set version to 0.9.35.1; fix updater :x

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
set version to 0.9.35 final for upcoming release
2016-04-08 13:52:06 +02:00 · 2016-04-08 12:54:17 +02:00 · 2016-04-07 07:56:16 +02:00 · 2016-03-31 15:43:15 +02:00 · 2016-03-31 15:02:04 +02:00 · 2016-03-23 18:40:54 +01:00
1146 changed files with 31105 additions and 77850 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,3 @@
-lib/classes/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/*/
 templates/*
 logs/*
 install/update.log
@@ -7,3 +6,6 @@ install/update.log
 .settings/
 *.diff
 *~
+.well-known
+.idea
+*.iml
--- a/README.md
+++ b/README.md
@@ -51,10 +51,24 @@ http://files.froxlor.org/releases/froxlor-latest.tar.gz [MD5](http://files.froxl
 [HowTo](http://redmine.froxlor.org/projects/froxlor/wiki/Installationdebian)

 /etc/apt/sources.list.d/froxlor.list
-> deb http://debian.froxlor.org [squeeze|wheezy] main
+> deb http://debian.froxlor.org {wheezy|jessie} main

 ### Gentoo repository

 [HowTo](http://redmine.froxlor.org/projects/froxlor/wiki/Installationgentoo)

 http://files.froxlor.org/gentoo/repositories.xml
+
+## Let's Encrypt support
+
+This version of Froxlor contains a test implementation of support for [Let's Encrypt](https://letsencrypt.org). This is (as Let's Encrypt is in itself)
+still a beta version and may break your system. The way it currently works is by creating a (sub-)domain with the default system - certificate,
+after which the Let's Encrypt cronjob orders the certificate for this (sub-)domain and inserts the certificates in the database. With the next run
+of the default cronjob, the certificates will be updated on the disk and the webserver reloaded.
+
+This has 2 known side-effects at the moment:
+* The basic ip/port combinations don't work with the Froxlor - integration of Let's Encrypt, since it needs a certificate for the very first creation
+* After creating a domain, it will have the default certificate for a short time (by default 5 minutes until the cronjob runs the next time)
+
+It may be possible to fix these issues, but they are not a priority at the moment
+
--- a/actions/admin/settings/100.panel.php
+++ b/actions/admin/settings/100.panel.php
@@ -182,7 +182,7 @@ return array(
 					'settinggroup' => 'admin',
 					'varname' => 'show_news_feed',
 					'type' => 'bool',
-					'default' => true,
+					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
 				'customer_show_news_feed' => array(
@@ -190,7 +190,7 @@ return array(
 					'settinggroup' => 'customer',
 					'varname' => 'show_news_feed',
 					'type' => 'bool',
-					'default' => true,
+					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
 				'customer_news_feed_url' => array(
--- a/actions/admin/settings/110.accounts.php
+++ b/actions/admin/settings/110.accounts.php
@@ -107,7 +107,7 @@ return array(
 					'settinggroup' => 'panel',
 					'varname' => 'password_special_char',
 					'type' => 'string',
-					'default' => '!?<>§$%&+#=@',
+					'default' => '!?<>§$%+#=@',
 					'save_method' => 'storeSettingField',
 					),
 				'panel_password_regex' => array(
--- a/actions/admin/settings/120.system.php
+++ b/actions/admin/settings/120.system.php
@@ -55,7 +55,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'defaultip',
 					'type' => 'option',
-					'option_mode' => 'one',
+					'option_mode' => 'multiple',
 					'option_options_method' => 'getIpPortCombinations',
 					'default' => '',
 					'save_method' => 'storeSettingDefaultIp',
--- a/actions/admin/settings/125.cronjob.php
+++ b/actions/admin/settings/125.cronjob.php
@@ -34,7 +34,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'croncmdline',
 					'type' => 'string',
-					'default' => '/usr/bin/nice -n 5 /usr/bin/php5 -q',
+					'default' => '/usr/bin/nice -n 5 /usr/bin/php -q',
 					'save_method' => 'storeSettingField',
 					),
 				'system_crondreload' => array(
--- a/actions/admin/settings/130.webserver.php
+++ b/actions/admin/settings/130.webserver.php
@@ -43,13 +43,23 @@ return array(
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('apache2')
 					),
+			    'system_apache_itksupport' => array(
+			        'label' => $lng['serversettings']['apache_itksupport'],
+			        'settinggroup' => 'system',
+			        'varname' => 'apacheitksupport',
+			        'type' => 'bool',
+			        'default' => false,
+			        'save_method' => 'storeSettingField',
+			        'visible' => (Settings::Get('system.mod_fcgid') == 0 && Settings::Get('phpfpm.enabled') == 0),
+			        'websrv_avail' => array('apache2')
+			    ),
 				'system_httpuser' => array(
 					'label' => $lng['admin']['webserver_user'],
 					'settinggroup' => 'system',
 					'varname' => 'httpuser',
 					'type' => 'string',
 					'default' => 'www-data',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingWebserverFcgidFpmUser',
 					),
 				'system_httpgroup' => array(
 					'label' => $lng['admin']['webserver_group'],
--- a/actions/admin/settings/131.ssl.php
+++ b/actions/admin/settings/131.ssl.php
@@ -37,7 +37,7 @@ return array(
 									'varname' => 'ssl_cipher_list',
 									'type' => 'string',
 									'string_emptyallowed' => false,
-									'default' => 'ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH',
+									'default' => 'ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128',
 									'save_method' => 'storeSettingField',
 							),
 							'system_ssl_cert_file' => array(
@@ -79,7 +79,70 @@ return array(
 									'string_emptyallowed' => true,
 									'default' => '',
 									'save_method' => 'storeSettingField',
-							)
+							),
+							'system_leenabled' => array(
+							        'label' => $lng['serversettings']['leenabled'],
+							        'settinggroup' => 'system',
+							        'varname' => 'leenabled',
+							        'type' => 'bool',
+							        'default' => false,
+							        'cronmodule' => 'froxlor/letsencrypt',
+							        'save_method' => 'storeSettingField'
+							),
+							'system_letsencryptca' => array(
+									'label' => $lng['serversettings']['letsencryptca'],
+									'settinggroup' => 'system',
+									'varname' => 'letsencryptca',
+									'type' => 'option',
+									'default' => 'testing',
+									'option_mode' => 'one',
+									'option_options' => array('testing' => 'https://acme-staging.api.letsencrypt.org (Test)', 'production' => 'https://acme-v01.api.letsencrypt.org (Live)'),
+									'save_method' => 'storeSettingField',
+							),
+							'system_letsencryptcountrycode' => array(
+									'label' => $lng['serversettings']['letsencryptcountrycode'],
+									'settinggroup' => 'system',
+									'varname' => 'letsencryptcountrycode',
+									'type' => 'string',
+									'string_emptyallowed' => false,
+									'default' => 'DE',
+									'save_method' => 'storeSettingField',
+							),
+							'system_letsencryptstate' => array(
+									'label' => $lng['serversettings']['letsencryptstate'],
+									'settinggroup' => 'system',
+									'varname' => 'letsencryptstate',
+									'type' => 'string',
+									'string_emptyallowed' => false,
+									'default' => 'Germany',
+									'save_method' => 'storeSettingField',
+							),
+							'system_letsencryptchallengepath' => array(
+									'label' => $lng['serversettings']['letsencryptchallengepath'],
+									'settinggroup' => 'system',
+									'varname' => 'letsencryptchallengepath',
+									'type' => 'string',
+									'string_emptyallowed' => false,
+									'default' => FROXLOR_INSTALL_DIR,
+									'save_method' => 'storeSettingField',
+							),
+							'system_letsencryptkeysize' => array(
+									'label' => $lng['serversettings']['letsencryptkeysize'],
+									'settinggroup' => 'system',
+									'varname' => 'letsencryptkeysize',
+									'type' => 'int',
+									'int_min' => 2048,
+									'default' => 4096,
+									'save_method' => 'storeSettingField',
+							),
+							'system_letsencryptreuseold' => array(
+									'label' => $lng['serversettings']['letsencryptreuseold'],
+									'settinggroup' => 'system',
+									'varname' => 'letsencryptreuseold',
+									'type' => 'bool',
+									'default' => false,
+									'save_method' => 'storeSettingField',
+							),
 					)
 			)
 		)
--- a/actions/admin/settings/135.fcgid.php
+++ b/actions/admin/settings/135.fcgid.php
@@ -112,7 +112,7 @@ return array(
 					'varname' => 'mod_fcgid_httpuser',
 					'type' => 'string',
 					'default' => 'froxlorlocal',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingWebserverFcgidFpmUser',
 					'websrv_avail' => array('apache2')
 					),
 				'system_mod_fcgid_httpgroup' => array(
--- a/actions/admin/settings/136.phpfpm.php
+++ b/actions/admin/settings/136.phpfpm.php
@@ -44,7 +44,7 @@ return array(
 					'varname' => 'vhost_httpuser',
 					'type' => 'string',
 					'default' => 'froxlorlocal',
-					'save_method' => 'storeSettingField'
+					'save_method' => 'storeSettingWebserverFcgidFpmUser'
 					),
 				'system_phpfpm_httpgroup' => array(
 					'label' => $lng['phpfpm']['vhost_httpgroup'],
--- a/actions/admin/settings/160.nameserver.php
+++ b/actions/admin/settings/160.nameserver.php
@@ -73,7 +73,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'axfrservers',
 					'type' => 'string',
-					'string_type' => 'validate_ip',
+					'string_type' => 'validate_ip_incl_private',
 					'string_delimiter' => ',',
 					'string_emptyallowed' => true,
 					'default' => '',
--- a/actions/admin/settings/170.logger.php
+++ b/actions/admin/settings/170.logger.php
@@ -65,8 +65,14 @@ return array(
 					'label' => $lng['serversettings']['logger']['logcron'],
 					'settinggroup' => 'logger',
 					'varname' => 'log_cron',
-					'type' => 'bool',
-					'default' => false,
+					'type' => 'option',
+					'default' => 0,
+					'option_mode' => 'one',
+					'option_options' => array(
+							0 => $lng['serversettings']['logger']['logcronoption']['never'],
+							1 => $lng['serversettings']['logger']['logcronoption']['once'],
+							2 => $lng['serversettings']['logger']['logcronoption']['always']
+						),
 					'save_method' => 'storeSettingField',
 					),
 				),
@@ -74,4 +80,4 @@ return array(
 		)
 	);

-?>
+?>
--- a/actions/admin/settings/210.security.php
+++ b/actions/admin/settings/210.security.php
@@ -45,7 +45,7 @@ return array(
 					'type' => 'option',
 					'default' => 0,
 					'option_mode' => 'one',
-					'option_options' => array(0 => $lng['serversettings']['systemdefault'], 1 => 'MD5', 2 => 'BLOWFISH', 3 => 'SHA-256', 4 => 'SHA-512'),
+					'option_options_method' => 'getAvailablePasswordHashes',
 					'save_method' => 'storeSettingField',
 					),
 				'system_allow_error_report_admin' => array(
--- a/admin_admins.php
+++ b/admin_admins.php
@@ -93,6 +93,9 @@ if ($page == 'admins'

 				$row = str_replace_array('-1', 'UL', $row, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps subdomains tickets');
 				$row = htmlentities_array($row);
+
+				$row['custom_notes'] = ($row['custom_notes'] != '') ? nl2br($row['custom_notes']) : '';
+
 				eval("\$admins.=\"" . getTemplate("admins/admins_admin") . "\";");
 				$count++;
 			}
@@ -152,7 +155,6 @@ if ($page == 'admins'
 		if ($result['loginname'] != '') {
 			if ($result['adminid'] == $userinfo['userid']) {
 				standard_error('youcantdeleteyourself');
-				exit;
 			}

 			if (isset($_POST['send'])
@@ -198,6 +200,12 @@ if ($page == 'admins'
 			$name = validate($_POST['name'], 'name');
 			$email = $idna_convert->encode(validate($_POST['email'], 'email'));

+			$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+			$custom_notes_show = 0;
+			if (isset($_POST['custom_notes_show'])) {
+			    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+			}
+
 			$loginname = validate($_POST['loginname'], 'loginname');
 			$password = validate($_POST['admin_password'], 'password');
 			$password = validatePassword($password);
@@ -366,7 +374,7 @@ if ($page == 'admins'

 				$ins_data = array(
 					'loginname' => $loginname,
-					'password' => md5($password),
+					'password' => makeCryptPassword($password),
 					'name' => $name,
 					'email' => $email,
 					'lang' => $def_language,
@@ -388,7 +396,9 @@ if ($page == 'admins'
 					'tickets_see_all' => $tickets_see_all,
 					'mysqls' => $mysqls,
 					'ip' => $ipaddress,
-					'theme' => $_theme
+					'theme' => $_theme,
+					'custom_notes' => $custom_notes,
+					'custom_notes_show' => $custom_notes_show
 				);

 				$ins_stmt = Database::prepare("
@@ -416,7 +426,9 @@ if ($page == 'admins'
 					`tickets_see_all` = :tickets_see_all,
 					`mysqls` = :mysqls,
 					`ip` = :ip,
-					`theme` = :theme
+					`theme` = :theme,
+					`custom_notes` = :custom_notes,
+					`custom_notes_show` = :custom_notes_show
 				");
 				Database::pexecute($ins_stmt, $ins_data);

@@ -433,19 +445,12 @@ if ($page == 'admins'
 			}

 			$ipaddress = makeoption($lng['admin']['allips'], "-1");
-			$ips = array();
 			$ipsandports_stmt = Database::query("
-				SELECT `id`, `ip` FROM `" . TABLE_PANEL_IPSANDPORTS . "` ORDER BY `ip`, `port` ASC
+				SELECT `id`, `ip` FROM `" . TABLE_PANEL_IPSANDPORTS . "` GROUP BY `ip` ORDER BY `ip` ASC
 			");

 			while ($row = $ipsandports_stmt->fetch(PDO::FETCH_ASSOC)) {
-				if (filter_var($row['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
-					$row['ip'] = '[' . $row['ip'] . ']';
-				}
-				if (!in_array($row['ip'], $ips)) {
-					$ipaddress.= makeoption($row['ip'], $row['id']);
-					$ips[] = $row['ip'];
-				}
+				$ipaddress.= makeoption($row['ip'], $row['id']);
 			}

 			$customers_ul = makecheckbox('customers_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
@@ -487,6 +492,12 @@ if ($page == 'admins'
 				$name = validate($_POST['name'], 'name');
 				$email = $idna_convert->encode(validate($_POST['email'], 'email'));

+				$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+				$custom_notes_show = $result['custom_notes_show'];
+				if (isset($_POST['custom_notes_show'])) {
+				    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+				}
+
 				if ($result['adminid'] == $userinfo['userid']) {

 					$password = '';
@@ -624,7 +635,7 @@ if ($page == 'admins'
 				} else {
 					if ($password != '') {
 						$password = validatePassword($password);
-						$password = md5($password);
+						$password = makeCryptPassword($password);
 					} else {
 						$password = $result['password'];
 					}
@@ -721,6 +732,8 @@ if ($page == 'admins'
 						'mysqls' => $mysqls,
 						'ip' => $ipaddress,
 						'deactivated' => $deactivated,
+						'custom_notes' => $custom_notes,
+						'custom_notes_show' => $custom_notes_show,
 						'adminid' => $id
 					);

@@ -748,7 +761,9 @@ if ($page == 'admins'
 						`tickets_see_all` = :tickets_see_all,
 						`mysqls` = :mysqls,
 						`ip` = :ip,
-						`deactivated` = :deactivated
+						`deactivated` = :deactivated,
+						`custom_notes` = :custom_notes,
+						`custom_notes_show` = :custom_notes_show
 						WHERE `adminid` = :adminid
 					");
 					Database::pexecute($upd_stmt, $upd_data);
@@ -830,19 +845,12 @@ if ($page == 'admins'
 				}

 				$ipaddress = makeoption($lng['admin']['allips'], "-1", $result['ip']);
-				$ips = array();
 				$ipsandports_stmt = Database::query("
-					SELECT `id`, `ip` FROM `" . TABLE_PANEL_IPSANDPORTS . "` ORDER BY `ip`, `port` ASC
+					SELECT `id`, `ip` FROM `" . TABLE_PANEL_IPSANDPORTS . "` GROUP BY `ip` ORDER BY `ip`, `port` ASC
 				");

 				while ($row = $ipsandports_stmt->fetch(PDO::FETCH_ASSOC)) {
-					if (filter_var($row['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
-						$row['ip'] = '[' . $row['ip'] . ']';
-					}
-					if (!in_array($row['ip'], $ips)) {
-						$ipaddress.= makeoption($row['ip'], $row['id'], $result['ip']);
-						$ips[] = $row['ip'];
-					}
+					$ipaddress.= makeoption($row['ip'], $row['id'], $result['ip']);
 				}

 				$result = htmlentities_array($result);
--- a/admin_apcuinfo.php
+++ b/admin_apcuinfo.php
@@ -0,0 +1,415 @@
+<?php
+
+/*
+  +----------------------------------------------------------------------+
+  | APC                                                                  |
+  +----------------------------------------------------------------------+
+  | Copyright (c) 2006-2011 The PHP Group                                |
+  +----------------------------------------------------------------------+
+  | This source file is subject to version 3.01 of the PHP license,      |
+  | that is bundled with this package in the file LICENSE, and is        |
+  | available through the world-wide-web at the following url:           |
+  | http://www.php.net/license/3_01.txt                                  |
+  | If you did not receive a copy of the PHP license and are unable to   |
+  | obtain it through the world-wide-web, please send a note to          |
+  | license@php.net so we can mail you a copy immediately.               |
+  +----------------------------------------------------------------------+
+  | Authors: Ralf Becker <beckerr@php.net>                               |
+  |          Rasmus Lerdorf <rasmus@php.net>                             |
+  |          Ilia Alshanetsky <ilia@prohost.org>                         |
+  +----------------------------------------------------------------------+
+
+   All other licensing and usage conditions are those of the PHP Group.
+
+   Based on https://github.com/krakjoe/apcu/blob/master/apc.php
+   Implemented into Froxlor: Janos Muzsi <muzsij@hypernics.hu>
+
+ */
+
+define('AREA', 'admin');
+require './lib/init.php';
+
+
+$horizontal_bar_size = 950; // 1280px window width
+
+if ($action == 'delete' &&
+        function_exists('apcu_clear_cache') &&
+        $userinfo['change_serversettings'] == '1'
+) {
+    apcu_clear_cache();
+    $log->logAction(ADM_ACTION, LOG_INFO, "cleared APCu cache");
+    header('Location: ' . $linker->getLink(array('section' => 'apcuinfo', 'page' => 'showinfo')));
+    exit();
+}
+
+if (!function_exists('apcu_cache_info') ||
+        !function_exists('apcu_sma_info')
+) {
+    standard_error($lng['error']['no_apcuinfo']);
+}
+
+if ($page == 'showinfo'
+) {
+    $cache = apcu_cache_info();
+    $mem = apcu_sma_info();
+    $time = time();
+    $log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_apcuinfo");
+
+    $passtime = $time - $cache['start_time'] > 0 ? $time - $cache['start_time'] : 1; // zero division
+    $mem_size = $mem['num_seg'] * $mem['seg_size'];
+    $mem_avail = $mem['avail_mem'];
+    $mem_used = $mem_size - $mem_avail;
+    $seg_size = bsize($mem['seg_size']);
+    $sharedmem = sprintf($lng['apcuinfo']['sharedmemval'], $mem['num_seg'], $seg_size, $cache['memory_type']);
+    $req_rate_user = sprintf("%.2f", $cache['num_hits'] ? (($cache['num_hits'] + $cache['num_misses']) / $passtime) : 0);
+    $hit_rate_user = sprintf("%.2f", $cache['num_hits'] ? (($cache['num_hits']) / $passtime) : 0);
+    $miss_rate_user = sprintf("%.2f", $cache['num_misses'] ? (($cache['num_misses']) / $passtime) : 0);
+    $insert_rate_user = sprintf("%.2f", $cache['num_inserts'] ? (($cache['num_inserts']) / $passtime) : 0);
+    $apcversion = phpversion('apcu');
+    $phpversion = phpversion();
+    $number_vars = $cache['num_entries'];
+    $starttime = date('Y-m-d H:i:s', $cache['start_time']);
+    $uptime_duration = duration($cache['start_time']);
+    $size_vars = bsize($cache['mem_size']);
+
+    // check for possible empty values that are used in the templates
+    if (!isset($cache['file_upload_progress'])) {
+        $cache['file_upload_progress'] = $lng['logger']['unknown'];
+    }
+
+    if (!isset($cache['num_expunges'])) {
+        $cache['num_expunges'] = $lng['logger']['unknown'];
+    }
+
+    $runtimelines = '';
+    foreach (ini_get_all('apcu') as $name => $v) {
+        $value = $v['local_value'];
+        eval("\$runtimelines.=\"" . getTemplate("settings/apcuinfo/runtime_line") . "\";");
+    }
+
+    $freemem = bsize($mem_avail) . sprintf(" (%.1f%%)", $mem_avail * 100 / $mem_size);
+    $usedmem = bsize($mem_used) . sprintf(" (%.1f%%)", $mem_used * 100 / $mem_size);
+    $hits = $cache['num_hits'] . @sprintf(" (%.1f%%)", $cache['num_hits'] * 100 / ($cache['num_hits'] + $cache['num_misses']));
+    $misses = $cache['num_misses'] . @sprintf(" (%.1f%%)", $cache['num_misses'] * 100 / ($cache['num_hits'] + $cache['num_misses']));
+
+    // Fragementation: (freeseg - 1) / total_seg
+    $nseg = $freeseg = $fragsize = $freetotal = 0;
+    for ($i = 0; $i < $mem['num_seg']; $i++) {
+        $ptr = 0;
+        foreach ($mem['block_lists'][$i] as $block) {
+            if ($block['offset'] != $ptr) {
+                ++$nseg;
+            }
+            $ptr = $block['offset'] + $block['size'];
+            /* Only consider blocks <5M for the fragmentation % */
+            if ($block['size'] < (5 * 1024 * 1024))
+                $fragsize+=$block['size'];
+            $freetotal+=$block['size'];
+        }
+        $freeseg += count($mem['block_lists'][$i]);
+    }
+
+    if ($freeseg > 1) {
+        $frag = sprintf("%.2f%% (%s out of %s in %d fragments)", ($fragsize / $freetotal) * 100, bsize($fragsize), bsize($freetotal), $freeseg);
+    } else {
+        $frag = "0%";
+    }
+
+    foreach (ini_get_all('apcu') as $name => $v) {
+        $value = $v['local_value'];
+    }
+
+    $img_src1 = '';
+    $img_src2 = '';
+    $img_src3 = '';
+    if (graphics_avail()) {
+        $img_src = $linker->getLink(array('section' => 'apcuinfo', 'page' => 'img1', 'action' => mt_rand(0, 1000000)));
+        eval("\$img_src1=\"" . getTemplate("settings/apcuinfo/img_line") . "\";");
+        $img_src = $linker->getLink(array('section' => 'apcuinfo', 'page' => 'img2', 'action' => mt_rand(0, 1000000)));
+        eval("\$img_src2=\"" . getTemplate("settings/apcuinfo/img_line") . "\";");
+        $img_src = $linker->getLink(array('section' => 'apcuinfo', 'page' => 'img3', 'action' => mt_rand(0, 1000000)));
+        eval("\$img_src3=\"" . getTemplate("settings/apcuinfo/img_line") . "\";");
+    }
+
+    eval("echo \"" . getTemplate("settings/apcuinfo/showinfo") . "\";");
+    
+} elseif ($page == 'img1'
+) {
+
+    $mem = apcu_sma_info();
+
+    $size = 460;
+    $image = imagecreate($size + 5, $size + 5);
+
+    $col_white = imagecolorallocate($image, 0xFF, 0xFF, 0xFF);
+    $col_red = imagecolorallocate($image, 0xD0, 0x60, 0x30);
+    $col_green = imagecolorallocate($image, 0x60, 0xF0, 0x60);
+    $col_black = imagecolorallocate($image, 0, 0, 0);
+
+    imagecolortransparent($image, $col_white);
+
+    $s = $mem['num_seg'] * $mem['seg_size'];
+    $a = $mem['avail_mem'];
+    $x = $y = $size / 2;
+    $fuzz = 0.000001;
+
+    // This block of code creates the pie chart.  It is a lot more complex than you
+    // would expect because we try to visualize any memory fragmentation as well.
+    $angle_from = 0;
+    $string_placement = array();
+    for ($i = 0; $i < $mem['num_seg']; $i++) {
+        $ptr = 0;
+        $free = $mem['block_lists'][$i];
+        uasort($free, 'block_sort');
+        foreach ($free as $block) {
+            if ($block['offset'] != $ptr) {       // Used block
+                $angle_to = $angle_from + ($block['offset'] - $ptr) / $s;
+                if (($angle_to + $fuzz) > 1)
+                    $angle_to = 1;
+                if (($angle_to * 360) - ($angle_from * 360) >= 1) {
+                    fill_arc($image, $x, $y, $size, $angle_from * 360, $angle_to * 360, $col_black, $col_red);
+                    if (($angle_to - $angle_from) > 0.05) {
+                        array_push($string_placement, array($angle_from, $angle_to));
+                    }
+                }
+                $angle_from = $angle_to;
+            }
+            $angle_to = $angle_from + ($block['size']) / $s;
+            if (($angle_to + $fuzz) > 1)
+                $angle_to = 1;
+            if (($angle_to * 360) - ($angle_from * 360) >= 1) {
+                fill_arc($image, $x, $y, $size, $angle_from * 360, $angle_to * 360, $col_black, $col_green);
+                if (($angle_to - $angle_from) > 0.05) {
+                    array_push($string_placement, array($angle_from, $angle_to));
+                }
+            }
+            $angle_from = $angle_to;
+            $ptr = $block['offset'] + $block['size'];
+        }
+        if ($ptr < $mem['seg_size']) { // memory at the end
+            $angle_to = $angle_from + ($mem['seg_size'] - $ptr) / $s;
+            if (($angle_to + $fuzz) > 1)
+                $angle_to = 1;
+            fill_arc($image, $x, $y, $size, $angle_from * 360, $angle_to * 360, $col_black, $col_red);
+            if (($angle_to - $angle_from) > 0.05) {
+                array_push($string_placement, array($angle_from, $angle_to));
+            }
+        }
+    }
+    foreach ($string_placement as $angle) {
+        text_arc($image, $x, $y, $size, $angle[0] * 360, $angle[1] * 360, $col_black, bsize($s * ($angle[1] - $angle[0])));
+    }
+
+    header("Content-type: image/png");
+    imagepng($image);
+    exit;
+} elseif ($page == 'img2'
+) {
+
+    $cache = apcu_cache_info();
+
+    $size = $horizontal_bar_size;
+    $image = imagecreate($size + 5, 140);
+
+    $col_white = imagecolorallocate($image, 0xFF, 0xFF, 0xFF);
+    $col_red = imagecolorallocate($image, 0xD0, 0x60, 0x30);
+    $col_green = imagecolorallocate($image, 0x60, 0xF0, 0x60);
+    $col_black = imagecolorallocate($image, 0, 0, 0);
+
+    imagecolortransparent($image, $col_white);
+
+    $s = $cache['num_hits'] + $cache['num_misses'];
+    $a = $cache['num_hits'];
+
+    fill_box($image, 1, 10, $s ? ($a * ($size - 21) / $s) : $size, 50, $col_black, $col_green/* , sprintf("%.1f%%", $s ? $cache['num_hits'] * 100 / $s : 0) */);
+    fill_box($image, 1, 80, $s ? max(4, ($s - $a) * ($size - 21) / $s) : $size, 50, $col_black, $col_red/* , sprintf("%.1f%%", $s ? $cache['num_misses'] * 100 / $s : 0) */);
+
+    header("Content-type: image/png");
+    imagepng($image);
+    exit;
+} elseif ($page == 'img3'
+) {
+
+    $mem = apcu_sma_info();
+
+    $size = $horizontal_bar_size;
+    $image = imagecreate($size, 70);
+
+    $col_white = imagecolorallocate($image, 0xFF, 0xFF, 0xFF);
+    $col_red = imagecolorallocate($image, 0xD0, 0x60, 0x30);
+    $col_green = imagecolorallocate($image, 0x60, 0xF0, 0x60);
+    $col_black = imagecolorallocate($image, 0, 0, 0);
+
+    imagecolortransparent($image, $col_white);
+
+    $s = $mem['num_seg'] * $mem['seg_size'];
+    $a = $mem['avail_mem'];
+    $x = 10;
+    $y = 0;
+
+    // This block of code creates the bar chart.  It is a lot more complex than you
+    // would expect because we try to visualize any memory fragmentation as well.
+    for ($i = 0; $i < $mem['num_seg']; $i++) {
+        $ptr = 0;
+        $free = $mem['block_lists'][$i];
+        uasort($free, 'block_sort');
+        foreach ($free as $block) {
+            if ($block['offset'] != $ptr) {       // Used block
+                $h = ($size - 5) * ($block['offset'] - $ptr) / $s;
+                if ($h > 0) {
+                    fill_box($image, $y, $x, $h, 50, $col_black, $col_red);
+                }
+                $y+=$h;
+            }
+            $h = ($size - 5) * ($block['size']) / $s;
+            if ($h > 0) {
+                fill_box($image, $y, $x, $h, 50, $col_black, $col_green);
+            }
+            $y+=$h;
+            $ptr = $block['offset'] + $block['size'];
+        }
+        if ($ptr < $mem['seg_size']) { // memory at the end
+            $h = ($size - 5) * ($mem['seg_size'] - $ptr) / $s;
+            if ($h > 0) {
+                fill_box($image, $y, $x, $h, 50, $col_black, $col_red, bsize($mem['seg_size'] - $ptr), $j++);
+            }
+        }
+    }
+
+    header("Content-type: image/png");
+    imagepng($image);
+    exit;
+}
+
+function graphics_avail() {
+    return extension_loaded('gd');
+}
+
+// pretty printer for byte values
+//
+function bsize($s) {
+    foreach (array('', 'K', 'M', 'G') as $i => $k) {
+        if ($s < 1024)
+            break;
+        $s/=1024;
+    }
+    return sprintf("%5.1f %sBytes", $s, $k);
+}
+
+function duration($ts) {
+    global $time;
+    $years = (int) ((($time - $ts) / (7 * 86400)) / 52.177457);
+    $rem = (int) (($time - $ts) - ($years * 52.177457 * 7 * 86400));
+    $weeks = (int) (($rem) / (7 * 86400));
+    $days = (int) (($rem) / 86400) - $weeks * 7;
+    $hours = (int) (($rem) / 3600) - $days * 24 - $weeks * 7 * 24;
+    $mins = (int) (($rem) / 60) - $hours * 60 - $days * 24 * 60 - $weeks * 7 * 24 * 60;
+    $str = '';
+    if ($years == 1)
+        $str .= "$years year, ";
+    if ($years > 1)
+        $str .= "$years years, ";
+    if ($weeks == 1)
+        $str .= "$weeks week, ";
+    if ($weeks > 1)
+        $str .= "$weeks weeks, ";
+    if ($days == 1)
+        $str .= "$days day,";
+    if ($days > 1)
+        $str .= "$days days,";
+    if ($hours == 1)
+        $str .= " $hours hour and";
+    if ($hours > 1)
+        $str .= " $hours hours and";
+    if ($mins == 1)
+        $str .= " 1 minute";
+    else
+        $str .= " $mins minutes";
+    return $str;
+}
+
+function block_sort($array1, $array2) {
+    if ($array1['offset'] > $array2['offset']) {
+        return 1;
+    } else {
+        return -1;
+    }
+}
+
+function fill_arc($im, $centerX, $centerY, $diameter, $start, $end, $color1, $color2, $text = '', $placeindex = 0) {
+    $r = $diameter / 2;
+    $w = deg2rad((360 + $start + ($end - $start) / 2) % 360);
+
+
+    if (function_exists("imagefilledarc")) {
+        // exists only if GD 2.0.1 is available
+        imagefilledarc($im, $centerX + 1, $centerY + 1, $diameter, $diameter, $start, $end, $color1, IMG_ARC_PIE);
+        imagefilledarc($im, $centerX, $centerY, $diameter, $diameter, $start, $end, $color2, IMG_ARC_PIE);
+        imagefilledarc($im, $centerX, $centerY, $diameter, $diameter, $start, $end, $color1, IMG_ARC_NOFILL | IMG_ARC_EDGED);
+    } else {
+        imagearc($im, $centerX, $centerY, $diameter, $diameter, $start, $end, $color2);
+        imageline($im, $centerX, $centerY, $centerX + cos(deg2rad($start)) * $r, $centerY + sin(deg2rad($start)) * $r, $color2);
+        imageline($im, $centerX, $centerY, $centerX + cos(deg2rad($start + 1)) * $r, $centerY + sin(deg2rad($start)) * $r, $color2);
+        imageline($im, $centerX, $centerY, $centerX + cos(deg2rad($end - 1)) * $r, $centerY + sin(deg2rad($end)) * $r, $color2);
+        imageline($im, $centerX, $centerY, $centerX + cos(deg2rad($end)) * $r, $centerY + sin(deg2rad($end)) * $r, $color2);
+        imagefill($im, $centerX + $r * cos($w) / 2, $centerY + $r * sin($w) / 2, $color2);
+    }
+    if ($text) {
+        if ($placeindex > 0) {
+            imageline($im, $centerX + $r * cos($w) / 2, $centerY + $r * sin($w) / 2, $diameter, $placeindex * 12, $color1);
+            imagestring($im, 4, $diameter, $placeindex * 12, $text, $color1);
+        } else {
+            imagestring($im, 4, $centerX + $r * cos($w) / 2, $centerY + $r * sin($w) / 2, $text, $color1);
+        }
+    }
+}
+
+function text_arc($im, $centerX, $centerY, $diameter, $start, $end, $color1, $text, $placeindex = 0) {
+    $r = $diameter / 2;
+    $w = deg2rad((360 + $start + ($end - $start) / 2) % 360);
+
+    if ($placeindex > 0) {
+        imageline($im, $centerX + $r * cos($w) / 2, $centerY + $r * sin($w) / 2, $diameter, $placeindex * 12, $color1);
+        imagestring($im, 4, $diameter, $placeindex * 12, $text, $color1);
+    } else {
+        imagestring($im, 4, $centerX + $r * cos($w) / 2, $centerY + $r * sin($w) / 2, $text, $color1);
+    }
+}
+
+function fill_box($im, $x, $y, $w, $h, $color1, $color2, $text = '', $placeindex = '') {
+    global $col_black;
+    $x1 = $x + $w - 1;
+    $y1 = $y + $h - 1;
+
+    imagerectangle($im, $x, $y1, $x1 + 1, $y + 1, $col_black);
+    if ($y1 > $y)
+        imagefilledrectangle($im, $x, $y, $x1, $y1, $color2);
+    else
+        imagefilledrectangle($im, $x, $y1, $x1, $y, $color2);
+    imagerectangle($im, $x, $y1, $x1, $y, $color1);
+    if ($text) {
+        if ($placeindex > 0) {
+
+            if ($placeindex < 16) {
+                $px = 5;
+                $py = $placeindex * 12 + 6;
+                imagefilledrectangle($im, $px + 90, $py + 3, $px + 90 - 4, $py - 3, $color2);
+                imageline($im, $x, $y + $h / 2, $px + 90, $py, $color2);
+                imagestring($im, 2, $px, $py - 6, $text, $color1);
+            } else {
+                if ($placeindex < 31) {
+                    $px = $x + 40 * 2;
+                    $py = ($placeindex - 15) * 12 + 6;
+                } else {
+                    $px = $x + 40 * 2 + 100 * intval(($placeindex - 15) / 15);
+                    $py = ($placeindex % 15) * 12 + 6;
+                }
+                imagefilledrectangle($im, $px, $py + 3, $px - 4, $py - 3, $color2);
+                imageline($im, $x + $w, $y + $h / 2, $px, $py, $color2);
+                imagestring($im, 2, $px + 2, $py - 6, $text, $color1);
+            }
+        } else {
+            imagestring($im, 4, $x + 5, $y1 - 16, $text, $color1);
+        }
+    }
+}
--- a/admin_autoupdate.php
+++ b/admin_autoupdate.php
@@ -0,0 +1,209 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2016 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Frontend
+ *
+ * @since      0.9.35
+ *
+ */
+
+define('AREA', 'admin');
+require './lib/init.php';
+
+// define update-uri
+define('UPDATE_URI', "https://version.froxlor.org/Froxlor/legacy/" . $version);
+define('RELEASE_URI', "https://autoupdate.froxlor.org/froxlor-{version}.zip");
+define('CHECKSUM_URI', "https://autoupdate.froxlor.org/froxlor-{version}.zip.sha256");
+
+// check for allow_url_fopen
+if (ini_get('allow_url_fopen') === false) {
+	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 1));
+}
+
+// check for archive-stuff
+if (function_exists('gzopen') === false) {
+	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 2));
+}
+
+// display initial version check
+if ($page == 'overview') {
+
+	// log our actions
+	$log->logAction(ADM_ACTION, LOG_NOTICE, "checking auto-update");
+
+	// check for new version
+	$latestversion = @file(UPDATE_URI);
+
+	if (isset($latestversion[0])) {
+		$latestversion = explode('|', $latestversion[0]);
+
+		if (is_array($latestversion)
+				&& count($latestversion) >= 1
+		) {
+			$_version = $latestversion[0];
+			$_message = isset($latestversion[1]) ? $latestversion[1] : '';
+			$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
+
+			// add the branding so debian guys are not gettings confused
+			// about their version-number
+			$version_label = $_version.$branding;
+			$version_link = $_link;
+			$message_addinfo = $_message;
+
+			// not numeric -> error-message
+			if (!preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
+				// check for customized version to not output
+				// "There is a newer version of froxlor" besides the error-message
+				redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 3));
+			} elseif (version_compare2($version, $_version) == -1) {
+				// there is a newer version - yay
+				$isnewerversion = 1;
+			} else {
+				// nothing new
+				$isnewerversion = 0;
+			}
+
+			// anzeige über version-status mit ggfls. formular
+			// zum update schritt #1 -> download
+			if ($isnewerversion == 1) {
+				$text = 'There is a newer version available. Update to version <b>'.$_version.'</b> now?<br/>(Your current version is: '.$version.')';
+				$hiddenparams = '<input type="hidden" name="newversion" value="'.$_version.'" />';
+				$yesfile = $filename.'?s='.$s.'&amp;page=getdownload';
+				eval("echo \"" . getTemplate("misc/question_yesno", true) . "\";");
+				exit;
+			}
+			elseif ($isnewerversion == 0) {
+				// all good
+			    standard_success ('noupdatesavail');
+			} else {
+				standard_error ('customized_version');
+			}
+		}
+	}
+	// error (something weird came from version.froxlor.org)
+	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 5));
+}
+// download the new archive
+elseif ($page == 'getdownload') {
+
+	// retrieve the new version from the form
+	$newversion = isset($_POST['newversion']) ? $_POST['newversion'] : null;
+
+	// valid?
+	if ($newversion !== null) {
+
+		// define files to get
+		$toLoad = str_replace('{version}', $newversion, RELEASE_URI);
+		$toCheck = str_replace('{version}', $newversion, CHECKSUM_URI);
+
+		// get archive data
+		$newArchive = @file_get_contents($toLoad);
+
+		// check for local destination folder
+		if (!is_dir(FROXLOR_INSTALL_DIR.'/updates/')) {
+			mkdir(FROXLOR_INSTALL_DIR.'/updates/');
+		}
+
+		// name archive
+		$localArchive = FROXLOR_INSTALL_DIR.'/updates/'.basename($toLoad);
+
+		$log->logAction(ADM_ACTION, LOG_NOTICE, "Downloading ".$toLoad." to ".$localArchive);
+
+		// remove old archive
+		if (file_exists($localArchive)) {
+		    @unlink($localArchive);
+		}
+
+		// store archive
+		$fh = fopen($localArchive, 'w');
+		if (!fwrite($fh, $newArchive)) {
+			redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 4));
+		}
+
+		// close file-handle
+		fclose($fh);
+
+		// validate the integrity of the downloaded file
+		$_shouldsum = @file_get_contents($toCheck);
+		if (!empty($_shouldsum)) {
+		    $_t = explode(" ", $_shouldsum);
+		    $shouldsum = $_t[0];
+		} else {
+		    $shouldsum = null;
+		}
+		$filesum = hash_file('sha256', $localArchive);
+
+		if ($filesum != $shouldsum) {
+		    redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 9));
+		}
+
+		// to the next step
+		redirectTo($filename, array('s' => $s, 'page' => 'extract', 'archive' => basename($localArchive)));
+	}
+	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 6));
+}
+// extract and install new version
+elseif ($page == 'extract') {
+
+	$toExtract = isset($_GET['archive']) ? $_GET['archive'] : null;
+	$localArchive = FROXLOR_INSTALL_DIR.'/updates/'.$toExtract;
+
+	if (isset($_POST['send'])
+			&& $_POST['send'] == 'send'
+	) {
+		// decompress from zip
+		$zip = new ZipArchive;
+		$res = $zip->open($localArchive);
+		if ($res === true) {
+		    $log->logAction(ADM_ACTION, LOG_NOTICE, "Extracting ".$localArchive." to ".dirname(FROXLOR_INSTALL_DIR));
+			$zip->extractTo(dirname(FROXLOR_INSTALL_DIR));
+			$zip->close();
+			// success - remove unused archive
+			@unlink($localArchive);
+		} else {
+			// error
+			redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 8));
+		}
+
+		// redirect to update-page?
+		redirectTo('admin_updates.php', array('s' => $s));
+	}
+
+	if (!file_exists($localArchive)) {
+		redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 7));
+	}
+
+	$text = 'Extract downloaded archive "'.$toExtract.'"?';
+	$hiddenparams = '';
+	$yesfile = $filename.'?s='.$s.'&amp;page=extract&amp;archive='.$toExtract;
+	eval("echo \"" . getTemplate("misc/question_yesno", true) . "\";");
+}
+
+// display error
+elseif ($page == 'error') {
+
+	// retrieve error-number via url-parameter
+	$errno = isset($_GET['errno']) ? (int)$_GET['errno'] : 0;
+
+	// 1 = no allow_url_fopen
+	// 2 = no Zlib
+	// 3 = custom version detected
+	// 4 = could not store archive to local hdd
+	// 5 = some weird value came from version.froxlor.org
+	// 6 = download without valid version
+	// 7 = local archive does not exist
+	// 8 = could not extract archive
+	// 9 = checksum mismatch
+	standard_error ('autoupdate_'.$errno);
+}
--- a/admin_configfiles.php
+++ b/admin_configfiles.php
@@ -2,7 +2,6 @@

