped key values:
+
+    {section name=sec1 loop=$contacts}
+        phone: {$contacts[sec1].phone}
+        <br>
+
+            fax: {$contacts[sec1].fax}
+        <br>
+
+            cell: {$contacts[sec1].cell}
+        <br>
+    {/section}
+    <p>
+
+        testing strip tags
+        {strip}
+<table border=0>
+    <tr>
+        <td>
+            <A HREF="{$SCRIPT_NAME}">
+                <font color="red">This is a test </font>
+            </A>
+        </td>
+    </tr>
+</table>
+    {/strip}
+
+</PRE>
+
+This is an example of the html_select_date function:
+
+<form>
+    {html_select_date start_year=1998 end_year=2010}
+</form>
+
+This is an example of the html_select_time function:
+
+<form>
+    {html_select_time use_24_hours=false}
+</form>
+
+This is an example of the html_options function:
+
+<form>
+    <select name=states>
+        {html_options values=$option_values selected=$option_selected output=$option_output}
+    </select>
+</form>
+
+{include file="footer.tpl"}

lib/classes/Smarty-3.1.21/libs/SmartyBC.class.php

@@ -3,36 +3,32 @@
  * Project:     Smarty: the PHP compiling template engine
  * File:        SmartyBC.class.php
  * SVN:         $Id: $
- *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
  * version 2.1 of the License, or (at your option) any later version.
- *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * Lesser General Public License for more details.
- *
  * You should have received a copy of the GNU Lesser General Public
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
- *
  * For questions, help, comments, discussion, etc., please join the
  * Smarty mailing list. Send a blank e-mail to
  * smarty-discussion-subscribe@googlegroups.com
  *
- * @link http://www.smarty.net/
+ * @link      http://www.smarty.net/
  * @copyright 2008 New Digital Group, Inc.
- * @author Monte Ohrt <monte at ohrt dot com>
- * @author Uwe Tews
- * @author Rodney Rehm
- * @package Smarty
+ * @author    Monte Ohrt <monte at ohrt dot com>
+ * @author    Uwe Tews
+ * @author    Rodney Rehm
+ * @package   Smarty
  */
 /**
  * @ignore
  */
-require(dirname(__FILE__) . '/Smarty.class.php');
+require_once(dirname(__FILE__) . '/Smarty.class.php');
 
 /**
  * Smarty Backward Compatability Wrapper Class
@@ -43,6 +39,7 @@ class SmartyBC extends Smarty
 {
     /**
      * Smarty 2 BC
+     *
      * @var string
      */
     public $_version = self::SMARTY_VERSION;
@@ -52,7 +49,7 @@ class SmartyBC extends Smarty
      *
      * @param array $options options to set during initialization, e.g. array( 'forceCompile' => false )
      */
-    public function __construct(array $options=array())
+    public function __construct(array $options = array())
     {
         parent::__construct($options);
         // register {php} tag
@@ -100,7 +97,7 @@ class SmartyBC extends Smarty
      * @param bool   $cacheable
      * @param mixed  $cache_attrs
      */
-    public function register_function($function, $function_impl, $cacheable=true, $cache_attrs=null)
+    public function register_function($function, $function_impl, $cacheable = true, $cache_attrs = null)
     {
         $this->registerPlugin('function', $function, $function_impl, $cacheable, $cache_attrs);
     }
@@ -118,11 +115,14 @@ class SmartyBC extends Smarty
     /**
      * Registers object to be used in templates
      *
-     * @param string  $object       name of template object
-     * @param object  $object_impl  the referenced PHP object to register
-     * @param array   $allowed      list of allowed methods (empty = all)
-     * @param boolean $smarty_args  smarty argument format, else traditional
-     * @param array   $block_functs list of methods that are block format
+     * @param string  $object      name of template object
+     * @param object  $object_impl the referenced PHP object to register
+     * @param array   $allowed     list of allowed methods (empty = all)
+     * @param boolean $smarty_args smarty argument format, else traditional
+     * @param array   $block_methods list of methods that are block format
+     *
+     * @throws SmartyException
+     * @internal param array $block_functs list of methods that are block format
      */
     public function register_object($object, $object_impl, $allowed = array(), $smarty_args = true, $block_methods = array())
     {
@@ -144,12 +144,12 @@ class SmartyBC extends Smarty
     /**
      * Registers block function to be used in templates
      *
-     * @param string $block       name of template block
-     * @param string $block_impl  PHP function to register
+     * @param string $block      name of template block
+     * @param string $block_impl PHP function to register
      * @param bool   $cacheable
      * @param mixed  $cache_attrs
      */
-    public function register_block($block, $block_impl, $cacheable=true, $cache_attrs=null)
+    public function register_block($block, $block_impl, $cacheable = true, $cache_attrs = null)
     {
         $this->registerPlugin('block', $block, $block_impl, $cacheable, $cache_attrs);
     }
@@ -171,7 +171,7 @@ class SmartyBC extends Smarty
      * @param string $function_impl name of PHP function to register
      * @param bool   $cacheable
      */
-    public function register_compiler_function($function, $function_impl, $cacheable=true)
+    public function register_compiler_function($function, $function_impl, $cacheable = true)
     {
         $this->registerPlugin('compiler', $function, $function_impl, $cacheable);
     }
@@ -305,10 +305,11 @@ class SmartyBC extends Smarty
     /**
      * clear cached content for the given template and cache id
      *
-     * @param  string  $tpl_file   name of template file
-     * @param  string  $cache_id   name of cache_id
-     * @param  string  $compile_id name of compile_id
-     * @param  string  $exp_time   expiration time
+     * @param  string $tpl_file   name of template file
+     * @param  string $cache_id   name of cache_id
+     * @param  string $compile_id name of compile_id
+     * @param  string $exp_time   expiration time
+     *
      * @return boolean
      */
     public function clear_cache($tpl_file = null, $cache_id = null, $compile_id = null, $exp_time = null)
@@ -319,7 +320,8 @@ class SmartyBC extends Smarty
     /**
      * clear the entire contents of cache (all templates)
      *
-     * @param  string  $exp_time expire time
+     * @param  string $exp_time expire time
+     *
      * @return boolean
      */
     public function clear_all_cache($exp_time = null)
@@ -330,9 +332,10 @@ class SmartyBC extends Smarty
     /**
      * test to see if valid cache exists for this template
      *
-     * @param  string  $tpl_file   name of template file
-     * @param  string  $cache_id
-     * @param  string  $compile_id
+     * @param  string $tpl_file name of template file
+     * @param  string $cache_id
+     * @param  string $compile_id
+     *
      * @return boolean
      */
     public function is_cached($tpl_file, $cache_id = null, $compile_id = null)
@@ -353,9 +356,10 @@ class SmartyBC extends Smarty
      * or all compiled template files if one is not specified.
      * This function is for advanced use only, not normally needed.
      *
-     * @param  string  $tpl_file
-     * @param  string  $compile_id
-     * @param  string  $exp_time
+     * @param  string $tpl_file
+     * @param  string $compile_id
+     * @param  string $exp_time
+     *
      * @return boolean results of {@link smarty_core_rm_auto()}
      */
     public function clear_compiled_tpl($tpl_file = null, $compile_id = null, $exp_time = null)
@@ -366,7 +370,8 @@ class SmartyBC extends Smarty
     /**
      * Checks whether requested template exists.
      *
-     * @param  string  $tpl_file
+     * @param  string $tpl_file
+     *
      * @return boolean
      */
     public function template_exists($tpl_file)
@@ -378,9 +383,10 @@ class SmartyBC extends Smarty
      * Returns an array containing template variables
      *
      * @param  string $name
+     *
      * @return array
      */
-    public function get_template_vars($name=null)
+    public function get_template_vars($name = null)
     {
         return $this->getTemplateVars($name);
     }
@@ -389,9 +395,10 @@ class SmartyBC extends Smarty
      * Returns an array containing config variables
      *
      * @param  string $name
+     *
      * @return array
      */
-    public function get_config_vars($name=null)
+    public function get_config_vars($name = null)
     {
         return $this->getConfigVars($name);
     }
@@ -412,6 +419,7 @@ class SmartyBC extends Smarty
      * return a reference to a registered object
      *
      * @param  string $name
+     *
      * @return object
      */
     public function get_registered_object($name)
@@ -439,7 +447,6 @@ class SmartyBC extends Smarty
     {
         trigger_error("Smarty error: $error_msg", $error_type);
     }
-
 }
 