 /**
 * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
 * Copyright (c) 2010 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
@@ -10,174 +9,209 @@
 * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Panel
 *
+ * @since 0.9.34
 */
-
 define('AREA', 'admin');
-$need_db_sql_data = true;
 require './lib/init.php';
-require './lib/configfiles_index.inc.php';

-$distribution = '';
-$distributions_select = '';
-$service = '';
-$services_select = '';
-$daemon = '';
-$daemons_select = '';
+if ($userinfo['change_serversettings'] == '1') {
+    
+    $replace_arr = Array(
+        '<SQL_UNPRIVILEGED_USER>' => $sql['user'],
+        '<SQL_UNPRIVILEGED_PASSWORD>' => 'MYSQL_PASSWORD',
+        '<SQL_DB>' => $sql['db'],
+        '<SQL_HOST>' => $sql['host'],
+        '<SQL_SOCKET>' => isset($sql['socket']) ? $sql['socket'] : null,
+        '<SERVERNAME>' => Settings::Get('system.hostname'),
+        '<SERVERIP>' => Settings::Get('system.ipaddress'),
+        '<NAMESERVERS>' => Settings::Get('system.nameservers'),
+        '<VIRTUAL_MAILBOX_BASE>' => Settings::Get('system.vmail_homedir'),
+        '<VIRTUAL_UID_MAPS>' => Settings::Get('system.vmail_uid'),
+        '<VIRTUAL_GID_MAPS>' => Settings::Get('system.vmail_gid'),
+        '<SSLPROTOCOLS>' => (Settings::Get('system.use_ssl') == '1') ? 'imaps pop3s' : '',
+        '<CUSTOMER_TMP>' => (Settings::Get('system.mod_fcgid_tmpdir') != '') ? makeCorrectDir(Settings::Get('system.mod_fcgid_tmpdir')) : '/tmp/',
+        '<BASE_PATH>' => makeCorrectDir(FROXLOR_INSTALL_DIR),
+        '<BIND_CONFIG_PATH>' => makeCorrectDir(Settings::Get('system.bindconf_directory')),
+        '<WEBSERVER_RELOAD_CMD>' => Settings::Get('system.apachereload_command'),
+        '<CUSTOMER_LOGS>' => makeCorrectDir(Settings::Get('system.logfiles_directory')),
+        '<FPM_IPCDIR>' => makeCorrectDir(Settings::Get('phpfpm.fastcgi_ipcdir')),
+        '<WEBSERVER_GROUP>' => Settings::Get('system.httpgroup')
+    );
+    
+    // get distro from URL param
+    $distribution = (isset($_GET['distribution']) && $_GET['distribution'] != 'choose') ? $_GET['distribution'] : "";
+    $service = (isset($_GET['service']) && $_GET['service'] != 'choose') ? $_GET['service'] : "";
+    $daemon = (isset($_GET['daemon']) && $_GET['daemon'] != 'choose') ? $_GET['daemon'] : "";
+    $distributions_select = "";
+    $services_select = "";
+    $daemons_select = "";
+    
+    $configfiles = "";
+    $services = "";
+    $daemons = "";
+    
+    $config_dir = makeCorrectDir(FROXLOR_INSTALL_DIR . '/lib/configfiles/');
+    
+    if ($distribution != "") {
+        // create configparser object
+        $configfiles = new ConfigParser($config_dir . '/' . $distribution . ".xml");
+        
+        // get distro-info
+        $dist_display = getCompleteDistroName($configfiles);
+        
+        // get all the services from the distro
+        $services = $configfiles->getServices();
+        
+        if ($service != "") {
+            
+            $daemons = $services[$service]->getDaemons();
+            
+            if ($daemon == "") {
+                foreach ($daemons as $di => $dd) {
+                    $title = $dd->title;
+                    if ($dd->default) {
+                        $title = $title." (".strtolower($lng['panel']['default']).")";
+                    }
+                    $daemons_select .= makeoption($title, $di);
+                }
+            }
+        } else {
+            foreach ($services as $si => $sd) {
+                $services_select .= makeoption($sd->title, $si);
+            }
+        }
+    } else {
+        
+        // show list of available distro's
+        $distros = glob($config_dir . '*.xml');
+        // tmp array
+        $distributions_select_data = array();
+        // read in all the distros
+        foreach ($distros as $_distribution) {
+            // get configparser object
+            $dist = new ConfigParser($_distribution);
+            // get distro-info
+            $dist_display = getCompleteDistroName($dist);
+            // store in tmp array
+            $distributions_select_data[$dist_display] = str_replace(".xml", "", strtolower(basename($_distribution)));
+        }
+        
+        // sort by distribution name
+        ksort($distributions_select_data);
+        
+        foreach ($distributions_select_data as $dist_display => $dist_index) {
+            // create select-box-option
+            $distributions_select .= makeoption($dist_display, $dist_index);
+        }
+    }
+    
+    if ($distribution != "" && $service != "" && $daemon != "") {
+        
+        $confarr = $daemons[$daemon]->getConfig();
+        
+        $configpage = '';
+        
+        $distro_editor = $configfiles->distributionEditor;

-if($userinfo['change_serversettings'] == '1')
-{
-	if(isset($_GET['distribution'])
-	   && $_GET['distribution'] != ''
-	   && isset($configfiles[$_GET['distribution']])
-	   && is_array($configfiles[$_GET['distribution']]))
-	{
-		$distribution = $_GET['distribution'];
-
-		if(isset($_GET['service'])
-		   && $_GET['service'] != ''
-		   && isset($configfiles[$distribution]['services'][$_GET['service']])
-		   && is_array($configfiles[$distribution]['services'][$_GET['service']]))
-		{
-			$service = $_GET['service'];
-
-			if(isset($_GET['daemon'])
-			   && $_GET['daemon'] != ''
-			   && isset($configfiles[$distribution]['services'][$service]['daemons'][$_GET['daemon']])
-			   && is_array($configfiles[$distribution]['services'][$service]['daemons'][$_GET['daemon']]))
-			{
-				$daemon = $_GET['daemon'];
-			}
-			else
-			{
-				foreach($configfiles[$distribution]['services'][$service]['daemons'] as $daemon_name => $daemon_details)
-				{
-					$daemons_select.= makeoption($daemon_details['label'], $daemon_name);
-				}
-			}
-		}
-		else
-		{
-			foreach($configfiles[$distribution]['services'] as $service_name => $service_details)
-			{
-				$services_select.= makeoption($service_details['label'], $service_name);
-			}
-		}
-	}
-	else
-	{
-		foreach($configfiles as $distribution_name => $distribution_details)
-		{
-			$distributions_select.= makeoption($distribution_details['label'], $distribution_name);
-		}
-	}
-
-	if($distribution != ''
-	   && $service != ''
-	   && $daemon != '')
-	{
-		$replace_arr = Array(
-			'<SQL_UNPRIVILEGED_USER>' => $sql['user'],
-			'<SQL_UNPRIVILEGED_PASSWORD>' => 'MYSQL_PASSWORD',
-			'<SQL_DB>' => $sql['db'],
-			'<SQL_HOST>' => $sql['host'],
-			'<SERVERNAME>' => Settings::Get('system.hostname'),
-			'<SERVERIP>' => Settings::Get('system.ipaddress'),
-			'<NAMESERVERS>' => Settings::Get('system.nameservers'),
-			'<VIRTUAL_MAILBOX_BASE>' => Settings::Get('system.vmail_homedir'),
-			'<VIRTUAL_UID_MAPS>' => Settings::Get('system.vmail_uid'),
-			'<VIRTUAL_GID_MAPS>' => Settings::Get('system.vmail_gid'),
-			'<SSLPROTOCOLS>' => (Settings::Get('system.use_ssl') == '1') ? 'imaps pop3s' : '',
-			'<CUSTOMER_TMP>' => (Settings::Get('system.mod_fcgid_tmpdir') != '') ? makeCorrectDir(Settings::Get('system.mod_fcgid_tmpdir')) : '/tmp/',
-			'<BASE_PATH>' => makeCorrectDir(FROXLOR_INSTALL_DIR),
-			'<BIND_CONFIG_PATH>' => makeCorrectDir(Settings::Get('system.bindconf_directory')),
-			'<WEBSERVER_RELOAD_CMD>' => Settings::Get('system.apachereload_command'),
-			'<CUSTOMER_LOGS>' => makeCorrectDir(Settings::Get('system.logfiles_directory')),
-			'<FPM_IPCDIR>' => makeCorrectDir(Settings::Get('phpfpm.fastcgi_ipcdir')),
-			'<WEBSERVER_GROUP>' => Settings::Get('system.httpgroup')
-		);
-		$files = '';
-		$configpage = '';
-		foreach($configfiles[$distribution]['services'][$service]['daemons'][$daemon] as $action => $value)
-		{
-			if(substr($action, 0, 8) == 'commands')
-			{
-				$commands = '';
-
-				if(is_array($value))
-				{
-					$commands = implode("\n", $value);
-					$commands = str_replace("\n\n", "\n", $commands);
-
-					if($commands != '')
-					{
-						eval("\$configpage.=\"" . getTemplate("configfiles/configfiles_commands") . "\";");
-					}
-				}
-			}
-			elseif(substr($action, 0, 5) == 'files')
-			{
-				$files = '';
-
-				if(is_array($value))
-				{
-					while(list($filename, $realname) = each($value))
-					{
-						$file_content = file_get_contents('./templates/misc/configfiles/' . $distribution . '/' . $daemon . '/' . $filename);
-						$file_content = strtr($file_content, $replace_arr);
-						$file_content = htmlspecialchars($file_content);
-						$numbrows = count(explode("\n", $file_content));
-						eval("\$files.=\"" . getTemplate("configfiles/configfiles_file") . "\";");
-					}
-
-					eval("\$configpage.=\"" . getTemplate("configfiles/configfiles_files") . "\";");
-				}
-			}
-		}
-
-		if(isset($configfiles[$distribution]['services'][$service]['daemons'][$daemon]['restart'])
-		   && is_array($configfiles[$distribution]['services'][$service]['daemons'][$daemon]['restart']))
-		{
-			$restart = implode("\n", $configfiles[$distribution]['services'][$service]['daemons'][$daemon]['restart']);
-		}
-		else
-		{
-			$restart = '';
-		}
-
-		eval("echo \"" . getTemplate("configfiles/configfiles") . "\";");
-	}
-	elseif($page == 'overview')
-	{
-		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_configfiles");
-		$distributions = '';
-		foreach($configfiles as $distribution_name => $distribution_details)
-		{
-			$services = '';
-			foreach($distribution_details['services'] as $service_name => $service_details)
-			{
-				$daemons = '';
-				foreach($service_details['daemons'] as $daemon_name => $daemon_details)
-				{
-					eval("\$daemons.=\"" . getTemplate("configfiles/choose_daemon") . "\";");
-				}
-
-				eval("\$services.=\"" . getTemplate("configfiles/choose_service") . "\";");
-			}
-
-			eval("\$distributions.=\"" . getTemplate("configfiles/choose_distribution") . "\";");
-		}
-
-		eval("echo \"" . getTemplate("configfiles/choose") . "\";");
-	}
-	else
-	{
-		eval("echo \"" . getTemplate("configfiles/wizard") . "\";");
-	}
+        $commands_pre = "";
+        $commands_file = "";
+        $commands_post = "";
+        
+        $lasttype = '';
+        $commands = '';
+        foreach ($confarr as $idx => $action) {
+            if ($lasttype != '' && $lasttype != $action['type']) {
+                $commands = trim($commands);
+                $numbrows = count(explode("\n", $commands));
+                eval("\$configpage.=\"" . getTemplate("configfiles/configfiles_commands") . "\";");
+                $lasttype = '';
+                $commands = '';
+            }
+            switch ($action['type']) {
+                case "install":
+                    $commands .= $action['content'] . "\n";
+                    $lasttype = "install";
+                    break;
+                case "command":
+                    $commands .= $action['content'] . "\n";
+                    $lasttype = "command";
+                    break;
+                case "file":
+                    if (array_key_exists('content', $action)) {
+                        $commands_file = getFileContentContainer($action['content'], $replace_arr, $action['name'], $distro_editor);
+                    } elseif (array_key_exists('subcommands', $action)) {
+                        foreach ($action['subcommands'] as $fileaction) {
+                            if (array_key_exists('execute', $fileaction) && $fileaction['execute'] == "pre") {
+                                $commands_pre .= $fileaction['content'] . "\n";
+                            } elseif (array_key_exists('execute', $fileaction) && $fileaction['execute'] == "post") {
+                                $commands_post .= $fileaction['content'] . "\n";
+                            } elseif ($fileaction['type'] == 'file') {
+                                $commands_file = getFileContentContainer($fileaction['content'], $replace_arr, $action['name'], $distro_editor);
+                            }
+                        }
+                    }
+                    $realname = $action['name'];
+                    $commands = trim($commands_pre);
+                    if ($commands != "") {
+                        $numbrows = count(explode("\n", $commands));
+                        eval("\$commands_pre=\"" . getTemplate("configfiles/configfiles_commands") . "\";");
+                    }
+                    $commands = trim($commands_post);
+                    if ($commands != "") {
+                        $numbrows = count(explode("\n", $commands));
+                        eval("\$commands_post=\"" . getTemplate("configfiles/configfiles_commands") . "\";");
+                    }
+                    eval("\$configpage.=\"" . getTemplate("configfiles/configfiles_subfileblock") . "\";");
+                    $commands = '';
+                    $commands_pre = '';
+                    $commands_post = '';
+                    break;
+            }
+        }
+        $commands = trim($commands);
+        if ($commands != '') {
+            $numbrows = count(explode("\n", $commands));
+            eval("\$configpage.=\"" . getTemplate("configfiles/configfiles_commands") . "\";");
+        }
+        eval("echo \"" . getTemplate("configfiles/configfiles") . "\";");
+    } else {
+        eval("echo \"" . getTemplate("configfiles/wizard") . "\";");
+    }
+} else {
+    die('not allowed to see this page');
+    // redirect or similar here
 }

-?>
+// helper functions
+function getFileContentContainer($file_content, &$replace_arr, $realname, $distro_editor)
+{
+    $files = "";
+    $file_content = trim($file_content);
+    if ($file_content != '') {
+        $file_content = strtr($file_content, $replace_arr);
+        $file_content = htmlspecialchars($file_content);
+        $numbrows = count(explode("\n", $file_content));
+        eval("\$files=\"" . getTemplate("configfiles/configfiles_file") . "\";");
+    }
+    return $files;
+}
+
+function getCompleteDistroName($cparser)
+{
+    // get distro-info
+    $dist_display = $cparser->distributionName;
+    if ($cparser->distributionCodename != '') {
+        $dist_display .= " ".$cparser->distributionCodename;
+    }
+    if ($cparser->distributionVersion != '') {
+        $dist_display .= " (" . $cparser->distributionVersion . ")";
+    }
+    if ($cparser->deprecated) {
+        $dist_display .= " [deprecated]";
+    }
+    return $dist_display;
+}
--- a/admin_customers.php
+++ b/admin_customers.php
@@ -128,6 +128,8 @@ if ($page == 'customers'
 					$traffic_percent = 100;
 				}

+				$row['custom_notes'] = ($row['custom_notes'] != '') ? nl2br($row['custom_notes']) : '';
+
 				eval("\$customers.=\"" . getTemplate("customers/customers_customer") . "\";");
 				$count++;
 			}
@@ -417,6 +419,12 @@ if ($page == 'customers'
 				$def_language = validate($_POST['def_language'], 'default language');
 				$gender = intval_ressource($_POST['gender']);

+				$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+				$custom_notes_show = 0;
+				if (isset($_POST['custom_notes_show'])) {
+				    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+				}
+
 				$diskspace = intval_ressource($_POST['diskspace']);
 				if (isset($_POST['diskspace_ul'])) {
 					$diskspace = - 1;
@@ -546,7 +554,6 @@ if ($page == 'customers'
 				   || ($subdomains == '-1' && $userinfo['subdomains'] != '-1')
 				) {
 					standard_error('youcantallocatemorethanyouhave');
-					exit;
 				}

 				// Either $name and $firstname or the $company must be inserted
@@ -632,7 +639,7 @@ if ($page == 'customers'
 					}

 					if ($password == '') {
-						$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
+						$password = generatePassword();
 					}

 					$_theme = Settings::Get('panel.default_theme');
@@ -640,7 +647,7 @@ if ($page == 'customers'
 					$ins_data = array(
 						'adminid' => $userinfo['adminid'],
 						'loginname' => $loginname,
-						'passwd' => md5($password),
+						'passwd' => makeCryptPassword($password),
 						'name' => $name,
 						'firstname' => $firstname,
 						'gender' => $gender,
@@ -669,7 +676,9 @@ if ($page == 'customers'
 						'imap' => $email_imap,
 						'pop3' => $email_pop3,
 						'perlenabled' => $perlenabled,
-						'theme' => $_theme
+						'theme' => $_theme,
+						'custom_notes' => $custom_notes,
+						'custom_notes_show' => $custom_notes_show
 					);

 					$ins_stmt = Database::prepare("
@@ -706,7 +715,9 @@ if ($page == 'customers'
 						`imap` = :imap,
 						`pop3` = :pop3,
 						`perlenabled` = :perlenabled,
-						`theme` = :theme"
+						`theme` = :theme,
+						`custom_notes` = :custom_notes,
+						`custom_notes_show` = :custom_notes_show"
 					);
 					Database::pexecute($ins_stmt, $ins_data);

@@ -843,7 +854,11 @@ if ($page == 'customers'
 						} else {
 							$local_user = Settings::Get('phpfpm.vhost_httpuser');
 						}
-						$ins_data['members'] .= ','.$local_user;
+						// check froxlor-local user membership in ftp-group
+						// without this check addition may duplicate user in list if httpuser == local_user
+						if (strpos($ins_data['members'], $local_user) !== false) {
+							$ins_data['members'] .= ','.$local_user;
+						}
 					}