 /**
@@ -449,6 +456,7 @@ class SmartyBC extends Smarty
  * @param string  $content  contents of the block
  * @param object  $template template object
  * @param boolean &$repeat  repeat flag
+ *
  * @return string content re-formatted
  */
 function smarty_php_tag($params, $content, $template, &$repeat)

lib/classes/Smarty-3.1.21/libs/debug.tpl

@@ -0,0 +1,137 @@
+{capture name='_smarty_debug' assign=debug_output}
+    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+    <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
+    <head>
+        <title>Smarty Debug Console</title>
+        <style type="text/css">
+            {literal}
+            body, h1, h2, td, th, p {
+                font-family: sans-serif;
+                font-weight: normal;
+                font-size: 0.9em;
+                margin: 1px;
+                padding: 0;
+            }
+
+            h1 {
+                margin: 0;
+                text-align: left;
+                padding: 2px;
+                background-color: #f0c040;
+                color: black;
+                font-weight: bold;
+                font-size: 1.2em;
+            }
+
+            h2 {
+                background-color: #9B410E;
+                color: white;
+                text-align: left;
+                font-weight: bold;
+                padding: 2px;
+                border-top: 1px solid black;
+            }
+
+            body {
+                background: black;
+            }
+
+            p, table, div {
+                background: #f0ead8;
+            }
+
+            p {
+                margin: 0;
+                font-style: italic;
+                text-align: center;
+            }
+
+            table {
+                width: 100%;
+            }
+
+            th, td {
+                font-family: monospace;
+                vertical-align: top;
+                text-align: left;
+                width: 50%;
+            }
+
+            td {
+                color: green;
+            }
+
+            .odd {
+                background-color: #eeeeee;
+            }
+
+            .even {
+                background-color: #fafafa;
+            }
+
+            .exectime {
+                font-size: 0.8em;
+                font-style: italic;
+            }
+
+            #table_assigned_vars th {
+                color: blue;
+            }
+
+            #table_config_vars th {
+                color: maroon;
+            }
+
+            {/literal}
+        </style>
+    </head>
+    <body>
+
+    <h1>Smarty Debug Console
+        -  {if isset($template_name)}{$template_name|debug_print_var nofilter}{else}Total Time {$execution_time|string_format:"%.5f"}{/if}</h1>
+
+    {if !empty($template_data)}
+        <h2>included templates &amp; config files (load time in seconds)</h2>
+        <div>
+            {foreach $template_data as $template}
+                <font color=brown>{$template.name}</font>
+                <span class="exectime">
+   (compile {$template['compile_time']|string_format:"%.5f"}) (render {$template['render_time']|string_format:"%.5f"}) (cache {$template['cache_time']|string_format:"%.5f"}
+                    )
+  </span>
+                <br>
+            {/foreach}
+        </div>
+    {/if}
+
+    <h2>assigned template variables</h2>
+
+    <table id="table_assigned_vars">
+        {foreach $assigned_vars as $vars}
+            <tr class="{if $vars@iteration % 2 eq 0}odd{else}even{/if}">
+                <th>${$vars@key|escape:'html'}</th>
+                <td>{$vars|debug_print_var nofilter}</td>
+            </tr>
+        {/foreach}
+    </table>
+
+    <h2>assigned config file variables (outer template scope)</h2>
+
+    <table id="table_config_vars">
+        {foreach $config_vars as $vars}
+            <tr class="{if $vars@iteration % 2 eq 0}odd{else}even{/if}">
+                <th>{$vars@key|escape:'html'}</th>
+                <td>{$vars|debug_print_var nofilter}</td>
+            </tr>
+        {/foreach}
+
+    </table>
+    </body>
+    </html>
+{/capture}
+<script type="text/javascript">
+    {$id = $template_name|default:''|md5}
+    _smarty_console = window.open("", "console{$id}", "width=680,height=600,resizable,scrollbars=yes");
+    _smarty_console.document.write("{$debug_output|escape:'javascript' nofilter}");
+    _smarty_console.document.close();
+</script>

lib/classes/Smarty-3.1.21/libs/plugins/block.textformat.php

@@ -2,13 +2,12 @@
 /**
  * Smarty plugin to format text blocks
  *
- * @package Smarty
+ * @package    Smarty
  * @subpackage PluginsBlock
  */
 