 					Database::pexecute($ins_stmt, $ins_data);
@@ -880,7 +895,7 @@ if ($page == 'customers'
 							`domain` = :domain,
 							`customerid` = :customerid,
 							`adminid` = :adminid,
-							`parentdomainid` = '-1',
+							`parentdomainid` = '0',
 							`documentroot` = :docroot,
 							`zonefile` = '',
 							`isemaildomain` = '0',
@@ -897,10 +912,13 @@ if ($page == 'customers'
 						$domainid = Database::lastInsertId();

 						// set ip <-> domain connection
+						$defaultips = explode(',', Settings::Get('system.defaultip'));
 						$ins_stmt = Database::prepare("
-							INSERT INTO `".TABLE_DOMAINTOIP."` SET `id_domain` = :domainid, `id_ipandports` = :ipid"
+							  INSERT INTO `" . TABLE_DOMAINTOIP . "` SET `id_domain` = :domainid, `id_ipandports` = :ipid"
 						);
-						Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => Settings::Get('system.defaultip')));
+						foreach ($defaultips as $defaultip) {
+							Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => $defaultip));
+						}

 						$upd_stmt = Database::prepare("
 							UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `standardsubdomain` = :domainid WHERE `customerid` = :customerid"
@@ -921,7 +939,7 @@ if ($page == 'customers'
 							SELECT ip, port FROM `".TABLE_PANEL_IPSANDPORTS."`
 							WHERE `id` = :defaultip
 						");
-						$srv_ip = Database::pexecute_first($srv_ip_stmt, array('defaultip' => Settings::Get('system.defaultip')));
+						$srv_ip = Database::pexecute_first($srv_ip_stmt, array('defaultip' => reset(explode(',', Settings::Get('system.defaultip')))));

 						$replace_arr = array(
 							'FIRSTNAME' => $firstname,
@@ -1028,7 +1046,7 @@ if ($page == 'customers'
 		 */
 		$available_admins_stmt = Database::prepare("
                        SELECT * FROM `" . TABLE_PANEL_ADMINS . "`
-                        WHERE (`customers` = '-1' OR `customers` < `customers_used`)"
+                        WHERE (`customers` = '-1' OR `customers` > `customers_used`)"
 		);
 		Database::pexecute($available_admins_stmt);
 		$admin_select = makeoption("-----", 0, true, true, true);
@@ -1063,6 +1081,12 @@ if ($page == 'customers'

 				$move_to_admin = isset($_POST['move_to_admin']) ? intval_ressource($_POST['move_to_admin']) : 0;

+				$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\0]*$/');
+				$custom_notes_show = $result['custom_notes_show'];
+				if (isset($_POST['custom_notes_show'])) {
+				    $custom_notes_show = intval_ressource($_POST['custom_notes_show']);
+				}
+
 				$diskspace = intval_ressource($_POST['diskspace']);
 				if (isset($_POST['diskspace_ul'])) {
 					$diskspace = - 1;
@@ -1183,7 +1207,6 @@ if ($page == 'customers'
 				   || ($subdomains == '-1' && $userinfo['subdomains'] != '-1')
 				) {
 					standard_error('youcantallocatemorethanyouhave');
-					exit;
 				}

 				// Either $name and $firstname or the $company must be inserted
@@ -1203,7 +1226,7 @@ if ($page == 'customers'

 					if ($password != '') {
 						$password = validatePassword($password);
-						$password = md5($password);
+						$password = makeCryptPassword($password);
 					} else {
 						$password = $result['password'];
 					}
@@ -1236,7 +1259,7 @@ if ($page == 'customers'
 							`domain` = :domain,
 							`customerid` = :customerid,
 							`adminid` = :adminid,
-							`parentdomainid` = '-1',
+							`parentdomainid` = '0',
 							`documentroot` = :docroot,
 							`zonefile` = '',
 							`isemaildomain` = '0',
@@ -1250,10 +1273,13 @@ if ($page == 'customers'
 						$domainid = Database::lastInsertId();

 						// set ip <-> domain connection
+						$defaultips = explode(',', Settings::Get('system.defaultip'));
 						$ins_stmt = Database::prepare("
-							INSERT INTO `".TABLE_DOMAINTOIP."` SET `id_domain` = :domainid, `id_ipandports` = :ipid"
+							  INSERT INTO `" . TABLE_DOMAINTOIP . "` SET `id_domain` = :domainid, `id_ipandports` = :ipid"
 						);
-						Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => Settings::Get('system.defaultip')));
+						foreach ($defaultips as $defaultip) {
+							Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => $defaultip));
+						}

 						$upd_stmt = Database::prepare("
 							UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `standardsubdomain` = :domainid WHERE `customerid` = :customerid"
@@ -1398,7 +1424,9 @@ if ($page == 'customers'
 						'phpenabled' => $phpenabled,
 						'imap' => $email_imap,
 						'pop3' => $email_pop3,
-						'perlenabled' => $perlenabled
+						'perlenabled' => $perlenabled,
+						'custom_notes' => $custom_notes,
+						'custom_notes_show' => $custom_notes_show
 					);
 					$upd_stmt = Database::prepare("
 						UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
@@ -1429,7 +1457,9 @@ if ($page == 'customers'
 						`email_quota` = :email_quota,
 						`imap` = :imap,
 						`pop3` = :pop3,
-						`perlenabled` = :perlenabled
+						`perlenabled` = :perlenabled,
+						`custom_notes` = :custom_notes,
+						`custom_notes_show` = :custom_notes_show
 						WHERE `customerid` = :customerid"
 					);
 					Database::pexecute($upd_stmt, $upd_data);
--- a/admin_domains.php
+++ b/admin_domains.php
@@ -96,6 +96,22 @@ if ($page == 'domains'
 				}
 			}
 			$row['ipandport'] = substr($row['ipandport'], 0, -1);
+                        $row['termination_date'] = str_replace("0000-00-00", "", $row['termination_date']);
+                        
+                        if($row['termination_date'] != "")
+                        {
+                            $cdate = strtotime($row['termination_date'] . " 23:59:59");
+                            $today = time();
+
+                            if($cdate < $today)
+                            {
+                                $row['termination_css'] = 'domain-expired';
+                            }
+                            else
+                                {
+                                $row['termination_css'] = 'domain-canceled';
+                            }
+                        }

 			if (!isset($domain_array[$row['domain']])) {
 				$domain_array[$row['domain']] = $row;
@@ -190,7 +206,7 @@ if ($page == 'domains'
 					SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE (`id` = :id OR `parentdomainid` = :id ".$rsd_sql.") AND `isemaildomain` = '1'"
 				);
-				$subResult = Database::pexecute($subresult_stmt, array('id' => $id));
+				Database::pexecute($subresult_stmt, array('id' => $id));
 				$idString = array();
 				$paramString = array();
 				while ($subRow = $subresult_stmt->fetch(PDO::FETCH_ASSOC)) {
@@ -252,6 +268,13 @@ if ($page == 'domains'
 				);
 				Database::pexecute($del_stmt, array('domainid' => $id));

+				// remove certificate from domain_ssl_settings, fixes #1596
+				$del_stmt = Database::prepare("
+					DELETE FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
+					WHERE `domainid` = :domainid"
+				);
+				Database::pexecute($del_stmt, array('domainid' => $id));
+
 				$log->logAction(ADM_ACTION, LOG_INFO, "deleted domain/subdomains (#" . $result['id'] . ")");
 				updateCounters();
 				inserttask('1');
@@ -285,7 +308,6 @@ if ($page == 'domains'

 				if ($_POST['domain'] == Settings::Get('system.hostname')) {
 					standard_error('admin_domain_emailsystemhostname');
-					exit;
 				}

 				$domain = $idna_convert->encode(preg_replace(array('/\:(\d)+$/', '/^https?\:\/\//'), '', validate($_POST['domain'], 'domain')));
@@ -362,6 +384,9 @@ if ($page == 'domains'
 				$registration_date = trim($_POST['registration_date']);
 				$registration_date = validate($registration_date, 'registration_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', ''));

+                                $termination_date = trim($_POST['termination_date']);
+                                $termination_date = validate($termination_date, 'termination_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', ''));
+
 				if ($userinfo['change_serversettings'] == '1') {

 					$caneditdomain = isset($_POST['caneditdomain']) ? intval($_POST['caneditdomain']) : 0;
@@ -397,7 +422,7 @@ if ($page == 'domains'
 							$documentroot = $_POST['documentroot'];
 						}
 					} elseif (isset($_POST['documentroot'])
-						&& ($_POST['documentroot'] == '') 
+						&& ($_POST['documentroot'] == '')
 						&& (Settings::Get('system.documentroot_use_default_value') == 1)
 					) {
 						$documentroot = makeCorrectDir($customer['documentroot'] . '/' . $domain);
@@ -516,6 +541,11 @@ if ($page == 'domains'
 						$ssl_redirect = (int)$_POST['ssl_redirect'];
 					}

+					$letsencrypt = 0;
+					if (isset($_POST['letsencrypt'])) {
+						$letsencrypt = (int)$_POST['letsencrypt'];
+					}
+
 					$ssl_ipandports = array();
 					if (isset($_POST['ssl_ipandport']) && !is_array($_POST['ssl_ipandport'])) {
 						$_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']);
@@ -547,17 +577,29 @@ if ($page == 'domains'
 						}
 					} else {
 						$ssl_redirect = 0;
+						$letsencrypt = 0;
 						// we need this for the serialize
 						// if ssl is disabled or no ssl-ip/port exists
 						$ssl_ipandports[] = -1;
 					}
 				} else {
 					$ssl_redirect = 0;
+					$letsencrypt = 0;
 					// we need this for the serialize
 					// if ssl is disabled or no ssl-ip/port exists
 					$ssl_ipandports[] = -1;
 				}

+				// We can't enable let's encrypt for wildcard - domains
+				if ($serveraliasoption == '0' && $letsencrypt == '1') {
+				    standard_error('nowildcardwithletsencrypt');
+				}
+
+				// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
+				if ($ssl_redirect > 0 && $letsencrypt == 1) {
+					$ssl_redirect = 2;
+				}
+
 				if (!preg_match('/^https?\:\/\//', $documentroot)) {
 					if (strstr($documentroot, ":") !== false) {
 						standard_error('pathmaynotcontaincolon');
@@ -661,6 +703,11 @@ if ($page == 'domains'
 					$issubof = '0';
 				}

+				if ($aliasdomain != 0 && $letsencrypt != 0)
+				{
+					standard_error('letsencryptdoesnotworkwithaliasdomains');
+				}
+
 				if ($domain == '') {
 					standard_error(array('stringisempty', 'mydomain'));
 				}
@@ -702,7 +749,9 @@ if ($page == 'domains'
 						'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
 						'specialsettings' => $specialsettings,
 						'registration_date' => $registration_date,
-						'issubof' => $issubof
+						'termination_date' => $termination_date,
+						'issubof' => $issubof,
+						'letsencrypt' => $letsencrypt
 					);

 					$security_questions = array(
@@ -718,7 +767,6 @@ if ($page == 'domains'
 								|| $_POST[$question_name] != $question_name
 							) {
 								ask_yesno('admin_domain_' . $question_name, $filename, $params, $question_nr);
-								exit;
 							}
 						}
 						$question_nr++;
@@ -748,10 +796,12 @@ if ($page == 'domains'
 						'ssl_redirect' => $ssl_redirect,
 						'add_date' => time(),
 						'registration_date' => $registration_date,
+                                                'termination_date' => $termination_date,
 						'phpsettingid' => $phpsettingid,
 						'mod_fcgid_starter' => $mod_fcgid_starter,
 						'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
-						'ismainbutsubto' => $issubof
+						'ismainbutsubto' => $issubof,
+						'letsencrypt' => $letsencrypt
 					);

 					$ins_stmt = Database::prepare("
@@ -779,10 +829,12 @@ if ($page == 'domains'
 						`ssl_redirect` = :ssl_redirect,
 						`add_date` = :add_date,
 						`registration_date` = :registration_date,
+                                                `termination_date` = :termination_date,
 						`phpsettingid` = :phpsettingid,
 						`mod_fcgid_starter` = :mod_fcgid_starter,
 						`mod_fcgid_maxrequests` = :mod_fcgid_maxrequests,
-						`ismainbutsubto` = :ismainbutsubto
+						`ismainbutsubto` = :ismainbutsubto,
+						`letsencrypt` = :letsencrypt
 					");
 					Database::pexecute($ins_stmt, $ins_data);
 					$domainid = Database::lastInsertId();
@@ -832,7 +884,7 @@ if ($page == 'domains'
 					SELECT `customerid`, `loginname`, `name`, `firstname`, `company`
 					FROM `" . TABLE_PANEL_CUSTOMERS . "` " .
 					($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = '" . (int)$userinfo['adminid'] . "' ") .
-					" ORDER BY `name` ASC"
+					" ORDER BY COALESCE(NULLIF(`name`,''), `company`) ASC"
 				);
 				$params = array();
 				if ($userinfo['customers_see_all'] == '0') {
@@ -1139,6 +1191,8 @@ if ($page == 'domains'
 				$caneditdomain = isset($_POST['caneditdomain']) ? intval($_POST['caneditdomain']) : 0;
 				$registration_date = trim($_POST['registration_date']);
 				$registration_date = validate($registration_date, 'registration_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', ''));
+				$termination_date = trim($_POST['termination_date']);
+				$termination_date = validate($termination_date, 'termination_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', ''));

 				$isemaildomain = 0;
 				if (isset($_POST['isemaildomain'])) {
@@ -1184,6 +1238,7 @@ if ($page == 'domains'
 					}

 					$specialsettings = validate(str_replace("\r\n", "\n", $_POST['specialsettings']), 'specialsettings', '/^[^\0]*$/');
+					$ssfs = (isset($_POST['specialsettingsforsubdomains']) && intval($_POST['specialsettingsforsubdomains']) == 1) ? 1 : 0;
 					$documentroot = validate($_POST['documentroot'], 'documentroot');

 					if ($documentroot == '') {
@@ -1207,6 +1262,7 @@ if ($page == 'domains'
 					$zonefile = $result['zonefile'];
 					$dkim = $result['dkim'];
 					$specialsettings = $result['specialsettings'];
+					$ssfs = (empty($specialsettings) ? 0 : 1);
 					$documentroot = $result['documentroot'];
 				}

@@ -1288,6 +1344,11 @@ if ($page == 'domains'
 						$ssl_redirect = (int)$_POST['ssl_redirect'];
 					}

+					$letsencrypt = 0;
+					if (isset($_POST['letsencrypt'])) {
+						$letsencrypt = (int)$_POST['letsencrypt'];
+					}
+
 					$ssl_ipandports = array();
 					if (isset($_POST['ssl_ipandport']) && !is_array($_POST['ssl_ipandport'])) {
 						$_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']);
@@ -1314,17 +1375,29 @@ if ($page == 'domains'
 						}
 					} else {
 						$ssl_redirect = 0;
+						$letsencrypt = 0;
 						// we need this for the serialize
 						// if ssl is disabled or no ssl-ip/port exists
 						$ssl_ipandports[] = -1;
 					}
 				} else {
 					$ssl_redirect = 0;
+					$letsencrypt = 0;
 					// we need this for the serialize
 					// if ssl is disabled or no ssl-ip/port exists
 					$ssl_ipandports[] = -1;
 				}

+				// We can't enable let's encrypt for wildcard domains
+				if ($serveraliasoption == '0' && $letsencrypt == '1') {
+					standard_error('nowildcardwithletsencrypt');
+				}
+
+				// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
+				if ($ssl_redirect > 0 && $letsencrypt == 1 && $result['letsencrypt'] != $letsencrypt) {
+					$ssl_redirect = 2;
+				}
+
 				if (!preg_match('/^https?\:\/\//', $documentroot)) {
 					$documentroot = makeCorrectDir($documentroot);
 				}
@@ -1412,6 +1485,11 @@ if ($page == 'domains'
 					$issubof = '0';
 				}

+				if ($aliasdomain != 0 && $letsencrypt != 0)
+				{
+					standard_error('letsencryptdoesnotworkwithaliasdomains');
+				}
+
 				if ($serveraliasoption != '1' && $serveraliasoption != '2') {
 					$serveraliasoption = '0';
 				}
@@ -1438,12 +1516,15 @@ if ($page == 'domains'
 					'mod_fcgid_starter' => $mod_fcgid_starter,
 					'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
 					'specialsettings' => $specialsettings,
+					'specialsettingsforsubdomains' => $ssfs,
 					'registration_date' => $registration_date,
+					'termination_date' => $termination_date,
 					'issubof' => $issubof,
 					'speciallogfile' => $speciallogfile,
 					'speciallogverified' => $speciallogverified,
 					'ipandport' => serialize($ipandports),
-					'ssl_ipandport' => serialize($ssl_ipandports)
+					'ssl_ipandport' => serialize($ssl_ipandports),
+					'letsencrypt' => $letsencrypt
 				);

 				$security_questions = array(
@@ -1457,7 +1538,6 @@ if ($page == 'domains'
 							|| $_POST[$question_name] != $question_name
 						) {
 							ask_yesno('admin_domain_' . $question_name, $filename, $params);
-							exit;
 						}
 					}
 				}
@@ -1478,6 +1558,7 @@ if ($page == 'domains'
 					|| $issubof != $result['ismainbutsubto']
 					|| $email_only != $result['email_only']
 					|| ($speciallogfile != $result['speciallogfile'] && $speciallogverified == '1')
+					|| $letsencrypt != $result['letsencrypt']
 				) {
 					inserttask('1');
 				}
@@ -1612,7 +1693,9 @@ if ($page == 'domains'
 				$update_data['mod_fcgid_maxrequests'] = $mod_fcgid_maxrequests;
 				$update_data['specialsettings'] = $specialsettings;
 				$update_data['registration_date'] = $registration_date;
+				$update_data['termination_date'] = $termination_date;
 				$update_data['ismainbutsubto'] = $issubof;
+				$update_data['letsencrypt'] = $letsencrypt;
 				$update_data['id'] = $id;

 				$update_stmt = Database::prepare("
@@ -1638,7 +1721,9 @@ if ($page == 'domains'
 					`mod_fcgid_maxrequests` = :mod_fcgid_maxrequests,
 					`specialsettings` = :specialsettings,
 					`registration_date` = :registration_date,
-					`ismainbutsubto` = :ismainbutsubto
+					`termination_date` = :termination_date,
+					`ismainbutsubto` = :ismainbutsubto,
+					`letsencrypt` = :letsencrypt
 					WHERE `id` = :id
 				");
 				Database::pexecute($update_stmt, $update_data);
@@ -1653,9 +1738,10 @@ if ($page == 'domains'

 				// if we have no more ssl-ip's for this domain,
 				// all its subdomains must have "ssl-redirect = 0"
+				// and disable let's encrypt
 				$update_sslredirect = '';
 				if (count($ssl_ipandports) == 1 && $ssl_ipandports[0] == -1) {
-					$update_sslredirect = ", `ssl_redirect` = '0' ";
+					$update_sslredirect = ", `ssl_redirect` = '0', `letsencrypt` = '0' ";
 				}

 				$_update_stmt = Database::prepare("
@@ -1862,16 +1948,20 @@ if ($page == 'domains'
 					$ssl_ipsandports[] = array('label' => $row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'] . '<br />', 'value' => $row_ssl_ipandport['id']);
 				}

-				$result['specialsettings'] = $result['specialsettings'];
-
 				// create serveralias options
 				$serveraliasoptions = "";
 				$_value = '2';
 				if ($result['iswildcarddomain'] == '1') {
 					$_value = '0';
+					$letsencrypt = 0;
 				} elseif ($result['wwwserveralias'] == '1') {
 					$_value = '1';
 				}
+
+				// Fudge the result for ssl_redirect to hide the Let's Encrypt steps
+				$result['temporary_ssl_redirect'] = $result['ssl_redirect'];
+				$result['ssl_redirect'] = ($result['ssl_redirect'] == 0 ? 0 : 1);
+				
 				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_wildcard'], '0', $_value, true, true);
 				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_www'], '1', $_value, true, true);
 				$serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_none'], '2', $_value, true, true);
@@ -1911,7 +2001,7 @@ if ($page == 'domains'

 			$customerid = intval($_POST['customerid']);
 			$separator = validate($_POST['separator'], 'separator');
-			$offset = validate($_POST['offset'], 'offset', "/[0-9]/i");
+			$offset = (int)validate($_POST['offset'], 'offset', "/[0-9]/i");

 			$file_name = $_FILES['file']['tmp_name'];

--- a/admin_index.php
+++ b/admin_index.php
@@ -42,7 +42,6 @@ if ($action == 'logout')  {
 	Database::pexecute($stmt, $params);

 	redirectTo('index.php');
-	exit;
 }

 if (isset($_POST['id'])) {
@@ -140,6 +139,8 @@ if ($page == 'overview') {
 	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), $dec_places);
 	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'customers domains diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps tickets subdomains');

+	$userinfo['custom_notes'] = ($userinfo['custom_notes'] != '') ? nl2br($userinfo['custom_notes']) : '';
+
 	$cron_last_runs = getCronjobsLastRun();
 	$outstanding_tasks = getOutstandingTasks();

@@ -197,9 +198,8 @@ if ($page == 'overview') {
 	) {
 		$old_password = validate($_POST['old_password'], 'old password');

-		if (md5($old_password) != $userinfo['password']) {
+		if (!validatePasswordLogin($userinfo,$old_password,TABLE_PANEL_ADMINS,'adminid')) {
 			standard_error('oldpasswordnotcorrect');
-			exit;
 		}

 		$new_password = validate($_POST['new_password'], 'new password');
@@ -217,13 +217,11 @@ if ($page == 'overview') {
 			$chgpwd_stmt = Database::prepare("
 				UPDATE `" . TABLE_PANEL_ADMINS . "`
 				SET `password`= :newpasswd
-				WHERE `adminid`= :adminid
-				AND `password`= :oldpasswd"
+				WHERE `adminid`= :adminid"
 			);
 			Database::pexecute($chgpwd_stmt, array(
-				'newpasswd' => md5($new_password),
-				'adminid' => (int)$userinfo['adminid'],
-				'oldpasswd' => md5($old_password)
+				'newpasswd' => makeCryptPassword($new_password),
+				'adminid' => (int)$userinfo['adminid']
 			));
 			$log->logAction(ADM_ACTION, LOG_NOTICE, 'changed password');
 			redirectTo($filename, Array('s' => $s));
--- a/admin_ipsandports.php
+++ b/admin_ipsandports.php
@@ -29,6 +29,10 @@ if (isset($_POST['id'])) {
 if ($page == 'ipsandports'
 	|| $page == 'overview'
 ) {
+	// Do not display attributes that are not used by the current webserver
+	$websrv = Settings::Get('system.webserver');
+	$is_nginx = ($websrv == 'nginx');
+	$is_apache = ($websrv == 'apache2');

 	if ($action == '') {

@@ -79,7 +83,7 @@ if ($page == 'ipsandports'
 			$result_checkdomain = Database::pexecute_first($result_checkdomain_stmt, array('id' => $id));

 			if ($result_checkdomain['id'] == '') {
-				if ($result['id'] != Settings::Get('system.defaultip')) {
+				if (!in_array($result['id'], explode(',', Settings::Get('system.defaultip')))) {

 					$result_sameipotherport_stmt = Database::prepare("
 						SELECT `id` FROM `" . TABLE_PANEL_IPSANDPORTS . "`
@@ -320,7 +324,7 @@ if ($page == 'ipsandports'
 					$ssl_ca_file = '';
 					$ssl_cert_chainfile = '';
 				}
-				
+
 				if ($listen_statement != '1') {
 					$listen_statement = '0';
 				}
@@ -340,7 +344,7 @@ if ($page == 'ipsandports'
 				if ($ssl != '1') {
 					$ssl = '0';
 				}
-				
+
 				if ($ssl_cert_file != '') {
 					$ssl_cert_file = makeCorrectFile($ssl_cert_file);
 				}
@@ -422,7 +426,7 @@ if ($page == 'ipsandports'

 				$ipsandports_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/ipsandports/formfield.ipsandports_edit.php';
 				$ipsandports_edit_form = htmlform::genHTMLForm($ipsandports_edit_data);
-	
+
 				$title = $ipsandports_edit_data['ipsandports_edit']['title'];
 				$image = $ipsandports_edit_data['ipsandports_edit']['image'];

--- a/admin_logger.php
+++ b/admin_logger.php
@@ -34,7 +34,8 @@ if ($page == 'log'
 		$result_stmt = Database::query('
 			SELECT * FROM `' . TABLE_PANEL_LOG . '` ' . $paging->getSqlWhere(false) . ' ' . $paging->getSqlOrderBy() . ' ' . $paging->getSqlLimit()
 		);
-		$paging->setEntries(Database::num_rows());
+		$logs_count = Database::num_rows();
+		$paging->setEntries($logs_count);
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
@@ -100,35 +101,12 @@ if ($page == 'log'
 					}

 					$log_count++;
-					$type = $row['type'];
-					$_type = 'unknown';
-
-					switch ($type) {
-						case LOG_INFO:
-							$_type = 'Information';
-							break;
-						case LOG_NOTICE:
-							$_type = 'Notice';
-							break;
-						case LOG_WARNING:
-							$_type = 'Warning';
-							break;
-						case LOG_ERR:
-							$_type = 'Error';
-							break;
-						case LOG_CRIT:
-							$_type = 'Critical';
-							break;
-						default:
-							$_type = 'Unknown';
-							break;
-					}
-
-					$row['type'] = $_type;
+					$row['type'] = getLogLevelDesc($row['type']);
 					eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";");
 					$count++;
 					$_action = $action;
 				}
+				$i++;
 			}
 			$i++;
 		}
--- a/admin_opcacheinfo.php
+++ b/admin_opcacheinfo.php
@@ -0,0 +1,158 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Janos Muzsi <muzsij@hypernics.hu> (2016)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Panel
+ *
+ * Based on https://github.com/amnuts/opcache-gui
+ *
+ */
+
+define('AREA', 'admin');
+require './lib/init.php';
+
+
+if ($action == 'reset' &&
+        function_exists('opcache_reset') &&
+        $userinfo['change_serversettings'] == '1'
+) {
+    opcache_reset();
+    $log->logAction(ADM_ACTION, LOG_INFO, "reseted OPcache");
+    header('Location: ' . $linker->getLink(array('section' => 'opcacheinfo', 'page' => 'showinfo')));
+    exit();
+}
+
+if (!function_exists('opcache_get_configuration')
+) {
+    standard_error($lng['error']['no_opcacheinfo']);
+}
+
+if ($page == 'showinfo'
+) {
+    
+    $opcache_info = opcache_get_configuration();
+    $opcache_status = opcache_get_status(false);
+    $time = time();
+    $log->logAction(ADM_ACTION, LOG_NOTICE, "viewed OPcache info");
+    
+    $runtimelines = '';
+    if (isset($opcache_info['directives']) && is_array($opcache_info['directives'])) {
+        foreach ($opcache_info['directives'] as $name => $value) {
+            $linkname=  str_replace('_', '-', $name);
+            if ($name=='opcache.optimization_level' && is_integer($value)) {
+                $value='0x'.dechex($value);
+            }
+            if ($name=='opcache.memory_consumption' && is_integer($value) && $value%(1024*1024)==0) {
+                $value=$value/(1024*1024);
+            }
+            if ($value===null || $value==='') {
+                $value=$lng['opcacheinfo']['novalue'];
+            }
+            if ($value===true) {
+                $value=$lng['opcacheinfo']['true'];
+            }
+            if ($value===false) {
+                $value=$lng['opcacheinfo']['false'];
+            }
+            if (is_integer($value)) {
+                $value=number_format($value,0,'.',' ');
+            }
+            $name=str_replace('_', ' ', $name);
+            eval("\$runtimelines.=\"" . getTemplate("settings/opcacheinfo/runtime_line") . "\";");
+        }
+    }
+    
+    $cachehits=@$opcache_status['opcache_statistics']['hits'] ?: 0;
+    $cachemiss=@$opcache_status['opcache_statistics']['misses'] ?: 0;
+    $blacklistmiss=@$opcache_status['opcache_statistics']['blacklist_misses'] ?: 0;
+    $cachetotal=$cachehits+$cachemiss+$blacklistmiss;
+    
+    $general=array(
+        'version' => (isset($opcache_info['version']['opcache_product_name']) ? $opcache_info['version']['opcache_product_name'].' ' : '').$opcache_info['version']['version'],
+        'phpversion' => phpversion(),
+        'start_time'         => @$opcache_status['opcache_statistics']['start_time'] ? date('Y-m-d H:i:s',$opcache_status['opcache_statistics']['start_time']) : '',
+        'last_restart_time'  => @$opcache_status['opcache_statistics']['last_restart_time'] ? date('Y-m-d H:i:s',$opcache_status['opcache_statistics']['last_restart_time']) : $lng['opcacheinfo']['never'],
+        'oom_restarts' => number_format(@$opcache_status['opcache_statistics']['oom_restarts'] ?: 0,0,'.',' '),
+        'hash_restarts' => number_format(@$opcache_status['opcache_statistics']['hash_restarts'] ?: 0,0,'.',' '),
+        'manual_restarts' => number_format(@$opcache_status['opcache_statistics']['manual_restarts'] ?: 0,0,'.',' '),
+        'status' => (@$opcache_status['restart_in_progress'] ? $lng['opcacheinfo']['restartinprogress'] :
+            (@$opcache_status['restart_pending'] ? $lng['opcacheinfo']['restartpending'] :
+            (@$opcache_status['cache_full'] ? $lng['opcacheinfo']['cachefull'] :
+            (@$opcache_status['opcache_enabled'] ? $lng['opcacheinfo']['enabled'] : $lng['opcacheinfo']['novalue'])))),
+        'cachedscripts' => number_format(@$opcache_status['opcache_statistics']['num_cached_scripts'] ?: 0,0,'.',' '),
+        'cachehits' => number_format($cachehits,0,'.',' ') . ($cachetotal>0 ? sprintf(" (%.1f %%)", $cachehits/($cachetotal)*100) : ''),
+        'cachemiss' => number_format($cachemiss,0,'.',' ') . ($cachetotal>0 ? sprintf(" (%.1f %%)", $cachemiss/($cachetotal)*100) : ''),
+        'blacklistmiss' => number_format($blacklistmiss,0,'.',' ') . ($cachetotal>0 ? sprintf(" (%.1f %%)", $blacklistmiss/($cachetotal)*100) : ''),
+    );
+    
+    $usedmem=@$opcache_status['memory_usage']['used_memory'] ?: 0;
+    $usedmemstr=bsize($usedmem);
+    $freemem=@$opcache_status['memory_usage']['free_memory'] ?: 0;
+    $freememstr=bsize($freemem);
+    $totalmem=$usedmem+$freemem;
+    $wastedmem=@$opcache_status['memory_usage']['wasted_memory'] ?: 0;
+    $wastedmemstr=bsize($wastedmem);
+    if ($totalmem) {
+        $memory=array(
+            'total' => bsize($totalmem),
+            'used' => $usedmemstr . ($totalmem>0 ? sprintf(" (%.1f %%)", $usedmem/($totalmem)*100) : ''),
+            'free' => $freememstr . ($totalmem>0 ? sprintf(" (%.1f %%)", $freemem/($totalmem)*100) : ''),
+            'wasted' => $wastedmemstr . ($totalmem>0 ? sprintf(" (%.1f %%)", $wastedmem/($totalmem)*100) : ''),
+        );
+    }
+    
+    if (isset($opcache_status['interned_strings_usage'])) {
+        $usedstring=@$opcache_status['interned_strings_usage']['used_memory'] ?: 0;
+        $usedstringstr=bsize($usedstring);
+        $freestring=@$opcache_status['interned_strings_usage']['free_memory'] ?: 0;
+        $freestringstr=bsize($freestring);
+        $totalstring=$usedstring+$freestring;
+        $stringbuffer=array(
+            'total' => bsize($totalstring),
+            'used' => $usedstringstr . ($totalstring>0 ? sprintf(" (%.1f %%)", $usedstring/$totalstring*100) : ''),
+            'free' => $freestringstr . ($totalstring>0 ? sprintf(" (%.1f %%)", $freestring/$totalstring*100) : ''),
+            'strcount' => number_format(@$opcache_status['interned_strings_usage']['number_of_strings'] ?: 0,0,'.',' '),
+        );
+    }
+
+    $usedkey=@$opcache_status['opcache_statistics']['num_cached_keys'] ?: 0;
+    $usedkeystr=number_format($usedkey,0,'.',' ');
+    $totalkey=@$opcache_status['opcache_statistics']['max_cached_keys'] ?: 0;
+    $wastedkey=$usedkey - (@$opcache_status['opcache_statistics']['num_cached_scripts'] ?: 0);
+    if (isset($opcache_status['opcache_statistics'])) {
+        $keystat=array(
+            'total' => number_format($totalkey,0,'.',' '),
+            'used' => $usedkeystr . ($totalkey>0 ? sprintf(" (%.1f %%)", $usedkey/($totalkey)*100) : ''),
+            'wasted' => number_format($wastedkey,0,'.',' ') . ($totalkey>0 ? sprintf(" (%.1f %%)", $wastedkey/($totalkey)*100) : ''),
+        );
+    }
+    
+    $blacklistlines = '';
+    if (isset($opcache_info['blacklist']) && is_array($opcache_info['blacklist'])) {
+        foreach ($opcache_info['blacklist'] as $value) {
+            eval("\$blacklistlines.=\"" . getTemplate("settings/opcacheinfo/blacklist_line") . "\";");
+        }
+    }
+    
+    eval("echo \"" . getTemplate("settings/opcacheinfo/showinfo") . "\";");
+    
+}
+
+function bsize($s) {
+    foreach (array('', 'K', 'M', 'G') as $i => $k) {
+        if ($s < 1024)
+            break;
+        $s/=1024;
+    }
+    return sprintf("%5.1f %sBytes", $s, $k);
+}
--- a/admin_phpsettings.php
+++ b/admin_phpsettings.php
@@ -115,6 +115,7 @@ if ($page == 'overview') {
 					$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
 					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
 					$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
+					$mod_fcgid_umask = validate($_POST['mod_fcgid_umask'], 'mod_fcgid_umask', '/^[0-9]*$/');
 					// disable fpm stuff
 					$fpm_enableslowlog = 0;
 					$fpm_reqtermtimeout = 0;
@@ -129,6 +130,7 @@ if ($page == 'overview') {
 					$file_extensions = 'php';
 					$mod_fcgid_starter = 0;
 					$mod_fcgid_maxrequests = 0;
+					$mod_fcgid_umask = "022";
 				}

 				if (strlen($description) == 0
@@ -144,6 +146,7 @@ if ($page == 'overview') {
 						`file_extensions` = :fext,
 						`mod_fcgid_starter` = :starter,
 						`mod_fcgid_maxrequests` = :mreq,
+						`mod_fcgid_umask` = :umask,
 						`fpm_slowlog` = :fpmslow,
 						`fpm_reqterm` = :fpmreqterm,
 						`fpm_reqslow` = :fpmreqslow,
@@ -155,6 +158,7 @@ if ($page == 'overview') {
 					'fext' => $file_extensions,
 					'starter' => $mod_fcgid_starter,
 					'mreq' => $mod_fcgid_maxrequests,
+					'umask' => $mod_fcgid_umask,
 					'fpmslow' => $fpm_enableslowlog,
 					'fpmreqterm' => $fpm_reqtermtimeout,
 					'fpmreqslow' => $fpm_reqslowtimeout,
@@ -265,6 +269,7 @@ if ($page == 'overview') {
 					$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
 					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
 					$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
+					$mod_fcgid_umask = validate($_POST['mod_fcgid_umask'], 'mod_fcgid_umask', '/^[0-9]*$/');
 					// disable fpm stuff
 					$fpm_enableslowlog = 0;
 					$fpm_reqtermtimeout = 0;
@@ -279,6 +284,7 @@ if ($page == 'overview') {
 					$file_extensions = 'php';
 					$mod_fcgid_starter = 0;
 					$mod_fcgid_maxrequests = 0;
+					$mod_fcgid_umask = "022";
 				}

 				if (strlen($description) == 0
@@ -294,6 +300,7 @@ if ($page == 'overview') {
 						`file_extensions` = :fext,
 						`mod_fcgid_starter` = :starter,
 						`mod_fcgid_maxrequests` = :mreq,
+						`mod_fcgid_umask` = :umask,
 						`fpm_slowlog` = :fpmslow,
 						`fpm_reqterm` = :fpmreqterm,
 						`fpm_reqslow` = :fpmreqslow,
@@ -306,6 +313,7 @@ if ($page == 'overview') {
 						'fext' => $file_extensions,
 						'starter' => $mod_fcgid_starter,
 						'mreq' => $mod_fcgid_maxrequests,
+						'umask' => $mod_fcgid_umask,
 						'fpmslow' => $fpm_enableslowlog,
 						'fpmreqterm' => $fpm_reqtermtimeout,
 						'fpmreqslow' => $fpm_reqslowtimeout,
--- a/admin_settings.php
+++ b/admin_settings.php
@@ -283,6 +283,7 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 	foreach ($integrity->available as $id => $check) {
 		$displayid = $id + 1;
 		$result = $integrity->$check();
+		$checkdesc = $lng['integrity_check'][$check];
 		eval("\$integritycheck.=\"" . getTemplate("settings/integritycheck_row") . "\";");
 	}
 	eval("echo \"" . getTemplate("settings/integritycheck") . "\";");
--- a/admin_templates.php
+++ b/admin_templates.php
@@ -201,7 +201,6 @@ if ($action == '') {

 	} else {
 		standard_error('templatenotfound');
-		exit;
 	}

 } elseif($action == 'add') {
@@ -214,7 +213,7 @@ if ($action == '') {
 		&& $_POST['prepare'] == 'prepare'
 	) {
 		//email templates
-		$language = validate($_POST['language'], 'language', '/^[^\r\n\0"\']+$/', 'nolanguageselect');
+		$language = htmlentities(validate($_POST['language'], 'language', '/^[^\r\n\0"\']+$/', 'nolanguageselect'));
 		$template = validate($_POST['template'], 'template');

 		$lng_bak = $lng;
@@ -244,7 +243,7 @@ if ($action == '') {
 		&& $_POST['send'] == 'send'
 	) {
 		//email templates
-		$language = validate($_POST['language'], 'language', '/^[^\r\n\0"\']+$/', 'nolanguageselect');
+		$language = htmlentities(validate($_POST['language'], 'language', '/^[^\r\n\0"\']+$/', 'nolanguageselect'));
 		$template = validate($_POST['template'], 'template');
 		$subject = validate($_POST['subject'], 'subject', '/^[^\r\n\0]+$/', 'nosubjectcreate');
 		$mailbody = validate($_POST['mailbody'], 'mailbody', '/^[^\0]+$/', 'nomailbodycreate');
@@ -358,7 +357,6 @@ if ($action == '') {
 			eval("echo \"" . getTemplate("templates/templates_add_1") . "\";");
 		} else {
 			standard_error('alltemplatesdefined');
-			exit;
 		}

 	} else {
@@ -371,7 +369,6 @@ if ($action == '') {

 		if (Database::num_rows() == count($file_templates)) {
 			standard_error('alltemplatesdefined');
-			exit;

 		} else {

@@ -452,6 +449,8 @@ if ($action == '') {
 			
 			$template_name = str_replace('_mailbody', '', $result['varname']);

+			// don't escape the already escaped language-string so save up before htmlentities()
+			$language = $result['language'];
 			$result = htmlentities_array($result);
 			$mailbody = $result['value'];

@@ -512,6 +511,5 @@ if ($action == '') {

 	} else {
 		standard_error('templatenotfound');
-		exit;
 	}
 }
--- a/admin_tickets.php
+++ b/admin_tickets.php
@@ -158,8 +158,10 @@ if ($page == 'tickets'
 					}

 					$row['subject'] = html_entity_decode($row['subject']);
-					if (strlen($row['subject']) > 20) {
-						$row['subject'] = substr($row['subject'], 0, 17) . '...';
+					if (strlen($row['subject']) > 30) {
+						$ts = wordwrap($row['subject'], 30, "|");
+						$ts = explode("|", $ts);
+						$row['subject'] = $ts[0]. '...';
 					}

 					eval("\$tickets.=\"" . getTemplate("tickets/tickets_tickets") . "\";");
--- a/admin_traffic.php
+++ b/admin_traffic.php
@@ -27,7 +27,6 @@ if ($action == 'logout') {
 	);
 	Database::pexecute($logout_stmt, array('adminid' => $userinfo['adminid']));
 	redirectTo('index.php');
-	exit;
 }

 if (isset($_POST['id'])) {
--- a/admin_updates.php
+++ b/admin_updates.php
@@ -54,7 +54,7 @@ if ($page == 'overview') {
 		}
 	}

-	if (hasUpdates($version)) {
+	if (hasDbUpdates($dbversion) || hasUpdates($version)) {
 		$successful_update = false;
 		$message = '';

@@ -67,16 +67,16 @@ if ($page == 'overview') {
 				|| !isset($_POST['update_preconfig'])
 			) {
 				eval("echo \"" . getTemplate('update/update_start') . "\";");
-	
+
 				include_once './install/updatesql.php';
-	
+
 				$redirect_url = 'admin_index.php?s=' . $s;
 				eval("echo \"" . getTemplate('update/update_end') . "\";");
-	
+
 				updateCounters();
 				inserttask('1');
 				@chmod('./lib/userdata.inc.php', 0440);
-				
+
 				$successful_update = true;
 			} else {
 				$message = '<br /><strong class="red">You have to agree that you have read the update notifications.</strong>';
@@ -85,15 +85,26 @@ if ($page == 'overview') {

 		if (!$successful_update) {
 			$current_version = Settings::Get('panel.version');
+			$current_db_version = Settings::Get('panel.db_version');
+			if (empty($current_db_version)) {
+			    $current_db_version = "0";
+			}
 			$new_version = $version;
+			$new_db_version = $dbversion;

 			$ui_text = $lng['update']['update_information']['part_a'];
-			$ui_text = str_replace('%curversion', $current_version, $ui_text);
-			$ui_text = str_replace('%newversion', $new_version, $ui_text);
+			if ($version != $current_version) {
+			     $ui_text = str_replace('%curversion', $current_version, $ui_text);
+			     $ui_text = str_replace('%newversion', $new_version, $ui_text);
+			} else {
+			    // show db version
+			    $ui_text = str_replace('%curversion', $current_db_version, $ui_text);
+			    $ui_text = str_replace('%newversion', $new_db_version, $ui_text);
+			}
 			$update_information = $ui_text;

 			include_once './install/updates/preconfig.php';
-			$preconfig = getPreConfig($current_version);
+			$preconfig = getPreConfig($current_version, $current_db_version);
 			if ($preconfig != '') {
 				$update_information .= '<br />' . $preconfig . $message;
 			}
--- a/cache/.gitignore
+++ b/cache/.gitignore
@@ -1 +0,0 @@
-*
--- a/cache/.keep
+++ b/cache/.keep
--- a/css/images/ui-bg_diagonals-thick_18_b81900_40x40.png
+++ b/css/images/ui-bg_diagonals-thick_18_b81900_40x40.png
--- a/css/images/ui-bg_glass_100_f6f6f6_1x400.png
+++ b/css/images/ui-bg_glass_100_f6f6f6_1x400.png
--- a/css/images/ui-bg_glass_100_fdf5ce_1x400.png
+++ b/css/images/ui-bg_glass_100_fdf5ce_1x400.png
--- a/css/images/ui-bg_gloss-wave_35_f6a828_500x100.png
+++ b/css/images/ui-bg_gloss-wave_35_f6a828_500x100.png
--- a/css/images/ui-bg_highlight-soft_100_eeeeee_1x100.png
+++ b/css/images/ui-bg_highlight-soft_100_eeeeee_1x100.png
--- a/css/images/ui-bg_highlight-soft_75_ffe45c_1x100.png
+++ b/css/images/ui-bg_highlight-soft_75_ffe45c_1x100.png
--- a/css/images/ui-icons_222222_256x240.png
+++ b/css/images/ui-icons_222222_256x240.png
--- a/css/images/ui-icons_228ef1_256x240.png
+++ b/css/images/ui-icons_228ef1_256x240.png
--- a/css/images/ui-icons_ef8c08_256x240.png
+++ b/css/images/ui-icons_ef8c08_256x240.png
--- a/css/images/ui-icons_ffd27a_256x240.png
+++ b/css/images/ui-icons_ffd27a_256x240.png
--- a/css/images/ui-icons_ffffff_256x240.png
+++ b/css/images/ui-icons_ffffff_256x240.png
--- a/customer_domains.php
+++ b/customer_domains.php
@@ -36,7 +36,7 @@ if ($page == 'overview') {
 			'd.domain' => $lng['domains']['domainname']
 		);
 		$paging = new paging($userinfo, TABLE_PANEL_DOMAINS, $fields);
-		$domains_stmt = Database::prepare("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`caneditdomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`, `da`.`id` AS `domainaliasid`, `da`.`domain` AS `domainalias` FROM `" . TABLE_PANEL_DOMAINS . "` `d`
+		$domains_stmt = Database::prepare("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`caneditdomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `d`.`letsencrypt`, `d`.`termination_date`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`, `da`.`id` AS `domainaliasid`, `da`.`domain` AS `domainalias` FROM `" . TABLE_PANEL_DOMAINS . "` `d`
 			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id`
 			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `da` ON `da`.`aliasdomain`=`d`.`id`
 			WHERE `d`.`customerid`= :customerid
@@ -87,6 +87,18 @@ if ($page == 'overview') {
 				}
 			}

+			$row['termination_date'] = str_replace("0000-00-00", "", $row['termination_date']);
+			if($row['termination_date'] != "") {
+				$cdate = strtotime($row['termination_date'] . " 23:59:59");
+				$today = time();
+
+				if($cdate < $today) {
+					$row['termination_css'] = 'domain-expired';
+				} else {
+					$row['termination_css'] = 'domain-canceled';
+				}
+			}
+
 			$domains_count++;
 			$domain_array[$row['domain']] = $row;
 		}
@@ -102,6 +114,11 @@ if ($page == 'overview') {
 			if ($row['parentdomainid'] == 0) {
 				$domain_sort_array[$sortkey][$sortkey] = $row;
 			} else {
+				// when searching and the results are subdomains only, we need to get
+				// the parent domain to this subdomain
+				if (!isset($domain_id_array[$row['parentdomainid']])) {
+				    $domain_id_array[$row['parentdomainid']] = "[parent-domain]";
+				}
 				$domain_sort_array[$domain_id_array[$row['parentdomainid']]][$sortkey] = $row;
 			}
 		}
@@ -117,13 +134,16 @@ if ($page == 'overview') {
 		$i = 0;
 		foreach ($domain_sort_array as $sortkey => $domain_array) {
 			if ($paging->checkDisplay($i)) {
-				$row = htmlentities_array($domain_array[$sortkey]);
-				if (Settings::Get('system.awstats_enabled') == '1') {
-					$statsapp = 'awstats';
-				} else {
-					$statsapp = 'webalizer';
+
+				if (isset($domain_array[$sortkey])) {
+					$row = htmlentities_array($domain_array[$sortkey]);
+					if (Settings::Get('system.awstats_enabled') == '1') {
+					   $statsapp = 'awstats';
+					} else {
+					   $statsapp = 'webalizer';
+					}
+					eval("\$domains.=\"" . getTemplate("domains/domains_delimiter") . "\";");
 				}
-				eval("\$domains.=\"" . getTemplate("domains/domains_delimiter") . "\";");

 				if ($paging->sortfield == 'd.domain' && $paging->sortorder == 'asc') {
 					ksort($domain_array);
@@ -133,12 +153,12 @@ if ($page == 'overview') {

 				foreach ($domain_array as $row) {
 					if (strpos($row['documentroot'], $userinfo['documentroot']) === 0) {
-						$row['documentroot'] = makeCorrectDir(substr($row['documentroot'], strlen($userinfo['documentroot'])));
+						$row['documentroot'] = makeCorrectDir(str_replace($userinfo['documentroot'], "/", $row['documentroot']));
 					}

 					// get ssl-ips if activated
 					$show_ssledit = false;
-					if (Settings::Get('system.use_ssl') == '1' && domainHasSslIpPort($row['id']) && $row['caneditdomain'] == '1') {
+					if (Settings::Get('system.use_ssl') == '1' && domainHasSslIpPort($row['id']) && $row['caneditdomain'] == '1' && $row['letsencrypt'] == 0) {
 						$show_ssledit = true;
 					}
 					$row = htmlentities_array($row);
@@ -203,6 +223,13 @@ if ($page == 'overview') {
 				);
 				Database::pexecute($del_stmt, array('domainid' => $id));

+				// remove certificate from domain_ssl_settings, fixes #1596
+				$del_stmt = Database::prepare("
+					DELETE FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
+					WHERE `domainid` = :domainid"
+				);
+				Database::pexecute($del_stmt, array('domainid' => $id));
+
 				inserttask('1');

 				// Using nameserver, insert a task which rebuilds the server config
@@ -230,6 +257,11 @@ if ($page == 'overview') {
 				$domain_check = Database::pexecute_first($domain_stmt, array("domain" => $domain, "customerid" => $userinfo['customerid']));

 				$completedomain = $subdomain . '.' . $domain;
+
+				if ($completedomain == Settings::Get('system.hostname')) {
+					standard_error('admin_domain_emailsystemhostname');
+				}
+
 				$completedomain_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE `domain` = :domain
 					AND `customerid` = :customerid
@@ -289,15 +321,37 @@ if ($page == 'overview') {

 				$ssl_redirect = '0';
 				if (isset($_POST['ssl_redirect']) && $_POST['ssl_redirect'] == '1') {
-					// a ssl-redirect only works of there actually is a
+					// a ssl-redirect only works if there actually is a
 					// ssl ip/port assigned to the domain
 					if (domainHasSslIpPort($domain_check['id']) == true) {
 						$ssl_redirect = '1';
+						$_doredirect = true;
 					} else {
 						standard_error('sslredirectonlypossiblewithsslipport');
 					}
 				}

+				$letsencrypt = '0';
+				if (isset($_POST['letsencrypt']) && $_POST['letsencrypt'] == '1') {
+					// let's encrypt only works if there actually is a
+					// ssl ip/port assigned to the domain
+					if (domainHasSslIpPort($domain_check['id']) == true) {
+						$letsencrypt = '1';
+					} else {
+						standard_error('letsencryptonlypossiblewithsslipport');
+					}
+				}
+
+				if ($aliasdomain != 0 && $letsencrypt != 0)
+				{
+					standard_error('letsencryptdoesnotworkwithaliasdomains');
+				}
+
+				// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
+				if ($ssl_redirect > 0 && $letsencrypt == 1) {
+					$ssl_redirect = 2;
+				}
+
 				if ($path == '') {
 					standard_error('patherror');
 				} elseif ($subdomain == '') {
@@ -339,7 +393,8 @@ if ($page == 'overview') {
 						`speciallogfile` = :speciallogfile,
 						`specialsettings` = :specialsettings,
 						`ssl_redirect` = :ssl_redirect,
-						`phpsettingid` = :phpsettingid"
+						`phpsettingid` = :phpsettingid,
+						`letsencrypt` = :letsencrypt"
 					);
 					$params = array(
 						"customerid" => $userinfo['customerid'],
@@ -355,7 +410,8 @@ if ($page == 'overview') {
 						"speciallogfile" => $domain_check['speciallogfile'],
 						"specialsettings" => $domain_check['specialsettings'],
 						"ssl_redirect" => $ssl_redirect,
-						"phpsettingid" => $phpsid_result['phpsettingid']
+						"phpsettingid" => $phpsid_result['phpsettingid'],
+						"letsencrypt" => $letsencrypt
 					);
 					Database::pexecute($stmt, $params);

@@ -388,7 +444,7 @@ if ($page == 'overview') {
 					redirectTo($filename, array('page' => $page, 's' => $s));
 				}
 			} else {
-				$stmt = Database::prepare("SELECT `id`, `domain`, `documentroot`, `ssl_redirect`,`isemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "`
+				$stmt = Database::prepare("SELECT `id`, `domain`, `documentroot`, `ssl_redirect`,`isemaildomain`,`letsencrypt` FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE `customerid` = :customerid
 					AND `parentdomainid` = '0'
 					AND `email_only` = '0'
@@ -450,7 +506,7 @@ if ($page == 'overview') {
 	} elseif ($action == 'edit' && $id != 0) {

 		$stmt = Database::prepare("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`wwwserveralias`, `d`.`iswildcarddomain`,
-			`d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir`, `d`.`openbasedir_path`, `pd`.`subcanemaildomain`
+			`d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir`, `d`.`openbasedir_path`, `d`.`letsencrypt`, `pd`.`subcanemaildomain`
 			FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd`
 			WHERE `d`.`customerid` = :customerid
 			AND `d`.`id` = :id
@@ -492,7 +548,7 @@ if ($page == 'overview') {

 				$aliasdomain = intval($_POST['alias']);

-				if (isset($_POST['selectserveralias']) && $result['parentdomainid'] == '0' ) {
+				if (isset($_POST['selectserveralias'])) {
 					$iswildcarddomain = ($_POST['selectserveralias'] == '0') ? '1' : '0';
 					$wwwserveralias = ($_POST['selectserveralias'] == '1') ? '1' : '0';
 				} else {
@@ -530,10 +586,11 @@ if ($page == 'overview') {
 				}

 				if (isset($_POST['ssl_redirect']) && $_POST['ssl_redirect'] == '1') {
-					// a ssl-redirect only works of there actually is a
+					// a ssl-redirect only works if there actually is a
 					// ssl ip/port assigned to the domain
 					if (domainHasSslIpPort($id) == true) {
 						$ssl_redirect = '1';
+						$_doredirect = true;
 					} else {
 						standard_error('sslredirectonlypossiblewithsslipport');
 					}
@@ -541,6 +598,33 @@ if ($page == 'overview') {
 					$ssl_redirect = '0';
 				}

+				if (isset($_POST['letsencrypt']) && $_POST['letsencrypt'] == '1') {
+					// let's encrypt only works if there actually is a
+					// ssl ip/port assigned to the domain
+					if (domainHasSslIpPort($id) == true) {
+						$letsencrypt = '1';
+					} else {
+						standard_error('letsencryptonlypossiblewithsslipport');
+					}
+				} else {
+					$letsencrypt = '0';
+				}
+
+				if ($aliasdomain != 0 && $letsencrypt != 0)
+				{
+					standard_error('letsencryptdoesnotworkwithaliasdomains');
+				}
+
+				// We can't enable let's encrypt for wildcard - domains
+				if ($iswildcarddomain == '1' && $letsencrypt == '1') {
+				    standard_error('nowildcardwithletsencrypt');
+				}
+
+				// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
+				if ($ssl_redirect > 0 && $letsencrypt == 1 && $result['letsencrypt'] != $letsencrypt) {
+					$ssl_redirect = 2;
+				}
+
 				if ($path == '') {
 					standard_error('patherror');
 				} else {
@@ -564,7 +648,8 @@ if ($page == 'overview') {
 						|| $iswildcarddomain != $result['iswildcarddomain']
 						|| $aliasdomain != $result['aliasdomain']
 						|| $openbasedir_path != $result['openbasedir_path']
-						|| $ssl_redirect != $result['ssl_redirect']) {
+						|| $ssl_redirect != $result['ssl_redirect']
+						|| $letsencrypt != $result['letsencrypt']) {
 						$log->logAction(USR_ACTION, LOG_INFO, "edited domain '" . $idna_convert->decode($result['domain']) . "'");

 						$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
@@ -574,7 +659,8 @@ if ($page == 'overview') {
 							`iswildcarddomain`= :iswildcarddomain,
 							`aliasdomain`= :aliasdomain,
 							`openbasedir_path`= :openbasedir_path,
-							`ssl_redirect`= :ssl_redirect
+							`ssl_redirect`= :ssl_redirect,
+							`letsencrypt`= :letsencrypt
 							WHERE `customerid`= :customerid
 							AND `id`= :id"
 						);
@@ -586,6 +672,7 @@ if ($page == 'overview') {
 							"aliasdomain" => ($aliasdomain != 0 && $alias_check == 0) ? $aliasdomain : null,
 							"openbasedir_path" => $openbasedir_path,
 							"ssl_redirect" => $ssl_redirect,
+							"letsencrypt" => $letsencrypt,
 							"customerid" => $userinfo['customerid'],
 							"id" => $id
 						);
@@ -655,6 +742,10 @@ if ($page == 'overview') {
 					$ssl_ipsandports = 'notempty';
 				}

+				// Fudge the result for ssl_redirect to hide the Let's Encrypt steps
+				$result['temporary_ssl_redirect'] = $result['ssl_redirect'];
+				$result['ssl_redirect'] = ($result['ssl_redirect'] == 0 ? 0 : 1);
+
 				$openbasedir = makeoption($lng['domain']['docroot'], 0, $result['openbasedir_path'], true) . makeoption($lng['domain']['homedir'], 1, $result['openbasedir_path'], true);

 				// create serveralias options
--- a/customer_email.php
+++ b/customer_email.php
@@ -244,7 +244,6 @@ if ($page == 'overview') {
 					standard_error('emailexistalready', $email_full);
 				} elseif ($email_check['email'] == $email) {
 					standard_error('youhavealreadyacatchallforthisdomain');
-					exit;
 				} else {
 					$stmt = Database::prepare("INSERT INTO `" . TABLE_MAIL_VIRTUAL . "`
 						(`customerid`, `email`, `email_full`, `iscatchall`, `domainid`)
@@ -377,7 +376,6 @@ if ($page == 'overview') {

 					if ($email_check['email'] == $email) {
 						standard_error('youhavealreadyacatchallforthisdomain');
-						exit;
 					} else {
 						$stmt = Database::prepare("UPDATE `" . TABLE_MAIL_VIRTUAL . "`
 							SET `email` = :email , `iscatchall` = '1'
@@ -414,10 +412,11 @@ if ($page == 'overview') {
 				standard_error('notallowedtouseaccounts');
 			}

-			$stmt = Database::prepare("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `popaccountid`, `domainid` FROM `" . TABLE_MAIL_VIRTUAL . "`
-				WHERE `customerid`= :cid
-				AND `id`= :id"
-			);
+			$stmt = Database::prepare("
+			    SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `popaccountid`, `domainid`
+			    FROM `" . TABLE_MAIL_VIRTUAL . "`
+			    WHERE `customerid`= :cid AND `id`= :id
+			");
 			$result = Database::pexecute_first($stmt, array("cid" => $userinfo['customerid'], "id" => $id));

 			if (isset($result['email']) && $result['email'] != '' && $result['popaccountid'] == '0') {
@@ -451,7 +450,7 @@ if ($page == 'overview') {
 						standard_error('passwordshouldnotbeusername');
 					} else {
 						if ($password == '') {
-							$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
+							$password = generatePassword();
 						}

 						$cryptPassword = makeCryptPassword($password);
@@ -461,7 +460,9 @@ if ($page == 'overview') {
 						$maildirname=trim(Settings::Get('system.vmail_maildirname'));
 						// Add trailing slash to Maildir if needed
 						$maildirpath=$maildirname;
-						if (!empty($maildirname) and substr($maildirname,-1) != "/") $maildirpath.="/";
+						if (!empty($maildirname) && substr($maildirname,-1) != "/") {
+							$maildirpath.="/";
+						}

 						$stmt = Database::prepare("INSERT INTO `" . TABLE_MAIL_USERS . "`
 							(`customerid`, `email`, `username`, " . (Settings::Get('system.mailpwcleartext') == '1' ? '`password`, ' : '') . " `password_enc`, `homedir`, `maildir`, `uid`, `gid`, `domainid`, `postfix`, `quota`, `imap`, `pop3`) ".
@@ -595,7 +596,7 @@ if ($page == 'overview') {

 							if ($_mailerror) {
 								$log->logAction(USR_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
-								standard_error(array('errorsendingmail', $alternative_email));
+								standard_error(array('errorsendingmail'), $alternative_email);
 							}

 							$mail->ClearAddresses();
@@ -604,6 +605,11 @@ if ($page == 'overview') {
 						redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 					}
 				} else {
+
+					if (checkMailAccDeletionState($result['email_full'])) {
+					   standard_error(array('mailaccistobedeleted'), $result['email_full']);
+					}
+
 					$result['email_full'] = $idna_convert->decode($result['email_full']);
 					$result = htmlentities_array($result);
 					$quota = Settings::Get('system.mail_quota');
@@ -633,11 +639,9 @@ if ($page == 'overview') {

 				if ($password == '') {
 					standard_error(array('stringisempty', 'mypassword'));
-					exit;
 				}
 				elseif ($password == $result['email_full']) {
 					standard_error('passwordshouldnotbeusername');
-					exit;
 				}