 /**
  * Smarty {textformat}{/textformat} block plugin
- *
  * Type:     block function<br>
  * Name:     textformat<br>
  * Purpose:  format text a certain way with preset styles
@@ -23,12 +22,14 @@
  * - wrap_boundary - boolean (true)
  * </pre>
  *
- * @link http://www.smarty.net/manual/en/language.function.textformat.php {textformat}
- *       (Smarty online manual)
+ * @link   http://www.smarty.net/manual/en/language.function.textformat.php {textformat}
+ *         (Smarty online manual)
+ *
  * @param array                    $params   parameters
  * @param string                   $content  contents of the block
  * @param Smarty_Internal_Template $template template object
  * @param boolean                  &$repeat  repeat flag
+ *
  * @return string content re-formatted
  * @author Monte Ohrt <monte at ohrt dot com>
  */
@@ -76,7 +77,6 @@ function smarty_block_textformat($params, $content, $template, &$repeat)
     }
     // split into paragraphs
     $_paragraphs = preg_split('![\r\n]{2}!', $content);
-    $_output = '';
 
     foreach ($_paragraphs as &$_paragraph) {
         if (!$_paragraph) {

lib/classes/Smarty-3.1.21/libs/plugins/function.counter.php

@@ -1,22 +1,24 @@
 <?php
 /**
  * Smarty plugin
- * @package Smarty
+ *
+ * @package    Smarty
  * @subpackage PluginsFunction
  */
 
 /**
  * Smarty {counter} function plugin
- *
  * Type:     function<br>
  * Name:     counter<br>
  * Purpose:  print out a counter value
  *
  * @author Monte Ohrt <monte at ohrt dot com>
- * @link http://www.smarty.net/manual/en/language.function.counter.php {counter}
- *       (Smarty online manual)
+ * @link   http://www.smarty.net/manual/en/language.function.counter.php {counter}
+ *         (Smarty online manual)
+ *
  * @param array                    $params   parameters
  * @param Smarty_Internal_Template $template template object
+ *
  * @return string|null
  */
 function smarty_function_counter($params, $template)
@@ -26,11 +28,11 @@ function smarty_function_counter($params, $template)
     $name = (isset($params['name'])) ? $params['name'] : 'default';
     if (!isset($counters[$name])) {
         $counters[$name] = array(
-            'start'=>1,
-            'skip'=>1,
-            'direction'=>'up',
-            'count'=>1
-            );
+            'start'     => 1,
+            'skip'      => 1,
+            'direction' => 'up',
+            'count'     => 1
+        );
     }
     $counter =& $counters[$name];
 
@@ -66,11 +68,11 @@ function smarty_function_counter($params, $template)
         $counter['direction'] = $params['direction'];
     }
 
-    if ($counter['direction'] == "down")
+    if ($counter['direction'] == "down") {
         $counter['count'] -= $counter['skip'];
-    else
+    } else {
         $counter['count'] += $counter['skip'];
+    }
 
     return $retval;
-
 }

lib/classes/Smarty-3.1.21/libs/plugins/function.cycle.php

@@ -2,13 +2,12 @@
 /**
  * Smarty plugin
  *
- * @package Smarty
+ * @package    Smarty
  * @subpackage PluginsFunction
  */
 