 				$password = validatePassword($password);
--- a/customer_extras.php
+++ b/customer_extras.php
@@ -53,9 +53,9 @@ if ($page == 'overview') {
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			if ($paging->checkDisplay($i)) {
 				if (strpos($row['path'], $userinfo['documentroot']) === 0) {
-					$row['path'] = substr($row['path'], strlen($userinfo['documentroot']));
+					$row['path'] = str_replace($userinfo['documentroot'], "/", $row['path']);
 				}
-
+				$row['path'] = makeCorrectDir($row['path']);
 				$row = htmlentities_array($row);
 				eval("\$htpasswds.=\"" . getTemplate("extras/htpasswds_htpasswd") . "\";");
 				$count++;
@@ -86,7 +86,7 @@ if ($page == 'overview') {
 				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
 				if (strpos($result['path'], $userinfo['documentroot']) === 0) {
-					$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
+				    $result['path'] = str_replace($userinfo['documentroot'], "/", $result['path']);
 				}

 				ask_yesno('extras_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username'] . ' (' . $result['path'] . ')');
@@ -224,7 +224,7 @@ if ($page == 'overview') {
 				}
 			} else {
 				if (strpos($result['path'], $userinfo['documentroot']) === 0) {
-					$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
+					$result['path'] = str_replace($userinfo['documentroot'], "/", $result['path']);
 				}

 				$result = htmlentities_array($result);
@@ -269,11 +269,9 @@ if ($page == 'overview') {
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			if ($paging->checkDisplay($i)) {
 				if (strpos($row['path'], $userinfo['documentroot']) === 0) {
-					$row['path'] = substr($row['path'], strlen($userinfo['documentroot']));
-					// don't show nothing wehn it's the docroot, show slash
-					if ($row['path'] == '') { $row['path'] = '/'; }
+					$row['path'] = str_replace($userinfo['documentroot'], "/", $row['path']);
 				}
-
+				$row['path'] = makeCorrectDir($row['path']);
 				$row['options_indexes'] = str_replace('1', $lng['panel']['yes'], $row['options_indexes']);
 				$row['options_indexes'] = str_replace('0', $lng['panel']['no'], $row['options_indexes']);
 				$row['options_cgi'] = str_replace('1', $lng['panel']['yes'], $row['options_cgi']);
@@ -297,16 +295,32 @@ if ($page == 'overview') {

 		if (isset($result['customerid']) && $result['customerid'] != '' && $result['customerid'] == $userinfo['customerid']) {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				// do we have to remove the symlink and folder in suexecpath?
+				if ((int)Settings::Get('perl.suexecworkaround') == 1) {
+					$loginname = getCustomerDetail($result['customerid'], 'loginname');
+					$suexecpath = makeCorrectDir(Settings::Get('perl.suexecpath').'/'.$loginname.'/'.md5($result['path']).'/');
+					$perlsymlink = makeCorrectFile($result['path'].'/cgi-bin');
+					// remove symlink
+					if (file_exists($perlsymlink)) {
+						safe_exec('rm -f '.escapeshellarg($perlsymlink));
+						$log->logAction(USR_ACTION, LOG_DEBUG, "deleted suexecworkaround symlink '" . $perlsymlink . "'");
+					}
+					// remove folder in suexec-path
+					if (file_exists($suexecpath)) {
+						safe_exec('rm -rf '.escapeshellarg($suexecpath));
+						$log->logAction(USR_ACTION, LOG_DEBUG, "deleted suexecworkaround path '" . $suexecpath . "'");
+					}
+				}
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_HTACCESS . "`
 					WHERE `customerid`= :customerid
 					AND `id`= :id"
 				);
 				Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
-				$log->logAction(USR_ACTION, LOG_INFO, "deleted htaccess for '" . str_replace($userinfo['documentroot'], '', $result['path']) . "'");
+				$log->logAction(USR_ACTION, LOG_INFO, "deleted htaccess for '" . str_replace($userinfo['documentroot'], '/', $result['path']) . "'");
 				inserttask('1');
 				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
-				ask_yesno('extras_reallydelete_pathoptions', $filename, array('id' => $id, 'page' => $page, 'action' => $action), str_replace($userinfo['documentroot'], '', $result['path']));
+				ask_yesno('extras_reallydelete_pathoptions', $filename, array('id' => $id, 'page' => $page, 'action' => $action), str_replace($userinfo['documentroot'], '/', $result['path']));
 			}
 		}
 	} elseif ($action == 'add') {
@@ -438,15 +452,13 @@ if ($page == 'overview') {
 						"id" => $id
 					);
 					Database::pexecute($stmt, $params);
-					$log->logAction(USR_ACTION, LOG_INFO, "edited htaccess for '" . str_replace($userinfo['documentroot'], '', $result['path']) . "'");
+					$log->logAction(USR_ACTION, LOG_INFO, "edited htaccess for '" . str_replace($userinfo['documentroot'], '/', $result['path']) . "'");
 				}

 				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
 				if (strpos($result['path'], $userinfo['documentroot']) === 0) {
-					$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
-					// don't show nothing wehn it's the docroot, show slash
-					if ($result['path'] == '') { $result['path'] = '/'; }
+					$result['path'] = str_replace($userinfo['documentroot'], "/", $result['path']);
 				}

 				$result['error404path'] = $result['error404path'];
--- a/customer_ftp.php
+++ b/customer_ftp.php
@@ -57,7 +57,7 @@ if ($page == 'overview') {
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			if ($paging->checkDisplay($i)) {
 				if (strpos($row['homedir'], $userinfo['documentroot']) === 0) {
-					$row['documentroot'] = substr($row['homedir'], strlen($userinfo['documentroot']));
+					$row['documentroot'] = str_replace($userinfo['documentroot'], "/", $row['homedir']);
 				} else {
 					$row['documentroot'] = $row['homedir'];
 				}
@@ -254,7 +254,7 @@ if ($page == 'overview') {
 							'CUST_NAME' => getCorrectUserSalutation($userinfo), // < keep this for compatibility
 							'USR_NAME' => $username,
 							'USR_PASS' => $password,
-							'USR_PATH' => makeCorrectDir(substr($path, strlen($userinfo['documentroot'])))
+							'USR_PATH' => makeCorrectDir(str_replace($userinfo['documentroot'], "/", $path))
 						);

 						$def_language = $userinfo['def_language'];
@@ -363,10 +363,8 @@ if ($page == 'overview') {
 				if ($_setnewpass) {
 					if ($password == '') {
 						standard_error(array('stringisempty', 'mypassword'));
-						exit;
 					} elseif ($result['username'] == $password) {
 						standard_error('passwordshouldnotbeusername');
-						exit;
 					}
 					$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account password for '" . $result['username'] . "'");
 					$cryptPassword = makeCryptPassword($password);
@@ -417,7 +415,7 @@ if ($page == 'overview') {
 				redirectTo($filename, array('page' => $page, 's' => $s));
 			} else {
 				if (strpos($result['homedir'], $userinfo['documentroot']) === 0) {
-					$homedir = substr($result['homedir'], strlen($userinfo['documentroot']));
+					$homedir = str_replace($userinfo['documentroot'], "/", $result['homedir']);
 				} else {
 					$homedir = $result['homedir'];
 				}
--- a/customer_index.php
+++ b/customer_index.php
@@ -40,7 +40,6 @@ if ($action == 'logout') {
 	Database::pexecute($stmt, $params);

 	redirectTo('index.php');
-	exit;
 }

 if ($page == 'overview') {
@@ -85,6 +84,8 @@ if ($page == 'overview') {
 	$userinfo['traffic_used'] = round($userinfo['traffic_used'] / (1024 * 1024), Settings::Get('panel.decimal_places'));
 	$userinfo = str_replace_array('-1', $lng['customer']['unlimited'], $userinfo, 'diskspace traffic mysqls emails email_accounts email_forwarders email_quota ftps tickets subdomains');

+	$userinfo['custom_notes'] = ($userinfo['custom_notes'] != '') ? nl2br($userinfo['custom_notes']) : '';
+
 	$services_enabled = "";
 	$se = array();
 	if ($userinfo['imap'] == '1') $se[] = "IMAP";
@@ -97,9 +98,8 @@ if ($page == 'overview') {
 } elseif ($page == 'change_password') {
 	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$old_password = validate($_POST['old_password'], 'old password');
-		if (md5($old_password) != $userinfo['password']) {
+		if (!validatePasswordLogin($userinfo,$old_password,TABLE_PANEL_CUSTOMERS,'customerid')) {
 			standard_error('oldpasswordnotcorrect');
-			exit;
 		}

 		$new_password = validatePassword($_POST['new_password'], 'new password');
@@ -117,13 +117,11 @@ if ($page == 'overview') {
 			// Update user password
 			$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
 				SET `password` = :newpassword
-				WHERE `customerid` = :customerid
-				AND `password` = :oldpassword"
+				WHERE `customerid` = :customerid"
 			);
 			$params = array(
-				"newpassword" => md5($new_password),
-				"customerid" => $userinfo['customerid'],
-				"oldpassword" => md5($old_password)
+				"newpassword" => makeCryptPassword($new_password),
+				"customerid" => $userinfo['customerid']
 			);
 			Database::pexecute($stmt, $params);
 			$log->logAction(USR_ACTION, LOG_NOTICE, 'changed password');
--- a/customer_logger.php
+++ b/customer_logger.php
@@ -0,0 +1,117 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Panel
+ *
+ */
+
+define('AREA', 'customer');
+require './lib/init.php';
+
+if ($page == 'log'
+) {
+	if ($action == '') {
+		$fields = array(
+			'date' => $lng['logger']['date'],
+			'type' => $lng['logger']['type'],
+			'user' => $lng['logger']['user'],
+			'text' => $lng['logger']['action']
+		);
+		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc');
+		$result_stmt = Database::prepare('
+			SELECT * FROM `' . TABLE_PANEL_LOG . '` WHERE `user` = :loginname ' . $paging->getSqlWhere(true) . ' ' . $paging->getSqlOrderBy() . ' ' . $paging->getSqlLimit()
+		);
+		Database::pexecute($result_stmt, array("loginname" => $userinfo['loginname']));
+		$logs_count = Database::num_rows();
+		$paging->setEntries($logs_count);
+		$sortcode = $paging->getHtmlSortCode($lng);
+		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
+		$searchcode = $paging->getHtmlSearchCode($lng);
+		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
+		$clog = array();
+
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+
+			if (!isset($clog[$row['action']])
+				|| !is_array($clog[$row['action']])
+			) {
+				$clog[$row['action']] = array();
+			}
+			$clog[$row['action']][$row['logid']] = $row;
+		}
+
+		if ($paging->sortfield == 'date'
+			&& $paging->sortorder == 'desc'
+		) {
+			krsort($clog);
+		} else {
+			ksort($clog);
+		}
+
+		$i = 0;
+		$count = 0;
+		$log_count = 0;
+		$log = '';
+		foreach ($clog as $action => $logrows) {
+			$_action = 0;
+			foreach ($logrows as $row) {
+				if ($paging->checkDisplay($i)) {
+					$row = htmlentities_array($row);
+					$row['date'] = date("d.m.y H:i:s", $row['date']);
+
+					if ($_action != $action) {
+						switch ($action) {
+							case USR_ACTION:
+								$_action = $lng['admin']['customer'];
+								break;
+							case RES_ACTION:
+								$_action = $lng['logger']['reseller'];
+								break;
+							case ADM_ACTION:
+								$_action = $lng['logger']['admin'];
+								break;
+							case CRON_ACTION:
+								$_action = $lng['logger']['cron'];
+								break;
+							case LOGIN_ACTION:
+								$_action = $lng['logger']['login'];
+								break;
+							case LOG_ERROR:
+								$_action = $lng['logger']['intern'];
+								break;
+							default:
+								$_action = $lng['logger']['unknown'];
+								break;
+						}
+
+						$row['action'] = $_action;
+						eval("\$log.=\"" . getTemplate('logger/logger_action') . "\";");
+					}
+
+					$log_count++;
+					$row['type'] = getLogLevelDesc($row['type']);
+					eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";");
+					$count++;
+					$_action = $action;
+				}
+				$i++;
+			}
+			$i++;
+		}
+
+		eval("echo \"" . getTemplate('logger/logger') . "\";");
+
+	}
+}
--- a/customer_mysql.php
+++ b/customer_mysql.php
@@ -219,7 +219,7 @@ if ($page == 'overview') {
 							'DB_NAME' => $username,
 							'DB_PASS' => $password,
 							'DB_DESC' => $databasedescription,
-							'DB_SRV' => $sql_root['caption'],
+							'DB_SRV' => $sql_root['host'],
 							'PMA_URI' => $pma
 						);

--- a/customer_tickets.php
+++ b/customer_tickets.php
@@ -92,8 +92,10 @@ if ($page == 'overview') {
 				}

 				$row['subject'] = html_entity_decode($row['subject']);
-				if (strlen($row['subject']) > 20) {
-					$row['subject'] = substr($row['subject'], 0, 17) . '...';
+				if (strlen($row['subject']) > 30) {
+					$ts = wordwrap($row['subject'], 30, "|");
+					$ts = explode("|", $ts);
+					$row['subject'] = $ts[0]. '...';
 				}

 				eval("\$tickets.=\"" . getTemplate("tickets/tickets_tickets") . "\";");
--- a/index.php
+++ b/index.php
@@ -69,13 +69,13 @@ if ($action == 'login') {
 			}
 		}

-		if (hasUpdates($version) && $is_admin == false) {
+		if ((hasUpdates($version) || hasDbUpdates($dbversion)) && $is_admin == false) {
 			redirectTo('index.php');
 			exit;
 		}

 		if ($is_admin) {
-			if (hasUpdates($version)) {
+			if (hasUpdates($version) || hasDbUpdates($dbversion)) {
 				$stmt = Database::prepare("SELECT `loginname` AS `admin` FROM `" . TABLE_PANEL_ADMINS . "`
 					WHERE `loginname`= :loginname
 					AND `change_serversettings` = '1'"
@@ -118,16 +118,24 @@ if ($action == 'login') {
 		if ($userinfo['loginfail_count'] >= Settings::Get('login.maxloginattempts') && $userinfo['lastlogin_fail'] > (time() - Settings::Get('login.deactivatetime'))) {
 			redirectTo('index.php', array('showmessage' => '3'));
 			exit;
-		} elseif ($userinfo['password'] == md5($password)) {
-			// login correct
-			// reset loginfail_counter, set lastlogin_succ
-			$stmt = Database::prepare("UPDATE $table
-				SET `lastlogin_succ`= :lastlogin_succ, `loginfail_count`='0'
-				WHERE `$uid`= :uid"
-			);
-			Database::pexecute($stmt, array("lastlogin_succ" => time(), "uid" => $userinfo[$uid]));
-			$userinfo['userid'] = $userinfo[$uid];
-			$userinfo['adminsession'] = $adminsession;
+		} elseif (validatePasswordLogin($userinfo, $password, $table, $uid)) {
+		    // only show "you're banned" if the login was successful
+		    // because we don't want to publish that the user does exist
+		    if ($userinfo['deactivated']) {
+		        unset($userinfo);
+		        redirectTo('index.php', array('showmessage' => '5'));
+		        exit;
+		    } else {
+		        // login correct
+		        // reset loginfail_counter, set lastlogin_succ
+		        $stmt = Database::prepare("UPDATE $table
+		              SET `lastlogin_succ`= :lastlogin_succ, `loginfail_count`='0'
+		              WHERE `$uid`= :uid"
+		        );
+		        Database::pexecute($stmt, array("lastlogin_succ" => time(), "uid" => $userinfo[$uid]));
+		        $userinfo['userid'] = $userinfo[$uid];
+		        $userinfo['adminsession'] = $adminsession;
+		    }
 		} else {
 			// login incorrect
 			$stmt = Database::prepare("UPDATE $table
@@ -214,11 +222,15 @@ if ($action == 'login') {
 			$qryparams['s'] = $s;

 			if ($userinfo['adminsession'] == '1') {
-				if (hasUpdates($version)) {
+				if (hasUpdates($version) || hasDbUpdates($dbversion)) {
 					redirectTo('admin_updates.php', array('s' => $s));
 				} else {
 					if (isset($_POST['script']) && $_POST['script'] != "") {
-						redirectTo($_POST['script'], $qryparams);
+						if (preg_match("/customer\_/", $_POST['script']) === 1) {
+							redirectTo('admin_customers.php', array("page" => "customers"));
+						} else {
+							redirectTo($_POST['script'], $qryparams);
+						}
 					} else {
 						redirectTo('admin_index.php', $qryparams);
 					}
@@ -269,10 +281,13 @@ if ($action == 'login') {
 		case 7:
 			$message = $lng['pwdreminder']['wrongcode'];
 			break;
+		case 8:
+		    $message = $lng['pwdreminder']['notallowed'];
+		    break;
 		}

 		$update_in_progress = '';
-		if (hasUpdates($version)) {
+		if (hasUpdates($version) || hasDbUpdates($dbversion)) {
 			$update_in_progress = $lng['update']['updateinprogress_onlyadmincanlogin'];
 		}
 		
@@ -326,16 +341,16 @@ if ($action == 'forgotpwd') {

 			/* Check whether user is banned */
 			if ($user['deactivated']) {
-				$message = $lng['pwdreminder']['notallowed'];
-				redirectTo('index.php', array('showmessage' => '5'));
+				redirectTo('index.php', array('showmessage' => '8'));
+				exit;
 			}

 			if (($adminchecked && Settings::Get('panel.allow_preset_admin') == '1') || $adminchecked == false) {
 				if ($user !== false) {
 					// build a activation code
 					$timestamp = time();
-					$first = substr(md5($user['loginname'] . $timestamp . rand(0, $timestamp)), 0, 15);
-					$third = substr(md5($user['email'] . $timestamp . rand(0, $timestamp)), -15);
+					$first = substr(md5($user['loginname'] . $timestamp . randomStr(16)), 0, 15);
+					$third = substr(md5($user['email'] . $timestamp . randomStr(16)), -15);
 					$activationcode = $first . $timestamp . $third . substr(md5($third . $timestamp), 0, 10);

 					// Drop all existing activation codes for this user
@@ -511,7 +526,7 @@ if ($action == 'resetpwd') {
 								WHERE `customerid` = :userid"
 							);
 						}
-						Database::pexecute($stmt, array("newpassword" => md5($new_password), "userid" => $result['userid']));
+						Database::pexecute($stmt, array("newpassword" => makeCryptPassword($new_password), "userid" => $result['userid']));

 						$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'));
 						$rstlog->logAction(USR_ACTION, LOG_NOTICE, "changed password using password reset.");
--- a/install/froxlor.sql
+++ b/install/froxlor.sql
@@ -91,7 +91,7 @@ DROP TABLE IF EXISTS `panel_admins`;
 CREATE TABLE `panel_admins` (
  `adminid` int(11) unsigned NOT NULL auto_increment,
  `loginname` varchar(50) NOT NULL default '',
-  `password` varchar(50) NOT NULL default '',
+  `password` varchar(255) NOT NULL default '',
  `name` varchar(255) NOT NULL default '',
  `email` varchar(255) NOT NULL default '',
  `def_language` varchar(255) NOT NULL default '',
@@ -131,6 +131,8 @@ CREATE TABLE `panel_admins` (
  `loginfail_count` int(11) unsigned NOT NULL default '0',
  `reportsent` tinyint(4) unsigned NOT NULL default '0',
  `theme` varchar(255) NOT NULL default 'Sparkle',
+  `custom_notes` text,
+  `custom_notes_show` tinyint(1) NOT NULL default '0',
   PRIMARY KEY  (`adminid`),
   UNIQUE KEY `loginname` (`loginname`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -141,7 +143,7 @@ DROP TABLE IF EXISTS `panel_customers`;
 CREATE TABLE `panel_customers` (
  `customerid` int(11) unsigned NOT NULL auto_increment,
  `loginname` varchar(50) NOT NULL default '',
-  `password` varchar(50) NOT NULL default '',
+  `password` varchar(255) NOT NULL default '',
  `adminid` int(11) unsigned NOT NULL default '0',
  `name` varchar(255) NOT NULL default '',
  `firstname` varchar(255) NOT NULL default '',
@@ -190,6 +192,10 @@ CREATE TABLE `panel_customers` (
  `imap` tinyint(1) NOT NULL default '1',
  `perlenabled` tinyint(1) NOT NULL default '0',
  `theme` varchar(255) NOT NULL default 'Sparkle',
+  `custom_notes` text,
+  `custom_notes_show` tinyint(1) NOT NULL default '0',
+  `lepublickey` mediumtext DEFAULT NULL,
+  `leprivatekey` mediumtext DEFAULT NULL,
   PRIMARY KEY  (`customerid`),
   UNIQUE KEY `loginname` (`loginname`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -229,7 +235,7 @@ CREATE TABLE `panel_domains` (
  `dkim_privkey` text,
  `dkim_pubkey` text,
  `wwwserveralias` tinyint(1) NOT NULL default '1',
-  `parentdomainid` int(11) unsigned NOT NULL default '0',
+  `parentdomainid` int(11) NOT NULL default '0',
  `openbasedir` tinyint(1) NOT NULL default '0',
  `openbasedir_path` tinyint(1) NOT NULL default '0',
  `speciallogfile` tinyint(1) NOT NULL default '0',
@@ -239,10 +245,15 @@ CREATE TABLE `panel_domains` (
  `bindserial` varchar(10) NOT NULL default '2000010100',
  `add_date` int( 11 ) NOT NULL default '0',
  `registration_date` date NOT NULL,
+  `termination_date` date NOT NULL,
  `phpsettingid` INT( 11 ) UNSIGNED NOT NULL DEFAULT '1',
  `mod_fcgid_starter` int(4) default '-1',
  `mod_fcgid_maxrequests` int(4) default '-1',
  `ismainbutsubto` int(11) unsigned NOT NULL default '0',
+  `letsencrypt` tinyint(1) NOT NULL default '0',
+  `hsts` varchar(10) NOT NULL default '0',
+  `hsts_sub` tinyint(1) NOT NULL default '0',
+  `hsts_preload` tinyint(1) NOT NULL default '1',
  PRIMARY KEY  (`id`),
  KEY `customerid` (`customerid`),
  KEY `parentdomain` (`parentdomainid`),
@@ -361,7 +372,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('dkim', 'dkim_domains', 'domains'),
 	('dkim', 'dkim_dkimkeys', 'dkim-keys.conf'),
 	('dkim', 'dkimrestart_command', '/etc/init.d/dkim-filter restart'),
-	('admin', 'show_news_feed', '1'),
+	('admin', 'show_news_feed', '0'),
 	('admin', 'show_version_login', '0'),
 	('admin', 'show_version_footer', '0'),
 	('spf', 'use_spf', '0'),
@@ -482,13 +493,13 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'mod_fcgid_defaultini_ownvhost', '2'),
 	('system', 'awstats_icons', '/usr/share/awstats/icon/'),
 	('system', 'ssl_cert_chainfile', ''),
-	('system', 'ssl_cipher_list', 'ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH'),
+	('system', 'ssl_cipher_list', 'ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128'),
 	('system', 'nginx_php_backend', '127.0.0.1:8888'),
 	('system', 'perl_server', 'unix:/var/run/nginx/cgiwrap-dispatch.sock'),
 	('system', 'phpreload_command', ''),
 	('system', 'apache24', '0'),
 	('system', 'documentroot_use_default_value', '0'),
-	('system', 'passwordcryptfunc', '1'),
+	('system', 'passwordcryptfunc', '3'),
 	('system', 'axfrservers', ''),
 	('system', 'customer_ssl_path', '/etc/ssl/froxlor-custom/'),
 	('system', 'allow_error_report_admin', '1'),
@@ -500,9 +511,20 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'mailtraffic_enabled', '1'),
 	('system', 'cronconfig', '/etc/cron.d/froxlor'),
 	('system', 'crondreload', '/etc/init.d/cron reload'),
-	('system', 'croncmdline', '/usr/bin/nice -n 5 /usr/bin/php5 -q'),
+	('system', 'croncmdline', '/usr/bin/nice -n 5 /usr/bin/php -q'),
 	('system', 'cron_allowautoupdate', '0'),
 	('system', 'dns_createhostnameentry', '0'),
+	('system', 'send_cron_errors', '0'),
+	('system', 'apacheitksupport', '0'),
+	('system', 'leprivatekey', 'unset'),
+	('system', 'lepublickey', 'unset'),
+	('system', 'letsencryptca', 'production'),
+	('system', 'letsencryptcountrycode', 'DE'),
+	('system', 'letsencryptstate', 'Germany'),
+	('system', 'letsencryptchallengepath', '/var/www/froxlor'),
+	('system', 'letsencryptkeysize', '4096'),
+	('system', 'letsencryptreuseold', 0),
+	('system', 'leenabled', '0'),
 	('panel', 'decimal_places', '4'),
 	('panel', 'adminmail', 'admin@SERVERNAME'),
 	('panel', 'phpmyadmin_url', ''),
@@ -532,8 +554,9 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('panel', 'password_alpha_upper', '1'),
 	('panel', 'password_numeric', '0'),
 	('panel', 'password_special_char_required', '0'),
-	('panel', 'password_special_char', '!?<>§$%&+#=@'),
-	('panel', 'version', '0.9.33-rc1');
+	('panel', 'password_special_char', '!?<>§$%+#=@'),
+	('panel', 'version', '0.9.35.1'),
+	('panel', 'db_version', '201603150');


 DROP TABLE IF EXISTS `panel_tasks`;
@@ -645,11 +668,11 @@ CREATE TABLE `panel_languages` (
 INSERT INTO `panel_languages` (`id`, `language`, `iso`, `file`) VALUES
    (1, 'Deutsch', 'de', 'lng/german.lng.php'),
    (2, 'English', 'en', 'lng/english.lng.php'),
-    (3, 'Français', 'fr', 'lng/french.lng.php'),
+    (3, 'Fran&ccedil;ais', 'fr', 'lng/french.lng.php'),
    (4, 'Portugu&ecirc;s', 'pt', 'lng/portugues.lng.php'),
-    (5, 'Italian', 'it', 'lng/italian.lng.php'),
-    (6, 'Dutch', 'nl', 'lng/dutch.lng.php'),
-    (7, 'Swedish', 'sv', 'lng/swedish.lng.php');
+    (5, 'Italiano', 'it', 'lng/italian.lng.php'),
+    (6, 'Nederlands', 'nl', 'lng/dutch.lng.php'),
+    (7, 'Svenska', 'sv', 'lng/swedish.lng.php');



@@ -707,6 +730,7 @@ CREATE TABLE `panel_phpconfigs` (
  `file_extensions` varchar(255) NOT NULL,
  `mod_fcgid_starter` int(4) NOT NULL DEFAULT '-1',
  `mod_fcgid_maxrequests` int(4) NOT NULL DEFAULT '-1',
+  `mod_fcgid_umask` varchar(15) NOT NULL DEFAULT '022',
  `fpm_slowlog` tinyint(1) NOT NULL default '0',
  `fpm_reqterm` varchar(15) NOT NULL default '60s',
  `fpm_reqslow` varchar(15) NOT NULL default '5s',
@@ -717,8 +741,8 @@ CREATE TABLE `panel_phpconfigs` (


 INSERT INTO `panel_phpconfigs` (`id`, `description`, `binary`, `file_extensions`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`, `phpsettings`) VALUES
-(1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\n'),
-(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\nnoutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\n');
+(1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = "{DOCUMENT_ROOT}"\r\n'),
+(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\nnoutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = ""\r\n');


 DROP TABLE IF EXISTS `cronjobs_run`;
@@ -740,7 +764,8 @@ INSERT INTO `cronjobs_run` (`id`, `module`, `cronfile`, `interval`, `isactive`,
 	(3, 'froxlor/ticket', 'used_tickets_reset', '1 DAY', '1', 'cron_ticketsreset'),
 	(4, 'froxlor/ticket', 'ticketarchive', '1 MONTH', '1', 'cron_ticketarchive'),
 	(5, 'froxlor/reports', 'usage_report', '1 DAY', '1', 'cron_usage_report'),
-	(6, 'froxlor/core', 'mailboxsize', '6 HOUR', '1', 'cron_mailboxsize');
+	(6, 'froxlor/core', 'mailboxsize', '6 HOUR', '1', 'cron_mailboxsize'),
+	(7, 'froxlor/letsencrypt', 'letsencrypt', '5 MINUTE', '0', 'cron_letsencrypt');



@@ -811,10 +836,12 @@ DROP TABLE IF EXISTS `domain_ssl_settings`;
 CREATE TABLE IF NOT EXISTS `domain_ssl_settings` (
  `id` int(5) NOT NULL auto_increment,
  `domainid` int(11) NOT NULL,
-  `ssl_cert_file` text NOT NULL,
-  `ssl_key_file` text NOT NULL,
-  `ssl_ca_file` text,
-  `ssl_cert_chainfile` text,
+  `ssl_cert_file` mediumtext NOT NULL,
+  `ssl_key_file` mediumtext NOT NULL,
+  `ssl_ca_file` mediumtext,
+  `ssl_cert_chainfile` mediumtext,
+  `ssl_csr_file` mediumtext,
+  `expirationdate` datetime DEFAULT NULL,
  PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;

--- a/install/lib/class.FroxlorInstall.php
+++ b/install/lib/class.FroxlorInstall.php
@@ -160,6 +160,7 @@ class FroxlorInstall {
 		$this->_getPostField('admin_user', 'admin');
 		$this->_getPostField('admin_pass1');
 		$this->_getPostField('admin_pass2');
+		$this->_getPostField('activate_newsfeed', 1);
 		$posixusername = posix_getpwuid(posix_getuid());
 		$this->_getPostField('httpuser', $posixusername['name']);
 		$posixgroup = posix_getgrgid(posix_getgid());
@@ -372,7 +373,8 @@ class FroxlorInstall {
 		$content .= $this->_status_message('begin', $this->_lng['install']['adding_admin_user']);
 		$ins_data = array(
 				'loginname' => $this->_data['admin_user'],
-				'password' => md5($this->_data['admin_pass1']),
+				/* use SHA256 default crypt */
+				'password' => crypt($this->_data['admin_pass1'], '$5$'. md5(uniqid(microtime(), 1)) . md5(uniqid(microtime(), 1))),
 				'email' => 'admin@' . $this->_data['servername'],
 				'deflang' => $this->_languages[$this->_activelng]
 		);
@@ -453,7 +455,10 @@ class FroxlorInstall {
 		$this->_updateSetting($upd_stmt, $this->_data['httpgroup'], 'system', 'httpgroup');

 		// necessary changes for webservers != apache2
-		if ($this->_data['webserver'] == "lighttpd") {
+		if ($this->_data['webserver'] == "apache24") {
+		    $this->_updateSetting($upd_stmt, 'apache2', 'system', 'webserver');
+		    $this->_updateSetting($upd_stmt, '1', 'system', 'apache24');
+		} elseif ($this->_data['webserver'] == "lighttpd") {
 			$this->_updateSetting($upd_stmt, '/etc/lighttpd/conf-enabled/', 'system', 'apacheconf_vhost');
 			$this->_updateSetting($upd_stmt, '/etc/lighttpd/froxlor-diroptions/', 'system', 'apacheconf_diroptions');
 			$this->_updateSetting($upd_stmt, '/etc/lighttpd/froxlor-htpasswd/', 'system', 'apacheconf_htpasswddir');
@@ -466,8 +471,11 @@ class FroxlorInstall {
 			$this->_updateSetting($upd_stmt, '/etc/nginx/froxlor-htpasswd/', 'system', 'apacheconf_htpasswddir');
 			$this->_updateSetting($upd_stmt, '/etc/init.d/nginx reload', 'system', 'apachereload_command');
 			$this->_updateSetting($upd_stmt, '/etc/nginx/nginx.pem', 'system', 'ssl_cert_file');
-			$this->_updateSetting($upd_stmt, '/var/run/nginx/', 'phpfpm', 'fastcgi_ipcdir');
+			$this->_updateSetting($upd_stmt, '/var/run/', 'phpfpm', 'fastcgi_ipcdir');
 		}
+		
+		$this->_updateSetting($upd_stmt, $this->_data['activate_newsfeed'], 'admin', 'show_news_feed');
+		$this->_updateSetting($upd_stmt, dirname(dirname(dirname(__FILE__))), 'system', 'letsencryptchallengepath');

 		// insert the lastcronrun to be the installation date
 		$this->_updateSetting($upd_stmt, time(), 'system', 'lastcronrun');
@@ -740,6 +748,8 @@ class FroxlorInstall {
 		} else { $style = '';
 		}
 		$formdata .= $this->_getSectionItemString('admin_pass2', true, $style, 'password');
+		// activate newsfeed?
+		$formdata .= $this->_getSectionItemYesNo('activate_newsfeed', true);

 		/**
 		 * Server data
@@ -765,6 +775,7 @@ class FroxlorInstall {
 		}
 		// apache
 		$formdata .= $this->_getSectionItemCheckbox('apache2', ($this->_data['webserver'] == 'apache2'), $websrvstyle);
+		$formdata .= $this->_getSectionItemCheckbox('apache24', ($this->_data['webserver'] == 'apache24'), $websrvstyle);
 		// lighttpd
 		$formdata .= $this->_getSectionItemCheckbox('lighttpd', ($this->_data['webserver'] == 'lighttpd'), $websrvstyle);
 		// nginx
@@ -812,10 +823,10 @@ class FroxlorInstall {
 	}

 	/**
-	 * generate form checkbox field
+	 * generate form radio field for webserver-selection
 	 *
 	 * @param string $fieldname
-	 * @param boolean $required
+	 * @param boolean $checked
 	 * @param string $style
 	 *
 	 * @return string
@@ -830,6 +841,25 @@ class FroxlorInstall {
 		return $sectionitem;
 	}

+	/**
+	 * generate form checkbox field
+	 *
+	 * @param string $fieldname
+	 * @param boolean $checked
+	 * @param string $style
+	 *
+	 * @return string
+	 */
+	private function _getSectionItemYesNo($fieldname = null, $checked = false, $style = "") {
+	    $fieldlabel = $this->_lng['install'][$fieldname];
+	    if ($checked) {
+	        $checked = 'checked="checked"';
+	    }
+	    $sectionitem = "";
+	    eval("\$sectionitem .= \"" . $this->_getTemplate("dataitemyesno") . "\";");
+	    return $sectionitem;
+	}
+
 	/**
 	 * check for requirements froxlor needs
 	 */
@@ -902,6 +932,16 @@ class FroxlorInstall {
 			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
 		}

+		// check for bstring-extension
+		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpmbstring']);
+
+		if (!extension_loaded('mbstring')) {
+		    $content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
+		    $_die = true;
+		} else {
+		    $content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
+		}
+
 		// check for bcmath extension
 		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpbcmath']);

@@ -1038,7 +1078,7 @@ class FroxlorInstall {
 	private function _getTemplate($template = null) {
 		// build filename
 		$filename = $this->_basepath.'/install/templates/' . $template . '.tpl';
-		// check existance
+		// check existence
 		if(file_exists($filename)
 				&& is_readable($filename)
 		) {
@@ -1221,10 +1261,10 @@ class FroxlorInstall {
 		// we don't actually care about the matches preg gives us.
 		$matches = array();

-		// this is faster than calling count($oktens) every time thru the loop.
+		// this is faster than calling count($tokens) every time through the loop.
 		$token_count = count($tokens);
 		for ($i = 0; $i < $token_count; $i++) {
-			// Don't wanna add an empty string as the last thing in the array.
+			// Don't want to add an empty string as the last thing in the array.
 			if (($i != ($token_count - 1))
 					|| (strlen($tokens[$i] > 0))
 			) {
--- a/install/lng/english.lng.php
+++ b/install/lng/english.lng.php
@@ -32,6 +32,7 @@ $lng['requirements']['phpfilter'] = 'PHP filter-extension...';
 $lng['requirements']['phpposix'] = 'PHP posix-extension...';
 $lng['requirements']['phpbcmath'] = 'PHP bcmath-extension...';
 $lng['requirements']['phpcurl'] = 'PHP curl-extension...';
+$lng['requirements']['phpmbstring'] = 'PHP mbstring-extension...';
 $lng['requirements']['bcmathdescription'] = 'Traffic-calculation related functions will not work correctly!';
 $lng['requirements']['curldescription'] = 'Version-check and news-feed may not work correctly!';
 $lng['requirements']['openbasedir'] = 'open_basedir...';
@@ -55,11 +56,13 @@ $lng['install']['admin_account'] = 'Administrator Account';
 $lng['install']['admin_user'] = 'Administrator Username';
 $lng['install']['admin_pass1'] = 'Administrator Password';
 $lng['install']['admin_pass2'] = 'Administrator-Password (confirm)';
+$lng['install']['activate_newsfeed'] = 'Enable the official newsfeed<br><small>(https://inside.froxlor.org/news/)</small>';
 $lng['install']['serversettings'] = 'Server settings';
 $lng['install']['servername'] = 'Server name (FQDN, no ip-address)';
 $lng['install']['serverip'] = 'Server IP';
 $lng['install']['webserver'] = 'Webserver';
 $lng['install']['apache2'] = 'Apache 2';
+$lng['install']['apache24'] = 'Apache 2.4';
 $lng['install']['lighttpd'] = 'LigHTTPd';
 $lng['install']['nginx'] = 'NGINX';
 $lng['install']['httpuser'] = 'HTTP username';
--- a/install/lng/french.lng.php
+++ b/install/lng/french.lng.php
@@ -32,6 +32,7 @@ $lng['requirements']['phpfilter'] = 'extension PHP filter ...';
 $lng['requirements']['phpposix'] = 'extension PHP posix ...';
 $lng['requirements']['phpbcmath'] = 'extension PHP bcmath ...';
 $lng['requirements']['phpcurl'] = 'extension PHP curl...';
+$lng['requirements']['phpmbstring'] = 'extension PHP mbstring...';
 $lng['requirements']['bcmathdescription'] = 'Les fonctions de calcul de traffic ne fonctionneront pas correctement!';
 $lng['requirements']['curldescription'] = 'Les vérifications de version et les flux d\'information peuvent ne pas fonctionner correctement!';
 $lng['requirements']['openbasedir'] = 'open_basedir...';
@@ -60,6 +61,7 @@ $lng['install']['servername'] = 'Nom du serveur (FQDN, pas d\'adresse IP)';
 $lng['install']['serverip'] = 'Adresse IP du serveur';
 $lng['install']['webserver'] = 'Serveur Web';
 $lng['install']['apache2'] = 'Apache 2';
+$lng['install']['apache24'] = 'Apache 2.4';
 $lng['install']['lighttpd'] = 'LigHTTPd';
 $lng['install']['nginx'] = 'NGINX';
 $lng['install']['httpuser'] = 'Nom d\'utilisateur HTTP';
--- a/install/lng/german.lng.php
+++ b/install/lng/german.lng.php
@@ -32,6 +32,7 @@ $lng['requirements']['phpfilter'] = 'PHP filter-Erweiterung...';
 $lng['requirements']['phpposix'] = 'PHP posix-Erweiterung...';
 $lng['requirements']['phpbcmath'] = 'PHP bcmath-Erweiterung...';
 $lng['requirements']['phpcurl'] = 'PHP curl-Erweiterung...';
+$lng['requirements']['phpmbstring'] = 'PHP mbstring-Erweiterung...';
 $lng['requirements']['bcmathdescription'] = 'Traffic-Berechnungs bezogene Funktionen stehen nicht vollständig zur Verfügung!';
 $lng['requirements']['curldescription'] = 'Versions-Prüfung und News-Feed stehen nicht vollständig zur Verfügung!';
 $lng['requirements']['openbasedir'] = 'open_basedir genutzt wird...';
@@ -55,11 +56,13 @@ $lng['install']['admin_account'] = 'Admin-Zugang';
 $lng['install']['admin_user'] = 'Administrator-Benutzername';
 $lng['install']['admin_pass1'] = 'Administrator-Passwort';
 $lng['install']['admin_pass2'] = 'Administrator-Passwort (Bestätigung)';
+$lng['install']['activate_newsfeed'] = 'Aktiviere das offizielle Newsfeed<br><small>(https://inside.froxlor.org/news/)</small>';
 $lng['install']['serversettings'] = 'Servereinstellungen';
 $lng['install']['servername'] = 'Servername (FQDN, keine IP-Adresse)';
 $lng['install']['serverip'] = 'Server-IP';
 $lng['install']['webserver'] = 'Webserver';
 $lng['install']['apache2'] = 'Apache 2';
+$lng['install']['apache24'] = 'Apache 2.4';
 $lng['install']['lighttpd'] = 'LigHTTPd';
 $lng['install']['nginx'] = 'NGINX';
 $lng['install']['httpuser'] = 'HTTP Username';
--- a/install/scripts/language-check.php
+++ b/install/scripts/language-check.php
@@ -27,13 +27,16 @@ if(@php_sapi_name() != 'cli'
 }

 // Check argument count
+/*
 if (sizeof($argv) != 2) {
 	print_help($argv);
 	exit;
 }
+*/

 // Load the contents of the given path
 $path = $argv[1];
+$_f = isset($argv[2]) ? $argv[2] : null;
 $files = array();

 if ($dh = opendir($path)) {
@@ -43,7 +46,9 @@ if ($dh = opendir($path)) {
 		   && !is_dir($file)
 		   && preg_match('/(.+)\.lng\.php/i', $file)
 		) {
-			$files[$file] = str_replace('//', '/', $path . '/' . $file);
+			if (is_null($_f) || (!is_null($_f) && ($file == $_f || $file == $baseLanguage))) {
+				$files[$file] = str_replace('//', '/', $path . '/' . $file);
+			}
 		}
 	}

@@ -51,7 +56,7 @@ if ($dh = opendir($path)) {
 } else {
 	print "ERROR: The path you requested cannot be read! \n ";
 	print "\n";
-	print_help();
+	print_help($argv);
 	exit;
 }

@@ -59,7 +64,7 @@ if ($dh = opendir($path)) {
 if (!isset($files[$baseLanguage])) {
 	print "ERROR: The baselanguage cannot be found! \n";
 	print "\n";
-	print_help();
+	print_help($argv);
 	exit;
 }

--- a/install/templates/assets/css/install.css
+++ b/install/templates/assets/css/install.css
--- a/install/templates/assets/img/favicon.ico
+++ b/install/templates/assets/img/favicon.ico
--- a/install/templates/assets/img/logo.png
+++ b/install/templates/assets/img/logo.png
--- a/install/templates/assets/img/password.png
+++ b/install/templates/assets/img/password.png
--- a/install/templates/assets/img/text_align_left.png
+++ b/install/templates/assets/img/text_align_left.png
--- a/install/templates/dataform.tpl
+++ b/install/templates/dataform.tpl
--- a/install/templates/dataform2.tpl
+++ b/install/templates/dataform2.tpl
--- a/install/templates/dataitem.tpl
+++ b/install/templates/dataitem.tpl
--- a/install/templates/dataitemchk.tpl
+++ b/install/templates/dataitemchk.tpl
--- a/install/templates/dataitemyesno.tpl
+++ b/install/templates/dataitemyesno.tpl
@@ -0,0 +1,4 @@
+<p>
+	<label for="{$fieldname}" class="install-block {$style}">{$fieldlabel}:</label>
+	<input type="checkbox" name="{$fieldname}" id="{$fieldname}" value="1" {$checked} />
+</p>
--- a/install/templates/datasection.tpl
+++ b/install/templates/datasection.tpl
--- a/install/templates/footer.tpl
+++ b/install/templates/footer.tpl
--- a/install/templates/header.tpl
+++ b/install/templates/header.tpl
--- a/install/templates/lngform.tpl
+++ b/install/templates/lngform.tpl
--- a/install/templates/page.tpl
+++ b/install/templates/page.tpl
--- a/install/templates/pagebottom.tpl
+++ b/install/templates/pagebottom.tpl
--- a/install/templates/textarea.tpl
+++ b/install/templates/textarea.tpl
--- a/install/tsmarty2c.php
+++ b/install/tsmarty2c.php
@@ -1,124 +0,0 @@
-#!/usr/bin/php
-<?php
-/**
- * tsmarty2c.php - rips gettext strings from smarty template
- *
- * ------------------------------------------------------------------------- *
- * This library is free software; you can redistribute it and/or             *
- * modify it under the terms of the GNU Lesser General Public                *
- * License as published by the Free Software Foundation; either              *
- * version 2.1 of the License, or (at your option) any later version.        *
- *                                                                           *
- * This library is distributed in the hope that it will be useful,           *
- * but WITHOUT ANY WARRANTY; without even the implied warranty of            *
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU         *
- * Lesser General Public License for more details.                           *
- *                                                                           *
- * You should have received a copy of the GNU Lesser General Public          *
- * License along with this library; if not, write to the Free Software       *
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA *
- * ------------------------------------------------------------------------- *
- *
- * This command line script rips gettext strings from smarty file, 
- * and prints them to stdout in C format, that can later be used with the 
- * standard gettext tools.
- *
- * Usage:
- * ./tsmarty2c.php <filename or directory> <file2> <..> > smarty.c
- *
- * If a parameter is a directory, the template files within will be parsed.
- *
- * @package	smarty-gettext
- * @version	$Id: tsmarty2c.php,v 1.3 2005/07/27 17:59:39 sagi Exp $
- * @link	http://smarty-gettext.sf.net/
- * @author	Sagi Bashari <sagi@boom.org.il>
- * @copyright 2004-2005 Sagi Bashari
- */
-
-// smarty open tag
-$ldq = preg_quote('{');
-
-// smarty close tag
-$rdq = preg_quote('}');
-
-// smarty command
-$cmd = preg_quote('t');
-
-// extensions of smarty files, used when going through a directory
-$extensions = array('tpl');
-
-// "fix" string - strip slashes, escape and convert new lines to \n
-function fs($str)
-{
-	$str = stripslashes($str);
-	$str = str_replace('"', '\"', $str);
-	$str = str_replace("\n", '\n', $str);
-	return $str;
-}
-
-// rips gettext strings from $file and prints them in C format
-function do_file($file)
-{
-	$content = @file_get_contents($file);
-
-	if (empty($content)) {
-		return;
-	}
-
-	global $ldq, $rdq, $cmd;
-
-	preg_match_all(
-			"/{$ldq}\s*({$cmd})\s*([^{$rdq}]*){$rdq}([^{$ldq}]*){$ldq}\/\\1{$rdq}/",
-			$content,
-			$matches
-	);
-	
-	for ($i=0; $i < count($matches[0]); $i++) {
-		// TODO: add line number
-		echo "/* $file */\n"; // credit: Mike van Lammeren 2005-02-14
-		
-		if (preg_match('/plural\s*=\s*["\']?\s*(.[^\"\']*)\s*["\']?/', $matches[2][$i], $match)) {
-			echo 'ngettext("'.fs($matches[3][$i]).'","'.fs($match[1]).'",x);'."\n";
-		} else {
-			echo 'gettext("'.fs($matches[3][$i]).'");'."\n";
-		}
-
-		echo "\n";
-	}
-}
-
-// go through a directory
-function do_dir($dir)
-{
-	$d = dir($dir);
-
-	while (false !== ($entry = $d->read())) {
-		if ($entry == '.' || $entry == '..') {
-			continue;
-		}
-
-		$entry = $dir.'/'.$entry;
-
-		if (is_dir($entry)) { // if a directory, go through it
-			do_dir($entry);
-		} else { // if file, parse only if extension is matched
-			$pi = pathinfo($entry);
-			
-			if (isset($pi['extension']) && in_array($pi['extension'], $GLOBALS['extensions'])) {
-				do_file($entry);
-			}
-		}
-	}
-
-	$d->close();
-}
-
-for ($ac=1; $ac < $_SERVER['argc']; $ac++) {
-	if (is_dir($_SERVER['argv'][$ac])) { // go through directory
-		do_dir($_SERVER['argv'][$ac]);
-	} else { // do file
-		do_file($_SERVER['argv'][$ac]);
-	}
-}
-
-?>
--- a/install/updates/froxlor/0.9/update_0.9.inc.php
+++ b/install/updates/froxlor/0.9/update_0.9.inc.php
--- a/install/updates/preconfig.php
+++ b/install/updates/preconfig.php
@@ -21,17 +21,18 @@
 * outputs various content before the update process
 * can be continued (askes for agreement whatever is being asked)
 *
- * @param string version
+ * @param string $current_version
+ * @param int $current_db_version
 *
 * @return string
 */
-function getPreConfig($current_version)
+function getPreConfig($current_version, $current_db_version)
 {
 	$has_preconfig = false;
 	$return = '<div class="preconfig"><h3 class="red">PLEASE NOTE - Important update notifications</h3>';

 	include_once makeCorrectFile(dirname(__FILE__).'/preconfig/0.9/preconfig_0.9.inc.php');
-	parseAndOutputPreconfig($has_preconfig, $return, $current_version);
+	parseAndOutputPreconfig($has_preconfig, $return, $current_version, $current_db_version);

 	$return .= '<br /><br />'.makecheckbox('update_changesagreed', '<strong>I have read the update notifications above and I am aware of the changes made to my system.</strong>', '1', true, '0', true);
 	$return .= '</div>';
--- a/install/updates/preconfig/0.9/preconfig_0.9.inc.php
+++ b/install/updates/preconfig/0.9/preconfig_0.9.inc.php
@@ -24,7 +24,7 @@
 *
 * @return null
 */
-function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version) {
+function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $current_db_version) {

 	global $lng;

@@ -663,7 +663,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version) {
 		$description  = 'You can enable/disable the display/usage of the custom newsfeed for customers.<br /><br />';
 		$question = '<strong>Do you want to enable the custom newsfeed for customer? (default: no):</strong>&nbsp;';
 		$question.= makeyesno('customer_show_news_feed', '1', '0', '0').'<br />';
-		$question.= '<strong>You have to set the URL for your RSS-feed here, if you have choosen to enable the custom newsfeed on the customer-dashboard:</strong>&nbsp;';
+		$question.= '<strong>You have to set the URL for your RSS-feed here, if you have chosen to enable the custom newsfeed on the customer-dashboard:</strong>&nbsp;';
 		$question.= '<input type="text" class="text" name="customer_news_feed_url" value="" /><br />';
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}
@@ -679,4 +679,33 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version) {
 		}
 	}

+	if (versionInUpdate($current_version, '0.9.33-rc2')) {
+		$has_preconfig = true;
+		$description  = 'You can chose whether you want to receive an e-mail on cronjob errors. Keep in mind that this can lead to an e-mail being sent every 5 minutes.<br /><br />';
+		$question = '<strong>Do you want to receive cron-errors via mail? (default: no):</strong>&nbsp;';
+		$question.= makeyesno('system_send_cron_errors', '1', '0', '0').'<br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_version, '0.9.34-dev3')) {
+	    $has_preconfig = true;
+	    $description = 'Froxlor now requires the PHP mbstring-extension as we need to be multibyte-character safe in some cases';
+	    $question = '<strong>PHP mbstring</strong> is currently: ';
+	    if (!extension_loaded('mbstring')) {
+	        $question .= '<span class="red">not installed/loaded</span>';
+	        $question .= '<br>Please install the PHP mbstring extension in order to finish the update';
+	    } else {
+	        $question .= '<span class="green">installed/loaded</span>';
+	    }
+	    $question .= '<br>';
+	    eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_db_version, '201603070')) {
+	    $has_preconfig = true;
+	    $description  = 'You can chose whether you want to enable or disable our Let\'s Encrypt implementation.<br />Please remember that you need to go through the webserver-configuration when enabled because this feature needs a special configuration.<br /><br />';
+	    $question = '<strong>Do you want to enable Let\'s Encrypt? (default: yes):</strong>&nbsp;';
+	    $question.= makeyesno('enable_letsencrypt', '1', '0', '1').'<br />';
+	    eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
 }
--- a/install/updatesql.php
+++ b/install/updatesql.php
@@ -59,12 +59,12 @@ if (isFroxlor()) {

 	$integrity = new IntegrityCheck();
 	if (!$integrity->checkAll()) {
-		lastStepStatus(2, 'Monkeys ate the integrity');
+		lastStepStatus(1, 'Monkeys ate the integrity');
 		showUpdateStep("Trying to remove monkeys, feeding bananas");
 		if(!$integrity->fixAll()) {
-			lastStepStatus(2, 'Some monkeys just would not move');
+			lastStepStatus(2, 'Some monkeys just would not move, you should contact team@froxlor.org');
 		} else {
-			lastStepStatus(0);
+			lastStepStatus(0, 'Integrity restored');
 		}
 	} else {
 		lastStepStatus(0);
--- a/js/jquery-ui.min.js
+++ b/js/jquery-ui.min.js
--- a/lib/ajax.php
+++ b/lib/ajax.php
@@ -25,6 +25,8 @@ require './userdata.inc.php';
 require './tables.inc.php';
 require './classes/database/class.Database.php';
 require './classes/settings/class.Settings.php';
+require './functions/validate/function.validate_ip.php';
+require './functions/validate/function.validateDomain.php';

 if(isset($_POST['action'])) {
 	$action = $_POST['action'];
@@ -38,7 +40,7 @@ if ($action == "newsfeed") {
 	if (isset($_GET['role']) && $_GET['role'] == "customer") {
 		$feed = Settings::Get("customer.news_feed_url");
 	} else {
-		$feed = "http://inside.froxlor.org/news/";
+		$feed = "https://inside.froxlor.org/news/";
 	}

 	if (function_exists("simplexml_load_file") == false) {
@@ -72,7 +74,19 @@ if ($action == "newsfeed") {
 			$content = preg_replace("/[\r\n]+/", " ", strip_tags($item->description));
 			$content = substr($content, 0, 150) . "...";