 /**
  * Smarty {cycle} function plugin
- *
  * Type:     function<br>
  * Name:     cycle<br>
  * Date:     May 3, 2002<br>
@@ -31,15 +30,17 @@
  * {cycle name=row}
  * </pre>
  *
- * @link http://www.smarty.net/manual/en/language.function.cycle.php {cycle}
- *       (Smarty online manual)
- * @author Monte Ohrt <monte at ohrt dot com>
- * @author credit to Mark Priatel <mpriatel@rogers.com>
- * @author credit to Gerard <gerard@interfold.com>
- * @author credit to Jason Sweat <jsweat_php@yahoo.com>
+ * @link     http://www.smarty.net/manual/en/language.function.cycle.php {cycle}
+ *           (Smarty online manual)
+ * @author   Monte Ohrt <monte at ohrt dot com>
+ * @author   credit to Mark Priatel <mpriatel@rogers.com>
+ * @author   credit to Gerard <gerard@interfold.com>
+ * @author   credit to Jason Sweat <jsweat_php@yahoo.com>
  * @version  1.3
+ *
  * @param array                    $params   parameters
  * @param Smarty_Internal_Template $template template object
+ *
  * @return string|null
  */
 
@@ -59,8 +60,9 @@ function smarty_function_cycle($params, $template)
             return;
         }
     } else {
-        if(isset($cycle_vars[$name]['values'])
-            && $cycle_vars[$name]['values'] != $params['values'] ) {
+        if (isset($cycle_vars[$name]['values'])
+            && $cycle_vars[$name]['values'] != $params['values']
+        ) {
             $cycle_vars[$name]['index'] = 0;
         }
         $cycle_vars[$name]['values'] = $params['values'];
@@ -75,10 +77,10 @@ function smarty_function_cycle($params, $template)
     if (is_array($cycle_vars[$name]['values'])) {
         $cycle_array = $cycle_vars[$name]['values'];
     } else {
-        $cycle_array = explode($cycle_vars[$name]['delimiter'],$cycle_vars[$name]['values']);
+        $cycle_array = explode($cycle_vars[$name]['delimiter'], $cycle_vars[$name]['values']);
     }
 
-    if (!isset($cycle_vars[$name]['index']) || $reset ) {
+    if (!isset($cycle_vars[$name]['index']) || $reset) {
         $cycle_vars[$name]['index'] = 0;
     }
 
@@ -94,10 +96,10 @@ function smarty_function_cycle($params, $template)
     }
 
     if ($advance) {
-        if ( $cycle_vars[$name]['index'] >= count($cycle_array) -1 ) {
+        if ($cycle_vars[$name]['index'] >= count($cycle_array) - 1) {
             $cycle_vars[$name]['index'] = 0;
         } else {
-            $cycle_vars[$name]['index']++;
+            $cycle_vars[$name]['index'] ++;
         }
     }
 

lib/classes/Smarty-3.1.21/libs/plugins/function.fetch.php

@@ -2,28 +2,30 @@
 /**
  * Smarty plugin
  *
- * @package Smarty
+ * @package    Smarty
  * @subpackage PluginsFunction
  */
 
 /**
  * Smarty {fetch} plugin
- *
  * Type:     function<br>
  * Name:     fetch<br>
  * Purpose:  fetch file, web or ftp data and display results
  *
- * @link http://www.smarty.net/manual/en/language.function.fetch.php {fetch}
- *       (Smarty online manual)
+ * @link   http://www.smarty.net/manual/en/language.function.fetch.php {fetch}
+ *         (Smarty online manual)
  * @author Monte Ohrt <monte at ohrt dot com>
+ *
  * @param array                    $params   parameters
  * @param Smarty_Internal_Template $template template object
+ *
+ * @throws SmartyException
  * @return string|null if the assign parameter is passed, Smarty assigns the result to a template variable
  */
 function smarty_function_fetch($params, $template)
 {
     if (empty($params['file'])) {
-        trigger_error("[plugin] fetch parameter 'file' cannot be empty",E_USER_NOTICE);
+        trigger_error("[plugin] fetch parameter 'file' cannot be empty", E_USER_NOTICE);
 