-			echo "<tr class=\"newsitem\"><td><small>" . $date . "</small><br /><a href=\"" . $link . "\" target=\"_blank\"><b>" . $title . "</b><br />" . $content . "</a></td></tr>";
+			echo "<li class=\"clearfix\">
+                <div class=\"newsfeed-body clearfix\">
+                    <div class=\"header\">
+                        <strong class=\"primary-font\"><a href=\"{$link}\" target=\"_blank\">{$title}</a></strong>
+                        <small class=\"pull-right text-muted\">
+                            <i class=\"fa fa-clock-o fa-fw\"></i> {$date}
+                        </small>
+                    </div>
+                    <p>
+                        {$content}
+                    </p>
+                </div>
+            </li>";
 		}
 	} else {
 		echo "";
--- a/lib/classes/Smarty
+++ b/lib/classes/Smarty
@@ -1 +0,0 @@
-Smarty-3.1.15/libs/
--- a/lib/classes/Smarty-3.1.15/COPYING.lib
+++ b/lib/classes/Smarty-3.1.15/COPYING.lib
@@ -1,165 +0,0 @@
-                   GNU LESSER GENERAL PUBLIC LICENSE
-                       Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-
-  This version of the GNU Lesser General Public License incorporates
-the terms and conditions of version 3 of the GNU General Public
-License, supplemented by the additional permissions listed below.
-
-  0. Additional Definitions.
-
-  As used herein, "this License" refers to version 3 of the GNU Lesser
-General Public License, and the "GNU GPL" refers to version 3 of the GNU
-General Public License.
-
-  "The Library" refers to a covered work governed by this License,
-other than an Application or a Combined Work as defined below.
-
-  An "Application" is any work that makes use of an interface provided
-by the Library, but which is not otherwise based on the Library.
-Defining a subclass of a class defined by the Library is deemed a mode
-of using an interface provided by the Library.
-
-  A "Combined Work" is a work produced by combining or linking an
-Application with the Library.  The particular version of the Library
-with which the Combined Work was made is also called the "Linked
-Version".
-
-  The "Minimal Corresponding Source" for a Combined Work means the
-Corresponding Source for the Combined Work, excluding any source code
-for portions of the Combined Work that, considered in isolation, are
-based on the Application, and not on the Linked Version.
-
-  The "Corresponding Application Code" for a Combined Work means the
-object code and/or source code for the Application, including any data
-and utility programs needed for reproducing the Combined Work from the
-Application, but excluding the System Libraries of the Combined Work.
-
-  1. Exception to Section 3 of the GNU GPL.
-
-  You may convey a covered work under sections 3 and 4 of this License
-without being bound by section 3 of the GNU GPL.
-
-  2. Conveying Modified Versions.
-
-  If you modify a copy of the Library, and, in your modifications, a
-facility refers to a function or data to be supplied by an Application
-that uses the facility (other than as an argument passed when the
-facility is invoked), then you may convey a copy of the modified
-version:
-
-   a) under this License, provided that you make a good faith effort to
-   ensure that, in the event an Application does not supply the
-   function or data, the facility still operates, and performs
-   whatever part of its purpose remains meaningful, or
-
-   b) under the GNU GPL, with none of the additional permissions of
-   this License applicable to that copy.
-
-  3. Object Code Incorporating Material from Library Header Files.
-
-  The object code form of an Application may incorporate material from
-a header file that is part of the Library.  You may convey such object
-code under terms of your choice, provided that, if the incorporated
-material is not limited to numerical parameters, data structure
-layouts and accessors, or small macros, inline functions and templates
-(ten or fewer lines in length), you do both of the following:
-
-   a) Give prominent notice with each copy of the object code that the
-   Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the object code with a copy of the GNU GPL and this license
-   document.
-
-  4. Combined Works.
-
-  You may convey a Combined Work under terms of your choice that,
-taken together, effectively do not restrict modification of the
-portions of the Library contained in the Combined Work and reverse
-engineering for debugging such modifications, if you also do each of
-the following:
-
-   a) Give prominent notice with each copy of the Combined Work that
-   the Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the Combined Work with a copy of the GNU GPL and this license
-   document.
-
-   c) For a Combined Work that displays copyright notices during
-   execution, include the copyright notice for the Library among
-   these notices, as well as a reference directing the user to the
-   copies of the GNU GPL and this license document.
-
-   d) Do one of the following:
-
-       0) Convey the Minimal Corresponding Source under the terms of this
-       License, and the Corresponding Application Code in a form
-       suitable for, and under terms that permit, the user to
-       recombine or relink the Application with a modified version of
-       the Linked Version to produce a modified Combined Work, in the
-       manner specified by section 6 of the GNU GPL for conveying
-       Corresponding Source.
-
-       1) Use a suitable shared library mechanism for linking with the
-       Library.  A suitable mechanism is one that (a) uses at run time
-       a copy of the Library already present on the user's computer
-       system, and (b) will operate properly with a modified version
-       of the Library that is interface-compatible with the Linked
-       Version.
-
-   e) Provide Installation Information, but only if you would otherwise
-   be required to provide such information under section 6 of the
-   GNU GPL, and only to the extent that such information is
-   necessary to install and execute a modified version of the
-   Combined Work produced by recombining or relinking the
-   Application with a modified version of the Linked Version. (If
-   you use option 4d0, the Installation Information must accompany
-   the Minimal Corresponding Source and Corresponding Application
-   Code. If you use option 4d1, you must provide the Installation
-   Information in the manner specified by section 6 of the GNU GPL
-   for conveying Corresponding Source.)
-
-  5. Combined Libraries.
-
-  You may place library facilities that are a work based on the
-Library side by side in a single library together with other library
-facilities that are not Applications and are not covered by this
-License, and convey such a combined library under terms of your
-choice, if you do both of the following:
-
-   a) Accompany the combined library with a copy of the same work based
-   on the Library, uncombined with any other library facilities,
-   conveyed under the terms of this License.
-
-   b) Give prominent notice with the combined library that part of it
-   is a work based on the Library, and explaining where to find the
-   accompanying uncombined form of the same work.
-
-  6. Revised Versions of the GNU Lesser General Public License.
-
-  The Free Software Foundation may publish revised and/or new versions
-of the GNU Lesser General Public License from time to time. Such new
-versions will be similar in spirit to the present version, but may
-differ in detail to address new problems or concerns.
-
-  Each version is given a distinguishing version number. If the
-Library as you received it specifies that a certain numbered version
-of the GNU Lesser General Public License "or any later version"
-applies to it, you have the option of following the terms and
-conditions either of that published version or of any later version
-published by the Free Software Foundation. If the Library as you
-received it does not specify a version number of the GNU Lesser
-General Public License, you may choose any version of the GNU Lesser
-General Public License ever published by the Free Software Foundation.
-
-  If the Library as you received it specifies that a proxy can decide
-whether future versions of the GNU Lesser General Public License shall
-apply, that proxy's public statement of acceptance of any version is
-permanent authorization for you to choose that version for the
-Library.
--- a/lib/classes/Smarty-3.1.15/README
+++ b/lib/classes/Smarty-3.1.15/README
@@ -1,574 +0,0 @@
-Smarty 3.1.15
-
-Author: Monte Ohrt <monte at ohrt dot com >
-Author: Uwe Tews
-
-AN INTRODUCTION TO SMARTY 3
-
-NOTICE FOR 3.1 release:
-
-Please see the SMARTY_3.1_NOTES.txt file that comes with the distribution.
-
-NOTICE for 3.0.5 release:
-
-Smarty now follows the PHP error_reporting level by default. If PHP does not mask E_NOTICE and you try to access an unset template variable, you will now get an E_NOTICE warning. To revert to the old behavior:
-
-$smarty->error_reporting = E_ALL & ~E_NOTICE;
-
-NOTICE for 3.0 release:
-
-IMPORTANT: Some API adjustments have been made between the RC4 and 3.0 release.
-We felt it is better to make these now instead of after a 3.0 release, then have to
-immediately deprecate APIs in 3.1. Online documentation has been updated
-to reflect these changes. Specifically:
-
---- API CHANGES RC4 -> 3.0 ----
-
-$smarty->register->*
-$smarty->unregister->*
-$smarty->utility->*
-$samrty->cache->*
-
-Have all been changed to local method calls such as:
-
-$smarty->clearAllCache()
-$smarty->registerFoo()
-$smarty->unregisterFoo()
-$smarty->testInstall()
-etc.
-
-Registration of function, block, compiler, and modifier plugins have been
-consolidated under two API calls:
-
-$smarty->registerPlugin(...)
-$smarty->unregisterPlugin(...)
-
-Registration of pre, post, output and variable filters have been
-consolidated under two API calls:
-
-$smarty->registerFilter(...)
-$smarty->unregisterFilter(...)
-
-Please refer to the online documentation for all specific changes:
-
-http://www.smarty.net/documentation
-
----
-
-The Smarty 3 API has been refactored to a syntax geared
-for consistency and modularity. The Smarty 2 API syntax is still supported, but
-will throw a deprecation notice. You can disable the notices, but it is highly
-recommended to adjust your syntax to Smarty 3, as the Smarty 2 syntax must run
-through an extra rerouting wrapper.
-
-Basically, all Smarty methods now follow the "fooBarBaz" camel case syntax. Also,
-all Smarty properties now have getters and setters. So for example, the property
-$smarty->cache_dir can be set with $smarty->setCacheDir('foo/') and can be
-retrieved with $smarty->getCacheDir().
-
-Some of the Smarty 3 APIs have been revoked such as the "is*" methods that were
-just duplicate functions of the now available "get*" methods.
-
-Here is a rundown of the Smarty 3 API:
-
-$smarty->fetch($template, $cache_id = null, $compile_id = null, $parent = null)
-$smarty->display($template, $cache_id = null, $compile_id = null, $parent = null)
-$smarty->isCached($template, $cache_id = null, $compile_id = null)
-$smarty->createData($parent = null)
-$smarty->createTemplate($template, $cache_id = null, $compile_id = null, $parent = null)
-$smarty->enableSecurity()
-$smarty->disableSecurity()
-$smarty->setTemplateDir($template_dir)
-$smarty->addTemplateDir($template_dir)
-$smarty->templateExists($resource_name)
-$smarty->loadPlugin($plugin_name, $check = true)
-$smarty->loadFilter($type, $name)
-$smarty->setExceptionHandler($handler)
-$smarty->addPluginsDir($plugins_dir)
-$smarty->getGlobal($varname = null)
-$smarty->getRegisteredObject($name)
-$smarty->getDebugTemplate()
-$smarty->setDebugTemplate($tpl_name)
-$smarty->assign($tpl_var, $value = null, $nocache = false)
-$smarty->assignGlobal($varname, $value = null, $nocache = false)
-$smarty->assignByRef($tpl_var, &$value, $nocache = false)
-$smarty->append($tpl_var, $value = null, $merge = false, $nocache = false)
-$smarty->appendByRef($tpl_var, &$value, $merge = false)
-$smarty->clearAssign($tpl_var)
-$smarty->clearAllAssign()
-$smarty->configLoad($config_file, $sections = null)
-$smarty->getVariable($variable, $_ptr = null, $search_parents = true, $error_enable = true)
-$smarty->getConfigVariable($variable)
-$smarty->getStreamVariable($variable)
-$smarty->getConfigVars($varname = null)
-$smarty->clearConfig($varname = null)
-$smarty->getTemplateVars($varname = null, $_ptr = null, $search_parents = true)
-$smarty->clearAllCache($exp_time = null, $type = null)
-$smarty->clearCache($template_name, $cache_id = null, $compile_id = null, $exp_time = null, $type = null)
-
-$smarty->registerPlugin($type, $tag, $callback, $cacheable = true, $cache_attr = array())
-
-$smarty->registerObject($object_name, $object_impl, $allowed = array(), $smarty_args = true, $block_methods = array())
-
-$smarty->registerFilter($type, $function_name)
-$smarty->registerResource($resource_type, $function_names)
-$smarty->registerDefaultPluginHandler($function_name)
-$smarty->registerDefaultTemplateHandler($function_name)
-
-$smarty->unregisterPlugin($type, $tag)
-$smarty->unregisterObject($object_name)
-$smarty->unregisterFilter($type, $function_name)
-$smarty->unregisterResource($resource_type)
-
-$smarty->compileAllTemplates($extension = '.tpl', $force_compile = false, $time_limit = 0, $max_errors = null)
-$smarty->clearCompiledTemplate($resource_name = null, $compile_id = null, $exp_time = null)
-$smarty->testInstall()
-
-// then all the getters/setters, available for all properties. Here are a few:
-
-$caching = $smarty->getCaching();      // get $smarty->caching
-$smarty->setCaching(true);             // set $smarty->caching
-$smarty->setDeprecationNotices(false); // set $smarty->deprecation_notices
-$smarty->setCacheId($id);              // set $smarty->cache_id
-$debugging = $smarty->getDebugging();  // get $smarty->debugging
-
-
-FILE STRUCTURE
-
-The Smarty 3 file structure is similar to Smarty 2:
-
-/libs/
-  Smarty.class.php
-/libs/sysplugins/
-  internal.*
-/libs/plugins/
-  function.mailto.php
-  modifier.escape.php
-  ...
-
-A lot of Smarty 3 core functionality lies in the sysplugins directory; you do
-not need to change any files here. The /libs/plugins/ folder is where Smarty
-plugins are located. You can add your own here, or create a separate plugin
-directory, just the same as Smarty 2. You will still need to create your own
-/cache/, /templates/, /templates_c/, /configs/ folders. Be sure /cache/ and
-/templates_c/ are writable.
-
-The typical way to use Smarty 3 should also look familiar:
-
-require('Smarty.class.php');
-$smarty = new Smarty;
-$smarty->assign('foo','bar');
-$smarty->display('index.tpl');
-
-
-However, Smarty 3 works completely different on the inside. Smarty 3 is mostly
-backward compatible with Smarty 2, except for the following items:
-
-*) Smarty 3 is PHP 5 only. It will not work with PHP 4.
-*) The {php} tag is disabled by default. Enable with $smarty->allow_php_tag=true.
-*) Delimiters surrounded by whitespace are no longer treated as Smarty tags.
-   Therefore, { foo } will not compile as a tag, you must use {foo}. This change
-   Makes Javascript/CSS easier to work with, eliminating the need for {literal}.
-   This can be disabled by setting $smarty->auto_literal = false;
-*) The Smarty 3 API is a bit different. Many Smarty 2 API calls are deprecated
-   but still work. You will want to update your calls to Smarty 3 for maximum
-   efficiency.
-
-
-There are many things that are new to Smarty 3. Here are the notable items:
-   
-LEXER/PARSER
-============
-
-Smarty 3 now uses a lexing tokenizer for its parser/compiler. Basically, this
-means Smarty has some syntax additions that make life easier such as in-template
-math, shorter/intuitive function parameter options, infinite function recursion,
-more accurate error handling, etc.
-
-
-WHAT IS NEW IN SMARTY TEMPLATE SYNTAX
-=====================================
-
-Smarty 3 allows expressions almost anywhere. Expressions can include PHP
-functions as long as they are not disabled by the security policy, object
-methods and properties, etc. The {math} plugin is no longer necessary but
-is still supported for BC.
-
-Examples:
-{$x+$y}                           will output the sum of x and y.
-{$foo = strlen($bar)}             function in assignment
-{assign var=foo value= $x+$y}     in attributes 
-{$foo = myfunct( ($x+$y)*3 )}     as function parameter 
-{$foo[$x+3]}                      as array index
-
-Smarty tags can be used as values within other tags.
-Example:  {$foo={counter}+3}
-
-Smarty tags can also be used inside double quoted strings.
-Example:  {$foo="this is message {counter}"}
-
-You can define arrays within templates.
-Examples:
-{assign var=foo value=[1,2,3]}
-{assign var=foo value=['y'=>'yellow','b'=>'blue']}
-Arrays can be nested.
-{assign var=foo value=[1,[9,8],3]}
-
-There is a new short syntax supported for assigning variables.
-Example: {$foo=$bar+2}
-
-You can assign a value to a specific array element. If the variable exists but
-is not an array, it is converted to an array before the new values are assigned.
-Examples:
-{$foo['bar']=1}
-{$foo['bar']['blar']=1}
-
-You can append values to an array. If the variable exists but is not an array,
-it is converted to an array before the new values are assigned.
-Example: {$foo[]=1}
-
-You can use a PHP-like syntax for accessing array elements, as well as the
-original "dot" notation.
-Examples:
-{$foo[1]}             normal access
-{$foo['bar']}
-{$foo['bar'][1]}
-{$foo[$x+$x]}         index may contain any expression
-{$foo[$bar[1]]}       nested index
-{$foo[section_name]}  smarty section access, not array access!
-
-The original "dot" notation stays, and with improvements.
-Examples:
-{$foo.a.b.c}        =>  $foo['a']['b']['c'] 
-{$foo.a.$b.c}       =>  $foo['a'][$b]['c']        with variable index
-{$foo.a.{$b+4}.c}   =>  $foo['a'][$b+4]['c']       with expression as index
-{$foo.a.{$b.c}}     =>  $foo['a'][$b['c']]         with nested index
-
-note that { and } are used to address ambiguties when nesting the dot syntax. 
-
-Variable names themselves can be variable and contain expressions.
-Examples:
-$foo         normal variable
-$foo_{$bar}  variable name containing other variable 
-$foo_{$x+$y} variable name containing expressions 
-$foo_{$bar}_buh_{$blar}  variable name with multiple segments
-{$foo_{$x}}  will output the variable $foo_1 if $x has a value of 1.
-
-Object method chaining is implemented.
-Example: {$object->method1($x)->method2($y)}
-
-{for} tag added for looping (replacement for {section} tag):
-{for $x=0, $y=count($foo); $x<$y; $x++}  ....  {/for}
-Any number of statements can be used separated by comma as the first
-inital expression at {for}.
-
-{for $x = $start to $end step $step} ... {/for}is in the SVN now .
-You can use also
-{for $x = $start to $end} ... {/for}
-In this case the step value will be automaticall 1 or -1 depending on the start and end values.
-Instead of $start and $end you can use any valid expression.
-Inside the loop the following special vars can be accessed:
-$x@iteration = number of iteration
-$x@total = total number of iterations
-$x@first = true on first iteration
-$x@last = true on last iteration
-
-
-The Smarty 2 {section} syntax is still supported.
-
-New shorter {foreach} syntax to loop over an array.
-Example: {foreach $myarray as $var}...{/foreach}
-
-Within the foreach loop, properties are access via:
-
-$var@key            foreach $var array key
-$var@iteration      foreach current iteration count (1,2,3...)
-$var@index          foreach current index count (0,1,2...)
-$var@total          foreach $var array total
-$var@first          true on first iteration
-$var@last           true on last iteration
-
-The Smarty 2 {foreach} tag syntax is still supported.
-
-NOTE: {$bar[foo]} still indicates a variable inside of a {section} named foo. 
-If you want to access an array element with index foo, you must use quotes
-such as {$bar['foo']}, or use the dot syntax {$bar.foo}.
-
-while block tag is now implemented:
-{while $foo}...{/while}
-{while $x lt 10}...{/while}
-
-Direct access to PHP functions:
-Just as you can use PHP functions as modifiers directly, you can now access
-PHP functions directly, provided they are permitted by security settings:
-{time()}
-
-There is a new {function}...{/function} block tag to implement a template function.
-This enables reuse of code sequences like a plugin function. It can call itself recursively.
-Template function must be called with the new {call name=foo...} tag.
-
-Example:
-
-Template file:
-{function name=menu level=0}
-  <ul class="level{$level}">
-  {foreach $data as $entry}
-    {if is_array($entry)}
-      <li>{$entry@key}</li>
-       {call name=menu data=$entry level=$level+1}
-    {else}
-      <li>{$entry}</li>
-    {/if}
-  {/foreach}
-  </ul>
-{/function}
-
-{$menu = ['item1','item2','item3' => ['item3-1','item3-2','item3-3' =>
-  ['item3-3-1','item3-3-2']],'item4']}
-
-{call name=menu data=$menu}
-
-
-Generated output:
-    * item1
-    * item2
-    * item3
-          o item3-1
-          o item3-2
-          o item3-3
-                + item3-3-1
-                + item3-3-2
-    * item4
-
-The function tag itself must have the "name" attribute. This name is the tag
-name when calling the function. The function tag may have any number of
-additional attributes. These will be default settings for local variables.
-
-New {nocache} block function:
-{nocache}...{/nocache} will declare a section of the template to be non-cached
-when template caching is enabled.
-
-New nocache attribute:
-You can declare variable/function output as non-cached with the nocache attribute.
-Examples:
-
-{$foo nocache=true}
-{$foo nocache} /* same */
-
-{foo bar="baz" nocache=true}
-{foo bar="baz" nocache} /* same */
-
-{time() nocache=true}
-{time() nocache} /* same */
-
-Or you can also assign the variable in your script as nocache:
-$smarty->assign('foo',$something,true); // third param is nocache setting
-{$foo} /* non-cached */
-
-$smarty.current_dir returns the directory name of the current template.
-
-You can use strings directly as templates with the "string" resource type.
-Examples:
-$smarty->display('string:This is my template, {$foo}!'); // php
-{include file="string:This is my template, {$foo}!"} // template
-
-
-
-VARIABLE SCOPE / VARIABLE STORAGE
-=================================
-
-In Smarty 2, all assigned variables were stored within the Smarty object. 
-Therefore, all variables assigned in PHP were accessible by all subsequent 
-fetch and display template calls.
-
-In Smarty 3, we have the choice to assign variables to the main Smarty object, 
-to user-created data objects, and to user-created template objects. 
-These objects can be chained. The object at the end of a chain can access all
-variables belonging to that template and all variables within the parent objects.
-The Smarty object can only be the root of a chain, but a chain can be isolated
-from the Smarty object.
-
-All known Smarty assignment interfaces will work on the data and template objects.
-
-Besides the above mentioned objects, there is also a special storage area for
-global variables.
-
-A Smarty data object can be created as follows:
-$data = $smarty->createData();    // create root data object
-$data->assign('foo','bar');       // assign variables as usual
-$data->config_load('my.conf');									 // load config file    
-
-$data= $smarty->createData($smarty);  // create data object having a parent link to
-the Smarty object
-
-$data2= $smarty->createData($data);   // create data object having a parent link to
-the $data data object
-
-A template object can be created by using the createTemplate method. It has the
-same parameter assignments as the fetch() or display() method.
-Function definition:
-function createTemplate($template, $cache_id = null, $compile_id = null, $parent = null)
-
-The first parameter can be a template name, a smarty object or a data object.
-
-Examples:
-$tpl = $smarty->createTemplate('mytpl.tpl'); // create template object not linked to any parent
-$tpl->assign('foo','bar');                   // directly assign variables
-$tpl->config_load('my.conf');									 // load config file    
-
-$tpl = $smarty->createTemplate('mytpl.tpl',$smarty);  // create template having a parent link to the Smarty object
-$tpl = $smarty->createTemplate('mytpl.tpl',$data);    // create template having a parent link to the $data object
-
-The standard fetch() and display() methods will implicitly create a template object.
-If the $parent parameter is not specified in these method calls, the template object
-is will link back to the Smarty object as it's parent.
-
-If a template is called by an {include...} tag from another template, the
-subtemplate links back to the calling template as it's parent. 
-
-All variables assigned locally or from a parent template are accessible. If the
-template creates or modifies a variable by using the {assign var=foo...} or
-{$foo=...} tags, these new values are only known locally (local scope). When the
-template exits, none of the new variables or modifications can be seen in the
-parent template(s). This is same behavior as in Smarty 2. 
-
-With Smarty 3, we can assign variables with a scope attribute which allows the
-availablility of these new variables or modifications globally (ie in the parent
-templates.)
-
-Possible scopes are local, parent, root and global. 
-Examples:
-{assign var=foo value='bar'}       // no scope is specified, the default 'local'
-{$foo='bar'}                       // same, local scope
-{assign var=foo value='bar' scope='local'} // same, local scope
-
-{assign var=foo value='bar' scope='parent'} // Values will be available to the parent object 
-{$foo='bar' scope='parent'}                 // (normally the calling template)
-
-{assign var=foo value='bar' scope='root'}   // Values will be exported up to the root object, so they can 
-{$foo='bar' scope='root'}                   // be seen from all templates using the same root.
-
-{assign var=foo value='bar' scope='global'} // Values will be exported to global variable storage, 
-{$foo='bar' scope='global'}                 // they are available to any and all templates.
-
-
-The scope attribute can also be attached to the {include...} tag. In this case,
-the specified scope will be the default scope for all assignments within the
-included template.
-
-
-PLUGINS
-=======
-
-Smarty3 are following the same coding rules as in Smarty2. 
-The only difference is that the template object is passed as additional third parameter.
-
-smarty_plugintype_name (array $params, object $smarty, object $template)
-
-The Smarty 2 plugins are still compatible as long as they do not make use of specific Smarty2 internals.
-
-
-TEMPLATE INHERITANCE:
-=====================
-
-With template inheritance you can define blocks, which are areas that can be
-overriden by child templates, so your templates could look like this: 
-
-parent.tpl:
-<html>
-  <head>
-    <title>{block name='title'}My site name{/block}</title>
-  </head>
-  <body>
-    <h1>{block name='page-title'}Default page title{/block}</h1>
-    <div id="content">
-      {block name='content'}
-        Default content
-      {/block}
-    </div>
-  </body>
-</html>
-
-child.tpl:
-{extends file='parent.tpl'} 
-{block name='title'}
-Child title
-{/block}
-
-grandchild.tpl:
-{extends file='child.tpl'} 
-{block name='title'}Home - {$smarty.block.parent}{/block} 
-{block name='page-title'}My home{/block}
-{block name='content'}
-  {foreach $images as $img}
-    <img src="{$img.url}" alt="{$img.description}" />
-  {/foreach}
-{/block}
-
-We redefined all the blocks here, however in the title block we used {$smarty.block.parent},
-which tells Smarty to insert the default content from the parent template in its place.
-The content block was overriden to display the image files, and page-title has also be 
-overriden to display a completely different title. 
-
-If we render grandchild.tpl we will get this: 
-<html>
-  <head>
-    <title>Home - Child title</title>
-  </head>
-  <body>
-    <h1>My home</h1>
-    <div id="content">
-      <img src="/example.jpg" alt="image" />
-      <img src="/example2.jpg" alt="image" />
-      <img src="/example3.jpg" alt="image" />
-    </div>
-  </body>
-</html>
-
-NOTE: In the child templates everything outside the {extends} or {block} tag sections
-is ignored.
-
-The inheritance tree can be as big as you want (meaning you can extend a file that 
-extends another one that extends another one and so on..), but be aware that all files 
-have to be checked for modifications at runtime so the more inheritance the more overhead you add.
-
-Instead of defining the parent/child relationships with the {extends} tag in the child template you
-can use the resource as follow:
-
-$smarty->display('extends:parent.tpl|child.tpl|grandchild.tpl');
-
-Child {block} tags may optionally have a append or prepend attribute. In this case the parent block content 
-is appended or prepended to the child block content.
-
-{block name='title' append} My title {/block}
-
-
-PHP STREAMS:
-============
-
-(see online documentation)
-
-VARIBLE FILTERS:
-================
-
-(see online documentation)
-
-
-STATIC CLASS ACCESS AND NAMESPACE SUPPORT
-=========================================
-
-You can register a class with optional namespace for the use in the template like:
-
-$smarty->register->templateClass('foo','name\name2\myclass');
-
-In the template you can use it like this:
-{foo::method()}  etc.
-
-
-=======================
-
-Please look through it and send any questions/suggestions/etc to the forums.
-
-http://www.phpinsider.com/smarty-forum/viewtopic.php?t=14168
-
-Monte and Uwe
--- a/lib/classes/Smarty-3.1.15/SMARTY_2_BC_NOTES.txt
+++ b/lib/classes/Smarty-3.1.15/SMARTY_2_BC_NOTES.txt
@@ -1,109 +0,0 @@
-= Known incompatibilities with Smarty 2 =
-
-== Syntax ==
-
-Smarty 3 API has a new syntax. Much of the Smarty 2 syntax is supported 
-by a wrapper but deprecated. See the README that comes with Smarty 3 for more 
-information.
-
-The {$array|@mod} syntax has always been a bit confusing, where an "@" is required
-to apply a modifier to an array instead of the individual elements. Normally you
-always want the modifier to apply to the variable regardless of its type. In Smarty 3,
-{$array|mod} and {$array|@mod} behave identical. It is safe to drop the "@" and the
-modifier will still apply to the array. If you really want the modifier to apply to
-each array element, you must loop the array in-template, or use a custom modifier that
-supports array iteration. Most smarty functions already escape values where necessary
-such as {html_options}
-
-== PHP Version ==
-Smarty 3 is PHP 5 only. It will not work with PHP 4.
-
-== {php} Tag ==
-The {php} tag is disabled by default. The use of {php} tags is
-deprecated. It can be enabled with $smarty->allow_php_tag=true.
-
-But if you scatter PHP code which belongs together into several
-{php} tags it may not work any longer.
-
-== Delimiters and whitespace ==
-Delimiters surrounded by whitespace are no longer treated as Smarty tags.
-Therefore, { foo } will not compile as a tag, you must use {foo}. This change
-Makes Javascript/CSS easier to work with, eliminating the need for {literal}.
-This can be disabled by setting $smarty->auto_literal = false;
-
-== Unquoted Strings ==
-Smarty 2 was a bit more forgiving (and ambiguous) when it comes to unquoted strings 
-in parameters. Smarty3 is more restrictive. You can still pass strings without quotes 
-so long as they contain no special characters. (anything outside of A-Za-z0-9_) 
-
-For example filename strings must be quoted
-<source lang="smarty">
-{include file='path/foo.tpl'}
-</source>
-
-== Extending the Smarty class ==
-Smarty 3 makes use of the __construct method for initialization. If you are extending 
-the Smarty class, its constructor is not called implicitly if the your child class defines 
-its own constructor. In order to run Smarty's constructor, a call to parent::__construct() 
-within your child constructor is required. 
-
-<source lang="php">
-class MySmarty extends Smarty {
-   function __construct() {
-       parent::__construct();
-    
-       // your initialization code goes here
-
-   }
-}
-</source>
-
-== Autoloader ==
-Smarty 3 does register its own autoloader with spl_autoload_register. If your code has 
-an existing __autoload function then this function must be explicitly registered on 
-the __autoload stack. See http://us3.php.net/manual/en/function.spl-autoload-register.php 
-for further details.
-
-== Plugin Filenames ==
-Smarty 3 optionally supports the PHP spl_autoloader. The autoloader requires filenames 
-to be lower case. Because of this, Smarty plugin file names must also be lowercase. 
-In Smarty 2, mixed case file names did work.
-
-== Scope of Special Smarty Variables ==
-In Smarty 2 the special Smarty variables $smarty.section... and $smarty.foreach... 
-had global scope. If you had loops with the same name in subtemplates you could accidentally 
-overwrite values of parent template.
-
-In Smarty 3 these special Smarty variable have only local scope in the template which 
-is defining the loop. If you need their value in a subtemplate you have to pass them 
-as parameter.
-<source lang="smarty">
-{include file='path/foo.tpl' index=$smarty.section.foo.index}
-</source>
-
-== SMARTY_RESOURCE_CHAR_SET ==
-Smarty 3 sets the constant SMARTY_RESOURCE_CHAR_SET to utf-8 as default template charset. 
-This is now used also on modifiers like escape as default charset. If your templates use 
-other charsets make sure that you define the constant accordingly. Otherwise you may not 
-get any output.
-
-== newline at {if} tags ==
-A \n was added to the compiled code of the {if},{else},{elseif},{/if} tags to get output of newlines as expected by the template source. 
-If one of the {if} tags is at the line end you will now get a newline in the HTML output.
-
-== trigger_error() ==
-The API function trigger_error() has been removed because it did just map to PHP trigger_error.
-However it's still included in the Smarty2 API wrapper.
-
-== Smarty constants ==
-The constants 
-SMARTY_PHP_PASSTHRU
-SMARTY_PHP_QUOTE
-SMARTY_PHP_REMOVE
-SMARTY_PHP_ALLOW
-have been replaced with class constants
-Smarty::PHP_PASSTHRU
-Smarty::PHP_QUOTE
-Smarty::PHP_REMOVE
-Smarty::PHP_ALLOW
-
--- a/lib/classes/Smarty-3.1.15/SMARTY_3.0_BC_NOTES.txt
+++ b/lib/classes/Smarty-3.1.15/SMARTY_3.0_BC_NOTES.txt
@@ -1,24 +0,0 @@