         return;
     }
@@ -60,7 +62,7 @@ function smarty_function_fetch($params, $template)
             $host = $server_name = $uri_parts['host'];
             $timeout = 30;
             $accept = "image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*";
-            $agent = "Smarty Template Engine ". Smarty::SMARTY_VERSION;
+            $agent = "Smarty Template Engine " . Smarty::SMARTY_VERSION;
             $referer = "";
             $uri = !empty($uri_parts['path']) ? $uri_parts['path'] : '/';
             $uri .= !empty($uri_parts['query']) ? '?' . $uri_parts['query'] : '';
@@ -100,8 +102,8 @@ function smarty_function_fetch($params, $template)
                         break;
                     case "header":
                         if (!empty($param_value)) {
-                            if (!preg_match('![\w\d-]+: .+!',$param_value)) {
-                                trigger_error("[plugin] invalid header format '".$param_value."'",E_USER_NOTICE);
+                            if (!preg_match('![\w\d-]+: .+!', $param_value)) {
+                                trigger_error("[plugin] invalid header format '" . $param_value . "'", E_USER_NOTICE);
 
                                 return;
                             } else {
@@ -118,7 +120,7 @@ function smarty_function_fetch($params, $template)
                         if (!preg_match('!\D!', $param_value)) {
                             $proxy_port = (int) $param_value;
                         } else {
-                            trigger_error("[plugin] invalid value for attribute '".$param_key."'",E_USER_NOTICE);
+                            trigger_error("[plugin] invalid value for attribute '" . $param_key . "'", E_USER_NOTICE);
 
                             return;
                         }
@@ -137,26 +139,26 @@ function smarty_function_fetch($params, $template)
                         if (!preg_match('!\D!', $param_value)) {
                             $timeout = (int) $param_value;
                         } else {
-                            trigger_error("[plugin] invalid value for attribute '".$param_key."'",E_USER_NOTICE);
+                            trigger_error("[plugin] invalid value for attribute '" . $param_key . "'", E_USER_NOTICE);
 
                             return;
                         }
                         break;
                     default:
-                        trigger_error("[plugin] unrecognized attribute '".$param_key."'",E_USER_NOTICE);
+                        trigger_error("[plugin] unrecognized attribute '" . $param_key . "'", E_USER_NOTICE);
 
                         return;
                 }
             }
             if (!empty($proxy_host) && !empty($proxy_port)) {
                 $_is_proxy = true;
-                $fp = fsockopen($proxy_host,$proxy_port,$errno,$errstr,$timeout);
+                $fp = fsockopen($proxy_host, $proxy_port, $errno, $errstr, $timeout);
             } else {
-                $fp = fsockopen($server_name,$port,$errno,$errstr,$timeout);
+                $fp = fsockopen($server_name, $port, $errno, $errstr, $timeout);
             }
 
             if (!$fp) {
-                trigger_error("[plugin] unable to fetch: $errstr ($errno)",E_USER_NOTICE);
+                trigger_error("[plugin] unable to fetch: $errstr ($errno)", E_USER_NOTICE);
 
                 return;
             } else {
@@ -179,35 +181,35 @@ function smarty_function_fetch($params, $template)
                 }
                 if (isset($extra_headers) && is_array($extra_headers)) {
                     foreach ($extra_headers as $curr_header) {
-                        fputs($fp, $curr_header."\r\n");
+                        fputs($fp, $curr_header . "\r\n");
                     }
                 }
                 if (!empty($user) && !empty($pass)) {
-                    fputs($fp, "Authorization: BASIC ".base64_encode("$user:$pass")."\r\n");
+                    fputs($fp, "Authorization: BASIC " . base64_encode("$user:$pass") . "\r\n");
                 }
 
                 fputs($fp, "\r\n");
                 while (!feof($fp)) {
-                    $content .= fgets($fp,4096);
+                    $content .= fgets($fp, 4096);
                 }
                 fclose($fp);
-                $csplit = preg_split("!\r\n\r\n!",$content,2);
+                $csplit = preg_split("!\r\n\r\n!", $content, 2);
 