-== Smarty2 backward compatibility ==
-All Smarty2 specific API functions and deprecated functionallity has been moved
-to the SmartyBC class.
-
-== {php} Tag ==
-The {php} tag is no longer available in the standard Smarty calls. 
-The use of {php} tags is deprecated and only available in the SmartyBC class. 
-
-== {include_php} Tag ==
-The {include_php} tag is no longer available in the standard Smarty calls. 
-The use of {include_php} tags is deprecated and only available in the SmartyBC class. 
-
-== php template resource ==
-The support of the php template resource is removed.
-
-== $cache_dir, $compile_dir, $config_dir, $template_dir access ==
-The mentioned properties can't be accessed directly any longer. You must use
-corresponding getter/setters like addConfigDir(), setConfigDir(), getConfigDir()
-
-== obsolete Smarty class properties ==
-The following no longer used properties are removed:
-$allow_php_tag
-$allow_php_template
-$deprecation_notices
--- a/lib/classes/Smarty-3.1.15/SMARTY_3.1_NOTES.txt
+++ b/lib/classes/Smarty-3.1.15/SMARTY_3.1_NOTES.txt
@@ -1,306 +0,0 @@
-Smarty 3.1 Notes
-================
-
-Smarty 3.1 is a departure from 2.0 compatibility. Most notably, all
-backward compatibility has been moved to a separate class file named
-SmartyBC.class.php. If you require compatibility with 2.0, you will
-need to use this class.
-
-Some differences from 3.0 are also present. 3.1 begins the journey of
-requiring setters/getters for property access. So far this is only
-implemented on the five directory properties: template_dir,
-plugins_dir, configs_dir, compile_dir and cache_dir. These properties
-are now protected, it is required to use the setters/getters instead.
-That said, direct property access will still work, however slightly
-slower since they will now fall through __set() and __get() and in
-turn passed through the setter/getter methods. 3.2 will exhibit a full
-list of setter/getter methods for all (currently) public properties,
-so code-completion in your IDE will work as expected.
-
-There is absolutely no PHP allowed in templates any more. All
-deprecated features of Smarty 2.0 are gone. Again, use the SmartyBC
-class if you need any backward compatibility.
-
-Internal Changes
-
-  Full UTF-8 Compatibility
-
-The plugins shipped with Smarty 3.1 have been rewritten to fully
-support UTF-8 strings if Multibyte String is available. Without
-MBString UTF-8 cannot be handled properly. For those rare cases where
-templates themselves have to juggle encodings, the new modifiers
-to_charset and from_charset may come in handy.
-
-  Plugin API and Performance
-
-All Plugins (modifiers, functions, blocks, resources,
-default_template_handlers, etc) are now receiving the
-Smarty_Internal_Template instance, where they were supplied with the
-Smarty instance in Smarty 3.0. *. As The Smarty_Internal_Template
-mimics the behavior of Smarty, this API simplification should not
-require any changes to custom plugins.
-
-The plugins shipped with Smarty 3.1 have been rewritten for better
-performance. Most notably {html_select_date} and {html_select_time}
-have been improved vastly. Performance aside, plugins have also been
-reviewed and generalized in their API. {html_select_date} and
-{html_select_time} now share almost all available options.
-
-The escape modifier now knows the $double_encode option, which will
-prevent entities from being encoded again.
-
-The capitalize modifier now know the $lc_rest option, which makes sure
-all letters following a captial letter are lower-cased.
-
-The count_sentences modifier now accepts (.?!) as
-legitimate endings of a sentence - previously only (.) was
-accepted
-
-The new unescape modifier is there to reverse the effects of the
-escape modifier. This applies to the escape formats html, htmlall and
-entity.
-
-  default_template_handler_func
-
-The invocation of $smarty->$default_template_handler_func had to be 
-altered. Instead of a Smarty_Internal_Template, the fifth argument is
-now provided with the Smarty instance. New footprint:
-
-
-/**
- * Default Template Handler
- *
- * called when Smarty's file: resource is unable to load a requested file
- * 
- * @param string   $type     resource type (e.g. "file", "string", "eval", "resource")
- * @param string   $name     resource name (e.g. "foo/bar.tpl")
- * @param string  &$content  template's content
- * @param integer &$modified template's modification time
- * @param Smarty   $smarty   Smarty instance
- * @return string|boolean   path to file or boolean true if $content and $modified 
- *                          have been filled, boolean false if no default template 
- *                          could be loaded
- */
-function default_template_handler_func($type, $name, &$content, &$modified, Smarty $smarty) {
-    if (false) {
-        // return corrected filepath
-        return "/tmp/some/foobar.tpl";
-    } elseif (false) {
-        // return a template directly
-        $content = "the template source";
-        $modified = time();
-        return true;
-    } else {
-        // tell smarty that we failed
-        return false;
-    }
-}
-
-  Stuff done to the compiler
-
-Many performance improvements have happened internally. One notable
-improvement is that all compiled templates are now handled as PHP
-functions. This speeds up repeated templates tremendously, as each one
-calls an (in-memory) PHP function instead of performing another file
-include/scan.
-
-New Features
-
-  Template syntax
-
- {block}..{/block}
-
-The {block} tag has a new hide option flag. It does suppress the block
-content if no corresponding child block exists.
-EXAMPLE:
-parent.tpl
-{block name=body hide} child content "{$smarty.block.child}" was
-inserted {block}
-In the above example the whole block will be suppressed if no child
-block "body" is existing.
-
- {setfilter}..{/setfilter}
-
-The new {setfilter} block tag allows the definition of filters which
-run on variable output.
-SYNTAX:
-{setfilter filter1|filter2|filter3....}
-Smarty3 will lookup up matching filters in the following search order:
-1. varibale filter plugin in plugins_dir.
-2. a valid modifier. A modifier specification will also accept
-additional parameter like filter2:'foo'
-3. a PHP function
-{/setfilter} will turn previous filter setting off again.
-{setfilter} tags can be nested.
-EXAMPLE:
-{setfilter filter1}
-  {$foo}
-  {setfilter filter2}
-    {$bar}
-  {/setfilter}
-  {$buh}
-{/setfilter}
-{$blar}
-In the above example filter1 will run on the output of $foo, filter2
-on $bar, filter1 again on $buh and no filter on $blar.
-NOTES:
- {$foo nofilter} will suppress the filters
- These filters will run in addition to filters defined by
-registerFilter('variable',...), autoLoadFilter('variable',...) and
-defined default modifier.
- {setfilter} will effect only the current template, not included
-subtemplates.
-
-  Resource API
-
-Smarty 3.1 features a new approach to resource management. The
-Smarty_Resource API allows simple, yet powerful integration of custom
-resources for templates and configuration files. It offers simple
-functions for loading data from a custom resource (e.g. database) as
-well as define new template types adhering to the special
-non-compiling (e,g, plain php) and non-compile-caching (e.g. eval:
-resource type) resources.
-
-See demo/plugins/resource.mysql.php for an example custom database
-resource.
-
-Note that old-fashioned registration of callbacks for resource
-management has been deprecated but is still possible with SmartyBC.
-
-  CacheResource API
-
-In line with the Resource API, the CacheResource API offers a more
-comfortable handling of output-cache data. With the
-Smarty_CacheResource_Custom accessing databases is made simple. With
-the introduction of Smarty_CacheResource_KeyValueStore the
-implementation of resources like memcache or APC became a no-brainer;
-simple hash-based storage systems are now supporting hierarchical
-output-caches.
-
-See demo/plugins/cacheresource.mysql.php for an example custom
-database CacheResource.
-See demo/plugins/cacheresource.memcache.php for an example custom
-memcache CacheResource using the KeyValueStore helper.
-
-Note that old-fashioned registration of $cache_handler is not possible
-anymore. As the functionality had not been ported to Smarty 3.0.x
-properly, it has been dropped from 3.1 completely.
-
-Locking facilities have been implemented to avoid concurrent cache 
-generation. Enable cache locking by setting 
-$smarty->cache_locking = true;
-
-  Relative Paths in Templates (File-Resource)
-
-As of Smarty 3.1 {include file="../foo.tpl"} and {include
-file="./foo.tpl"} will resolve relative to the template they're in.
-Relative paths are available with {include file="..."} and
-{extends file="..."}. As $smarty->fetch('../foo.tpl') and
-$smarty->fetch('./foo.tpl') cannot be relative to a template, an
-exception is thrown.
-
-  Addressing a specific $template_dir
-
-Smarty 3.1 introduces the $template_dir index notation.
-$smarty->fetch('[foo]bar.tpl') and {include file="[foo]bar.tpl"}
-require the template bar.tpl to be loaded from $template_dir['foo'];
-Smarty::setTemplateDir() and Smarty::addTemplateDir() offer ways to
-define indexes along with the actual directories.
-
-  Mixing Resources in extends-Resource
-
-Taking the php extends: template resource one step further, it is now
-possible to mix resources within an extends: call like
-$smarty->fetch("extends:file:foo.tpl|db:bar.tpl");
-
-To make eval: and string: resources available to the inheritance
-chain, eval:base64:TPL_STRING and eval:urlencode:TPL_STRING have been
-introduced. Supplying the base64 or urlencode flags will trigger
-decoding the TPL_STRING in with either base64_decode() or urldecode().
-
-  extends-Resource in template inheritance
-
-Template based inheritance may now inherit from php's extends:
-resource like {extends file="extends:foo.tpl|db:bar.tpl"}.
-
-  New Smarty property escape_html
-
-$smarty->escape_html = true will autoescape all template variable
-output by calling htmlspecialchars({$output}, ENT_QUOTES,
-SMARTY_RESOURCE_CHAR_SET).
-NOTE:
-This is a compile time option. If you change the setting you must make
-sure that the templates get recompiled.
-
-  New option at Smarty property compile_check
-
-The automatic recompilation of modified templates can now be
-controlled by the following settings:
-$smarty->compile_check = COMPILECHECK_OFF (false) - template files
-will not be checked
-$smarty->compile_check = COMPILECHECK_ON (true) - template files will
-always be checked
-$smarty->compile_check = COMPILECHECK_CACHEMISS - template files will
-be checked if caching is enabled and there is no existing cache file
-or it has expired
-
-  Automatic recompilation on Smarty version change
-
-Templates will now be automatically recompiled on Smarty version
-changes to avoide incompatibillities in the compiled code. Compiled
-template checked against the current setting of the SMARTY_VERSION
-constant.
-
-  default_config_handler_func()
-
-Analogous to the default_template_handler_func()
-default_config_handler_func() has been introduced.
-
-  default_plugin_handler_func()
-
-An optional default_plugin_handler_func() can be defined which gets called 
-by the compiler on tags which can't be resolved internally or by plugins.
-The default_plugin_handler() can map tags to plugins on the fly.
-
-New getters/setters
-
-The following setters/getters will be part of the official
-documentation, and will be strongly recommended. Direct property
-access will still work for the foreseeable future... it will be
-transparently routed through the setters/getters, and consequently a
-bit slower.
-
-array|string getTemplateDir( [string $index] )
-replaces $smarty->template_dir; and $smarty->template_dir[$index];
-Smarty setTemplateDir( array|string $path )
-replaces $smarty->template_dir = "foo"; and $smarty->template_dir =
-array("foo", "bar");
-Smarty addTemplateDir( array|string $path, [string $index])
-replaces $smarty->template_dir[] = "bar"; and
-$smarty->template_dir[$index] = "bar";
-
-array|string getConfigDir( [string $index] )
-replaces $smarty->config_dir; and $smarty->config_dir[$index];
-Smarty setConfigDir( array|string $path )
-replaces $smarty->config_dir = "foo"; and $smarty->config_dir =
-array("foo", "bar");
-Smarty addConfigDir( array|string $path, [string $index])
-replaces $smarty->config_dir[] = "bar"; and
-$smarty->config_dir[$index] = "bar";
-
-array getPluginsDir()
-replaces $smarty->plugins_dir;
-Smarty setPluginsDir( array|string $path )
-replaces $smarty->plugins_dir = "foo";
-Smarty addPluginsDir( array|string $path )
-replaces $smarty->plugins_dir[] = "bar";
-
-string getCompileDir()
-replaces $smarty->compile_dir;
-Smarty setCompileDir( string $path )
-replaces $smarty->compile_dir = "foo";
-
-string getCacheDir()
-replaces $smarty->cache_dir;
-Smarty setCacheDir( string $path )
-replaces $smarty->cache_dir;
--- a/lib/classes/Smarty-3.1.15/change_log.txt
+++ b/lib/classes/Smarty-3.1.15/change_log.txt
--- a/lib/classes/Smarty-3.1.15/demo/configs/test.conf
+++ b/lib/classes/Smarty-3.1.15/demo/configs/test.conf
@@ -1,5 +0,0 @@
-title = Welcome to Smarty!
-cutoff_size = 40
-
-[setup]
-bold = true
--- a/lib/classes/Smarty-3.1.15/demo/index.php
+++ b/lib/classes/Smarty-3.1.15/demo/index.php
@@ -1,30 +0,0 @@
-<?php
- /**
- * Example Application
-
- * @package Example-application
- */
-
-require '../libs/Smarty.class.php';
-
-$smarty = new Smarty;
-
-//$smarty->force_compile = true;
-$smarty->debugging = true;
-$smarty->caching = true;
-$smarty->cache_lifetime = 120;
-
-$smarty->assign("Name","Fred Irving Johnathan Bradley Peppergill",true);
-$smarty->assign("FirstName",array("John","Mary","James","Henry"));
-$smarty->assign("LastName",array("Doe","Smith","Johnson","Case"));
-$smarty->assign("Class",array(array("A","B","C","D"), array("E", "F", "G", "H"),
-      array("I", "J", "K", "L"), array("M", "N", "O", "P")));
-
-$smarty->assign("contacts", array(array("phone" => "1", "fax" => "2", "cell" => "3"),
-      array("phone" => "555-4444", "fax" => "555-3333", "cell" => "760-1234")));
-
-$smarty->assign("option_values", array("NY","NE","KS","IA","OK","TX"));
-$smarty->assign("option_output", array("New York","Nebraska","Kansas","Iowa","Oklahoma","Texas"));
-$smarty->assign("option_selected", "NE");
-
-$smarty->display('index.tpl');
--- a/lib/classes/Smarty-3.1.15/demo/plugins/cacheresource.apc.php
+++ b/lib/classes/Smarty-3.1.15/demo/plugins/cacheresource.apc.php
@@ -1,80 +0,0 @@
-<?php
-
-/**
- * APC CacheResource
- *
- * CacheResource Implementation based on the KeyValueStore API to use
- * memcache as the storage resource for Smarty's output caching.
- * *
- * @package CacheResource-examples
- * @author Uwe Tews
- */
-class Smarty_CacheResource_Apc extends Smarty_CacheResource_KeyValueStore
-{
-    public function __construct()
-    {
-        // test if APC is present
-        if (!function_exists('apc_cache_info')) {
-            throw new Exception('APC Template Caching Error: APC is not installed');
-        }
-    }
-
-    /**
-     * Read values for a set of keys from cache
-     *
-     * @param  array   $keys list of keys to fetch
-     * @return array   list of values with the given keys used as indexes
-     * @return boolean true on success, false on failure
-     */
-    protected function read(array $keys)
-    {
-        $_res = array();
-        $res = apc_fetch($keys);
-        foreach ($res as $k => $v) {
-            $_res[$k] = $v;
-        }
-
-        return $_res;
-    }
-
-    /**
-     * Save values for a set of keys to cache
-     *
-     * @param  array   $keys   list of values to save
-     * @param  int     $expire expiration time
-     * @return boolean true on success, false on failure
-     */
-    protected function write(array $keys, $expire=null)
-    {
-        foreach ($keys as $k => $v) {
-            apc_store($k, $v, $expire);
-        }
-
-        return true;
-    }
-
-    /**
-     * Remove values from cache
-     *
-     * @param  array   $keys list of keys to delete
-     * @return boolean true on success, false on failure
-     */
-    protected function delete(array $keys)
-    {
-        foreach ($keys as $k) {
-            apc_delete($k);
-        }
-
-        return true;
-    }
-
-    /**
-     * Remove *all* values from cache
-     *
-     * @return boolean true on success, false on failure
-     */
-    protected function purge()
-    {
-        return apc_clear_cache('user');
-    }
-}
--- a/lib/classes/Smarty-3.1.15/demo/plugins/cacheresource.memcache.php
+++ b/lib/classes/Smarty-3.1.15/demo/plugins/cacheresource.memcache.php
@@ -1,95 +0,0 @@
-<?php
-
-/**
- * Memcache CacheResource
- *
- * CacheResource Implementation based on the KeyValueStore API to use
- * memcache as the storage resource for Smarty's output caching.
- *
- * Note that memcache has a limitation of 256 characters per cache-key.
- * To avoid complications all cache-keys are translated to a sha1 hash.
- *
- * @package CacheResource-examples
- * @author Rodney Rehm
- */
-class Smarty_CacheResource_Memcache extends Smarty_CacheResource_KeyValueStore
-{
-    /**
-     * memcache instance
-     * @var Memcache
-     */
-    protected $memcache = null;
-
-    public function __construct()
-    {
-        $this->memcache = new Memcache();
-        $this->memcache->addServer( '127.0.0.1', 11211 );
-    }
-
-    /**
-     * Read values for a set of keys from cache
-     *
-     * @param  array   $keys list of keys to fetch
-     * @return array   list of values with the given keys used as indexes
-     * @return boolean true on success, false on failure
-     */
-    protected function read(array $keys)
-    {
-        $_keys = $lookup = array();
-        foreach ($keys as $k) {
-            $_k = sha1($k);
-            $_keys[] = $_k;
-            $lookup[$_k] = $k;
-        }
-        $_res = array();
-        $res = $this->memcache->get($_keys);
-        foreach ($res as $k => $v) {
-            $_res[$lookup[$k]] = $v;
-        }
-
-        return $_res;
-    }
-
-    /**
-     * Save values for a set of keys to cache
-     *
-     * @param  array   $keys   list of values to save
-     * @param  int     $expire expiration time
-     * @return boolean true on success, false on failure
-     */
-    protected function write(array $keys, $expire=null)
-    {
-        foreach ($keys as $k => $v) {
-            $k = sha1($k);
-            $this->memcache->set($k, $v, 0, $expire);
-        }
-
-        return true;
-    }
-
-    /**
-     * Remove values from cache
-     *
-     * @param  array   $keys list of keys to delete
-     * @return boolean true on success, false on failure
-     */
-    protected function delete(array $keys)
-    {
-        foreach ($keys as $k) {
-            $k = sha1($k);
-            $this->memcache->delete($k);
-        }
-
-        return true;
-    }
-
-    /**
-     * Remove *all* values from cache
-     *
-     * @return boolean true on success, false on failure
-     */
-    protected function purge()
-    {
-        return $this->memcache->flush();
-    }
-}
--- a/lib/classes/Smarty-3.1.15/demo/plugins/cacheresource.mysql.php
+++ b/lib/classes/Smarty-3.1.15/demo/plugins/cacheresource.mysql.php
@@ -1,158 +0,0 @@
-<?php
-
-/**
- * MySQL CacheResource
- *
- * CacheResource Implementation based on the Custom API to use
- * MySQL as the storage resource for Smarty's output caching.
- *
- * Table definition:
- * <pre>CREATE TABLE IF NOT EXISTS `output_cache` (
- *   `id` CHAR(40) NOT NULL COMMENT 'sha1 hash',
- *   `name` VARCHAR(250) NOT NULL,
- *   `cache_id` VARCHAR(250) NULL DEFAULT NULL,
- *   `compile_id` VARCHAR(250) NULL DEFAULT NULL,
- *   `modified` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
- *   `content` LONGTEXT NOT NULL,
- *   PRIMARY KEY (`id`),
- *   INDEX(`name`),
- *   INDEX(`cache_id`),
- *   INDEX(`compile_id`),
- *   INDEX(`modified`)
- * ) ENGINE = InnoDB;</pre>
- *
- * @package CacheResource-examples
- * @author Rodney Rehm
- */
-class Smarty_CacheResource_Mysql extends Smarty_CacheResource_Custom
-{
-    // PDO instance
-    protected $db;
-    protected $fetch;
-    protected $fetchTimestamp;
-    protected $save;
-
-    public function __construct()
-    {
-        try {
-            $this->db = new PDO("mysql:dbname=test;host=127.0.0.1", "smarty");
-        } catch (PDOException $e) {
-            throw new SmartyException('Mysql Resource failed: ' . $e->getMessage());
-        }
-        $this->fetch = $this->db->prepare('SELECT modified, content FROM output_cache WHERE id = :id');
-        $this->fetchTimestamp = $this->db->prepare('SELECT modified FROM output_cache WHERE id = :id');
-        $this->save = $this->db->prepare('REPLACE INTO output_cache (id, name, cache_id, compile_id, content)
-            VALUES  (:id, :name, :cache_id, :compile_id, :content)');
-    }
-
-    /**
-     * fetch cached content and its modification time from data source
-     *
-     * @param  string  $id         unique cache content identifier
-     * @param  string  $name       template name
-     * @param  string  $cache_id   cache id
-     * @param  string  $compile_id compile id
-     * @param  string  $content    cached content
-     * @param  integer $mtime      cache modification timestamp (epoch)
-     * @return void
-     */
-    protected function fetch($id, $name, $cache_id, $compile_id, &$content, &$mtime)
-    {
-        $this->fetch->execute(array('id' => $id));
-        $row = $this->fetch->fetch();
-        $this->fetch->closeCursor();
-        if ($row) {
-            $content = $row['content'];
-            $mtime = strtotime($row['modified']);
-        } else {
-            $content = null;
-            $mtime = null;
-        }
-    }
-
-    /**
-     * Fetch cached content's modification timestamp from data source
-     *
-     * @note implementing this method is optional. Only implement it if modification times can be accessed faster than loading the complete cached content.
-     * @param  string          $id         unique cache content identifier
-     * @param  string          $name       template name
-     * @param  string          $cache_id   cache id
-     * @param  string          $compile_id compile id
-     * @return integer|boolean timestamp (epoch) the template was modified, or false if not found
-     */
-    protected function fetchTimestamp($id, $name, $cache_id, $compile_id)
-    {
-        $this->fetchTimestamp->execute(array('id' => $id));
-        $mtime = strtotime($this->fetchTimestamp->fetchColumn());
-        $this->fetchTimestamp->closeCursor();
-
-        return $mtime;
-    }
-
-    /**
-     * Save content to cache
-     *
-     * @param  string       $id         unique cache content identifier
-     * @param  string       $name       template name
-     * @param  string       $cache_id   cache id
-     * @param  string       $compile_id compile id
-     * @param  integer|null $exp_time   seconds till expiration time in seconds or null
-     * @param  string       $content    content to cache
-     * @return boolean      success
-     */
-    protected function save($id, $name, $cache_id, $compile_id, $exp_time, $content)
-    {
-        $this->save->execute(array(
-            'id' => $id,
-            'name' => $name,
-            'cache_id' => $cache_id,
-            'compile_id' => $compile_id,
-            'content' => $content,
-        ));
-
-        return !!$this->save->rowCount();
-    }
-
-    /**
-     * Delete content from cache
-     *
-     * @param  string       $name       template name
-     * @param  string       $cache_id   cache id
-     * @param  string       $compile_id compile id
-     * @param  integer|null $exp_time   seconds till expiration or null
-     * @return integer      number of deleted caches
-     */
-    protected function delete($name, $cache_id, $compile_id, $exp_time)
-    {
-        // delete the whole cache
-        if ($name === null && $cache_id === null && $compile_id === null && $exp_time === null) {
-            // returning the number of deleted caches would require a second query to count them
-            $query = $this->db->query('TRUNCATE TABLE output_cache');
-
-            return -1;
-        }
-        // build the filter
-        $where = array();
-        // equal test name
-        if ($name !== null) {
-            $where[] = 'name = ' . $this->db->quote($name);
-        }
-        // equal test compile_id
-        if ($compile_id !== null) {
-            $where[] = 'compile_id = ' . $this->db->quote($compile_id);
-        }
-        // range test expiration time
-        if ($exp_time !== null) {
-            $where[] = 'modified < DATE_SUB(NOW(), INTERVAL ' . intval($exp_time) . ' SECOND)';
-        }
-        // equal test cache_id and match sub-groups
-        if ($cache_id !== null) {
-            $where[] = '(cache_id = '. $this->db->quote($cache_id)
-                . ' OR cache_id LIKE '. $this->db->quote($cache_id .'|%') .')';
-        }
-        // run delete query
-        $query = $this->db->query('DELETE FROM output_cache WHERE ' . join(' AND ', $where));
-
-        return $query->rowCount();
-    }
-}
--- a/lib/classes/Smarty-3.1.15/demo/plugins/resource.extendsall.php
+++ b/lib/classes/Smarty-3.1.15/demo/plugins/resource.extendsall.php
@@ -1,58 +0,0 @@
-<?php
-
-/**
- * Extends All Resource
- *
- * Resource Implementation modifying the extends-Resource to walk
- * through the template_dirs and inherit all templates of the same name
- *
- * @package Resource-examples
- * @author Rodney Rehm
- */
-class Smarty_Resource_Extendsall extends Smarty_Internal_Resource_Extends
-{
-    /**
-     * populate Source Object with meta data from Resource
-     *
-     * @param  Smarty_Template_Source   $source    source object
-     * @param  Smarty_Internal_Template $_template template object
-     * @return void
-     */
-    public function populate(Smarty_Template_Source $source, Smarty_Internal_Template $_template=null)
-    {
-        $uid = '';
-        $sources = array();
-        $exists = true;
-        foreach ($_template->smarty->getTemplateDir() as $key => $directory) {
-            try {
-                $s = Smarty_Resource::source(null, $source->smarty, '[' . $key . ']' . $source->name );
-                if (!$s->exists) {
-                    continue;
-                }
-                $sources[$s->uid] = $s;
-                $uid .= $s->filepath;
-            } catch (SmartyException $e) {}
-        }
-
-        if (!$sources) {
-            $source->exists = false;
-            $source->template = $_template;
-
-            return;
-        }
-
-        $sources = array_reverse($sources, true);
-        reset($sources);
-        $s = current($sources);
-
-        $source->components = $sources;
-        $source->filepath = $s->filepath;
-        $source->uid = sha1($uid);
-        $source->exists = $exists;
-        if ($_template && $_template->smarty->compile_check) {
-            $source->timestamp = $s->timestamp;
-        }
-        // need the template at getContent()
-        $source->template = $_template;
-    }
-}
--- a/lib/classes/Smarty-3.1.15/demo/plugins/resource.mysql.php
+++ b/lib/classes/Smarty-3.1.15/demo/plugins/resource.mysql.php
@@ -1,80 +0,0 @@
-<?php
-
-/**
- * MySQL Resource
- *
- * Resource Implementation based on the Custom API to use
- * MySQL as the storage resource for Smarty's templates and configs.
- *
- * Table definition:
- * <pre>CREATE TABLE IF NOT EXISTS `templates` (
- *   `name` varchar(100) NOT NULL,
- *   `modified` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
- *   `source` text,
- *   PRIMARY KEY (`name`)
- * ) ENGINE=InnoDB DEFAULT CHARSET=utf8;</pre>
- *
- * Demo data:
- * <pre>INSERT INTO `templates` (`name`, `modified`, `source`) VALUES ('test.tpl', "2010-12-25 22:00:00", '{$x="hello world"}{$x}');</pre>
- *
- * @package Resource-examples
- * @author Rodney Rehm
- */
-class Smarty_Resource_Mysql extends Smarty_Resource_Custom
-{
-    // PDO instance
-    protected $db;
-    // prepared fetch() statement
-    protected $fetch;
-    // prepared fetchTimestamp() statement
-    protected $mtime;
-
-    public function __construct()
-    {
-        try {
-            $this->db = new PDO("mysql:dbname=test;host=127.0.0.1", "smarty");
-        } catch (PDOException $e) {
-            throw new SmartyException('Mysql Resource failed: ' . $e->getMessage());
-        }
-        $this->fetch = $this->db->prepare('SELECT modified, source FROM templates WHERE name = :name');
-        $this->mtime = $this->db->prepare('SELECT modified FROM templates WHERE name = :name');
-    }
-
-    /**
-     * Fetch a template and its modification time from database
-     *
-     * @param  string  $name   template name
-     * @param  string  $source template source
-     * @param  integer $mtime  template modification timestamp (epoch)
-     * @return void
-     */
-    protected function fetch($name, &$source, &$mtime)
-    {
-        $this->fetch->execute(array('name' => $name));
-        $row = $this->fetch->fetch();
-        $this->fetch->closeCursor();
-        if ($row) {
-            $source = $row['source'];
-            $mtime = strtotime($row['modified']);
-        } else {
-            $source = null;
-            $mtime = null;
-        }
-    }
-
-    /**
-     * Fetch a template's modification time from database
-     *
-     * @note implementing this method is optional. Only implement it if modification times can be accessed faster than loading the comple template source.
-     * @param  string  $name template name
-     * @return integer timestamp (epoch) the template was modified
-     */
-    protected function fetchTimestamp($name)
-    {
-        $this->mtime->execute(array('name' => $name));
-        $mtime = $this->mtime->fetchColumn();
-        $this->mtime->closeCursor();
-
-        return strtotime($mtime);
-    }
-}
--- a/lib/classes/Smarty-3.1.15/demo/plugins/resource.mysqls.php
+++ b/lib/classes/Smarty-3.1.15/demo/plugins/resource.mysqls.php
@@ -1,64 +0,0 @@
-<?php
-
-/**
- * MySQL Resource
- *
- * Resource Implementation based on the Custom API to use
- * MySQL as the storage resource for Smarty's templates and configs.
- *
- * Note that this MySQL implementation fetches the source and timestamps in
- * a single database query, instead of two separate like resource.mysql.php does.
- *
- * Table definition:
- * <pre>CREATE TABLE IF NOT EXISTS `templates` (
- *   `name` varchar(100) NOT NULL,
- *   `modified` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
- *   `source` text,
- *   PRIMARY KEY (`name`)
- * ) ENGINE=InnoDB DEFAULT CHARSET=utf8;</pre>
- *
- * Demo data:
- * <pre>INSERT INTO `templates` (`name`, `modified`, `source`) VALUES ('test.tpl', "2010-12-25 22:00:00", '{$x="hello world"}{$x}');</pre>
- *
- * @package Resource-examples
- * @author Rodney Rehm
- */
-class Smarty_Resource_Mysqls extends Smarty_Resource_Custom
-{
-    // PDO instance
-    protected $db;
-    // prepared fetch() statement
-    protected $fetch;
-
-    public function __construct()
-    {
-        try {
-            $this->db = new PDO("mysql:dbname=test;host=127.0.0.1", "smarty");
-        } catch (PDOException $e) {
-            throw new SmartyException('Mysql Resource failed: ' . $e->getMessage());
-        }
-        $this->fetch = $this->db->prepare('SELECT modified, source FROM templates WHERE name = :name');
-    }
-
-    /**
-     * Fetch a template and its modification time from database
-     *
-     * @param  string  $name   template name
-     * @param  string  $source template source
-     * @param  integer $mtime  template modification timestamp (epoch)
-     * @return void
-     */
-    protected function fetch($name, &$source, &$mtime)
-    {
-        $this->fetch->execute(array('name' => $name));
-        $row = $this->fetch->fetch();
-        $this->fetch->closeCursor();
-        if ($row) {
-            $source = $row['source'];
-            $mtime = strtotime($row['modified']);
-        } else {
-            $source = null;
-            $mtime = null;
-        }
-    }
-}
--- a/lib/classes/Smarty-3.1.15/demo/templates/footer.tpl
+++ b/lib/classes/Smarty-3.1.15/demo/templates/footer.tpl
@@ -1,2 +0,0 @@
-</BODY>
-</HTML>
--- a/lib/classes/Smarty-3.1.15/demo/templates/header.tpl
+++ b/lib/classes/Smarty-3.1.15/demo/templates/header.tpl
@@ -1,5 +0,0 @@
-<HTML>
-<HEAD>
-<TITLE>{$title} - {$Name}</TITLE>
-</HEAD>
-<BODY bgcolor="#ffffff">
--- a/lib/classes/Smarty-3.1.15/demo/templates/index.tpl
+++ b/lib/classes/Smarty-3.1.15/demo/templates/index.tpl
@@ -1,82 +0,0 @@
-{config_load file="test.conf" section="setup"}
-{include file="header.tpl" title=foo}
-
-<PRE>
-
-{* bold and title are read from the config file *}
-{if #bold#}<b>{/if}
-{* capitalize the first letters of each word of the title *}
-Title: {#title#|capitalize}
-{if #bold#}</b>{/if}
-
-The current date and time is {$smarty.now|date_format:"%Y-%m-%d %H:%M:%S"}
-
-The value of global assigned variable $SCRIPT_NAME is {$SCRIPT_NAME}
-
-Example of accessing server environment variable SERVER_NAME: {$smarty.server.SERVER_NAME}
-
-The value of {ldelim}$Name{rdelim} is <b>{$Name}</b>
-
-variable modifier example of {ldelim}$Name|upper{rdelim}
-
-<b>{$Name|upper}</b>
-
-
-An example of a section loop:
-
-{section name=outer 
-loop=$FirstName}
-{if $smarty.section.outer.index is odd by 2}
-	{$smarty.section.outer.rownum} . {$FirstName[outer]} {$LastName[outer]}
-{else}
-	{$smarty.section.outer.rownum} * {$FirstName[outer]} {$LastName[outer]}
-{/if}
-{sectionelse}
-	none
-{/section}
-
-An example of section looped key values:
-
-{section name=sec1 loop=$contacts}
-	phone: {$contacts[sec1].phone}<br>
-	fax: {$contacts[sec1].fax}<br>
-	cell: {$contacts[sec1].cell}<br>
-{/section}
-<p>
-
-testing strip tags
-{strip}
-<table border=0>
-	<tr>
-		<td>
-			<A HREF="{$SCRIPT_NAME}">
-			<font color="red">This is a  test     </font>
-			</A>
-		</td>
-	</tr>
-</table>
-{/strip}
-
-</PRE>
-
-This is an example of the html_select_date function:
-
-<form>
-{html_select_date start_year=1998 end_year=2010}
-</form>
-
-This is an example of the html_select_time function:
-
-<form>
-{html_select_time use_24_hours=false}
-</form>
-
-This is an example of the html_options function:
-
-<form>
-<select name=states>
-{html_options values=$option_values selected=$option_selected output=$option_output}
-</select>
-</form>
-
-{include file="footer.tpl"}
--- a/lib/classes/Smarty-3.1.15/libs/Smarty.class.php
+++ b/lib/classes/Smarty-3.1.15/libs/Smarty.class.php
--- a/Show More
+++ b/Show More