                 $content = $csplit[1];
 
                 if (!empty($params['assign_headers'])) {
-                    $template->assign($params['assign_headers'],preg_split("!\r\n!",$csplit[0]));
+                    $template->assign($params['assign_headers'], preg_split("!\r\n!", $csplit[0]));
                 }
             }
         } else {
-            trigger_error("[plugin fetch] unable to parse URL, check syntax",E_USER_NOTICE);
+            trigger_error("[plugin fetch] unable to parse URL, check syntax", E_USER_NOTICE);
 
             return;
         }
     } else {
         $content = @file_get_contents($params['file']);
         if ($content === false) {
-            throw new SmartyException("{fetch} cannot read resource '" . $params['file'] ."'");
+            throw new SmartyException("{fetch} cannot read resource '" . $params['file'] . "'");
         }
     }
 

lib/classes/Smarty-3.1.21/libs/plugins/function.html_checkboxes.php

@@ -2,13 +2,12 @@
 /**
  * Smarty plugin
  *
- * @package Smarty
+ * @package    Smarty
  * @subpackage PluginsFunction
  */
 
 /**
  * Smarty {html_checkboxes} function plugin
- *
  * File:       function.html_checkboxes.php<br>
  * Type:       function<br>
  * Name:       html_checkboxes<br>
@@ -32,15 +31,17 @@
  * - escape     (optional) - escape the content (not value), defaults to true
  * </pre>
  *
- * @link http://www.smarty.net/manual/en/language.function.html.checkboxes.php {html_checkboxes}
- *      (Smarty online manual)
+ * @link       http://www.smarty.net/manual/en/language.function.html.checkboxes.php {html_checkboxes}
+ *             (Smarty online manual)
  * @author     Christopher Kvarme <christopher.kvarme@flashjab.com>
- * @author credits to Monte Ohrt <monte at ohrt dot com>
+ * @author     credits to Monte Ohrt <monte at ohrt dot com>
  * @version    1.0
- * @param array $params parameters
+ *
+ * @param array  $params   parameters
  * @param object $template template object
+ *
  * @return string
- * @uses smarty_function_escape_special_chars()
+ * @uses       smarty_function_escape_special_chars()
  */
 function smarty_function_html_checkboxes($params, $template)
 {
@@ -89,7 +90,7 @@ function smarty_function_html_checkboxes($params, $template)
                             if (method_exists($_sel, "__toString")) {
                                 $_sel = smarty_function_escape_special_chars((string) $_sel->__toString());
                             } else {
-                                trigger_error("html_checkboxes: selected attribute contains an object of class '". get_class($_sel) ."' without __toString() method", E_USER_NOTICE);
+                                trigger_error("html_checkboxes: selected attribute contains an object of class '" . get_class($_sel) . "' without __toString() method", E_USER_NOTICE);
                                 continue;
                             }
                         } else {
@@ -101,7 +102,7 @@ function smarty_function_html_checkboxes($params, $template)
                     if (method_exists($_val, "__toString")) {
                         $selected = smarty_function_escape_special_chars((string) $_val->__toString());
                     } else {
-                        trigger_error("html_checkboxes: selected attribute is an object of class '". get_class($_val) ."' without __toString() method", E_USER_NOTICE);
+                        trigger_error("html_checkboxes: selected attribute is an object of class '" . get_class($_val) . "' without __toString() method", E_USER_NOTICE);
                     }
                 } else {
                     $selected = smarty_function_escape_special_chars((string) $_val);
@@ -116,7 +117,8 @@ function smarty_function_html_checkboxes($params, $template)
             case 'assign':
                 break;
 
-            case 'strict': break;
+            case 'strict':
+                break;
 
             case 'disabled':
             case 'readonly':
@@ -131,11 +133,11 @@ function smarty_function_html_checkboxes($params, $template)
 
                     break;
                 }
-                // omit break; to fall through!
+            // omit break; to fall through!
 
             default:
                 if (!is_array($_val)) {
-                    $extra .= ' '.$_key.'="'.smarty_function_escape_special_chars($_val).'"';
+                    $extra .= ' ' . $_key . '="' . smarty_function_escape_special_chars($_val) . '"';
                 } else {
                     trigger_error("html_checkboxes: extra attribute '$_key' cannot be an array", E_USER_NOTICE);
                 }
@@ -143,17 +145,18 @@ function smarty_function_html_checkboxes($params, $template)
         }
     }
 
-    if (!isset($options) && !isset($values))
-        return ''; /* raise error here? */
+    if (!isset($options) && !isset($values)) {
+        return '';
+    } /* raise error here? */
 
     $_html_result = array();
 
     if (isset($options)) {
-        foreach ($options as $_key=>$_val) {
+        foreach ($options as $_key => $_val) {
             $_html_result[] = smarty_function_html_checkboxes_output($name, $_key, $_val, $selected, $extra, $separator, $labels, $label_ids, $escape);
         }
     } else {
-        foreach ($values as $_i=>$_key) {
+        foreach ($values as $_i => $_key) {
             $_val = isset($output[$_i]) ? $output[$_i] : '';
             $_html_result[] = smarty_function_html_checkboxes_output($name, $_key, $_val, $selected, $extra, $separator, $labels, $label_ids, $escape);
         }
@@ -164,10 +167,9 @@ function smarty_function_html_checkboxes($params, $template)
     } else {
         return implode("\n", $_html_result);
     }
-
 }
 
-function smarty_function_html_checkboxes_output($name, $value, $output, $selected, $extra, $separator, $labels, $label_ids, $escape=true)
+function smarty_function_html_checkboxes_output($name, $value, $output, $selected, $extra, $separator, $labels, $label_ids, $escape = true)
 {
     $_output = '';
 
@@ -175,7 +177,7 @@ function smarty_function_html_checkboxes_output($name, $value, $output, $selecte
         if (method_exists($value, "__toString")) {
             $value = (string) $value->__toString();
         } else {
-            trigger_error("html_options: value is an object of class '". get_class($value) ."' without __toString() method", E_USER_NOTICE);
+            trigger_error("html_options: value is an object of class '" . get_class($value) . "' without __toString() method", E_USER_NOTICE);
 
             return '';
         }
@@ -187,7 +189,7 @@ function smarty_function_html_checkboxes_output($name, $value, $output, $selecte
         if (method_exists($output, "__toString")) {
             $output = (string) $output->__toString();
         } else {
-            trigger_error("html_options: output is an object of class '". get_class($output) ."' without __toString() method", E_USER_NOTICE);
+            trigger_error("html_options: output is an object of class '" . get_class($output) . "' without __toString() method", E_USER_NOTICE);
 
             return '';
         }
@@ -229,7 +231,7 @@ function smarty_function_html_checkboxes_output($name, $value, $output, $selecte
         $_output .= '</label>';
     }
 
-    $_output .=  $separator;
+    $_output .= $separator;
 
     return $_output;
 }

lib/classes/Smarty-3.1.21/libs/plugins/function.html_image.php

@@ -2,13 +2,12 @@
 /**
  * Smarty plugin
  *
- * @package Smarty
+ * @package    Smarty
  * @subpackage PluginsFunction
  */
 
 /**
  * Smarty {html_image} function plugin
- *
  * Type:     function<br>
  * Name:     html_image<br>
  * Date:     Feb 24, 2003<br>
@@ -24,15 +23,18 @@
  * - path_prefix - prefix for path output (optional, default empty)
  * </pre>
  *
- * @link http://www.smarty.net/manual/en/language.function.html.image.php {html_image}
- *      (Smarty online manual)
- * @author Monte Ohrt <monte at ohrt dot com>
- * @author credits to Duda <duda@big.hu>
+ * @link    http://www.smarty.net/manual/en/language.function.html.image.php {html_image}
+ *          (Smarty online manual)
+ * @author  Monte Ohrt <monte at ohrt dot com>
+ * @author  credits to Duda <duda@big.hu>
  * @version 1.0
+ *
  * @param array                    $params   parameters
  * @param Smarty_Internal_Template $template template object
+ *
+ * @throws SmartyException
  * @return string
- * @uses smarty_function_escape_special_chars()
+ * @uses    smarty_function_escape_special_chars()
  */
 function smarty_function_html_image($params, $template)
 {
@@ -112,7 +114,7 @@ function smarty_function_html_image($params, $template)
             }
         } else {
             // local file
-            if (!$template->smarty->security_policy->isTrustedResourceDir($params['file'])) {
+            if (!$template->smarty->security_policy->isTrustedResourceDir($_image_path)) {
                 return;
             }
         }